Pc außer Kontrolle

#1 Problembeschreibung / Symptome ?

• Seit wann tritt das Problem auf?
seit zwei Tagen

• Wie äussert sich das Problem?
Pc 'spinnt', Firefox und IE Verbindungsprobleme, kann keine Lesezeichen Aufrufen, geöffnete Programme zB Texteditor lassen sich nicht schließen sondern öffnen noch 50 weitere Fenster, auch der zugriff auf Ordner ist gestört, öffnet und schließt ohne Kontrolle, Pc fährt runter, antivir update Funktion wird abgebrochen...

• Wurde durch Virenscanner Funde gemeldet? (Genauen Pfad und Datei angeben)
Ja, Antivir hat 16 Viren? gefunden, habs löschen lassen, war irgendetwas mit Java.... hab es leider nicht notiert, aber es hat nix geholfen, probleme bestehen immer noch!

Komischerweise geht das so 30-60 minuten danach ist der Zirkus vorbei und ich kann alles wie gewohnt nutzen, bis zum nächsten Neustart, dann geht das alles wieder von vorne los..

Code

OTL logfile created on: 27.11.2010 10:53:36 - Run 3
OTL by OldTimer - Version 3.2.17.3     Folder = C:\Users\SteelSeries\Desktop
64bit-Windows Vista Ultimate Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18975)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
4,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 58,00% Memory free
8,00 Gb Paging File | 6,00 Gb Available in Paging File | 76,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 345,57 Gb Total Space | 111,91 Gb Free Space | 32,38% Space Free | Partition Type: NTFS
Drive D: | 292,97 Gb Total Space | 66,51 Gb Free Space | 22,70% Space Free | Partition Type: NTFS
Drive E: | 292,97 Gb Total Space | 32,42 Gb Free Space | 11,07% Space Free | Partition Type: NTFS
 
Computer Name: STEELSERIES-PC | User Name: SteelSeries | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
[color=#E56717]========== Processes (SafeList) ==========[/color]
 
PRC - C:\Users\SteelSeries\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
PRC - C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe (Mozilla Corporation)
PRC - C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Program Files (x86)\Sophos\Sophos Anti-Rootkit\sargui.exe (Sophos Plc)
PRC - C:\Program Files (x86)\S.N.Safe&Software\Safe'n'Sec\protect.exe (StarForce)
PRC - C:\Program Files (x86)\S.N.Safe&Software\Safe'n'Sec\safensec.exe (S.N.Safe&Software)
PRC - C:\Windows\SysWOW64\PnkBstrA.exe ()
PRC - C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe (MAGIX AG)
PRC - C:\Program Files (x86)\Gigabyte\EasySaver\ESSVR.EXE ()
PRC - C:\Windows\SysWOW64\PSIService.exe ()
PRC - C:\Windows\SysWOW64\IoctlSvc.exe (Prolific Technology Inc.)
 
 
[color=#E56717]========== Modules (SafeList) ==========[/color]
 
MOD - C:\Users\SteelSeries\Desktop\OTL.exe (OldTimer Tools)
MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18523_none_5cdd65e20837faf2\comctl32.dll (Microsoft Corporation)
 
 
[color=#E56717]========== Win32 Services (SafeList) ==========[/color]
 
SRV:[b]64bit:[/b] - (PnkBstrA) -- C:\Windows\SysNative\PnkBstrA.exe File not found
SRV:[b]64bit:[/b] - (Ati External Event Utility) -- C:\Windows\SysNative\Ati2evxx.exe ()
SRV:[b]64bit:[/b] - (AppMgmt) -- C:\Windows\SysNative\appmgmts.dll ()
SRV - (Steam Client Service) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve Corporation)
SRV - (AntiVirService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
SRV - (AntiVirSchedulerService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
SRV - (SafenSec) -- C:\Program Files (x86)\S.N.Safe&Software\Safe'n'Sec\safensec.exe (S.N.Safe&Software)
SRV - (PnkBstrA) -- C:\Windows\SysWOW64\PnkBstrA.exe ()
SRV - (AODService) -- C:\Program Files (x86)\AMD\OverDrive\AODAssist.exe ()
SRV - (Fabs) -- C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe (MAGIX AG)
SRV - (SandraAgentSrv) -- C:\Programme\SiSoftware\SiSoftware Sandra Lite 2009.SP2\RpcAgentSrv.exe (SiSoftware)
SRV - (ES lite Service) -- C:\Program Files (x86)\Gigabyte\EasySaver\ESSVR.EXE ()
SRV - (FirebirdServerMAGIXInstance) -- C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe (MAGIX®)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (ProtexisLicensing) -- C:\Windows\SysWOW64\PSIService.exe ()
SRV - (PLFlash DeviceIoControl Service) -- C:\Windows\SysWOW64\IoctlSvc.exe (Prolific Technology Inc.)
 
 
[color=#E56717]========== Driver Services (SafeList) ==========[/color]
 
DRV:[b]64bit:[/b] - (NwlnkFwd) -- C:\Windows\SysNative\DRIVERS\nwlnkfwd.sys File not found
DRV:[b]64bit:[/b] - (NwlnkFlt) -- C:\Windows\SysNative\DRIVERS\nwlnkflt.sys File not found
DRV:[b]64bit:[/b] - (IpInIp) -- C:\Windows\SysNative\DRIVERS\ipinip.sys File not found
DRV:[b]64bit:[/b] - (avgntflt) -- C:\Windows\SysNative\DRIVERS\avgntflt.sys ()
DRV:[b]64bit:[/b] - (MEMSWEEP2) -- C:\Windows\SysNative\1A16.tmp ()
DRV:[b]64bit:[/b] - (avipbb) -- C:\Windows\SysNative\DRIVERS\avipbb.sys ()
DRV:[b]64bit:[/b] - (atksgt) -- C:\Windows\SysNative\DRIVERS\atksgt.sys ()
DRV:[b]64bit:[/b] - (lirsgt) -- C:\Windows\SysNative\DRIVERS\lirsgt.sys ()
DRV:[b]64bit:[/b] - (sptd) -- C:\Windows\SysNative\Drivers\sptd.sys ()
DRV:[b]64bit:[/b] - (atikmdag) -- C:\Windows\SysNative\DRIVERS\atikmdag.sys ()
DRV:[b]64bit:[/b] - (RTHDMIAzAudService) -- C:\Windows\SysNative\drivers\RtHDMIVX.sys ()
DRV:[b]64bit:[/b] - (RTL8169) -- C:\Windows\SysNative\DRIVERS\Rtlh64.sys ()
DRV:[b]64bit:[/b] - (pavboot) -- C:\Windows\SysNative\drivers\pavboot64.sys ()
DRV:[b]64bit:[/b] - (WpdUsb) -- C:\Windows\SysNative\DRIVERS\wpdusb.sys ()
DRV:[b]64bit:[/b] - (LUsbFilt) -- C:\Windows\SysNative\Drivers\LUsbFilt.Sys ()
DRV:[b]64bit:[/b] - (LMouKE) -- C:\Windows\SysNative\DRIVERS\LMouKE.Sys ()
DRV:[b]64bit:[/b] - (LMouFilt) -- C:\Windows\SysNative\DRIVERS\LMouFilt.Sys ()
DRV:[b]64bit:[/b] - (LHidFilt) -- C:\Windows\SysNative\DRIVERS\LHidFilt.Sys ()
DRV:[b]64bit:[/b] - (L8042mou) -- C:\Windows\SysNative\DRIVERS\L8042mou.Sys ()
DRV:[b]64bit:[/b] - (L8042Kbd) -- C:\Windows\SysNative\DRIVERS\L8042Kbd.sys ()
DRV:[b]64bit:[/b] - (Ntfs) -- C:\Windows\SysNative\Wbem\ntfs.mof ()
DRV - (GVTDrv64) -- C:\Windows\GVTDrv64.sys ()
DRV - (gdrv) -- C:\Windows\gdrv.sys (Windows (R) Server 2003 DDK provider)
DRV - (SANDRA) -- C:\Programme\SiSoftware\SiSoftware Sandra Lite 2009.SP2\WNt500x64\sandra.sys (SiSoftware)
DRV - (hotcore3) -- C:\Windows\SysWOW64\drivers\hotcore3.sys (Paragon Software Group)
DRV - (speedfan) -- C:\Windows\SysWOW64\speedfan.sys (Windows (R) Server 2003 DDK provider)
 
 
[color=#E56717]========== Standard Registry (SafeList) ==========[/color]
 
 
[color=#E56717]========== Internet Explorer ==========[/color]
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.de/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\URLSearchHook:  - Reg Error: Key error. File not found
IE - HKCU\..\URLSearchHook: {0063BF63-BFFF-4B8F-9D26-4267DF7F17DD} - C:\Windows\SysWOW64\dvmurl.dll (DeviceVM Inc.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
[color=#E56717]========== FireFox ==========[/color]
 
FF - prefs.js..browser.search.defaultenginename: "ICQ Search"
FF - prefs.js..browser.search.selectedEngine: "Wikipedia (de)"
FF - prefs.js..browser.startup.homepage: "http://www.google.de"
FF - prefs.js..extensions.enabledItems: de-DE@dictionaries.addons.mozilla.org:2.0.1
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: silvermelxt@pardal.de:1.3.5
FF - prefs.js..extensions.enabledItems: {ACAA314B-EEBA-48e4-AD47-84E31C44796C}:1.0.1
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: {e4a8a97b-f2ed-450b-b12d-ee082ba24781}:0.8.20100408.6
FF - prefs.js..extensions.enabledItems: {59c81df5-4b7a-477b-912d-4e0fdf64e5f2}:0.9.86
FF - prefs.js..extensions.enabledItems: {b41cb5f0-2e52-11de-8c30-0800200c9a66}:2.1
FF - prefs.js..extensions.enabledItems: silvermel@pardal.de:1.3.5
FF - prefs.js..extensions.enabledItems: {07b2a769-ed19-4483-87ce-c643914c81bb}:3.0.0.91
 
 
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.12\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2010.10.28 12:45:14 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.12\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2010.11.23 10:35:04 | 000,000,000 | ---D | M]
 
[2009.04.01 16:44:17 | 000,000,000 | ---D | M] -- C:\Users\SteelSeries\AppData\Roaming\mozilla\Extensions
[2010.11.27 07:00:04 | 000,000,000 | ---D | M] -- C:\Users\SteelSeries\AppData\Roaming\mozilla\Firefox\Profiles\ci5aqo0s.default\extensions
[2010.05.29 11:19:11 | 000,000,000 | ---D | M] (Vista-aero) -- C:\Users\SteelSeries\AppData\Roaming\mozilla\Firefox\Profiles\ci5aqo0s.default\extensions\{07b2a769-ed19-4483-87ce-c643914c81bb}
[2009.04.03 22:20:40 | 000,000,000 | ---D | M] (Aquatint Redone) -- C:\Users\SteelSeries\AppData\Roaming\mozilla\Firefox\Profiles\ci5aqo0s.default\extensions\{47e5a66c-0e35-11dc-8314-0800200c9a66}
[2010.11.08 00:47:10 | 000,000,000 | ---D | M] (ChatZilla) -- C:\Users\SteelSeries\AppData\Roaming\mozilla\Firefox\Profiles\ci5aqo0s.default\extensions\{59c81df5-4b7a-477b-912d-4e0fdf64e5f2}
[2010.07.26 18:10:46 | 000,000,000 | ---D | M] (No name found) -- C:\Users\SteelSeries\AppData\Roaming\mozilla\Firefox\Profiles\ci5aqo0s.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
[2010.06.10 07:04:51 | 000,000,000 | ---D | M] (Black Stratini) -- C:\Users\SteelSeries\AppData\Roaming\mozilla\Firefox\Profiles\ci5aqo0s.default\extensions\{b41cb5f0-2e52-11de-8c30-0800200c9a66}
[2010.10.14 19:24:22 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\SteelSeries\AppData\Roaming\mozilla\Firefox\Profiles\ci5aqo0s.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2010.10.14 19:24:22 | 000,000,000 | ---D | M] (No name found) -- C:\Users\SteelSeries\AppData\Roaming\mozilla\Firefox\Profiles\ci5aqo0s.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}-trash
[2010.11.03 14:47:37 | 000,000,000 | ---D | M] (Greasemonkey) -- C:\Users\SteelSeries\AppData\Roaming\mozilla\Firefox\Profiles\ci5aqo0s.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}
[2010.02.13 03:37:02 | 000,000,000 | ---D | M] -- C:\Users\SteelSeries\AppData\Roaming\mozilla\Firefox\Profiles\ci5aqo0s.default\extensions\de-DE@dictionaries.addons.mozilla.org
[2010.06.10 07:02:53 | 000,000,000 | ---D | M] -- C:\Users\SteelSeries\AppData\Roaming\mozilla\Firefox\Profiles\ci5aqo0s.default\extensions\silvermel@pardal.de
[2010.06.10 07:02:58 | 000,000,000 | ---D | M] -- C:\Users\SteelSeries\AppData\Roaming\mozilla\Firefox\Profiles\ci5aqo0s.default\extensions\silvermelxt@pardal.de
[2010.01.17 21:56:40 | 000,000,000 | ---D | M] -- C:\Users\SteelSeries\AppData\Roaming\mozilla\Firefox\Profiles\ci5aqo0s.default\extensions\smileys@yourdomain.com
[2010.05.29 11:19:14 | 000,000,000 | ---D | M] (No name found) -- C:\Users\SteelSeries\AppData\Roaming\mozilla\Firefox\Profiles\ci5aqo0s.default\extensions\{07b2a769-ed19-4483-87ce-c643914c81bb}\chrome\mozapps\extensions
[2010.11.25 07:32:52 | 000,000,944 | ---- | M] () -- C:\Users\SteelSeries\AppData\Roaming\Mozilla\FireFox\Profiles\ci5aqo0s.default\searchplugins\icqplugin.xml
[2010.10.22 23:05:41 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\mozilla firefox\extensions
[2009.07.18 19:53:05 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
[2010.06.10 05:26:45 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010.08.02 14:57:07 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
[2010.10.22 23:05:41 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
[2010.04.23 17:25:11 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\mozilla firefox\extensions\ogamescript
[2010.04.23 17:25:54 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\mozilla firefox\extensions\ogameskript.xpi
[2010.09.15 03:50:38 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll
[2009.12.21 06:47:02 | 000,063,488 | ---- | M] (Nullsoft) -- C:\Program Files (x86)\mozilla firefox\plugins\npwachk.dll
[2010.06.15 09:39:55 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2010.06.15 09:39:55 | 000,002,344 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2010.06.15 09:39:55 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2010.06.15 09:39:55 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2010.06.15 09:39:55 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2006.09.18 22:37:24 | 000,000,761 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1       localhost
O1 - Hosts: ::1             localhost
O2 - BHO: (IE7Pro BHO) - {00011268-E188-40DF-A514-835FCD78B1BF} - C:\Program Files (x86)\IEPro\iepro.dll (IE7Pro.com)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Grab Pro) - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - C:\Program Files (x86)\IEPro\IEProRecorder.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (Grab Pro) - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - C:\Program Files (x86)\IEPro\IEProRecorder.dll ()
O4:[b]64bit:[/b] - HKLM..\Run: [Kernel and Hardware Abstraction Layer] C:\Windows\KHALMNPR.Exe (Logitech, Inc.)
O4:[b]64bit:[/b] - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4:[b]64bit:[/b] - HKLM..\Run: [Safe'n'Sec Pro] C:\Program Files (x86)\S.N.Safe&Software\Safe'n'Sec\snsmcon.exe (S.N.Safe&Software)
O4:[b]64bit:[/b] - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [ControlCenter3] C:\Program Files (x86)\Brother\ControlCenter3\brctrcen.exe (Brother Industries, Ltd.)
O4 - HKLM..\Run: [EasyTuneVI] C:\Program Files (x86)\GIGABYTE\ET6\ETcall.exe ()
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [Ulead AutoDetector v2] C:\Program Files (x86)\Common Files\Ulead Systems\AutoDetector\monitor.exe (Ulead Systems, Inc.)
O4 - HKCU..\Run: [ISUSPM Startup] c:\Programme (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe File not found
O4 - HKCU..\Run: [Steam] C:\Program Files (x86)\Steam\Steam.exe (Valve Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O8:[b]64bit:[/b] - Extra context menu item: Free YouTube to Mp3 Converter - C:\Users\SteelSeries\AppData\Roaming\DVDVideoSoftIEHelpers\youtubetomp3.htm ()
O8 - Extra context menu item: Free YouTube to Mp3 Converter - C:\Users\SteelSeries\AppData\Roaming\DVDVideoSoftIEHelpers\youtubetomp3.htm ()
O9 - Extra Button: IE7Pro Grab and Drag - {000002a3-84fe-43f1-b958-f2c3ca804f1a} - C:\Program Files (x86)\IEPro\iepro.dll (IE7Pro.com)
O9 - Extra 'Tools' menuitem : IE7Pro Grab and Drag - {000002a3-84fe-43f1-b958-f2c3ca804f1a} - C:\Program Files (x86)\IEPro\iepro.dll (IE7Pro.com)
O9 - Extra Button: IE7Pro Preferences - {0026439F-A980-4f18-8C95-4F1CBBF9C1D8} - C:\Program Files (x86)\IEPro\iepro.dll (IE7Pro.com)
O9 - Extra 'Tools' menuitem : IE7Pro Preferences - {0026439F-A980-4f18-8C95-4F1CBBF9C1D8} - C:\Program Files (x86)\IEPro\iepro.dll (IE7Pro.com)
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {3860DD98-0549-4D50-AA72-5D17D200EE10} http://cdn.scan.onecare.live.com/resource/download/scanner/de-de/wlscctrl2.cab (Windows Live OneCare safety scanner control)
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} http://download.bitdefender.com/resources/scanner/sources/en/scan8/oscan8.cab (BDSCANONLINE Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab (Java Plug-in 1.6.0_16)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 83.169.186.161 192.168.0.1
O18:[b]64bit:[/b] - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Reg Error: Key error. File not found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O20:[b]64bit:[/b] - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O21:[b]64bit:[/b] - SSODL: SnsShell - {A38300ED-853B-462b-A69F-DF0BB36B496A} - C:\Program Files (x86)\S.N.Safe&Software\Safe'n'Sec\snsshex.dll (S.N.Safe&Software)
O24 - Desktop WallPaper: C:\Users\SteelSeries\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
O24 - Desktop BackupWallPaper: C:\Users\SteelSeries\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{9bc030d2-29fa-11de-b190-001fd0d6f7a8}\Shell - "" = AutoRun
O33 - MountPoints2\{9bc030d2-29fa-11de-b190-001fd0d6f7a8}\Shell\AutoRun\command - "" = G:\SETUP.EXE -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
O35:[b]64bit:[/b] - HKLM\..comfile [open] -- "%1" %*
O35:[b]64bit:[/b] - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...com [@ = comfile] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]
 
[2010.11.27 07:53:46 | 000,575,488 | ---- | C] (OldTimer Tools) -- C:\Users\SteelSeries\Desktop\OTL.exe
[2010.11.25 22:54:19 | 000,000,000 | ---D | C] -- C:\ProgramData\S.N.Safe&Software
[2010.11.25 22:54:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\S.N.Safe&Software
[2010.11.16 05:17:46 | 000,000,000 | ---D | C] -- C:\Users\SteelSeries\AppData\Local\OtstoiSoft
[2010.11.15 05:43:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Windows Live Safety Center
[2010.11.15 05:18:48 | 000,157,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\t2embed.dll
[2010.11.15 05:16:22 | 000,954,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc40.dll
[2010.11.15 05:16:22 | 000,954,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc40u.dll
[2010.11.15 05:15:09 | 008,147,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmploc.DLL
[2010.11.15 05:15:05 | 010,624,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmp.dll
[2010.11.15 05:13:44 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\netevent.dll
[2010.11.15 05:13:39 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\sscore.dll
[2010.11.15 05:12:11 | 000,866,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmpmde.dll
[2010.11.15 05:09:07 | 000,066,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2010.11.15 05:09:06 | 000,206,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll
[2010.11.15 05:09:06 | 000,184,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll
[2010.11.15 05:09:06 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll
[2010.11.15 05:09:05 | 000,602,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeeds.dll
[2010.11.15 05:09:05 | 000,164,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2010.11.15 05:09:04 | 000,133,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2010.11.15 05:09:04 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll
[2010.11.15 05:09:04 | 000,055,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2010.11.15 05:09:03 | 000,385,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec
[2010.11.15 05:09:03 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2010.11.15 05:09:02 | 001,469,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2010.11.15 05:09:02 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ie4uinit.exe
[2010.11.15 05:09:02 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe
[2010.11.14 03:36:02 | 000,000,000 | ---D | C] -- C:\Users\SteelSeries\AppData\Roaming\Auslogics
[2010.11.14 03:35:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Auslogics
[2010.11.14 03:35:34 | 004,576,616 | ---- | C] (Auslogics Software Pty Ltd                                  ) -- C:\Users\SteelSeries\Desktop\disk-defrag-setup3.1.9.160.exe
[2010.11.13 20:41:18 | 000,000,000 | ---D | C] -- C:\Users\SteelSeries\AppData\Roaming\AVS4YOU
[3 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
[3 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
[2 C:\Windows\SysNative\*.tmp files -> C:\Windows\SysNative\*.tmp -> ]
 
[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]
 
[2010.11.27 10:49:10 | 000,001,064 | ---- | M] () -- C:\Windows\tasks\Google Software Updater.job
[2010.11.27 10:18:00 | 000,001,108 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2010.11.27 10:16:07 | 000,003,760 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2010.11.27 10:16:07 | 000,003,760 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2010.11.27 08:23:16 | 001,418,806 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2010.11.27 08:23:16 | 000,618,204 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2010.11.27 08:23:16 | 000,586,980 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2010.11.27 08:23:16 | 000,122,636 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2010.11.27 08:23:16 | 000,101,052 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2010.11.27 08:16:30 | 000,030,528 | ---- | M] () -- C:\Windows\GVTDrv64.sys
[2010.11.27 08:16:23 | 000,024,072 | ---- | M] (Windows (R) Server 2003 DDK provider) -- C:\Windows\gdrv.sys
[2010.11.27 08:15:53 | 000,001,104 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2010.11.27 08:15:48 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010.11.27 08:13:50 | 000,000,204 | ---- | M] () -- C:\Users\SteelSeries\defogger_reenable
[2010.11.27 08:08:15 | 000,050,477 | ---- | M] () -- C:\Users\SteelSeries\Desktop\Defogger.exe
[2010.11.27 07:53:48 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\SteelSeries\Desktop\OTL.exe
[2010.11.26 20:21:58 | 000,000,450 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{34B2F27B-45B4-4884-8ABC-125FE844BCE3}.job
[2010.11.26 00:29:06 | 000,761,388 | ---- | M] () -- C:\Windows\SysNative\drivers\snscore.dat
[2010.11.25 22:54:20 | 000,001,047 | ---- | M] () -- C:\Users\Public\Desktop\Safe'n'Sec.lnk
[2010.11.23 10:35:04 | 000,001,917 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk
[2010.11.23 05:26:20 | 000,083,120 | ---- | M] () -- C:\Windows\SysNative\drivers\avgntflt.sys
[2010.11.21 08:10:15 | 000,000,680 | ---- | M] () -- C:\Users\SteelSeries\AppData\Local\d3d9caps.dat
[2010.11.15 11:34:48 | 000,220,160 | ---- | M] () -- C:\Users\SteelSeries\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.11.15 05:25:17 | 000,419,040 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2010.11.14 03:35:59 | 000,001,081 | ---- | M] () -- C:\Users\SteelSeries\Desktop\Auslogics Disk Defrag.lnk
[2010.11.14 03:35:37 | 004,576,616 | ---- | M] (Auslogics Software Pty Ltd                                  ) -- C:\Users\SteelSeries\Desktop\disk-defrag-setup3.1.9.160.exe
[3 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
[3 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
[2 C:\Windows\SysNative\*.tmp files -> C:\Windows\SysNative\*.tmp -> ]
 
[color=#E56717]========== Files Created - No Company Name ==========[/color]
 
[2010.11.27 08:13:49 | 000,000,204 | ---- | C] () -- C:\Users\SteelSeries\defogger_reenable
[2010.11.27 08:08:15 | 000,050,477 | ---- | C] () -- C:\Users\SteelSeries\Desktop\Defogger.exe
[2010.11.26 00:29:06 | 000,761,388 | ---- | C] () -- C:\Windows\SysNative\drivers\snscore.dat
[2010.11.25 22:54:20 | 000,001,047 | ---- | C] () -- C:\Users\Public\Desktop\Safe'n'Sec.lnk
[2010.11.15 05:18:48 | 000,189,952 | ---- | C] () -- C:\Windows\SysNative\t2embed.dll
[2010.11.15 05:18:02 | 002,751,488 | ---- | C] () -- C:\Windows\SysNative\win32k.sys
[2010.11.15 05:17:09 | 001,923,584 | ---- | C] () -- C:\Windows\SysNative\ole32.dll
[2010.11.15 05:15:09 | 008,147,968 | ---- | C] () -- C:\Windows\SysNative\wmploc.DLL
[2010.11.15 05:15:05 | 013,425,152 | ---- | C] () -- C:\Windows\SysNative\wmp.dll
[2010.11.15 05:13:44 | 000,017,920 | ---- | C] () -- C:\Windows\SysNative\netevent.dll
[2010.11.15 05:13:39 | 000,461,824 | ---- | C] () -- C:\Windows\SysNative\drivers\srv.sys
[2010.11.15 05:13:39 | 000,179,712 | ---- | C] () -- C:\Windows\SysNative\srvsvc.dll
[2010.11.15 05:13:39 | 000,175,104 | ---- | C] () -- C:\Windows\SysNative\drivers\srv2.sys
[2010.11.15 05:13:39 | 000,144,896 | ---- | C] () -- C:\Windows\SysNative\drivers\srvnet.sys
[2010.11.15 05:13:39 | 000,012,288 | ---- | C] () -- C:\Windows\SysNative\sscore.dll
[2010.11.15 05:12:52 | 000,633,856 | ---- | C] () -- C:\Windows\SysNative\comctl32.dll
[2010.11.15 05:12:11 | 001,090,048 | ---- | C] () -- C:\Windows\SysNative\wmpmde.dll
[2010.11.15 05:11:11 | 000,343,040 | ---- | C] () -- C:\Windows\SysNative\schannel.dll
[2010.11.15 05:09:07 | 001,638,912 | ---- | C] () -- C:\Windows\SysNative\mshtml.tlb
[2010.11.15 05:09:07 | 000,096,768 | ---- | C] () -- C:\Windows\SysNative\mshtmled.dll
[2010.11.15 05:09:06 | 001,486,848 | ---- | C] () -- C:\Windows\SysNative\urlmon.dll
[2010.11.15 05:09:06 | 001,062,912 | ---- | C] () -- C:\Windows\SysNative\mstime.dll
[2010.11.15 05:09:06 | 000,243,712 | ---- | C] () -- C:\Windows\SysNative\occache.dll
[2010.11.15 05:09:06 | 000,071,680 | ---- | C] () -- C:\Windows\SysNative\msfeedsbs.dll
[2010.11.15 05:09:06 | 000,056,832 | ---- | C] () -- C:\Windows\SysNative\licmgr10.dll
[2010.11.15 05:09:06 | 000,031,744 | ---- | C] () -- C:\Windows\SysNative\jsproxy.dll
[2010.11.15 05:09:05 | 000,710,656 | ---- | C] () -- C:\Windows\SysNative\msfeeds.dll
[2010.11.15 05:09:05 | 000,252,416 | ---- | C] () -- C:\Windows\SysNative\iepeers.dll
[2010.11.15 05:09:05 | 000,219,136 | ---- | C] () -- C:\Windows\SysNative\ieui.dll
[2010.11.15 05:09:04 | 000,162,816 | ---- | C] () -- C:\Windows\SysNative\ieUnatt.exe
[2010.11.15 05:09:04 | 000,132,096 | ---- | C] () -- C:\Windows\SysNative\iesysprep.dll
[2010.11.15 05:09:04 | 000,072,192 | ---- | C] () -- C:\Windows\SysNative\iernonce.dll
[2010.11.15 05:09:04 | 000,070,656 | ---- | C] () -- C:\Windows\SysNative\ie4uinit.exe
[2010.11.15 05:09:04 | 000,012,288 | ---- | C] () -- C:\Windows\SysNative\msfeedssync.exe
[2010.11.15 05:09:03 | 001,147,904 | ---- | C] () -- C:\Windows\SysNative\wininet.dll
[2010.11.15 05:09:03 | 000,479,232 | ---- | C] () -- C:\Windows\SysNative\html.iec
[2010.11.15 05:09:03 | 000,459,776 | ---- | C] () -- C:\Windows\SysNative\iedkcs32.dll
[2010.11.15 05:09:03 | 000,077,312 | ---- | C] () -- C:\Windows\SysNative\iesetup.dll
[2010.11.15 05:09:02 | 002,335,744 | ---- | C] () -- C:\Windows\SysNative\iertutil.dll
[2010.11.15 05:09:02 | 001,538,560 | ---- | C] () -- C:\Windows\SysNative\inetcpl.cpl
[2010.11.15 05:09:01 | 012,474,368 | ---- | C] () -- C:\Windows\SysNative\ieframe.dll
[2010.11.15 05:08:59 | 009,257,472 | ---- | C] () -- C:\Windows\SysNative\mshtml.dll
[2010.11.14 03:35:59 | 000,001,081 | ---- | C] () -- C:\Users\SteelSeries\Desktop\Auslogics Disk Defrag.lnk
[2010.11.08 22:32:47 | 000,000,450 | -H-- | C] () -- C:\Windows\tasks\User_Feed_Synchronization-{34B2F27B-45B4-4884-8ABC-125FE844BCE3}.job
[2010.09.08 16:57:59 | 000,371,628 | ---- | C] () -- C:\Users\SteelSeries\AppData\Local\dd_vcredistMSI3D90.txt
[2010.09.08 16:57:59 | 000,015,798 | ---- | C] () -- C:\Users\SteelSeries\AppData\Local\dd_vcredistUI3D90.txt
[2010.09.08 16:57:57 | 000,323,982 | ---- | C] () -- C:\Users\SteelSeries\AppData\Local\dd_vcredistMSI3D86.txt
[2010.09.08 16:57:56 | 000,016,014 | ---- | C] () -- C:\Users\SteelSeries\AppData\Local\dd_vcredistUI3D86.txt
[2010.04.04 10:23:12 | 000,000,680 | ---- | C] () -- C:\Users\SteelSeries\AppData\Local\d3d9caps.dat
[2010.03.29 05:40:57 | 000,015,126 | ---- | C] () -- C:\Users\SteelSeries\AppData\Local\dd_vcredistUI77B4.txt
[2010.03.29 01:51:49 | 000,427,220 | ---- | C] () -- C:\Users\SteelSeries\AppData\Local\dd_vcredistMSI4855.txt
[2010.03.29 01:51:49 | 000,011,610 | ---- | C] () -- C:\Users\SteelSeries\AppData\Local\dd_vcredistUI4855.txt
[2010.03.12 04:10:59 | 000,428,352 | ---- | C] () -- C:\Users\SteelSeries\AppData\Local\dd_vcredistMSI0296.txt
[2010.03.12 04:10:59 | 000,022,562 | ---- | C] () -- C:\Users\SteelSeries\AppData\Local\dd_vcredistUI0296.txt
[2010.03.12 04:10:09 | 000,400,732 | ---- | C] () -- C:\Users\SteelSeries\AppData\Local\dd_vcredistMSI01EF.txt
[2010.03.12 04:10:08 | 000,022,842 | ---- | C] () -- C:\Users\SteelSeries\AppData\Local\dd_vcredistUI01EF.txt
[2010.03.02 15:49:56 | 000,061,317 | ---- | C] () -- C:\Users\SteelSeries\AppData\Roaming\AVSDVDPlayer.m3u
[2009.12.22 03:03:47 | 000,146,432 | ---- | C] () -- C:\Windows\SysWow64\APOMngr.DLL
[2009.12.22 03:03:47 | 000,072,704 | ---- | C] () -- C:\Windows\SysWow64\CmdRtr.DLL
[2009.12.21 22:56:55 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2009.11.04 09:21:08 | 000,000,848 | -HS- | C] () -- C:\Windows\SysWow64\KGyGaAvL.sys
[2009.10.15 22:10:10 | 000,120,200 | ---- | C] () -- C:\Windows\SysWow64\DLLDEV32i.dll
[2009.06.04 16:21:31 | 000,000,760 | ---- | C] () -- C:\Users\SteelSeries\AppData\Roaming\setup_ldm.iss
[2009.04.18 17:53:03 | 004,244,744 | ---- | C] () -- C:\Windows\SysWow64\qtp-mt334.dll
[2009.04.18 17:53:03 | 000,247,560 | ---- | C] () -- C:\Windows\SysWow64\prgiso.dll
[2009.04.18 17:53:03 | 000,013,576 | ---- | C] () -- C:\Windows\SysWow64\wnaspi32.dll
[2009.04.01 18:02:37 | 000,030,528 | ---- | C] () -- C:\Windows\GVTDrv64.sys
[2009.04.01 17:02:15 | 000,425,068 | ---- | C] () -- C:\Users\SteelSeries\AppData\Local\dd_vcredistMSI0502.txt
[2009.04.01 17:02:15 | 000,011,410 | ---- | C] () -- C:\Users\SteelSeries\AppData\Local\dd_vcredistUI0502.txt
[2009.04.01 14:47:14 | 000,000,010 | ---- | C] () -- C:\Windows\GSetup.ini
[2009.04.01 14:42:51 | 000,000,732 | ---- | C] () -- C:\Users\SteelSeries\AppData\Local\d3d9caps64.dat
[2009.03.31 02:09:50 | 000,084,480 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll
[2009.03.30 01:04:14 | 000,000,307 | ---- | C] () -- C:\Users\SteelSeries\AppData\Roaming\settings.ini
[2009.01.05 15:44:10 | 000,000,453 | ---- | C] () -- C:\Windows\bdoscandellang.ini
[2009.01.01 14:56:17 | 000,000,425 | ---- | C] () -- C:\Windows\BRWMARK.INI
[2009.01.01 14:56:17 | 000,000,027 | ---- | C] () -- C:\Windows\BRPP2KA.INI
[2009.01.01 14:21:58 | 000,000,080 | ---- | C] () -- C:\Windows\SysWow64\version.ini
[2009.01.01 03:03:46 | 008,515,584 | ---- | C] () -- C:\ProgramData\sandra.mda
[2009.01.01 01:18:25 | 000,220,160 | ---- | C] () -- C:\Users\SteelSeries\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009.01.01 00:12:56 | 000,003,972 | ---- | C] () -- C:\Windows\SysWow64\drivers\PciBus.sys
[2008.12.07 14:08:06 | 000,524,288 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll
[2008.12.07 14:08:04 | 000,139,264 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll
[2008.01.21 03:49:10 | 000,060,124 | ---- | C] () -- C:\Windows\SysWow64\tcpmon.ini
[2008.01.21 03:48:56 | 000,368,640 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2007.09.04 12:56:10 | 000,164,352 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll
[2007.02.05 21:05:26 | 000,000,038 | ---- | C] () -- C:\Windows\AviSplitter.INI
 
[color=#E56717]========== LOP Check ==========[/color]
 
[2010.11.14 03:36:02 | 000,000,000 | ---D | M] -- C:\Users\SteelSeries\AppData\Roaming\Auslogics
[2009.04.15 22:18:45 | 000,000,000 | ---D | M] -- C:\Users\SteelSeries\AppData\Roaming\DAEMON Tools Pro
[2010.07.26 18:10:45 | 000,000,000 | ---D | M] -- C:\Users\SteelSeries\AppData\Roaming\DVDVideoSoftIEHelpers
[2010.09.15 11:25:49 | 000,000,000 | ---D | M] -- C:\Users\SteelSeries\AppData\Roaming\FileZilla
[2010.10.27 19:21:33 | 000,000,000 | ---D | M] -- C:\Users\SteelSeries\AppData\Roaming\GrabPro
[2009.06.04 16:21:36 | 000,000,000 | ---D | M] -- C:\Users\SteelSeries\AppData\Roaming\Leadertech
[2010.08.25 13:51:21 | 000,000,000 | ---D | M] -- C:\Users\SteelSeries\AppData\Roaming\MAGIX
[2010.11.03 14:48:33 | 000,000,000 | ---D | M] -- C:\Users\SteelSeries\AppData\Roaming\MiniDm
[2010.01.11 14:28:29 | 000,000,000 | ---D | M] -- C:\Users\SteelSeries\AppData\Roaming\OpenOffice.org
[2009.12.25 04:50:03 | 000,000,000 | ---D | M] -- C:\Users\SteelSeries\AppData\Roaming\TeamViewer
[2009.04.15 23:29:45 | 000,000,000 | ---D | M] -- C:\Users\SteelSeries\AppData\Roaming\The Creative Assembly
[2010.06.13 07:39:59 | 000,000,000 | ---D | M] -- C:\Users\SteelSeries\AppData\Roaming\TuneUp Software
[2010.02.06 01:17:50 | 000,000,000 | ---D | M] -- C:\Users\SteelSeries\AppData\Roaming\Ubisoft
[2009.11.03 15:28:56 | 000,000,000 | ---D | M] -- C:\Users\SteelSeries\AppData\Roaming\Ulead Systems
[2010.11.27 08:14:50 | 000,032,546 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2010.11.26 20:21:58 | 000,000,450 | -H-- | M] () -- C:\Windows\Tasks\User_Feed_Synchronization-{34B2F27B-45B4-4884-8ABC-125FE844BCE3}.job
 
[color=#E56717]========== Purity Check ==========[/color]
 
 

< End of report >

Code

OTL Extras logfile created on: 27.11.2010 10:53:36 - Run 3
OTL by OldTimer - Version 3.2.17.3     Folder = C:\Users\SteelSeries\Desktop
64bit-Windows Vista Ultimate Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18975)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
4,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 58,00% Memory free
8,00 Gb Paging File | 6,00 Gb Available in Paging File | 76,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 345,57 Gb Total Space | 111,91 Gb Free Space | 32,38% Space Free | Partition Type: NTFS
Drive D: | 292,97 Gb Total Space | 66,51 Gb Free Space | 22,70% Space Free | Partition Type: NTFS
Drive E: | 292,97 Gb Total Space | 32,42 Gb Free Space | 11,07% Space Free | Partition Type: NTFS
 
Computer Name: STEELSERIES-PC | User Name: SteelSeries | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
[color=#E56717]========== Extra Registry (SafeList) ==========[/color]
 
 
[color=#E56717]========== File Associations ==========[/color]
 
[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\System32\ieframe.DLL (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
 
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
[color=#E56717]========== Shell Spawning ==========[/color]
 
[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %* File not found
cmdfile [open] -- "%1" %* File not found
comfile [open] -- "%1" %* File not found
exefile [open] -- "%1" %* File not found
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1" File not found
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" ()
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %* File not found
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1" File not found
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l ()
scrfile [open] -- "%1" /S File not found
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" ()
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft)
Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\winamp.exe" /ADD "%1" (Nullsoft)
Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\winamp.exe" "%1" (Nullsoft)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft)
Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\winamp.exe" /ADD "%1" (Nullsoft)
Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\winamp.exe" "%1" (Nullsoft)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
[color=#E56717]========== Security Center Settings ==========[/color]
 
[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = C2 FE 8D 6A DC 5B C8 01  [binary data]
 
[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\S-1-5-21-3679664275-334771898-890504158-1000]
"EnableNotifications" = 0
"EnableNotificationsRef" = 1
 
[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"oobe_av" = 1
 
[color=#E56717]========== Firewall Settings ==========[/color]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[color=#E56717]========== Authorized Applications List ==========[/color]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files (x86)\IEPro\MiniDM.exe" = C:\Program Files (x86)\IEPro\MiniDM.exe:*:Enabled:MiniDM -- (IE7Pro.com)
"C:\Program Files (x86)\IEPro\MiniDM.exe" = C:\Program Files (x86)\IEPro\MiniDM.exe:*:Enabled:MiniDM -- (IE7Pro.com)
 
 
[color=#E56717]========== Vista Active Open Ports Exception List ==========[/color]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{4CB1A6EC-07A4-4425-B5F9-F774BCDDD530}" = lport=rpc | protocol=6 | dir=in | app=c:\program files\sisoftware\sisoftware sandra lite 2009.sp2\wnt500x64\rpcsandrasrv.exe | 
"{5DFB4B25-9D69-47DF-A20E-57658AC686CA}" = lport=rpc | protocol=6 | dir=in | app=c:\program files\sisoftware\sisoftware sandra lite 2009.sp2\wnt500x64\rpcsandrasrv.exe | 
"{94912AB9-8579-4AC0-9620-87F0634F5FD6}" = lport=rpc | protocol=6 | dir=in | app=c:\program files\sisoftware\sisoftware sandra lite 2009.sp2\wnt500x64\rpcsandrasrv.exe | 
"{A091ACE7-A0D3-46F5-B387-4963A58FD4DE}" = lport=rpc | protocol=6 | dir=in | app=c:\program files\sisoftware\sisoftware sandra lite 2009.sp2\rpcagentsrv.exe | 
"{A2435F68-3834-4C14-9A37-8D8183707CF7}" = lport=rpc | protocol=6 | dir=in | app=c:\program files\sisoftware\sisoftware sandra lite 2009.sp2\wnt500x64\rpcsandrasrv.exe | 
"{CA5E027C-77C8-4719-8B8D-9115F9F6A4B2}" = lport=rpc | protocol=6 | dir=in | app=c:\program files\sisoftware\sisoftware sandra lite 2009.sp2\wnt500x64\rpcsandrasrv.exe | 
"{F86DE1E8-E84A-40C3-8396-1E71A9C5BD8A}" = lport=rpc | protocol=6 | dir=in | app=c:\program files\sisoftware\sisoftware sandra lite 2009.sp2\wnt500x64\rpcsandrasrv.exe | 
 
[color=#E56717]========== Vista Active Application Exception List ==========[/color]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{6CEA2597-7CD2-4CAF-BE9D-5A5BB973DF99}" = protocol=1 | dir=in | name=sisoftware sandra agent service (icmp-in) | 
"{7B90E4A9-4B7D-453D-BA3F-AA7272FF72B5}" = protocol=1 | dir=in | name=sisoftware sandra agent service (icmp-in) | 
"{7DB0999F-BE66-4150-BD8D-721DF29E1B5E}" = protocol=1 | dir=in | name=sisoftware sandra agent service (icmp-in) | 
"{80263F39-3242-4A27-B537-8F4153675E00}" = protocol=17 | dir=in | app=c:\program files (x86)\s.n.safe&software\safe'n'sec\snsupd.exe | 
"{87600A11-983F-4EA8-A3F8-2AF4C2072909}" = protocol=6 | dir=in | app=c:\program files (x86)\s.n.safe&software\safe'n'sec\snsmcon.exe | 
"{9D229C45-933E-499A-83ED-EB7D2B500F51}" = protocol=1 | dir=in | name=sisoftware sandra agent service (icmp-in) | 
"{AB1B8376-02C4-4699-9C2C-08D1D179EED7}" = protocol=1 | dir=in | name=sisoftware sandra agent service (icmp-in) | 
"{D5690DA1-536C-4842-8ABE-B033F39A3110}" = protocol=6 | dir=in | app=c:\program files (x86)\s.n.safe&software\safe'n'sec\snsupd.exe | 
"{D58818D5-6761-4E0F-825C-F6AA75F89338}" = protocol=1 | dir=in | name=sisoftware deployment agent service (icmp-in) | 
"{E183DBA8-2BC1-4054-BAC6-45005BA23964}" = protocol=17 | dir=in | app=c:\program files (x86)\s.n.safe&software\safe'n'sec\snsmcon.exe | 
"{E810F8B0-72CF-4D21-92F9-93159FC7D37F}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe | 
"{E8EC9AA5-41FB-45C6-8698-4167D947EB1B}" = protocol=1 | dir=in | name=sisoftware sandra agent service (icmp-in) | 
"TCP Query User{13FAA0AA-B751-4E65-8191-DAEB3D7EAD70}C:\program files (x86)\mozilla firefox\firefox.exe" = protocol=6 | dir=in | app=c:\program files (x86)\mozilla firefox\firefox.exe | 
"TCP Query User{15345F76-4399-4AFB-84C1-9D838F60AC8F}C:\program files (x86)\google\google earth\plugin\geplugin.exe" = protocol=6 | dir=in | app=c:\program files (x86)\google\google earth\plugin\geplugin.exe | 
"TCP Query User{1C28833C-5890-4236-B923-A648C5DA79B1}C:\program files (x86)\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files (x86)\internet explorer\iexplore.exe | 
"TCP Query User{67431692-318D-4DB3-B417-631FE6F5C32F}C:\program files (x86)\sopcast\adv\sopadver.exe" = protocol=6 | dir=in | app=c:\program files (x86)\sopcast\adv\sopadver.exe | 
"TCP Query User{6BFEA883-BBD2-45D4-893A-7D68514AEB60}C:\program files (x86)\java\jre6\bin\java.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre6\bin\java.exe | 
"TCP Query User{AE7B618D-312C-4E02-87DE-0D230385BC9F}C:\program files (x86)\google\google earth\client\googleearth.exe" = protocol=6 | dir=in | app=c:\program files (x86)\google\google earth\client\googleearth.exe | 
"TCP Query User{BEECB924-590B-41D6-9138-06CB69E57398}C:\program files (x86)\sopcast\sopcast.exe" = protocol=6 | dir=in | app=c:\program files (x86)\sopcast\sopcast.exe | 
"UDP Query User{07B01B80-7D71-44AE-937F-54EB9EF88C7F}C:\program files (x86)\mozilla firefox\firefox.exe" = protocol=17 | dir=in | app=c:\program files (x86)\mozilla firefox\firefox.exe | 
"UDP Query User{3268C871-43F8-4581-B583-8DA3E0EFCFE7}C:\program files (x86)\google\google earth\client\googleearth.exe" = protocol=17 | dir=in | app=c:\program files (x86)\google\google earth\client\googleearth.exe | 
"UDP Query User{81B0CD7C-2817-46FB-8174-60062374A160}C:\program files (x86)\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files (x86)\internet explorer\iexplore.exe | 
"UDP Query User{9CD9BA16-8AE4-4DD2-8EC0-482D561188B3}C:\program files (x86)\google\google earth\plugin\geplugin.exe" = protocol=17 | dir=in | app=c:\program files (x86)\google\google earth\plugin\geplugin.exe | 
"UDP Query User{A1D454AF-F122-474D-9C6A-A35E61C61010}C:\program files (x86)\sopcast\adv\sopadver.exe" = protocol=17 | dir=in | app=c:\program files (x86)\sopcast\adv\sopadver.exe | 
"UDP Query User{CECC8571-FC92-40DF-83A0-89A1BB8EC70F}C:\program files (x86)\sopcast\sopcast.exe" = protocol=17 | dir=in | app=c:\program files (x86)\sopcast\sopcast.exe | 
"UDP Query User{FDF8AF63-131D-4CDB-9639-4516C5BCB820}C:\program files (x86)\java\jre6\bin\java.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre6\bin\java.exe | 
 
[color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{23170F69-40C1-2702-0465-000001000000}" = 7-Zip 4.65 (x64 edition)
"{350AA351-21FA-3270-8B7A-835434E766AD}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022
"{5840FB7C-D53A-C906-4051-536F6621F3C6}" = ATI Catalyst Install Manager
"{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{A116AC61-8223-C019-9F66-2FEBA27A9ABE}" = ccc-utility64
"{C3113E55-7BCB-4de3-8EBF-60E6CE6B2196}_is1" = SiSoftware Sandra Lite 2009.SP2
"PeerGuardian_is1" = PeerGuardian 2.0
"Recuva" = Recuva
"Safe'n'Sec Pro" = Safe'n'Sec
"WinRAR archiver" = WinRAR
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{02EBDBB9-4600-41D3-B566-40CB861511D2}" = World of Warcraft FREE Trial
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{0513EE35-E0FB-4166-B663-BD1AE3A803DE}" = Anno 1404
"{07300F01-89CA-4CF8-92BD-2A605EB83C95}" = EasySaver B8.1208.1 
"{08A1400E-E040-1C31-2E90-49ADACDCE8FF}" = Catalyst Control Center Graphics Light
"{15803703-25FA-4C01-A062-3F4A59937E87}" = Ulead PhotoImpact X3
"{18F04681-FCB2-602E-DB5E-302F65268FBE}" = ccc-core-static
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{212BB5C2-A702-6A1B-A964-C672D94B467D}" = Catalyst Control Center InstallProxy
"{26A24AE4-039D-4CA4-87B4-2F83216016F0}" = Java(TM) 6 Update 16
"{26A24AE4-039D-4CA4-87B4-2F83216020FF}" = Java(TM) 6 Update 22
"{2EA870FA-585F-4187-903D-CB9FFD21E2E0}" = DHTML Editing Component
"{3060F83F-3A04-DCD1-3BC4-35EC73164AF1}" = CCC Help English
"{3D3AFDE9-A3F1-4F1C-434A-9BC75604CE9D}" = Catalyst Control Center Graphics Full Existing
"{3D9CF3CA-3AB0-4A82-9853-D7C43FD1D775}" = ANNO 1404
"{3E6F0CAD-EE38-42A5-9EEA-AE17A55BF2D4}" = Firebird SQL Server - MAGIX Edition
"{4286E640-B5FB-11DF-AC4B-005056C00008}" = Google Earth
"{457D7505-D665-4F95-91C3-ECB8C56E9ACA}" = Easy Tune 6 B08.1212.1
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4E25C468-7745-4051-8B37-4A2C6635BA8B}" = Update Manager B08.1027.1
"{541DEAC0-5F3D-45E6-B7CB-94ECF3B96748}" = Skype web features
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{662E830F-830E-1644-9469-607CA1814F4F}" = Catalyst Control Center Core Implementation
"{6804F085-58B9-8E92-CB0F-769F730F0185}" = Catalyst Control Center Graphics Previews Common
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{7B3F0113-E63C-4D6D-AF19-111A3165CCA2}" = Text-To-Speech-Runtime
"{7F3AD00A-1819-4B15-BB7D-08B3586336D7}" = 3DMark06
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek 8169 8168 8101E 8102E Ethernet Driver
"{8927E07C-97F7-4A54-88FB-D976F50DD46E}" = Turbo Lister 2
"{8CDA6D95-78B3-B62C-4E25-2E24883749E1}" = Catalyst Control Center Graphics Previews Vista
"{8D1E61D1-1395-4E97-997F-D002DB3A5074}" = OpenOffice.org 3.2
"{8DC910CD-8EE3-4ffc-A4EB-9B02701059C4}" = Battlefield Heroes
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9A4D182C-35C7-4791-8484-4304EBC9101A}" = Windows 7 Upgrade Advisor
"{A1F143D1-1F0D-44FB-A44B-71D4367D16DE}" = Melodyne 3.1
"{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}" = Brother MFL-Pro Suite
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1031-7B44-A94000000001}" = Adobe Reader 9.4.1 - Deutsch
"{B2DC3F08-2EB2-49A5-AA24-15DFC8B1CB83}" = @BIOS Ver.2.04
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{C887C75D-2636-41F6-BB7B-FD4B0314C1E1}" = Paragon Partition Manager 9.0 Professional
"{CF8C077A-B467-4C43-8DB5-3A9B94FF9681}" = LightScribe System Software  1.12.29.2
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.1
"{D3B1C799-CB73-42DE-BA0F-2344793A095C}" = Catalyst Control Center - Branding
"{D48818BC-744E-A732-BA1B-59043861F445}" = Catalyst Control Center Graphics Full New
"{D4F8C273-468F-4491-AEA1-A6811B0E2780}" = AMD OverDrive
"{D6987225-AECA-91BC-FA4B-9A2D812BF9D3}" = Catalyst Control Center HydraVision Full
"{DD9E3191-A37E-8A0D-D5A6-5D3C5A8AACBF}" = Skins
"{DE5301C3-EBE3-4D48-9BBB-96E25F3C9780}" = Melodyne 3.1
"{DF6A13C0-77DF-41FE-BD05-6D5201EB0CE7}_is1" = Auslogics Disk Defrag
"{E503B4BF-F7BB-3D5F-8BC8-F694B1CFF942}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022.218
"{E8AEA11B-E60A-455E-B008-E4E763604612}" = Browser Configuration Utility
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F90D6825-8F1F-4E3A-9E42-A9C8A9DD1031}" = Nero 7 Essentials
"{F9FD80CE-0448-4D4F-8BCD-77FC514C3F99}" = Vista Codec Package
"{FE0646A7-19D0-41B4-A2BB-2C35D644270D}" = Windows Live OneCare safety scanner
"ActiveScan 2.0" = Panda ActiveScan 2.0
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"ArtMoney SE_is1" = ArtMoney SE v7.32.1
"AssaultCube_v1.0" = AssaultCube v1.0
"Audacity_is1" = Audacity 1.2.6
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"AVS DVD Player_is1" = AVS DVD Player version 2.4
"AVS4YOU Software Navigator_is1" = AVS4YOU Software Navigator 1.2
"BootDisk2BootStick" = BootDisk2BootStick 0.10
"EVEREST Ultimate Edition_is1" = EVEREST Ultimate Edition v5.01
"FileZilla Client" = FileZilla Client 3.2.7.1
"Free Audio CD Burner_is1" = Free Audio CD Burner version 1.4
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.7
"Google Updater" = Google Updater
"GPU Caps Viewer_is1" = GPU Caps Viewer v1.4.2
"HD Tune_is1" = HD Tune 2.55
"HijackThis" = HijackThis 2.0.2
"IE7Pro" = IE7Pro
"IE7ProSpellCheckDictionary_is1" = Spelling Check Dictionary From OpenOffice.org
"InstallShield_{15803703-25FA-4C01-A062-3F4A59937E87}" = Ulead PhotoImpact X3
"InstallShield_{457D7505-D665-4F95-91C3-ECB8C56E9ACA}" = Easy Tune 6 B08.1212.1
"InstallShield_{4E25C468-7745-4051-8B37-4A2C6635BA8B}" = Update Manager B08.1027.1
"LastFM_is1" = Last.fm 1.5.4.24567
"MAGIX Music Maker Hip Hop Edition 3 Trial D" = MAGIX Music Maker Hip Hop Edition 3 Trial 5.0.0.1 (D)
"Mozilla Firefox (3.6.12)" = Mozilla Firefox (3.6.12)
"OpenAL" = OpenAL
"PunkBusterSvc" = PunkBuster Services
"SopCast" = SopCast 3.2.9
"Sophos-AntiRootkit" = Sophos Anti-Rootkit 1.5.4
"SpeedFan" = SpeedFan (remove only)
"The KMPlayer" = The KMPlayer (remove only)
"tintii" = indii.org/tintii
"Uninstall_is1" = Uninstall 1.0.0.1
"VLC media player" = VLC media player 1.0.1
"WashAndGo_is1" = WashAndGo
"Winamp" = Winamp
"Windows Live OneCare safety scanner" = Windows Live OneCare safety scanner
"xp-AntiSpy" = xp-AntiSpy 3.97-9
 
[color=#E56717]========== HKEY_CURRENT_USER Uninstall List ==========[/color]
 
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Winamp Detect" = Winamp Anwendungserkennung
 
[color=#E56717]========== Last 10 Event Log Errors ==========[/color]
 
[ Application Events ]
Error - 25.11.2010 16:25:28 | Computer Name = SteelSeries-PC | Source = EventSystem | ID = 4621
Description = 
 
Error - 25.11.2010 16:26:53 | Computer Name = SteelSeries-PC | Source = EventSystem | ID = 4609
Description = 
 
Error - 25.11.2010 16:28:08 | Computer Name = SteelSeries-PC | Source = WinMgmt | ID = 10
Description = 
 
Error - 25.11.2010 16:31:25 | Computer Name = SteelSeries-PC | Source = EventSystem | ID = 4609
Description = 
 
Error - 25.11.2010 16:33:07 | Computer Name = SteelSeries-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description = 
 
Error - 25.11.2010 16:33:07 | Computer Name = SteelSeries-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description = 
 
Error - 25.11.2010 16:34:22 | Computer Name = SteelSeries-PC | Source = WinMgmt | ID = 10
Description = 
 
Error - 27.11.2010 02:53:56 | Computer Name = SteelSeries-PC | Source = SideBySide | ID = 16842830
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Users\SteelSeries\Downloads\SoftonicDownloader47650.exe".
 Fehler in Manifest- oder Richtliniendatei "" in Zeile .  Eine für die Anwendung erforderliche
 Komponentenversion steht in Konflikt mit einer anderen bereits aktiven Komponentenversion.
Die
 widersprüchlichen Komponenten sind:  Komponente 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18523_none_5cdd65e20837faf2.manifest.
Komponente
 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18523_none_15302f0af3bbd1ec.manifest.
 
Error - 27.11.2010 02:53:57 | Computer Name = SteelSeries-PC | Source = SideBySide | ID = 16842830
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Users\SteelSeries\Downloads\SoftonicDownloader_fuer_auslogics-disk-defrag.exe".
 Fehler in Manifest- oder Richtliniendatei "" in Zeile .  Eine für die Anwendung erforderliche
 Komponentenversion steht in Konflikt mit einer anderen bereits aktiven Komponentenversion.
Die
 widersprüchlichen Komponenten sind:  Komponente 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18523_none_5cdd65e20837faf2.manifest.
Komponente
 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18523_none_15302f0af3bbd1ec.manifest.
 
Error - 27.11.2010 02:53:57 | Computer Name = SteelSeries-PC | Source = SideBySide | ID = 16842830
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Users\SteelSeries\Downloads\SoftonicDownloader58808.exe".
 Fehler in Manifest- oder Richtliniendatei "" in Zeile .  Eine für die Anwendung erforderliche
 Komponentenversion steht in Konflikt mit einer anderen bereits aktiven Komponentenversion.
Die
 widersprüchlichen Komponenten sind:  Komponente 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18523_none_5cdd65e20837faf2.manifest.
Komponente
 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18523_none_15302f0af3bbd1ec.manifest.
 
[ System Events ]
Error - 02.05.2009 11:19:39 | Computer Name = SteelSeries-PC | Source = Service Control Manager | ID = 7026
Description = 
 
Error - 05.05.2009 11:53:01 | Computer Name = SteelSeries-PC | Source = HTTP | ID = 15016
Description = 
 
Error - 05.05.2009 11:54:42 | Computer Name = SteelSeries-PC | Source = Service Control Manager | ID = 7026
Description = 
 
Error - 07.05.2009 12:12:19 | Computer Name = SteelSeries-PC | Source = Service Control Manager | ID = 7011
Description = 
 
Error - 08.05.2009 04:16:28 | Computer Name = SteelSeries-PC | Source = Service Control Manager | ID = 7011
Description = 
 
Error - 11.05.2009 09:42:28 | Computer Name = SteelSeries-PC | Source = Service Control Manager | ID = 7011
Description = 
 
Error - 23.05.2009 19:38:55 | Computer Name = SteelSeries-PC | Source = Service Control Manager | ID = 7009
Description = 
 
Error - 23.05.2009 19:38:55 | Computer Name = SteelSeries-PC | Source = DCOM | ID = 10005
Description = 
 
Error - 23.05.2009 19:38:55 | Computer Name = SteelSeries-PC | Source = Service Control Manager | ID = 7000
Description = 
 
Error - 25.05.2009 00:38:59 | Computer Name = SteelSeries-PC | Source = Service Control Manager | ID = 7011
Description = 
 
 
< End of report >

Code

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:27:42, on 27.11.2010
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v8.00 (8.00.6001.18975)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Users\SteelSeries\Desktop\OTL.exe
C:\Program Files (x86)\Internet Explorer\IELowutil.exe
C:\Program Files (x86)\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.de/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 
R3 - URLSearchHook: DeviceVM Url Search Hook - {0063BF63-BFFF-4B8F-9D26-4267DF7F17DD} - C:\Windows\SysWOW64\dvmurl.dll
R3 - URLSearchHook: (no name) -  - (no file)
F2 - REG:system.ini: UserInit=userinit.exe
O1 - Hosts: ::1 localhost
O2 - BHO: IE7Pro - {00011268-E188-40DF-A514-835FCD78B1BF} - C:\Program Files (x86)\IEPro\iepro.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: Grab Pro - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - C:\Program Files (x86)\IEPro\IEProRecorder.dll
O4 - HKLM\..\Run: [EasyTuneVI] C:\Program Files (x86)\GIGABYTE\ET6\ETcall.exe
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [ControlCenter3] "C:\Program Files (x86)\Brother\ControlCenter3\brctrcen.exe" /autorun
O4 - HKLM\..\Run: [Ulead AutoDetector v2] "C:\Program Files (x86)\Common Files\Ulead Systems\AutoDetector\monitor.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [Steam] "C:\Program Files (x86)\Steam\Steam.exe" -silent
O4 - HKCU\..\Run: [ISUSPM Startup] c:\PROGRA~2\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe -startup
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOKALER DIENST')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOKALER DIENST')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETZWERKDIENST')
O8 - Extra context menu item: Free YouTube to Mp3 Converter - C:\Users\SteelSeries\AppData\Roaming\DVDVideoSoftIEHelpers\youtubetomp3.htm
O9 - Extra button: IE7Pro Grab and Drag - {000002a3-84fe-43f1-b958-f2c3ca804f1a} - C:\Program Files (x86)\IEPro\iepro.dll
O9 - Extra 'Tools' menuitem: IE7Pro Grab and Drag - {000002a3-84fe-43f1-b958-f2c3ca804f1a} - C:\Program Files (x86)\IEPro\iepro.dll
O9 - Extra button: IE7Pro Preferences - {0026439F-A980-4f18-8C95-4F1CBBF9C1D8} - C:\Program Files (x86)\IEPro\iepro.dll
O9 - Extra 'Tools' menuitem: IE7Pro Preferences - {0026439F-A980-4f18-8C95-4F1CBBF9C1D8} - C:\Program Files (x86)\IEPro\iepro.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe
O13 - Gopher Prefix: 
O16 - DPF: {3860DD98-0549-4D50-AA72-5D17D200EE10} (Windows Live OneCare safety scanner control) - http://cdn.scan.onecare.live.com/resource/download/scanner/de-de/wlscctrl2.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scanner/sources/en/scan8/oscan8.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Avira AntiVir Planer (AntiVirSchedulerService) - Avira GmbH - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
O23 - Service: AODService - Unknown owner - C:\Program Files (x86)\AMD\OverDrive\AODAssist.exe
O23 - Service: Ati External Event Utility - Unknown owner - C:\Windows\system32\Ati2evxx.exe (file missing)
O23 - Service: @dfsrres.dll,-101 (DFSR) - Unknown owner - C:\Windows\system32\DFSR.exe (file missing)
O23 - Service: ES lite Service for program management. (ES lite Service) - Unknown owner - C:\Program Files (x86)\Gigabyte\EasySaver\ESSVR.EXE
O23 - Service: FABS - Helping agent for MAGIX media database (Fabs) - MAGIX AG - C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Firebird Server - MAGIX Instance (FirebirdServerMAGIXInstance) - MAGIX® - C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe
O23 - Service: Google Update Service (gupdate1ca0b78832af0f8) (gupdate1ca0b78832af0f8) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: NBService - Nero AG - C:\Program Files (x86)\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NMIndexingService - Nero AG - C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\Windows\SysWOW64\IoctlSvc.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: ProtexisLicensing - Unknown owner - C:\Windows\SysWOW64\PSIService.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: SafenSec - S.N.Safe&Software - C:\Program Files (x86)\S.N.Safe&Software\Safe'n'Sec\safensec.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: SiSoftware Deployment Agent Service (SandraAgentSrv) - SiSoftware - C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2009.SP2\RpcAgentSrv.exe
O23 - Service: @%SystemRoot%\system32\SLsvc.exe,-101 (slsvc) - Unknown owner - C:\Windows\system32\SLsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 10021 bytes

Code

Sophos Anti-Rootkit Version 1.5.4 (data 1.08)  (c) 2009 Sophos Plc
Started logging on 27.11.2010 at 08:55:07
User "SteelSeries" on computer "STEELSERIES-PC"
Windows version 5.1 SP 2.0 Service Pack 2 build 2600 SM=0x100 PT=0x1 WOW64
Info:    Starting registry scan.
Hidden:    registry item \HKEY_LOCAL_MACHINE\SAM\SAM\C
Hidden:    registry item \HKEY_LOCAL_MACHINE\SAM\SAM\ServerDomainUpdates
Hidden:    registry item \HKEY_LOCAL_MACHINE\SAM\SAM\Domains
Hidden:    registry item \HKEY_LOCAL_MACHINE\SAM\SAM\RXACT
Hidden:    registry item \HKEY_LOCAL_MACHINE\SECURITY\Policy
Hidden:    registry item \HKEY_LOCAL_MACHINE\SECURITY\RXACT
Hidden:    registry item \HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Lsa\Audit\AuditPolicy\AuditPolicySD
Hidden:    registry item \HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04
Hidden:    registry item \HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC
Hidden:    registry item \HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\Lsa\Audit\AuditPolicy\AuditPolicySD
Hidden:    registry item \HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04
Hidden:    registry item \HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC
Info:    Starting disk scan of C: (NTFS).
Hidden:    file C:\Users\SteelSeries\Desktop\PS2\Big.Stan.Kleiner.Arsch.ganz.gross.German.2007.AC3.DVDRip.XviD-QoM\SpongeBob.Schwammkopf.Was.Bob.Wo.Kopf.GERMAN.2009.DVDRiP.XviD-HACO\SpongeBob.Schwammkopf.Was.Bob.Wo.Kopf.GERMAN.2009.DVDRiP.XviD-HACO\haco-wasbobwokopf-xvid.avi
Hidden:    file C:\Users\SteelSeries\Desktop\PS2\Big.Stan.Kleiner.Arsch.ganz.gross.German.2007.AC3.DVDRip.XviD-QoM\SpongeBob.Schwammkopf.Was.Bob.Wo.Kopf.GERMAN.2009.DVDRiP.XviD-HACO\SpongeBob.Schwammkopf.Was.Bob.Wo.Kopf.GERMAN.2009.DVDRiP.XviD-HACO\haco-wasbobwokopf-xvid.nfo
Hidden:    file C:\Users\SteelSeries\Desktop\PS2\Big.Stan.Kleiner.Arsch.ganz.gross.German.2007.AC3.DVDRip.XviD-QoM\SpongeBob.Schwammkopf.Was.Bob.Wo.Kopf.GERMAN.2009.DVDRiP.XviD-HACO\SpongeBob.Schwammkopf.Was.Bob.Wo.Kopf.GERMAN.2009.DVDRiP.XviD-HACO\Kino.to - Best German Online Movies Platform.url
Hidden:    file C:\Users\SteelSeries\Desktop\PS2\Big.Stan.Kleiner.Arsch.ganz.gross.German.2007.AC3.DVDRip.XviD-QoM\SpongeBob.Schwammkopf.Was.Bob.Wo.Kopf.GERMAN.2009.DVDRiP.XviD-HACO\SpongeBob.Schwammkopf.Was.Bob.Wo.Kopf.GERMAN.2009.DVDRiP.XviD-HACO\Kostenloser_Usenetzugang.rar
Info:    Starting disk scan of D: (NTFS).
Info:    Starting disk scan of E: (NTFS).
Stopped logging on 27.11.2010 at 09:37:08

#2 Hallo und herzlich Willkommen auf Protecus.de

Um ein infiziertes System zu bereinigen bedarf es neben Zeit auch die Beachtung folgender Punkte:

• Halte Dich an die Anweisungen des jeweiligen Helfers.
• Falls Du externen Speichermedien (USB Sticks, Festplatten) hast, dann schliesse die vor der Reinigung an.
• Während der Reinigung solltest Du weder Programme installieren noch deinstallieren, welche nicht ausdrücklich verlangt werden.
• Bitte arbeite jeden Schritt der Reihe nach ab.
• Falls bei einem Schritt Probleme auftauchen, poste was du bereits hast und melde Dich mit dem Problembeschreiben.


• Die Bereinigung ist erst beendet wenn der jeweilige Helfer das OK gibt.
• Wenn die Kiste wieder flott läuft heisst das nicht, dass das Sytem auch sauber ist.
• Bei geschäftlich genutzten Rechner sollte der zuständige IT Verantwortliche beigezogen werden.
• Ein Support unsererseits kann unter Umständen bei einem Firmenrechner abgelehnt werden.
• Bei illegaler Software besteht die Möglichkeit, dass der Support eingestellt wird.
• Jegliche Cracks oder Keygens werden weder gefördert noch akzeptiert.
• Bei stark infizierten Systemen vorallem wenn Backdoors oder Rootkits involviert sind kann es vorkommen, dass ein Helfer zum Neuaufsetzen rät.
• In letzter Instanz ist dann immer der User welcher entscheidet.


Vista und Win7 User:
Alle Programme und Tools, die wir anordnen, immer mit Rechtsklick und Als Administrator ausführen.

Schritt 1

Ich sehe hier ein Problem:

Zitat

Hidden: file C:\Users\SteelSeries\Desktop\PS2\Big.Stan.Kleiner.Arsch.ganz.gross.German.2007.AC3.DVDRip.XviD-QoM\SpongeBob.Schwammkopf.Was.Bob.Wo.Kopf.GERMAN.2009.DVDRiP.XviD-HACO\SpongeBob.Schwammkopf.Was.Bob.Wo.Kopf.GERMAN.2009.DVDRiP.XviD-HACO\haco-wasbobwokopf-xvid.avi
Hidden: file C:\Users\SteelSeries\Desktop\PS2\Big.Stan.Kleiner.Arsch.ganz.gross.German.2007.AC3.DVDRip.XviD-QoM\SpongeBob.Schwammkopf.Was.Bob.Wo.Kopf.GERMAN.2009.DVDRiP.XviD-HACO\SpongeBob.Schwammkopf.Was.Bob.Wo.Kopf.GERMAN.2009.DVDRiP.XviD-HACO\haco-wasbobwokopf-xvid.nfo
Hidden: file C:\Users\SteelSeries\Desktop\PS2\Big.Stan.Kleiner.Arsch.ganz.gross.German.2007.AC3.DVDRip.XviD-QoM\SpongeBob.Schwammkopf.Was.Bob.Wo.Kopf.GERMAN.2009.DVDRiP.XviD-HACO\SpongeBob.Schwammkopf.Was.Bob.Wo.Kopf.GERMAN.2009.DVDRiP.XviD-HACO\Kino.to - Best German Online Movies Platform.url
Hidden: file C:\Users\SteelSeries\Desktop\PS2\Big.Stan.Kleiner.Arsch.ganz.gross.German.2007.AC3.DVDRip.XviD-QoM\SpongeBob.Schwammkopf.Was.Bob.Wo.Kopf.GERMAN.2009.DVDRiP.XviD-HACO\SpongeBob.Schwammkopf.Was.Bob.Wo.Kopf.GERMAN.2009.DVDRiP.XviD-HACO\Kostenloser_Usenetzugang.rar

Ich frage jetzt nicht aus welcher SICHEREN Quelle die sind.... aber entferne sie falls es nicht so ist.

Schritt 2

Bereinigung mit Malwarebytes' Anti-Malware (Vollständiger Suchlauf)

Lade Malwarebytes Anti-Malware (ca. 2 MB) von diesem Downloadspiegel herunter:

Malwarebytes


* Anwendbar auf Windows 2000, XP, Vista und Windows 7.
* Installiere das Programm in den vorgegebenen Pfad.
* Denke daran, bei Vista das Programm als Admin zu starten, ansonsten per Doppelklick starten.
* Lasse es online updaten (Reiter Updates), sofern sich das Programm bereits auf dem Rechner befand.
* Aktiviere "Komplett Scan durchführen" => Scan.
* Wähle alle verfügbaren Laufwerke aus und starte den Scan.
* Wenn der Scan beendet ist, klicke auf "Zeige Resultate".
* Bei Funden in C:\System Volume Information den Haken entfernen.
Ansonsten wird dieser Systemwiederherstellungspunkt nicht mehr funktionieren.
Er könnte jedoch trotz Malware noch gebraucht werden.
* Versichere Dich, dass ansonsten alle Funde markiert sind und drücke "Löschen".
* Poste das Logfile, welches sich in Notepad öffnet, hier in den Thread.
* Nachträglich kannst du den Bericht unter "Scan-Berichte" finden.
* Berichte, wie der Rechner nun läuft.