| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: als startseite erscheint "http://www.searchqu.com/410"Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
05.01.2012, 19:30
| #1 |
 |  als startseite erscheint "http://www.searchqu.com/410" Hallo, wer kann mir helfen, bei mir erscheint seit gestern die o.G. Startseite und ich kann diese toolbar leider nirgends entfernen. ich arbite mit einem xp rechner sp3 und norten 360 online, TuneUp2012 habe ich auch schon geladen was kann ich tun, außer das ich schon mal OTL.exe wie in einem anderen Tread beschrieben ausgeführt habe. hier die logfiles OTL Logfile: Code:
ATTFilter OTL logfile created on: 05.01.2012 19:57:08 - Run 1 OTL by OldTimer - Version 3.2.31.0 Folder = C:\Dokumente und Einstellungen\pechulri\Desktop Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 2,97 Gb Total Physical Memory | 1,90 Gb Available Physical Memory | 63,89% Memory free 4,81 Gb Paging File | 3,29 Gb Available in Paging File | 68,37% Paging File free Paging file location(s): C:\pagefile.sys 2046 4092 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme Drive C: | 48,83 Gb Total Space | 17,00 Gb Free Space | 34,81% Space Free | Partition Type: NTFS Drive E: | 78,12 Gb Total Space | 62,45 Gb Free Space | 79,94% Space Free | Partition Type: NTFS Drive F: | 58,59 Gb Total Space | 19,53 Gb Free Space | 33,33% Space Free | Partition Type: NTFS Computer Name: ULRICH | User Name: pechulri | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - C:\Dokumente und Einstellungen\pechulri\Desktop\OTL.exe (OldTimer Tools) PRC - C:\Programme\Samsung\Kies\KiesTrayAgent.exe (Samsung Electronics Co., Ltd.) PRC - C:\Programme\Mozilla Firefox\firefox.exe (Mozilla Corporation) PRC - C:\Programme\TuneUp Utilities 2012\TuneUpUtilitiesApp32.exe (TuneUp Software) PRC - C:\Programme\TuneUp Utilities 2012\TuneUpUtilitiesService32.exe (TuneUp Software) PRC - C:\Dokumente und Einstellungen\pechulri\Lokale Einstellungen\Anwendungsdaten\Google\Google Talk Plugin\googletalkplugin.exe (Google) PRC - C:\Programme\Windows Searchqu Toolbar\Datamngr\datamngrUI.exe (Bandoo Media, inc) PRC - C:\Programme\Lenovo\VIRTSCRL\virtscrl.exe (Lenovo Group Limited) PRC - C:\Programme\Lenovo\HOTKEY\TPONSCR.exe (Lenovo Group Limited) PRC - C:\Dokumente und Einstellungen\pechulri\Lokale Einstellungen\Apps\2.0\WTBCN0WA.29T\K0P5W9YZ.2EC\frit..tion_8488884cfbcefd60_0002.0002_8541bf1f4a1c673d\fritzbox-usb-fernanschluss.exe (AVM Berlin) PRC - c:\Programme\Lenovo\System Update\SUService.exe (Lenovo Group Limited) PRC - C:\Programme\Lenovo\HOTKEY\LVOSDSVC.exe (Lenovo Group Limited) PRC - C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe (Sun Microsystems, Inc.) PRC - C:\Programme\Memeo\AutoSync\MemeoAutoSync.exe (Memeo Inc.) PRC - C:\Programme\Memeo\AutoBackup\InstantBackup.exe () PRC - C:\Programme\ThinkPad\Utilities\PWMEWSVC.exe () PRC - C:\Programme\ThinkPad\Utilities\SCHTASK.EXE (Lenovo Group Limited) PRC - C:\Programme\Norton 360\Engine\5.1.0.29\ccsvchst.exe (Symantec Corporation) PRC - C:\Programme\ThinkPad\ConnectUtilities\SvcGuiHlpr.exe (Lenovo ) PRC - C:\Programme\ThinkPad\ConnectUtilities\ACTray.exe (Lenovo ) PRC - C:\Programme\ThinkPad\ConnectUtilities\AcSvc.exe (Lenovo ) PRC - C:\Programme\ThinkPad\ConnectUtilities\AcPrfMgrSvc.exe (Lenovo ) PRC - C:\Programme\Lenovo\ZOOM\TpScrex.exe (Lenovo Group Limited) PRC - C:\Programme\PC Connectivity Solution\Transports\NclUSBSrv.exe (Nokia) PRC - C:\Programme\PC Connectivity Solution\Transports\NclMSBTSrv.exe (Nokia) PRC - C:\Programme\PC Connectivity Solution\ServiceLayer.exe (Nokia) PRC - C:\Programme\Lenovo\NPDIRECT\tpfnf7sp.exe (Lenovo Group Limited) PRC - C:\WINDOWS\system32\acs.exe (Atheros) PRC - C:\Programme\avmwlanstick\WLanNetService.exe (AVM Berlin) PRC - C:\Dokumente und Einstellungen\pechulri\Lokale Einstellungen\Temp\{714D0442-8AD3-4618-B628-026BA8EDD31A}\{061A431C-86E7-4DB4-92B8-36DE783865CF}\STK2135\Win2KXP\stk2135bsrv.exe () PRC - C:\Programme\Intel\WiFi\bin\EvtEng.exe (Intel(R) Corporation) PRC - C:\Programme\Intel\WiFi\bin\S24EvMon.exe (Intel(R) Corporation) PRC - C:\Programme\Gemeinsame Dateien\Intel\WirelessCommon\RegSrvc.exe (Intel(R) Corporation) PRC - C:\Programme\Lenovo\LenovoCare\LPMGR.EXE (Lenovo Group Limited) PRC - C:\Programme\Lenovo\LenovoCare\LPMLCHK.EXE (Lenovo Group Limited) PRC - C:\Programme\Gemeinsame Dateien\Lenovo\Scheduler\scheduler_proxy.exe (Lenovo Group Limited) PRC - C:\Programme\Gemeinsame Dateien\Lenovo\Scheduler\tvtsched.exe (Lenovo Group Limited) PRC - C:\Programme\Lenovo\Rescue and Recovery\rrpservice.exe () PRC - C:\Programme\Gemeinsame Dateien\Lenovo\tvt_reg_monitor_svc.exe (Lenovo Group Limited) PRC - C:\Programme\Lenovo\ATK Hotkey\LFKA.exe (Lenovo) PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation) PRC - C:\Programme\Synaptics\SynTP\SynTPLpr.exe (Synaptics, Inc.) PRC - C:\Programme\Lenovo\ATK Hotkey\LControl.exe (ATK0101) PRC - C:\Programme\Lenovo\ATK Hotkey\LFKAS.exe () PRC - C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\EPSON\EPW!3 SSRP\E_S40ST7.EXE (SEIKO EPSON CORPORATION) PRC - C:\Programme\Lenovo\ATK Hotkey\GFNEXSrv.exe () PRC - C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\EPSON\EPW!3 SSRP\E_S40RP7.EXE (SEIKO EPSON CORPORATION) PRC - C:\Programme\FRITZ!DSL\IGDCTRL.EXE (AVM Berlin) ========== Modules (No Company Name) ========== MOD - C:\Programme\Mozilla Firefox\mozjs.dll () MOD - C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll () MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Management\90b90e700e59d73d6d692cf74e1ba16e\System.Management.ni.dll () MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualBas#\24331b719aa25ac2b21099e32232840c\Microsoft.VisualBasic.ni.dll () MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\abef85f2fb8ba830eda73e2d12e8d41e\System.ServiceProcess.ni.dll () MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Web\60df958ca96c9b8945f836759b6abd34\System.Web.ni.dll () MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\36bf3d5f05a40c9e3cadca5789c8a469\System.Runtime.Remoting.ni.dll () MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Deployment\cc5ac99e8af2738e85cda5525fdd944f\System.Deployment.ni.dll () MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Configuration\bce0720436dc6cb76006377f295ea365\System.Configuration.ni.dll () MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\UIAutomationProvider\888b745ca99d39692c2e9af222e5eae8\UIAutomationProvider.ni.dll () MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Xml\70cacc44f0b4257f6037eda7a59a0aeb\System.Xml.ni.dll () MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\71a2ae9ad561a62181cbd9fb11e9de7a\System.Windows.Forms.ni.dll () MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Drawing\c10bea3c4bb7ef654651141bf9419090\System.Drawing.ni.dll () MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Data\ec323cf1df697cc0a45f67de685db90c\System.Data.ni.dll () MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\c2ebcc8d60422f224b4088f3d7a2ac1f\PresentationFramework.Luna.ni.dll () MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\478d57d96f3d8d5fc15c7ac635a4a6a1\PresentationFramework.Classic.ni.dll () MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\054488924fcc579cce9fa0209dafe28b\PresentationFramework.ni.dll () MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\PresentationCore\b2f0318713eca304eaa9d86fc17edb96\PresentationCore.ni.dll () MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\WindowsBase\1adc4ae51a5ac63e896a1402749ca495\WindowsBase.ni.dll () MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\af39f6e644af02873b9bae319f2bfb13\System.ni.dll () MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\ca87ba84221991839abbe7d4bc9c6721\mscorlib.ni.dll () MOD - C:\WINDOWS\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll () MOD - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\PDFShell.DEU () MOD - C:\Dokumente und Einstellungen\pechulri\Lokale Einstellungen\Apps\2.0\WTBCN0WA.29T\K0P5W9YZ.2EC\frit..tion_8488884cfbcefd60_0002.0002_8541bf1f4a1c673d\managedupnp.dll () MOD - C:\Programme\ASCOMP Software\Secure Eraser\SecEraser32.dll () MOD - C:\Programme\Memeo\AutoSync\providers\Memeo.Server.Providers.FileCopySyncProvider.dll () MOD - C:\Programme\Memeo\AutoSync\Memeo.Client.DriveDetection.dll () MOD - C:\Programme\Memeo\AutoSync\NamedPipes.dll () MOD - C:\Programme\Memeo\AutoBackup\de-DE\InstantBackup.resources.dll () MOD - C:\Programme\Memeo\AutoBackup\de-DE\Memeo.Client.UI.resources.dll () MOD - C:\Programme\Memeo\AutoBackup\Memeo.Client.UI.dll () MOD - C:\Programme\Memeo\AutoBackup\Memeo.Client.DriveDetection.dll () MOD - C:\Programme\Memeo\AutoBackup\InstantBackup.exe () MOD - C:\Programme\ThinkPad\Utilities\PWMEWSVC.exe () MOD - C:\Programme\ThinkPad\Utilities\DE-DE\PWMUIAux.resources.dll () MOD - C:\Programme\ThinkPad\Utilities\GR\PWRMGRRO.DLL () MOD - C:\Programme\ThinkPad\Utilities\GR\PWRMGRRT.DLL () MOD - C:\Programme\ThinkPad\ConnectUtilities\AcWrpc.dll () MOD - C:\Programme\ThinkPad\ConnectUtilities\Res\GR\GUIHlprRes.dll () MOD - C:\Programme\ThinkPad\ConnectUtilities\Res\GR\SvcHlprRes.dll () MOD - C:\Programme\Memeo\AutoSync\sqlite3.dll () MOD - C:\WINDOWS\assembly\GAC_MSIL\PresentationFramework.resources\3.0.0.0_de_31bf3856ad364e35\PresentationFramework.resources.dll () MOD - C:\WINDOWS\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll () MOD - C:\WINDOWS\assembly\GAC_MSIL\System.ServiceProcess.resources\2.0.0.0_de_b03f5f7f11d50a3a\System.ServiceProcess.resources.dll () MOD - C:\WINDOWS\assembly\GAC_MSIL\PresentationFramework\3.0.0.0__31bf3856ad364e35\PresentationFramework.dll () MOD - C:\Programme\Memeo\AutoBackup\sqlite3.dll () MOD - C:\Programme\WinRAR\RarExt.dll () MOD - C:\Dokumente und Einstellungen\pechulri\Lokale Einstellungen\Temp\{714D0442-8AD3-4618-B628-026BA8EDD31A}\{061A431C-86E7-4DB4-92B8-36DE783865CF}\STK2135\Win2KXP\stk2135bsrv.exe () MOD - C:\Programme\Intel\WiFi\bin\iWMSProv.dll () MOD - C:\Programme\Lenovo\Rescue and Recovery\rrpservice.exe () MOD - C:\Programme\Lenovo\Rescue and Recovery\CDRecord.dll () MOD - C:\Programme\Gemeinsame Dateien\Lenovo\CDRecord.dll () MOD - C:\WINDOWS\system32\msdmo.dll () MOD - C:\Programme\Lenovo\ATK Hotkey\LFKAS.exe () MOD - C:\Programme\Lenovo\ATK Hotkey\GFNEXSrv.exe () MOD - C:\Programme\Lenovo\ATK Hotkey\AGFNEX.dll () MOD - C:\WINDOWS\system32\redmonnt.dll () MOD - C:\WINDOWS\system32\pdfcmnnt.dll () ========== Win32 Services (SafeList) ========== SRV - (HidServ) -- File not found SRV - (TuneUp.UtilitiesSvc) -- C:\Programme\TuneUp Utilities 2012\TuneUpUtilitiesService32.exe (TuneUp Software) SRV - (TeamViewer6) -- C:\Programme\TeamViewer\Version6\TeamViewer_Service.exe (TeamViewer GmbH) SRV - (SUService) -- c:\Programme\Lenovo\System Update\SUService.exe (Lenovo Group Limited) SRV - (SeagateDashboardService) -- C:\Programme\Seagate\Seagate Dashboard\SeagateDashboardService.exe (Memeo) SRV - (MemeoBackgroundService) -- C:\Programme\Memeo\AutoBackup\MemeoBackgroundService.exe (Memeo) SRV - (PwmEWSvc) -- C:\Programme\ThinkPad\Utilities\PWMEWSVC.exe () SRV - (Power Manager DBC Service) -- C:\Programme\ThinkPad\Utilities\PWMDBSVC.exe () SRV - (N360) -- C:\Programme\Norton 360\Engine\5.1.0.29\ccSvcHst.exe (Symantec Corporation) SRV - (AcSvc) -- C:\Programme\ThinkPad\ConnectUtilities\AcSvc.exe (Lenovo ) SRV - (AcPrfMgrSvc) -- C:\Programme\ThinkPad\ConnectUtilities\AcPrfMgrSvc.exe (Lenovo ) SRV - (Netzmanager Service) -- C:\Programme\Netzmanager\NMInfraIS2\Netzmanager_Service.exe (Deutsche Telekom AG) SRV - (ServiceLayer) -- C:\Programme\PC Connectivity Solution\ServiceLayer.exe (Nokia) SRV - (acs) -- C:\WINDOWS\system32\acs.exe (Atheros) SRV - (AVM WLAN Connection Service) -- C:\Programme\avmwlanstick\WLanNetService.exe (AVM Berlin) SRV - (XYNTService) -- C:\Dokumente und Einstellungen\pechulri\Lokale Einstellungen\Temp\{714D0442-8AD3-4618-B628-026BA8EDD31A}\{061A431C-86E7-4DB4-92B8-36DE783865CF}\STK2135\Win2KXP\stk2135bsrv.exe () SRV - (WTGService) -- C:\Programme\Verbindungsassistent\WTGService.exe () SRV - (EvtEng) Intel(R) -- C:\Programme\Intel\WiFi\bin\EvtEng.exe (Intel(R) Corporation) SRV - (S24EventMonitor) Intel(R) -- C:\Programme\Intel\WiFi\bin\S24EvMon.exe (Intel(R) Corporation) SRV - (RegSrvc) Intel(R) -- C:\Programme\Gemeinsame Dateien\Intel\WirelessCommon\RegSrvc.exe (Intel(R) Corporation) SRV - (odserv) -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE12\ODSERV.EXE (Microsoft Corporation) SRV - (TVT Scheduler) -- C:\Programme\Gemeinsame Dateien\Lenovo\Scheduler\tvtsched.exe (Lenovo Group Limited) SRV - (TVT Backup Protection Service) -- C:\Programme\Lenovo\Rescue and Recovery\rrpservice.exe () SRV - (ThinkVantage Registry Monitor Service) -- C:\Programme\Gemeinsame Dateien\Lenovo\tvt_reg_monitor_svc.exe (Lenovo Group Limited) SRV - (LFKAS) -- C:\Programme\Lenovo\ATK Hotkey\LFKAS.exe () SRV - (EPSON_EB_RPCV4_01) EPSON V5 Service4(01) -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\EPSON\EPW!3 SSRP\E_S40ST7.EXE (SEIKO EPSON CORPORATION) SRV - (ATKGFNEXSrv) -- C:\Programme\Lenovo\ATK Hotkey\GFNEXSrv.exe () SRV - (EPSON_PM_RPCV4_01) EPSON V3 Service4(01) -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\EPSON\EPW!3 SSRP\E_S40RP7.EXE (SEIKO EPSON CORPORATION) SRV - (ose) -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE (Microsoft Corporation) SRV - (AVM IGD CTRL Service) -- C:\Programme\FRITZ!DSL\IGDCTRL.EXE (AVM Berlin) SRV - (de_serv) -- C:\Programme\Gemeinsame Dateien\AVM\De_serv.exe (AVM Berlin) SRV - (IDriverT) -- C:\Programme\Gemeinsame Dateien\InstallShield\Driver\1050\Intel 32\IDriverT.exe (Macrovision Corporation) ========== Driver Services (SafeList) ========== DRV - (TuneUpUtilitiesDrv) -- C:\Programme\TuneUp Utilities 2012\TuneUpUtilitiesDriver32.sys (TuneUp Software) DRV - (dgderdrv) -- C:\WINDOWS\system32\drivers\dgderdrv.sys (Devguru Co., Ltd) DRV - (BHDrvx86) -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\BASHDefs\20111221.003\BHDrvx86.sys (Symantec Corporation) DRV - (eeCtrl) -- C:\Programme\Gemeinsame Dateien\Symantec Shared\EENGINE\eeCtrl.sys (Symantec Corporation) DRV - (EraserUtilRebootDrv) -- C:\Programme\Gemeinsame Dateien\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys (Symantec Corporation) DRV - (IDSxpx86) -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\IPSDefs\20120104.002\IDSXpx86.sys (Symantec Corporation) DRV - (NAVEX15) -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\VirusDefs\20120104.032\NAVEX15.SYS (Symantec Corporation) DRV - (NAVENG) -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\VirusDefs\20120104.032\NAVENG.SYS (Symantec Corporation) DRV - (avmaudio) -- C:\WINDOWS\system32\drivers\avmaudio.sys (AVM Berlin) DRV - (SymEvent) -- C:\WINDOWS\system32\drivers\SYMEVENT.SYS (Symantec Corporation) DRV - (TPPWRIF) -- C:\WINDOWS\system32\drivers\TPPWRIF.SYS (Lenovo Group Limited) DRV - (IBMTPCHK) -- C:\WINDOWS\system32\drivers\IBMBLDID.sys () DRV - (ANC) -- C:\WINDOWS\system32\drivers\ANC.sys (IBM Corp.) DRV - (SymIMMP) -- C:\WINDOWS\system32\drivers\SymIM.sys (Symantec Corporation) DRV - (SymIM) -- C:\WINDOWS\system32\drivers\SymIM.sys (Symantec Corporation) DRV - (SRTSP) -- C:\WINDOWS\System32\Drivers\N360\0501000.01D\SRTSP.SYS (Symantec Corporation) DRV - (SRTSPX) Symantec Real Time Storage Protection (PEL) -- C:\WINDOWS\system32\drivers\N360\0501000.01D\SRTSPX.SYS (Symantec Corporation) DRV - (Shockprf) -- C:\WINDOWS\System32\DRIVERS\Apsx86.sys (Lenovo.) DRV - (TPDIGIMN) -- C:\WINDOWS\System32\DRIVERS\ApsHM86.sys (Lenovo.) DRV - (SYMTDI) -- C:\WINDOWS\System32\Drivers\N360\0501000.01D\SYMTDI.SYS (Symantec Corporation) DRV - (SymEFA) -- C:\WINDOWS\system32\drivers\N360\0501000.01D\SYMEFA.SYS (Symantec Corporation) DRV - (VBoxNetFlt) -- C:\WINDOWS\system32\drivers\VBoxNetFlt.sys (Oracle Corporation) DRV - (VBoxNetAdp) -- C:\WINDOWS\system32\drivers\VBoxNetAdp.sys (Oracle Corporation) DRV - (SymDS) -- C:\WINDOWS\system32\drivers\N360\0501000.01D\SYMDS.SYS (Symantec Corporation) DRV - (SymIRON) -- C:\WINDOWS\system32\drivers\N360\0501000.01D\Ironx86.SYS (Symantec Corporation) DRV - (TelekomNM3) -- C:\Programme\Netzmanager\NMInfraIS2\Driver\TelekomNM3.sys (Deutsche Telekom AG AG, Marmiko IT-Solutions GmbH) DRV - (lenovo.smi) -- C:\WINDOWS\system32\drivers\smiif32.sys (Lenovo Group Limited) DRV - (TSMAPIP) -- C:\WINDOWS\system32\drivers\TSMAPIP.SYS () DRV - (RTLE8023xp) -- C:\WINDOWS\system32\drivers\Rtenicxp.sys (Realtek Semiconductor Corporation ) DRV - (Tcpip6) -- C:\WINDOWS\system32\drivers\tcpip6.sys (Microsoft Corporation) DRV - (SipIMNDI) -- C:\WINDOWS\system32\drivers\SipIMNDI.sys (T-Systems International GmbH) DRV - (psadd) -- C:\WINDOWS\system32\drivers\psadd.sys (Lenovo (United States) Inc.) DRV - (FWLANUSB) -- C:\WINDOWS\system32\drivers\fwlanusb.sys (AVM GmbH) DRV - (avmeject) -- C:\WINDOWS\system32\drivers\avmeject.sys (AVM Berlin) DRV - (AR5416) -- C:\WINDOWS\system32\drivers\athw.sys (Atheros Communications, Inc.) DRV - (pccsmcfd) -- C:\WINDOWS\system32\drivers\pccsmcfd.sys (Nokia) DRV - (s24trans) -- C:\WINDOWS\system32\drivers\s24trans.sys (Intel Corporation) DRV - (DCamUSBGene) -- C:\WINDOWS\system32\drivers\USBSTK.sys () DRV - (hwdatacard) -- C:\WINDOWS\system32\drivers\ewusbmdm.sys (Huawei Technologies Co., Ltd.) DRV - (CnxtHdAudService) -- C:\WINDOWS\system32\drivers\CHDAU32.sys (Conexant Systems Inc.) DRV - (IntcHdmiAddService) Intel(R) -- C:\WINDOWS\system32\drivers\IntcHdmi.sys (Intel(R) Corporation) DRV - (nm) -- C:\WINDOWS\system32\drivers\nmnt.sys (Microsoft Corporation) DRV - (HSF_DPV) -- C:\WINDOWS\system32\drivers\HSF_DPV.sys (Conexant Systems, Inc.) DRV - (HSFHWAZL) -- C:\WINDOWS\system32\drivers\HSFHWAZL.sys (Conexant Systems, Inc.) DRV - (winachsf) -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys (Conexant Systems, Inc.) DRV - (rimmptsk) -- C:\WINDOWS\system32\drivers\rimmptsk.sys (REDC) DRV - (WSIMD) -- C:\WINDOWS\system32\drivers\wsimd.sys (Atheros Communications, Inc.) DRV - (MTsensor) -- C:\WINDOWS\system32\drivers\A0101X32.sys () DRV - (rismxdp) -- C:\WINDOWS\system32\drivers\rixdptsk.sys (REDC) DRV - (rimsptsk) -- C:\WINDOWS\system32\drivers\rimsptsk.sys (REDC) DRV - (ASMMAP) -- C:\Programme\Lenovo\ATK Hotkey\ASMMAP.sys () DRV - (WinUSB) -- C:\WINDOWS\system32\drivers\winusb.sys (Microsoft Corporation) DRV - (CyUsbNT) -- C:\WINDOWS\system32\drivers\CyUsbNT.sys (Cypress Semiconductor) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com/ie IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.google.com/ie IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/ IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = hxxp://www.google.com/ie IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://www.google.com/ie IE - HKCU\..\URLSearchHook: {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Programme\DVDVideoSoftTB\prxtbDVD0.dll (Conduit Ltd.) IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = fritz.box;192.168.178.1 ========== FireFox ========== FF - prefs.js..browser.search.defaultenginename: "Search Results" FF - prefs.js..browser.search.defaultthis.engineName: "Google Powered Search" FF - prefs.js..browser.search.defaulturl: "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2504091&SearchSource=3&q={searchTerms}" FF - prefs.js..browser.search.order.1: "Search Results" FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&type=827316&ilc=12" FF - prefs.js..browser.search.selectedEngine: "Google" FF - prefs.js..browser.search.useDBForOrder: true FF - prefs.js..browser.startup.homepage: "hxxp://www.searchqu.com/410" FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21 FF - prefs.js..extensions.enabledItems: foxmarks@kei.com:3.8.7 FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.3 FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0 FF - prefs.js..extensions.enabledItems: {A27F3FEF-1113-4cfb-A032-8E12D7D8EE70}:7.3.4.51 FF - prefs.js..extensions.enabledItems: {340c2bbc-ce74-4362-90b5-7c26312808ef}:1.6 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24 FF - prefs.js..extensions.enabledItems: {BBDA0591-3099-440a-AA10-41764D9DB4DB}:2.0 FF - prefs.js..extensions.enabledItems: {2D3F3651-74B9-4795-BDEC-6DA2F431CB62}:5.5 FF - prefs.js..keyword.URL: "hxxp://dts.search-results.com/sr?src=ffb&appid=0&systemid=410&sr=0&q=" FF - prefs.js..network.proxy.backup.ftp: "ISA1" FF - prefs.js..network.proxy.backup.ftp_port: 8080 FF - prefs.js..network.proxy.backup.gopher: "ISA1" FF - prefs.js..network.proxy.backup.gopher_port: 8080 FF - prefs.js..network.proxy.backup.socks: "ISA1" FF - prefs.js..network.proxy.backup.socks_port: 8080 FF - prefs.js..network.proxy.backup.ssl: "ISA1" FF - prefs.js..network.proxy.backup.ssl_port: 8080 FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll () FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Programme\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC) FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: F:\DivX\DivX Player\npDivxPlayerPlugin.dll (DivX, Inc) FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Programme\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.) FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Programme\Google\Google Earth\plugin\npgeplugin.dll (Google) FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Programme\Google\Picasa3\npPicasa3.dll (Google, Inc.) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Programme\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Programme\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Programme\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Programme\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Programme\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKCU\Software\MozillaPlugins\@facebook.com/FBPlugin,version=1.0.3: C:\Dokumente und Einstellungen\pechulri\Anwendungsdaten\Facebook\npfbplugin_1_0_3.dll ( ) FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Dokumente und Einstellungen\pechulri\Lokale Einstellungen\Anwendungsdaten\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited) FF - HKCU\Software\MozillaPlugins\@talk.google.com/GoogleTalkPlugin: C:\Dokumente und Einstellungen\pechulri\Anwendungsdaten\Mozilla\plugins\npgoogletalk.dll (Google) FF - HKCU\Software\MozillaPlugins\@talk.google.com/O3DPlugin: C:\Dokumente und Einstellungen\pechulri\Anwendungsdaten\Mozilla\plugins\npgtpo3dautoplugin.dll () FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Dokumente und Einstellungen\pechulri\Lokale Einstellungen\Anwendungsdaten\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.) FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Dokumente und Einstellungen\pechulri\Lokale Einstellungen\Anwendungsdaten\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\IPSFFPlgn\ [2011.09.27 18:31:29 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\coFFPlgn_2011_7_4_3 [2012.01.05 19:00:19 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Programme\DivX\DivX Plus Web Player\firefox\html5video [2010.12.09 20:28:24 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{6904342A-8307-11DF-A508-4AE2DFD72085}: C:\Programme\DivX\DivX Plus Web Player\firefox\wpa [2010.12.09 20:28:24 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{EB132DB0-A4CA-11DF-9732-0E29E0D72085}: C:\Programme\Object\facetheme [2011.07.11 15:21:00 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 9.0.1\extensions\\Components: C:\Programme\Mozilla Firefox\components [2011.12.22 20:06:48 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 9.0.1\extensions\\Plugins: C:\Programme\Mozilla Firefox\plugins [2011.09.16 09:11:01 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{EB132DB0-A4CA-11DF-9732-0E29E0D72085}: C:\Programme\Object\facetheme [2011.07.11 15:21:00 | 000,000,000 | ---D | M] [2012.01.02 18:16:00 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\pechulri\Anwendungsdaten\Mozilla\Extensions [2012.01.05 20:00:52 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\pechulri\Anwendungsdaten\Mozilla\Firefox\Profiles\7i2d7f7v.default\extensions [2012.01.02 18:15:55 | 000,000,000 | ---D | M] (Searchqu Toolbar) -- C:\Dokumente und Einstellungen\pechulri\Anwendungsdaten\Mozilla\Firefox\Profiles\7i2d7f7v.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7} [2011.12.31 18:34:54 | 000,000,000 | ---D | M] ("Xmarks") -- C:\Dokumente und Einstellungen\pechulri\Anwendungsdaten\Mozilla\Firefox\Profiles\7i2d7f7v.default\extensions\foxmarks@kei.com [2012.01.05 20:00:52 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\pechulri\Anwendungsdaten\Mozilla\Firefox\Profiles\7i2d7f7v.default\extensions\staged [2011.06.30 18:22:26 | 000,000,000 | ---D | M] (startup.service) -- C:\Dokumente und Einstellungen\pechulri\Anwendungsdaten\Mozilla\Firefox\Profiles\7i2d7f7v.default\extensions\startup.service@mozilla.com [2010.02.10 10:47:18 | 000,000,903 | ---- | M] () -- C:\Dokumente und Einstellungen\pechulri\Anwendungsdaten\Mozilla\Firefox\Profiles\7i2d7f7v.default\searchplugins\conduit.xml [2010.12.05 15:10:44 | 000,001,734 | ---- | M] () -- C:\Dokumente und Einstellungen\pechulri\Anwendungsdaten\Mozilla\Firefox\Profiles\7i2d7f7v.default\searchplugins\search-the-web.xml [2012.01.02 18:15:46 | 000,002,515 | ---- | M] () -- C:\Dokumente und Einstellungen\pechulri\Anwendungsdaten\Mozilla\Firefox\Profiles\7i2d7f7v.default\searchplugins\Search_Results.xml [2012.01.02 18:16:00 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions () (No name found) -- C:\DOKUMENTE UND EINSTELLUNGEN\PECHULRI\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\7I2D7F7V.DEFAULT\EXTENSIONS\{D10D0BF8-F5B5-C8B4-A8B2-2B9879E08C5D}.XPI [2011.12.22 20:06:48 | 000,121,816 | ---- | M] (Mozilla Foundation) -- C:\Programme\mozilla firefox\components\browsercomps.dll [2011.10.03 04:06:04 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Programme\mozilla firefox\plugins\npdeployJava1.dll [2011.11.05 04:38:54 | 000,001,392 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\amazondotcom-de.xml [2011.11.05 04:32:18 | 000,002,252 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\bing.xml [2011.11.05 04:38:54 | 000,001,153 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\eBay-de.xml [2011.11.05 04:38:54 | 000,006,805 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\leo_ende_de.xml [2012.01.02 18:15:46 | 000,002,515 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\Search_Results.xml [2011.11.05 04:38:54 | 000,001,178 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\wikipedia-de.xml [2011.11.05 04:38:54 | 000,001,105 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\yahoo-de.xml O1 HOSTS File: ([2001.08.18 13:00:00 | 000,000,820 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated) O2 - BHO: (Conduit Engine ) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Programme\ConduitEngine\prxConduitEngine.dll (Conduit Ltd.) O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Programme\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC) O2 - BHO: (DivX HiQ) - {593DDEC6-7468-4cdd-90E1-42DADAA222E9} - C:\Programme\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC) O2 - BHO: (Symantec NCO BHO) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Programme\Norton 360\Engine\5.1.0.29\coieplg.dll (Symantec Corporation) O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Programme\Norton 360\Engine\5.1.0.29\ips\ipsbho.dll (Symantec Corporation) O2 - BHO: (Facetheme) - {70C6E9DE-F30E-4A40-8A6F-9572C2328320} - C:\Programme\Object\bho_project.dll (InternetEngine) O2 - BHO: (DVDVideoSoftTB Toolbar) - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Programme\DVDVideoSoftTB\prxtbDVD0.dll (Conduit Ltd.) O2 - BHO: (Easy Photo Print) - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Programme\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.) O2 - BHO: (Searchqu Toolbar) - {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\Programme\Windows Searchqu Toolbar\Datamngr\ToolBar\searchqudtx.dll () O2 - BHO: (DataMngr) - {9D717F81-9148-4f12-8568-69135F087DB0} - C:\Programme\Windows Searchqu Toolbar\Datamngr\BrowserConnection.dll (Bandoo Media, inc) O2 - BHO: (FrostWire Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Programme\Ask.com\GenericAskToolbar.dll (Ask) O2 - BHO: (EpsonToolBandKicker Class) - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Programme\epson\EPSON Web-To-Page\EPSON Web-To-Page.dll (SEIKO EPSON CORPORATION) O3 - HKLM\..\Toolbar: (Conduit Engine ) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Programme\ConduitEngine\prxConduitEngine.dll (Conduit Ltd.) O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Programme\Norton 360\Engine\5.1.0.29\coieplg.dll (Symantec Corporation) O3 - HKLM\..\Toolbar: (DVDVideoSoftTB Toolbar) - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Programme\DVDVideoSoftTB\prxtbDVD0.dll (Conduit Ltd.) O3 - HKLM\..\Toolbar: (Easy Photo Print) - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Programme\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.) O3 - HKLM\..\Toolbar: (Searchqu Toolbar) - {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\Programme\Windows Searchqu Toolbar\Datamngr\ToolBar\searchqudtx.dll () O3 - HKLM\..\Toolbar: (FrostWire Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Programme\Ask.com\GenericAskToolbar.dll (Ask) O3 - HKLM\..\Toolbar: (EPSON Web-To-Page) - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Programme\epson\EPSON Web-To-Page\EPSON Web-To-Page.dll (SEIKO EPSON CORPORATION) O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found. O3 - HKCU\..\Toolbar\WebBrowser: (Conduit Engine ) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Programme\ConduitEngine\prxConduitEngine.dll (Conduit Ltd.) O3 - HKCU\..\Toolbar\WebBrowser: (DVDVideoSoftTB Toolbar) - {872B5B88-9DB5-4310-BDD0-AC189557E5F5} - C:\Programme\DVDVideoSoftTB\prxtbDVD0.dll (Conduit Ltd.) O3 - HKCU\..\Toolbar\WebBrowser: (FrostWire Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Programme\Ask.com\GenericAskToolbar.dll (Ask) O3 - HKCU\..\Toolbar\WebBrowser: (EPSON Web-To-Page) - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Programme\epson\EPSON Web-To-Page\EPSON Web-To-Page.dll (SEIKO EPSON CORPORATION) O4 - HKLM..\Run: [ACTray] C:\Programme\ThinkPad\ConnectUtilities\ACTray.exe (Lenovo ) O4 - HKLM..\Run: [Adobe ARM] C:\Programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [BluetoothAuthenticationAgent] C:\WINDOWS\System32\bthprops.cpl (Microsoft Corporation) O4 - HKLM..\Run: [DATAMNGR] C:\Programme\Windows Searchqu Toolbar\Datamngr\datamngrUI.exe (Bandoo Media, inc) O4 - HKLM..\Run: [KiesTrayAgent] C:\Programme\Samsung\Kies\KiesTrayAgent.exe (Samsung Electronics Co., Ltd.) O4 - HKLM..\Run: [LCONTROL] C:\Programme\Lenovo\ATK Hotkey\LCONTROL.exe (ATK0101) O4 - HKLM..\Run: [LenovoAutoScrollUtility] C:\Programme\Lenovo\VIRTSCRL\virtscrl.exe (Lenovo Group Limited) O4 - HKLM..\Run: [LFKA] C:\Programme\Lenovo\ATK Hotkey\LFKA.exe (Lenovo) O4 - HKLM..\Run: [LPMailChecker] C:\Programme\Lenovo\LenovoCare\LPMLCHK.EXE (Lenovo Group Limited) O4 - HKLM..\Run: [LPManager] C:\Programme\Lenovo\LenovoCare\LPMGR.EXE (Lenovo Group Limited) O4 - HKLM..\Run: [Memeo AutoSync] C:\Programme\Memeo\AutoSync\MemeoLauncher2.exe (Memeo Inc.) O4 - HKLM..\Run: [Memeo Instant Backup] C:\Programme\Memeo\AutoBackup\MemeoLauncher2.exe (Memeo Inc.) O4 - HKLM..\Run: [PWRMGRTR] C:\Programme\ThinkPad\Utilities\PWRMGRTR.DLL (Lenovo Group Limited) O4 - HKLM..\Run: [Seagate Dashboard] C:\Programme\Seagate\Seagate Dashboard\MemeoLauncher.exe () O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe (Sun Microsystems, Inc.) O4 - HKLM..\Run: [SynTPLpr] C:\Programme\Synaptics\SynTP\SynTPLpr.exe (Synaptics, Inc.) O4 - HKLM..\Run: [TPFNF7] C:\Programme\Lenovo\NPDIRECT\TPFNF7SP.exe (Lenovo Group Limited) O4 - HKLM..\Run: [TPHOTKEY] C:\Programme\Lenovo\HOTKEY\LVOSDSVC.exe (Lenovo Group Limited) O4 - HKLM..\Run: [TVT Scheduler Proxy] C:\Programme\Gemeinsame Dateien\Lenovo\Scheduler\scheduler_proxy.exe (Lenovo Group Limited) O4 - HKCU..\Run: [AVMUSBFernanschluss] C:\Dokumente und Einstellungen\pechulri\Lokale Einstellungen\Apps\2.0\WTBCN0WA.29T\K0P5W9YZ.2EC\frit..tion_8488884cfbcefd60_0002.0002_8541bf1f4a1c673d\AVMAutoStart.exe (AVM Berlin) O4 - HKCU..\Run: [EPSON BX300F Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIEJE.EXE (SEIKO EPSON CORPORATION) O4 - HKCU..\Run: [Facebook Update] C:\Dokumente und Einstellungen\pechulri\Lokale Einstellungen\Anwendungsdaten\Facebook\Update\FacebookUpdate.exe (Facebook Inc.) O4 - HKCU..\Run: [KiesHelper] C:\Programme\Samsung\Kies\KiesHelper.exe /s File not found O4 - HKCU..\Run: [KiesPDLR] C:\Programme\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe () O4 - HKCU..\Run: [PCSpeedUp] C:\Programme\PC Beschleunigen\PCSpeedUp.lnk () O4 - HKCU..\Run: [PureSync] C:\Programme\PureSync\PureSyncTray.exe (Jumping Bytes) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 91 00 00 00 [binary data] O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\WINDOWS\System32\GPhotos.scr (Google Inc.) O9 - Extra Button: ICQ7 - {88EB38EF-4D2C-436D-ABD3-56B232674062} - C:\Programme\ICQ7.0\ICQ.exe (ICQ, LLC.) O9 - Extra 'Tools' menuitem : ICQ7 - {88EB38EF-4D2C-436D-ABD3-56B232674062} - C:\Programme\ICQ7.0\ICQ.exe (ICQ, LLC.) O15 - HKCU\..Trusted Domains: fritz.box ([]* in Lokales Intranet) O15 - HKCU\..Trusted Ranges: Range1 ([*] in Lokales Intranet) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29) O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Reg Error: Key error.) O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{E6FA917A-EB5A-4E60-A07D-BF037F929FA0}: DhcpNameServer = 192.168.178.1 O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Help\hxds.dll (Microsoft Corporation) O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Gemeinsame Dateien\Skype\Skype4COM.dll (Skype Technologies) O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O20 - AppInit_DLLs: (C:\PROGRA~1\WI9130~1\Datamngr\datamngr.dll) -C:\Programme\Windows Searchqu Toolbar\Datamngr\datamngr.dll (Bandoo Media, inc) O20 - AppInit_DLLs: (C:\PROGRA~1\WI9130~1\Datamngr\IEBHO.dll) -C:\Programme\Windows Searchqu Toolbar\Datamngr\IEBHO.dll (Bandoo Media, inc) O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\WINDOWS\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) -C:\WINDOWS\system32\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: GinaDLL - (tvt_gina.dll) -C:\WINDOWS\System32\tvt_gina.dll (Lenovo) O20 - Winlogon\Notify\ACNotify: DllName - (ACNotify.dll) - C:\Programme\ThinkPad\ConnectUtilities\ACNotify.dll (Lenovo ) O20 - Winlogon\Notify\tphotkey: DllName - (C:\Programme\Lenovo\HOTKEY\tphklock.dll) - C:\Programme\Lenovo\HOTKEY\tphklock.dll (Lenovo Group Limited) O24 - Desktop Components:0 (Die derzeitige Homepage) - About:Home O24 - Desktop WallPaper: C:\Dokumente und Einstellungen\pechulri\Lokale Einstellungen\Anwendungsdaten\Microsoft\Wallpaper1.bmp O24 - Desktop BackupWallPaper: C:\Dokumente und Einstellungen\pechulri\Lokale Einstellungen\Anwendungsdaten\Microsoft\Wallpaper1.bmp O27 - HKLM IFEO\AcroRd32.exe: Debugger - C:\Programme\TuneUp Utilities 2012\TUAutoReactivator32.exe (TuneUp Software) O27 - HKLM IFEO\excel.exe: Debugger - C:\Programme\TuneUp Utilities 2012\TUAutoReactivator32.exe (TuneUp Software) O27 - HKLM IFEO\googleearth.exe: Debugger - C:\Programme\TuneUp Utilities 2012\TUAutoReactivator32.exe (TuneUp Software) O27 - HKLM IFEO\infopath.exe: Debugger - C:\Programme\TuneUp Utilities 2012\TUAutoReactivator32.exe (TuneUp Software) O27 - HKLM IFEO\kies.exe: Debugger - C:\Programme\TuneUp Utilities 2012\TUAutoReactivator32.exe (TuneUp Software) O27 - HKLM IFEO\memeolauncher.exe: Debugger - C:\Programme\TuneUp Utilities 2012\TUAutoReactivator32.exe (TuneUp Software) O27 - HKLM IFEO\memeolauncher2.exe: Debugger - C:\Programme\TuneUp Utilities 2012\TUAutoReactivator32.exe (TuneUp Software) O27 - HKLM IFEO\msaccess.exe: Debugger - C:\Programme\TuneUp Utilities 2012\TUAutoReactivator32.exe (TuneUp Software) O27 - HKLM IFEO\msoxmled.exe: Debugger - C:\Programme\TuneUp Utilities 2012\TUAutoReactivator32.exe (TuneUp Software) O27 - HKLM IFEO\mspub.exe: Debugger - C:\Programme\TuneUp Utilities 2012\TUAutoReactivator32.exe (TuneUp Software) O27 - HKLM IFEO\mstore.exe: Debugger - C:\Programme\TuneUp Utilities 2012\TUAutoReactivator32.exe (TuneUp Software) O27 - HKLM IFEO\netzmanager.exe: Debugger - C:\Programme\TuneUp Utilities 2012\TUAutoReactivator32.exe (TuneUp Software) O27 - HKLM IFEO\onenote.exe: Debugger - C:\Programme\TuneUp Utilities 2012\TUAutoReactivator32.exe (TuneUp Software) O27 - HKLM IFEO\outlook.exe: Debugger - C:\Programme\TuneUp Utilities 2012\TUAutoReactivator32.exe (TuneUp Software) O27 - HKLM IFEO\powerpnt.exe: Debugger - C:\Programme\TuneUp Utilities 2012\TUAutoReactivator32.exe (TuneUp Software) O27 - HKLM IFEO\setup.exe: Debugger - C:\Programme\TuneUp Utilities 2012\TUAutoReactivator32.exe (TuneUp Software) O27 - HKLM IFEO\teamviewer.exe: Debugger - C:\Programme\TuneUp Utilities 2012\TUAutoReactivator32.exe (TuneUp Software) O27 - HKLM IFEO\uninstall.exe: Debugger - C:\Programme\TuneUp Utilities 2012\TUAutoReactivator32.exe (TuneUp Software) O27 - HKLM IFEO\uninstaller.exe: Debugger - C:\Programme\TuneUp Utilities 2012\TUAutoReactivator32.exe (TuneUp Software) O27 - HKLM IFEO\verbindungsassistent.exe: Debugger - C:\Programme\TuneUp Utilities 2012\TUAutoReactivator32.exe (TuneUp Software) O27 - HKLM IFEO\winword.exe: Debugger - C:\Programme\TuneUp Utilities 2012\TUAutoReactivator32.exe (TuneUp Software) O28 - HKLM ShellExecuteHooks: {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Programme\Windows Desktop Search\MsnlNamespaceMgr.dll (Microsoft Corporation) O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2009.09.17 13:25:08 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O32 - AutoRun File - [2011.11.25 15:10:57 | 000,794,934 | ---- | M] () - E:\auto.bmp -- [ NTFS ] O33 - MountPoints2\{8a12dd56-a3b5-11de-8fd0-cba0c9afc99d}\Shell - "" = AutoRun O33 - MountPoints2\{8a12dd56-a3b5-11de-8fd0-cba0c9afc99d}\Shell\AutoRun - "" = Auto&Play O33 - MountPoints2\{8a12dd56-a3b5-11de-8fd0-cba0c9afc99d}\Shell\AutoRun\command - "" = G:\AutoRun.exe O33 - MountPoints2\{b91b72eb-9853-11e0-93b3-002556cd848b}\Shell - "" = AutoRun O33 - MountPoints2\{b91b72eb-9853-11e0-93b3-002556cd848b}\Shell\AutoRun - "" = Auto&Play O33 - MountPoints2\{b91b72eb-9853-11e0-93b3-002556cd848b}\Shell\AutoRun\command - "" = G:\AutoRun.exe O33 - MountPoints2\{b91b72ec-9853-11e0-93b3-002556cd848b}\Shell - "" = AutoRun O33 - MountPoints2\{b91b72ec-9853-11e0-93b3-002556cd848b}\Shell\AutoRun - "" = Auto&Play O33 - MountPoints2\{b91b72ec-9853-11e0-93b3-002556cd848b}\Shell\AutoRun\command - "" = G:\AutoRun.exe O33 - MountPoints2\{d9c65741-9843-11e0-93b2-002556cd848b}\Shell - "" = AutoRun O33 - MountPoints2\{d9c65741-9843-11e0-93b2-002556cd848b}\Shell\AutoRun - "" = Auto&Play O33 - MountPoints2\{d9c65741-9843-11e0-93b2-002556cd848b}\Shell\AutoRun\command - "" = G:\AutoRun.exe O33 - MountPoints2\{d9c65744-9843-11e0-93b2-002556cd848b}\Shell - "" = AutoRun O33 - MountPoints2\{d9c65744-9843-11e0-93b2-002556cd848b}\Shell\AutoRun - "" = Auto&Play O33 - MountPoints2\{d9c65744-9843-11e0-93b2-002556cd848b}\Shell\AutoRun\command - "" = G:\AutoRun.exe O33 - MountPoints2\{e341fe76-a3a7-11de-8fcf-e38e18efe09d}\Shell - "" = AutoRun O33 - MountPoints2\{e341fe76-a3a7-11de-8fcf-e38e18efe09d}\Shell\AutoRun - "" = Auto&Play O33 - MountPoints2\{e341fe76-a3a7-11de-8fcf-e38e18efe09d}\Shell\AutoRun\command - "" = G:\AutoRun.exe O33 - MountPoints2\{ebddcb4d-c4ea-11e0-93da-002556cd848b}\Shell - "" = AutoRun O33 - MountPoints2\{ebddcb4d-c4ea-11e0-93da-002556cd848b}\Shell\AutoRun - "" = Auto&Play O33 - MountPoints2\{ebddcb4d-c4ea-11e0-93da-002556cd848b}\Shell\AutoRun\command - "" = H:\AutoRun.exe O33 - MountPoints2\{ebddcb50-c4ea-11e0-93da-002556cd848b}\Shell - "" = AutoRun O33 - MountPoints2\{ebddcb50-c4ea-11e0-93da-002556cd848b}\Shell\AutoRun - "" = Auto&Play O33 - MountPoints2\{ebddcb50-c4ea-11e0-93da-002556cd848b}\Shell\AutoRun\command - "" = G:\AutoRun.exe O33 - MountPoints2\G\Shell - "" = AutoRun O33 - MountPoints2\G\Shell\AutoRun - "" = Auto&Play O33 - MountPoints2\G\Shell\AutoRun\command - "" = G:\Setup.exe O34 - HKLM BootExecute: (autocheck autochk *) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* ========== Files/Folders - Created Within 30 Days ========== [2012.01.05 19:54:08 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Dokumente und Einstellungen\pechulri\Desktop\OTL.exe [2012.01.05 18:48:34 | 000,031,552 | ---- | C] (TuneUp Software) -- C:\WINDOWS\System32\TURegOpt.exe [2012.01.05 18:48:25 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\TuneUp Utilities 2012 [2012.01.05 18:48:00 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\pechulri\Anwendungsdaten\TuneUp Software [2012.01.05 18:47:50 | 000,000,000 | ---D | C] -- C:\Programme\TuneUp Utilities 2012 [2012.01.05 18:47:33 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TuneUp Software [2012.01.05 18:47:25 | 000,000,000 | -HSD | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\{32364CEA-7855-4A3C-B674-53D8E9B97936} [2012.01.05 18:36:18 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\pechulri\Anwendungsdaten\searchquband [2012.01.05 18:36:18 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\pechulri\AppData [2012.01.03 16:55:47 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\boost_interprocess [2012.01.02 18:24:21 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Jodix [2012.01.02 18:24:21 | 000,000,000 | ---D | C] -- C:\Programme\Free WMA to MP3 Converter [2012.01.02 18:15:54 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\pechulri\Anwendungsdaten\searchqutoolbar [2012.01.02 18:15:46 | 000,000,000 | ---D | C] -- C:\Programme\Windows Searchqu Toolbar [2012.01.02 18:15:43 | 000,164,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\COMCT232.OCX [2012.01.02 18:15:39 | 002,084,864 | ---- | C] (NCT Company Ltd.) -- C:\WINDOWS\System32\AudDesign.dll [2012.01.02 18:15:39 | 001,986,560 | ---- | C] (NCT Company Ltd.) -- C:\WINDOWS\System32\AudFile.dll [2012.01.02 18:15:39 | 001,212,416 | ---- | C] (NCT Company Ltd.) -- C:\WINDOWS\System32\AudioInfos.dll [2012.01.02 18:15:39 | 000,479,232 | ---- | C] (NCT Company Ltd.) -- C:\WINDOWS\System32\AudioVisu.dll [2012.01.02 18:15:39 | 000,458,752 | ---- | C] (NCT Company Ltd.) -- C:\WINDOWS\System32\AudPlayer.dll [2012.01.02 18:15:39 | 000,454,656 | ---- | C] (NCT Company Ltd.) -- C:\WINDOWS\System32\AudioRecord.dll [2012.01.02 18:15:39 | 000,417,792 | ---- | C] (NCT Company Ltd.) -- C:\WINDOWS\System32\AudDisplay.dll [2012.01.02 18:15:39 | 000,348,160 | ---- | C] (NCT Company Ltd.) -- C:\WINDOWS\System32\WMAFile.dll [2012.01.02 18:15:39 | 000,119,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\VB6FR.DLL [2012.01.02 18:15:39 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\inetfr.DLL [2012.01.02 18:15:38 | 000,141,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\MSCMCFR.DLL [2012.01.02 18:15:38 | 000,059,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\Mscc2fr.dll [2012.01.02 18:15:38 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\CMDLGFR.DLL [2012.01.02 18:15:38 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\TABCTFR.DLL [2012.01.02 18:15:38 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\pechulri\Anwendungsdaten\FreeAudioPack [2012.01.02 18:15:38 | 000,000,000 | ---D | C] -- C:\Programme\Free mp3 Wma Converter [2012.01.02 17:07:42 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\System32 [2011.12.18 11:43:22 | 000,000,000 | ---D | C] -- C:\PH-1003 EE SW [2011.12.16 15:28:33 | 000,000,000 | ---D | C] -- C:\Programme\PureSync [2011.12.16 15:28:33 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\PureSync [2011.12.16 15:28:33 | 000,000,000 | ---D | C] -- C:\Programme\Gemeinsame Dateien\Jumping Bytes [2011.12.14 19:44:46 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\pechulri\Anwendungsdaten\Temp [2011.12.14 18:30:05 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\pechulri\Lokale Einstellungen\Anwendungsdaten\Samsung [2011.12.14 18:29:52 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\pechulri\Anwendungsdaten\Samsung [2011.12.14 18:29:51 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\pechulri\Eigene Dateien\samsung [2011.12.14 18:25:31 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Samsung [2011.12.14 18:25:24 | 004,659,712 | ---- | C] (Dmitry Streblechenko) -- C:\WINDOWS\System32\Redemption.dll [2011.12.14 18:24:59 | 000,000,000 | ---D | C] -- C:\Programme\MarkAny [2011.12.14 18:24:58 | 000,821,824 | ---- | C] (Devguru Co., Ltd.) -- C:\WINDOWS\System32\dgderapi.dll [2011.12.14 18:24:58 | 000,020,032 | ---- | C] (Devguru Co., Ltd) -- C:\WINDOWS\System32\drivers\dgderdrv.sys [2011.12.14 18:23:44 | 000,000,000 | ---D | C] -- C:\Programme\Samsung [2011.12.14 18:23:44 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Samsung [2011.12.10 18:50:17 | 000,000,000 | ---D | C] -- C:\WINDOWS\Minidump [2011.12.10 12:44:54 | 000,000,000 | ---D | C] -- C:\Ubuntu [2011.12.09 18:41:57 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\pechulri\VirtualBox VMs [2011.12.09 18:03:09 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\MemeoCommon [2011.12.09 18:00:45 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\pechulri\Anwendungsdaten\Memeo [2011.12.09 18:00:26 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\pechulri\Anwendungsdaten\Seagate [2011.12.09 18:00:26 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\LocalService\Anwendungsdaten\Seagate [2011.12.09 18:00:22 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Seagate Dashboard [2011.12.09 17:59:23 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\Anwendungsdaten\ServiceTest [2011.12.09 17:59:20 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Memeo [2011.12.09 17:59:16 | 000,000,000 | ---D | C] -- C:\Programme\Gemeinsame Dateien\Memeo [2011.12.09 17:59:09 | 000,000,000 | ---D | C] -- C:\Programme\Memeo [2011.12.09 17:58:10 | 000,000,000 | ---D | C] -- C:\Programme\Seagate [7 C:\WINDOWS\System32\dllcache\*.tmp files -> C:\WINDOWS\System32\dllcache\*.tmp -> ] [42 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] [4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2012.01.05 19:54:08 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Dokumente und Einstellungen\pechulri\Desktop\OTL.exe [2012.01.05 19:21:00 | 000,001,094 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job [2012.01.05 19:08:54 | 000,001,030 | ---- | M] () -- C:\WINDOWS\tasks\FacebookUpdateTaskUserS-1-5-21-1659004503-1604221776-725345543-1003UA.job [2012.01.05 19:08:54 | 000,001,008 | ---- | M] () -- C:\WINDOWS\tasks\FacebookUpdateTaskUserS-1-5-21-1659004503-1604221776-725345543-1003Core.job [2012.01.05 19:08:52 | 000,001,222 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1659004503-1604221776-725345543-1003UA.job [2012.01.05 19:08:52 | 000,001,170 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1659004503-1604221776-725345543-1003Core.job [2012.01.05 19:08:18 | 000,000,232 | ---- | M] () -- C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job [2012.01.05 19:02:05 | 000,000,306 | ---- | M] () -- C:\WINDOWS\tasks\PMTask.job [2012.01.05 19:01:21 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2012.01.05 19:01:18 | 000,001,090 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job [2012.01.05 18:59:37 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2012.01.05 18:58:23 | 000,555,706 | ---- | M] () -- C:\WINDOWS\System32\perfh007.dat [2012.01.05 18:58:23 | 000,505,182 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat [2012.01.05 18:58:23 | 000,116,876 | ---- | M] () -- C:\WINDOWS\System32\perfc007.dat [2012.01.05 18:58:23 | 000,089,028 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat [2012.01.05 18:48:30 | 000,001,763 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\TuneUp 1-Klick-Wartung.lnk [2012.01.05 18:48:30 | 000,001,759 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\TuneUp Utilities 2012.lnk [2012.01.05 18:36:18 | 000,000,450 | ---- | M] () -- C:\WINDOWS\tasks\SystemToolsDailyTest.job [2012.01.04 20:58:04 | 000,002,503 | ---- | M] () -- C:\Dokumente und Einstellungen\pechulri\Desktop\Microsoft Office Word 2007.lnk [2012.01.04 20:48:30 | 000,084,992 | ---- | M] () -- C:\Dokumente und Einstellungen\pechulri\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2012.01.03 19:09:49 | 000,002,505 | ---- | M] () -- C:\Dokumente und Einstellungen\pechulri\Desktop\Microsoft Office Excel 2007.lnk [2012.01.02 18:24:21 | 000,000,792 | ---- | M] () -- C:\Dokumente und Einstellungen\pechulri\Desktop\Jodix Free WMA to MP3 Converter.lnk [2011.12.26 11:37:04 | 000,000,512 | ---- | M] () -- C:\WINDOWS\tasks\PCDoctorBackgroundMonitorTask.job [2011.12.19 21:07:07 | 000,001,324 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat [2011.12.17 22:43:10 | 000,002,241 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Skype.lnk [2011.12.16 15:28:36 | 000,000,708 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\PureSync.lnk [2011.12.15 19:19:23 | 000,300,440 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2011.12.14 18:39:41 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\Msft_Kernel_WinUSB_01007.Wdf [2011.12.14 17:36:39 | 000,001,393 | ---- | M] () -- C:\WINDOWS\imsins.BAK [2011.12.14 12:23:40 | 000,031,552 | ---- | M] (TuneUp Software) -- C:\WINDOWS\System32\TURegOpt.exe [2011.12.13 17:53:26 | 000,002,652 | ---- | M] () -- C:\Dokumente und Einstellungen\pechulri\.recently-used.xbel [7 C:\WINDOWS\System32\dllcache\*.tmp files -> C:\WINDOWS\System32\dllcache\*.tmp -> ] [42 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] [4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] ========== Files Created - No Company Name ========== [2012.01.05 18:48:30 | 000,001,763 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\TuneUp 1-Klick-Wartung.lnk [2012.01.05 18:48:29 | 000,001,759 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\TuneUp Utilities 2012.lnk [2012.01.05 18:48:25 | 000,001,765 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\TuneUp Utilities 2012.lnk [2012.01.02 18:24:21 | 000,000,792 | ---- | C] () -- C:\Dokumente und Einstellungen\pechulri\Desktop\Jodix Free WMA to MP3 Converter.lnk [2012.01.02 18:15:39 | 000,116,296 | ---- | C] () -- C:\WINDOWS\System32\NCTWMAProfiles.prx [2011.12.16 15:28:35 | 000,000,708 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\PureSync.lnk [2011.12.14 22:01:19 | 000,479,838 | ---- | C] () -- C:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\Anwendungsdaten\WPFFontCache_v0400-S-1-5-21-1659004503-1604221776-725345543-1003-0.dat [2011.12.14 18:41:45 | 000,323,990 | ---- | C] () -- C:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\Anwendungsdaten\WPFFontCache_v0400-System.dat [2011.12.14 18:39:41 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\Msft_Kernel_WinUSB_01007.Wdf [2011.12.13 17:53:26 | 000,002,652 | ---- | C] () -- C:\Dokumente und Einstellungen\pechulri\.recently-used.xbel [2011.11.29 16:38:18 | 000,030,568 | ---- | C] () -- C:\WINDOWS\MusiccityDownload.exe [2011.11.29 16:38:12 | 000,974,848 | ---- | C] () -- C:\WINDOWS\System32\cis-2.4.dll [2011.11.29 16:38:12 | 000,081,920 | ---- | C] () -- C:\WINDOWS\System32\issacapi_bs-2.3.dll [2011.11.29 16:38:12 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\issacapi_pe-2.3.dll [2011.11.29 16:38:12 | 000,057,344 | ---- | C] () -- C:\WINDOWS\System32\issacapi_se-2.3.dll [2011.09.21 22:34:56 | 001,313,528 | ---- | C] () -- C:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\Anwendungsdaten\FontCache3.0.0.0.dat [2011.09.05 20:20:16 | 000,116,224 | ---- | C] () -- C:\WINDOWS\System32\pdfcmnnt.dll [2011.07.11 15:37:14 | 000,000,040 | -HS- | C] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\.zreglib [2011.06.29 18:24:34 | 000,962,560 | ---- | C] () -- C:\WINDOWS\tesseract.exe [2011.05.12 18:42:22 | 000,000,057 | ---- | C] () -- C:\WINDOWS\DcmLtbox-WS.ini [2010.05.23 21:17:04 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\CommonDL.dll [2010.05.23 21:17:04 | 000,002,413 | ---- | C] () -- C:\WINDOWS\System32\lgAxconfig.ini [2010.03.09 16:39:19 | 000,000,425 | ---- | C] () -- C:\WINDOWS\BRWMARK.INI [2010.03.09 16:39:19 | 000,000,027 | ---- | C] () -- C:\WINDOWS\BRPP2KA.INI [2010.03.09 16:39:18 | 000,000,030 | ---- | C] () -- C:\WINDOWS\System32\brss01a.ini [2010.03.02 11:20:14 | 000,080,896 | ---- | C] () -- C:\WINDOWS\cadkasdeinst01.exe [2010.03.02 11:17:16 | 000,000,043 | ---- | C] () -- C:\WINDOWS\gswin32.ini [2010.02.25 20:05:40 | 000,077,824 | ---- | C] () -- C:\WINDOWS\System32\SynTPCoI.dll [2010.01.12 18:12:07 | 000,000,692 | ---- | C] () -- C:\Dokumente und Einstellungen\pechulri\Lokale Einstellungen\Anwendungsdaten\FASTWiz.html [2010.01.12 04:35:44 | 000,080,416 | ---- | C] () -- C:\WINDOWS\System32\RtNicProp32.dll [2010.01.02 19:26:32 | 000,097,360 | ---- | C] () -- C:\WINDOWS\System32\drivers\Fwusb1b.bin [2009.12.30 12:36:45 | 000,000,141 | ---- | C] () -- C:\Dokumente und Einstellungen\pechulri\Lokale Einstellungen\Anwendungsdaten\fusioncache.dat [2009.11.24 16:10:45 | 000,002,528 | ---- | C] () -- C:\Dokumente und Einstellungen\pechulri\Anwendungsdaten\$_hpcst$.hpc [2009.10.16 15:38:48 | 000,196,608 | ---- | C] () -- C:\WINDOWS\PWMBTHLP.EXE [2009.10.08 16:21:14 | 000,000,056 | -H-- | C] () -- C:\WINDOWS\System32\ezsidmv.dat [2009.10.08 15:44:09 | 000,037,051 | ---- | C] () -- C:\Dokumente und Einstellungen\pechulri\Anwendungsdaten\Kommagetrennte Werte (DOS).ADR [2009.09.24 17:36:48 | 000,038,019 | ---- | C] () -- C:\Dokumente und Einstellungen\pechulri\Anwendungsdaten\Kommagetrennte Werte (Windows).ADR [2009.09.22 18:20:13 | 000,116,224 | ---- | C] () -- C:\WINDOWS\System32\redmonnt.dll [2009.09.22 18:20:13 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\unredmon.exe [2009.09.18 13:40:19 | 000,111,932 | ---- | C] () -- C:\WINDOWS\System32\EPPICPrinterDB.dat [2009.09.18 13:40:19 | 000,031,053 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern131.dat [2009.09.18 13:40:19 | 000,027,417 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern121.dat [2009.09.18 13:40:19 | 000,026,154 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern1.dat [2009.09.18 13:40:19 | 000,024,903 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern3.dat [2009.09.18 13:40:19 | 000,021,390 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern5.dat [2009.09.18 13:40:19 | 000,020,148 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern2.dat [2009.09.18 13:40:19 | 000,011,811 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern4.dat [2009.09.18 13:40:19 | 000,004,943 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern6.dat [2009.09.18 13:40:19 | 000,001,146 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_DU.dat [2009.09.18 13:40:19 | 000,001,139 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_PT.dat [2009.09.18 13:40:19 | 000,001,139 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_BP.dat [2009.09.18 13:40:19 | 000,001,136 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_ES.dat [2009.09.18 13:40:19 | 000,001,129 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_FR.dat [2009.09.18 13:40:19 | 000,001,129 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_CF.dat [2009.09.18 13:40:19 | 000,001,120 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_IT.dat [2009.09.18 13:40:19 | 000,001,107 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_GE.dat [2009.09.18 13:40:19 | 000,001,104 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_EN.dat [2009.09.18 13:40:19 | 000,000,097 | ---- | C] () -- C:\WINDOWS\System32\PICSDK.ini [2009.09.18 13:38:30 | 000,000,025 | ---- | C] () -- C:\WINDOWS\CDEBX300DEFGIPS.ini [2009.09.18 10:40:04 | 000,005,760 | ---- | C] () -- C:\WINDOWS\System32\drivers\A0101X32.sys [2009.09.18 10:40:03 | 000,061,440 | R--- | C] () -- C:\WINDOWS\System32\AABATT.dll [2009.09.18 09:41:42 | 000,001,324 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat [2009.09.18 09:05:34 | 000,004,224 | ---- | C] () -- C:\WINDOWS\System32\drivers\IBMBLDID.sys [2009.09.18 08:16:04 | 000,262,216 | ---- | C] () -- C:\WINDOWS\System32\IPTests.dll [2009.09.18 08:16:03 | 000,651,264 | ---- | C] () -- C:\WINDOWS\System32\libeay32.dll [2009.09.18 08:16:03 | 000,147,456 | ---- | C] () -- C:\WINDOWS\System32\ssleay32.dll [2009.09.17 19:16:08 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat [2009.09.17 17:15:08 | 000,084,992 | ---- | C] () -- C:\Dokumente und Einstellungen\pechulri\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2009.09.17 16:27:01 | 000,000,403 | ---- | C] () -- C:\WINDOWS\ODBC.INI [2009.09.17 15:55:47 | 000,086,016 | ---- | C] () -- C:\WINDOWS\stk2135bsrv.exe [2009.09.17 15:55:00 | 000,522,256 | ---- | C] () -- C:\WINDOWS\System32\drivers\USBSTK1.sys [2009.09.17 15:55:00 | 000,299,920 | ---- | C] () -- C:\WINDOWS\System32\drivers\USBSTK0.sys [2009.09.17 15:55:00 | 000,173,584 | ---- | C] () -- C:\WINDOWS\System32\drivers\USBSTK.sys [2009.09.17 15:55:00 | 000,145,424 | ---- | C] () -- C:\WINDOWS\System32\drivers\USBSTK2.sys [2009.09.17 15:55:00 | 000,025,616 | ---- | C] () -- C:\WINDOWS\System32\drivers\USBSTK3.sys [2009.09.17 15:54:59 | 000,055,824 | ---- | C] () -- C:\WINDOWS\CamUnist.exe [2009.09.17 14:10:10 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI [2009.09.17 14:08:56 | 000,300,440 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2009.09.17 13:27:11 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat [2009.09.17 13:21:51 | 000,021,740 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat [2008.05.26 22:23:36 | 000,016,834 | ---- | C] () -- C:\WINDOWS\System32\gthrctr.ini [2008.05.26 22:23:34 | 000,024,188 | ---- | C] () -- C:\WINDOWS\System32\idxcntrs.ini [2008.05.26 22:23:32 | 000,016,568 | ---- | C] () -- C:\WINDOWS\System32\gsrvctr.ini [2008.05.26 21:59:42 | 000,018,904 | ---- | C] () -- C:\WINDOWS\System32\structuredqueryschematrivial.bin [2008.05.26 21:59:40 | 000,106,605 | ---- | C] () -- C:\WINDOWS\System32\structuredqueryschema.bin [2008.05.21 12:03:08 | 000,147,456 | ---- | C] () -- C:\WINDOWS\System32\igfxCoIn_v4953.dll [2008.05.21 11:48:40 | 001,991,464 | ---- | C] () -- C:\WINDOWS\System32\igkrng500.bin [2008.05.21 11:48:40 | 000,432,400 | ---- | C] () -- C:\WINDOWS\System32\igcompkrng500.bin [2008.01.04 14:13:58 | 000,073,728 | ---- | C] () -- C:\WINDOWS\System32\DEVMAN.DLL [2004.08.04 00:12:38 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin [2004.08.02 13:20:40 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat [2003.07.25 12:32:18 | 000,030,793 | ---- | C] () -- C:\WINDOWS\System32\crtslv.dll [2001.08.18 13:00:00 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin [2001.08.18 13:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat [2001.08.18 13:00:00 | 000,555,706 | ---- | C] () -- C:\WINDOWS\System32\perfh007.dat [2001.08.18 13:00:00 | 000,505,182 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat [2001.08.18 13:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat [2001.08.18 13:00:00 | 000,269,480 | ---- | C] () -- C:\WINDOWS\System32\perfi007.dat [2001.08.18 13:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat [2001.08.18 13:00:00 | 000,116,876 | ---- | C] () -- C:\WINDOWS\System32\perfc007.dat [2001.08.18 13:00:00 | 000,089,028 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat [2001.08.18 13:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin [2001.08.18 13:00:00 | 000,034,478 | ---- | C] () -- C:\WINDOWS\System32\perfd007.dat [2001.08.18 13:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat [2001.08.18 13:00:00 | 000,004,461 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat [2001.08.18 13:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat [1999.01.22 20:46:58 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\MSRTEDIT.DLL [1998.06.09 04:00:00 | 000,244,984 | ---- | C] () -- C:\WINDOWS\System32\Tutil32.dll ========== Alternate Data Streams ========== @Alternate Data Stream - 143 bytes -> C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TEMP:DBC416F8 < End of report > OTL Logfile: Code:
ATTFilter OTL Extras logfile created on: 05.01.2012 19:57:08 - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Dokumente und Einstellungen\pechulri\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
2,97 Gb Total Physical Memory | 1,90 Gb Available Physical Memory | 63,89% Memory free
4,81 Gb Paging File | 3,29 Gb Available in Paging File | 68,37% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 48,83 Gb Total Space | 17,00 Gb Free Space | 34,81% Space Free | Partition Type: NTFS
Drive E: | 78,12 Gb Total Space | 62,45 Gb Free Space | 79,94% Space Free | Partition Type: NTFS
Drive F: | 58,59 Gb Total Space | 19,53 Gb Free Space | 33,33% Space Free | Partition Type: NTFS
Computer Name: ULRICH | User Name: pechulri | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.html [@ = FirefoxHTML] -- C:\Programme\Mozilla Firefox\firefox.exe (Mozilla Corporation)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Programme\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
htmlfile [edit] -- "C:\Programme\Microsoft Office\Office\msohtmed.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Programme\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)
https [open] -- "C:\Programme\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Programme\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Programme\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"5985:TCP" = 5985:TCP:*:Disabled:Windows-Remoteverwaltung
"80:TCP" = 80:TCP:*:Disabled:Windows-Remoteverwaltung - Kompatibilitätsmodus (HTTP eingehend)
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\Programme\ICQ7.0\ICQ.exe" = C:\Programme\ICQ7.0\ICQ.exe:*:Enabled:ICQ7 -- (ICQ, LLC.)
"C:\Programme\ICQ7.0\aolload.exe" = C:\Programme\ICQ7.0\aolload.exe:*:Enabled:aolload.exe -- (AOL LLC)
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"D:\fsetup.exe" = D:\fsetup.exe:*:Enabled:AVM FSetup Application
"C:\Programme\FRITZ!DSL\IGDCTRL.EXE" = C:\Programme\FRITZ!DSL\IGDCTRL.EXE:*:Enabled:FRITZ!DSL - igdctrl.exe -- (AVM Berlin)
"C:\WINDOWS\system32\usmt\migwiz.exe" = C:\WINDOWS\system32\usmt\migwiz.exe:*:Enabled:Assistent zum Übertragen von Dateien und Einstellungen -- (Microsoft Corporation)
"C:\Programme\VideoLAN\VLC\vlc.exe" = C:\Programme\VideoLAN\VLC\vlc.exe:*:Enabled:VLC media player -- ()
"C:\Programme\FRITZ!DSL\FBOXUPD.EXE" = C:\Programme\FRITZ!DSL\FBOXUPD.EXE:*:Enabled:AVM FRITZ!Box Firmware-Update -- (AVM Berlin)
"C:\Programme\ICQ7.0\ICQ.exe" = C:\Programme\ICQ7.0\ICQ.exe:*:Enabled:ICQ7 -- (ICQ, LLC.)
"C:\Programme\ICQ7.0\aolload.exe" = C:\Programme\ICQ7.0\aolload.exe:*:Enabled:aolload.exe -- (AOL LLC)
"C:\Programme\Java\jre6\bin\javaw.exe" = C:\Programme\Java\jre6\bin\javaw.exe:*:Enabled:Java(TM) Platform SE binary -- (Sun Microsystems, Inc.)
"C:\Dokumente und Einstellungen\pechulri\temp\TeamViewer\Version5\TeamViewer.exe" = C:\Dokumente und Einstellungen\pechulri\temp\TeamViewer\Version5\TeamViewer.exe:*:Enabled:TeamViewer -- (TeamViewer GmbH)
"C:\Dokumente und Einstellungen\pechulri\Lokale Einstellungen\Anwendungsdaten\Google\Google Talk Plugin\googletalkplugin.exe" = C:\Dokumente und Einstellungen\pechulri\Lokale Einstellungen\Anwendungsdaten\Google\Google Talk Plugin\googletalkplugin.exe:*:Enabled:Google Talk Plugin -- (Google)
"C:\Programme\TeamViewer\Version6\TeamViewer.exe" = C:\Programme\TeamViewer\Version6\TeamViewer.exe:*:Enabled:Teamviewer Remote Control Application -- (TeamViewer GmbH)
"C:\Programme\TeamViewer\Version6\TeamViewer_Service.exe" = C:\Programme\TeamViewer\Version6\TeamViewer_Service.exe:*:Enabled:Teamviewer Remote Control Service -- (TeamViewer GmbH)
"C:\Dokumente und Einstellungen\pechulri\Lokale Einstellungen\Apps\2.0\WTBCN0WA.29T\K0P5W9YZ.2EC\frit..tion_8488884cfbcefd60_0002.0002_8541bf1f4a1c673d\fritzbox-usb-fernanschluss.exe" = C:\Dokumente und Einstellungen\pechulri\Lokale Einstellungen\Apps\2.0\WTBCN0WA.29T\K0P5W9YZ.2EC\frit..tion_8488884cfbcefd60_0002.0002_8541bf1f4a1c673d\fritzbox-usb-fernanschluss.exe:*:Enabled:FRITZ!Box USB-Fernanschluss -- (AVM Berlin)
"C:\Programme\Mozilla Firefox\firefox.exe" = C:\Programme\Mozilla Firefox\firefox.exe:*:Enabled:Mozilla Firefox -- (Mozilla Corporation)
"C:\Dokumente und Einstellungen\pechulri\Lokale Einstellungen\Anwendungsdaten\Facebook\Video\Skype\FacebookVideoCalling.exe" = C:\Dokumente und Einstellungen\pechulri\Lokale Einstellungen\Anwendungsdaten\Facebook\Video\Skype\FacebookVideoCalling.exe:*:Enabled:Facebook Video Calling Plugin -- (Skype Limited)
"C:\Programme\Seagate\Seagate Dashboard\HipServAgent\HipServAgent.exe" = C:\Programme\Seagate\Seagate Dashboard\HipServAgent\HipServAgent.exe:*:Enabled:SeagateHipServAgent -- (Axentra Corporation)
"C:\WINDOWS\system32\muzapp.exe" = C:\WINDOWS\system32\muzapp.exe:*:Enabled:MUZ AOD APP player -- (Musiccity Co.Ltd.)
"C:\Programme\Windows Searchqu Toolbar\Datamngr\ToolBar\dtUser.exe" = C:\Programme\Windows Searchqu Toolbar\Datamngr\ToolBar\dtUser.exe:*:Enabled:DTX broker -- (Visicom Media Inc.)
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00000407-78E1-11D2-B60F-006097C998E7}" = Microsoft Office 2000 Premium
"{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu
"{055B9AD2-48E1-462E-9992-814123063C46}" = Lenovo_ATK_Package
"{061A431C-86E7-4DB4-92B8-36DE783865CF}" = Integrated Camera
"{0A0CADCF-78DA-33C4-A350-CD51849B9702}" = Microsoft .NET Framework 4 Extended
"{108A39BF-4ED1-4293-B11A-06BD521FB8F7}" = FreeOCR 3.0
"{1297C681-92D7-40EF-93BF-03F66EC5105C}" = ThinkPad-Dienstprogramm 'EasyEject'
"{153F529B-694F-44D7-8C90-E9036281B3E9}" = PureSync
"{17CBC505-D1AE-459D-B445-3D2000A85842}" = ThinkPad UltraNav Utility
"{1D7CE340-70C3-4848-BCCF-215950328A4C}" = Facebook Video Calling 1.0.0.8953
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{21C1A158-C4E3-49F0-80D8-DFB8C2D2C7D0}" = Jogger
"{24E92E7A-6848-4747-A3EA-3AAC0576BE52}" = Lenovo Patch Utility
"{26A24AE4-039D-4CA4-87B4-2F83216017FF}" = Java(TM) 6 Update 29
"{26A24AE4-039D-4CA4-87B4-2F83216022F0}" = Java(TM) 6 Update 22
"{2C0B0C75-9DEB-400B-9C53-6461D38024DE}" = LIGA PRO 6.0
"{32364CEA-7855-4A3C-B674-53D8E9B97936}" = TuneUp Utilities 2012
"{350C97B3-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3D289CAC-AD9F-45d9-9D36-524EB7B6C958}" = Lenovo Hard Drive Quick Test
"{3DE96337-68D2-48E0-A863-6E4A5CD3BC25}" = PC Connectivity Solution
"{43B74FAB-FB58-447D-8D3A-5F638AF36FD1}" = Netzmanager
"{46A84694-59EC-48F0-964C-7E76E9F8A2ED}" = ThinkVantage System für aktiven Festplattenschutz
"{498A4E3D-562E-4129-8722-6DCAB12384AE}" = Windows Communication Foundation Language Pack - DEU
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{541DEAC0-5F3D-45E6-B7CB-94ECF3B96748}" = Skype web features
"{59F6A514-9813-47A3-948C-8A155460CC2A}" = RICOH R5C83x/84x Flash Media Controller Driver Ver.3.55.01
"{5A3C1721-F8ED-11E0-8AFB-B8AC6F97B88E}" = Google Earth
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{6280149E-EFF3-4F1B-BD43-5B7EDD6F620A}" = Ergänzung zu Lenovo Care
"{65706020-7B6F-41F2-8047-FC69579E386A}" = Präsentationsdirektor
"{6AFCA4E1-9B78-3640-8F72-A7BF33448200}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}" = MSVC80_x86_v2
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7228FD8C-3B9E-4204-AE36-8A466107685B}" = Windows Workflow Foundation DE Language Pack
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies
"{75B7F766-7998-44d8-A202-F1EC76A121BA}" = Memeo AutoSync
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7EB114D8-207F-45AE-BABD-1669715F2630}" = ThinkVantage Access Connections
"{7F14F68C-17FA-4F88-B3FD-7F449C1EBF32}" = EPSON Web-To-Page
"{8675339C-128C-44DD-83BF-0A5D6ABD8297}" = System Update
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{86D4B82A-ABED-442A-BE86-96357B70F4FE}" = Ask Toolbar
"{88EB38EF-4D2C-436D-ABD3-56B232674062}" = ICQ7
"{8937FCB2-2FC6-4FC3-9FB5-DE2C92DB9C38}" = Microsoft .NET Framework 2.0 Language Pack - DEU
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A4DB1CA-8206-4ADC-805C-66ACF1611DA3}" = System Migration Assistant
"{8E666407-AC41-46a2-9692-6C7BFCBFDD37}" = Memeo Instant Backup
"{90120000-0010-0407-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (German) 12
"{90120000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2007
"{90120000-0015-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2007
"{90120000-0019-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2007
"{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{A0516415-ED61-419A-981D-93596DA74165}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_ENTERPRISE_{322296D4-1EAE-4030-9FBC-D2787EB25FA2}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{90120000-0044-0407-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2007
"{90120000-0044-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_ENTERPRISE_{26454C26-D259-4543-AA60-3189E09C5F76}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-00BA-0407-0000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2007
"{90120000-00BA-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{92DF2F1B-F63C-4D9A-B3E1-B2D11AE29790}" = Windows Presentation Foundation Language Pack (DEU)
"{986F64DC-FF15-449D-998F-EE3BCEC6666A}" = Help Center
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9FAC9E5C-0D20-4DBF-AFE5-2E09C52A95A2}" = ThinkPad 11a/b/g/n Wireless LAN Mini-PCI Express Adapter
"{A0E64EBA-8BF0-49FB-90C0-BB3D781A2016}" = ThinkPad Energie-Manager
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A654A805-41D9-40C7-AA46-4AF04F044D61}" = Adobe® Photoshop® Album Starter Edition 3.2
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1031-7B44-AA1000000001}" = Adobe Reader X (10.1.1) - Deutsch
"{AC76BA86-7AD7-5464-3428-900000000004}" = Spelling Dictionaries Support For Adobe Reader 9
"{ACF60000-22B9-4CE9-98D6-2CCF359BAC07}" = ABBYY FineReader 6.0 Sprint
"{AF111648-99A1-453E-81DD-80DBBF6DAD0D}" = MSVC90_x86
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C2C284D2-6BD7-3B34-B0C5-B2CAED168DF7}" = Microsoft .NET Framework 3.0 Service Pack 2 Language Pack - DEU
"{C314CE45-3392-3B73-B4E1-139CD41CA933}" = Microsoft .NET Framework 2.0 Service Pack 2 Language Pack - DEU
"{C3A11907-930D-41AC-A135-CC3B12F92011}" = Seagate Dashboard
"{C9BED750-1211-4480-B1A5-718A3BE15525}" = REALTEK GbE & FE Ethernet PCI-E NIC Driver
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CCF13D13-A87B-34E8-B689-1896D0C2DBA2}" = Google Talk Plugin
"{CE026CFE-73FE-4FED-9D5F-2C8D4DB512B0}" = TuneUp Utilities Language Pack (de-DE)
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CF52099A-3BEA-4C41-AEA8-1E190F04D737}" = Lenovo Care
"{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}" = SAMSUNG USB Driver for Mobile Phones
"{DEDB47A3-C988-4A43-A645-E2CEA571E680}" = Epson Easy Photo Print 2
"{DFAA3D2B-7087-464E-823B-738A23C29C27}" = Microsoft Visual J# 2.0 Redistributable Package - SE
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{E633D396-5188-4E9D-8F6B-BFB8BF3467E8}" = Skype™ 5.0
"{E78BFA60-5393-4C38-82AB-E8019E464EB4}" = Microsoft .NET Framework 1.1 German Language Pack
"{E7E836B8-4BDD-454F-82E6-5FEA17C83AD4}" = Message Center
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F151F2B3-0C32-44D3-90E2-E639B8024622}" = Rescue and Recovery
"{F22FD942-651D-4EE8-BD6F-7E0AF5E17625}" = Intel(R) PROSet/Wireless WiFi-Software
"{F2A7F421-1679-48D5-B918-96999014ED53}" = Microsoft .NET Framework 3.0 German Language Pack
"{F750C986-5310-3A5A-95F8-4EC71C8AC01C}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Amazon Kindle" = Amazon Kindle
"AVMFBox" = AVM FRITZ!Box Dokumentation
"AVMWLANCLI" = AVM FRITZ!WLAN
"BOOKcook Bücherverwaltung_is1" = BOOKcook Bücherverwaltung 1.34.1
"CNXT_AUDIO_HDA" = Conexant HD Audio
"CNXT_MODEM_HDA_HSF" = HDAUDIO Soft Data Fax Modem with SmartCP
"DivX Setup.divx.com" = DivX-Setup
"DVDVideoSoftTB Toolbar" = DVDVideoSoftTB Toolbar
"ENTERPRISE" = Microsoft Office Enterprise 2007
"EPSON BX300F Series" = EPSON BX300F Series Printer Uninstall
"EPSON Scanner" = EPSON Scan
"EPSON Stylus Office BX300F_TX300F Benutzerhandbuch" = EPSON Stylus Office BX300F_TX300F Handbuch
"facetheme" = Facetheme
"Free WMA to MP3 Converter_is1" = Free WMA to MP3 Converter 1.16
"FreeCommander_is1" = FreeCommander 2009.02b
"FRITZ!DSL" = AVM FRITZ!DSL
"GflAx_is1" = Uninstall GflAx
"HDMI" = Intel(R) Graphics Media Accelerator Driver
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie8" = Windows Internet Explorer 8
"ImgBurn" = ImgBurn
"InstallShield_{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies
"JDownloader" = JDownloader
"LENOVO.SMIIF" = Lenovo System Interface Driver
"LenovoAutoScrollUtility" = Lenovo Auto Scroll Utility
"MicroDicom" = MicroDicom 0.5.4
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 2.0 Language Pack - DEU" = Microsoft .NET Framework 2.0 Language Pack - DEU
"Microsoft .NET Framework 3.0 German Language Pack" = Microsoft .NET Framework 3.0 German Language Pack
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft Visual J# 2.0 Redistributable Package - SE" = Microsoft Visual J# 2.0 Redistributable Package - SE
"Mozilla Firefox 9.0.1 (x86 de)" = Mozilla Firefox 9.0.1 (x86 de)
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"N360" = Norton 360
"Netzmanager" = Netzmanager
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"OnScreenDisplay" = Anzeige am Bildschirm
"PC-Doctor for Windows" = Lenovo ThinkVantage Toolbox
"Picasa 3" = Picasa 3
"Power Management Driver" = ThinkPad Power Management Driver for SL Series
"PureSync" = PureSync 3.5.0
"Redirection Port Monitor" = RedMon - Redirection Port Monitor
"Secure Eraser_is1" = Secure Eraser v4.0
"SmartToolsClassic Menü 2010, 2007v1.50" = SmartTools Publishing • Word Classic Menü 2010, 2007
"SynTPDeinstKey" = ThinkPad UltraNav Driver
"TeamViewer 6" = TeamViewer 6
"ThinkPad FullScreen Magnifier" = ThinkPad FullScreen Magnifier
"TuneUp Utilities 2012" = TuneUp Utilities 2012
"Verbindungsassistent" = Verbindungsassistent
"VLC media player" = VLC media player 1.0.1
"Wdf01007" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.7
"Wdf01009" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.9
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows Searchqu Toolbar" = Windows Searchqu Toolbar
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinGimp-2.0_is1" = GIMP 2.6.7
"WinRAR archiver" = WinRAR
"winusb0100" = Microsoft WinUsb 1.0
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"XPSEPSCLP" = XML Paper Specification Shared Components Language Pack 1.0
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"f018cf21c0452c64" = AVM FRITZ!Box USB-Fernanschluss
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 05.01.2012 13:38:04 | Computer Name = ULRICH | Source = PC-Doctor | ID = 1
Description = (5820) Asapi: (18:38:04:3280)(5820) PCDString - Error -- 1981 UTF8Decode()
-- unmatched char at position 32646; so skip.
Error - 05.01.2012 13:38:04 | Computer Name = ULRICH | Source = PC-Doctor | ID = 1
Description = (5820) Asapi: (18:38:04:3280)(5820) PCDString - Error -- 1981 UTF8Decode()
-- unmatched char at position 32648; so skip.
Error - 05.01.2012 13:38:04 | Computer Name = ULRICH | Source = PC-Doctor | ID = 1
Description = (5820) Asapi: (18:38:04:3280)(5820) PCDString - Error -- 1981 UTF8Decode()
-- unmatched char at position 32649; so skip.
Error - 05.01.2012 13:38:04 | Computer Name = ULRICH | Source = PC-Doctor | ID = 1
Description = (5820) Asapi: (18:38:04:3280)(5820) PCDString - Error -- 1981 UTF8Decode()
-- unmatched char at position 32682; so skip.
Error - 05.01.2012 13:38:04 | Computer Name = ULRICH | Source = PC-Doctor | ID = 1
Description = (5820) Asapi: (18:38:04:3280)(5820) PCDString - Error -- 1981 UTF8Decode()
-- unmatched char at position 32684; so skip.
Error - 05.01.2012 13:38:04 | Computer Name = ULRICH | Source = PC-Doctor | ID = 1
Description = (5820) Asapi: (18:38:04:3280)(5820) PCDString - Error -- 1981 UTF8Decode()
-- unmatched char at position 32685; so skip.
Error - 05.01.2012 13:38:04 | Computer Name = ULRICH | Source = PC-Doctor | ID = 1
Description = (5820) Asapi: (18:38:04:3280)(5820) PCDString - Error -- 1981 UTF8Decode()
-- unmatched char at position 32720; so skip.
Error - 05.01.2012 13:38:04 | Computer Name = ULRICH | Source = PC-Doctor | ID = 1
Description = (5820) Asapi: (18:38:04:3280)(5820) PCDString - Error -- 1981 UTF8Decode()
-- unmatched char at position 32774; so skip.
Error - 05.01.2012 13:38:04 | Computer Name = ULRICH | Source = PC-Doctor | ID = 1
Description = (5820) Asapi: (18:38:04:3280)(5820) PCDString - Error -- 1981 UTF8Decode()
-- unmatched char at position 32828; so skip.
Error - 05.01.2012 13:38:04 | Computer Name = ULRICH | Source = PC-Doctor | ID = 1
Description = (5820) Asapi: (18:38:04:3280)(5820) PCDString - Error -- 1981 UTF8Decode()
-- unmatched char at position 32829; so skip.
[ System Events ]
Error - 29.12.2011 14:30:40 | Computer Name = ULRICH | Source = Cdrom | ID = 262151
Description = Fehlerhafter Block bei Gerät \Device\CdRom0.
Error - 29.12.2011 14:30:46 | Computer Name = ULRICH | Source = Cdrom | ID = 262151
Description = Fehlerhafter Block bei Gerät \Device\CdRom0.
Error - 29.12.2011 14:30:52 | Computer Name = ULRICH | Source = Cdrom | ID = 262151
Description = Fehlerhafter Block bei Gerät \Device\CdRom0.
Error - 29.12.2011 14:30:58 | Computer Name = ULRICH | Source = Cdrom | ID = 262151
Description = Fehlerhafter Block bei Gerät \Device\CdRom0.
Error - 29.12.2011 14:31:04 | Computer Name = ULRICH | Source = Cdrom | ID = 262151
Description = Fehlerhafter Block bei Gerät \Device\CdRom0.
Error - 29.12.2011 14:31:10 | Computer Name = ULRICH | Source = Cdrom | ID = 262151
Description = Fehlerhafter Block bei Gerät \Device\CdRom0.
Error - 29.12.2011 14:31:17 | Computer Name = ULRICH | Source = Cdrom | ID = 262151
Description = Fehlerhafter Block bei Gerät \Device\CdRom0.
Error - 29.12.2011 14:31:23 | Computer Name = ULRICH | Source = Cdrom | ID = 262151
Description = Fehlerhafter Block bei Gerät \Device\CdRom0.
Error - 29.12.2011 14:31:29 | Computer Name = ULRICH | Source = Cdrom | ID = 262151
Description = Fehlerhafter Block bei Gerät \Device\CdRom0.
Error - 29.12.2011 14:31:35 | Computer Name = ULRICH | Source = Cdrom | ID = 262151
Description = Fehlerhafter Block bei Gerät \Device\CdRom0.
< End of report >
Gruß ulli Geändert von ahboss (05.01.2012 um 20:10 Uhr) |
| Themen zu als startseite erscheint "http://www.searchqu.com/410" |
| 0x00000001, als startseite, alternate, bandoo, conduit, entferne, eraser, erschein, erscheint, excel.exe, gestern, gfnexsrv.exe, google earth, http://www.searchqu.com/410, install.exe, intranet, intrusion prevention, jdownloader, lenovo, limited.com/facebook, microsoft office word, nirgends, norten, nt.dll, plug-in, rechner, remote control, searchqu toolbar, security update, seite, sp3, startseite, toolbar, trojaner, virtualbox, virus auf notebook, windows internet |
Baum-Darstellung