Starfenster.com Virus Hallo Cosinus
Sorry für die Fehler.
--------------------------------------------------------
Das letzte sagt mir nichts:
Code:
Alles auswählen Aufklappen ATTFilter
O1 - Hosts: 127.0.0.1 secure.tune-up.com
Edit: Scheint von TuneUp zu sein.
--------------------------------------------------------
Hier nochmals die Logs:
Code:
Alles auswählen Aufklappen ATTFilter
OTL logfile created on: 22.11.2012 16:20:14 - Run 3
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Dokumente und Einstellungen\Chesspower\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
1015,11 Mb Total Physical Memory | 357,11 Mb Available Physical Memory | 35,18% Memory free
2,39 Gb Paging File | 1,74 Gb Available in Paging File | 72,84% Paging File free
Paging file location(s): C:\pagefile.sys 1522 1522 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 79,99 Gb Total Space | 39,30 Gb Free Space | 49,13% Space Free | Partition Type: NTFS
Drive D: | 61,20 Gb Total Space | 29,33 Gb Free Space | 47,93% Space Free | Partition Type: NTFS
Drive E: | 7,20 Gb Total Space | 5,30 Gb Free Space | 73,53% Space Free | Partition Type: FAT32
Computer Name: NETBOOK | User Name: Chesspower | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - C:\Dokumente und Einstellungen\Chesspower\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Programme\Google\Chrome\Application\chrome.exe (Google Inc.)
PRC - D:\Programme\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation)
PRC - C:\Programme\Google\Update\1.3.21.123\GoogleCrashHandler.exe (Google Inc.)
PRC - C:\Programme\Sandboxie\SandboxieDcomLaunch.exe (SANDBOXIE L.T.D)
PRC - C:\Programme\Sandboxie\SandboxieCrypto.exe (SANDBOXIE L.T.D)
PRC - C:\Programme\Sandboxie\SandboxieRpcSs.exe (SANDBOXIE L.T.D)
PRC - C:\Programme\Sandboxie\SbieCtrl.exe (SANDBOXIE L.T.D)
PRC - C:\Programme\Sandboxie\SbieSvc.exe (SANDBOXIE L.T.D)
PRC - C:\Dokumente und Einstellungen\Chesspower\Eigene Dateien\Logox Anwendung für alle Programme\Logox 4 Erweiterung.exe ()
PRC - C:\Programme\Microsoft Office\Office14\WINWORD.EXE (Microsoft Corporation)
PRC - D:\Programme\TomTom HOME 2\TomTomHOMEService.exe (TomTom)
PRC - D:\Programme\TrueCrypt\TrueCrypt.exe (TrueCrypt Foundation)
PRC - C:\Programme\GNU\GnuPG\dirmngr.exe ()
PRC - C:\Programme\FreeCommander\FreeCommander.exe (Marek Jasinski - www.FreeCommander.com)
PRC - C:\Programme\Gemeinsame Dateien\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE (Microsoft Corporation)
PRC - C:\Programme\Gemeinsame Dateien\Logox.4.0\Logox4.exe (G DATA Software AG)
PRC - D:\Programme\AtomSync\atomsync.exe (EmTec Innovative Software)
PRC - C:\Programme\ASUS\EeePC\Super Hybrid Engine\SuperHybridEngine.exe (ASUSTeK Computer Inc.)
PRC - C:\Programme\Elantech\ETDCTRL.EXE (ELANTECH Devices Corp.)
PRC - C:\Programme\EeePC\ACPI\AsAcpiSvr.exe (ASUSTeK Computer Inc.)
PRC - C:\Programme\Elantech\ETDDECT.EXE (ELANTECH Devices Corp.)
PRC - C:\Programme\EeePC\ACPI\AsEPCMon.exe (ASUSTeK Computer Inc.)
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\WINDOWS\system32\sndvol32.exe (Microsoft Corporation)
PRC - D:\Programme\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe (Rocket Division Software)
PRC - C:\WINDOWS\system32\CNAB4RPK.EXE (CANON INC.)
========== Modules (No Company Name) ==========
MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualBas#\38a190d849769ca2a9b174bd7253913c\Microsoft.VisualBasic.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Xml\d35b50eb6bb7b1bfb6592419d9feba47\System.Xml.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\6585a5fcaaa1b49b9a1bd9ca5c5c306e\System.Windows.Forms.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Drawing\da4bcb702feb770ce40cf1371b0c4d02\System.Drawing.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\90ad0c96693527ae685ff40019bb33b0\System.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\3add69b075f3da012fb97ce00cd795c0\mscorlib.ni.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\Microsoft.VisualBasic\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll ()
MOD - C:\Programme\Google\Chrome\Application\23.0.1271.64\ppgooglenaclpluginchrome.dll ()
MOD - C:\Programme\Google\Chrome\Application\23.0.1271.64\PepperFlash\pepflashplayer.dll ()
MOD - C:\Programme\Google\Chrome\Application\23.0.1271.64\pdf.dll ()
MOD - C:\Programme\Google\Chrome\Application\23.0.1271.64\libglesv2.dll ()
MOD - C:\Programme\Google\Chrome\Application\23.0.1271.64\libegl.dll ()
MOD - C:\Programme\Google\Chrome\Application\23.0.1271.64\avutil-51.dll ()
MOD - C:\Programme\Google\Chrome\Application\23.0.1271.64\avformat-54.dll ()
MOD - C:\Programme\Google\Chrome\Application\23.0.1271.64\avcodec-54.dll ()
MOD - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\PDFShell.DEU ()
MOD - C:\Dokumente und Einstellungen\Chesspower\Eigene Dateien\Logox Anwendung für alle Programme\Logox 4 Erweiterung.exe ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\Microsoft.Office.Interop.Word\14.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.Word.dll ()
MOD - C:\WINDOWS\assembly\GAC\Extensibility\7.0.3300.0__b03f5f7f11d50a3a\Extensibility.dll ()
MOD - D:\Programme\ASCOMP Software\Secure Eraser\SecEraser32.dll ()
MOD - C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF ()
MOD - C:\Programme\GNU\GnuPG\dirmngr.exe ()
MOD - C:\Programme\GNU\GnuPG\gpgex.dll ()
MOD - C:\Programme\GNU\GnuPG\libgcrypt-11.dll ()
MOD - C:\Programme\GNU\GnuPG\libksba-8.dll ()
MOD - C:\Programme\GNU\GnuPG\libassuan-0.dll ()
MOD - C:\Programme\GNU\GnuPG\libgpg-error-0.dll ()
MOD - C:\Programme\GNU\GnuPG\libw32pth-0.dll ()
MOD - C:\Programme\Duden\Duden Korrektor\MBControls.dll ()
MOD - C:\Programme\Duden\Duden Korrektor\adxloader.dll ()
MOD - C:\Programme\Unlocker\UnlockerCOM.dll ()
MOD - C:\Programme\Duden\Duden Korrektor\Interop.Access.dll ()
MOD - C:\Programme\Duden\Duden Korrektor\Interop.Excel.dll ()
MOD - C:\Programme\Duden\Duden Korrektor\Interop.Outlook.dll ()
MOD - C:\Programme\Duden\Duden Korrektor\Interop.FrontPage.dll ()
MOD - C:\Programme\Duden\Duden Korrektor\Interop.Word.dll ()
MOD - C:\Programme\Duden\Duden Korrektor\Interop.PowerPoint.dll ()
MOD - D:\Programme\AtomSync\atomsyncgerman.dll ()
MOD - C:\WINDOWS\system32\msdmo.dll ()
========== Services (SafeList) ==========
SRV - (vsmon) -- C:\Programme\CheckPoint\ZoneAlarm\vsmon.exe File not found
SRV - (AppMgmt) -- %SystemRoot%\System32\appmgmts.dll File not found
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (MBAMService) -- D:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
SRV - (MBAMScheduler) -- D:\Programme\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation)
SRV - (Microsoft SharePoint Workspace Audit Service) -- C:\Programme\Microsoft Office\Office14\GROOVE.EXE (Microsoft Corporation)
SRV - (SbieSvc) -- C:\Programme\Sandboxie\SbieSvc.exe (SANDBOXIE L.T.D)
SRV - (SkypeUpdate) -- C:\Programme\Skype\Updater\Updater.exe (Skype Technologies)
SRV - (TuneUp.UtilitiesSvc) -- C:\Programme\TuneUpPortable\App\TuneUp\TuneUpUtilitiesService32.exe (TuneUp Software)
SRV - (TomTomHOMEService) -- D:\Programme\TomTom HOME 2\TomTomHOMEService.exe (TomTom)
SRV - (DirMngr) -- C:\Programme\GNU\GnuPG\dirmngr.exe ()
SRV - (nosGetPlusHelper) -- C:\Programme\NOS\bin\getPlus_Helper_3004.dll (NOS Microsystems Ltd.)
SRV - (SwitchBoard) -- C:\Programme\Gemeinsame Dateien\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
SRV - (ose) -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE (Microsoft Corporation)
SRV - (osppsvc) -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE (Microsoft Corporation)
SRV - (AVerScheduleService) -- C:\Programme\Gemeinsame Dateien\AVerMedia\Service\AVerScheduleService.exe ()
SRV - (AVerRemote) -- C:\Programme\Gemeinsame Dateien\AVerMedia\Service\AVerRemote.exe (AVerMedia)
SRV - (StarWindService) -- D:\Programme\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe (Rocket Division Software)
SRV - (IDriverT) -- C:\Programme\Gemeinsame Dateien\InstallShield\Driver\1050\Intel 32\IDriverT.exe (Macrovision Corporation)
========== Driver Services (SafeList) ==========
DRV - (WDICA) -- File not found
DRV - (PDRFRAME) -- File not found
DRV - (PDRELI) -- File not found
DRV - (PDFRAME) -- File not found
DRV - (PDCOMP) -- File not found
DRV - (PCIDump) -- File not found
DRV - (lbrtfdc) -- File not found
DRV - (Lbd) -- system32\DRIVERS\Lbd.sys File not found
DRV - (Lavasoft Kernexplorer) -- C:\Programme\Lavasoft\Ad-Aware\KernExplorer.sys File not found
DRV - (ISWKL) -- C:\Programme\CheckPoint\ZAForceField\ISWKL.sys File not found
DRV - (i2omgmt) -- File not found
DRV - (hwdatacard) -- system32\DRIVERS\ewusbmdm.sys File not found
DRV - (Changer) -- File not found
DRV - (BTWUSB) -- System32\Drivers\btwusb.sys File not found
DRV - (btwhid) -- system32\DRIVERS\btwhid.sys File not found
DRV - (BTWDNDIS) -- system32\DRIVERS\btwdndis.sys File not found
DRV - (BTKRNL) -- system32\DRIVERS\btkrnl.sys File not found
DRV - (BTDriver) -- system32\DRIVERS\btport.sys File not found
DRV - (btaudio) -- system32\drivers\btaudio.sys File not found
DRV - (MBAMProtector) -- C:\WINDOWS\system32\drivers\mbam.sys (Malwarebytes Corporation)
DRV - (SbieDrv) -- C:\Programme\Sandboxie\SbieDrv.sys (SANDBOXIE L.T.D)
DRV - (TuneUpUtilitiesDrv) -- C:\Programme\TuneUpPortable\App\TuneUp\TuneUpUtilitiesDriver32.sys (TuneUp Software)
DRV - (Vsdatant) -- C:\WINDOWS\system32\vsdatant.sys (Check Point Software Technologies LTD)
DRV - (WinFLdrv) -- C:\WINDOWS\system32\WinFLdrv.sys ()
DRV - (truecrypt) -- C:\WINDOWS\system32\drivers\truecrypt.sys (TrueCrypt Foundation)
DRV - (ithsgt) -- C:\WINDOWS\system32\drivers\ithsgt.sys ()
DRV - (lilsgt) -- C:\WINDOWS\system32\drivers\lilsgt.sys ()
DRV - (UnlockerDriver5) -- C:\Programme\Unlocker\UnlockerDriver5.sys ()
DRV - (CPen) -- C:\WINDOWS\system32\drivers\CPen.sys ()
DRV - (AVerAF35) -- C:\WINDOWS\system32\drivers\AVerAF35.sys (AVerMedia TECHNOLOGIES, Inc.)
DRV - (IntcAzAudAddService) -- C:\WINDOWS\system32\drivers\RtkHDAud.sys (Realtek Semiconductor Corp.)
DRV - (MPE) -- C:\WINDOWS\system32\drivers\MPE.sys (Microsoft Corporation)
DRV - (AsusACPI) -- C:\WINDOWS\system32\drivers\ASUSACPI.SYS (ASUSTeK Computer Inc.)
DRV - (RT80x86) -- C:\WINDOWS\system32\drivers\rt2860.sys (Ralink Technology, Corp.)
DRV - (L1e) -- C:\WINDOWS\system32\drivers\l1e51x86.sys (Atheros Communications, Inc.)
DRV - (AR5211) -- C:\WINDOWS\system32\drivers\ar5211.sys (Atheros Communications, Inc.)
DRV - (ElbyCDFL) -- C:\WINDOWS\system32\drivers\ElbyCDFL.sys (SlySoft, Inc.)
DRV - (vax347b) -- C:\WINDOWS\system32\drivers\vax347b.sys ( )
DRV - (vax347s) -- C:\WINDOWS\system32\drivers\vax347s.sys ( )
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://search.live.com/results.aspx?q={searchTerms}&src=IE-SearchBox&Form=IE8SRC
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://search.live.com/results.aspx?q={searchTerms}&src=IE-SearchBox&Form=IE8SRC
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-1837522073-1451763235-2411524056-1006\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.google.com
IE - HKU\S-1-5-21-1837522073-1451763235-2411524056-1006\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
IE - HKU\S-1-5-21-1837522073-1451763235-2411524056-1006\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
IE - HKU\S-1-5-21-1837522073-1451763235-2411524056-1006\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
IE - HKU\S-1-5-21-1837522073-1451763235-2411524056-1006\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
IE - HKU\S-1-5-21-1837522073-1451763235-2411524056-1006\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 70 9B F0 CC 2B 80 CA 01 [binary data]
IE - HKU\S-1-5-21-1837522073-1451763235-2411524056-1006\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = hxxp://www.google.com
IE - HKU\S-1-5-21-1837522073-1451763235-2411524056-1006\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://www.google.com
IE - HKU\S-1-5-21-1837522073-1451763235-2411524056-1006\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-1837522073-1451763235-2411524056-1006\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\S-1-5-21-1837522073-1451763235-2411524056-1006\..\SearchScopes\{8E24A475-559D-4103-9D3D-2B25F9DE6637}: "URL" = hxxp://de.wikipedia.org/wiki/Spezial:Search?search={searchTerms}
IE - HKU\S-1-5-21-1837522073-1451763235-2411524056-1006\..\SearchScopes\{E5B6578C-1902-4B8E-A5E7-93CFD055F1E6}: "URL" = hxxp://www.google.de/search?q={searchTerms}
IE - HKU\S-1-5-21-1837522073-1451763235-2411524056-1006\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.search.selectedEngine: "Web Search"
FF - prefs.js..browser.startup.homepage: "www.google.de"
FF - prefs.js..extensions.enabledAddons: {6bdc61ae-7b80-44a3-9476-e1d121ec2238}:0.85
FF - prefs.js..keyword.URL: "hxxp://feed.helperbar.com/?publisher=OC&dpid=OC&co=DE&userid=85d24ef2-bda8-4b2e-bc06-c686c5dfeb63&affid=111585&searchtype=ds&babsrc=lnkry&q="
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_4_402_287.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw_1166636.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@checkpoint.com/FFApi: C:\Programme\CheckPoint\ZAForceField\TrustChecker\bin\npFFApi.dll File not found
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Programme\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Programme\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Programme\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~4\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~4\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8117.0416: C:\Programme\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nosltd.com/getPlus+(R),version=1.6.2.91: C:\Programme\NOS\bin\np_gp.dll (NOS Microsystems Ltd.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Programme\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Programme\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Programme\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKLM\Software\MozillaPlugins\adobe.com/AdobeAAMDetect: C:\Programme\Gemeinsame Dateien\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll (Adobe Systems)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\fmconverter@gmail.com: C:\Programme\Freemake\Freemake Video Converter\BrowserPlugin\Firefox\ [2012.09.15 16:35:38 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Programme\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2012.01.06 10:18:52 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{FFB96CC1-7EB3-449D-B827-DB661701C6BB}: C:\Programme\CheckPoint\ZAForceField\TrustChecker
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Components: C:\Programme\Mozilla Firefox\components [2012.08.14 16:13:06 | 000,000,000 | ---D | M]
[2011.11.01 07:45:08 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\Chesspower\Anwendungsdaten\Mozilla\Extensions
[2010.02.24 18:41:47 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\Chesspower\Anwendungsdaten\Mozilla\Extensions\home2@tomtom.com
[2010.02.17 20:03:05 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\Chesspower\Anwendungsdaten\Mozilla\Extensions\mozswing@mozswing.org
[2012.09.15 14:57:06 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\Chesspower\Anwendungsdaten\Mozilla\Firefox\Profiles\v77mquqc.default\extensions
[2012.09.15 11:55:23 | 000,000,000 | ---D | M] ("Free YouTube Download (Free Studio) Menu") -- C:\Dokumente und Einstellungen\Chesspower\Anwendungsdaten\Mozilla\Firefox\Profiles\v77mquqc.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
[2012.08.14 17:04:55 | 000,073,384 | ---- | M] () (No name found) -- C:\Dokumente und Einstellungen\Chesspower\Anwendungsdaten\Mozilla\Firefox\Profiles\v77mquqc.default\extensions\{6bdc61ae-7b80-44a3-9476-e1d121ec2238}.xpi
[2012.08.14 16:59:05 | 000,741,958 | ---- | M] () (No name found) -- C:\Dokumente und Einstellungen\Chesspower\Anwendungsdaten\Mozilla\Firefox\Profiles\v77mquqc.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2012.09.15 12:27:46 | 000,002,455 | ---- | M] () -- C:\Dokumente und Einstellungen\Chesspower\Anwendungsdaten\Mozilla\Firefox\Profiles\v77mquqc.default\searchplugins\Web Search.xml
[2012.08.14 16:13:06 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
[2012.07.14 01:15:45 | 000,136,672 | ---- | M] (Mozilla Foundation) -- C:\Programme\mozilla firefox\components\browsercomps.dll
[2012.07.14 01:45:08 | 000,001,392 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012.07.14 01:45:08 | 000,002,252 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\bing.xml
[2012.07.14 01:45:08 | 000,001,153 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\eBay-de.xml
[2012.07.14 01:45:08 | 000,006,805 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\leo_ende_de.xml
[2012.07.14 01:45:08 | 000,001,178 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\wikipedia-de.xml
[2012.07.14 01:45:07 | 000,001,105 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\yahoo-de.xml
========== Chrome ==========
CHR - homepage: hxxp://de.wikipedia.org/wiki/Wikipedia:Hauptseite
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}&sugkey={google:suggestAPIKeyParameter},
CHR - homepage: hxxp://de.wikipedia.org/wiki/Wikipedia:Hauptseite
CHR - plugin: Shockwave Flash (Enabled) = C:\Programme\Google\Chrome\Application\23.0.1271.64\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Programme\Google\Chrome\Application\23.0.1271.64\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Programme\Google\Chrome\Application\23.0.1271.64\pdf.dll
CHR - plugin: Freemake np-plugin for google chrome (Enabled) = C:\Dokumente und Einstellungen\Chesspower\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\jbolfgndggfhhpbnkgnpjkfhinclbigj\1.0.0_0\npFreemake.dll
CHR - plugin: Free Studio (Enabled) = C:\Dokumente und Einstellungen\Chesspower\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp\1.0.0.0_0\np_dvs_plugin.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Programme\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Java Deployment Toolkit 6.0.170.4 (Enabled) = C:\Programme\Java\jre6\bin\new_plugin\npdeploytk.dll
CHR - plugin: Java(TM) Platform SE 6 U19 (Enabled) = C:\Programme\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Programme\Windows Media Player\npdrmv2.dll
CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = C:\Programme\Windows Media Player\npdsplay.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Programme\Windows Media Player\npwmsdrm.dll
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~1\MICROS~4\Office14\NPAUTHZ.DLL
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~1\MICROS~4\Office14\NPSPWRAP.DLL
CHR - plugin: DivX VOD Helper Plug-in (Enabled) = C:\Programme\DivX\DivX OVS Helper\npovshelper.dll
CHR - plugin: DivX Plus Web Player (Enabled) = C:\Programme\DivX\DivX Plus Web Player\npdivx32.dll
CHR - plugin: AdobeAAMDetect (Enabled) = C:\Programme\Gemeinsame Dateien\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll
CHR - plugin: Google Earth Plugin (Enabled) = C:\Programme\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Google Update (Enabled) = C:\Programme\Google\Update\1.3.21.123\npGoogleUpdate3.dll
CHR - plugin: getPlusPlus for Adobe 16291 (Enabled) = C:\Programme\NOS\bin\np_gp.dll
CHR - plugin: Windows Live\u00AE Photo Gallery (Enabled) = C:\Programme\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\WINDOWS\system32\Adobe\Director\np32dsw_1166636.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_4_402_287.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - Extension: Google Translate = C:\Dokumente und Einstellungen\Chesspower\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb\1.2.4_0\
CHR - Extension: Google Drive = C:\Dokumente und Einstellungen\Chesspower\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.2_0\
CHR - Extension: YouTube = C:\Dokumente und Einstellungen\Chesspower\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Adblock Plus = C:\Dokumente und Einstellungen\Chesspower\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.3.1_0\
CHR - Extension: Google-Suche = C:\Dokumente und Einstellungen\Chesspower\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: Stylish = C:\Dokumente und Einstellungen\Chesspower\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\fjnbnpbmkenffdnngjfgmeleoegfcffe\0.10_0\
CHR - Extension: AdBlock = C:\Dokumente und Einstellungen\Chesspower\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.5.47_0\
CHR - Extension: Freemake Video Converter = C:\Dokumente und Einstellungen\Chesspower\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\jbolfgndggfhhpbnkgnpjkfhinclbigj\1.0.0_0\
CHR - Extension: FVD Video Downloader = C:\Dokumente und Einstellungen\Chesspower\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\lfmhcpmkbdkbgbmkjoiopeeegenkdikp\1.4.0_0\
CHR - Extension: DvdVideoSoft Free Youtube Download = C:\Dokumente und Einstellungen\Chesspower\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp\1.0.0.0_0\
CHR - Extension: Mehr Leistung und Videoformate f\u00FCr dein HTML5 \u003Cvideo\u003E = C:\Dokumente und Einstellungen\Chesspower\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm\2.1.2.145_0\
CHR - Extension: ScriptNo = C:\Dokumente und Einstellungen\Chesspower\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\oiigbmnaadbkfbmpbfijlflahbdbdgdf\1.0.6.2_0\
CHR - Extension: Google Mail = C:\Dokumente und Einstellungen\Chesspower\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
CHR - Extension: Black Black Chrome Theme Purple Highlight = C:\Dokumente und Einstellungen\Chesspower\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\pnhjkffljijlebgbmppbgeoikaafbbek\3.4_0\
O1 HOSTS File: ([2011.10.14 15:53:40 | 000,000,030 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 secure.tune-up.com
O2 - BHO: (IE7Pro BHO) - {00011268-E188-40DF-A514-835FCD78B1BF} - D:\Programme\IEPro\IEPro.dll (IE7Pro.com)
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Programme\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Programme\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (WebSpeechBHO Class) - {83A30C59-3A50-49E6-9DAF-4923C4EA3C23} - C:\Programme\Gemeinsame Dateien\WebSpeech.4.0\LgxIEBar.dll (G DATA Software AG)
O2 - BHO: (Windows Live Anmelde-Hilfsprogramm) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Programme\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (Grab Pro) - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - D:\Programme\IEPro\IEProRecorder.dll ()
O3 - HKLM\..\Toolbar: (no name) - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - No CLSID value found.
O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (no name) - {FC2B76FC-2132-4D80-A9A3-1F5C6E49066B} - No CLSID value found.
O3 - HKU\S-1-5-18\..\Toolbar\WebBrowser: (no name) - {FC2B76FC-2132-4D80-A9A3-1F5C6E49066B} - No CLSID value found.
O3 - HKU\S-1-5-21-1837522073-1451763235-2411524056-1006\..\Toolbar\WebBrowser: (no name) - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - No CLSID value found.
O3 - HKU\S-1-5-21-1837522073-1451763235-2411524056-1006\..\Toolbar\WebBrowser: (Grab Pro) - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - D:\Programme\IEPro\IEProRecorder.dll ()
O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\ALCMTR.EXE (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [AsusACPIServer] C:\Programme\EeePC\ACPI\AsAcpiSvr.exe (ASUSTeK Computer Inc.)
O4 - HKLM..\Run: [AsusEPCMonitor] C:\Programme\EeePC\ACPI\AsEPCMon.exe (ASUSTeK Computer Inc.)
O4 - HKLM..\Run: [ETDWare] C:\Programme\Elantech\ETDCTRL.EXE (ELANTECH Devices Corp.)
O4 - HKLM..\Run: [ETDWareDetect] C:\Programme\Elantech\ETDDECT.EXE (ELANTECH Devices Corp.)
O4 - HKU\S-1-5-21-1837522073-1451763235-2411524056-1006..\Run: [AtomSync] D:\Programme\AtomSync\atomsync.exe (EmTec Innovative Software)
O4 - HKU\S-1-5-21-1837522073-1451763235-2411524056-1006..\Run: [TrueCrypt] D:\Programme\TrueCrypt\TrueCrypt.exe (TrueCrypt Foundation)
O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\SuperHybridEngine.lnk = C:\Programme\ASUS\EeePC\Super Hybrid Engine\SuperHybridEngine.exe (ASUSTeK Computer Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutorun = 0
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutorun = 0
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1837522073-1451763235-2411524056-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1837522073-1451763235-2411524056-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O7 - HKU\S-1-5-21-1837522073-1451763235-2411524056-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutorun = 0
O8 - Extra context menu item: Free YouTube Download - C:\Dokumente und Einstellungen\Chesspower\Anwendungsdaten\DVDVideoSoftIEHelpers\freeytvdownloader.htm ()
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Dokumente und Einstellungen\Chesspower\Anwendungsdaten\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O9 - Extra Button: IE7Pro Grab and Drag - {000002a3-84fe-43f1-b958-f2c3ca804f1a} - D:\Programme\IEPro\IEPro.dll (IE7Pro.com)
O9 - Extra 'Tools' menuitem : IE7Pro Grab and Drag - {000002a3-84fe-43f1-b958-f2c3ca804f1a} - D:\Programme\IEPro\IEPro.dll (IE7Pro.com)
O9 - Extra Button: IE7Pro Preferences - {0026439F-A980-4f18-8C95-4F1CBBF9C1D8} - D:\Programme\IEPro\IEPro.dll (IE7Pro.com)
O9 - Extra 'Tools' menuitem : IE7Pro Preferences - {0026439F-A980-4f18-8C95-4F1CBBF9C1D8} - D:\Programme\IEPro\IEPro.dll (IE7Pro.com)
O9 - Extra Button: WebSpeech - {1CE4DE72-7FCC-4eb8-8F66-AE6A56A0A54D} - C:\Programme\Gemeinsame Dateien\WebSpeech.4.0\LgxIEBar.dll (G DATA Software AG)
O9 - Extra 'Tools' menuitem : Seite/Markierung vorlesen (WebSpeech) - {1CE4DE72-7FCC-4eb8-8F66-AE6A56A0A54D} - C:\Programme\Gemeinsame Dateien\WebSpeech.4.0\LgxIEBar.dll (G DATA Software AG)
O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra Button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - Reg Error: Value error. File not found
O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - Reg Error: Value error. File not found
O15 - HKU\S-1-5-21-1837522073-1451763235-2411524056-1006\..Trusted Domains: bol.de ([ssl] https in Vertrauenswürdige Sites)
O15 - HKU\S-1-5-21-1837522073-1451763235-2411524056-1006\..Trusted Domains: diplompsychopath.de ([www] http in Vertrauenswürdige Sites)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_19-windows-i586.cab (Java Plug-in 1.6.0_19)
O16 - DPF: {CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_19-windows-i586.cab (Java Plug-in 1.6.0_19)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_19-windows-i586.cab (Java Plug-in 1.6.0_19)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (get_atlcom Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{E8590F2B-3C27-43D3-B287-CE6F480E4C98}: DhcpNameServer = 192.168.178.1
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18 - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O24 - Desktop Components:0 (Die derzeitige Homepage) - About========== Files/Folders - Created Within 30 Days ==========
[2012.11.22 13:57:39 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Dokumente und Einstellungen\Chesspower\Desktop\OTL.exe
[2012.11.20 16:44:15 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Chesspower\Desktop\Reinigungs Tools Trojaner Board
[2012.11.12 02:04:38 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Chesspower\Anwendungsdaten\TuneUp Software
[2012.11.12 02:04:38 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TuneUp Software
[2012.11.12 01:52:59 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Google Chrome
[2012.11.11 23:07:26 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TuneUp Software-BackupByTuneUpPortable
[2012.11.11 23:07:25 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Chesspower\Anwendungsdaten\TuneUp Software-BackupByTuneUpPortable
[2012.11.08 15:10:21 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Chesspower\Desktop\Neue PDF-Bücher
[2012.11.06 16:42:28 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Chesspower\.kde
[2012.11.02 19:14:20 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\FreeCommander
[2012.11.02 19:14:18 | 000,000,000 | ---D | C] -- C:\Programme\FreeCommander
[2007.08.13 16:46:00 | 000,102,912 | ---- | C] (Albert L Faber) -- C:\Dokumente und Einstellungen\Chesspower\Lokale Einstellungen\Anwendungsdaten\CDRip.dll
[2007.01.18 20:09:54 | 000,623,616 | ---- | C] (Ivan Bischof ©2003 - 2005) -- C:\Dokumente und Einstellungen\Chesspower\Lokale Einstellungen\Anwendungsdaten\No23 Recorder.exe
[2006.12.11 18:13:14 | 000,013,872 | ---- | C] (Un4seen Developments) -- C:\Dokumente und Einstellungen\Chesspower\Lokale Einstellungen\Anwendungsdaten\basscd.dll
[2006.12.11 18:13:12 | 000,097,336 | ---- | C] (Un4seen Developments) -- C:\Dokumente und Einstellungen\Chesspower\Lokale Einstellungen\Anwendungsdaten\bass.dll
[2 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2012.11.22 16:24:00 | 000,001,098 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2012.11.22 14:46:00 | 000,000,884 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2012.11.22 13:57:50 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Dokumente und Einstellungen\Chesspower\Desktop\OTL.exe
[2012.11.22 09:09:46 | 000,001,094 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2012.11.22 09:09:44 | 000,000,021 | ---- | M] () -- C:\WINDOWS\S.dirmngr
[2012.11.22 09:09:36 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2012.11.22 09:09:30 | 1064,493,056 | -HS- | M] () -- C:\hiberfil.sys
[2012.11.21 21:40:25 | 000,134,278 | ---- | M] () -- C:\Dokumente und Einstellungen\Chesspower\Desktop\Papierkorbanwendung-Meldung.JPG
[2012.11.20 15:50:12 | 000,091,136 | ---- | M] () -- C:\Dokumente und Einstellungen\Chesspower\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012.11.20 02:00:12 | 000,000,356 | ---- | M] () -- C:\WINDOWS\tasks\AdobeAAMUpdater-1.0-NETBOOK-Chesspower.job
[2012.11.17 08:32:55 | 003,707,368 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2012.11.16 16:47:44 | 000,543,502 | ---- | M] () -- C:\WINDOWS\System32\perfh007.dat
[2012.11.16 16:47:44 | 000,515,764 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2012.11.16 16:47:44 | 000,112,588 | ---- | M] () -- C:\WINDOWS\System32\perfc007.dat
[2012.11.16 16:47:44 | 000,093,714 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2012.11.16 16:14:52 | 000,001,393 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2012.11.15 12:45:34 | 000,060,396 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\dudenbib.wav
[2012.11.14 01:22:23 | 000,002,262 | ---- | M] () -- C:\WINDOWS\Sandboxie.ini
[2012.11.12 02:31:40 | 000,000,245 | -HS- | M] () -- C:\boot.ini
[2012.11.11 20:48:13 | 000,001,324 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2012.11.02 19:14:24 | 000,000,726 | ---- | M] () -- C:\Dokumente und Einstellungen\Chesspower\Desktop\FreeCommander.lnk
[2012.10.28 13:16:25 | 000,000,648 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\ Malwarebytes Anti-Malware .lnk
[2 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
========== Files Created - No Company Name ==========
[2012.11.22 09:09:44 | 000,000,021 | ---- | C] () -- C:\WINDOWS\S.dirmngr
[2012.11.21 21:38:03 | 000,134,278 | ---- | C] () -- C:\Dokumente und Einstellungen\Chesspower\Desktop\Papierkorbanwendung-Meldung.JPG
[2012.11.16 16:14:50 | 000,001,393 | ---- | C] () -- C:\WINDOWS\imsins.BAK
[2012.11.11 21:15:27 | 1064,493,056 | -HS- | C] () -- C:\hiberfil.sys
[2012.11.02 19:14:24 | 000,000,726 | ---- | C] () -- C:\Dokumente und Einstellungen\Chesspower\Desktop\FreeCommander.lnk
[2012.10.28 13:16:25 | 000,000,648 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\ Malwarebytes Anti-Malware .lnk
[2012.09.22 21:06:07 | 003,707,368 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2012.09.08 00:07:07 | 000,001,654 | ---- | C] () -- C:\Dokumente und Einstellungen\Chesspower\Lokale Einstellungen\Anwendungsdaten\RecConfig.xml
[2012.08.31 17:56:49 | 000,000,580 | ---- | C] () -- C:\WINDOWS\bowili50.ini
[2012.06.29 14:38:32 | 000,000,020 | ---- | C] () -- C:\WINDOWS\mafosav.INI
[2012.06.29 14:14:25 | 000,000,038 | ---- | C] () -- C:\WINDOWS\TETRIS.INI
[2012.05.03 03:54:46 | 000,042,392 | ---- | C] () -- C:\WINDOWS\System32\xfcodec.dll
[2011.12.14 09:13:41 | 000,002,262 | ---- | C] () -- C:\WINDOWS\Sandboxie.ini
[2011.12.05 08:40:31 | 000,055,808 | ---- | C] () -- C:\WINDOWS\System32\zlib1.dll
[2011.12.01 22:54:07 | 000,180,224 | ---- | C] () -- C:\WINDOWS\System32\WinVd32.sys
[2011.12.01 22:53:58 | 000,007,680 | ---- | C] () -- C:\WINDOWS\System32\WinFLsrv.exe
[2011.10.01 06:27:39 | 003,939,799 | ---- | C] () -- C:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\Anwendungsdaten\WPFFontCache_v0400-S-1-5-21-1837522073-1451763235-2411524056-1006-0.dat
[2011.10.01 06:27:36 | 000,491,478 | ---- | C] () -- C:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\Anwendungsdaten\WPFFontCache_v0400-System.dat
[2011.09.24 01:18:25 | 000,060,396 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\dudenbib.wav
[2011.09.13 20:23:33 | 000,000,038 | ---- | C] () -- C:\WINDOWS\avisplitter.ini
[2011.09.13 20:23:29 | 000,074,752 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2011.06.25 21:19:29 | 000,004,096 | ---- | C] () -- C:\WINDOWS\d3dx.dat
[2011.06.25 17:18:30 | 000,182,272 | ---- | C] () -- C:\WINDOWS\patchw32.dll
[2011.06.12 09:30:25 | 000,000,613 | ---- | C] () -- C:\WINDOWS\eReg.dat
[2011.04.23 16:30:16 | 000,000,064 | ---- | C] () -- C:\WINDOWS\System32\rp_stats.dat
[2011.04.23 16:30:16 | 000,000,044 | ---- | C] () -- C:\WINDOWS\System32\rp_rules.dat
[2011.04.08 23:00:41 | 000,000,209 | ---- | C] () -- C:\WINDOWS\AVerText.ini
[2011.04.08 22:41:08 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\AVerIO.dll
[2011.04.08 22:41:08 | 000,003,456 | ---- | C] () -- C:\WINDOWS\System32\AVerIO.sys
[2011.04.08 22:41:02 | 000,290,816 | ---- | C] () -- C:\WINDOWS\System32\sptlib22.dll
[2011.04.08 22:41:01 | 000,598,016 | ---- | C] () -- C:\WINDOWS\System32\sptlib21.dll
[2011.04.08 22:41:01 | 000,307,200 | ---- | C] () -- C:\WINDOWS\System32\sptlib01.dll
[2011.04.08 22:41:01 | 000,294,912 | ---- | C] () -- C:\WINDOWS\System32\sptlib11.dll
[2011.04.08 22:41:01 | 000,249,856 | ---- | C] () -- C:\WINDOWS\System32\sptlib03.dll
[2011.04.08 22:41:01 | 000,225,280 | ---- | C] () -- C:\WINDOWS\System32\sptlib02.dll
[2011.04.08 22:41:01 | 000,135,168 | ---- | C] () -- C:\WINDOWS\System32\sptlib12.dll
[2011.03.17 06:37:49 | 000,001,324 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2011.03.16 18:51:31 | 000,018,752 | ---- | C] () -- C:\WINDOWS\System32\drivers\CPen.sys
[2011.01.19 21:52:25 | 000,000,000 | ---- | C] () -- C:\WINDOWS\CPC10QA4.INI
[2010.12.29 16:23:10 | 000,363,520 | ---- | C] () -- C:\WINDOWS\System32\PsisDecd.dll
[2010.12.22 08:16:24 | 000,000,041 | -HS- | C] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\.zreglib
[2010.12.22 08:10:04 | 000,000,072 | ---- | C] () -- C:\WINDOWS\GLASAUTO.INI
[2010.12.20 18:24:06 | 000,000,984 | ---- | C] () -- C:\WINDOWS\STA2.ini
[2010.12.20 11:58:39 | 000,000,740 | ---- | C] () -- C:\WINDOWS\EF2.INI
[2010.12.20 09:27:05 | 000,001,066 | ---- | C] () -- C:\WINDOWS\EF.ini
[2010.12.20 06:12:58 | 000,000,969 | ---- | C] () -- C:\WINDOWS\STBC.ini
[2010.12.19 21:44:31 | 000,056,320 | ---- | C] () -- C:\WINDOWS\System32\iyvu9_32.dll
[2010.12.19 20:26:53 | 000,162,432 | ---- | C] () -- C:\WINDOWS\System32\drivers\ithsgt.sys
[2010.12.19 20:26:52 | 000,012,032 | ---- | C] () -- C:\WINDOWS\System32\drivers\lilsgt.sys
[2009.12.17 18:53:43 | 000,091,136 | ---- | C] () -- C:\Dokumente und Einstellungen\Chesspower\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009.12.17 17:14:34 | 000,000,143 | ---- | C] () -- C:\Dokumente und Einstellungen\Chesspower\Lokale Einstellungen\Anwendungsdaten\fusioncache.dat
[2007.08.13 16:46:00 | 000,155,136 | ---- | C] () -- C:\Dokumente und Einstellungen\Chesspower\Lokale Einstellungen\Anwendungsdaten\lame_enc.dll
[2006.10.26 00:06:48 | 000,064,000 | ---- | C] () -- C:\Dokumente und Einstellungen\Chesspower\Lokale Einstellungen\Anwendungsdaten\vorbisenc.dll
[2006.10.26 00:06:48 | 000,019,456 | ---- | C] () -- C:\Dokumente und Einstellungen\Chesspower\Lokale Einstellungen\Anwendungsdaten\vorbisfile.dll
[2006.10.26 00:06:46 | 000,143,872 | ---- | C] () -- C:\Dokumente und Einstellungen\Chesspower\Lokale Einstellungen\Anwendungsdaten\vorbis.dll
[2006.10.26 00:06:36 | 000,015,872 | ---- | C] () -- C:\Dokumente und Einstellungen\Chesspower\Lokale Einstellungen\Anwendungsdaten\ogg.dll
[2005.08.23 21:34:06 | 000,029,184 | ---- | C] () -- C:\Dokumente und Einstellungen\Chesspower\Lokale Einstellungen\Anwendungsdaten\no23xwrapper.dll
========== ZeroAccess Check ==========
[2008.08.11 17:46:57 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2008.06.26 09:12:40 | 001,499,136 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\fastprox.dll -- [2009.02.09 11:51:44 | 000,473,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\wbemess.dll -- [2008.04.14 13:00:00 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
========== LOP Check ==========
[2011.12.19 23:47:16 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\AVerTV
[2009.12.21 14:32:41 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\BIFAB
[2011.04.19 16:58:52 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\BOINC
[2009.12.22 14:06:41 | 000,000,000 | -H-D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\CanonBJ
[2009.12.22 14:16:45 | 000,000,000 | -H-D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\CanonIJScan
[2011.11.15 15:24:06 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\CheckPoint
[2010.06.13 09:51:39 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\ChessBase
[2011.10.01 06:22:23 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Duden
[2009.12.17 20:44:46 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\EmTec
[2011.11.29 16:24:16 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Freemake
[2012.06.21 08:01:42 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\GNU
[2012.11.11 20:09:58 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\ICQ
[2011.11.28 10:59:58 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\MAGIX
[2009.12.26 23:48:29 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\page
[2012.09.07 18:36:02 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Pamela
[2011.10.14 20:06:33 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\regid.1986-12.com.adobe
[2011.11.26 17:20:43 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\SecTaskMan
[2011.11.22 10:59:37 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TEMP
[2010.02.24 18:45:05 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TomTom
[2010.01.04 23:40:28 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TrueCrypt
[2012.11.12 02:04:39 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TuneUp Software
[2012.11.11 23:07:26 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TuneUp Software-BackupByTuneUpPortable
[2012.09.15 09:42:37 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\YTD Video Downloader
[2010.03.07 13:26:05 | 000,000,000 | -HSD | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\{D3742F82-1C1A-4DCC-ABBD-0E7C3C0185CC}
[2011.12.01 21:53:14 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Chesspower\Anwendungsdaten\aborange
[2011.11.21 11:28:35 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Chesspower\Anwendungsdaten\ASCOMP Software
[2011.03.16 18:58:04 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Chesspower\Anwendungsdaten\C Technologies
[2009.12.22 14:16:46 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Chesspower\Anwendungsdaten\Canon
[2010.08.07 05:35:54 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Chesspower\Anwendungsdaten\CheckPoint
[2012.09.02 17:07:53 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Chesspower\Anwendungsdaten\ChessBase
[2012.01.25 22:58:53 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Chesspower\Anwendungsdaten\Contact Sheet Generator
[2012.01.06 10:20:02 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Chesspower\Anwendungsdaten\DDMSettings
[2011.10.01 06:27:09 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Chesspower\Anwendungsdaten\Duden
[2012.10.01 17:03:22 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Chesspower\Anwendungsdaten\DVDVideoSoft
[2012.10.01 17:02:58 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Chesspower\Anwendungsdaten\DVDVideoSoftIEHelpers
[2012.11.06 17:15:49 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Chesspower\Anwendungsdaten\gnupg
[2010.11.20 21:20:05 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Chesspower\Anwendungsdaten\GrabPro
[2010.11.21 09:40:03 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Chesspower\Anwendungsdaten\IEPro
[2012.09.16 09:59:27 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Chesspower\Anwendungsdaten\IrfanView
[2011.11.28 10:59:58 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Chesspower\Anwendungsdaten\MAGIX
[2009.12.20 10:18:08 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Chesspower\Anwendungsdaten\MiniDm
[2012.09.07 22:25:15 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Chesspower\Anwendungsdaten\Pamela
[2011.10.18 12:45:46 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Chesspower\Anwendungsdaten\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
[2011.01.01 09:10:49 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Chesspower\Anwendungsdaten\TeamViewer
[2009.12.17 17:29:28 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Chesspower\Anwendungsdaten\Template
[2010.02.24 18:41:27 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Chesspower\Anwendungsdaten\TomTom
[2011.11.25 21:17:50 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Chesspower\Anwendungsdaten\Trillian
[2012.10.30 17:16:13 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Chesspower\Anwendungsdaten\TrueCrypt
[2012.10.31 23:36:22 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Chesspower\Anwendungsdaten\TS3Client
[2012.11.12 02:04:38 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Chesspower\Anwendungsdaten\TuneUp Software
[2012.11.11 23:26:49 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Chesspower\Anwendungsdaten\TuneUp Software-BackupByTuneUpPortable
[2011.02.17 17:30:53 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Chesspower\Anwendungsdaten\Windows Search
[2012.06.21 08:01:43 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\LocalService\Anwendungsdaten\gnupg
[2010.11.16 12:09:03 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\LocalService\Anwendungsdaten\TuneUp Software
========== Purity Check ==========
========== Files - Unicode (All) ==========
[2012.11.17 22:57:29 | 023,642,625 | ---- | M] ()(C:\Dokumente und Einstellungen\Chesspower\Eigene Dateien\Kalinka-Malinka ???????-???????.mp4) -- C:\Dokumente und Einstellungen\Chesspower\Eigene Dateien\Kalinka-Malinka Калинка-Малинка.mp4
[2012.11.17 22:56:40 | 023,642,625 | ---- | C] ()(C:\Dokumente und Einstellungen\Chesspower\Eigene Dateien\Kalinka-Malinka ???????-???????.mp4) -- C:\Dokumente und Einstellungen\Chesspower\Eigene Dateien\Kalinka-Malinka Калинка-Малинка.mp4
========== Alternate Data Streams ==========
@Alternate Data Stream - 95 bytes -> C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TEMP:5C321E34
@Alternate Data Stream - 304 bytes -> C:\Dokumente und Einstellungen\Chesspower\Desktop\Papierkorbanwendung-Meldung.JPG:SummaryInformation
@Alternate Data Stream - 24 bytes -> C:\WINDOWS:7C5E7AAACDC5A5EB
< End of report >
Code:
Alles auswählen Aufklappen ATTFilter
OTL Extras logfile created on: 22.11.2012 16:20:14 - Run 3
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Dokumente und Einstellungen\Chesspower\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
1015,11 Mb Total Physical Memory | 357,11 Mb Available Physical Memory | 35,18% Memory free
2,39 Gb Paging File | 1,74 Gb Available in Paging File | 72,84% Paging File free
Paging file location(s): C:\pagefile.sys 1522 1522 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 79,99 Gb Total Space | 39,30 Gb Free Space | 49,13% Space Free | Partition Type: NTFS
Drive D: | 61,20 Gb Total Space | 29,33 Gb Free Space | 47,93% Space Free | Partition Type: NTFS
Drive E: | 7,20 Gb Total Space | 5,30 Gb Free Space | 73,53% Space Free | Partition Type: FAT32
Computer Name: NETBOOK | User Name: Chesspower | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.html [@ = FirefoxHTML] -- C:\Programme\Mozilla Firefox\firefox.exe (Mozilla Corporation)
[HKEY_USERS\S-1-5-21-1837522073-1451763235-2411524056-1006\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
htmlfile [edit] -- "C:\Programme\Microsoft Office\Office14\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Programme\Microsoft Office\Office14\msohtmed.exe" /p %1 (Microsoft Corporation)
http [open] -- "C:\Programme\Mozilla Firefox\firefox.exe" -osint -url "%1" (Mozilla Corporation)
https [open] -- "C:\Programme\Mozilla Firefox\firefox.exe" -osint -url "%1" (Mozilla Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Programme\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [Bridge] -- D:\Programme\Adobe Photoshop\Adobe Bridge CS5.1\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Programme\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 1
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"C:\Programme\Java\jre6\bin\javaw.exe" = C:\Programme\Java\jre6\bin\javaw.exe:*:Enabled:Java(TM) Platform SE binary -- (Sun Microsystems, Inc.)
"C:\Programme\Trillian\plugins\skypekit.exe" = C:\Programme\Trillian\plugins\skypekit.exe:*:Enabled:skypekit -- ()
"C:\Programme\Trillian\trillian.exe" = C:\Programme\Trillian\trillian.exe:*:Enabled:Trillian -- (Cerulean Studios)
"D:\Programme\Xfire\Xfire.exe" = D:\Programme\Xfire\Xfire.exe:*:Enabled:Xfire -- (Xfire Inc.)
"C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\vbc.exe" = C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\vbc.exe:*:Enabled:Visual Basic Command Line Compiler -- (Microsoft Corporation)
"D:\Programme\SimCity 3000 Deutschland\Apps\Updater\UPDATER.EXE" = D:\Programme\SimCity 3000 Deutschland\Apps\Updater\UPDATER.EXE:*:Disabled:SC3UpdaterMFC -- ()
"C:\Programme\Skype\Phone\Skype.exe" = C:\Programme\Skype\Phone\Skype.exe:*:Enabled:Skype -- (Skype Technologies S.A.)
"D:\Programme\PC Games\Call of Duty 2\CoD2MP_s.exe" = D:\Programme\PC Games\Call of Duty 2\CoD2MP_s.exe:*:Enabled:CoD2MP_s
"D:\Programme\PC Games\Call of Duty\CoDMP.exe" = D:\Programme\PC Games\Call of Duty\CoDMP.exe:*:Enabled:CoDMP
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"(De)Coder_is1" = (De)Coder 4.1 Public Beta 4b
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{02E89EFC-7B07-4D5A-AA03-9EC0902914EE}" = VC 9.0 Runtime
"{0314ED3D-26A7-4F62-86A2-6B23353445E8}" = Star Wars Galactic Battlegrounds: Clone Campaigns
"{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86
"{06F80017-8F98-4C94-B868-52358569FC32}" = Command & Conquer Generals
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{0E5C4DE6-101B-11D6-986D-00500443CF9F}" = Sven Bømwøllen DL
"{0F3647F8-E51D-4FCC-8862-9A8D0C5ACF25}" = Microsoft_VC80_ATL_x86
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MX330_series" = Canon MX330 series MP Drivers
"{134B5C7C-C390-466E-B99E-181C8C057AAA}" = C-Pen Core
"{168DB6F5-0A4E-11D4-A497-444553540000}" = Fritz6
"{19F5658D-92E8-4A08-8657-D38ABB1574B2}" = Asus ACPI Driver
"{1a413f37-ed88-4fec-9666-5c48dc4b7bb7}" = YTD Video Downloader 3.9.2
"{1A637513-CC46-4C3B-8114-1E4F1D71CF42}" = Fritz11 WM Edition
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool
"{22B0E143-2B0B-435B-9F56-136A3D16065F}" = No23 Recorder
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{245F5D2D-6F34-4970-B8D7-D6F3C3C07575}" = ZoneAlarm Firewall
"{26A24AE4-039D-4CA4-87B4-2F83216017FF}" = Java(TM) 6 Update 19
"{3108C217-BE83-42E4-AE9E-A56A2A92E549}" = Atheros Communications Inc.(R) AR8121/AR8113/AR8114 Gigabit/Fast Ethernet Driver
"{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}" = Windows Live Communications Platform
"{34EB6245-C8D0-4D8A-B8D8-EEBFF7A91485}" = Firebird SQL Server - MAGIX Edition
"{350C97B3-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3521BDBD-D453-5D9F-AA55-44B75D214629}" = Adobe Community Help
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3FA365DF-2D68-45ED-8F83-8C8A33E65143}" = Apple Application Support
"{46C045BF-2B3F-4BC4-8E4C-00E0CF8BD9DB}" = Adobe AIR
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{5508128A-2C7B-46B5-81F9-58E8E8115F0B}" = AdblockIE
"{586509F0-350D-48B5-B763-9CC2F8D96C4C}" = Windows Live Sync
"{587178E7-B1DF-494E-9838-FA4DD36E873C}" = ASUSUpdate for Eee PC
"{5A3C1721-F8ED-11E0-8AFB-B8AC6F97B88E}" = Google Earth
"{5C81B189-5456-40C4-9313-7FE6FA6DD64C}" = Office-Bibliothek
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{6D2BBFC7-C0B7-4991-926F-BFC30013512C}" = GEOgraf System Runtime Components
"{6E4DAE31-7CF3-441A-B6E5-B014D63C80CD}" = Eee Instant Key
"{6E554A6F-7BA1-4FCE-ABFA-430A24631111}" = Duden Korrektor Patch 022010
"{70AA9B4F-64F7-4B0D-ADD8-05802D61AF72}" = Windows Live Toolbar
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7FC7AD70-1DF3-4B84-9AA2-4FB680F45572}_is1" = Hex-Editor MX
"{83E2CFA9-E0EB-4E08-9F85-43E577FF3D60}" = Windows Live Anmelde-Assistent
"{850C7BD3-9F3F-46AD-9396-E7985B38C55E}" = Windows Live Fotogalerie
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{88F08F98-12BC-4613-81A2-8F9B88CFC73E}" = Super Hybrid Engine
"{8A74E887-8F0F-4017-AF53-CBA42211AAA5}" = Microsoft Sync Framework Runtime Native v1.0 (x86)
"{8E5233E1-7495-44FB-8DEB-4BE906D59619}" = Junk Mail filter update
"{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}" = TomTom HOME Visual Studio Merge Modules
"{8FC4F1DD-F7FD-4766-804D-3C8FF1D309AF}" = Azurewave Wireless LAN
"{90120000-0020-0407-0000-0000000FF1CE}" = Compatibility Pack für 2007 Office System
"{90140000-0010-0407-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (German) 14
"{90140000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2010
"{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{047B0968-E622-4FAA-9B4B-121FA109EDDE}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2010
"{90140000-0015-0407-0000-0000000FF1CE}_Office14.PROPLUS_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2010
"{90140000-0016-0407-0000-0000000FF1CE}_Office14.PROPLUS_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2010
"{90140000-0018-0407-0000-0000000FF1CE}_Office14.PROPLUS_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2010
"{90140000-0019-0407-0000-0000000FF1CE}_Office14.PROPLUS_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2010
"{90140000-001A-0407-0000-0000000FF1CE}_Office14.PROPLUS_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2010
"{90140000-001B-0407-0000-0000000FF1CE}_Office14.PROPLUS_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2010
"{90140000-001F-0407-0000-0000000FF1CE}_Office14.PROPLUS_{65A2328E-FDFB-4CA3-8582-357EA6825FEA}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-0409-0000-0000000FF1CE}_Office14.PROPLUS_{99ACCA38-6DD3-48A8-96AE-A283C9759279}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-040C-0000-0000000FF1CE}_Office14.PROPLUS_{46298F6A-1E7E-4D4A-B5F5-106A4F0E48C6}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2010
"{90140000-001F-0410-0000-0000000FF1CE}_Office14.PROPLUS_{C0743197-FFEE-4C19-BAEB-8F7437DC4C8A}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2010
"{90140000-002C-0407-0000-0000000FF1CE}_Office14.PROPLUS_{4275FB46-ABDF-4456-876C-17CF64294D9A}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0044-0407-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2010
"{90140000-0044-0407-0000-0000000FF1CE}_Office14.PROPLUS_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2010
"{90140000-006E-0407-0000-0000000FF1CE}_Office14.PROPLUS_{98EDFD9F-EA76-40CC-BCE9-92C69413F65B}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2010
"{90140000-00A1-0407-0000-0000000FF1CE}_Office14.PROPLUS_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00BA-0407-0000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2010
"{90140000-00BA-0407-0000-0000000FF1CE}_Office14.PROPLUS_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{9158FF30-78D7-40EF-B83E-451AC5334640}" = Adobe Photoshop CS5.1
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{933B4015-4618-4716-A828-5289FC03165F}" = VC80CRTRedist - 8.0.50727.6195
"{95120000-00AF-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (German)
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9559F7CA-5E34-4237-A2D9-D856464AD727}" = Project64 1.6
"{96ACE4A4-C769-47D2-9FCE-4F46754857E7}" = ZoneAlarm Security
"{981029E0-7FC9-4CF3-AB39-6F133621921A}" = Skype Toolbars
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9B5D7FA6-9E73-426E-81C4-2C8FE5ACFBEF}" = Duden Korrektor
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}" = Segoe UI
"{A202BDBA-753F-41B9-B649-CFB0B45FC03E}" = Star Wars Galactic Battlegrounds
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A78FE97A-C0C8-49CE-89D0-EDD524A17392}" = PDF Settings CS5
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AAEBA159-3D7A-4C3C-B2EA-35A627506606}" = Fritz11
"{AC76BA86-7AD7-1031-7B44-AA1000000001}" = Adobe Reader X (10.1.4) - Deutsch
"{B1B70A3A-0B76-4188-B9E0-5F166680D41D}" = Rybka 3 Dynamic
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B6D38690-755E-4F40-A35A-23F8BC2B86AC}" = Microsoft_VC90_MFCLOC_x86
"{B975F4A1-63B6-11D4-BFEC-005004AF2D32}" = Monopoly Tycoon
"{BA10AC78-E687-4523-8B93-540428FC256F}" = Fahrenheit
"{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}" = Microsoft Sync Framework Services Native v1.0 (x86)
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C4D738F7-996A-4C81-B8FA-C4E26D767E41}" = Windows Live Mail
"{CAFA57E8-8927-4912-AFCF-B0AA3837E989}" = Windows Live Essentials
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86
"{D1E1F028-1953-43A3-BFD8-D2A00EC06E36}" = ILLUSION RapeLay
"{D2041A37-5FEC-49F0-AE5C-3F2FFDFAA4F4}" = Windows Live Call
"{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86
"{DBA8B9E1-C6FF-4624-9598-73D3B41A0903}" = Microsoft Picture It! Foto Premium 9
"{DBE79C99-F6CA-42B4-A37F-8BCA3BD086F8}" = Logox 4 Professional
"{E0A4805D-280A-4DD7-9E74-3A5F85E302A1}" = Windows Live Writer
"{E2883E8F-472F-4fb0-9522-AC9BF37916A7}" = Adobe Download Manager
"{E28B1E6F-E0AA-4228-AB89-DB4A0C89D426}" = AVerTV
"{E51B4CD9-A0A6-4324-B26A-31B3F2DE26CE}" = Black and White
"{E9F81423-211E-46B6-9AE0-38568BC5CF6F}" =
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.10
"{EF67AE1A-6B31-4C98-91A9-F195D8702150}" = Google Drive
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}" = Visual C++ 2008 x86 Runtime - (v9.0.30729)
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01" = Visual C++ 2008 x86 Runtime - v9.0.30729.01
"{F33B1B21-BFF7-47D6-9047-8BA8357FB44F}" = Rybka 3 Dynamic
"{F6CCD38C-8298-4F7B-91C5-C8DED0B24E5A}" = Fritz 12
"{F750C986-5310-3A5A-95F8-4EC71C8AC01C}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"{FF895069-BD9A-11D5-986D-00500443CF9F}" = Moorhuhn 3 DL
"aborange Crypter_is1" = aborange Crypter - Deinstallation
"Access 97rt PAN EURO G" = Access 97rt PAN EURO G
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.6
"AtomSync" = AtomSync
"Audacity_is1" = Audacity 1.2.6
"AVerMedia A835 USB TV Tuner" = AVerMedia A835 USB TV Tuner 8.0.0.43
"Bridge Commander" = Star Trek Bridge Commander
"Canon LBP2900" = Canon LBP2900
"Canon MX330 series Benutzerregistrierung" = Canon MX330 series Benutzerregistrierung
"CanonMyPrinter" = Canon Utilities My Printer
"CanonSolutionMenu" = Canon Utilities Solution Menu
"CCleaner" = CCleaner
"CD890B33C151F0A9940A3982594354969B729745" = Windows-Treiberpaket - C Technologies AB (CPen) Input Pen (02/22/2010 3.0.0.2)
"Celestia_is1" = Celestia 1.6.0
"chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Community Help
"CloneCD" = CloneCD
"D-i-v-X - AVI Codec Pack Pro" = D-i-v-X AVI Codec Pack Pro 2.4.0
"DivX Setup" = DivX-Setup
"Easy-PhotoPrint EX" = Canon Utilities Easy-PhotoPrint EX
"EAX(tm) Unified (SHELL)" = EAX(tm) Unified (SHELL)
"Elantech" = ETDWare PS/2-x86 7.0.3.8 WHQL 03Sep08
"Elite Force" = Elite Force
"Emperor" = Emperor - Schlacht um Dune
"FINAL FANTASY VIII" = FINAL FANTASY VIII
"Free YouTube Download_is1" = Free YouTube Download version 3.1.37.918
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.11.31.917
"FreeCommander_is1" = FreeCommander 2009.02b
"Freemake Video Converter_is1" = Freemake Video Converter Version 3.1.1
"Gehirnjogging - Special Edition" = Gehirnjogging - Special Edition
"Gehirnjogging 2" = Gehirnjogging 2
"Google Chrome" = Google Chrome
"GPG4Win" = Gpg4win (2.1.0)
"HDMI" = Intel(R) Graphics Media Accelerator Driver
"IE7Pro" = IE7Pro
"IE7ProSpellCheckDictionary_is1" = Spelling Check Dictionary From OpenOffice.org
"ie8" = Windows Internet Explorer 8
"InstallShield_{06F80017-8F98-4C94-B868-52358569FC32}" = Command & Conquer Generals
"InstallShield_{E28B1E6F-E0AA-4228-AB89-DB4A0C89D426}" = AVerTV
"IrfanView" = IrfanView (remove only)
"JDownloader" = JDownloader
"KLiteCodecPack_is1" = K-Lite Mega Codec Pack 7.7.0
"lgx4.lgx.server" = G DATA Logox 4 Speechengine
"LHTTSENG" = L&H TTS3000 British English
"LHTTSGED" = L&H TTS3000 Deutsch
"LucasArts' Rogue Squadron" = LucasArts Rogue Squadron
"LucasArts' Shadows of the Empire (full game)" = LucasArts' Shadows of the Empire (full game)
"LucasArts' Star Wars: Episode I Racer" = LucasArts Star Wars: Episode I Racer
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.65.1.1000
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Moorhuhn Winter-Edition" = Moorhuhn Winter-Edition
"Mozilla Firefox 14.0.1 (x86 de)" = Mozilla Firefox 14.0.1 (x86 de)
"MP Navigator EX 2.1" = Canon MP Navigator EX 2.1
"Office14.PROPLUS" = Microsoft Office Professional Plus 2010
"OpenAL" = OpenAL
"Pamela" = Pamela Pro 4.8
"PC-Fahrschule" = PC-Fahrschule
"PictureIt_v9" = Microsoft Picture It! Foto Premium 9
"Recuva" = Recuva
"Red Alert 2" = Command & Conquer Alarmstufe Rot 2
"Sandboxie" = Sandboxie 3.74 (32-bit)
"Secure Eraser_is1" = Secure Eraser v4.0
"SimCity 3000 Deutschland" = SimCity 3000 Deutschland
"SpywareBlaster_is1" = SpywareBlaster 4.4
"Star Trek Armada II" = Star Trek Armada II
"Star Trek Elite Force II" = Star Trek Elite Force II
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"TeamViewer 6" = TeamViewer 6
"TomTom HOME" = TomTom HOME 2.8.3.2499
"Trillian" = Trillian
"TrueCrypt" = TrueCrypt
"tv_enua" = Lernout & Hauspie TruVoice American English TTS Engine
"Unlocker" = Unlocker 1.9.1
"VeryPDF PDF2Word v3.0_is1" = VeryPDF PDF2Word v3.0
"VLC media player" = VLC media player 1.1.11
"Warzone 2100" = Warzone 2100
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinRAR archiver" = WinRAR 4.20 (32-Bit)
"WOLAPI" = Gemeinsam genutzte Internet-Komponenten von Westwood
"ws4.webspeech" = G DATA WebSpeech 4
"Xfire" = Xfire (remove only)
"Yuri's Revenge" = Command && Conquer Alarmstufe Rot 2 - Yuris Rache
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-1837522073-1451763235-2411524056-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"TeamSpeak 3 Client" = TeamSpeak 3 Client
========== Last 20 Event Log Errors ==========
[ AKG_DGMNet Events ]
Error - 10.03.2011 11:22:15 | Computer Name = NETBOOK | Source = AKG_DGMNet | ID = 0
Description = There was an error generating the XML document.
Error - 10.03.2011 11:22:15 | Computer Name = NETBOOK | Source = AKG_DGMNet | ID = 0
Description = at System.Xml.Serialization.XmlSerializer.Serialize(XmlWriter xmlWriter,
Object o, XmlSerializerNamespaces namespaces, String encodingStyle, String id)
at System.Xml.Serialization.XmlSerializer.Serialize(TextWriter textWriter, Object
o, XmlSerializerNamespaces namespaces) at System.Xml.Serialization.XmlSerializer.Serialize(TextWriter
textWriter, Object o) at AKG_DGMNet.DGMVerwaltung.UCVerwaltung.Serialize(String
FileName)
[ Application Events ]
Error - 22.09.2012 15:29:18 | Computer Name = NETBOOK | Source = Application Error | ID = 1000
Description = Fehlgeschlagene Anwendung drwtsn32.exe, Version 5.1.2600.0, fehlgeschlagenes
Modul dbghelp.dll, Version 5.1.2600.5512, Fehleradresse 0x0001295d.
Error - 22.09.2012 15:29:22 | Computer Name = NETBOOK | Source = Application Error | ID = 1001
Description = Fehlerhafter Speicherbereich 223874319.
Error - 22.09.2012 15:30:41 | Computer Name = NETBOOK | Source = Application Hang | ID = 1002
Description = Stillstehende Anwendung explorer.exe, Version 6.0.2900.5512, Stillstandmodul
hungapp, Version 0.0.0.0, Stillstandadresse 0x00000000.
Error - 22.09.2012 15:30:42 | Computer Name = NETBOOK | Source = Application Hang | ID = 1002
Description = Stillstehende Anwendung explorer.exe, Version 6.0.2900.5512, Stillstandmodul
hungapp, Version 0.0.0.0, Stillstandadresse 0x00000000.
Error - 22.09.2012 15:30:52 | Computer Name = NETBOOK | Source = Application Hang | ID = 1001
Description = Fehlerhafter Speicherbereich 734037209.
Error - 15.10.2012 14:17:51 | Computer Name = NETBOOK | Source = Application Hang | ID = 1002
Description = Stillstehende Anwendung mbam.exe, Version 1.62.0.87, Stillstandmodul
hungapp, Version 0.0.0.0, Stillstandadresse 0x00000000.
Error - 15.10.2012 15:00:12 | Computer Name = NETBOOK | Source = Application Error | ID = 1000
Description = Fehlgeschlagene Anwendung oneclickstarter.exe, Version 9.0.3000.52,
fehlgeschlagenes Modul kernel32.dll, Version 5.1.2600.5781, Fehleradresse 0x00012afb.
Error - 11.11.2012 19:23:02 | Computer Name = NETBOOK | Source = Userenv | ID = 1512
Description = Die Registrierungsdatei konnte nicht entladen werden. Der für die
Registrierung verwendete Arbeitsspeicher wurde nicht freigegeben. Dies wird oft
durch Dienste verursacht, die unter einem Benutzerkonto ausgeführt werden. Versuchen
Sie die Dienste entweder unter dem Konto "LocalService" oder "NetworkService" auszuführen.
Wenden Sie sich an den Netzwerkadministrator, wenn das Problem weiterhin besteht.
Details - Nicht genügend Systemressourcen, um den angeforderten Dienst auszuführen.
Error - 12.11.2012 16:34:29 | Computer Name = NETBOOK | Source = Application Hang | ID = 1002
Description = Stillstehende Anwendung tbb-firefox.exe, Version 10.0.10.4681, Stillstandmodul
hungapp, Version 0.0.0.0, Stillstandadresse 0x00000000.
Error - 20.11.2012 10:41:29 | Computer Name = NETBOOK | Source = Application Hang | ID = 1002
Description = Stillstehende Anwendung Undelete.exe, Version 12.0.3010.5, Stillstandmodul
hungapp, Version 0.0.0.0, Stillstandadresse 0x00000000.
[ System Events ]
Error - 21.11.2012 16:09:47 | Computer Name = NETBOOK | Source = Service Control Manager | ID = 7026
Description = Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
Lbd
Error - 21.11.2012 18:36:11 | Computer Name = NETBOOK | Source = Ftdisk | ID = 262193
Description = Die Konfiguration der Auslagerungsdatei für das Speicherabbild ist
fehlgeschlagen. Stellen Sie sicher, dass eine Auslagerungsdatei auf der Startpartition
vorhanden ist und dass diese groß genug ist, um den gesamten physikalischen Speicher
abbilden zu können.
Error - 21.11.2012 18:36:19 | Computer Name = NETBOOK | Source = Service Control Manager | ID = 7000
Description = Der Dienst "TrueVector Internet Monitor" wurde aufgrund folgenden
Fehlers nicht gestartet: %%3
Error - 21.11.2012 18:36:19 | Computer Name = NETBOOK | Source = Service Control Manager | ID = 7000
Description = Der Dienst "ZoneAlarm Toolbar ISWKL" wurde aufgrund folgenden Fehlers
nicht gestartet: %%3
Error - 21.11.2012 18:36:22 | Computer Name = NETBOOK | Source = Service Control Manager | ID = 7026
Description = Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
Lbd
Error - 21.11.2012 18:36:40 | Computer Name = NETBOOK | Source = PlugPlayManager | ID = 12
Description = Das Gerät "Atheros AR5007EG Wireless Network Adapter" (PCI\VEN_168C&DEV_001C&SUBSYS_10261A3B&REV_01\4&37028e5f&0&00E3)
wurde ohne vorbereitende Maßnahmen vom System entfernt.
Error - 22.11.2012 04:09:57 | Computer Name = NETBOOK | Source = Ftdisk | ID = 262193
Description = Die Konfiguration der Auslagerungsdatei für das Speicherabbild ist
fehlgeschlagen. Stellen Sie sicher, dass eine Auslagerungsdatei auf der Startpartition
vorhanden ist und dass diese groß genug ist, um den gesamten physikalischen Speicher
abbilden zu können.
Error - 22.11.2012 04:10:05 | Computer Name = NETBOOK | Source = Service Control Manager | ID = 7000
Description = Der Dienst "TrueVector Internet Monitor" wurde aufgrund folgenden
Fehlers nicht gestartet: %%3
Error - 22.11.2012 04:10:05 | Computer Name = NETBOOK | Source = Service Control Manager | ID = 7000
Description = Der Dienst "ZoneAlarm Toolbar ISWKL" wurde aufgrund folgenden Fehlers
nicht gestartet: %%3
Error - 22.11.2012 04:10:07 | Computer Name = NETBOOK | Source = Service Control Manager | ID = 7026
Description = Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
Lbd
[ TuneUp Events ]
Error - 16.11.2010 17:07:09 | Computer Name = NETBOOK | Source = TuneUp.UtilitiesSvc | ID = 300
Description =
Error - 16.11.2010 17:07:09 | Computer Name = NETBOOK | Source = TuneUp.UtilitiesSvc | ID = 300
Description =
Error - 16.11.2010 18:07:11 | Computer Name = NETBOOK | Source = TuneUp.UtilitiesSvc | ID = 300
Description =
Error - 16.11.2010 18:07:12 | Computer Name = NETBOOK | Source = TuneUp.UtilitiesSvc | ID = 300
Description =
Error - 16.11.2010 18:07:12 | Computer Name = NETBOOK | Source = TuneUp.UtilitiesSvc | ID = 300
Description =
Error - 01.12.2011 19:25:00 | Computer Name = NETBOOK | Source = TuneUp.UtilitiesSvc | ID = 300
Description =
< End of report >
Geändert von Chesspower88 (22.11.2012 um 17:24 Uhr)
Grund: Info gefunden.
21.11.2012, 16:17
Ich habe die Version von einem Freund und die nennt sich TuneUp Portable. Keine Ahnung, ob diese gecrackt ist. Sie funktioniert aber. Tut aber jetzt nichts zur Sache. 
Linear-Darstellung
