| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Meldung beim Start von XP - yise.ero nicht gefunden.Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
28.08.2010, 21:22
| #1 |
| |  Meldung beim Start von XP - yise.ero nicht gefunden. Servus nach mehrere Tagen und versuchen kamm immer wieder der Meldung das RUNDLL ein file suchte - yise.ero. Meine Recherchen im netz hat ergeben das es was böses ist  Heute habe ich alles so getan wie ihr es beschriebt. Scheint geholfen zu haben da die Meldung nicht mehr kommt.  So dann Danke ich schon mal ganz artig und viel. Kann ich diesen defogger wieder aktivieren? hier die Daten: Malwarebytes' Anti-Malware 1.46 www.malwarebytes.org Datenbank Version: 4495 Windows 5.1.2600 Service Pack 3 Internet Explorer 8.0.6001.18702 28.08.2010 21:02:15 mbam-log-2010-08-28 (21-02-15).txt Art des Suchlaufs: Quick-Scan Durchsuchte Objekte: 151394 Laufzeit: 10 Minute(n), 37 Sekunde(n) Infizierte Speicherprozesse: 0 Infizierte Speichermodule: 0 Infizierte Registrierungsschlüssel: 1 Infizierte Registrierungswerte: 0 Infizierte Dateiobjekte der Registrierung: 1 Infizierte Verzeichnisse: 0 Infizierte Dateien: 0 Infizierte Speicherprozesse: (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_ASPIMGR (Trojan.Agent) -> Quarantined and deleted successfully. Infizierte Registrierungswerte: (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Shell (Hijack.Shell) -> Bad: (Explorer.exe rundll32.exe yise.ero mpgyjp) Good: (Explorer.exe) -> Quarantined and deleted successfully. Infizierte Verzeichnisse: (Keine bösartigen Objekte gefunden) Infizierte Dateien: (Keine bösartigen Objekte gefunden) defogger_disable by jpshortstuff (23.02.10.1) Log created at 21:11 on 28/08/2010 (Scott Fountain) Checking for autostart values... HKCU\~\Run values retrieved. HKLM\~\Run values retrieved. Checking for services/drivers... OTL Logfile: Code:
ATTFilter OTL logfile created on: 28.08.2010 21:52:28 - Run 1 OTL by OldTimer - Version 3.2.11.0 Folder = C:\Dokumente und Einstellungen\Scott Fountain\Desktop\MFTools Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 1.023,00 Mb Total Physical Memory | 496,00 Mb Available Physical Memory | 49,00% Memory free 2,00 Gb Paging File | 1,00 Gb Available in Paging File | 68,00% Paging File free Paging file location(s): C:\pagefile.sys 768 1536 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme Drive C: | 89,46 Gb Total Space | 26,94 Gb Free Space | 30,11% Space Free | Partition Type: NTFS Drive D: | 19,95 Gb Total Space | 18,15 Gb Free Space | 90,99% Space Free | Partition Type: NTFS Drive E: | 2,38 Gb Total Space | 0,38 Gb Free Space | 15,89% Space Free | Partition Type: FAT32 F: Drive not present or media not loaded G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: AUTOPRO Current User Name: Scott Fountain Logged in as Administrator. Current Boot Mode: Normal Scan Mode: Current user Company Name Whitelist: On Skip Microsoft Files: On File Age = 90 Days Output = Standard Quick Scan ========== Processes (SafeList) ========== PRC - [2010.08.28 20:38:33 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Dokumente und Einstellungen\Scott Fountain\Desktop\MFTools\OTL.exe PRC - [2010.05.26 15:35:18 | 000,493,032 | ---- | M] (Check Point Software Technologies) -- C:\Programme\CheckPoint\ZAForceField\ISWSVC.exe PRC - [2010.05.26 13:05:04 | 002,437,176 | ---- | M] (Check Point Software Technologies LTD) -- C:\WINDOWS\system32\ZoneLabs\vsmon.exe PRC - [2010.05.26 13:03:36 | 001,043,968 | ---- | M] (Check Point Software Technologies LTD) -- C:\Programme\Zone Labs\ZoneAlarm\zlclient.exe PRC - [2010.05.14 11:44:46 | 000,248,552 | ---- | M] (Sun Microsystems, Inc.) -- C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe PRC - [2010.04.22 15:30:11 | 000,541,192 | ---- | M] (Star Finanz - Software Entwicklung und Vertriebs GmbH) -- C:\Programme\StarMoney 7.0\ouservice\StarMoneyOnlineUpdate.exe PRC - [2010.01.08 02:36:58 | 000,974,848 | ---- | M] (Spigot, Inc.) -- C:\Programme\pdfforge Toolbar\SearchSettings.exe PRC - [2010.01.08 01:51:02 | 000,380,928 | ---- | M] (Spigot, Inc.) -- C:\Programme\Application Updater\ApplicationUpdater.exe PRC - [2009.11.19 23:29:16 | 000,623,960 | ---- | M] (Research In Motion Limited) -- C:\Programme\Gemeinsame Dateien\Research In Motion\Auto Update\RIMAutoUpdate.exe PRC - [2009.11.19 17:20:08 | 000,480,368 | ---- | M] (Auslogics) -- C:\Programme\Auslogics\Auslogics BoostSpeed\BoostSpeed.exe PRC - [2009.07.21 15:34:28 | 000,185,089 | ---- | M] (Avira GmbH) -- C:\Programme\Avira\AntiVir Desktop\avguard.exe PRC - [2009.05.13 17:48:18 | 000,108,289 | ---- | M] (Avira GmbH) -- C:\Programme\Avira\AntiVir Desktop\sched.exe PRC - [2009.03.02 14:08:43 | 000,209,153 | ---- | M] (Avira GmbH) -- C:\Programme\Avira\AntiVir Desktop\avgnt.exe PRC - [2008.11.07 17:43:36 | 000,809,488 | ---- | M] (Logitech, Inc.) -- C:\Programme\Logitech\SetPoint\SetPoint.exe PRC - [2008.11.07 17:39:36 | 000,076,304 | ---- | M] (Logitech, Inc.) -- C:\Programme\Gemeinsame Dateien\Logishrd\KHAL2\KHALMNPR.exe PRC - [2008.10.24 15:35:44 | 000,128,296 | ---- | M] () -- C:\Programme\Akademische Arbeitsgemeinschaft\AAVUpdateManager\aavus.exe PRC - [2008.10.24 10:14:36 | 000,206,112 | ---- | M] (Macrovision Corporation) -- C:\Programme\Gemeinsame Dateien\InstallShield\UpdateService\ISUSPM.exe PRC - [2008.04.14 04:22:45 | 001,036,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe PRC - [2007.03.10 12:14:32 | 000,067,128 | ---- | M] (Logitech Inc.) -- C:\Programme\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe PRC - [2007.03.06 10:35:02 | 000,198,168 | ---- | M] (InterVideo Inc.) -- C:\Programme\Gemeinsame Dateien\InterVideo\DeviceService\DevSvc.exe PRC - [2007.03.03 13:48:28 | 000,067,056 | ---- | M] (Ulead Systems, Inc.) -- C:\Programme\Gemeinsame Dateien\Ulead Systems\DVD\ULCDRSvr.exe PRC - [2006.11.08 14:27:54 | 000,222,208 | ---- | M] (Nokia) -- C:\Programme\Nokia\Nokia PC Suite 6\LaunchApplication.exe PRC - [2006.11.06 15:21:10 | 000,210,432 | ---- | M] (Nokia.) -- C:\Programme\PC Connectivity Solution\ServiceLayer.exe PRC - [2006.09.22 20:37:00 | 000,118,784 | ---- | M] (B.H.A Corporation) -- C:\WINDOWS\system32\bgsvcgen.exe PRC - [2006.06.01 13:32:12 | 000,094,208 | ---- | M] (Nero AG) -- C:\Programme\Gemeinsame Dateien\Ahead\Lib\NMBgMonitor.exe PRC - [2006.04.12 21:32:14 | 000,167,936 | ---- | M] (Matsushita Electric Industrial Co., Ltd.) -- C:\WINDOWS\system32\RAMAsst.exe PRC - [2006.04.12 21:29:28 | 000,110,592 | ---- | M] (Matsushita Electric Industrial Co., Ltd.) -- C:\WINDOWS\system32\DVDRAMSV.exe PRC - [2005.07.19 18:32:18 | 000,221,184 | ---- | M] (Logitech Inc.) -- C:\WINDOWS\system32\LVCOMSX.EXE PRC - [2005.06.23 21:33:00 | 000,057,344 | ---- | M] (Adobe Systems Incorporated) -- C:\Programme\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe PRC - [2005.06.08 16:14:44 | 000,217,088 | ---- | M] (Logitech Inc.) -- C:\Programme\Logitech\Video\LogiTray.exe PRC - [2005.06.08 15:44:56 | 000,192,512 | ---- | M] (Logitech Inc.) -- C:\Programme\Logitech\Video\FxSvr2.exe PRC - [2004.09.14 09:00:00 | 000,118,784 | ---- | M] (WinZip Computing, Inc.) -- C:\Programme\WinZip\WZQKPICK.EXE PRC - [2003.06.20 00:25:00 | 000,322,120 | ---- | M] (Microsoft Corporation) -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7Debug\mdm.exe PRC - [2003.05.08 13:00:58 | 000,049,152 | ---- | M] (ScanSoft, Inc.) -- C:\Programme\ScanSoft\OmniPageSE2.0\opwareSE2.exe PRC - [2003.04.23 03:06:54 | 000,417,871 | ---- | M] (Microsoft Corporation) -- C:\Programme\Microsoft ActiveSync\WCESCOMM.EXE PRC - [2002.10.28 08:38:08 | 000,047,104 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\soundman.exe PRC - [2002.10.09 17:25:58 | 000,032,768 | R--- | M] (Plantronics) -- C:\Programme\PerSono\PersTray.exe PRC - [2002.08.29 14:00:00 | 000,019,456 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\tcpsvcs.exe ========== Modules (SafeList) ========== MOD - [2010.08.28 20:38:33 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Dokumente und Einstellungen\Scott Fountain\Desktop\MFTools\OTL.exe MOD - [2010.05.26 15:35:24 | 000,640,488 | ---- | M] (Check Point Software Technologies) -- C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll MOD - [2009.07.12 02:12:06 | 000,632,656 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_e6967989\msvcr80.dll MOD - [2009.07.12 02:09:20 | 000,554,832 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_e6967989\msvcp80.dll MOD - [2008.11.07 17:41:46 | 000,045,584 | ---- | M] (Logitech, Inc.) -- C:\Programme\Logitech\SetPoint\lgscroll.dll MOD - [2008.05.13 19:13:36 | 000,077,824 | ---- | M] (SuperAdBlocker.com) -- C:\Programme\SUPERAntiSpyware\SASSEH.DLL MOD - [2008.04.14 04:21:06 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msscript.ocx MOD - [2003.05.08 13:00:46 | 000,159,744 | ---- | M] (ScanSoft, Inc.) -- C:\Programme\ScanSoft\OmniPageSE2.0\OpHookSE2.dll ========== Win32 Services (SafeList) ========== SRV - File not found [On_Demand | Stopped] -- C:\WINDOWS\System32\appmgmts.dll -- (AppMgmt) SRV - [2010.05.26 15:35:18 | 000,493,032 | ---- | M] (Check Point Software Technologies) [Auto | Running] -- C:\Programme\CheckPoint\ZAForceField\IswSvc.exe -- (IswSvc) SRV - [2010.05.26 13:05:04 | 002,437,176 | ---- | M] (Check Point Software Technologies LTD) [Auto | Running] -- C:\WINDOWS\System32\ZoneLabs\vsmon.exe -- (vsmon) SRV - [2010.04.22 15:30:11 | 000,541,192 | ---- | M] (Star Finanz - Software Entwicklung und Vertriebs GmbH) [Auto | Running] -- C:\Programme\StarMoney 7.0\ouservice\StarMoneyOnlineUpdate.exe -- (StarMoney 7.0 OnlineUpdate) SRV - [2010.01.25 11:02:20 | 000,067,360 | ---- | M] (NOS Microsystems Ltd.) [On_Demand | Stopped] -- C:\Programme\NOS\bin\getPlus_Helper.dll -- (getPlusHelper) getPlus(R) SRV - [2010.01.08 01:51:02 | 000,380,928 | ---- | M] (Spigot, Inc.) [Auto | Running] -- C:\Programme\Application Updater\ApplicationUpdater.exe -- (Application Updater) SRV - [2009.07.21 15:34:28 | 000,185,089 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Programme\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService) SRV - [2009.07.08 13:31:36 | 000,313,840 | ---- | M] (Sonic Solutions) [Auto | Stopped] -- C:\Programme\Gemeinsame Dateien\Roxio Shared\9.0\SharedCOM\RoxLiveShare9.exe -- (RoxLiveShare9) SRV - [2009.07.08 13:31:32 | 000,170,480 | ---- | M] (Sonic Solutions) [Auto | Stopped] -- C:\Programme\Gemeinsame Dateien\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe -- (RoxWatch9) SRV - [2009.07.08 13:31:12 | 001,108,464 | ---- | M] (Sonic Solutions) [On_Demand | Stopped] -- C:\Programme\Gemeinsame Dateien\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe -- (RoxMediaDB9) SRV - [2009.05.13 17:48:18 | 000,108,289 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Programme\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService) SRV - [2008.11.07 17:40:52 | 000,121,360 | ---- | M] (Logitech, Inc.) [On_Demand | Stopped] -- C:\Programme\Gemeinsame Dateien\Logitech\Bluetooth\LBTServ.exe -- (LBTServ) SRV - [2008.11.04 01:06:28 | 000,441,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE12\ODSERV.EXE -- (odserv) SRV - [2008.10.24 15:35:44 | 000,128,296 | ---- | M] () [Auto | Running] -- C:\Programme\Akademische Arbeitsgemeinschaft\AAVUpdateManager\aavus.exe -- (AAV UpdateService) SRV - [2008.04.14 04:22:12 | 000,036,864 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\iprip.dll -- (Iprip) SRV - [2007.03.06 10:35:02 | 000,198,168 | ---- | M] (InterVideo Inc.) [Auto | Running] -- C:\Programme\Gemeinsame Dateien\InterVideo\DeviceService\DevSvc.exe -- (Capture Device Service) SRV - [2007.03.03 13:48:28 | 000,067,056 | ---- | M] (Ulead Systems, Inc.) [Auto | Running] -- C:\Programme\Gemeinsame Dateien\Ulead Systems\DVD\ULCDRSvr.exe -- (UleadBurningHelper) SRV - [2006.11.06 15:21:10 | 000,210,432 | ---- | M] (Nokia.) [On_Demand | Running] -- C:\Programme\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer) SRV - [2006.10.26 15:03:08 | 000,145,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE -- (ose) SRV - [2006.09.22 20:37:00 | 000,118,784 | ---- | M] (B.H.A Corporation) [Auto | Running] -- C:\WINDOWS\System32\bgsvcgen.exe -- (bgsvcgen) SRV - [2006.04.12 21:29:28 | 000,110,592 | ---- | M] (Matsushita Electric Industrial Co., Ltd.) [Auto | Running] -- C:\WINDOWS\system32\DVDRAMSV.exe -- (DVD-RAM_Service) SRV - [2004.10.22 02:24:18 | 000,073,728 | ---- | M] (Macrovision Corporation) [On_Demand | Stopped] -- C:\Programme\Gemeinsame Dateien\InstallShield\Driver\1050\Intel 32\IDriverT.exe -- (IDriverT) SRV - [2003.06.20 00:25:00 | 000,322,120 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7Debug\mdm.exe -- (MDM) SRV - [2002.08.29 14:00:00 | 000,019,456 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\tcpsvcs.exe -- (SimpTcp) ========== Driver Services (SafeList) ========== DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\DRIVERS\tsmpkt.sys -- (TSMPacket) DRV - File not found [Kernel | Boot | Stopped] -- C:\WINDOWS\System32\ZoneLabs\srescan.sys -- (srescan) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\DRIVERS\atinmdxx.sys -- (MVDCODEC) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\DRIVERS\atinrvxx.sys -- (atinrvxx) DRV - [2010.05.26 15:35:10 | 000,026,352 | ---- | M] (Check Point Software Technologies) [Kernel | Auto | Running] -- C:\Programme\CheckPoint\ZAForceField\ISWKL.sys -- (ISWKL) DRV - [2010.05.13 10:02:32 | 000,532,224 | ---- | M] (Check Point Software Technologies LTD) [Kernel | System | Running] -- C:\WINDOWS\system32\vsdatant.sys -- (vsdatant) DRV - [2010.05.10 20:41:30 | 000,067,656 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Programme\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL) DRV - [2010.02.17 20:25:48 | 000,012,872 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Programme\SUPERAntiSpyware\sasdifsv.sys -- (SASDIFSV) DRV - [2009.12.07 17:39:57 | 000,056,816 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\avgntflt.sys -- (avgntflt) DRV - [2009.05.11 11:12:20 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ssmdrv.sys -- (ssmdrv) DRV - [2009.03.30 11:33:03 | 000,096,104 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avipbb.sys -- (avipbb) DRV - [2009.02.13 13:35:01 | 000,011,608 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Programme\Avira\AntiVir Desktop\avgio.sys -- (avgio) DRV - [2008.09.26 10:53:00 | 000,079,120 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LMouKE.Sys -- (LMouKE) DRV - [2008.09.26 10:52:00 | 000,063,248 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\L8042mou.Sys -- (L8042mou) DRV - [2008.09.26 10:52:00 | 000,020,240 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\L8042Kbd.sys -- (L8042Kbd) DRV - [2008.04.13 20:45:29 | 000,010,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\gameenum.sys -- (gameenum) DRV - [2008.04.13 20:45:12 | 000,060,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbaudio.sys -- (usbaudio) USB-Audiotreiber (WDM) DRV - [2008.01.10 07:40:38 | 002,846,720 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag) DRV - [2006.11.13 18:49:36 | 000,030,808 | ---- | M] (Paragon Software Group) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\hotcore2.sys -- (hotcore2) DRV - [2006.10.10 09:54:34 | 000,138,240 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nmwcd.sys -- (Nokia USB Phone Parent) DRV - [2006.10.10 09:54:32 | 000,012,800 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nmwcdcj.sys -- (Nokia USB Port) DRV - [2006.10.10 09:54:32 | 000,012,800 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nmwcdcm.sys -- (Nokia USB Modem) DRV - [2006.10.10 09:54:32 | 000,009,216 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nmwcdc.sys -- (Nokia USB Generic) DRV - [2006.04.13 20:47:56 | 000,113,488 | ---- | M] (Matsushita Electric Industrial Co.,Ltd.) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\meiudf.sys -- (meiudf) DRV - [2005.05.27 10:31:28 | 000,022,016 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LVUSBSta.sys -- (LVUSBSta) DRV - [2005.05.11 00:33:00 | 000,032,256 | ---- | M] (B.H.A Corporation) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\cdrbsdrv.sys -- (cdrbsdrv) DRV - [2004.10.08 12:59:12 | 000,326,656 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Camdrl.sys -- (CamDrL) Logitech QuickCam Pro 3000(CamDrl) DRV - [2003.09.08 15:43:36 | 000,089,728 | ---- | M] (Atmel Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbvsp.sys -- (USBVSP) DRV - [2002.10.28 08:38:06 | 000,947,884 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\alcxwdm.sys -- (ALCXWDM) Service for Realtek AC97 Audio (WDM) DRV - [2002.10.09 17:26:00 | 000,010,756 | ---- | M] (Plantronics USB Bulk Driver) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\USBPLANT.sys -- (BULKUSB) DRV - [2002.08.14 15:03:36 | 000,017,005 | ---- | M] (Adaptec) [Kernel | Auto | Running] -- C:\WINDOWS\System32\drivers\ASPI32.SYS -- (Aspi32) DRV - [2002.07.01 16:10:40 | 000,638,366 | R--- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ctxs51.sys -- (Intels51) DRV - [2002.04.16 08:52:04 | 000,032,256 | R--- | M] (SiS Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\sisnic.sys -- (SISNIC) DRV - [2001.08.17 15:00:04 | 000,002,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\msmpu401.sys -- (ms_mpu401) DRV - [1999.01.15 06:38:00 | 000,073,216 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\System32\Drivers\SENTINEL.SYS -- (Sentinel) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://www.google.com/ie IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.fliegerclub-nuernberg.de/ IE - HKCU\..\URLSearchHook: {66f2e20d-0da8-4c11-a9c8-dd8477b88acd} - C:\Programme\ZoneAlarm\tbZon1.dll (Conduit Ltd.) IE - HKCU\..\URLSearchHook: {A26503FE-B3B8-4910-A9DC-9CBD25C6B8D6} - C:\Dokumente und Einstellungen\Scott Fountain\Lokale Einstellungen\Anwendungsdaten\CyberDefender\cdmyidd.dll (CyberDefender Corp.) IE - HKCU\..\URLSearchHook: {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Programme\pdfforge Toolbar\SearchSettings.dll (Spigot, Inc.) IE - HKCU\..\URLSearchHook: ~CFBFAE00-17A6-11D0-99CB-00C04FD64497} - Reg Error: Key error. File not found IE - HKCU\..\URLSearchHook: ~F35CE83E-9EBF-40d5-AE87-53F982389740} - Reg Error: Key error. File not found IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = localhost ========== FireFox ========== FF - prefs.js..browser.search.defaultenginename: "Yahoo" FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&type=302398" FF - prefs.js..browser.search.selectedEngine: "Yahoo" FF - prefs.js..browser.startup.homepage: "hxxp://fcn-segelflug.de/index.php?option=com_content&view=frontpage&Itemid=1" FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.2.2 FF - prefs.js..extensions.enabledItems: {E2883E8F-472F-4fb0-9522-AC9BF37916A7}:1.6.2.60 FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0 FF - prefs.js..extensions.enabledItems: pdfforge@mybrowserbar.com:1.1.2 FF - prefs.js..extensions.enabledItems: searchsettings@spigot.com:1.2.3 FF - prefs.js..extensions.enabledItems: {7b13ec3e-999a-4b70-b9cb-2617b8323822}:2.7.1.3 FF - prefs.js..extensions.enabledItems: {FFB96CC1-7EB3-449D-B827-DB661701C6BB}:1.5.227.0 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21 FF - prefs.js..extensions.enabledItems: {635abd67-4fe9-1b23-4f01-e679fa7484c1}:2.1.3.20100310105313 FF - prefs.js..keyword.URL: "hxxp://de.search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&type=302398&p=" FF - prefs.js..network.proxy.no_proxies_on: "localhost" FF - HKLM\software\mozilla\Firefox\extensions\\{FFB96CC1-7EB3-449D-B827-DB661701C6BB}: C:\Programme\CheckPoint\ZAForceField\TrustChecker [2010.08.11 16:02:52 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Components: C:\Programme\Mozilla Firefox\components [2010.08.28 17:32:19 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Plugins: C:\Programme\Mozilla Firefox\plugins [2010.08.07 11:09:28 | 000,000,000 | ---D | M] [2010.02.18 17:42:37 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Scott Fountain\Anwendungsdaten\Mozilla\Extensions [2010.02.18 17:42:37 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Scott Fountain\Anwendungsdaten\Mozilla\Extensions\home2@tomtom.com [2010.08.28 07:27:43 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Scott Fountain\Anwendungsdaten\Mozilla\Firefox\Profiles\jih9k4gw.default\extensions [2010.04.27 20:27:39 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Dokumente und Einstellungen\Scott Fountain\Anwendungsdaten\Mozilla\Firefox\Profiles\jih9k4gw.default\extensions\{20a82645-c095-46ed-80e3-08825760534b} [2010.08.22 12:38:27 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Dokumente und Einstellungen\Scott Fountain\Anwendungsdaten\Mozilla\Firefox\Profiles\jih9k4gw.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1} [2010.07.14 17:50:38 | 000,000,000 | ---D | M] (Zynga Toolbar) -- C:\Dokumente und Einstellungen\Scott Fountain\Anwendungsdaten\Mozilla\Firefox\Profiles\jih9k4gw.default\extensions\{7b13ec3e-999a-4b70-b9cb-2617b8323822} [2010.08.22 12:38:28 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Dokumente und Einstellungen\Scott Fountain\Anwendungsdaten\Mozilla\Firefox\Profiles\jih9k4gw.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} [2010.01.29 18:58:02 | 000,000,000 | ---D | M] (Adobe DLM (powered by getPlus(R))) -- C:\Dokumente und Einstellungen\Scott Fountain\Anwendungsdaten\Mozilla\Firefox\Profiles\jih9k4gw.default\extensions\{E2883E8F-472F-4fb0-9522-AC9BF37916A7} [2010.08.28 07:27:43 | 000,000,000 | ---D | M] -- C:\Programme\Mozilla Firefox\extensions [2010.08.07 11:09:30 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} [2010.07.17 05:00:04 | 000,423,656 | ---- | M] (Sun Microsystems, Inc.) -- C:\Programme\Mozilla Firefox\plugins\npdeployJava1.dll [2010.04.01 18:54:38 | 000,001,392 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\amazondotcom-de.xml [2010.04.01 18:54:38 | 000,002,344 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\eBay-de.xml [2010.04.01 18:54:38 | 000,006,805 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\leo_ende_de.xml [2010.04.01 18:54:38 | 000,001,178 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\wikipedia-de.xml [2010.04.01 18:54:38 | 000,001,105 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\yahoo-de.xml O1 HOSTS File: ([2002.08.29 14:00:00 | 000,000,820 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated) O2 - BHO: (ZoneAlarm Toolbar) - {66f2e20d-0da8-4c11-a9c8-dd8477b88acd} - C:\Programme\ZoneAlarm\tbZon1.dll (Conduit Ltd.) O2 - BHO: (ZoneAlarm Security Engine Registrar) - {8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3} - C:\Programme\CheckPoint\ZAForceField\Trustchecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies) O2 - BHO: (MyIdentityDefender) - {A26503FE-B3B8-4910-A9DC-9CBD25C6B8D6} - C:\Dokumente und Einstellungen\Scott Fountain\Lokale Einstellungen\Anwendungsdaten\CyberDefender\cdmyidd.dll (CyberDefender Corp.) O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\Programme\Google\GoogleToolbar2.dll (Google Inc.) O2 - BHO: (pdfforge Toolbar) - {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Programme\pdfforge Toolbar\IE\1.1.2\pdfforgeToolbarIE.dll (Spigot, Inc.) O2 - BHO: (no name) - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Programme\pdfforge Toolbar\SearchSettings.dll (Spigot, Inc.) O2 - BHO: (ZoneAlarm Spy Blocker BHO) - {F0D4B231-DA4B-4daf-81E4-DFEE4931A4AA} - C:\Programme\ZoneAlarmSB\bar\1.bin\SPYBLOCK.DLL (ZoneAlarm) O3 - HKLM\..\Toolbar: (&Google) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\Programme\Google\GoogleToolbar2.dll (Google Inc.) O3 - HKLM\..\Toolbar: (Easy-WebPrint) - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Programme\Canon\Easy-WebPrint\Toolband.dll () O3 - HKLM\..\Toolbar: (ZoneAlarm Toolbar) - {66f2e20d-0da8-4c11-a9c8-dd8477b88acd} - C:\Programme\ZoneAlarm\tbZon1.dll (Conduit Ltd.) O3 - HKLM\..\Toolbar: (MyIdentityDefender) - {A26503FE-B3B8-4910-A9DC-9CBD25C6B8D6} - C:\Dokumente und Einstellungen\Scott Fountain\Lokale Einstellungen\Anwendungsdaten\CyberDefender\cdmyidd.dll (CyberDefender Corp.) O3 - HKLM\..\Toolbar: (pdfforge Toolbar) - {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Programme\pdfforge Toolbar\IE\1.1.2\pdfforgeToolbarIE.dll (Spigot, Inc.) O3 - HKLM\..\Toolbar: (ZoneAlarm Security Engine) - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Programme\CheckPoint\ZAForceField\Trustchecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies) O3 - HKLM\..\Toolbar: (ZoneAlarm Spy Blocker) - {F0D4B239-DA4B-4daf-81E4-DFEE4931A4AA} - C:\Programme\ZoneAlarmSB\bar\1.bin\SPYBLOCK.DLL (ZoneAlarm) O3 - HKCU\..\Toolbar\WebBrowser: (&Google) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\Programme\Google\GoogleToolbar2.dll (Google Inc.) O3 - HKCU\..\Toolbar\WebBrowser: (ZoneAlarm Toolbar) - {66F2E20D-0DA8-4C11-A9C8-DD8477B88ACD} - C:\Programme\ZoneAlarm\tbZon1.dll (Conduit Ltd.) O3 - HKCU\..\Toolbar\WebBrowser: (MyIdentityDefender) - {A26503FE-B3B8-4910-A9DC-9CBD25C6B8D6} - C:\Dokumente und Einstellungen\Scott Fountain\Lokale Einstellungen\Anwendungsdaten\CyberDefender\cdmyidd.dll (CyberDefender Corp.) O3 - HKCU\..\Toolbar\WebBrowser: (ZoneAlarm Security Engine) - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Programme\CheckPoint\ZAForceField\Trustchecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies) O3 - HKCU\..\Toolbar\WebBrowser: (ZoneAlarm Spy Blocker) - {F0D4B239-DA4B-4DAF-81E4-DFEE4931A4AA} - C:\Programme\ZoneAlarmSB\bar\1.bin\SPYBLOCK.DLL (ZoneAlarm) O4 - HKLM..\Run: [] File not found O4 - HKLM..\Run: [Adobe Photo Downloader] C:\Programme\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [avgnt] C:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH) O4 - HKLM..\Run: [BlackBerryAutoUpdate] C:\Programme\Gemeinsame Dateien\Research In Motion\Auto Update\RIMAutoUpdate.exe (Research In Motion Limited) O4 - HKLM..\Run: [ISW] C:\Programme\CheckPoint\ZAForceField\ForceField.exe (Check Point Software Technologies) O4 - HKLM..\Run: [Kernel and Hardware Abstraction Layer] C:\WINDOWS\KHALMNPR.Exe (Logitech, Inc.) O4 - HKLM..\Run: [LogitechVideoRepair] C:\Programme\Logitech\Video\ISStart.exe (Logitech Inc.) O4 - HKLM..\Run: [LogitechVideoTray] C:\Programme\Logitech\Video\LogiTray.exe (Logitech Inc.) O4 - HKLM..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE (Logitech Inc.) O4 - HKLM..\Run: [NeroFilterCheck] C:\Programme\Gemeinsame Dateien\Ahead\Lib\NeroCheck.exe (Nero AG) O4 - HKLM..\Run: [OpwareSE2] C:\Programme\ScanSoft\OmniPageSE2.0\OpwareSE2.exe (ScanSoft, Inc.) O4 - HKLM..\Run: [PCSuiteTrayApplication] C:\Programme\Nokia\Nokia PC Suite 6\LaunchApplication.exe (Nokia) O4 - HKLM..\Run: [RoxWatchTray] C:\Programme\Gemeinsame Dateien\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe (Sonic Solutions) O4 - HKLM..\Run: [SearchSettings] C:\Programme\pdfforge Toolbar\SearchSettings.exe (Spigot, Inc.) O4 - HKLM..\Run: [SoundMan] C:\WINDOWS\soundman.exe (Realtek Semiconductor Corp.) O4 - HKLM..\Run: [StartCCC] C:\Programme\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe () O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe (Sun Microsystems, Inc.) O4 - HKLM..\Run: [ZoneAlarm Client] C:\Programme\Zone Labs\ZoneAlarm\zlclient.exe (Check Point Software Technologies LTD) O4 - HKCU..\Run: [Auslogics BoostSpeed] C:\Programme\Auslogics\Auslogics BoostSpeed\BoostSpeed.exe (Auslogics) O4 - HKCU..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] C:\Programme\Gemeinsame Dateien\Ahead\Lib\NMBgMonitor.exe (Nero AG) O4 - HKCU..\Run: [H/PC Connection Agent] C:\Programme\Microsoft ActiveSync\WCESCOMM.EXE (Microsoft Corporation) O4 - HKCU..\Run: [ISUSPM] C:\Programme\Gemeinsame Dateien\InstallShield\UpdateService\ISUSPM.exe (Macrovision Corporation) O4 - HKCU..\Run: [LDM] C:\Programme\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe (Logitech Inc.) O4 - HKCU..\Run: [LogitechSoftwareUpdate] C:\Programme\Logitech\Video\ManifestEngine.exe (Logitech Inc.) O4 - HKCU..\Run: [SUPERAntiSpyware] C:\Programme\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware.com) O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\Desktop Manager.lnk = C:\Programme\Research In Motion\BlackBerry\DesktopMgr.exe (Research In Motion Limited) O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\Logitech Desktop Messenger.lnk = C:\Programme\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe (Logitech Inc.) O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\Logitech SetPoint.lnk = C:\Programme\Logitech\SetPoint\SetPoint.exe (Logitech, Inc.) O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\Perstray.lnk = C:\Programme\PerSono\PersTray.exe (Plantronics) O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\RAMASST.lnk = C:\WINDOWS\system32\RAMAsst.exe (Matsushita Electric Industrial Co., Ltd.) O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\WinZip Quick Pick.lnk = C:\Programme\WinZip\WZQKPICK.EXE (WinZip Computing, Inc.) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O8 - Extra context menu item: &Google-Suche - c:\programme\google\GoogleToolbar2.dll (Google Inc.) O8 - Extra context menu item: &Ins Deutsche übersetzen - c:\programme\google\GoogleToolbar2.dll (Google Inc.) O8 - Extra context menu item: Ähnliche Seiten - c:\programme\google\GoogleToolbar2.dll (Google Inc.) O8 - Extra context menu item: Easy-WebPrint - Drucken - C:\Programme\Canon\Easy-WebPrint\Resource.dll () O8 - Extra context menu item: Easy-WebPrint - Schnelldruck - C:\Programme\Canon\Easy-WebPrint\Resource.dll () O8 - Extra context menu item: Easy-WebPrint - Vorschau - C:\Programme\Canon\Easy-WebPrint\Resource.dll () O8 - Extra context menu item: Easy-WebPrint - Zu Druckliste hinzufügen - C:\Programme\Canon\Easy-WebPrint\Resource.dll () O8 - Extra context menu item: Im Cache gespeicherte Seite - c:\programme\google\GoogleToolbar2.dll (Google Inc.) O8 - Extra context menu item: Nach Microsoft E&xel exportieren - C:\Programme\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation) O8 - Extra context menu item: Verweisseiten - c:\programme\google\GoogleToolbar2.dll (Google Inc.) O9 - Extra Button: Mobilen Favoriten erstellen - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Programme\Microsoft ActiveSync\INETREPL.DLL (Microsoft Corporation) O9 - Extra 'Tools' menuitem : Mobilen Favoriten erstellen... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Programme\Microsoft ActiveSync\INETREPL.DLL (Microsoft Corporation) O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Programme\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation) O9 - Extra Button: PokerStars.net - {FA9B9510-9FCB-4ca0-818C-5D0987B47C4D} - C:\Programme\PokerStars.NET\PokerStarsUpdate.exe (PokerStars) O15 - HKCU\..Trusted Domains: ([]msn in My Computer) O15 - HKCU\..Trusted Domains: amivo.de ([www] https in Trusted sites) O16 - DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} hxxp://office.microsoft.com/templates/ieawsdc.cab (Microsoft Office Template and Media Control) O16 - DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} hxxp://download.microsoft.com/download/e/4/9/e494c802-dd90-4c6b-a074-469358f075a6/OGAControl.cab (Office Genuine Advantage Validation Tool) O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} hxxp://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1141667910342 (WUWebControl Class) O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} hxxp://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1201960443903 (MUWebControl Class) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21) O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} hxxp://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab (Reg Error: Value error.) O16 - DPF: {C7DB51B4-BCF7-4923-8874-7F1A0DC92277} hxxp://office.microsoft.com/officeupdate/content/opuc4.cab (Office Update Installation Engine) O16 - DPF: {CAFEEFAC-0015-0000-0004-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_04-windows-i586.cab (Reg Error: Key error.) O16 - DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab (Reg Error: Key error.) O16 - DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab (Reg Error: Key error.) O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab (Reg Error: Key error.) O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab (Reg Error: Key error.) O16 - DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21) O16 - DPF: DirectAnimation Java Classes file://C:\WINDOWS\Java\classes\dajava.cab (Reg Error: Key error.) O16 - DPF: Microsoft XML Parser for Java file://C:\WINDOWS\Java\classes\xmldso.cab (Reg Error: Key error.) O18 - Protocol\Handler\bwfile-8876480 {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll (Logitech Inc.) O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\mctp {d7b95390-b1c5-11d0-b111-0080c712fe82} - C:\Programme\Microsoft ActiveSync\AATP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Help\hxds.dll (Microsoft Corporation) O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O20 - Winlogon\Notify\!SASWinLogon: DllName - C:\Programme\SUPERAntiSpyware\SASWINLO.DLL - C:\Programme\SUPERAntiSpyware\SASWINLO.DLL (SUPERAntiSpyware.com) O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.) O20 - Winlogon\Notify\LBTWlgn: DllName - c:\programme\gemeinsame dateien\logitech\bluetooth\LBTWlgn.dll - c:\Programme\Gemeinsame Dateien\Logitech\Bluetooth\LBTWLgn.dll (Logitech, Inc.) O21 - SSODL: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} - CLSID or File not found. O24 - Desktop Components:0 (Die derzeitige Homepage) - About:Home O24 - Desktop WallPaper: C:\Dokumente und Einstellungen\Scott Fountain\Lokale Einstellungen\Anwendungsdaten\Microsoft\Wallpaper1.bmp O24 - Desktop BackupWallPaper: C:\Dokumente und Einstellungen\Scott Fountain\Lokale Einstellungen\Anwendungsdaten\Microsoft\Wallpaper1.bmp O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Programme\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com) O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2006.03.06 19:30:54 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O33 - MountPoints2\{e6a54a48-fd9a-11dc-820b-0010dce4b4b1}\Shell - "" = AutoRun O33 - MountPoints2\{e6a54a48-fd9a-11dc-820b-0010dce4b4b1}\Shell\AutoRun - "" = Auto&Play O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* NetSvcs: 6to4 - File not found NetSvcs: AppMgmt - C:\WINDOWS\System32\appmgmts.dll File not found NetSvcs: Ias - File not found NetSvcs: Iprip - C:\WINDOWS\system32\iprip.dll (Microsoft Corporation) NetSvcs: Irmon - File not found NetSvcs: NWCWorkstation - File not found NetSvcs: Nwsapagent - File not found NetSvcs: Wmi - C:\WINDOWS\System32\wmi.dll (Microsoft Corporation) NetSvcs: WmdmPmSp - File not found MsConfig - State: "system.ini" - 0 MsConfig - State: "win.ini" - 0 MsConfig - State: "bootini" - 0 MsConfig - State: "services" - 0 MsConfig - State: "startup" - 0 Drivers32: aux - C:\WINDOWS\System32\wdmaud.drv (Microsoft Corporation) Drivers32: aux1 - C:\WINDOWS\System32\wdmaud.drv (Microsoft Corporation) Drivers32: aux2 - C:\WINDOWS\System32\wdmaud.drv (Microsoft Corporation) Drivers32: midi - C:\WINDOWS\System32\wdmaud.drv (Microsoft Corporation) Drivers32: midi1 - C:\WINDOWS\System32\wdmaud.drv (Microsoft Corporation) Drivers32: midi2 - C:\WINDOWS\System32\wdmaud.drv (Microsoft Corporation) Drivers32: midi3 - C:\WINDOWS\System32\wdmaud.drv (Microsoft Corporation) Drivers32: midi4 - C:\WINDOWS\System32\wdmaud.drv (Microsoft Corporation) Drivers32: midimapper - C:\WINDOWS\System32\midimap.dll (Microsoft Corporation) Drivers32: mixer - C:\WINDOWS\System32\wdmaud.drv (Microsoft Corporation) Drivers32: mixer1 - C:\WINDOWS\System32\wdmaud.drv (Microsoft Corporation) Drivers32: mixer2 - C:\WINDOWS\System32\wdmaud.drv (Microsoft Corporation) Drivers32: mixer3 - C:\WINDOWS\System32\wdmaud.drv (Microsoft Corporation) Drivers32: msacm.ac3acm - C:\WINDOWS\System32\ac3acm.acm (fccHandler) Drivers32: MSACM.CEGSM - C:\WINDOWS\System32\MOBILEV.ACM () Drivers32: msacm.dvacm - C:\Programme\Gemeinsame Dateien\Ulead Systems\VIO\DVACM.acm (InterVideo Digital Technology Corporation) Drivers32: msacm.imaadpcm - C:\WINDOWS\System32\imaadp32.acm (Microsoft Corporation) Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS) Drivers32: msacm.lameacm - C:\WINDOWS\System32\lameACM.acm (hxxp://www.mp3dev.org/) Drivers32: msacm.lhacm - C:\WINDOWS\System32\lhacm.acm (Microsoft Corporation) Drivers32: msacm.MPEGacm - C:\Programme\Gemeinsame Dateien\Ulead Systems\MPEG\MPEGACM.acm (Ulead Systems, Inc.) Drivers32: msacm.msadpcm - C:\WINDOWS\System32\msadp32.acm (Microsoft Corporation) Drivers32: msacm.msaudio1 - C:\WINDOWS\System32\msaud32.acm (Microsoft Corporation) Drivers32: msacm.msg711 - C:\WINDOWS\System32\msg711.acm (Microsoft Corporation) Drivers32: msacm.msg723 - C:\WINDOWS\System32\msg723.acm (Microsoft Corporation) Drivers32: msacm.msgsm610 - C:\WINDOWS\System32\msgsm32.acm (Microsoft Corporation) Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.) Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.) Drivers32: msacm.ulmp3acm - C:\Programme\Gemeinsame Dateien\Ulead Systems\MPEG\ulmp3acm.acm (Ulead systems) Drivers32: MSVideo - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation) Drivers32: MSVideo8 - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation) Drivers32: SENTINEL - C:\WINDOWS\System32\SNTI386.DLL () Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.) Drivers32: VIDC.DIVX - C:\WINDOWS\System32\divx.dll (DivX, Inc.) Drivers32: VIDC.FFDS - ffdshow.ax File not found Drivers32: VIDC.I420 - C:\WINDOWS\System32\LVCodec2.dll (Logitech Inc.) Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll () Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll () Drivers32: VIDC.IYUV - C:\WINDOWS\System32\iyuv_32.dll (Microsoft Corporation) Drivers32: vidc.M261 - C:\WINDOWS\System32\msh261.drv (Microsoft Corporation) Drivers32: vidc.M263 - C:\WINDOWS\System32\msh263.drv (Microsoft Corporation) Drivers32: vidc.mrle - C:\WINDOWS\System32\msrle32.dll (Microsoft Corporation) Drivers32: vidc.msvc - C:\WINDOWS\System32\msvidc32.dll (Microsoft Corporation) Drivers32: VIDC.UYVY - C:\WINDOWS\System32\msyuv.dll (Microsoft Corporation) Drivers32: VIDC.XVID - C:\WINDOWS\System32\xvidvfw.dll () Drivers32: VIDC.YUY2 - C:\WINDOWS\System32\msyuv.dll (Microsoft Corporation) Drivers32: VIDC.YV12 - C:\WINDOWS\System32\yv12vfw.dll (www.helixcommunity.org) Drivers32: VIDC.YVU9 - C:\WINDOWS\System32\tsbyuv.dll (Microsoft Corporation) Drivers32: VIDC.YVYU - C:\WINDOWS\System32\msyuv.dll (Microsoft Corporation) Drivers32: wave - C:\WINDOWS\System32\wdmaud.drv (Microsoft Corporation) Drivers32: wave1 - C:\WINDOWS\System32\wdmaud.drv (Microsoft Corporation) Drivers32: wave2 - C:\WINDOWS\System32\wdmaud.drv (Microsoft Corporation) Drivers32: wave3 - C:\WINDOWS\System32\wdmaud.drv (Microsoft Corporation) Drivers32: wavemapper - C:\WINDOWS\System32\msacm32.drv (Microsoft Corporation) CREATERESTOREPOINT Restore point Set: OTL Restore Point (69537874164318208) ========== Files/Folders - Created Within 90 Days ========== [2010.08.28 20:49:57 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT [2010.08.28 20:48:54 | 000,000,000 | ---D | C] -- C:\Programme\ERUNT [2010.08.28 20:39:41 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Scott Fountain\Anwendungsdaten\Malwarebytes [2010.08.28 20:39:25 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys [2010.08.28 20:39:22 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys [2010.08.28 20:39:22 | 000,000,000 | ---D | C] -- C:\Programme\Malwarebytes' Anti-Malware [2010.08.28 20:39:22 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Malwarebytes [2010.08.28 20:38:53 | 000,000,000 | ---D | C] -- C:\Programme\7-Zip [2010.08.28 20:18:25 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Scott Fountain\Desktop\MFTools [2010.08.28 20:05:06 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\SecTaskMan [2010.08.28 20:05:03 | 000,000,000 | ---D | C] -- C:\Programme\Security Task Manager [2010.08.28 19:05:29 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Scott Fountain\Anwendungsdaten\SUPERAntiSpyware.com [2010.08.28 19:05:29 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\SUPERAntiSpyware.com [2010.08.28 19:05:14 | 000,000,000 | ---D | C] -- C:\Programme\SUPERAntiSpyware [2010.08.26 15:38:30 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Scott Fountain\Anwendungsdaten\Auslogics [2010.08.26 15:37:46 | 000,000,000 | ---D | C] -- C:\Programme\Auslogics [2010.08.12 22:33:52 | 000,000,000 | ---D | C] -- C:\Programme\PokerStars.NET [2010.08.09 21:10:49 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Scott Fountain\Lokale Einstellungen\Anwendungsdaten\cache [2010.08.09 21:07:48 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Scott Fountain\Lokale Einstellungen\Anwendungsdaten\FullTiltPoker [2010.08.09 21:06:42 | 000,000,000 | ---D | C] -- C:\Programme\Full Tilt Poker [2010.08.07 11:10:27 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Sun [2010.08.06 19:49:21 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Scott Fountain\Lokale Einstellungen\Anwendungsdaten\Temp [2010.08.06 19:49:17 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Scott Fountain\Lokale Einstellungen\Anwendungsdaten\Google [2010.07.31 16:02:12 | 000,000,000 | ---D | C] -- C:\Programme\QuickTime [2010.07.31 16:02:09 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Apple Computer [2010.07.31 15:47:59 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\NetworkService\Lokale Einstellungen\Anwendungsdaten\ZoneAlarm [2006.03.09 16:26:00 | 000,570,128 | ---- | C] (Microsoft Corporation) -- C:\Programme\Gemeinsame Dateien\DAO350.DLL ========== Files - Modified Within 90 Days ========== [2010.08.28 21:42:17 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT [2010.08.28 21:42:05 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2010.08.28 21:11:52 | 000,000,000 | ---- | M] () -- C:\Dokumente und Einstellungen\Scott Fountain\defogger_reenable [2010.08.28 21:04:11 | 005,767,168 | ---- | M] () -- C:\Dokumente und Einstellungen\Scott Fountain\ntuser.dat [2010.08.28 21:03:53 | 000,000,300 | -HS- | M] () -- C:\Dokumente und Einstellungen\Scott Fountain\ntuser.ini [2010.08.28 20:54:14 | 000,001,244 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1220945662-1935655697-854245398-1004UA.job [2010.08.28 20:48:55 | 000,000,610 | ---- | M] () -- C:\Dokumente und Einstellungen\Scott Fountain\Desktop\NTREGOPT.lnk [2010.08.28 20:48:55 | 000,000,591 | ---- | M] () -- C:\Dokumente und Einstellungen\Scott Fountain\Desktop\ERUNT.lnk [2010.08.28 20:39:28 | 000,000,695 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Malwarebytes' Anti-Malware.lnk [2010.08.28 20:38:27 | 000,050,477 | ---- | M] () -- C:\Dokumente und Einstellungen\Scott Fountain\Desktop\defogger.exe [2010.08.28 20:38:09 | 000,284,915 | ---- | M] () -- C:\Dokumente und Einstellungen\Scott Fountain\Desktop\Gmer.zip [2010.08.28 19:49:53 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2010.08.28 19:05:17 | 000,001,661 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\SUPERAntiSpyware Free Edition.lnk [2010.08.28 17:11:34 | 000,002,607 | ---- | M] () -- C:\Dokumente und Einstellungen\Scott Fountain\Desktop\Outlook 2007.lnk [2010.08.26 19:54:06 | 000,001,192 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1220945662-1935655697-854245398-1004Core.job [2010.08.26 15:38:01 | 000,000,795 | ---- | M] () -- C:\Dokumente und Einstellungen\Scott Fountain\Desktop\Auslogics BoostSpeed.lnk [2010.08.25 16:03:16 | 000,000,256 | ---- | M] () -- C:\WINDOWS\System32\pool.bin [2010.08.24 22:06:05 | 001,582,120 | -H-- | M] () -- C:\Dokumente und Einstellungen\Scott Fountain\Lokale Einstellungen\Anwendungsdaten\IconCache.db [2010.08.24 21:41:42 | 000,004,096 | ---- | M] () -- C:\WINDOWS\System32\crash [2010.08.24 21:41:30 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat [2010.08.20 12:54:59 | 000,002,450 | ---- | M] () -- C:\Dokumente und Einstellungen\Scott Fountain\Desktop\Google Chrome.lnk [2010.08.12 22:34:18 | 000,000,759 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\PokerStars.net.lnk [2010.08.12 22:17:00 | 000,234,368 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2010.08.12 18:24:47 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK [2010.08.12 18:20:51 | 001,033,152 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI [2010.08.12 18:20:51 | 000,462,604 | ---- | M] () -- C:\WINDOWS\System32\perfh007.dat [2010.08.12 18:20:51 | 000,444,300 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat [2010.08.12 18:20:51 | 000,085,608 | ---- | M] () -- C:\WINDOWS\System32\perfc007.dat [2010.08.12 18:20:51 | 000,072,176 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat [2010.08.09 21:07:22 | 000,000,787 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Full Tilt Poker.lnk [2010.08.07 15:47:17 | 000,000,276 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job [2010.07.31 16:02:53 | 000,001,603 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\QuickTime Player.lnk [2010.06.23 16:15:22 | 000,000,116 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini ========== Files Created - No Company Name ========== [2010.08.28 21:12:39 | 000,293,376 | ---- | C] () -- C:\Dokumente und Einstellungen\Scott Fountain\Desktop\gmer.exe [2010.08.28 21:11:52 | 000,000,000 | ---- | C] () -- C:\Dokumente und Einstellungen\Scott Fountain\defogger_reenable [2010.08.28 20:48:55 | 000,000,610 | ---- | C] () -- C:\Dokumente und Einstellungen\Scott Fountain\Desktop\NTREGOPT.lnk [2010.08.28 20:48:55 | 000,000,591 | ---- | C] () -- C:\Dokumente und Einstellungen\Scott Fountain\Desktop\ERUNT.lnk [2010.08.28 20:39:28 | 000,000,695 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Malwarebytes' Anti-Malware.lnk [2010.08.28 20:38:27 | 000,050,477 | ---- | C] () -- C:\Dokumente und Einstellungen\Scott Fountain\Desktop\defogger.exe [2010.08.28 20:38:08 | 000,284,915 | ---- | C] () -- C:\Dokumente und Einstellungen\Scott Fountain\Desktop\Gmer.zip [2010.08.28 19:05:17 | 000,001,661 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\SUPERAntiSpyware Free Edition.lnk [2010.08.26 15:38:01 | 000,000,795 | ---- | C] () -- C:\Dokumente und Einstellungen\Scott Fountain\Desktop\Auslogics BoostSpeed.lnk [2010.08.12 22:34:18 | 000,000,759 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\PokerStars.net.lnk [2010.08.09 21:07:22 | 000,000,787 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Full Tilt Poker.lnk [2010.08.06 19:51:15 | 000,002,450 | ---- | C] () -- C:\Dokumente und Einstellungen\Scott Fountain\Desktop\Google Chrome.lnk [2010.08.06 19:49:20 | 000,001,244 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1220945662-1935655697-854245398-1004UA.job [2010.08.06 19:49:19 | 000,001,192 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1220945662-1935655697-854245398-1004Core.job [2010.07.31 16:02:53 | 000,001,603 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\QuickTime Player.lnk [2010.01.17 12:09:09 | 000,116,224 | ---- | C] () -- C:\WINDOWS\System32\pdfcmnnt.dll [2009.11.08 20:17:17 | 000,178,176 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll [2009.11.08 20:17:17 | 000,000,038 | ---- | C] () -- C:\WINDOWS\avisplitter.ini [2009.11.08 20:17:14 | 000,881,664 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll [2009.11.08 20:17:14 | 000,205,824 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll [2009.11.08 20:17:13 | 003,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll [2009.03.06 16:10:15 | 000,000,105 | ---- | C] () -- C:\WINDOWS\mapiuid.ini [2008.07.23 16:41:16 | 000,344,064 | ---- | C] () -- C:\WINDOWS\System32\BH_DATA110VC8.dll [2008.05.18 12:32:29 | 000,000,030 | ---- | C] () -- C:\WINDOWS\SSEKonf.ini [2008.02.04 19:23:10 | 000,693,792 | ---- | C] () -- C:\WINDOWS\System32\OGACheckControl.DLL [2007.11.15 21:27:40 | 000,303,104 | ---- | C] () -- C:\WINDOWS\System32\dnt27VC8.dll [2007.11.15 21:25:28 | 000,090,112 | ---- | C] () -- C:\WINDOWS\System32\dntvmc27VC8.dll [2007.11.15 21:25:12 | 000,086,016 | ---- | C] () -- C:\WINDOWS\System32\dntvm27VC8.dll [2007.11.13 09:39:30 | 000,057,344 | ---- | C] () -- C:\WINDOWS\System32\FKStampPainter20.dll [2007.11.09 15:18:10 | 000,208,896 | ---- | C] () -- C:\WINDOWS\System32\LXPrnUtil10.dll [2007.09.01 09:13:50 | 004,239,360 | ---- | C] () -- C:\WINDOWS\System32\qtp-mt334.dll [2007.08.30 13:00:37 | 000,210,456 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeW7.dll [2007.08.30 13:00:37 | 000,206,360 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeA6.dll [2007.08.30 13:00:37 | 000,198,168 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeP6.dll [2007.08.30 13:00:37 | 000,198,168 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeM6.dll [2007.08.30 13:00:37 | 000,194,072 | ---- | C] () -- C:\WINDOWS\System32\IVIresizePX.dll [2007.08.30 13:00:37 | 000,026,136 | ---- | C] () -- C:\WINDOWS\System32\IVIresize.dll [2007.08.16 15:17:50 | 000,143,360 | ---- | C] () -- C:\WINDOWS\System32\nsldap32v50.dll [2007.04.20 17:19:39 | 000,022,168 | ---- | C] () -- C:\WINDOWS\System32\imsinstall_loc0407.dll [2007.04.20 17:19:39 | 000,018,072 | ---- | C] () -- C:\WINDOWS\System32\imslsp_install_loc0407.dll [2007.03.31 18:47:32 | 000,000,041 | ---- | C] () -- C:\WINDOWS\FKStdUst07Module.INI [2007.03.31 16:44:38 | 000,000,019 | ---- | C] () -- C:\WINDOWS\LxRegi.INI [2007.03.03 18:53:47 | 001,865,945 | ---- | C] () -- C:\Dokumente und Einstellungen\Scott Fountain\Anwendungsdaten\NMM-MetaData.db [2007.01.06 12:49:53 | 000,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini [2006.11.13 16:03:58 | 000,393,216 | ---- | C] () -- C:\WINDOWS\System32\BH_DATA100VC8.dll [2006.11.04 18:19:15 | 000,000,057 | ---- | C] () -- C:\WINDOWS\st_affiliate.ini [2006.09.27 14:56:48 | 000,000,059 | ---- | C] () -- C:\WINDOWS\d2hnav.ini [2006.09.27 14:56:04 | 000,000,027 | ---- | C] () -- C:\WINDOWS\stwin05.ini [2006.09.21 13:53:28 | 000,282,679 | ---- | C] () -- C:\WINDOWS\System32\dnt27.dll [2006.09.21 13:52:24 | 000,077,882 | ---- | C] () -- C:\WINDOWS\System32\dntvmc27.dll [2006.09.21 13:52:14 | 000,077,881 | ---- | C] () -- C:\WINDOWS\System32\dntvm27.dll [2006.06.29 08:34:31 | 000,796,584 | ---- | C] () -- C:\WINDOWS\System32\libeay32_0.9.6l.dll [2006.05.30 15:24:37 | 000,000,043 | ---- | C] () -- C:\WINDOWS\gswin32.ini [2006.04.13 10:40:41 | 000,000,021 | ---- | C] () -- C:\WINDOWS\PCBH32.INI [2006.04.13 10:25:29 | 000,003,370 | ---- | C] () -- C:\WINDOWS\tm.ini [2006.04.06 18:07:34 | 000,000,063 | ---- | C] () -- C:\WINDOWS\mdm.ini [2006.03.22 10:45:00 | 000,006,812 | ---- | C] () -- C:\WINDOWS\System32\lvcoinst.ini [2006.03.22 09:16:32 | 000,000,105 | ---- | C] () -- C:\WINDOWS\UMXADDIN.INI [2006.03.22 09:15:44 | 000,000,074 | ---- | C] () -- C:\WINDOWS\PMINI.ini [2006.03.22 09:15:04 | 000,000,516 | ---- | C] () -- C:\WINDOWS\MAXLINK.INI [2006.03.20 09:48:40 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\vusetup.dll [2006.03.17 13:24:55 | 000,000,326 | ---- | C] () -- C:\WINDOWS\prestopm.INI [2006.03.09 16:49:13 | 000,000,103 | ---- | C] () -- C:\WINDOWS\ktel.ini [2006.03.09 16:39:54 | 000,000,158 | ---- | C] () -- C:\WINDOWS\LXfoIn54.INI [2006.03.09 16:24:50 | 000,000,031 | ---- | C] () -- C:\WINDOWS\LxTrans.INI [2006.03.09 16:23:26 | 000,300,032 | ---- | C] () -- C:\WINDOWS\System32\LE50as.dll [2006.03.09 16:22:59 | 000,015,627 | ---- | C] () -- C:\WINDOWS\System32\WBROLLRS.DLL [2006.03.09 16:22:58 | 000,131,072 | ---- | C] () -- C:\WINDOWS\System32\BH_DATA100VC7.dll [2006.03.09 16:22:58 | 000,110,080 | ---- | C] () -- C:\WINDOWS\System32\W32MKRC.DLL [2006.03.09 16:22:58 | 000,041,472 | ---- | C] () -- C:\WINDOWS\System32\W32btstp.dll [2006.03.09 16:22:58 | 000,034,816 | ---- | C] () -- C:\WINDOWS\System32\LxCI11.dll [2006.03.09 16:22:58 | 000,025,088 | ---- | C] () -- C:\WINDOWS\System32\W32btxlt.dll [2006.03.09 16:22:57 | 000,135,168 | ---- | C] () -- C:\WINDOWS\System32\MMedia10VC7.dll [2006.03.09 16:22:57 | 000,090,112 | ---- | C] () -- C:\WINDOWS\System32\LxUtl10.dll [2006.03.09 16:22:57 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\PXTToolVC7.dll [2006.03.09 16:22:57 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\PXTTool.dll [2006.03.09 16:22:56 | 000,303,104 | ---- | C] () -- C:\WINDOWS\System32\LxImport50VC7.dll [2006.03.09 16:22:56 | 000,217,088 | ---- | C] () -- C:\WINDOWS\System32\LxImport40VC7.dll [2006.03.09 16:22:56 | 000,192,592 | ---- | C] () -- C:\WINDOWS\System32\LxImport30.dll [2006.03.09 16:22:56 | 000,114,688 | ---- | C] () -- C:\WINDOWS\System32\LXDasi10VC7.dll [2006.03.07 17:37:15 | 000,000,051 | ---- | C] () -- C:\WINDOWS\iTouch.ini [2006.03.07 17:09:50 | 000,007,680 | ---- | C] () -- C:\WINDOWS\System32\CNMVS6y.DLL [2006.03.07 17:08:46 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\IPPCPUID.DLL [2006.03.07 17:08:37 | 000,011,776 | ---- | C] () -- C:\WINDOWS\System32\PMSBFN32.DLL [2006.03.07 17:03:24 | 000,000,398 | ---- | C] () -- C:\WINDOWS\System32\CNCMP60.INI [2006.03.07 16:44:01 | 000,000,400 | ---- | C] () -- C:\WINDOWS\ODBC.INI [2006.03.07 16:33:32 | 000,000,147 | ---- | C] () -- C:\Dokumente und Einstellungen\Scott Fountain\Lokale Einstellungen\Anwendungsdaten\fusioncache.dat [2006.03.07 16:27:17 | 000,000,010 | ---- | C] () -- C:\WINDOWS\WININIT.INI [2006.03.07 10:24:29 | 000,363,520 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll [2006.03.07 08:59:11 | 000,012,800 | ---- | C] () -- C:\Dokumente und Einstellungen\Scott Fountain\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2006.03.06 20:20:31 | 000,073,216 | ---- | C] () -- C:\WINDOWS\System32\drivers\SENTINEL.SYS [2006.03.06 20:20:31 | 000,047,616 | ---- | C] () -- C:\WINDOWS\System32\SNTI386.DLL [2006.03.06 20:20:31 | 000,017,920 | ---- | C] () -- C:\WINDOWS\System32\RNBOVDD.DLL [2006.03.06 20:20:23 | 000,000,004 | ---- | C] () -- C:\WINDOWS\System32\wwinms.drv [2006.03.06 20:17:10 | 000,000,447 | ---- | C] () -- C:\WINDOWS\brwmark.ini [2006.03.06 20:17:10 | 000,000,213 | ---- | C] () -- C:\WINDOWS\brqikmon.ini [2006.03.06 19:49:36 | 000,000,169 | ---- | C] () -- C:\WINDOWS\RtlRack.ini [2006.03.06 19:47:47 | 000,000,164 | ---- | C] () -- C:\WINDOWS\avrack.ini [2005.12.21 16:57:04 | 000,024,576 | ---- | C] () -- C:\WINDOWS\System32\nsldappr32v50.dll [2005.12.21 16:54:34 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\nsldapssl32v50.dll [2005.12.07 12:31:00 | 000,202,752 | R--- | C] () -- C:\WINDOWS\System32\CddbCdda.dll [2005.11.09 13:13:48 | 000,282,624 | ---- | C] () -- C:\WINDOWS\System32\dnt27VC7.dll [2005.11.09 13:11:46 | 000,086,016 | ---- | C] () -- C:\WINDOWS\System32\dntvmc27VC7.dll [2005.11.09 13:11:30 | 000,077,824 | ---- | C] () -- C:\WINDOWS\System32\dntvm27VC7.dll [2004.05.06 15:07:32 | 000,241,664 | ---- | C] () -- C:\WINDOWS\System32\dnt26VC7.dll [2004.05.06 15:05:04 | 000,086,016 | ---- | C] () -- C:\WINDOWS\System32\dntvmc26VC7.dll [2004.05.06 15:04:42 | 000,073,728 | ---- | C] () -- C:\WINDOWS\System32\dntvm26VC7.dll [2003.09.05 13:25:54 | 000,237,623 | ---- | C] () -- C:\WINDOWS\System32\dnt26.dll [2003.09.05 13:25:52 | 000,073,785 | ---- | C] () -- C:\WINDOWS\System32\dntvm26.dll [2003.09.05 13:03:30 | 000,077,882 | ---- | C] () -- C:\WINDOWS\System32\dntvmc26.dll [2002.11.06 16:23:32 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\FKStampPainter.dll [2002.03.17 02:00:00 | 000,007,420 | ---- | C] () -- C:\WINDOWS\UA000081.DLL [2001.12.13 14:30:12 | 000,036,864 | ---- | C] () -- C:\WINDOWS\System32\SBSPAINT.DLL [2001.10.10 09:57:58 | 000,073,786 | --S- | C] () -- C:\WINDOWS\System32\dntvmc23.dll [2001.10.10 09:57:58 | 000,061,497 | --S- | C] () -- C:\WINDOWS\System32\dntvm23.dll [2001.03.07 09:02:30 | 000,229,431 | ---- | C] () -- C:\WINDOWS\System32\dnt23.dll [1999.01.22 20:46:58 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\MSRTEDIT.DLL ========== LOP Check ========== [2009.07.28 17:15:03 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\AAV [2007.03.31 18:36:15 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\BTrieve [2010.03.28 20:48:32 | 000,000,000 | -H-D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\CanonBJ [2007.03.31 18:06:35 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Haufe [2007.08.30 13:00:42 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\InterVideo [2008.09.17 20:21:29 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\iolo [2009.11.05 20:39:40 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Lexware [2007.09.20 20:00:45 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\MailFrontier [2007.02.25 16:32:07 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\PC Suite [2009.12.06 15:12:28 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Research In Motion [2007.10.12 16:30:19 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\ScanSoft [2010.08.28 20:08:20 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\SecTaskMan [2006.03.22 09:15:06 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\SSScanAppDataDir [2006.03.22 09:15:06 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\SSScanWizard [2009.04.20 19:43:07 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\StarMoney 7.0 [2006.07.27 17:37:40 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\T-DSL SpeedManager [2006.08.21 18:58:24 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\T-Online DSL-Manager [2010.02.18 17:44:13 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TomTom [2009.11.14 18:14:51 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TuneUp Software [2007.08.30 13:14:39 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Ulead Systems [2009.11.14 18:13:29 | 000,000,000 | -HSD | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\{D3742F82-1C1A-4DCC-ABBD-0E7C3C0185CC} [2007.05.28 11:51:44 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Scott Fountain\Anwendungsdaten\AAV [2010.08.26 15:39:14 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Scott Fountain\Anwendungsdaten\Auslogics [2008.12.20 22:23:18 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Scott Fountain\Anwendungsdaten\Blackberry Desktop [2010.07.16 16:20:45 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Scott Fountain\Anwendungsdaten\Canon [2010.05.28 21:25:05 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Scott Fountain\Anwendungsdaten\CheckPoint [2007.03.03 18:11:47 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Scott Fountain\Anwendungsdaten\Datalayer [2008.12.21 18:55:11 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Scott Fountain\Anwendungsdaten\GoodSync [2009.08.31 18:26:22 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Scott Fountain\Anwendungsdaten\gtk-2.0 [2007.07.18 16:30:01 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Scott Fountain\Anwendungsdaten\Haufe [2008.09.17 20:21:29 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Scott Fountain\Anwendungsdaten\iolo [2007.10.17 15:17:01 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Scott Fountain\Anwendungsdaten\Leadertech [2007.03.31 18:35:08 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Scott Fountain\Anwendungsdaten\Lexware [2006.03.07 17:08:04 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Scott Fountain\Anwendungsdaten\NewSoft [2007.03.03 17:29:55 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Scott Fountain\Anwendungsdaten\Nokia [2007.03.03 17:34:36 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Scott Fountain\Anwendungsdaten\Nokia Multimedia Player [2008.04.19 14:46:29 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Scott Fountain\Anwendungsdaten\NSBackup [2010.08.24 10:40:34 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Scott Fountain\Anwendungsdaten\OfficeUpdate12 [2008.03.30 09:01:49 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Scott Fountain\Anwendungsdaten\PC Suite [2010.01.17 12:29:32 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Scott Fountain\Anwendungsdaten\pdfforge [2008.12.20 22:01:59 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Scott Fountain\Anwendungsdaten\Research In Motion [2006.03.22 09:15:07 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Scott Fountain\Anwendungsdaten\ScanSoft [2010.01.17 12:29:23 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Scott Fountain\Anwendungsdaten\Search Settings [2006.11.04 16:41:24 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Scott Fountain\Anwendungsdaten\SimonTools [2006.07.27 17:26:47 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Scott Fountain\Anwendungsdaten\T-DSL SpeedManager [2010.02.18 17:42:28 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Scott Fountain\Anwendungsdaten\TomTom [2009.11.14 18:15:12 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Scott Fountain\Anwendungsdaten\TuneUp Software [2007.08.30 13:16:55 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Scott Fountain\Anwendungsdaten\Ulead Systems ========== Purity Check ========== ========== Custom Scans ========== < %SYSTEMDRIVE%\*.* > [2006.03.06 19:30:54 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT [2006.03.17 15:35:33 | 000,000,211 | RHS- | M] () -- C:\boot.ini [2002.08.29 14:00:00 | 000,004,952 | RHS- | M] () -- C:\bootfont.bin [2007.02.11 16:47:45 | 000,090,450 | ---- | M] () -- C:\cdstinfo.log [2006.03.06 19:30:54 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS [2010.03.09 16:47:01 | 000,000,000 | ---- | M] () -- C:\ctapi_out_gr.txt [2008.12.21 10:09:10 | 000,049,166 | ---- | M] () -- C:\CybDefInstallInfo.log [2006.03.06 19:30:54 | 000,000,000 | RHS- | M] () -- C:\IO.SYS [2006.03.08 09:15:22 | 000,000,000 | ---- | M] () -- C:\itouch_config_crash_info.txt [2006.03.07 17:35:00 | 000,000,000 | ---- | M] () -- C:\itouch_crash_info.txt [2008.05.07 17:52:07 | 000,000,169 | ---- | M] () -- C:\LxDasi.Log [2006.03.06 19:30:54 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS [2006.03.07 13:21:40 | 000,047,564 | RHS- | M] () -- C:\NTDETECT.COM [2008.10.26 14:02:35 | 000,251,712 | RHS- | M] () -- C:\ntldr [2010.08.28 21:41:59 | 805,306,368 | -HS- | M] () -- C:\pagefile.sys [2006.09.17 18:58:28 | 000,001,722 | ---- | M] () -- C:\TDSLCheck.txt [2007.09.01 08:12:31 | 027,262,976 | ---- | M] () -- C:\VIRTPART.DAT < %systemroot%\system32\*.wt > < %systemroot%\system32\*.ruy > < %systemroot%\Fonts\*.com > [2006.04.18 15:39:28 | 000,026,040 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalMonospace.CompositeFont [2006.06.29 14:53:56 | 000,026,489 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalSansSerif.CompositeFont [2006.04.18 15:39:28 | 000,029,779 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalSerif.CompositeFont [2006.06.29 14:58:52 | 000,030,808 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalUserInterface.CompositeFont < %systemroot%\Fonts\*.dll > < %systemroot%\Fonts\*.ini > [2006.03.06 19:30:33 | 000,000,067 | -HS- | M] () -- C:\WINDOWS\Fonts\desktop.ini < %systemroot%\Fonts\*.ini2 > < %systemroot%\system32\spool\prtprocs\w32x86\*.* > [2000.01.28 02:17:00 | 000,015,872 | ---- | M] (Brother Industries Ltd.) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\BRPPROC.DLL [2004.08.16 22:00:00 | 000,017,920 | ---- | M] (CANON INC.) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\CNMPD6y.DLL [2006.07.31 05:00:00 | 000,022,528 | ---- | M] (CANON INC.) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\CNMPD7W.DLL [2004.08.16 22:00:00 | 000,054,272 | ---- | M] (CANON INC.) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\CNMPP6y.DLL [2006.07.31 05:00:00 | 000,065,024 | ---- | M] (CANON INC.) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\CNMPP7W.DLL [2008.07.06 14:06:10 | 000,089,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\filterpipelineprintproc.dll [2008.07.06 12:50:03 | 000,597,504 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\printfilterpipelinesvc.exe < %systemroot%\REPAIR\*.bak1 > < %systemroot%\REPAIR\*.ini > < %systemroot%\system32\*.jpg > < %systemroot%\*.scr > < %systemroot%\*._sy > < %APPDATA%\Adobe\Update\*.* > < %ALLUSERSPROFILE%\Favorites\*.* > < %APPDATA%\Microsoft\*.* > < %PROGRAMFILES%\*.* > < %APPDATA%\Update\*.* > < %systemroot%\*. /mp /s > < %systemroot%\system32\*.dll /lockedfiles > [2008.01.10 05:07:30 | 000,368,640 | R--- | M] (Advanced Micro Devices, Inc.) Unable to obtain MD5 -- C:\WINDOWS\system32\ATIDEMGX.dll < %systemroot%\Tasks\*.job /lockedfiles > < %systemroot%\System32\config\*.sav > [2006.03.06 20:22:02 | 000,094,208 | ---- | M] () -- C:\WINDOWS\system32\config\default.sav [2006.03.06 20:22:01 | 000,606,208 | ---- | M] () -- C:\WINDOWS\system32\config\software.sav [2006.03.06 20:22:01 | 000,397,312 | ---- | M] () -- C:\WINDOWS\system32\config\system.sav < %systemroot%\system32\user32.dll /md5 > [2008.04.14 04:22:31 | 000,580,096 | ---- | M] (Microsoft Corporation) MD5=B0050CC5340E3A0760DD8B417FF7AEBD -- C:\WINDOWS\system32\user32.dll < %systemroot%\system32\ws2_32.dll /md5 > [2008.04.14 04:22:32 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=6A35E2D6F5F052C84EC2CEB296389439 -- C:\WINDOWS\system32\ws2_32.dll < %systemroot%\system32\ws2help.dll /md5 > [2008.04.14 04:22:32 | 000,019,968 | ---- | M] (Microsoft Corporation) MD5=C7D8A0517CBF16B84F657DE87EBE9D4B -- C:\WINDOWS\system32\ws2help.dll < HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU > < HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs > HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install\\LastSuccessTime: 2010-08-12 16:25:03 < End of report > Fortsetzung folgt Fortsetzung OTL EXTRAS Logfile: OTL Logfile: Code:
ATTFilter OTL Extras logfile created on: 28.08.2010 21:52:28 - Run 1
OTL by OldTimer - Version 3.2.11.0 Folder = C:\Dokumente und Einstellungen\Scott Fountain\Desktop\MFTools
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
1.023,00 Mb Total Physical Memory | 496,00 Mb Available Physical Memory | 49,00% Memory free
2,00 Gb Paging File | 1,00 Gb Available in Paging File | 68,00% Paging File free
Paging file location(s): C:\pagefile.sys 768 1536 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 89,46 Gb Total Space | 26,94 Gb Free Space | 30,11% Space Free | Partition Type: NTFS
Drive D: | 19,95 Gb Total Space | 18,15 Gb Free Space | 90,99% Space Free | Partition Type: NTFS
Drive E: | 2,38 Gb Total Space | 0,38 Gb Free Space | 15,89% Space Free | Partition Type: FAT32
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: AUTOPRO
Current User Name: Scott Fountain
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 90 Days
Output = Standard
Quick Scan
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Programme\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
htmlfile [edit] -- "C:\Programme\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Programme\Microsoft Office\Office12\msohtmed.exe" /p %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\Programme\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe" = C:\Programme\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe:*:Enabled:Logitech Desktop Messenger -- (Logitech Inc.)
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Programme\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe" = C:\Programme\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe:*:Enabled:Logitech Desktop Messenger -- (Logitech Inc.)
"C:\Programme\Microsoft Office\Office12\OUTLOOK.EXE" = C:\Programme\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook -- (Microsoft Corporation)
"C:\Programme\StarMoney 7.0\ouservice\StarMoneyOnlineUpdate.exe" = C:\Programme\StarMoney 7.0\ouservice\StarMoneyOnlineUpdate.exe:*:Enabled:StarMoney 7.0 OnlineUpdate -- (Star Finanz - Software Entwicklung und Vertriebs GmbH)
"C:\Programme\StarMoney 7.0\app\StarMoney.exe" = C:\Programme\StarMoney 7.0\app\StarMoney.exe:*:Enabled:StarMoney 7.0 -- (Star Finanz - Software Entwicklung und Vertriebs GmbH)
"C:\WINDOWS\system32\ZoneLabs\vsmon.exe" = C:\WINDOWS\system32\ZoneLabs\vsmon.exe:*:Enabled:vsmon -- (Check Point Software Technologies LTD)
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{02B71D92-A84B-4DFB-9A10-D12BB01AC1F2}" = Nokia N73 highlights
"{02E89EFC-7B07-4D5A-AA03-9EC0902914EE}" = VC 9.0 Runtime
"{053EC7D7-25D6-87DE-FB3C-21EDA3AC1B3D}" = CCC Help Japanese
"{055EE59D-217B-43A7-ABFF-507B966405D8}" = ATI Catalyst Control Center
"{09E03881-E349-18A2-2AFC-CADE51DF080E}" = CCC Help Thai
"{0C826C5B-B131-423A-A229-C71B3CACCD6A}" = CDDRV_Installer
"{0FF1922C-B6C4-40BB-AF30-BEF75A482444}" = Nokia Connectivity Cable Driver
"{109AB81D-9732-40B3-9C1F-113A86CE6F93}" = Canon MP Navigator 1.0
"{12C11D57-0E6B-64F2-B99E-E40E785AEB56}" = CCC Help Hungarian
"{152441C1-D4DA-EE78-7E4A-514DD0361256}" = CCC Help Dutch
"{16C291EE-B2F5-1636-D382-FEB776F677BE}" = CCC Help Italian
"{18941178-396B-0CC4-2168-17112315EBB8}" = ccc-utility
"{18A5DFF2-8A95-49F3-873F-743CB5549F3D}" = Canon ScanGear Starter
"{1B3D70BF-F1E5-1548-C1ED-22F0D47BDDD1}" = CCC Help Finnish
"{205A5182-EFC8-4C25-B61D-C164F8FF4048}" = BlackBerry Desktop Software 5.0.1
"{222C4C37-8EB6-438B-B722-B22209FA2628}" = StarMoney 7.0
"{22CCA04F-DFE0-5337-770C-3CFD2CDCF2D9}" = ccc-core-static
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{26A24AE4-039D-4CA4-87B4-2F83216010FF}" = Java(TM) 6 Update 21
"{28BE306E-5DA6-4F9C-BDB0-DBA3C8C6FFFD}" = QuickTime
"{2DDBE461-3A0D-A6C2-6944-92D694AFB12A}" = Catalyst Control Center Localization French
"{3101CB58-3482-4D21-AF1A-7057FC935355}" = KhalInstallWrapper
"{3248F0A8-6813-11D6-A77B-00B0D0150040}" = J2SE Runtime Environment 5.0 Update 4
"{3248F0A8-6813-11D6-A77B-00B0D0150060}" = J2SE Runtime Environment 5.0 Update 6
"{3248F0A8-6813-11D6-A77B-00B0D0160030}" = Java(TM) 6 Update 3
"{3248F0A8-6813-11D6-A77B-00B0D0160050}" = Java(TM) 6 Update 5
"{3248F0A8-6813-11D6-A77B-00B0D0160070}" = Java(TM) 6 Update 7
"{3373AFA7-672F-407C-68F0-955FB5930A47}" = Catalyst Control Center Localization Turkish
"{350C97B3-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{35343FF7-939B-401A-87B3-FF90A5123D88}" = Microsoft XML Parser und SDK
"{35CB8AFB-0376-9D4F-24E5-1EEC1CEE1A4B}" = CCC Help Chinese Standard
"{362BFFCD-8274-11D8-97C8-000129760CBE}" = MediaLife
"{36417A39-B6A6-BE0F-0AD0-6D9B116985D1}" = CCC Help Swedish
"{366FFC89-C800-4366-B903-B9C4314109A5}" = Garmin WebUpdater
"{3EA9D975-BFDC-4E8E-B88B-0446FBC8CA66}" = ATI HYDRAVISION
"{3FAFEF64-911D-8013-18B5-E0BDF223A5C0}" = CCC Help Korean
"{3FF3DD04-F386-46B0-97FC-B86238B65487}" = Canon MP Drivers 6.0
"{40E4166C-460E-65F8-F84B-88A2F9EA69F4}" = CCC Help Polish
"{421D1CB2-0C0B-AC1D-06E5-14B0974376B5}" = Catalyst Control Center Localization Korean
"{439800C9-FD42-4EA3-94D2-063DF0926873}" = Match-Up!
"{451CEE76-0FFE-802D-1F5E-615D69BC7007}" = Catalyst Control Center Localization Greek
"{4609F28C-0BDB-F2B2-9DC7-B35A28478312}" = Catalyst Control Center Localization Czech
"{46E1C9E1-9CC6-D432-F2BB-7CFC27B32EC9}" = Catalyst Control Center Localization Russian
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4BDFD2CE-6329-42E4-9801-9B3D1F10D79B}" = Adobe® Photoshop® Album Starter Edition 3.0
"{519118EE-ACFD-16B7-7FEA-6B47D529B50C}" = Catalyst Control Center Core Implementation
"{521AAD14-5030-44BB-8B0E-5CE65FCE57E0}" = InterVideo DeviceService
"{5325AF31-8FEF-EEA6-084E-6784F834B5C0}" = Catalyst Control Center Graphics Full Existing
"{553255F3-78FD-40F1-A6F8-6882140265FE}" = Apple Application Support
"{57105084-049B-008E-165A-92AF92B0C60F}" = ccc-core-preinstall
"{5791B7D3-8B34-4218-9750-6A8E45D0AD32}" = pdfforge Toolbar v1.1.2
"{57C14BDB-7D29-4DB9-98CA-F5F49120B8CF}" = Software der DVD Videokamera
"{59359B3D-ABE7-46BF-AB55-43B67A64DC68}" = Nokia MTP driver
"{5BE42A03-E7B8-42A9-B1BB-FC48B03D58B8}" = Presto! PageManager 6.01
"{5DA6F06A-B389-407B-BF8C-1548767914D8}" = ATI Problem Report Wizard
"{5DE136A9-DCAE-69D0-08CB-02F07CFC9398}" = CCC Help Spanish
"{5E7AD152-771A-52C9-8394-E2F3BA629E06}" = CCC Help Greek
"{636A7142-586A-4DF7-9207-191A2AF5610C}_is1" = Auslogics BoostSpeed
"{63B9224A-89C9-44E6-8252-5F2F73A71C54}" = StarMoney
"{6782B259-804B-301D-0DE9-13000375C2D2}" = Catalyst Control Center Localization Japanese
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{6B2715ED-7DBF-4BF1-9009-FE4D66421031}" = Nero 7 Essentials
"{6D58E839-9E34-3979-7BFD-145BD5E9401C}" = CCC Help Norwegian
"{6FA439F8-EBD8-FF4D-8EE5-A52FE69A4248}" = Catalyst Control Center Localization Finnish
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{735DEB9C-61BD-4D31-994B-92395BBB4E45}" = Microsoft XML Parser
"{73E30715-9EC4-4DAE-BE67-64500AEB8012}" = Nokia Nseries Skin for Microsoft Windows Media Player
"{76C4DAB3-F63A-498F-8645-1E8D6B3EC543}" = Lexware info service aktualisierung 2006
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{77F5816C-64A6-4FBE-BBE5-52EFE5EB84E8}" = Nokia themes for your device
"{793E79A5-B52D-E287-37F2-398F530D74C7}" = Catalyst Control Center Localization Polish
"{79D5997E-BF79-48BB-8B41-9BE59C15C2D7}" = OmniPage SE 2.0
"{7F2FF077-4A0C-0F26-717C-617DED010B33}" = CCC Help English
"{83682B4C-B98C-4BEB-97CC-8EAD2AF9E4C6}" = MyIdentityDefender Toolbar (CyberDefender Corporation)
"{86905EEA-B721-4585-B95A-09DE85FA4D36}" = Lexware online banking 4.80
"{879C52A2-FF9A-4CB5-BB74-B0DA994ABB2A}" = StarMoney
"{89DE67AD-08B8-4699-A55D-CA5C0AF82BF3}" = ATI AVIVO Codecs
"{8BF103B8-8C8E-2246-8C0D-C6C256E5E428}" = CCC Help French
"{8C17851D-8495-4827-8E9A-52722E2EEE7B}" = Lexware Dao 350 Dao 360
"{8E9BA9AF-6A06-C7AC-5863-4A40CF29CE05}" = Catalyst Control Center Localization German
"{8EF4D709-7A3A-11D5-BA96-00C0DF22DE85}" = DarkSpace
"{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}" = TomTom HOME Visual Studio Merge Modules
"{900B1197-53F5-4F46-A882-2CFFFE2EEDCB}" = Logitech Desktop Messenger
"{90120000-0010-0407-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (German) 12
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_STANDARDR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_STANDARDR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2007
"{90120000-001A-0407-0000-0000000FF1CE}_STANDARDR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_STANDARDR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_STANDARDR_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_STANDARDR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_STANDARDR_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_STANDARDR_{322296D4-1EAE-4030-9FBC-D2787EB25FA2}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_STANDARDR_{26454C26-D259-4543-AA60-3189E09C5F76}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00B2-0409-0000-0000000FF1CE}" = Microsoft Save as PDF or XPS Add-in for 2007 Microsoft Office programs
"{90E5D6A9-C373-357B-6659-8BF019E3C1D4}" = Catalyst Control Center Localization Dutch
"{91120000-0012-0000-0000-0000000FF1CE}" = Microsoft Office Standard 2007
"{91120000-0012-0000-0000-0000000FF1CE}_STANDARDR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-0012-0000-0000-0000000FF1CE}_STANDARDR_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{9366C5C6-9434-C4C9-9804-FB4D7142874D}" = Catalyst Control Center Localization Portuguese
"{942DD738-A9F7-BBFA-3960-4558CB0EE272}" = Catalyst Control Center Localization Chinese Standard
"{9862B19F-4CAD-4EED-920F-2F378D84393F}" = ATI Parental Control & Encoder
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9D765FA6-F2BC-40AF-8145-50808F9BDF4E}" = DVD-RAM Driver
"{A040AC77-C1AA-4CC9-8931-9F648AF178F6}" = VC 9.0 Runtime
"{A0845197-A2B6-4B80-B425-BC5AA57CEC07}" = Lexware online banking 3.50
"{A0857F54-AE2D-F453-4069-C7D65AE36426}" = Catalyst Control Center Localization Chinese Traditional
"{A2FA61E6-B46A-3489-BD5A-2991144A5BC4}" = CCC Help Portuguese
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A49098C1-980A-4C99-A579-4D10409AD899}" = DVDfunSTUDIO
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{AA75AFFC-C5F3-2497-FE56-48AA163EFE2B}" = CCC Help Russian
"{AB2347E4-153B-4194-AA3B-97C0A662B369}" = PC Connectivity Solution
"{AC073452-EF2A-4333-9FE5-AA97C820813A}" = DirLister
"{AC76BA86-7AD7-1031-7B44-A91000000001}" = Adobe Reader 9.1 - Deutsch
"{B3AA1D2E-210C-445F-8822-676DEBB3B9BD}" = Lexware financial office 2006
"{B5C68E1B-A651-33AA-21A6-7CC2D69EEFA2}" = CCC Help Czech
"{B98BE95C-E76F-4246-B8E6-BEB8EE791D06}" = Roxio Media Manager
"{BC63A4AC-435D-4AAD-9881-D0ED60804D1A}" = Lexware buchhalter Aktualisierung Februar 2008, Version 13.10
"{BE2686A1-ECF2-FF0E-9DF5-EC7A806AEED8}" = Catalyst Control Center Localization Thai
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C2CFD52D-1294-40E4-B0AE-0759DC34D8F5}" = Lexware financial office 2006
"{C43048A9-742C-4DAD-90D2-E3B53C9DB825}" = Logitech QuickCam-Software
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CC2B8406-F144-3B99-F66E-8D1703C9A9C5}" = Catalyst Control Center Graphics Previews Common
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D4C9692E-4EFA-4DA0-8B7F-9439466D9E31}" = Full Tilt Poker
"{D4F3A4D4-84B1-3A40-14AA-422DE60EF96A}" = Skins
"{D51D9840-FABE-390B-24D2-D052332B311A}" = Catalyst Control Center Localization Spanish
"{D5C130AB-A7EE-4169-B9BD-DE9CA3DC56DA}" = Lexware online banking 4.80
"{D63F2860-678D-11D4-B355-0010A4F75374}" = PerSono
"{D89AC4DF-7A00-4D0B-BA99-D582C7974A09}" = Nokia PC Suite
"{D8E1DFEE-622B-46BA-AEFF-AB7E541C0B21}" = Steuer-Spar-Erklärung 2010
"{D9E96902-5743-D105-BCB7-FBD3C0DF3989}" = Catalyst Control Center Localization Swedish
"{DCE27619-6822-0D22-1405-9D2899DC1896}" = Catalyst Control Center Localization Norwegian
"{DF6A13C0-77DF-41FE-BD05-6D5201EB0CE7}_is1" = AusLogics Disk Defrag
"{DF6FE172-006A-4324-AF7F-ACFE4BA290FE}" = AAVUpdateManager
"{DF80DB18-7179-EB18-5818-E7F761DA59AE}" = CCC Help Danish
"{E26C402E-01FE-4EF2-964A-AC54734539B7}" = DVD-MovieAlbumSE 4.3
"{E2883E8F-472F-4fb0-9522-AC9BF37916A7}" = Adobe Download Manager
"{E698F77C-216C-8409-F4DC-E4AAECF5DEFF}" = Catalyst Control Center Localization Italian
"{E728E952-DD4F-4BCD-A5C8-40FBFEFF91FE}" = OpenOffice.org Installer 1.0
"{E78BFA60-5393-4C38-82AB-E8019E464EB4}" = Microsoft .NET Framework 1.1 German Language Pack
"{E7DAAF26-A0B0-1D77-0794-20D1314297F1}" = Catalyst Control Center Graphics Light
"{E9E4BB29-FA98-401B-9EDE-9906906E33DE}" = Paragon Festplattenmanager 2006
"{EE565795-2776-415A-B31C-EB3A8D7C6FA4}" = Nokia Lifeblog 2.1
"{F16A317A-6128-39E2-9607-20B5C70132E6}" = Catalyst Control Center Localization Hungarian
"{F1BA3CD5-89DC-4273-8603-A75F33E9B335}" = Nokia Connectivity Adapter Cable DKU-5
"{F29B21BD-CAA6-445F-8EF7-A7E2B9D8B14E}" = Logitech SetPoint
"{F2B34A83-5345-910F-EC0F-0D92A00D6E3B}" = CCC Help Turkish
"{F2BDC47D-18FA-5B10-58C0-9FFBDBE0B031}" = Catalyst Control Center Graphics Full New
"{F3D677C8-612D-F5A8-A22F-2EF74F44000B}" = CCC Help Chinese Traditional
"{F99898C4-4620-404A-915B-01292FA1A657}" = Lexware financial office 2007
"{F99F9E24-EE2F-47FD-AEB0-FDB82859B5C9}" = VideoStudio
"{F9AB0D25-0085-8345-3F1A-5E5C714092B9}" = Catalyst Control Center Localization Danish
"{FB08F381-6533-4108-B7DD-039E11FBC27E}" = Realtek AC'97 Audio
"{FEFE846E-DF0E-0AC6-0EA0-F85CE63CA275}" = CCC Help German
"{FF748561-FFFE-11D3-A06B-00E02939A7B1}" = dakota.ag
"{FFCB1B04-5B1C-4A17-AA60-CA6F00BA50F9}" = StarMoney
"0852D05415AB9A4F1EF451E342267F76C776ED2F" = Windows Driver Package - Nokia Modem (11/03/2006 6.82.0.1)
"4CFD94C379217A02D5EA067615FF789CD731BCDB" = Windows Driver Package - Nokia (WUDFRd) WPD (11/03/2006 6.82.26.2)
"7-Zip" = 7-Zip 4.65
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"AFPL Ghostscript 8.54" = AFPL Ghostscript 8.54
"AFPL Ghostscript Fonts" = AFPL Ghostscript Fonts
"All ATI Software" = ATI - Dienstprogramm zur Deinstallation der Software
"ATI Display Driver" = ATI Display Driver
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"BlackBerry_{205A5182-EFC8-4C25-B61D-C164F8FF4048}" = BlackBerry Desktop Software 5.0.1
"DarkSpace" = DarkSpace 1.521
"Easy-PhotoPrint" = Canon Utilities Easy-PhotoPrint
"Easy-WebPrint" = Easy-WebPrint
"ERUNT_is1" = ERUNT 1.1j
"Free PDF to Word Doc Converter_is1" = Free PDF to Word Doc Converter v1.1
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie7" = Windows Internet Explorer 7
"ie8" = Windows Internet Explorer 8
"InstallShield_{F99F9E24-EE2F-47FD-AEB0-FDB82859B5C9}" = Ulead VideoStudio 11
"KLiteCodecPack_is1" = K-Lite Mega Codec Pack 5.4.0
"lgx4.lgx.server" = G DATA Logox4 Speechengine
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"MediaNavigation.CDLabelPrint" = CD-LabelPrint
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mozilla Firefox (3.6.3)" = Mozilla Firefox (3.6.3)
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"PokerStars.net" = PokerStars.net
"QcDrv" = Logitech® Camera-Treiber
"Rainbow Sentinel Driver" = Sentinel System Driver
"Security Task Manager" = Security Task Manager 1.7h
"SiSLan" = SiS 900 PCI Fast Ethernet Adapter Driver
"STANDARDR" = Microsoft Office Standard 2007
"sv.net" = sv.net
"Teamspeak 2 RC2_is1" = TeamSpeak 2 RC2
"Windows CE Services" = Microsoft ActiveSync 3.7
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinRAR archiver" = WinRAR
"WinZip" = WinZip
"WMFDist11" = Windows Media Format 11 runtime
"Wudf01005" = Microsoft User-Mode Driver Framework Feature Pack 1.5
"ZoneAlarm" = ZoneAlarm
"ZoneAlarm Toolbar" = ZoneAlarm Toolbar
"ZoneAlarmSB Uninstall" = ZoneAlarm Spy Blocker
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 28.08.2010 02:57:23 | Computer Name = AUTOPRO | Source = crypt32 | ID = 131080
Description = Der automatische Aktualisierungsabruf der Drittanbieterstammlisten-Sequenznummer
von <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>
ist fehlgeschlagen mit dem Fehler: Dieser Vorgang wurde wegen Zeitüberschreitung
zurückgegeben. .
Error - 28.08.2010 02:57:23 | Computer Name = AUTOPRO | Source = crypt32 | ID = 131080
Description = Der automatische Aktualisierungsabruf der Drittanbieterstammlisten-Sequenznummer
von <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>
ist fehlgeschlagen mit dem Fehler: Der angegebene Server kann den angeforderten
Vorgang nicht ausführen. .
Error - 28.08.2010 02:57:23 | Computer Name = AUTOPRO | Source = crypt32 | ID = 131080
Description = Der automatische Aktualisierungsabruf der Drittanbieterstammlisten-Sequenznummer
von <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>
ist fehlgeschlagen mit dem Fehler: Der angegebene Server kann den angeforderten
Vorgang nicht ausführen. .
Error - 28.08.2010 11:31:27 | Computer Name = AUTOPRO | Source = MsiInstaller | ID = 1008
Description = Die Installation von C:\Dokumente und Einstellungen\Scott Fountain\Eigene
Dateien\Downloads\windowsdefender.msi ist aufgrund eines Fehlers in der Verarbeitung
der Richtlinie für Softwareeinschränkungen nicht zugelassen. Das Objekt ist nicht
vertrauenswürdig.
Error - 28.08.2010 11:35:03 | Computer Name = AUTOPRO | Source = MsiInstaller | ID = 1008
Description = Die Installation von C:\Dokumente und Einstellungen\Administrator\Eigene
Dateien\Downloads\windowsdefender.msi ist aufgrund eines Fehlers in der Verarbeitung
der Richtlinie für Softwareeinschränkungen nicht zugelassen. Das Objekt ist nicht
vertrauenswürdig.
Error - 28.08.2010 14:32:44 | Computer Name = AUTOPRO | Source = crypt32 | ID = 131080
Description = Der automatische Aktualisierungsabruf der Drittanbieterstammlisten-Sequenznummer
von <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>
ist fehlgeschlagen mit dem Fehler: Dieser Vorgang wurde wegen Zeitüberschreitung
zurückgegeben. .
Error - 28.08.2010 14:32:45 | Computer Name = AUTOPRO | Source = crypt32 | ID = 131080
Description = Der automatische Aktualisierungsabruf der Drittanbieterstammlisten-Sequenznummer
von <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>
ist fehlgeschlagen mit dem Fehler: Der angegebene Server kann den angeforderten
Vorgang nicht ausführen. .
Error - 28.08.2010 14:32:45 | Computer Name = AUTOPRO | Source = crypt32 | ID = 131080
Description = Der automatische Aktualisierungsabruf der Drittanbieterstammlisten-Sequenznummer
von <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>
ist fehlgeschlagen mit dem Fehler: Der angegebene Server kann den angeforderten
Vorgang nicht ausführen. .
Error - 28.08.2010 14:54:13 | Computer Name = AUTOPRO | Source = Google Update | ID = 20
Description =
Error - 28.08.2010 15:54:07 | Computer Name = AUTOPRO | Source = Google Update | ID = 20
Description =
[ System Events ]
Error - 28.08.2010 14:40:54 | Computer Name = AUTOPRO | Source = Service Control Manager | ID = 7034
Description = Dienst "Einfache TCP/IP-Dienste" wurde unerwartet beendet. Dies ist
bereits 1 Mal passiert.
Error - 28.08.2010 14:40:54 | Computer Name = AUTOPRO | Source = Service Control Manager | ID = 7034
Description = Dienst "StarMoney 7.0 OnlineUpdate" wurde unerwartet beendet. Dies
ist bereits 1 Mal passiert.
Error - 28.08.2010 14:40:55 | Computer Name = AUTOPRO | Source = Service Control Manager | ID = 7034
Description = Dienst "Ulead Burning Helper" wurde unerwartet beendet. Dies ist bereits
1 Mal passiert.
Error - 28.08.2010 14:40:56 | Computer Name = AUTOPRO | Source = Service Control Manager | ID = 7034
Description = Dienst "ServiceLayer" wurde unerwartet beendet. Dies ist bereits 1
Mal passiert.
Error - 28.08.2010 14:45:14 | Computer Name = AUTOPRO | Source = Service Control Manager | ID = 7009
Description = Zeitüberschreitung (30000 ms) beim Verbindungsversuch mit Dienst Roxio
Hard Drive Watcher 9.
Error - 28.08.2010 15:06:48 | Computer Name = AUTOPRO | Source = Service Control Manager | ID = 7009
Description = Zeitüberschreitung (30000 ms) beim Verbindungsversuch mit Dienst Roxio
Hard Drive Watcher 9.
Error - 28.08.2010 15:08:11 | Computer Name = AUTOPRO | Source = Service Control Manager | ID = 7026
Description = Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
gagp30kx
Error - 28.08.2010 15:29:08 | Computer Name = AUTOPRO | Source = DCOM | ID = 10010
Description = Der Server "{FFF2D28F-E4EE-44D9-8104-8E71556757F6}" konnte innerhalb
des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
Error - 28.08.2010 15:41:09 | Computer Name = AUTOPRO | Source = DCOM | ID = 10010
Description = Der Server "{FFF2D28F-E4EE-44D9-8104-8E71556757F6}" konnte innerhalb
des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
Error - 28.08.2010 15:44:16 | Computer Name = AUTOPRO | Source = Service Control Manager | ID = 7009
Description = Zeitüberschreitung (30000 ms) beim Verbindungsversuch mit Dienst Roxio
Hard Drive Watcher 9.
< End of report >
--- --- --- Da GMER soooooo gross ist und es nur mit Zonealarm zu tun hatte, habe ich es nicht gepostet. Danke Scotty Hallo nochmal, da ich bis jetzt nicht erfahren habe wollte ich nochmal fragen wie ich mit den defogger verfahren sollte. Soll ich denn aus oder wieder einschalten. Danke Scotty |
|
31.08.2010, 20:40
| #2 |
| /// Winkelfunktion /// TB-Süch-Tiger™   | Meldung beim Start von XP - yise.ero nicht gefunden. Hallo und
__________________ Bitte routinemäßig einen Vollscan mit Malwarebytes machen und Log posten. Denk daran, dass Malwarebytes vor jedem Scan manuell aktualisiert werden muss!
__________________ |
|
| Themen zu Meldung beim Start von XP - yise.ero nicht gefunden. |
| 0x00000001, adobe, antivir, avgntflt.sys, avira, bho, canon, checkpoint, components, conduit, defogger, desktop, downloader, einstellungen, error, excel.exe, explorer, firefox, firefox.exe, format, hijack.shell, home, installation, location, logfile, microsoft office word, mozilla, msiinstaller, nicht gefunden, office 2007, oldtimer, otl logfile, pdfforge toolbar, photoshop, plug-in, port, realtek, registry, richtlinie, rundll, saver, searchplugins, searchsettings.dll, security, security update, shell32.dll, software, spigot, starmoney, studio, superantispyware, system, uleadburninghelper, visual studio, windows internet, windows internet explorer |
Linear-Darstellung
