Skype Virus: "is this your pic h**p://anitapunja.net/photo_id.php"

.Anti. · 06.09.2010, 23:15

Hi

Ich scheine mit einen Trojaner oder sowas in der Richtung eingefangen zu haben (kenne mich da nicht so aus

)

Habe mir das Teil per Skype eingefangen, und zwar bei diesem Link:
"is this your pic h**p://anitapunja.net/photo_id.php"
Und jetzt versucht der Link sich immer per Skype und MSN zu verschicken.

Einen ähnlichen Post gab es bereits hier:
http://www.trojaner-board.de/90043-v...to_id-php.html

Die Maßnahmen haben nur leider nicht geholfen

MfG

PS: Malewarebyte- und OTL-Berichte kommen gleich.

.Anti. · 06.09.2010, 23:17

Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Datenbank Version: 4557

Windows 5.1.2600 Service Pack 3
Internet Explorer 7.0.5730.11

07.09.2010 00:13:26
mbam-log-2010-09-07 (00-13-26).txt

Art des Suchlaufs: Quick-Scan
Durchsuchte Objekte: 141104
Laufzeit: 8 Minute(n), 55 Sekunde(n)

Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 0
Infizierte Registrierungswerte: 0
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 0
Infizierte Dateien: 0

Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte:
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)

Infizierte Dateien:
(Keine bösartigen Objekte gefunden)

.Anti. · 06.09.2010, 23:18

OTL Logfile:

Code:

ATTFilter

OTL logfile created on: 07.09.2010 00:08:14 - Run 1
OTL by OldTimer - Version 3.2.11.0     Folder = C:\Dokumente und Einstellungen\Ich\Desktop\MFTools
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.11)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
1,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 41,00% Memory free
2,00 Gb Paging File | 2,00 Gb Available in Paging File | 66,00% Paging File free
Paging file location(s): C:\pagefile.sys 1024 1024 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 72,65 Gb Total Space | 15,11 Gb Free Space | 20,80% Space Free | Partition Type: FAT32
Drive D: | 73,45 Gb Total Space | 20,47 Gb Free Space | 27,88% Space Free | Partition Type: NTFS
Drive E: | 455,16 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
 
Computer Name: FINN
Current User Name: Ich
Logged in as Administrator.
 
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard
 
========== Processes (SafeList) ==========
 
PRC - [2010.09.06 22:15:36 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Dokumente und Einstellungen\Ich\Desktop\MFTools\OTL.exe
PRC - [2010.09.06 19:47:32 | 000,062,464 | RHS- | M] () -- C:\WINDOWS\nvsvc32.exe
PRC - [2010.09.02 20:40:31 | 001,242,448 | ---- | M] (Valve Corporation) -- D:\Programme\Steam\steam.exe
PRC - [2010.08.22 13:02:26 | 000,133,432 | ---- | M] (ICQ, LLC.) -- D:\Programme\ICQ7.0\ICQ.exe
PRC - [2010.07.31 23:37:22 | 000,908,248 | ---- | M] (Mozilla Corporation) -- D:\Programme\Mozilla Firefox\firefox.exe
PRC - [2010.06.09 01:47:48 | 001,531,904 | ---- | M] (Nokia) -- C:\Programme\Gemeinsame Dateien\Nokia\MPlatform\NokiaMServer.exe
PRC - [2010.05.14 11:44:46 | 000,248,552 | ---- | M] (Sun Microsystems, Inc.) -- C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe
PRC - [2010.04.29 15:39:32 | 001,090,952 | ---- | M] (Malwarebytes Corporation) -- D:\Programme\Malwarebytes' Anti-Malware\mbam.exe
PRC - [2010.01.03 17:07:48 | 000,246,520 | ---- | M] () -- C:\Programme\ICQ6Toolbar\ICQ Service.exe
PRC - [2009.12.07 22:32:12 | 000,053,248 | ---- | M] () -- C:\WINDOWS\system32\Macromed\Shockwave 10\PostUpdate.exe
PRC - [2009.09.26 07:35:02 | 000,819,600 | ---- | M] (Microsoft Corporation) -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
PRC - [2009.09.23 15:04:56 | 000,203,608 | ---- | M] (Microsoft Corporation) -- C:\Programme\Microsoft Application Virtualization Client\sftvsa.exe
PRC - [2009.09.23 15:04:52 | 000,447,832 | ---- | M] (Microsoft Corporation) -- C:\Programme\Microsoft Application Virtualization Client\sftlist.exe
PRC - [2009.08.28 19:42:54 | 000,144,672 | ---- | M] (Apple Inc.) -- C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
PRC - [2009.07.21 13:34:30 | 000,185,089 | ---- | M] (Avira GmbH) -- C:\Programme\Avira\AntiVir Desktop\avguard.exe
PRC - [2009.05.13 15:48:20 | 000,108,289 | ---- | M] (Avira GmbH) -- C:\Programme\Avira\AntiVir Desktop\sched.exe
PRC - [2009.03.02 12:08:44 | 000,209,153 | ---- | M] (Avira GmbH) -- C:\Programme\Avira\AntiVir Desktop\avgnt.exe
PRC - [2008.06.10 12:56:28 | 000,447,560 | ---- | M] (Microsoft Corporation) -- C:\Programme\Microsoft IntelliPoint\dpupdchk.exe
PRC - [2008.04.14 04:22:46 | 001,036,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Explorer.EXE
PRC - [2007.06.16 12:50:28 | 000,068,856 | ---- | M] (Google Inc.) -- C:\Programme\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
PRC - [2006.03.11 22:23:16 | 000,221,184 | ---- | M] (Sony DADC Austria AG.) -- C:\WINDOWS\system32\UAService7.exe
PRC - [2005.06.27 14:32:28 | 000,278,528 | ---- | M] (T-Online International AG, Marmiko IT-Solutions GmbH) -- D:\Programme\T-Online\T-Online_Software_6\Basis-Software\Basis1\ToADiMon.exe
PRC - [2004.07.12 09:54:26 | 000,015,360 | ---- | M] (Microsoft® Corporation) -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\Works Shared\WkCalRem.exe
PRC - [2004.06.03 10:51:28 | 000,172,032 | ---- | M] (Microsoft Corporation) -- C:\Programme\Microsoft IntelliType Pro\type32.exe
PRC - [2004.05.04 19:39:04 | 000,117,760 | ---- | M] (TuneUp Software GmbH) -- C:\Programme\TuneUp WinStyler\WinStylerThemeSvc.exe
PRC - [2004.01.28 09:19:52 | 000,098,304 | ---- | M] (Saitek) -- C:\Programme\Saitek\Software\SaiSmart.exe
PRC - [2004.01.28 09:19:26 | 000,159,744 | ---- | M] (Saitek) -- C:\Programme\Saitek\Software\Profiler.exe
 
 
========== Modules (SafeList) ==========
 
MOD - [2010.09.06 22:15:36 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Dokumente und Einstellungen\Ich\Desktop\MFTools\OTL.exe
MOD - [2009.08.28 09:25:28 | 000,109,072 | ---- | M] (Kaspersky Lab) -- C:\Programme\Kaspersky Lab\Kaspersky Anti-Virus 2010\mzvkbd3.dll
MOD - [2008.04.14 04:21:06 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msscript.ocx
MOD - [2004.05.04 19:39:02 | 000,075,776 | ---- | M] () -- C:\Programme\TuneUp WinStyler\WinStylerThemeHelper.dll
 
 
========== Win32 Services (SafeList) ==========
 
SRV - File not found [On_Demand | Stopped] -- C:\WINDOWS\System32\appmgmts.dll -- (AppMgmt)
SRV - [2010.06.14 15:07:14 | 000,615,936 | ---- | M] (Nokia) [On_Demand | Stopped] -- C:\Programme\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2010.01.03 17:07:48 | 000,246,520 | ---- | M] () [Auto | Running] -- C:\Programme\ICQ6Toolbar\ICQ Service.exe -- (ICQ Service)
SRV - [2009.09.26 07:35:02 | 000,819,600 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\Virtualization Handler\CVHSVC.EXE -- (cvhsvc)
SRV - [2009.09.26 04:28:22 | 004,639,136 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE -- (osppsvc)
SRV - [2009.09.26 03:31:58 | 000,149,336 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE -- (ose)
SRV - [2009.09.23 15:04:56 | 000,203,608 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Programme\Microsoft Application Virtualization Client\sftvsa.exe -- (sftvsa)
SRV - [2009.09.23 15:04:52 | 000,447,832 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Microsoft Application Virtualization Client\sftlist.exe -- (sftlist)
SRV - [2009.08.28 19:42:54 | 000,144,672 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2009.07.21 13:34:30 | 000,185,089 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Programme\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2009.05.25 05:26:40 | 000,303,376 | ---- | M] (Kaspersky Lab) [Auto | Stopped] -- C:\Programme\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe -- (AVP)
SRV - [2009.05.17 22:04:00 | 000,098,488 | ---- | M] (SiSoftware) [On_Demand | Stopped] -- D:\Programme\SiSoftware\SiSoftware Sandra Lite 2009.SP3c\RpcAgentSrv.exe -- (SandraAgentSrv)
SRV - [2009.05.13 15:48:20 | 000,108,289 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Programme\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2007.01.19 12:54:14 | 000,097,136 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\MSN Messenger\usnsvc.exe -- (usnjsvc)
SRV - [2006.03.11 22:23:16 | 000,221,184 | ---- | M] (Sony DADC Austria AG.) [Auto | Running] -- C:\WINDOWS\system32\UAService7.exe -- (UserAccess7) SecuROM User Access Service (V7)
SRV - [2005.04.04 00:41:10 | 000,069,632 | ---- | M] (Macrovision Corporation) [On_Demand | Stopped] -- C:\Programme\Gemeinsame Dateien\InstallShield\Driver\11\Intel 32\IDriverT.exe -- (IDriverT)
SRV - [2004.05.04 19:39:04 | 000,117,760 | ---- | M] (TuneUp Software GmbH) [Auto | Running] -- C:\Programme\TuneUp WinStyler\WinStylerThemeSvc.exe -- (TUWinStylerThemeSvc)
 
 
========== Driver Services (SafeList) ==========
 
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\DRIVERS\usbser_lowerflt.sys -- (upperdev)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\DRIVERS\ultradfg.sys -- (ultradfg)
DRV - File not found [Kernel | On_Demand | Stopped] -- D:\PROGRA~1\T-Online\T-ONLI~1\BASIS-~1\Basis1\MTOnlPktAlyX.SYS -- (MTOnlPktAlyX)
DRV - File not found [Kernel | Auto | Stopped] -- C:\Programme\Acer\eRecovery\int15.sys -- (int15.sys)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\DOKUME~1\Ich\LOKALE~1\Temp\DMSKSSRh.sys -- (DMSKSSRh)
DRV - [2010.04.29 15:39:38 | 000,038,224 | ---- | M] (Malwarebytes Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mbamswissarmy.sys -- (MBAMSwissArmy)
DRV - [2010.02.26 14:32:44 | 000,018,176 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ccdcmb.sys -- (nmwcd)
DRV - [2009.11.25 11:19:04 | 000,056,816 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2009.09.23 15:05:06 | 000,021,864 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Sftredirxp.sys -- (Sftredir)
DRV - [2009.09.23 15:04:56 | 000,014,680 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Programme\Microsoft Application Virtualization Client\drivers\SftVolXP.sys -- (sftvol)
DRV - [2009.09.23 15:04:54 | 000,190,312 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Programme\Microsoft Application Virtualization Client\drivers\sftplayxp.sys -- (sftplay)
DRV - [2009.09.23 15:04:52 | 000,543,064 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Programme\Microsoft Application Virtualization Client\drivers\SftFSXP.sys -- (sftfs)
DRV - [2009.07.30 17:34:10 | 000,296,976 | ---- | M] (Kaspersky Lab) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\klif.sys -- (KLIF)
DRV - [2009.07.30 17:34:10 | 000,128,016 | ---- | M] (Kaspersky Lab) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\kl1.sys -- (kl1)
DRV - [2009.06.15 22:23:50 | 000,717,296 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd)
DRV - [2009.05.16 20:59:44 | 000,019,472 | ---- | M] (Kaspersky Lab) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\klmouflt.sys -- (klmouflt)
DRV - [2009.05.13 17:46:52 | 000,031,760 | ---- | M] (Kaspersky Lab) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\klim5.sys -- (klim5)
DRV - [2009.05.11 09:12:22 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2009.05.09 01:14:20 | 000,014,736 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nuidfltr.sys -- (NuidFltr)
DRV - [2009.05.05 23:37:52 | 000,026,216 | ---- | M] (SiSoftware) [Kernel | On_Demand | Stopped] -- D:\Programme\SiSoftware\SiSoftware Sandra Lite 2009.SP3c\WNt500x86\sandra.sys -- (SANDRA)
DRV - [2009.03.30 09:33:04 | 000,096,104 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avipbb.sys -- (avipbb)
DRV - [2009.02.13 11:35:02 | 000,011,608 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Programme\Avira\AntiVir Desktop\avgio.sys -- (avgio)
DRV - [2009.02.04 09:27:20 | 003,488,768 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2008.12.15 20:41:32 | 000,033,808 | ---- | M] (Kaspersky Lab) [File_System | Boot | Running] -- C:\WINDOWS\system32\drivers\klbg.sys -- (klbg)
DRV - [2008.10.31 20:52:16 | 000,093,184 | R--- | M] (ATI Research Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AtiHdmi.sys -- (AtiHdmiService)
DRV - [2008.08.26 10:26:12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2008.04.13 20:53:10 | 000,040,320 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nmnt.sys -- (nm)
DRV - [2008.04.13 20:46:22 | 000,015,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mpe.sys -- (MPE)
DRV - [2008.04.13 20:45:12 | 000,060,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\USBAUDIO.sys -- (usbaudio) USB-Audiotreiber (WDM)
DRV - [2008.04.13 18:36:06 | 000,144,384 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Hdaudbus.sys -- (HDAudBus)
DRV - [2007.10.12 03:40:00 | 000,009,096 | R--- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\amdide.sys -- (amdide)
DRV - [2007.03.09 17:09:54 | 000,271,360 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\atksgt.sys -- (atksgt)
DRV - [2007.01.31 15:33:46 | 000,005,632 | ---- | M] (GRISOFT, s.r.o.) [Kernel | Boot | Running] -- C:\WINDOWS\System32\DRIVERS\avgarkt.sys -- (AVG Anti-Rootkit)
DRV - [2007.01.18 14:00:28 | 000,003,968 | ---- | M] (GRISOFT, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\AvgArCln.sys -- (AvgArCln)
DRV - [2006.07.01 23:30:28 | 000,043,520 | ---- | M] (Advanced Micro Devices) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\AmdK8.sys -- (AmdK8)
DRV - [2006.06.10 18:47:12 | 000,018,048 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\lirsgt.sys -- (lirsgt)
DRV - [2006.05.22 06:40:30 | 000,017,152 | ---- | M] (T-Online International AG, Marmiko IT-Solutions GmbH) [Kernel | On_Demand | Stopped] -- C:\Programme\Gemeinsame Dateien\Marmiko Shared\MInfraIS\MIINPazx.sys -- (MIINPazX)
DRV - [2006.05.05 05:53:30 | 000,985,472 | ---- | M] (AVerMedia TECHNOLOGIES, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AVerBDA3x.sys -- (AVerA700)
DRV - [2005.11.03 16:40:08 | 000,063,488 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\sfvfs02.sys -- (sfvfs02) StarForce Protection VFS Driver (version 2.x)
DRV - [2005.10.22 07:38:00 | 000,006,144 | ---- | M] (NewTech Infosystems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\NTIDrvr.sys -- (NTIDrvr)
DRV - [2005.07.01 06:30:32 | 000,230,272 | R--- | M] (Marvell) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\yk51x86.sys -- (yukonwxp)
DRV - [2005.07.01 06:29:28 | 003,134,976 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2005.06.08 08:31:30 | 002,319,680 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ALCXWDM.SYS -- (ALCXWDM) Service for Realtek AC97 Audio (WDM)
DRV - [2005.06.01 17:40:10 | 000,097,920 | ---- | M] (Silicon Image, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\SI3112r.sys -- (SI3112r)
DRV - [2005.06.01 17:40:10 | 000,010,240 | ---- | M] (Silicon Image, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\SiWinAcc.sys -- (SiFilter)
DRV - [2005.03.15 17:04:00 | 000,161,792 | ---- | M] (OmniVision Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ov530vid.sys -- (ovt530)
DRV - [2005.03.04 11:10:26 | 000,074,496 | ---- | M] (Realtek Semiconductor Corporation                           ) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Rtlnicxp.sys -- (RTL8023xp)
DRV - [2005.02.23 14:58:56 | 000,011,776 | ---- | M] (Arcsoft, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\afc.sys -- (Afc)
DRV - [2005.01.07 17:07:16 | 000,145,920 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Hdaudio.sys -- (HdAudAddService)
DRV - [2004.12.17 17:14:44 | 000,013,952 | ---- | M] () [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\UBHelper.sys -- (UBHelper)
DRV - [2004.08.03 22:31:34 | 000,020,992 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\RTL8139.sys -- (rtl8139) NT-Treiber für Realtek RTL8139(A/B/C)
DRV - [2004.01.30 15:29:38 | 000,055,808 | ---- | M] (Saitek) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\SaiH0464.sys -- (SaiH0464)
DRV - [2004.01.28 09:09:36 | 000,026,624 | ---- | M] (Saitek) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\SaiNtBus.sys -- (SaiNtBus)
DRV - [2004.01.28 09:09:34 | 000,015,232 | ---- | M] (Saitek) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\SaiMini.sys -- (SaiMini)
DRV - [2003.09.19 15:45:48 | 000,021,248 | ---- | M] (Padus, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\pfc.sys -- (pfc)
DRV - [2003.07.02 04:42:00 | 000,027,904 | ---- | M] (VIA Technologies, Inc.) [Kernel | Boot | Stopped] -- C:\WINDOWS\system32\DRIVERS\viaagp1.sys -- (viaagp1)
DRV - [2000.07.24 01:01:00 | 000,019,537 | ---- | M] (Brother Industries Ltd.) [Kernel | Auto | Running] -- C:\WINDOWS\System32\drivers\BrPar.sys -- (BrPar)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = hxxp://www.google.com/ie
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://www.google.com/ie
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 
IE - HKCU\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - Reg Error: Key error. File not found
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
========== FireFox ==========
 
FF - prefs.js..browser.startup.homepage: "schueler.cc|travian.at|youtube.com"
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.2.2
FF - prefs.js..extensions.enabledItems: {D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}:0.9.7.1
FF - prefs.js..extensions.enabledItems: {A27F3FEF-1113-4cfb-A032-8E12D7D8EE70}:7.3.3.42
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: {35106bca-6c78-48c7-ac28-56df30b51d2a}:1.3.8
FF - prefs.js..extensions.enabledItems: {ACAA314B-EEBA-48e4-AD47-84E31C44796C}:1.0.1
 
FF - HKLM\software\mozilla\Firefox\Extensions\\{A27F3FEF-1113-4cfb-A032-8E12D7D8EE70}: C:\Programme\Nokia\Nokia Ovi Suite\Connectors\Bookmarks Connector\FirefoxExtension\ [2010.09.01 03:44:34 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.11\extensions\\Components: D:\Programme\Mozilla Firefox\components [2010.07.31 23:37:26 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.11\extensions\\Plugins: D:\Programme\Mozilla Firefox\plugins [2010.07.31 23:37:26 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Thunderbird 2.0.0.24\extensions\\Components: C:\Programme\Mozilla Thunderbird\components [2007.05.01 16:30:44 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Thunderbird 2.0.0.24\extensions\\Plugins: C:\Programme\Mozilla Thunderbird\plugins [2008.09.05 15:05:18 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Thunderbird\Extensions\\{CCB7D94B-CA92-4E3F-B79D-ADE0F07ADC74}: C:\Programme\Nokia\Nokia Ovi Suite\Connectors\Thunderbird Connector\ThunderbirdExtension\ [2010.09.01 03:44:32 | 000,000,000 | ---D | M]
 
[2010.04.13 14:06:06 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Ich\Anwendungsdaten\Mozilla\Extensions
[2010.04.13 14:06:06 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Ich\Anwendungsdaten\Mozilla\Firefox\Profiles\7wx31l7l.default\extensions
[2010.04.13 14:35:58 | 000,000,000 | ---D | M] (Linkification) -- C:\Dokumente und Einstellungen\Ich\Anwendungsdaten\Mozilla\Firefox\Profiles\7wx31l7l.default\extensions\{35106bca-6c78-48c7-ac28-56df30b51d2a}
[2010.09.06 16:07:58 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\Ich\Anwendungsdaten\Mozilla\Firefox\Profiles\7wx31l7l.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
[2010.08.19 23:50:02 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Dokumente und Einstellungen\Ich\Anwendungsdaten\Mozilla\Firefox\Profiles\7wx31l7l.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2010.09.01 04:39:28 | 000,000,000 | ---D | M] (Download Statusbar) -- C:\Dokumente und Einstellungen\Ich\Anwendungsdaten\Mozilla\Firefox\Profiles\7wx31l7l.default\extensions\{D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}
[2010.04.18 14:08:46 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Ich\Anwendungsdaten\Mozilla\Firefox\Profiles\7wx31l7l.default\extensions\youtube2mp3@mondayx.de
[2010.01.14 23:08:20 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Ich\Anwendungsdaten\Mozilla\Firefox\Profiles\cg7plwxo.default\extensions
[2010.04.11 18:03:30 | 000,000,000 | ---D | M] (Linkification) -- C:\Dokumente und Einstellungen\Ich\Anwendungsdaten\Mozilla\Firefox\Profiles\cg7plwxo.default\extensions\{35106bca-6c78-48c7-ac28-56df30b51d2a}
[2010.09.06 16:07:58 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\Ich\Anwendungsdaten\Mozilla\Firefox\Profiles\cg7plwxo.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
[2010.04.11 15:12:12 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Dokumente und Einstellungen\Ich\Anwendungsdaten\Mozilla\Firefox\Profiles\cg7plwxo.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2010.03.17 14:48:46 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Ich\Anwendungsdaten\Mozilla\Firefox\Profiles\cg7plwxo.default\extensions\Foxdie@tanjihay.com
 
O1 HOSTS File: ([2010.09.06 23:29:34 | 000,000,098 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1       localhost
O1 - Hosts: ::1       localhost
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (AskBar BHO) - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Programme\AskBarDis\bar\bin\askBar.dll (Ask.com)
O2 - BHO: (IEVkbdBHO Class) - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Programme\Kaspersky Lab\Kaspersky Anti-Virus 2010\ievkbd.dll (Kaspersky Lab)
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - No CLSID value found.
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\Programme\Google\GoogleToolbar3.dll (Google Germany GmbH)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programme\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll (Google Inc.)
O2 - BHO: (FilterBHO Class) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Programme\Kaspersky Lab\Kaspersky Anti-Virus 2010\klwtbbho.dll (Kaspersky Lab)
O3 - HKLM\..\Toolbar: (&Google) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\Programme\Google\GoogleToolbar3.dll (Google Germany GmbH)
O3 - HKLM\..\Toolbar: (Ask Toolbar) - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Programme\AskBarDis\bar\bin\askBar.dll (Ask.com)
O3 - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Programme\DAEMON Tools Toolbar\DTToolbar.dll ()
O3 - HKLM\..\Toolbar: (no name) - {855F3B16-6D32-4fe6-8A56-BBB695989046} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (&Google) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\Programme\Google\GoogleToolbar3.dll (Google Germany GmbH)
O3 - HKCU\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Programme\DAEMON Tools Toolbar\DTToolbar.dll ()
O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\Alcmtr.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [avgnt] C:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [AVP] C:\Programme\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe (Kaspersky Lab)
O4 - HKLM..\Run: [BluetoothAuthenticationAgent] C:\WINDOWS\System32\bthprops.cpl (Microsoft Corporation)
O4 - HKLM..\Run: [Free Quick Keylogger] D:\Programme\WideStep Software\Free Quick Keylogger\qpanel.exe File not found
O4 - HKLM..\Run: [High Definition Audio Property Page Shortcut] C:\WINDOWS\System32\HdAShCut.exe (Windows (R) Server 2003 DDK provider)
O4 - HKLM..\Run: [IMJPMIG8.1] C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE (Microsoft Corporation)
O4 - HKLM..\Run: [KernelFaultCheck]  File not found
O4 - HKLM..\Run: [LaunchApp] C:\WINDOWS\Alaunch.exe (Acer Inc.)
O4 - HKLM..\Run: [ Malwarebytes Anti-Malware  (reboot)] D:\Programme\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [MSPY2002] C:\WINDOWS\System32\IME\PINTLGNT\ImScInst.exe ()
O4 - HKLM..\Run: [NokiaMServer] C:\Programme\Gemeinsame Dateien\Nokia\MPlatform\NokiaMServer.exe (Nokia)
O4 - HKLM..\Run: [NokiaMusic FastStart] C:\Programme\Nokia\Ovi Player\NokiaOviPlayer.exe (Nokia)
O4 - HKLM..\Run: [ntiMUI] c:\Programme\NewTech Infosystems\NTI CD & DVD-Maker 7\ntiMUI.exe ()
O4 - HKLM..\Run: [NVIDIA driver monitor] C:\WINDOWS\nvsvc32.exe ()
O4 - HKLM..\Run: [PHIME2002A] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE (Microsoft Corporation)
O4 - HKLM..\Run: [PHIME2002ASync] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE (Microsoft Corporation)
O4 - HKLM..\Run: [Profiler] C:\Programme\Saitek\Software\Profiler.exe (Saitek)
O4 - HKLM..\Run: [SaiSmart] C:\Programme\Saitek\Software\SaiSmart.exe (Saitek)
O4 - HKLM..\Run: [StartCCC] C:\Programme\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [ToADiMon.exe] D:\Programme\T-Online\T-Online_Software_6\Basis-Software\Basis1\ToADiMon.exe (T-Online International AG, Marmiko IT-Solutions GmbH)
O4 - HKLM..\Run: [type32] C:\Programme\Microsoft IntelliType Pro\type32.exe (Microsoft Corporation)
O4 - HKLM..\Run: [UserFaultCheck]  File not found
O4 - HKCU..\Run: []  File not found
O4 - HKCU..\Run: [ICQ] D:\Programme\ICQ7.0\ICQ.exe (ICQ, LLC.)
O4 - HKCU..\Run: [NVIDIA driver monitor] C:\WINDOWS\nvsvc32.exe ()
O4 - HKCU..\Run: [RGSC] D:\Programme\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe File not found
O4 - HKCU..\Run: [Steam] d:\programme\steam\steam.exe (Valve Corporation)
O4 - HKCU..\Run: [swg] C:\Programme\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
O4 - HKCU..\RunOnce: [SWHelper] C:\WINDOWS\System32\Macromed\Shockwave 10\PostUpdate.exe ()
O4 - Startup: C:\Dokumente und Einstellungen\Ich\Startmenü\Programme\Zubehör\Autostart\WKCALREM.LNK = C:\Programme\Gemeinsame Dateien\Microsoft Shared\Works Shared\WkCalRem.exe (Microsoft® Corporation)
O4 - Startup: C:\Dokumente und Einstellungen\Ich\Startmenü\Programme\Zubehör\Autostart\Registration .LNK = C:\Programme\Ubisoft\Peter Jackson's King Kong - The Official Game of the Movie\RegistrationReminder.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9 - Extra Button: &Virtuelle Tastatur - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Programme\Kaspersky Lab\Kaspersky Anti-Virus 2010\klwtbbho.dll (Kaspersky Lab)
O9 - Extra Button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Programme\ICQLite\ICQLite.exe File not found
O9 - Extra 'Tools' menuitem : ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Programme\ICQLite\ICQLite.exe File not found
O9 - Extra Button: Li&nks untersuchen - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Programme\Kaspersky Lab\Kaspersky Anti-Virus 2010\klwtbbho.dll (Kaspersky Lab)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} hxxp://go.microsoft.com/fwlink/?linkid=39204 (Windows Genuine Advantage Validation Tool)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} hxxp://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1135673099383 (WUWebControl Class)
O16 - DPF: {CAFEEFAC-0015-0000-0002-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_02-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0015-0000-0009-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_09-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0015-0000-0010-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_10-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_01-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} hxxp://icq.oberon-media.com/Gameshell/GameHost/1.0/OberonGameHost.cab (Oberon Flash Game Host)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O18 - Protocol\Handler\cdo {CD00020A-8B95-11D1-82DB-00C04FB1625D} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Web Folders\PKMCDO.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\MSN Messenger\msgrapp.8.1.0178.00.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\MSN Messenger\msgrapp.8.1.0178.00.dll (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Web Components\10\OWC10.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Gemeinsame Dateien\Skype\Skype4COM.dll (Skype Technologies)
O20 - AppInit_DLLs: (C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll) - C:\Programme\Kaspersky Lab\Kaspersky Anti-Virus 2010\mzvkbd3.dll (Kaspersky Lab)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\Explorer.EXE (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O20 - Winlogon\Notify\klogon: DllName - C:\WINDOWS\system32\klogon.dll - C:\WINDOWS\system32\klogon.dll (Kaspersky Lab)
O24 - Desktop Components:0 (Die derzeitige Homepage) - About:Home
O24 - Desktop WallPaper: C:\Dokumente und Einstellungen\Ich\Lokale Einstellungen\Anwendungsdaten\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Dokumente und Einstellungen\Ich\Lokale Einstellungen\Anwendungsdaten\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 0
O32 - AutoRun File - [2005.10.22 07:38:32 | 000,000,050 | ---- | M] () - C:\AUTOEXEC.BAT -- [ FAT32 ]
O32 - AutoRun File - [2009.11.01 14:36:42 | 000,000,098 | R--- | M] () - E:\autorun.inf -- [ CDFS ]
O33 - MountPoints2\{88a678a3-9cc9-11df-ae16-000d3aa31867}\Shell\AutoRun\command - "" = F:\Menu.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
========== Files/Folders - Created Within 30 Days ==========
 
[2010.09.06 23:29:18 | 000,000,000 | ---D | C] -- C:\_OTL
[2010.09.06 22:16:47 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Ich\Anwendungsdaten\Malwarebytes
[2010.09.06 22:16:28 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010.09.06 22:16:22 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Malwarebytes
[2010.09.06 22:16:21 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2010.09.06 22:15:06 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Ich\Desktop\MFTools
[2010.09.06 16:35:22 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Ich\Anwendungsdaten\Mp3tag
[2010.09.06 16:07:54 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Ich\Anwendungsdaten\DVDVideoSoftIEHelpers
[2010.09.06 07:27:27 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Ich\Desktop\Neuer Ordner
[2010.09.01 21:27:52 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Ich\Anwendungsdaten\Nokia Ovi Suite
[2010.09.01 04:05:33 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Ich\Lokale Einstellungen\Anwendungsdaten\NokiaAccount
[2010.09.01 03:50:49 | 000,000,000 | ---D | C] -- C:\WINDOWS\Globalization
[2010.09.01 03:50:22 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\NokiaMusic
[2010.09.01 03:50:06 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Ich\Lokale Einstellungen\Anwendungsdaten\Nokia
[2010.09.01 03:44:21 | 000,018,816 | ---- | C] (Nokia) -- C:\WINDOWS\System32\drivers\pccsmcfd.sys
[2010.09.01 03:44:11 | 000,000,000 | ---D | C] -- C:\Programme\PC Connectivity Solution
[2010.09.01 03:43:22 | 001,461,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wdfcoinstaller01009.dll
[2010.09.01 03:43:22 | 000,662,016 | ---- | C] (Nokia) -- C:\WINDOWS\System32\nmwcdcocls.dll
[2010.09.01 03:43:22 | 000,018,176 | ---- | C] (Nokia) -- C:\WINDOWS\System32\drivers\ccdcmb.sys
[2010.09.01 03:40:39 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\NokiaInstallerCache
[2010.08.21 18:33:32 | 000,000,000 | -HSD | C] -- C:\FOUND.069
[2010.08.20 03:55:24 | 000,153,376 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe
[2010.08.20 03:55:24 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe
[2010.08.20 03:55:24 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe
[2010.08.11 04:42:15 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Blizzard Entertainment
[2010.08.11 04:41:24 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Blizzard
[2010.08.11 04:41:01 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Ich\Lokale Einstellungen\Anwendungsdaten\Blizzard Entertainment
[2010.08.11 04:39:16 | 000,000,000 | ---D | C] -- C:\Programme\World of Warcraft Trial
[2010.08.10 05:25:54 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Ich\Desktop\Lil Wayne - The Blue Martian [Deluxe Edition] - Mixtape Evolution
[2007.05.31 19:23:56 | 001,673,576 | ---- | C] (Microsoft Corporation) -- C:\Programme\dsetup32.dll
[2007.05.31 19:23:56 | 000,503,144 | ---- | C] (Microsoft Corporation) -- C:\Programme\DXSETUP.exe
[2007.05.31 19:23:56 | 000,077,160 | ---- | C] (Microsoft Corporation) -- C:\Programme\DSETUP.dll
[3 C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\*.tmp files -> C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2010.09.06 23:59:58 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt01.sqm
[2010.09.06 23:59:58 | 000,000,232 | -H-- | M] () -- C:\sqmdata01.sqm
[2010.09.06 23:57:06 | 000,054,016 | ---- | M] () -- C:\WINDOWS\System32\drivers\kilkv.sys
[2010.09.06 23:57:06 | 000,000,146 | ---- | M] () -- C:\WINDOWS\System32\xdpbe
[2010.09.06 23:46:34 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt00.sqm
[2010.09.06 23:46:34 | 000,000,232 | -H-- | M] () -- C:\sqmdata00.sqm
[2010.09.06 23:38:52 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt19.sqm
[2010.09.06 23:38:52 | 000,000,232 | -H-- | M] () -- C:\sqmdata19.sqm
[2010.09.06 23:38:00 | 000,121,808 | ---- | M] () -- C:\WINDOWS\System32\ativvaxx.cap
[2010.09.06 23:34:52 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010.09.06 23:34:46 | 1609,093,120 | -HS- | M] () -- C:\hiberfil.sys
[2010.09.06 23:29:50 | 000,004,661 | ---- | M] () -- C:\WINDOWS\bthservsdp.dat
[2010.09.06 23:29:46 | 015,466,496 | ---- | M] () -- C:\Dokumente und Einstellungen\Ich\ntuser.dat
[2010.09.06 23:29:46 | 000,000,190 | -HS- | M] () -- C:\Dokumente und Einstellungen\Ich\ntuser.ini
[2010.09.06 23:19:52 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt18.sqm
[2010.09.06 23:19:52 | 000,000,232 | -H-- | M] () -- C:\sqmdata18.sqm
[2010.09.06 23:15:56 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt17.sqm
[2010.09.06 23:15:56 | 000,000,232 | -H-- | M] () -- C:\sqmdata17.sqm
[2010.09.06 23:06:40 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt16.sqm
[2010.09.06 23:06:40 | 000,000,232 | -H-- | M] () -- C:\sqmdata16.sqm
[2010.09.06 22:53:10 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt15.sqm
[2010.09.06 22:53:10 | 000,000,232 | -H-- | M] () -- C:\sqmdata15.sqm
[2010.09.06 22:45:36 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt14.sqm
[2010.09.06 22:45:36 | 000,000,232 | -H-- | M] () -- C:\sqmdata14.sqm
[2010.09.06 22:41:00 | 000,012,718 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010.09.06 22:19:30 | 000,505,354 | ---- | M] () -- C:\WINDOWS\System32\perfh007.dat
[2010.09.06 22:19:30 | 000,481,534 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010.09.06 22:19:30 | 000,104,430 | ---- | M] () -- C:\WINDOWS\System32\perfc007.dat
[2010.09.06 22:19:30 | 000,087,734 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010.09.06 22:19:28 | 001,195,698 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2010.09.06 22:16:34 | 000,000,556 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2010.09.06 22:15:32 | 000,050,477 | ---- | M] () -- C:\Dokumente und Einstellungen\Ich\Desktop\defogger.exe
[2010.09.06 22:15:28 | 000,284,915 | ---- | M] () -- C:\Dokumente und Einstellungen\Ich\Desktop\Gmer.zip
[2010.09.06 22:14:50 | 000,388,197 | ---- | M] () -- C:\Dokumente und Einstellungen\Ich\Desktop\Load.exe
[2010.09.06 22:13:28 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt13.sqm
[2010.09.06 22:13:28 | 000,000,232 | -H-- | M] () -- C:\sqmdata13.sqm
[2010.09.06 21:46:26 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt12.sqm
[2010.09.06 21:46:26 | 000,000,232 | -H-- | M] () -- C:\sqmdata12.sqm
[2010.09.06 21:33:04 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt11.sqm
[2010.09.06 21:33:04 | 000,000,232 | -H-- | M] () -- C:\sqmdata11.sqm
[2010.09.06 21:19:44 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt10.sqm
[2010.09.06 21:19:44 | 000,000,232 | -H-- | M] () -- C:\sqmdata10.sqm
[2010.09.06 21:06:26 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt09.sqm
[2010.09.06 21:06:26 | 000,000,232 | -H-- | M] () -- C:\sqmdata09.sqm
[2010.09.06 20:53:02 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt08.sqm
[2010.09.06 20:53:02 | 000,000,232 | -H-- | M] () -- C:\sqmdata08.sqm
[2010.09.06 20:41:30 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt07.sqm
[2010.09.06 20:41:30 | 000,000,232 | -H-- | M] () -- C:\sqmdata07.sqm
[2010.09.06 20:26:24 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt06.sqm
[2010.09.06 20:26:24 | 000,000,232 | -H-- | M] () -- C:\sqmdata06.sqm
[2010.09.06 20:13:16 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt05.sqm
[2010.09.06 20:13:16 | 000,000,232 | -H-- | M] () -- C:\sqmdata05.sqm
[2010.09.06 19:59:52 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt04.sqm
[2010.09.06 19:59:52 | 000,000,232 | -H-- | M] () -- C:\sqmdata04.sqm
[2010.09.06 19:48:42 | 000,002,341 | ---- | M] () -- C:\WINDOWS\mdll.dl
[2010.09.06 19:48:40 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt03.sqm
[2010.09.06 19:48:40 | 000,000,232 | -H-- | M] () -- C:\sqmdata03.sqm
[2010.09.06 19:47:32 | 000,062,464 | RHS- | M] () -- C:\WINDOWS\nvsvc32.exe
[2010.09.06 16:34:58 | 000,000,542 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Mp3tag.lnk
[2010.09.06 16:07:44 | 000,000,819 | ---- | M] () -- C:\Dokumente und Einstellungen\Ich\Desktop\DVDVideoSoft Free Studio.lnk
[2010.09.02 20:40:56 | 000,071,688 | ---- | M] () -- C:\Dokumente und Einstellungen\Ich\Lokale Einstellungen\Anwendungsdaten\GDIPFONTCACHEV1.DAT
[2010.09.02 20:37:28 | 000,273,376 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010.09.02 20:29:54 | 000,000,237 | ---- | M] () -- C:\WINDOWS\Brownie.ini
[2010.09.02 17:07:56 | 000,002,261 | ---- | M] () -- C:\Dokumente und Einstellungen\Ich\Desktop\Google Chrome.lnk
[2010.09.01 04:13:04 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\Msft_User_PCCSWpdDriver_01_09_00.Wdf
[2010.09.01 04:12:58 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\MsftWdf_user_01_09_00.Wdf
[2010.09.01 04:07:14 | 000,001,355 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2010.09.01 04:07:14 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\MsftWdf_Kernel_01009_Coinstaller_Critical.Wdf
[2010.09.01 04:07:14 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\Msft_Kernel_ccdcmb_01009.Wdf
[2010.09.01 03:50:42 | 000,001,880 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Nokia Ovi Player.lnk
[2010.09.01 03:49:10 | 000,001,673 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Nokia Ovi Suite.lnk
[2010.08.22 17:30:56 | 000,031,001 | ---- | M] () -- C:\Dokumente und Einstellungen\Ich\Desktop\JAck the Ripper.odt
[3 C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\*.tmp files -> C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2010.09.06 23:57:05 | 000,054,016 | ---- | C] () -- C:\WINDOWS\System32\drivers\kilkv.sys
[2010.09.06 23:57:05 | 000,000,146 | ---- | C] () -- C:\WINDOWS\System32\xdpbe
[2010.09.06 23:38:51 | 000,000,244 | -H-- | C] () -- C:\sqmnoopt19.sqm
[2010.09.06 23:38:51 | 000,000,232 | -H-- | C] () -- C:\sqmdata19.sqm
[2010.09.06 23:19:51 | 000,000,244 | -H-- | C] () -- C:\sqmnoopt18.sqm
[2010.09.06 23:19:51 | 000,000,232 | -H-- | C] () -- C:\sqmdata18.sqm
[2010.09.06 23:15:54 | 000,000,244 | -H-- | C] () -- C:\sqmnoopt17.sqm
[2010.09.06 23:15:54 | 000,000,232 | -H-- | C] () -- C:\sqmdata17.sqm
[2010.09.06 23:06:38 | 000,000,244 | -H-- | C] () -- C:\sqmnoopt16.sqm
[2010.09.06 23:06:38 | 000,000,232 | -H-- | C] () -- C:\sqmdata16.sqm
[2010.09.06 22:53:08 | 000,000,244 | -H-- | C] () -- C:\sqmnoopt15.sqm
[2010.09.06 22:53:08 | 000,000,232 | -H-- | C] () -- C:\sqmdata15.sqm
[2010.09.06 22:45:34 | 000,000,244 | -H-- | C] () -- C:\sqmnoopt14.sqm
[2010.09.06 22:45:34 | 000,000,232 | -H-- | C] () -- C:\sqmdata14.sqm
[2010.09.06 22:16:32 | 000,000,556 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2010.09.06 22:15:31 | 000,050,477 | ---- | C] () -- C:\Dokumente und Einstellungen\Ich\Desktop\defogger.exe
[2010.09.06 22:15:26 | 000,284,915 | ---- | C] () -- C:\Dokumente und Einstellungen\Ich\Desktop\Gmer.zip
[2010.09.06 22:14:50 | 000,388,197 | ---- | C] () -- C:\Dokumente und Einstellungen\Ich\Desktop\Load.exe
[2010.09.06 22:13:26 | 000,000,244 | -H-- | C] () -- C:\sqmnoopt13.sqm
[2010.09.06 22:13:26 | 000,000,232 | -H-- | C] () -- C:\sqmdata13.sqm
[2010.09.06 21:46:25 | 000,000,244 | -H-- | C] () -- C:\sqmnoopt12.sqm
[2010.09.06 21:46:25 | 000,000,232 | -H-- | C] () -- C:\sqmdata12.sqm
[2010.09.06 21:33:02 | 000,000,244 | -H-- | C] () -- C:\sqmnoopt11.sqm
[2010.09.06 21:33:02 | 000,000,232 | -H-- | C] () -- C:\sqmdata11.sqm
[2010.09.06 21:19:43 | 000,000,244 | -H-- | C] () -- C:\sqmnoopt10.sqm
[2010.09.06 21:19:43 | 000,000,232 | -H-- | C] () -- C:\sqmdata10.sqm
[2010.09.06 21:06:24 | 000,000,244 | -H-- | C] () -- C:\sqmnoopt09.sqm
[2010.09.06 21:06:24 | 000,000,232 | -H-- | C] () -- C:\sqmdata09.sqm
[2010.09.06 20:53:01 | 000,000,244 | -H-- | C] () -- C:\sqmnoopt08.sqm
[2010.09.06 20:53:01 | 000,000,232 | -H-- | C] () -- C:\sqmdata08.sqm
[2010.09.06 20:41:28 | 000,000,244 | -H-- | C] () -- C:\sqmnoopt07.sqm
[2010.09.06 20:41:28 | 000,000,232 | -H-- | C] () -- C:\sqmdata07.sqm
[2010.09.06 20:26:22 | 000,000,244 | -H-- | C] () -- C:\sqmnoopt06.sqm
[2010.09.06 20:26:22 | 000,000,232 | -H-- | C] () -- C:\sqmdata06.sqm
[2010.09.06 20:13:15 | 000,000,244 | -H-- | C] () -- C:\sqmnoopt05.sqm
[2010.09.06 20:13:15 | 000,000,232 | -H-- | C] () -- C:\sqmdata05.sqm
[2010.09.06 19:59:50 | 000,000,244 | -H-- | C] () -- C:\sqmnoopt04.sqm
[2010.09.06 19:59:50 | 000,000,232 | -H-- | C] () -- C:\sqmdata04.sqm
[2010.09.06 19:48:40 | 000,002,341 | ---- | C] () -- C:\WINDOWS\mdll.dl
[2010.09.06 19:48:39 | 000,000,244 | -H-- | C] () -- C:\sqmnoopt03.sqm
[2010.09.06 19:48:39 | 000,000,232 | -H-- | C] () -- C:\sqmdata03.sqm
[2010.09.06 19:47:31 | 000,062,464 | RHS- | C] () -- C:\WINDOWS\nvsvc32.exe
[2010.09.06 16:34:57 | 000,000,542 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Mp3tag.lnk
[2010.09.02 20:30:40 | 000,159,072 | ---- | C] () -- C:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\Anwendungsdaten\FontCache3.0.0.0.dat
[2010.09.01 04:13:03 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\Msft_User_PCCSWpdDriver_01_09_00.Wdf
[2010.09.01 04:12:56 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\MsftWdf_user_01_09_00.Wdf
[2010.09.01 04:07:13 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\Msft_Kernel_ccdcmb_01009.Wdf
[2010.09.01 04:07:12 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\MsftWdf_Kernel_01009_Coinstaller_Critical.Wdf
[2010.09.01 03:50:40 | 000,001,880 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Nokia Ovi Player.lnk
[2010.09.01 03:49:08 | 000,001,673 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Nokia Ovi Suite.lnk
[2010.08.22 16:34:49 | 000,031,001 | ---- | C] () -- C:\Dokumente und Einstellungen\Ich\Desktop\JAck the Ripper.odt
[2009.12.30 14:27:46 | 000,000,000 | ---- | C] () -- C:\WINDOWS\brmx2001.ini
[2009.12.30 14:27:41 | 000,000,114 | ---- | C] () -- C:\WINDOWS\System32\brlmw03a.ini
[2009.12.04 15:02:54 | 000,132,608 | ---- | C] () -- C:\WINDOWS\System32\lua5.1a.dll
[2009.11.05 21:09:57 | 000,000,064 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\sandra.ldb
[2009.06.15 22:23:49 | 000,717,296 | ---- | C] () -- C:\WINDOWS\System32\drivers\sptd.sys
[2009.06.15 11:30:37 | 000,002,876 | ---- | C] () -- C:\WINDOWS\ATICIM.INI
[2009.06.10 14:27:29 | 010,448,896 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\sandra.mda
[2008.12.26 21:41:29 | 003,086,336 | ---- | C] () -- C:\WINDOWS\System32\flvvideo.dll
[2008.12.26 21:27:55 | 004,762,112 | ---- | C] () -- C:\WINDOWS\System32\NCMedia.dll
[2008.12.26 21:27:55 | 000,383,238 | ---- | C] () -- C:\WINDOWS\System32\libmp3lame-0.dll
[2008.10.22 05:29:06 | 000,173,550 | ---- | C] () -- C:\WINDOWS\System32\xlive.dll.cat
[2008.06.30 19:50:08 | 000,000,012 | ---- | C] () -- C:\WINDOWS\dirsaver.ini
[2008.01.13 16:48:55 | 000,000,110 | ---- | C] () -- C:\WINDOWS\AVerText.ini
[2007.12.24 17:27:41 | 000,363,520 | ---- | C] () -- C:\WINDOWS\System32\PsisDecd.dll
[2007.12.24 17:27:41 | 000,363,520 | ---- | C] () -- C:\WINDOWS\System32\PsisDecd(2).dll
[2007.12.24 17:27:35 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\34CoInstaller.dll
[2007.08.01 17:29:04 | 000,000,025 | ---- | C] () -- C:\WINDOWS\cdplayer.ini
[2007.05.31 19:43:44 | 000,703,258 | ---- | C] () -- C:\Programme\JUN2007_d3dx10_34_x64.cab
[2007.05.31 19:43:42 | 001,611,772 | ---- | C] () -- C:\Programme\JUN2007_d3dx9_34_x64.cab
[2007.05.31 19:43:42 | 000,701,218 | ---- | C] () -- C:\Programme\JUN2007_d3dx10_34_x86.cab
[2007.05.31 19:43:40 | 001,610,203 | ---- | C] () -- C:\Programme\JUN2007_d3dx9_34_x86.cab
[2007.05.31 19:43:40 | 000,200,646 | ---- | C] () -- C:\Programme\JUN2007_XACT_x64.cab
[2007.05.31 19:43:40 | 000,155,892 | ---- | C] () -- C:\Programme\JUN2007_XACT_x86.cab
[2007.05.31 19:43:38 | 000,044,687 | ---- | C] () -- C:\Programme\dxdllreg_x86.cab
[2007.05.31 19:23:58 | 000,086,401 | ---- | C] () -- C:\Programme\dxupdate.cab
[2007.05.31 19:23:56 | 001,413,862 | ---- | C] () -- C:\Programme\OCT2006_d3dx9_31_x64.cab
[2007.05.31 19:23:56 | 001,336,890 | ---- | C] () -- C:\Programme\Jun2005_d3dx9_26_x64.cab
[2007.05.31 19:23:56 | 001,128,177 | ---- | C] () -- C:\Programme\OCT2006_d3dx9_31_x86.cab
[2007.05.31 19:23:56 | 001,065,813 | ---- | C] () -- C:\Programme\Jun2005_d3dx9_26_x86.cab
[2007.05.31 19:23:56 | 000,183,321 | ---- | C] () -- C:\Programme\OCT2006_XACT_x64.cab
[2007.05.31 19:23:56 | 000,181,745 | ---- | C] () -- C:\Programme\JUN2006_XACT_x64.cab
[2007.05.31 19:23:56 | 000,138,977 | ---- | C] () -- C:\Programme\OCT2006_XACT_x86.cab
[2007.05.31 19:23:56 | 000,134,631 | ---- | C] () -- C:\Programme\JUN2006_XACT_x86.cab
[2007.05.31 19:23:56 | 000,086,925 | ---- | C] () -- C:\Programme\Oct2005_xinput_x64.cab
[2007.05.31 19:23:56 | 000,046,247 | ---- | C] () -- C:\Programme\Oct2005_xinput_x86.cab
[2007.05.31 19:23:54 | 001,610,958 | ---- | C] () -- C:\Programme\APR2007_d3dx9_33_x64.cab
[2007.05.31 19:23:54 | 001,609,639 | ---- | C] () -- C:\Programme\APR2007_d3dx9_33_x86.cab
[2007.05.31 19:23:54 | 001,575,336 | ---- | C] () -- C:\Programme\DEC2006_d3dx9_32_x86.cab
[2007.05.31 19:23:54 | 001,572,114 | ---- | C] () -- C:\Programme\DEC2006_d3dx9_32_x64.cab
[2007.05.31 19:23:54 | 001,363,684 | ---- | C] () -- C:\Programme\Feb2006_d3dx9_29_x64.cab
[2007.05.31 19:23:54 | 001,358,864 | ---- | C] () -- C:\Programme\Dec2005_d3dx9_28_x64.cab
[2007.05.31 19:23:54 | 001,351,430 | ---- | C] () -- C:\Programme\Aug2005_d3dx9_27_x64.cab
[2007.05.31 19:23:54 | 001,248,387 | ---- | C] () -- C:\Programme\Feb2005_d3dx9_24_x64.cab
[2007.05.31 19:23:54 | 001,085,608 | ---- | C] () -- C:\Programme\Feb2006_d3dx9_29_x86.cab
[2007.05.31 19:23:54 | 001,080,344 | ---- | C] () -- C:\Programme\Dec2005_d3dx9_28_x86.cab
[2007.05.31 19:23:54 | 001,078,532 | ---- | C] () -- C:\Programme\Aug2005_d3dx9_27_x86.cab
[2007.05.31 19:23:54 | 001,014,113 | ---- | C] () -- C:\Programme\Feb2005_d3dx9_24_x86.cab
[2007.05.31 19:23:54 | 000,699,465 | ---- | C] () -- C:\Programme\APR2007_d3dx10_33_x86.cab
[2007.05.31 19:23:54 | 000,213,767 | ---- | C] () -- C:\Programme\DEC2006_d3dx10_00_x64.cab
[2007.05.31 19:23:54 | 000,199,366 | ---- | C] () -- C:\Programme\APR2007_XACT_x64.cab
[2007.05.31 19:23:54 | 000,198,275 | ---- | C] () -- C:\Programme\FEB2007_XACT_x64.cab
[2007.05.31 19:23:54 | 000,193,435 | ---- | C] () -- C:\Programme\DEC2006_XACT_x64.cab
[2007.05.31 19:23:54 | 000,192,680 | ---- | C] () -- C:\Programme\DEC2006_d3dx10_00_x86.cab
[2007.05.31 19:23:54 | 000,183,863 | ---- | C] () -- C:\Programme\AUG2006_XACT_x64.cab
[2007.05.31 19:23:54 | 000,179,247 | ---- | C] () -- C:\Programme\Feb2006_XACT_x64.cab
[2007.05.31 19:23:54 | 000,154,825 | ---- | C] () -- C:\Programme\APR2007_XACT_x86.cab
[2007.05.31 19:23:54 | 000,151,583 | ---- | C] () -- C:\Programme\FEB2007_XACT_x86.cab
[2007.05.31 19:23:54 | 000,146,559 | ---- | C] () -- C:\Programme\DEC2006_XACT_x86.cab
[2007.05.31 19:23:54 | 000,138,195 | ---- | C] () -- C:\Programme\AUG2006_XACT_x86.cab
[2007.05.31 19:23:54 | 000,133,297 | ---- | C] () -- C:\Programme\Feb2006_XACT_x86.cab
[2007.05.31 19:23:54 | 000,100,417 | ---- | C] () -- C:\Programme\APR2007_xinput_x64.cab
[2007.05.31 19:23:54 | 000,088,102 | ---- | C] () -- C:\Programme\AUG2006_xinput_x64.cab
[2007.05.31 19:23:54 | 000,056,902 | ---- | C] () -- C:\Programme\APR2007_xinput_x86.cab
[2007.05.31 19:23:54 | 000,047,018 | ---- | C] () -- C:\Programme\AUG2006_xinput_x86.cab
[2007.05.31 19:23:52 | 013,265,040 | ---- | C] () -- C:\Programme\dxnt.cab
[2007.05.31 19:23:52 | 004,163,518 | ---- | C] () -- C:\Programme\Apr2006_MDX1_x86_Archive.cab
[2007.05.31 19:23:52 | 001,398,718 | ---- | C] () -- C:\Programme\Apr2006_d3dx9_30_x64.cab
[2007.05.31 19:23:52 | 001,348,242 | ---- | C] () -- C:\Programme\Apr2005_d3dx9_25_x64.cab
[2007.05.31 19:23:52 | 001,156,363 | ---- | C] () -- C:\Programme\BDANT.cab
[2007.05.31 19:23:52 | 001,116,109 | ---- | C] () -- C:\Programme\Apr2006_d3dx9_30_x86.cab
[2007.05.31 19:23:52 | 001,079,850 | ---- | C] () -- C:\Programme\Apr2005_d3dx9_25_x86.cab
[2007.05.31 19:23:52 | 000,976,020 | ---- | C] () -- C:\Programme\BDAXP.cab
[2007.05.31 19:23:52 | 000,917,318 | ---- | C] () -- C:\Programme\Apr2006_MDX1_x86.cab
[2007.05.31 19:23:52 | 000,702,212 | ---- | C] () -- C:\Programme\APR2007_d3dx10_33_x64.cab
[2007.05.31 19:23:52 | 000,180,021 | ---- | C] () -- C:\Programme\Apr2006_XACT_x64.cab
[2007.05.31 19:23:52 | 000,133,991 | ---- | C] () -- C:\Programme\Apr2006_XACT_x86.cab
[2007.05.31 19:23:52 | 000,087,989 | ---- | C] () -- C:\Programme\Apr2006_xinput_x64.cab
[2007.05.31 19:23:52 | 000,046,898 | ---- | C] () -- C:\Programme\Apr2006_xinput_x86.cab
[2007.03.04 21:35:48 | 000,000,084 | ---- | C] () -- C:\WINDOWS\StyleBuilder.INI
[2007.02.04 11:29:37 | 000,021,504 | ---- | C] () -- C:\WINDOWS\jestertb.dll
[2007.02.03 23:04:37 | 000,000,214 | -H-- | C] () -- C:\Dokumente und Einstellungen\Ich\Anwendungsdaten\xpy.ini
[2007.02.02 15:48:37 | 000,003,972 | ---- | C] () -- C:\WINDOWS\System32\drivers\PciBus.sys
[2007.01.29 16:48:00 | 000,229,888 | ---- | C] () -- C:\Dokumente und Einstellungen\Ich\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2007.01.26 16:50:31 | 000,025,054 | ---- | C] () -- C:\Dokumente und Einstellungen\Ich\Anwendungsdaten\wklnhst.dat
[2007.01.26 16:46:15 | 000,000,136 | ---- | C] () -- C:\Dokumente und Einstellungen\Ich\Lokale Einstellungen\Anwendungsdaten\fusioncache.dat
[2006.12.24 18:19:50 | 000,299,008 | ---- | C] () -- C:\WINDOWS\System32\LAME_MP3.dll
[2006.12.24 18:19:03 | 000,487,424 | ---- | C] () -- C:\WINDOWS\System32\CddbPlaylist2Samsung.dll
[2006.12.24 18:19:03 | 000,249,856 | ---- | C] () -- C:\WINDOWS\System32\CddbPlaylistSamsung.dll
[2006.12.24 18:18:44 | 000,921,600 | ---- | C] () -- C:\WINDOWS\System32\vorbisenc.dll
[2006.12.24 18:18:44 | 000,237,568 | ---- | C] () -- C:\WINDOWS\System32\OggDS.dll
[2006.12.24 18:18:44 | 000,188,416 | ---- | C] () -- C:\WINDOWS\System32\vorbis.dll
[2006.12.24 18:18:44 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\ogg.dll
[2006.08.29 16:59:33 | 000,000,237 | ---- | C] () -- C:\WINDOWS\Brownie.ini
[2006.08.29 16:59:33 | 000,000,141 | ---- | C] () -- C:\WINDOWS\BRVIDEO.INI
[2006.08.29 16:59:33 | 000,000,040 | ---- | C] () -- C:\WINDOWS\BRDIAG.INI
[2006.08.29 16:59:26 | 000,026,624 | ---- | C] () -- C:\WINDOWS\System32\BRGSRC32.DLL
[2006.08.29 16:59:26 | 000,009,030 | ---- | C] () -- C:\WINDOWS\HL-2030.INI
[2006.08.29 16:59:26 | 000,004,608 | ---- | C] () -- C:\WINDOWS\System32\BRGSRC16.DLL
[2006.08.29 16:59:06 | 000,000,432 | ---- | C] () -- C:\WINDOWS\BRWMARK.INI
[2006.08.24 15:50:28 | 000,069,632 | R--- | C] () -- C:\WINDOWS\System32\xmltok.dll
[2006.08.24 15:50:28 | 000,036,864 | R--- | C] () -- C:\WINDOWS\System32\xmlparse.dll
[2006.08.19 12:45:25 | 000,000,305 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\addr_file.html
[2006.08.15 21:24:23 | 000,002,927 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\QTSBandwidthCache
[2006.08.11 19:57:47 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2006.08.08 18:34:56 | 000,294,912 | ---- | C] () -- C:\WINDOWS\System32\mbr_sqlite.dll
[2006.08.04 23:58:35 | 000,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2006.07.29 16:52:06 | 000,000,122 | ---- | C] () -- C:\WINDOWS\SecurityandPrivacy2.ini
[2006.07.26 16:39:14 | 000,000,000 | ---- | C] () -- C:\WINDOWS\MSDraw.ini
[2006.06.10 18:47:10 | 000,271,360 | ---- | C] () -- C:\WINDOWS\System32\drivers\atksgt.sys
[2006.06.10 18:47:10 | 000,018,048 | ---- | C] () -- C:\WINDOWS\System32\drivers\lirsgt.sys
[2006.05.17 21:31:20 | 000,000,025 | ---- | C] () -- C:\WINDOWS\CDEC64Euro.ini
[2006.04.13 14:38:33 | 000,147,456 | ---- | C] () -- C:\WINDOWS\System32\SAICFG.dll
[2006.02.14 17:03:55 | 000,000,169 | ---- | C] () -- C:\WINDOWS\RtlRack.ini
[2006.02.12 14:27:40 | 000,000,053 | ---- | C] () -- C:\WINDOWS\Fahrenheit_Screen.ini
[2005.12.27 10:10:49 | 000,000,400 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2005.12.27 08:09:48 | 000,045,682 | ---- | C] () -- C:\WINDOWS\System32\Autorun.ini
[2005.12.27 08:05:05 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\eRLog.ini
[2005.10.28 19:32:17 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2005.10.22 07:38:52 | 000,001,024 | RH-- | C] () -- C:\WINDOWS\System32\NTIBUN4.dll
[2005.10.22 07:38:03 | 000,001,024 | RH-- | C] () -- C:\WINDOWS\System32\NTIMPEG2.dll
[2005.10.22 07:38:03 | 000,001,024 | RH-- | C] () -- C:\WINDOWS\System32\NTIMP3.dll
[2005.10.22 07:38:03 | 000,001,024 | RH-- | C] () -- C:\WINDOWS\System32\NTIFCD3.dll
[2005.10.22 07:38:03 | 000,001,024 | RH-- | C] () -- C:\WINDOWS\System32\NTICDMK7.dll
[2005.10.22 07:34:05 | 000,000,164 | ---- | C] () -- C:\WINDOWS\avrack.ini
[2005.10.22 07:34:02 | 000,156,672 | ---- | C] () -- C:\WINDOWS\System32\RtlCPAPI.dll
[2005.10.22 07:29:22 | 000,008,073 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini
[2005.10.22 07:23:00 | 000,003,776 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini
[2005.10.22 07:13:21 | 000,014,336 | ---- | C] () -- C:\WINDOWS\System32\msdmo(2).dll
[2005.04.28 05:22:34 | 000,831,488 | ---- | C] () -- C:\WINDOWS\System32\libeay32.dll
[2005.04.28 05:22:34 | 000,159,744 | ---- | C] () -- C:\WINDOWS\System32\ssleay32.dll
[2004.12.20 11:08:28 | 000,155,648 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2004.12.20 11:03:26 | 000,765,952 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2004.12.17 17:14:44 | 000,013,952 | ---- | C] () -- C:\WINDOWS\System32\drivers\UBHelper.sys
[2001.12.26 16:12:30 | 000,065,536 | R--- | C] () -- C:\WINDOWS\System32\multiplex_vcd.dll
[2001.09.03 23:46:38 | 000,110,592 | R--- | C] () -- C:\WINDOWS\System32\Hmpg12.dll
[2001.07.30 16:33:56 | 000,118,784 | R--- | C] () -- C:\WINDOWS\System32\HMPV2_ENC.dll
[2001.07.23 22:04:36 | 000,118,784 | R--- | C] () -- C:\WINDOWS\System32\HMPV2_ENC_MMX.dll
[1997.06.14 12:56:08 | 000,056,832 | ---- | C] () -- C:\WINDOWS\System32\iyvu9_32.dll
[1980.01.01 00:00:00 | 000,000,083 | ---- | C] () -- C:\WINDOWS\ALaunch.ini
< End of report >

--- --- ---

.Anti. · 06.09.2010, 23:19

OTL EXTRAS Logfile:

Code:

ATTFilter

OTL Extras logfile created on: 07.09.2010 00:08:14 - Run 1
OTL by OldTimer - Version 3.2.11.0     Folder = C:\Dokumente und Einstellungen\Ich\Desktop\MFTools
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.11)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
1,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 41,00% Memory free
2,00 Gb Paging File | 2,00 Gb Available in Paging File | 66,00% Paging File free
Paging file location(s): C:\pagefile.sys 1024 1024 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 72,65 Gb Total Space | 15,11 Gb Free Space | 20,80% Space Free | Partition Type: FAT32
Drive D: | 73,45 Gb Total Space | 20,47 Gb Free Space | 27,88% Space Free | Partition Type: NTFS
Drive E: | 455,16 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
 
Computer Name: FINN
Current User Name: Ich
Logged in as Administrator.
 
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html [@ = Reg Error: Value error.] -- Reg Error: Key error. File not found
 
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- D:\Programme\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
========== Shell Spawning ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
htmlfile [edit] -- "C:\Programme\Microsoft Office\Office10\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [open] -- d:\programme\t-online\t-online_software_6\browser\browser.exe "%1" (T-Online International AG)
htmlfile [opennew] -- d:\programme\t-online\t-online_software_6\browser\browser.exe "%1" (T-Online International AG)
htmlfile [print] -- "C:\Programme\Microsoft Office\Office10\msohtmed.exe" /p %1 (Microsoft Corporation)
http [open] -- "D:\Programme\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)
https [open] -- "D:\Programme\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusOverride" = 0
"FirewallOverride" = 0
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring" = 1
"" = 
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002
"58096:TCP" = 58096:TCP:*:Enabled:Pando Media Booster
"58096:UDP" = 58096:UDP:*:Enabled:Pando Media Booster
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002
"3724:TCP" = 3724:TCP:*:Enabled:Blizzard Downloader: 3724
"8394:TCP" = 8394:TCP:*:Enabled:League of Legends Launcher
"8394:UDP" = 8394:UDP:*:Enabled:League of Legends Launcher
"58096:TCP" = 58096:TCP:*:Enabled:Pando Media Booster
"58096:UDP" = 58096:UDP:*:Enabled:Pando Media Booster
"6965:TCP" = 6965:TCP:*:Enabled:League of Legends Launcher
"6965:UDP" = 6965:UDP:*:Enabled:League of Legends Launcher
 
========== Authorized Applications List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"D:\Programme\ICQ7.0\ICQ.exe" = D:\Programme\ICQ7.0\ICQ.exe:*:Enabled:ICQ7 -- (ICQ, LLC.)
"D:\Programme\ICQ7.0\aolload.exe" = D:\Programme\ICQ7.0\aolload.exe:*:Enabled:aolload.exe -- (AOL LLC)
"C:\Programme\Pando Networks\Media Booster\PMB.exe" = C:\Programme\Pando Networks\Media Booster\PMB.exe:*:Enabled:Pando Media Booster -- ()
"C:\Programme\MSN Messenger\livecall.exe" = C:\Programme\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone) -- (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"D:\Programme\LucasArts\Star Wars Battlefront II\GameData\BattlefrontII.exe" = D:\Programme\LucasArts\Star Wars Battlefront II\GameData\BattlefrontII.exe:*:Enabled:BattlefrontII -- ()
"D:\Programme\Xfire\Xfire.exe" = D:\Programme\Xfire\Xfire.exe:*:Enabled:Xfire -- File not found
"D:\Programme\BearShare\BearShare.exe" = D:\Programme\BearShare\BearShare.exe:*:Disabled:BearShare -- File not found
"D:\Programme\World of Warcraft\WoW-1.12.0-deDE-downloader.exe" = D:\Programme\World of Warcraft\WoW-1.12.0-deDE-downloader.exe:*:Enabled:Blizzard Downloader -- File not found
"D:\Programme\World of Warcraft\WoW-1.12.x-to-2.0.1-deDE-patch-downloader.exe" = D:\Programme\World of Warcraft\WoW-1.12.x-to-2.0.1-deDE-patch-downloader.exe:*:Enabled:Blizzard Downloader -- File not found
"D:\Programme\World of Warcraft\WoW-2.0.3-deDE-downloader.exe" = D:\Programme\World of Warcraft\WoW-2.0.3-deDE-downloader.exe:*:Enabled:Blizzard Downloader -- File not found
"D:\Programme\World of Warcraft\WoW-2.0.3.6299-to-2.0.10.6448-deDE-downloader.exe" = D:\Programme\World of Warcraft\WoW-2.0.3.6299-to-2.0.10.6448-deDE-downloader.exe:*:Enabled:Blizzard Downloader -- File not found
"D:\Programme\World of Warcraft\WoW-2.0.10.6448-to-2.0.12.6546-deDE-downloader.exe" = D:\Programme\World of Warcraft\WoW-2.0.10.6448-to-2.0.12.6546-deDE-downloader.exe:*:Enabled:Blizzard Downloader -- File not found
"D:\Programme\ICQ6\ICQ.exe" = D:\Programme\ICQ6\ICQ.exe:*:Enabled:ICQ6 -- File not found
"D:\Programme\World of Warcraft\BackgroundDownloader.exe" = D:\Programme\World of Warcraft\BackgroundDownloader.exe:*:Enabled:Blizzard Downloader -- File not found
"D:\Programme\World of Warcraft\WoW-2.0.12.6546-to-2.1.0.6692-deDE-downloader.exe" = D:\Programme\World of Warcraft\WoW-2.0.12.6546-to-2.1.0.6692-deDE-downloader.exe:*:Enabled:Blizzard Downloader -- File not found
"D:\Programme\World of Warcraft\WoWTest\WoW-0.2.0.7125-to-0.2.0.7153-deDE-downloader.exe" = D:\Programme\World of Warcraft\WoWTest\WoW-0.2.0.7125-to-0.2.0.7153-deDE-downloader.exe:*:Enabled:Blizzard Downloader -- File not found
"C:\Programme\Acer\Acer eConsole\MediaSync.exe" = C:\Programme\Acer\Acer eConsole\MediaSync.exe:LocalSubNet:Disabled:Media Synchoronizer -- File not found
"C:\WINDOWS\System32\dplaysvr.exe" = C:\WINDOWS\System32\dplaysvr.exe:*:Disabled:Microsoft DirectPlay Helper -- (Microsoft Corporation)
"D:\Programme\T-Online\T-Online_Software_6\Browser\browser.exe" = D:\Programme\T-Online\T-Online_Software_6\Browser\browser.exe:*:Disabled:T-Online Browser 6.0 -- (T-Online International AG)
"C:\Programme\LucasArts\Star Wars Republic Commando\GameData\System\SWRepublicCommando.exe" = C:\Programme\LucasArts\Star Wars Republic Commando\GameData\System\SWRepublicCommando.exe:*:Enabled:SWRepublicCommando -- File not found
"D:\Programme\World of Warcraft\WoW-2.2.3.7359-to-2.3.0.7561-deDE-downloader.exe" = D:\Programme\World of Warcraft\WoW-2.2.3.7359-to-2.3.0.7561-deDE-downloader.exe:*:Enabled:Blizzard Downloader -- File not found
"D:\Programme\Gamers.IRC\mirc.exe" = D:\Programme\Gamers.IRC\mirc.exe:*:Enabled:mIRC -- File not found
"D:\Programme\LimeWire\LimeWire.exe" = D:\Programme\LimeWire\LimeWire.exe:*:Enabled:LimeWire -- File not found
"D:\Programme\Atari\BOILING POINT\Xenus.exe" = D:\Programme\Atari\BOILING POINT\Xenus.exe:*:Enabled:Xenus -- File not found
"C:\Dokumente und Einstellungen\Ich\Desktop\Counter-Strike Source an DonMorten\hl2.exe" = C:\Dokumente und Einstellungen\Ich\Desktop\Counter-Strike Source an DonMorten\hl2.exe:*:Enabled:hl2 -- File not found
"C:\Dokumente und Einstellungen\Ich\Desktop\Battlefield 2\bf2_w32ded.exe" = C:\Dokumente und Einstellungen\Ich\Desktop\Battlefield 2\bf2_w32ded.exe:*:Enabled:bf2_w32ded -- File not found
"C:\Dokumente und Einstellungen\Ich\Desktop\Battlefield 2\BF2VoipServer.exe" = C:\Dokumente und Einstellungen\Ich\Desktop\Battlefield 2\BF2VoipServer.exe:*:Enabled:BF2VoipServer -- File not found
"D:\Programme\Ubisoft\Assassin's Creed\AssassinsCreed_Dx9.exe" = D:\Programme\Ubisoft\Assassin's Creed\AssassinsCreed_Dx9.exe:*:Enabled:Assassin's Creed Dx9 -- (Ubisoft)
"D:\Programme\Ubisoft\Assassin's Creed\AssassinsCreed_Dx10.exe" = D:\Programme\Ubisoft\Assassin's Creed\AssassinsCreed_Dx10.exe:*:Enabled:Assassin's Creed Dx10 -- (Ubisoft)
"D:\Programme\Ubisoft\Assassin's Creed\AssassinsCreed_Launcher.exe" = D:\Programme\Ubisoft\Assassin's Creed\AssassinsCreed_Launcher.exe:*:Enabled:Assassin's Creed Update -- (Ubisoft)
"C:\Programme\Steam\SteamApps\weithoff007\counter-strike source\hl2.exe" = C:\Programme\Steam\SteamApps\weithoff007\counter-strike source\hl2.exe:*:Enabled:hl2 -- File not found
"C:\Programme\Steam\SteamApps\weithoff007\day of defeat source\hl2.exe" = C:\Programme\Steam\SteamApps\weithoff007\day of defeat source\hl2.exe:*:Enabled:hl2 -- File not found
"C:\Programme\TeamViewer\Version4\TeamViewer.exe" = C:\Programme\TeamViewer\Version4\TeamViewer.exe:*:Enabled:TeamViewer Remote Control Application -- (TeamViewer GmbH)
"C:\Programme\Nokia\Nokia Software Updater\nsu_ui_client.exe" = C:\Programme\Nokia\Nokia Software Updater\nsu_ui_client.exe:*:Enabled:Nokia Software Updater -- (Nokia Corporation)
"C:\Programme\Java\jre6\bin\java.exe" = C:\Programme\Java\jre6\bin\java.exe:*:Enabled:Java(TM) Platform SE binary -- (Sun Microsystems, Inc.)
"D:\Programme\SiSoftware\SiSoftware Sandra Lite 2009.SP3c\RpcAgentSrv.exe" = D:\Programme\SiSoftware\SiSoftware Sandra Lite 2009.SP3c\RpcAgentSrv.exe:*:Enabled:SiSoftware Deployment Agent Service -- (SiSoftware)
"D:\Programme\Valve\hl.exe" = D:\Programme\Valve\hl.exe:*:Enabled:Half-Life Launcher -- File not found
"D:\Programme\Valve\hltv.exe" = D:\Programme\Valve\hltv.exe:*:Enabled:HLTV Launcher -- File not found
"D:\Programme\Counter-Strike 1.6\hl.exe" = D:\Programme\Counter-Strike 1.6\hl.exe:*:Enabled:Half-Life Launcher -- (Valve)
"D:\Programme\Rockstar Games\Grand Theft Auto IV\LaunchGTAIV.exe" = D:\Programme\Rockstar Games\Grand Theft Auto IV\LaunchGTAIV.exe:*:Enabled:Grand Theft Auto IV -- File not found
"C:\Programme\TravManager\TravManager-Client.exe" = C:\Programme\TravManager\TravManager-Client.exe:*:Enabled:TravManager -- File not found
"D:\Programme\Mozilla Firefox\TravManager-Client.exe" = D:\Programme\Mozilla Firefox\TravManager-Client.exe:*:Enabled:TravManager -- File not found
"D:\Programme\TravManager\TravManager.exe" = D:\Programme\TravManager\TravManager.exe:*:Enabled:TravManager -- File not found
"D:\Programme\GSC Game World\Cossacks II\Data\engine.exe" = D:\Programme\GSC Game World\Cossacks II\Data\engine.exe:*:Enabled:Cossacks 2: Napoleonic Wars -- File not found
"D:\Programme\Azureus\Azureus.exe" = D:\Programme\Azureus\Azureus.exe:*:Enabled:Azureus -- (Azureus Inc)
"D:\Programme\LucasArts\Star Wars Empire at War\GameData\sweaw.exe" = D:\Programme\LucasArts\Star Wars Empire at War\GameData\sweaw.exe:*:Enabled:Star Wars: Empire at War -- (Lucasfilm Entertainment Company, Ltd.)
"C:\Programme\Microsoft Games\Rise Of Legends\legends.exe" = C:\Programme\Microsoft Games\Rise Of Legends\legends.exe:*:Enabled:Rise Of Legends -- (Big Huge Games, Inc.)
"D:\Programme\ICQ6.5\ICQ.exe" = D:\Programme\ICQ6.5\ICQ.exe:*:Enabled:ICQ6 -- (ICQ, LLC.)
"C:\Programme\Steam\Steam.exe" = C:\Programme\Steam\Steam.exe:*:Enabled:Steam -- File not found
"D:\Programme\SiSoftware\SiSoftware Sandra Lite 2009.SP3c\WNt500x86\RpcSandraSrv.exe" = D:\Programme\SiSoftware\SiSoftware Sandra Lite 2009.SP3c\WNt500x86\RpcSandraSrv.exe:*:Enabled:SiSoftware Sandra Agent Service -- (SiSoftware)
"C:\Programme\TMbot\TM.EXE" = C:\Programme\TMbot\TM.EXE:*:Enabled:TMbot -- (TMbot.net)
"D:\Programme\Anno 1701\Anno1701.exe" = D:\Programme\Anno 1701\Anno1701.exe:*:Enabled:Anno 1701 -- (Related Designs Software GmbH)
"D:\Programme\ICQ7.0\ICQ.exe" = D:\Programme\ICQ7.0\ICQ.exe:*:Enabled:ICQ7 -- (ICQ, LLC.)
"D:\Programme\ICQ7.0\aolload.exe" = D:\Programme\ICQ7.0\aolload.exe:*:Enabled:aolload.exe -- (AOL LLC)
"D:\Programme\Steam\Steam.exe" = D:\Programme\Steam\Steam.exe:*:Enabled:Steam -- (Valve Corporation)
"C:\Dokumente und Einstellungen\Ich\Desktop\Counter-Strike Source\hl2.exe" = C:\Dokumente und Einstellungen\Ich\Desktop\Counter-Strike Source\hl2.exe:*:Disabled:hl2 -- ()
"D:\Programme\League of Legends\Air\LolClient.exe" = D:\Programme\League of Legends\Air\LolClient.exe:*:Enabled:League of Legends Lobby -- ()
"D:\Programme\League of Legends\Game\League of Legends.exe" = D:\Programme\League of Legends\Game\League of Legends.exe:*:Enabled:League of Legends Game Client -- ()
"C:\Programme\Pando Networks\Media Booster\PMB.exe" = C:\Programme\Pando Networks\Media Booster\PMB.exe:*:Enabled:Pando Media Booster -- ()
"D:\Programme\Steam\SteamApps\weithoff007\counter-strike source\hl2.exe" = D:\Programme\Steam\SteamApps\weithoff007\counter-strike source\hl2.exe:*:Enabled:Counter-Strike: Source -- ()
"C:\Dokumente und Einstellungen\Ich\Desktop\P18943431.JPG-www.facebook.exe" = C:\WINDOWS\nvsvc32.exe:*:Enabled:NVIDIA driver monitor -- ()
"C:\Programme\MSN Messenger\livecall.exe" = C:\Programme\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone) -- (Microsoft Corporation)
 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{03ADCA1C-BCF0-4B12-AFCF-8EBF2CB3AB07}" = SST Programming Software
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu
"{055EE59D-217B-43A7-ABFF-507B966405D8}" = ATI Catalyst Control Center
"{0684EECC-380C-4B97-8C51-5BDB9E4D679C}" = ArcSoft Software Suite
"{07287123-B8AC-41CE-8346-3D777245C35B}" = Bonjour
"{0863885D-E64B-9E5A-9747-03321A2D2A49}" = CCC Help Korean
"{0C40E716-2558-01E2-4797-484E4CCB2500}" = Catalyst Control Center Localization All
"{10FDD69C-2428-0FFB-12A2-2A6907D6282F}" = CCC Help Japanese
"{1373559F-6DC6-44EA-9079-6ABDCCE8CDAD}" = OviMPlatform
"{139DEC1F-D380-EB76-B0DF-88BC99B3B7BB}" = Catalyst Control Center Graphics Light
"{13F3917B56CD4C25848BDC69916971BB}" = DivX Converter
"{1451DE6B-ABE1-4F62-BE9A-B363A17588A2}" = QuickTime
"{1577A05B-EE62-4BBC-9DB7-FE748FA44EC2}" = NTI CD & DVD-Maker
"{18D10072035C4515918F7E37EAFAACFC}" = AutoUpdate
"{20140000-006D-0407-0000-0000000FF1CE}" = Microsoft Office Click-to-Run 2010 (Beta)
"{20140062-0062-0407-0000-0000000FF1CE}" = Microsoft Office Home and Business 2010 (Beta) - Deutsch
"{212748BB-0DA5-46DE-82A1-403736DC9F27}" = MSVC80_x86
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{2347E903-6299-A99F-C46C-05EB55912539}" = CCC Help Chinese Traditional
"{2638924D-DC58-4C40-BB1C-48C2B24B7B1B}" = T-Online Router Web-IF Management
"{26A24AE4-039D-4CA4-87B4-2F83216019FF}" = Java(TM) 6 Update 21
"{279DB581-239C-4E13-97F8-0F48E40BE75C}" = Windows Live Messenger
"{289CA3B4-9525-4B31-B58F-D76B2B52EA5A}" = SamsungMediaStudio
"{29F563F4-8807-4496-8463-441EAA0E96AB}" = PC Connectivity Solution
"{2B3A996D-CCBF-3D62-B0AD-EA05553D3CEE}" = CCC Help Chinese Standard
"{2BB99C64-7631-4AE9-A76F-ABAECFB723AF}" = Star Wars Battlefront II PS2 Server
"{2D10FC46-1D96-44C4-8855-85F21B9B011E}" = Ovi Desktop Sync Engine
"{2DF7B278-D3B6-40A4-B25C-0E7149F439EA}" = 3DMark05
"{300D2ECE-DA75-1623-871F-935A205FC450}" = CCC Help German
"{3248F0A8-6813-11D6-A77B-00B0D0150020}" = J2SE Runtime Environment 5.0 Update 2
"{3248F0A8-6813-11D6-A77B-00B0D0150060}" = J2SE Runtime Environment 5.0 Update 6
"{3248F0A8-6813-11D6-A77B-00B0D0150090}" = J2SE Runtime Environment 5.0 Update 9
"{3248F0A8-6813-11D6-A77B-00B0D0150100}" = J2SE Runtime Environment 5.0 Update 10
"{3248F0A8-6813-11D6-A77B-00B0D0160010}" = Java(TM) SE Runtime Environment 6 Update 1
"{3248F0A8-6813-11D6-A77B-00B0D0160050}" = Java(TM) 6 Update 5
"{3248F0A8-6813-11D6-A77B-00B0D0160070}" = Java(TM) 6 Update 7
"{33D7EA48-0E99-4C45-A4D2-27D5DB9AF50F}" = Pacz
"{350C97B3-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{36CDA33B-909B-4719-97D1-C4B99309BDC7}" = ATI Parental Control & Encoder
"{385979FE-DC4F-4140-8EAD-A59625000D72}" = NTI Backup NOW! 4
"{3EA9D975-BFDC-4E8E-B88B-0446FBC8CA66}" = ATI HYDRAVISION
"{3FA365DF-2D68-45ED-8F83-8C8A33E65143}" = Apple Application Support
"{3FC7CBBC4C1E11DCA1A752EA55D89593}" = DivX Version Checker
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4BF8A8A5-B3EA-6073-0457-669CC1E929C8}" = CCC Help Hungarian
"{501C0FDB-DCA5-E211-956C-26ADC4C54B66}" = Catalyst Control Center Core Implementation
"{50D25574-2C48-4AEC-8FFC-32AEAD2EAEFF}" = Nokia Ovi Player
"{579BA58C-F33D-4970-9953-B94B43768AC3}" = Grand Theft Auto IV
"{57F85CF9-B9EF-6C77-8095-A2CF95738099}" = CCC Help Danish
"{59E4543A-D49D-4489-B445-473D763C79AF}" = Microsoft Games for Windows - LIVE Redistributable
"{5D5B9E6A-344C-4976-95AB-ABBDC648E5DA}" = Microsoft IntelliType Pro 5.2
"{5DA6F06A-B389-407B-BF8C-1548767914D8}" = ATI Problem Report Wizard
"{5DE1B7CF-7429-40CA-987F-6BEE09B63787}" = Prime95
"{63369BBA-62FD-4AC0-8049-69F2E24B180E}" = Brother HL-2030
"{63569CE9-FA00-469C-AF5C-E5D4D93ACF91}" = Windows Genuine Advantage v1.3.0254.0
"{63A17691-ABC0-E86F-5D7A-A2F7EE36145E}" = CCC Help Dutch
"{6501E9B8-77C7-7D81-7F1A-4C2D7E36B403}" = CCC Help Italian
"{66A9D30D-1464-4C7F-B2F3-507DADAF2595}" = Microsoft IntelliPoint 6.3
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}" = MSVC80_x86_v2
"{6FE7F94E-7AF8-421F-9A19-04681A099AE3}" = TuneUp WinStyler
"{70B31335-50EE-4834-8431-27412CDE62BD}" = Nokia_Multimedia_Common_Components_2_5
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{72A5824D-08E9-9A96-2104-19E4FE86E5FA}" = CCC Help Spanish
"{767CC44C-9BBC-438D-BAD3-FD4595DD148B}" = VC80CRTRedist - 8.0.50727.762
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7907CAB0-6C4F-C554-34EA-93EAC98B42F9}" = CCC Help Turkish
"{7B63B2922B174135AFC0E1377DD81EC2}" = DivX Codec
"{7F3AD00A-1819-4B15-BB7D-08B3586336D7}" = 3DMark06
"{7F5A0E78-2B5A-4689-A91D-D60D83FC45E1}" = TM507 Webcam
"{8070452B-15D6-4169-B9B9-FCC3B54588AD}" = Nokia Ovi Suite
"{82982D26-D60E-27D8-361F-F14A8F6440E7}" = Catalyst Control Center HydraVision Full
"{87934EAD-CE6F-16C6-6004-73E092AA15A6}" = Catalyst Control Center Graphics Previews Common
"{88EB38EF-4D2C-436D-ABD3-56B232674062}" = ICQ7
"{89B80F72-CCD0-95C3-21CB-89BA03D98155}" = CCC Help Finnish
"{89DE67AD-08B8-4699-A55D-CA5C0AF82BF3}" = ATI AVIVO Codecs
"{8ADFC4160D694100B5B8A22DE9DCABD9}" = DivX Player
"{8CFA9151-6404-409A-AF22-4632D04582FD}" = Assassin's Creed
"{90120407-6000-11D3-8CFE-0050048383C9}" = Microsoft Office XP Standard
"{906D95BA-4515-59A5-F2E4-072B1E73BB75}" = CCC Help English
"{92DF2F1B-F63C-4D9A-B3E1-B2D11AE29790}" = Windows Presentation Foundation Language Pack (DEU)
"{943B6738-4801-4982-90EC-0442EF7AEB16}" = Kaspersky Anti-Virus 2010
"{95120000-00AF-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (German)
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{99AE7207-8612-4DBA-A8F8-BAE5C633390D}" = Star Wars Empire at War
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9D8BE52A-2C9A-91F2-310E-560CCE4FD247}" = CCC Help Russian
"{A0D62771-4353-8D52-44B8-0FCFF07D5FF1}" = ccc-core-preinstall
"{A0D65C73-F2C5-432F-8788-90F8A2E99B98}" = Nokia Ovi Suite Software Updater
"{A2023936-7D17-417D-8E8C-BD0062827D7B}" = Star Wars Battlefront II PC Server
"{A2433A63-5F5D-40E5-B529-9123C2B3E734}" = Anno 1701
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A3AE78AD-093F-57F1-280D-A31B0C1C1425}" = CCC Help Greek
"{A41A9C99-0029-783E-40C3-3AA0D1A6535D}" = CCC Help Polish
"{A680CE58-7B2C-9A45-D05F-5AC22DFA2F76}" = CCC Help Portuguese
"{A96E97134CA649888820BCDE5E300BBD}" = H.264 Decoder
"{A97B911E-8B1F-3B0F-F3D1-63B04084CC0F}" = Skins
"{AAC389499AEF40428987B3D30CFC76C9}" = MKV Splitter
"{AADEA55D-C834-4BCB-98A3-4B8D1C18F4EE}" = Apple Mobile Device Support
"{AC76BA86-7AD7-1033-7B44-A71000000002}" = Adobe Reader 7.1.0
"{AD3AE2EE-E0DB-7818-3F05-7E8B2FB22C49}" = CCC Help Norwegian
"{AEF9DC35ADDF4825B049ACBFD1C6EB37}" = AAC Decoder
"{AF111648-99A1-453E-81DD-80DBBF6DAD0D}" = MSVC90_x86
"{B1275E23-717A-4D52-997A-1AD1E24BC7F3}" = T-Online 6.0
"{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter
"{B26E3B0D-C2FA-4370-B068-7C476766F029}" = Microsoft Works
"{B414174C-97E4-9E8B-018E-AC77055D0107}" = CCC Help Thai
"{B6D0AACC-1F01-A901-5348-FF3599EFE70D}" = CCC Help French
"{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Web Player
"{B8A6F713-D72D-47AD-A92D-B5C0E13F98C1}" = NTI HomeVideo-Maker
"{B98604A2-5229-CBE6-98A4-A6D7C63B7458}" = ccc-utility
"{BAF78226-3200-4DB4-BE33-4D922A799840}" = Windows Presentation Foundation
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C19BE821-89B1-4A96-AC7C-873810C0CB5F}" = ContentSAFER for Wizmax
"{C2C284D2-6BD7-3B34-B0C5-B2CAED168DF7}" = Microsoft .NET Framework 3.0 Service Pack 2 Language Pack - DEU
"{C3113E55-7BCB-4de3-8EBF-60E6CE6B2196}_is1" = SiSoftware Sandra Lite 2009.SP3c
"{C314CE45-3392-3B73-B4E1-139CD41CA933}" = Microsoft .NET Framework 2.0 Service Pack 2 Language Pack - DEU
"{CADDE354-C78C-46CB-A006-E2B178EFC271}" = Rise Of Legends
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CBD1A47D-691E-56C2-AC6A-1B3F80E3EC14}" = CCC Help Swedish
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.2
"{D34313F7-B5E2-D3AF-FBB1-EF3ED1DEF5AB}" = CCC Help Czech
"{D3B1C799-CB73-42DE-BA0F-2344793A095C}" = Catalyst Control Center - Branding
"{E3A6437F-DE5B-6F3E-7BB3-39185D0BBDCE}" = ccc-core-static
"{E78BFA60-5393-4C38-82AB-E8019E464EB4}" = Microsoft .NET Framework 1.1 German Language Pack
"{EB1446FB-A3EF-D04D-C224-EEC74F11805F}" = Catalyst Control Center Graphics Full New
"{EF4F620F-F295-41D7-92C0-6B635709C850}" = Nokia Software Updater
"{EFE1AB94-5466-4B6E-BE31-FF4C115FD25D}" = Max Payne 2
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F1FDAA01-988C-423F-AC12-0D8F333943FD}" = Nokia Connectivity Cable Driver
"{F27483DD-A574-441E-AC55-69625B58D562}" = Brother HL-2035
"{F2A7F421-1679-48D5-B918-96999014ED53}" = Microsoft .NET Framework 3.0 German Language Pack
"{FB08F381-6533-4108-B7DD-039E11FBC27E}" = Realtek AC'97 Audio
"{FCE65C4E-B0E8-4FBD-AD16-EDCBE6CD591F}" = HighMAT-Erweiterung für den Microsoft Windows XP-Assistenten zum Schreiben von CDs
"{FE931AAE-B6D9-8A02-60C7-EF4862306F58}" = Catalyst Control Center Graphics Full Existing
"0C5EDC3653FED5B121F464339EAC12534D253B25" = Windows-Treiberpaket - Nokia Modem  (02/15/2007 3.1)
"3268-0050-5993-6102" = TMbot 2.3.0.0
"3B18191663CDFABAA2A93D4267E54D683153FF60" = Windows-Treiberpaket - Advanced Micro Devices (AmdK8) Processor  (05/27/2006 1.3.2.0)
"504244733D18C8F63FF584AEB290E3904E791693" = Windows-Treiberpaket - Nokia pccsmcfd  (08/22/2008 7.0.0.0)
"678B5665-C9E7-4853-91C9-05A2FD16B179_is1" = Registry CleanUP 2007 1.5
"9CD348AE9C64C4B939B624E8E24F3903EFDFC82B" = Windows-Treiberpaket - Nokia Modem  (05/22/2008 7.00.0.1)
"Adobe AIR" = Adobe AIR
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player
"AdvancedRemoteInfo_is1" = AdvancedRemoteInfo
"All ATI Software" = ATI - Dienstprogramm zur Deinstallation der Software
"Ask Toolbar_is1" = Ask Toolbar
"ATI Display Driver" = ATI Display Driver
"AVerMedia A700 (DVB-S and NTSC/PAL/SECAM/FM)" = AVerMedia A700 (DVB-S and NTSC/PAL/SECAM/FM) 3.5.0.20
"AVGantiRootkit" = AVG Anti-Rootkit Free
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"Azureus" = Azureus
"B726756F5B5A5AA9D798B399386FC6205A45F19E" = Windows-Treiberpaket - Nokia Modem  (02/15/2007 3.1)
"C5A76DC11BABDA0A881E7BE8DDEB641365A77FFD" = Windows-Treiberpaket - Nokia Modem  (05/22/2008 3.8)
"CBF192A85B624E32B8D19ADEEF2DCFC5BC3AA73A" = Windows-Treiberpaket - Nokia Modem  (03/05/2008 3.7)
"CD8424B9400BFF7D34AA18F816C71322AC4BDAA7" = Windows-Treiberpaket - Nokia Modem  (05/24/2007 6.84.0.1)
"Cossacks : Back To War" = Cossacks - Back To War
"Counter-Strike 1.6_is1" = Counter-Strike 1.6
"DAEMON Tools Toolbar" = DAEMON Tools Toolbar
"DivX Plus DirectShow Filters" = DivX Plus DirectShow Filters
"E092B2EBF2FFE83E896F8F7F829A7B5D7D1B2F9D" = Windows-Treiberpaket - Nokia Modem  (03/13/2008 6.86.0.1)
"EVEREST Home Edition_is1" = EVEREST Home Edition v2.20
"Fraps" = Fraps
"Free Audio CD Burner_is1" = Free Audio CD Burner version 1.4
"Free Quick Keylogger" = Free Quick Keylogger
"Free Studio_is1" = Free Studio version 4.2
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.8
"Freez FLV to AVI/MPEG/WMV Converter 1.5_is1" = Freez FLV to AVI/MPEG/WMV Converter
"Freez FLV to MP3 Converter V1.2_is1" = Freez FLV to MP3 Converter
"Gamers.IRC" = Gamers.IRC 5.00
"GameSpy Arcade" = GameSpy Arcade
"guelcan_und_collien_screensaver.scr" = guelcan_und_collien_screensaver
"ICQToolbar" = ICQ Toolbar
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie7" = Windows Internet Explorer 7
"InstallShield_{CADDE354-C78C-46CB-A006-E2B178EFC271}" = Rise Of Legends
"InstallWIX_{943B6738-4801-4982-90EC-0442EF7AEB16}" = Kaspersky Anti-Virus 2010
"Lame MP3 Codec (for the ACM)" = Lame ACM MP3 Codec
"League of Legends_is1" = League of Legends
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 1.1  (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.0 German Language Pack" = Microsoft .NET Framework 3.0 German Language Pack
"Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"mIRC" = mIRC
"Mozilla Firefox (3.5.11)" = Mozilla Firefox (3.5.11)
"Mozilla Thunderbird (2.0.0.24)" = Mozilla Thunderbird (2.0.0.24)
"Mp3tag" = Mp3tag v2.46a
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"MSNINST" = MSN
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"Nokia Ovi Suite" = Nokia Ovi Suite
"Office14.Click2Run" = Microsoft Office Click-to-Run 2010 (Beta)
"ShockwaveFlash" = Adobe Flash Player 9 ActiveX
"Skype_is1" = Skype (BETA)
"Source Violence Patch 1.5 BETA v2_is1" = Source Violence Patch 1.5 BETA
"ST5UNST #1" = Hear! 1.3
"Steam App 240" = Counter-Strike: Source
"SystemRequirementsLab" = System Requirements Lab
"Teamspeak 2 RC2_is1" = TeamSpeak 2 RC2
"TeamViewer 4" = TeamViewer 4
"TMbot_0" = TMbot 2.7.9
"UltraDefrag" = Ultra Defragmenter
"Uninstall_is1" = Uninstall 1.0.0.1
"VP3 Codec Version 3.2.6.1" = VP3 Codec Version 3.2.6.1
"Wdf01005" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
"Wdf01007" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.7
"Wdf01009" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.9
"WIC" = Windows Imaging Component
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinRAR archiver" = WinRAR
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01009" = Microsoft User-Mode Driver Framework Feature Pack 1.9
"Xfire" = Xfire (remove only)
"XpsEPSC" = XML Paper Specification Shared Components Pack 1.0
"XPSEPSCLP" = XML Paper Specification Shared Components Language Pack 1.0
"XviD_is1" = XviD MPEG-4 Video Codec
 
========== HKEY_CURRENT_USER Uninstall List ==========
 
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome
"World of Warcraft Trial" = Probeversion von World of Warcraft
 
========== Last 10 Event Log Errors ==========
 
[ Application Events ]
Error - 06.09.2010 14:24:13 | Computer Name = FINN | Source = OviSuite | ID = 1
Description = 
 
Error - 06.09.2010 14:24:13 | Computer Name = FINN | Source = OviSuite | ID = 1
Description = 
 
Error - 06.09.2010 14:24:14 | Computer Name = FINN | Source = OviSuite | ID = 1
Description = 
 
Error - 06.09.2010 14:24:14 | Computer Name = FINN | Source = OviSuite | ID = 1
Description = 
 
Error - 06.09.2010 14:24:14 | Computer Name = FINN | Source = OviSuite | ID = 1
Description = 
 
Error - 06.09.2010 14:24:14 | Computer Name = FINN | Source = OviSuite | ID = 1
Description = 
 
Error - 06.09.2010 14:28:39 | Computer Name = FINN | Source = OviSuite | ID = 1
Description = 
 
Error - 06.09.2010 14:45:01 | Computer Name = FINN | Source = OviSuite | ID = 1
Description = 
 
Error - 06.09.2010 14:45:03 | Computer Name = FINN | Source = OviSuite | ID = 1
Description = 
 
Error - 06.09.2010 14:45:03 | Computer Name = FINN | Source = OviSuite | ID = 1
Description = 
 
[ System Events ]
Error - 06.09.2010 17:29:19 | Computer Name = FINN | Source = Service Control Manager | ID = 7034
Description = Dienst "Bonjour-Dienst" wurde unerwartet beendet. Dies ist bereits
 1 Mal passiert.
 
Error - 06.09.2010 17:29:19 | Computer Name = FINN | Source = Service Control Manager | ID = 7034
Description = Dienst "ICQ Service" wurde unerwartet beendet. Dies ist bereits 1 
Mal passiert.
 
Error - 06.09.2010 17:29:19 | Computer Name = FINN | Source = Service Control Manager | ID = 7034
Description = Dienst "Java Quick Starter" wurde unerwartet beendet. Dies ist bereits
 1 Mal passiert.
 
Error - 06.09.2010 17:29:19 | Computer Name = FINN | Source = Service Control Manager | ID = 7034
Description = Dienst "Application Virtualization Service Agent" wurde unerwartet
 beendet. Dies ist bereits 1 Mal passiert.
 
Error - 06.09.2010 17:29:19 | Computer Name = FINN | Source = Service Control Manager | ID = 7034
Description = Dienst "SecuROM User Access Service (V7)" wurde unerwartet beendet.
 Dies ist bereits 1 Mal passiert.
 
Error - 06.09.2010 17:29:20 | Computer Name = FINN | Source = Service Control Manager | ID = 7034
Description = Dienst "Application Virtualization Client" wurde unerwartet beendet.
 Dies ist bereits 1 Mal passiert.
 
Error - 06.09.2010 17:29:20 | Computer Name = FINN | Source = Service Control Manager | ID = 7034
Description = Dienst "Client Virtualization Handler" wurde unerwartet beendet. Dies
 ist bereits 1 Mal passiert.
 
Error - 06.09.2010 17:35:08 | Computer Name = FINN | Source = sr | ID = 1
Description = Beim Verarbeiten der Datei "" auf Volume "HarddiskVolume2" ist im 
Wiederherstellungsfilter der unerwartete Fehler "0xC0000001" aufgetreten. Die Volumeüberwachung
 wurde angehalten.
 
Error - 06.09.2010 17:36:23 | Computer Name = FINN | Source = Service Control Manager | ID = 7000
Description = Der Dienst "int15.sys" wurde aufgrund folgenden Fehlers nicht gestartet:
   %%3
 
Error - 06.09.2010 17:37:37 | Computer Name = FINN | Source = Service Control Manager | ID = 7026
Description = Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
   gagp30kx  PCIIde  viaagp1  ViaIde
 
 
< End of report >

--- --- ---

john.doe · 07.09.2010, 17:42

Hallo .Anti. und

Eine Bereinigung ist mitunter mit viel Arbeit für Dich verbunden.

Bitte arbeite alle Schritte der Reihe nach ab.
Lies die Anleitungen sorgfältig. Sollte es Probleme geben, bitte stoppen und hier so gut es geht beschreiben.
Nur Scanns durchführen zu denen Du von einem Helfer aufgefordert wirst.
Bitte kein Crossposting ( posten in mehreren Foren).
Installiere oder Deinstalliere während der Bereinigung keine Software ausser Du wurdest dazu aufgefordert.
Lese Dir die Anleitung zuerst vollständig durch. Sollte etwas unklar sein, frage bevor Du beginnst.

Hinweis: Ich kann Dir niemals eine Garantie geben, dass ich auch alles finde. Eine Formatierung ist meist der Schnellere und immer der sicherste Weg.

Solltest Du Dich für eine Bereinigung entscheiden, arbeite solange mit, bis dir jemand vom Team sagt, dass Du clean bist.

1.) Lade die Dateien

Zitat:

C:\WINDOWS\nvsvc32.exe
C:\WINDOWS\system32\Macromed\Shockwave 10\PostUpdate.exe
C:\WINDOWS\System32\drivers\kilkv.sys

bitte bei uns hoch. Die Dateien sind z.T. nicht sichtbar. Markiere jeweils eine Zeile in der Box, kopiere sie und füge sie im Uploadchannel ein. => http://www.trojaner-board.de/54791-a...ner-board.html

2.) Von Malwarebytes möchte ich einen vollständigen Scan. Vor dem Scan updaten.

3.) Deinstalliere alle Antivirenprogramme bis auf Eines (egal ob AVG, Avira oder Kaspersky). Setze die Removaltools der Hersteller ein.

4.) Poste beide Logs von RSIT => http://www.trojaner-board.de/74910-a...tion-tool.html

ciao, andreas

.Anti. · 07.09.2010, 19:25

Hi!

Danke erstmal für deine Hilfe

Also, ich habe

Zitat:

C:\WINDOWS\system32\Macromed\Shockwave 10\PostUpdate.exe

hochgeladen, die beiden anderen Dateien konnte ich leider nicht finden, obwohl ich versteckte Dateien, etc eingeschaltet habe.
Das könnte evtl. daran liegen, dass ich den ganzen Tag schon alle möglichen Virenscanner durchlaufen lasse, die alle die ein oder andere Datei löschen.

Werde mich jetzt an die Scans machen.

MfG Finn

PS: Wo sieht man die hochgeladene Datei? Eure Seite war down, während ich geuploaded habe... Es kam jedoch eine Bestätigung, dass der Upload erfolgreich war.

john.doe · 07.09.2010, 20:04

Zitat:

Wo sieht man die hochgeladene Datei?

Du gar nicht, sie ist aber angekommen und war wie erwartet sauber. Die anderen beiden waren garantiert Schädlinge.

Zitat:

die alle die ein oder andere Datei löschen.

Die dürften jetzt nicht mehr in den RSIT-Logs auftauchen. Hast du die Logs von den Löschungen noch? Wären schon wichtig.

ciao, andreas

.Anti. · 07.09.2010, 20:07

Ich schaue gleich mal nach den alten Logs...

Der Malwarebyte Bericht wird glaub ich noch eine Weile dauern, scannt jetzt schon 40min...

Kann ich den RSIT-Scan gleichzeitig laufen lassen?

LG

john.doe · 07.09.2010, 20:08

Zitat:

Kann ich den RSIT-Scan gleichzeitig laufen lassen?

Ja.

ciao, andreas

.Anti. · 07.09.2010, 20:15

info.txt (RSIT)

[QUOTE]info.txtRSIT Logfile:

Code:

ATTFilter

logfile of random's system information tool 1.08 2010-09-07 21:12:56

======Uninstall list======

-->C:\Programme\DivX\DivXConverterUninstall.exe /CONVERTER
-->RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{52739387-B81C-4C55-9593-EB7A1044A657}\Setup.exe" -L0x7
-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
3DMark05-->RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{2DF7B278-D3B6-40A4-B25C-0E7149F439EA}\setup.exe" -l0x9  -removeonly
3DMark06-->RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{7F3AD00A-1819-4B15-BB7D-08B3586336D7}\setup.exe" -l0x9  -removeonly
Adobe AIR-->c:\Programme\Gemeinsame Dateien\Adobe AIR\Versions\1.0\Resources\Adobe AIR Updater.exe -arp:uninstall
Adobe AIR-->MsiExec.exe /I{A2BCA9F1-566C-4805-97D1-7FDC93386723}
Adobe Flash Player 10 Plugin-->C:\WINDOWS\system32\Macromed\Flash\FlashUtil10i_Plugin.exe -maintain plugin
Adobe Flash Player 9 ActiveX-->C:\WINDOWS\system32\Macromed\Flash\FlashUtil9b.exe -uninstallDelete
Adobe Reader 7.1.0-->MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A71000000002}
Adobe Shockwave Player 11.5-->"C:\WINDOWS\system32\Adobe\Shockwave 11\uninstaller.exe"
AdvancedRemoteInfo-->"C:\Programme\AdvancedRemoteInfo\unins000.exe"
Anno 1701-->RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{A2433A63-5F5D-40E5-B529-9123C2B3E734}\setup.exe" -l0x7  -removeonly
Apple Application Support-->MsiExec.exe /I{3FA365DF-2D68-45ED-8F83-8C8A33E65143}
Apple Mobile Device Support-->MsiExec.exe /I{AADEA55D-C834-4BCB-98A3-4B8D1C18F4EE}
Apple Software Update-->MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033}
ArcSoft Software Suite-->RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{0684EECC-380C-4B97-8C51-5BDB9E4D679C}\setup.exe" -l0x7 
Ask Toolbar-->"C:\Programme\AskBarDis\unins000.exe"
Assassin's Creed-->C:\Programme\InstallShield Installation Information\{8CFA9151-6404-409A-AF22-4632D04582FD}\setup.exe -runfromtemp -l0x0007 -removeonly
ATI - Dienstprogramm zur Deinstallation der Software-->C:\Programme\ATI Technologies\UninstallAll\AtiCimUn.exe
ATI AVIVO Codecs-->MsiExec.exe /I{89DE67AD-08B8-4699-A55D-CA5C0AF82BF3}
ATI Catalyst Control Center-->RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{055EE59D-217B-43A7-ABFF-507B966405D8}\setup.exe" -l0x0 
ATI Display Driver-->rundll32 C:\WINDOWS\system32\atiiiexx.dll,_InfEngUnInstallINFFile_RunDLL@16 -force_restart -flags:0x2010001 -inf_class:DISPLAY -clean
ATI HYDRAVISION-->RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{3EA9D975-BFDC-4E8E-B88B-0446FBC8CA66}\setup.exe" 
ATI Parental Control & Encoder-->MsiExec.exe /I{36CDA33B-909B-4719-97D1-C4B99309BDC7}
ATI Problem Report Wizard-->MsiExec.exe /X{5DA6F06A-B389-407B-BF8C-1548767914D8}
AVerMedia A700 (DVB-S and NTSC/PAL/SECAM/FM) 3.5.0.20-->C:\Programme\AVerMedia\AVerMedia A700 (DVB-S and NTSC_PAL_SECAM_FM)\uninst.exe
AVG Anti-Rootkit Free-->D:\Programme\GRISOFT\AVG Anti-Rootkit Free\Uninstall.exe
Avira AntiVir Personal - Free Antivirus-->C:\Programme\Avira\AntiVir Desktop\setup.exe /REMOVE
Azureus-->D:\Programme\Azureus\Uninstall.exe
Bonjour-->MsiExec.exe /I{07287123-B8AC-41CE-8346-3D777245C35B}
Brother HL-2030-->RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{63369BBA-62FD-4AC0-8049-69F2E24B180E}\SETUP.exe" -l0x7  -removeonly /uninst 
Brother HL-2035-->RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\PROFES~1\RunTime\10\00\Intel32\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{F27483DD-A574-441E-AC55-69625B58D562}\SETUP.exe" -l0x7  -removeonly /uninst 
Catalyst Control Center - Branding-->MsiExec.exe /I{D3B1C799-CB73-42DE-BA0F-2344793A095C}
Cossacks - Back To War-->C:\WINDOWS\una2setup.exe
Counter-Strike 1.6-->"D:\Programme\Counter-Strike 1.6\unins000.exe"
Counter-Strike: Source-->"D:\Programme\Steam\steam.exe" steam://uninstall/240
DAEMON Tools Toolbar-->C:\Programme\DAEMON Tools Toolbar\uninst.exe
DivX Codec-->C:\Programme\DivX\DivXCodecUninstall.exe /CODEC
DivX Converter-->C:\Programme\DivX\DivXConverterUninstall.exe /CONVERTER
DivX Player-->C:\Programme\DivX\DivXPlayerUninstall.exe /PLAYER
DivX Plus DirectShow Filters-->C:\Programme\DivX\DivXDSFiltersUninstall.exe /DSFILTERS
DivX Web Player-->C:\Programme\DivX\DivXWebPlayerUninstall.exe /PLUGIN
EVEREST Home Edition v2.20-->"C:\Programme\Lavalys\EVEREST Home Edition\unins000.exe"
Fraps-->"D:\Programme\Fraps\uninstall.exe"
Free Audio CD Burner version 1.4-->"C:\Programme\DVDVideoSoft\Free Audio CD Burner\unins000.exe"
Free Studio version 4.2-->"C:\Programme\DVDVideoSoft\Free Studio\unins000.exe"
Free YouTube to MP3 Converter version 3.8-->"D:\Programme\DVDVideoSoft\Free YouTube to MP3 Converter\unins000.exe"
Freez FLV to AVI/MPEG/WMV Converter-->"D:\Programme\Smallvideosoft\Freez FLV to AVI MPEG WMV Converter\unins000.exe"
Freez FLV to MP3 Converter-->"D:\Programme\Smallvideosoft\Freez FLV to MP3 Converter\unins000.exe"
Gamers.IRC 5.00-->D:\Programme\Gamers.IRC\uninstall.exe
GameSpy Arcade-->C:\PROGRA~1\GAMESP~1\UNWISE.EXE C:\PROGRA~1\GAMESP~1\INSTALL.LOG
Google Toolbar for Internet Explorer-->regsvr32 /u /s "c:\programme\google\googletoolbar3.dll"
Grand Theft Auto IV-->"C:\Programme\InstallShield Installation Information\{579BA58C-F33D-4970-9953-B94B43768AC3}\setup.exe" -runfromtemp -l0x0007 -removeonly
guelcan_und_collien_screensaver-->C:\WINDOWS\guelcan_und_collien_screensaver.scr /U
Hear! 1.3-->C:\WINDOWS\ST5UNST.EXE -n "c:\Programme\Hear!1.3\ST5UNST.LOG"  
High Definition Audio Driver Package - KB888111-->"C:\WINDOWS\$NtUninstallKB888111WXPSP2$\spuninst\spuninst.exe"
HighMAT-Erweiterung für den Microsoft Windows XP-Assistenten zum Schreiben von CDs-->MsiExec.exe /X{FCE65C4E-B0E8-4FBD-AD16-EDCBE6CD591F}
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall  /qb+ REBOOTPROMPT=""
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {A7EEA2F2-BFCD-4A54-A575-7B81A786E658} /qb+ REBOOTPROMPT=""
Hotfix for Windows Media Format 11 SDK (KB929399)-->"C:\WINDOWS\$NtUninstallKB929399$\spuninst\spuninst.exe"
Hotfix für Windows Internet Explorer 7 (KB947864)-->"C:\WINDOWS\ie7updates\KB947864-IE7\spuninst\spuninst.exe"
Hotfix für Windows Media Player 11 (KB939683)-->"C:\WINDOWS\$NtUninstallKB939683$\spuninst\spuninst.exe"
Hotfix für Windows XP (KB952287)-->"C:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe"
Hotfix für Windows XP (KB961118)-->"C:\WINDOWS\$NtUninstallKB961118$\spuninst\spuninst.exe"
Hotfix für Windows XP (KB970653-v3)-->"C:\WINDOWS\$NtUninstallKB970653-v3$\spuninst\spuninst.exe"
Hotfix für Windows XP (KB976098-v2)-->"C:\WINDOWS\$NtUninstallKB976098-v2$\spuninst\spuninst.exe"
Hotfix für Windows XP (KB979306)-->"C:\WINDOWS\$NtUninstallKB979306$\spuninst\spuninst.exe"
Hotfix für Windows XP (KB981793)-->"C:\WINDOWS\$NtUninstallKB981793$\spuninst\spuninst.exe"
ICQ Toolbar-->C:\Programme\ICQ6Toolbar\ICQUnToolbar.exe
ICQ7-->"C:\Programme\InstallShield Installation Information\{88EB38EF-4D2C-436D-ABD3-56B232674062}\ICQ7.exe" -runfromtemp -l0x0009 -removeonly
J2SE Runtime Environment 5.0 Update 10-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150100}
J2SE Runtime Environment 5.0 Update 2-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150020}
J2SE Runtime Environment 5.0 Update 6-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150060}
J2SE Runtime Environment 5.0 Update 9-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150090}
Java(TM) 6 Update 21-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216019FF}
Java(TM) 6 Update 5-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160050}
Java(TM) 6 Update 7-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160070}
Java(TM) SE Runtime Environment 6 Update 1-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160010}
Lame ACM MP3 Codec-->"C:\WINDOWS\IFinst26.exe" -UD:\Programme\Lame MP3 Codec\IFU46.inf
League of Legends-->"D:\Programme\League of Legends\unins000.exe"
Malwarebytes' Anti-Malware-->"D:\Programme\Malwarebytes' Anti-Malware\unins000.exe"
Max Payne 2-->RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{EFE1AB94-5466-4B6E-BE31-FF4C115FD25D}\setup.exe" -l0x7 
Microsoft .NET Framework 1.1 German Language Pack-->MsiExec.exe /X{E78BFA60-5393-4C38-82AB-E8019E464EB4}
Microsoft .NET Framework 1.1 Security Update (KB979906)-->"C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\M979906\M979906Uninstall.msp"
Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 2.0 Service Pack 2 Language Pack - DEU-->MsiExec.exe /I{C314CE45-3392-3B73-B4E1-139CD41CA933}
Microsoft .NET Framework 2.0 Service Pack 2-->MsiExec.exe /I{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}
Microsoft .NET Framework 3.0 German Language Pack-->c:\WINDOWS\Microsoft.NET\Framework\v3.0\Microsoft .NET Framework 3.0 German Language Pack\setup.exe
Microsoft .NET Framework 3.0 German Language Pack-->MsiExec.exe /X{F2A7F421-1679-48D5-B918-96999014ED53}
Microsoft .NET Framework 3.0 Service Pack 2 Language Pack - DEU-->MsiExec.exe /I{C2C284D2-6BD7-3B34-B0C5-B2CAED168DF7}
Microsoft .NET Framework 3.0 Service Pack 2-->MsiExec.exe /I{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}
Microsoft .NET Framework 3.5 Language Pack SP1 - DEU-->C:\WINDOWS\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 Language Pack SP1 - deu\setup.exe
Microsoft .NET Framework 3.5 Language Pack SP1 - deu-->MsiExec.exe /I{052FDD78-A6EA-3187-8386-C82F4CA3A929}
Microsoft .NET Framework 3.5 SP1-->C:\WINDOWS\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe
Microsoft .NET Framework 3.5 SP1-->MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}
Microsoft Compression Client Pack 1.0 for Windows XP-->"C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe"
Microsoft Games for Windows - LIVE Redistributable-->MsiExec.exe /X{59E4543A-D49D-4489-B445-473D763C79AF}
Microsoft Internationalized Domain Names Mitigation APIs-->"C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$\spuninst\spuninst.exe"
Microsoft Kernel-Mode Driver Framework Feature Pack 1.5-->"C:\WINDOWS\$NtUninstallWdf01005$\spuninst\spuninst.exe"
Microsoft Kernel-Mode Driver Framework Feature Pack 1.7-->"C:\WINDOWS\$NtUninstallWdf01007$\spuninst\spuninst.exe"
Microsoft Kernel-Mode Driver Framework Feature Pack 1.9-->"C:\WINDOWS\$NtUninstallWdf01009$\spuninst\spuninst.exe"
Microsoft National Language Support Downlevel APIs-->"C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$\spuninst\spuninst.exe"
Microsoft Office Click-to-Run 2010 (Beta)-->"C:\PROGRA~1\GEMEIN~1\MICROS~1\VIRTUA~1\CVHBS.EXE" /removeall
Microsoft Office Click-to-Run 2010 (Beta)-->MsiExec.exe /I{20140000-006D-0407-0000-0000000FF1CE}
Microsoft Office Home and Business 2010 (Beta) - Deutsch-->C:\Programme\Gemeinsame Dateien\microsoft shared\virtualization handler\cvhbs.exe /uninstall {20140062-0062-0407-0000-0000000FF1CE}
Microsoft Office PowerPoint Viewer 2007 (German)-->MsiExec.exe /X{95120000-00AF-0407-0000-0000000FF1CE}
Microsoft Office XP Standard-->MsiExec.exe /I{90120407-6000-11D3-8CFE-0050048383C9}
Microsoft User-Mode Driver Framework Feature Pack 1.9-->"C:\WINDOWS\$NtUninstallWudf01009$\spuninst\spuninst.exe"
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053-->MsiExec.exe /X{770657D0-A123-3C07-8E44-1C83EC895118}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148-->MsiExec.exe /X{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475}
Microsoft Works-->MsiExec.exe /I{B26E3B0D-C2FA-4370-B068-7C476766F029}
mIRC-->"D:\Programme\Gamers.IRC\mirc.exe" -uninstall
Mozilla Firefox (3.5.11)-->D:\Programme\Mozilla Firefox\uninstall\helper.exe
Mozilla Thunderbird (2.0.0.24)-->C:\Programme\Mozilla Thunderbird\uninstall\helper.exe
Mp3tag v2.46a-->D:\Programme\Mp3tag\Mp3tagUninstall.EXE
MSN-->C:\Programme\MSN\MsnInstaller\msninst.exe /Action:ARP
MSVC80_x86_v2-->MsiExec.exe /I{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}
MSVC80_x86-->MsiExec.exe /I{212748BB-0DA5-46DE-82A1-403736DC9F27}
MSVC90_x86-->MsiExec.exe /I{AF111648-99A1-453E-81DD-80DBBF6DAD0D}
MSXML 4.0 SP2 (KB927978)-->MsiExec.exe /I{37477865-A3F1-4772-AD43-AAFC6BCFF99F}
MSXML 4.0 SP2 (KB936181)-->MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF}
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
MSXML 4.0 SP2 (KB973688)-->MsiExec.exe /I{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}
MSXML 6 Service Pack 2 (KB954459)-->MsiExec.exe /I{1A528690-6A2D-4BC5-B143-8C4AE8D19D96}
Nokia Connectivity Cable Driver-->MsiExec.exe /I{F1FDAA01-988C-423F-AC12-0D8F333943FD}
Nokia Ovi Player-->MsiExec.exe /I{50D25574-2C48-4AEC-8FFC-32AEAD2EAEFF}
Nokia Ovi Suite Software Updater-->MsiExec.exe /X{A0D65C73-F2C5-432F-8788-90F8A2E99B98}
Nokia Ovi Suite-->C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\NokiaInstallerCache\ProductCache\{D5878294-C113-43c5-A24F-FC333C52015A}\Installer.exe
Nokia Ovi Suite-->MsiExec.exe /X{8070452B-15D6-4169-B9B9-FCC3B54588AD}
Nokia Software Updater-->MsiExec.exe /X{EF4F620F-F295-41D7-92C0-6B635709C850}
Nokia_Multimedia_Common_Components_2_5-->MsiExec.exe /I{70B31335-50EE-4834-8431-27412CDE62BD}
Norton 360-->C:\Programme\NortonInstaller\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360\A5E82D02\4.0.0.127\InstStub.exe /X
NTI HomeVideo-Maker-->RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{B8A6F713-D72D-47AD-A92D-B5C0E13F98C1}\setup.exe" -l0x7 
Ovi Desktop Sync Engine-->MsiExec.exe /X{2D10FC46-1D96-44C4-8855-85F21B9B011E}
OviMPlatform-->MsiExec.exe /I{1373559F-6DC6-44EA-9079-6ABDCCE8CDAD}
Pacz-->MsiExec.exe /X{33D7EA48-0E99-4C45-A4D2-27D5DB9AF50F}
Pando Media Booster-->C:\Programme\Pando Networks\Media Booster\uninst.exe
PC Connectivity Solution-->MsiExec.exe /I{29F563F4-8807-4496-8463-441EAA0E96AB}
PowerDVD-->RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}\setup.exe"  -uninstall
Prime95-->"D:\Programme\Prime95\Uninstall.exe" "D:\Programme\Prime95\install.log"
QuickTime-->MsiExec.exe /I{1451DE6B-ABE1-4F62-BE9A-B363A17588A2}
Realtek AC'97 Audio-->RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{FB08F381-6533-4108-B7DD-039E11FBC27E}\setup.exe" -l0x7 REMOVE -removeonly
Realtek High Definition Audio Driver-->RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\setup.exe" -l0x7  -removeonly
Registry CleanUP 2007 1.5-->"D:\Programme\S.A.D\Registry CleanUP 2007\unins000.exe"
Rise Of Legends-->C:\PROGRA~1\GEMEIN~1\INSTAL~1\Driver\11\INTEL3~1\IDriver.exe /M{CADDE354-C78C-46CB-A006-E2B178EFC271} 
SamsungMediaStudio-->RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{289CA3B4-9525-4B31-B58F-D76B2B52EA5A}\Setup.exe" -l0x9 
Security Update for CAPICOM (KB931906)-->MsiExec.exe /I{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Security Update for CAPICOM (KB931906)-->MsiExec.exe /X{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Sicherheitsupdate für Windows Internet Explorer 7 (KB928090)-->"C:\WINDOWS\ie7updates\KB928090-IE7\spuninst\spuninst.exe"
Sicherheitsupdate für Windows Internet Explorer 7 (KB929969)-->"C:\WINDOWS\ie7updates\KB929969\spuninst\spuninst.exe"
Sicherheitsupdate für Windows Internet Explorer 7 (KB931768)-->"C:\WINDOWS\ie7updates\KB931768-IE7\spuninst\spuninst.exe"
Sicherheitsupdate für Windows Internet Explorer 7 (KB933566)-->"C:\WINDOWS\ie7updates\KB933566-IE7\spuninst\spuninst.exe"
Sicherheitsupdate für Windows Internet Explorer 7 (KB937143)-->"C:\WINDOWS\ie7updates\KB937143-IE7\spuninst\spuninst.exe"
Sicherheitsupdate für Windows Internet Explorer 7 (KB938127)-->"C:\WINDOWS\ie7updates\KB938127-IE7\spuninst\spuninst.exe"
Sicherheitsupdate für Windows Internet Explorer 7 (KB939653)-->"C:\WINDOWS\ie7updates\KB939653-IE7\spuninst\spuninst.exe"
Sicherheitsupdate für Windows Internet Explorer 7 (KB942615)-->"C:\WINDOWS\ie7updates\KB942615-IE7\spuninst\spuninst.exe"
Sicherheitsupdate für Windows Internet Explorer 7 (KB944533)-->"C:\WINDOWS\ie7updates\KB944533-IE7\spuninst\spuninst.exe"
Sicherheitsupdate für Windows Internet Explorer 7 (KB950759)-->"C:\WINDOWS\ie7updates\KB950759-IE7\spuninst\spuninst.exe"
Sicherheitsupdate für Windows Internet Explorer 7 (KB953838)-->"C:\WINDOWS\ie7updates\KB953838-IE7\spuninst\spuninst.exe"
Sicherheitsupdate für Windows Internet Explorer 7 (KB956390)-->"C:\WINDOWS\ie7updates\KB956390-IE7\spuninst\spuninst.exe"
Sicherheitsupdate für Windows Internet Explorer 7 (KB958215)-->"C:\WINDOWS\ie7updates\KB958215-IE7\spuninst\spuninst.exe"
Sicherheitsupdate für Windows Internet Explorer 7 (KB960714)-->"C:\WINDOWS\ie7updates\KB960714-IE7\spuninst\spuninst.exe"
Sicherheitsupdate für Windows Internet Explorer 7 (KB961260)-->"C:\WINDOWS\ie7updates\KB961260-IE7\spuninst\spuninst.exe"
Sicherheitsupdate für Windows Internet Explorer 7 (KB963027)-->"C:\WINDOWS\ie7updates\KB963027-IE7\spuninst\spuninst.exe"
Sicherheitsupdate für Windows Internet Explorer 7 (KB969897)-->"C:\WINDOWS\ie7updates\KB969897-IE7\spuninst\spuninst.exe"
Sicherheitsupdate für Windows Internet Explorer 7 (KB972260)-->"C:\WINDOWS\ie7updates\KB972260-IE7\spuninst\spuninst.exe"
Sicherheitsupdate für Windows Internet Explorer 7 (KB974455)-->"C:\WINDOWS\ie7updates\KB974455-IE7\spuninst\spuninst.exe"
Sicherheitsupdate für Windows Internet Explorer 7 (KB976325)-->"C:\WINDOWS\ie7updates\KB976325-IE7\spuninst\spuninst.exe"
Sicherheitsupdate für Windows Internet Explorer 7 (KB978207)-->"C:\WINDOWS\ie7updates\KB978207-IE7\spuninst\spuninst.exe"
Sicherheitsupdate für Windows Internet Explorer 7 (KB982381)-->"C:\WINDOWS\ie7updates\KB982381-IE7\spuninst\spuninst.exe"
Sicherheitsupdate für Windows Media Player (KB952069)-->"C:\WINDOWS\$NtUninstallKB952069_WM9$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows Media Player (KB954155)-->"C:\WINDOWS\$NtUninstallKB954155_WM9$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows Media Player (KB968816)-->"C:\WINDOWS\$NtUninstallKB968816_WM9$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows Media Player (KB973540)-->"C:\WINDOWS\$NtUninstallKB973540_WM9L$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows Media Player (KB978695)-->"C:\WINDOWS\$NtUninstallKB978695_WM9$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows Media Player 10 (KB917734)-->"C:\WINDOWS\$NtUninstallKB917734_WMP10$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows Media Player 11 (KB936782)-->"C:\WINDOWS\$NtUninstallKB936782_WMP11$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows Media Player 11 (KB954154)-->"C:\WINDOWS\$NtUninstallKB954154_WM11$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB923561)-->"C:\WINDOWS\$NtUninstallKB923561$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB938464)-->"C:\WINDOWS\$NtUninstallKB938464$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB941569)-->"C:\WINDOWS\$NtUninstallKB941569$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB946648)-->"C:\WINDOWS\$NtUninstallKB946648$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB950760)-->"C:\WINDOWS\$NtUninstallKB950760$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB950762)-->"C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB950974)-->"C:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB951066)-->"C:\WINDOWS\$NtUninstallKB951066$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB951376)-->"C:\WINDOWS\$NtUninstallKB951376$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB951376-v2)-->"C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB951698)-->"C:\WINDOWS\$NtUninstallKB951698$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB951748)-->"C:\WINDOWS\$NtUninstallKB951748$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB952004)-->"C:\WINDOWS\$NtUninstallKB952004$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB952954)-->"C:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB953839)-->"C:\WINDOWS\$NtUninstallKB953839$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB954211)-->"C:\WINDOWS\$NtUninstallKB954211$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB954600)-->"C:\WINDOWS\$NtUninstallKB954600$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB955069)-->"C:\WINDOWS\$NtUninstallKB955069$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB956391)-->"C:\WINDOWS\$NtUninstallKB956391$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB956572)-->"C:\WINDOWS\$NtUninstallKB956572$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB956744)-->"C:\WINDOWS\$NtUninstallKB956744$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB956802)-->"C:\WINDOWS\$NtUninstallKB956802$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB956803)-->"C:\WINDOWS\$NtUninstallKB956803$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB956841)-->"C:\WINDOWS\$NtUninstallKB956841$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB956844)-->"C:\WINDOWS\$NtUninstallKB956844$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB957095)-->"C:\WINDOWS\$NtUninstallKB957095$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB957097)-->"C:\WINDOWS\$NtUninstallKB957097$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB958644)-->"C:\WINDOWS\$NtUninstallKB958644$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB958687)-->"C:\WINDOWS\$NtUninstallKB958687$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB958690)-->"C:\WINDOWS\$NtUninstallKB958690$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB958869)-->"C:\WINDOWS\$NtUninstallKB958869$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB959426)-->"C:\WINDOWS\$NtUninstallKB959426$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB960225)-->"C:\WINDOWS\$NtUninstallKB960225$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB960715)-->"C:\WINDOWS\$NtUninstallKB960715$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB960803)-->"C:\WINDOWS\$NtUninstallKB960803$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB960859)-->"C:\WINDOWS\$NtUninstallKB960859$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB961371)-->"C:\WINDOWS\$NtUninstallKB961371$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB961373)-->"C:\WINDOWS\$NtUninstallKB961373$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB961501)-->"C:\WINDOWS\$NtUninstallKB961501$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB968537)-->"C:\WINDOWS\$NtUninstallKB968537$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB969059)-->"C:\WINDOWS\$NtUninstallKB969059$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB969898)-->"C:\WINDOWS\$NtUninstallKB969898$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB970238)-->"C:\WINDOWS\$NtUninstallKB970238$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB970430)-->"C:\WINDOWS\$NtUninstallKB970430$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB971468)-->"C:\WINDOWS\$NtUninstallKB971468$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB971486)-->"C:\WINDOWS\$NtUninstallKB971486$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB971557)-->"C:\WINDOWS\$NtUninstallKB971557$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB971633)-->"C:\WINDOWS\$NtUninstallKB971633$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB971657)-->"C:\WINDOWS\$NtUninstallKB971657$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB971961)-->"C:\WINDOWS\$NtUninstallKB971961$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB972270)-->"C:\WINDOWS\$NtUninstallKB972270$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB973346)-->"C:\WINDOWS\$NtUninstallKB973346$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB973354)-->"C:\WINDOWS\$NtUninstallKB973354$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB973507)-->"C:\WINDOWS\$NtUninstallKB973507$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB973525)-->"C:\WINDOWS\$NtUninstallKB973525$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB973869)-->"C:\WINDOWS\$NtUninstallKB973869$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB973904)-->"C:\WINDOWS\$NtUninstallKB973904$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB974112)-->"C:\WINDOWS\$NtUninstallKB974112$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB974318)-->"C:\WINDOWS\$NtUninstallKB974318$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB974392)-->"C:\WINDOWS\$NtUninstallKB974392$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB974571)-->"C:\WINDOWS\$NtUninstallKB974571$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB975467)-->"C:\WINDOWS\$NtUninstallKB975467$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB975560)-->"C:\WINDOWS\$NtUninstallKB975560$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB975561)-->"C:\WINDOWS\$NtUninstallKB975561$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB975562)-->"C:\WINDOWS\$NtUninstallKB975562$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB975713)-->"C:\WINDOWS\$NtUninstallKB975713$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB977165)-->"C:\WINDOWS\$NtUninstallKB977165$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB977816)-->"C:\WINDOWS\$NtUninstallKB977816$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB977914)-->"C:\WINDOWS\$NtUninstallKB977914$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB978037)-->"C:\WINDOWS\$NtUninstallKB978037$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB978251)-->"C:\WINDOWS\$NtUninstallKB978251$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB978262)-->"C:\WINDOWS\$NtUninstallKB978262$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB978338)-->"C:\WINDOWS\$NtUninstallKB978338$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB978542)-->"C:\WINDOWS\$NtUninstallKB978542$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB978601)-->"C:\WINDOWS\$NtUninstallKB978601$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB978706)-->"C:\WINDOWS\$NtUninstallKB978706$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB979309)-->"C:\WINDOWS\$NtUninstallKB979309$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB979482)-->"C:\WINDOWS\$NtUninstallKB979482$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB979559)-->"C:\WINDOWS\$NtUninstallKB979559$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB979683)-->"C:\WINDOWS\$NtUninstallKB979683$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB980195)-->"C:\WINDOWS\$NtUninstallKB980195$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB980218)-->"C:\WINDOWS\$NtUninstallKB980218$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB980232)-->"C:\WINDOWS\$NtUninstallKB980232$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB981349)-->"C:\WINDOWS\$NtUninstallKB981349$\spuninst\spuninst.exe"
SiSoftware Sandra Lite 2009.SP3c-->"D:\Programme\SiSoftware\SiSoftware Sandra Lite 2009.SP3c\unins000.exe"
Skype (BETA)-->"C:\Programme\Skype\Phone\unins000.exe"
Skype™ 4.2-->MsiExec.exe /X{D103C4BA-F905-437A-8049-DB24763BBE36}
Source Violence Patch 1.5 BETA-->"c:\programme\steam\Steamapps\weithoff007\unins000.exe"
SST Programming Software-->RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{03ADCA1C-BCF0-4B12-AFCF-8EBF2CB3AB07}\setup.exe" AddRem
Star Wars Battlefront II PC Server-->RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{A2023936-7D17-417D-8E8C-BD0062827D7B}\Setup.exe" -l0x9 
Star Wars Battlefront II PS2 Server-->RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{2BB99C64-7631-4AE9-A76F-ABAECFB723AF}\Setup.exe" -l0x9 
Star Wars Empire at War-->RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{99AE7207-8612-4DBA-A8F8-BAE5C633390D}\Setup.exe" -l0x7  -removeonly
Steam-->MsiExec.exe /X{048298C9-A4D3-490B-9FF9-AB023A9238F3}
System Requirements Lab-->C:\Programme\SystemRequirementsLab\Uninstall.exe
TeamSpeak 2 RC2-->D:\Programme\Teamspeak2_RC2\unins000.exe
TeamViewer 4-->C:\Programme\TeamViewer\Version4\uninstall.exe
TM507 Webcam-->RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{7F5A0E78-2B5A-4689-A91D-D60D83FC45E1}\Setup.exe" -l0x7 
TMbot 2.3.0.0-->C:\Programme\TMbot\uninstall.exe
TMbot 2.7.9-->D:\Programme\TMbot\Uninstall.exe
T-Online 6.0-->RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{B1275E23-717A-4D52-997A-1AD1E24BC7F3}\setup.exe" CPAS
T-Online Router Web-IF Management-->RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{2638924D-DC58-4C40-BB1C-48C2B24B7B1B}\Setup.exe" -L0x7
TuneUp WinStyler-->MsiExec.exe /I{6FE7F94E-7AF8-421F-9A19-04681A099AE3}
Ultra Defragmenter-->"C:\WINDOWS\UltraDefrag\uninstall.exe"
Uninstall 1.0.0.1-->"C:\Programme\Gemeinsame Dateien\DVDVideoSoft\unins000.exe"
Update für Windows Internet Explorer 7 (KB976749)-->"C:\WINDOWS\ie7updates\KB976749-IE7\spuninst\spuninst.exe"
Update für Windows Internet Explorer 7 (KB980182)-->"C:\WINDOWS\ie7updates\KB980182-IE7\spuninst\spuninst.exe"
Update für Windows XP (KB951072-v2)-->"C:\WINDOWS\$NtUninstallKB951072-v2$\spuninst\spuninst.exe"
Update für Windows XP (KB951978)-->"C:\WINDOWS\$NtUninstallKB951978$\spuninst\spuninst.exe"
Update für Windows XP (KB955759)-->"C:\WINDOWS\$NtUninstallKB955759$\spuninst\spuninst.exe"
Update für Windows XP (KB955839)-->"C:\WINDOWS\$NtUninstallKB955839$\spuninst\spuninst.exe"
Update für Windows XP (KB967715)-->"C:\WINDOWS\$NtUninstallKB967715$\spuninst\spuninst.exe"
Update für Windows XP (KB968389)-->"C:\WINDOWS\$NtUninstallKB968389$\spuninst\spuninst.exe"
Update für Windows XP (KB971737)-->"C:\WINDOWS\$NtUninstallKB971737$\spuninst\spuninst.exe"
Update für Windows XP (KB973687)-->"C:\WINDOWS\$NtUninstallKB973687$\spuninst\spuninst.exe"
Update für Windows XP (KB973815)-->"C:\WINDOWS\$NtUninstallKB973815$\spuninst\spuninst.exe"
VC80CRTRedist - 8.0.50727.762-->MsiExec.exe /I{767CC44C-9BBC-438D-BAD3-FD4595DD148B}
VP3 Codec Version 3.2.6.1-->D:\Programme\VP3 Codec\Uninstal.exe
Wichtiges Update für Windows Media Player 11 (KB959772)-->"C:\WINDOWS\$NtUninstallKB959772_WM11$\spuninst\spuninst.exe"
Windows Genuine Advantage v1.3.0254.0-->MsiExec.exe /I{63569CE9-FA00-469C-AF5C-E5D4D93ACF91}
Windows Imaging Component-->"C:\WINDOWS\$NtUninstallWIC$\spuninst\spuninst.exe"
Windows Live Messenger-->MsiExec.exe /I{279DB581-239C-4E13-97F8-0F48E40BE75C}
Windows Media Format 11 runtime-->"C:\Programme\Windows Media Player\wmsetsdk.exe" /UninstallAll
Windows Media Format 11 runtime-->"C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe"
Windows Media Player 11-->"C:\Programme\Windows Media Player\Setup_wm.exe" /Uninstall
Windows Media Player 11-->"C:\WINDOWS\$NtUninstallwmp11$\spuninst\spuninst.exe"
Windows Media Player Firefox Plugin-->MsiExec.exe /I{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}
Windows Presentation Foundation Language Pack (DEU)-->MsiExec.exe /X{92DF2F1B-F63C-4D9A-B3E1-B2D11AE29790}
Windows Presentation Foundation-->MsiExec.exe /X{BAF78226-3200-4DB4-BE33-4D922A799840}
Windows XP Service Pack 3-->"C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe"
Windows-Treiberpaket - Advanced Micro Devices (AmdK8) Processor  (05/27/2006 1.3.2.0)-->C:\PROGRA~1\DIFX\7B44739871F4D539FA473F57A832EA4B6A59EF06\DPINST.EXE /d /u C:\WINDOWS\system32\DRVSTORE\amdk8_C710CEED791003E4D635992B02471584893356A0\amdk8.inf
Windows-Treiberpaket - Nokia Modem  (02/15/2007 3.1)-->C:\PROGRA~1\DIFX\270581355A767BF1\dpinst.exe /u C:\WINDOWS\system32\DRVSTORE\pccs_bluet_8B37DC72918CCD58A6EC20373AF6242B037A293B\pccs_bluetooth.inf
Windows-Treiberpaket - Nokia Modem  (02/15/2007 3.1)-->C:\PROGRA~1\DIFX\270581355A767BF1\dpinst.exe /u C:\WINDOWS\system32\DRVSTORE\pccs_bluet_F12A08B6F776984A95553486F64C541356F86E38\pccs_bluetooth.inf
Windows-Treiberpaket - Nokia Modem  (03/05/2008 3.7)-->C:\PROGRA~1\DIFX\270581355A767BF1\dpinst.exe /u C:\WINDOWS\system32\DRVSTORE\nokia_blue_635B28EFCFA9395123BB1C251595CB16129E2560\nokia_bluetooth.inf
Windows-Treiberpaket - Nokia Modem  (03/13/2008 6.86.0.1)-->C:\PROGRA~1\DIFX\270581355A767BF1\dpinst.exe /u C:\WINDOWS\system32\DRVSTORE\nokbtmdm_28F2EAC406838DA65AFF6C6886FE9FE96AEF5186\nokbtmdm.inf
Windows-Treiberpaket - Nokia Modem  (05/22/2008 3.8)-->C:\PROGRA~1\DIFX\270581355A767BF1\dpinst.exe /u C:\WINDOWS\system32\DRVSTORE\nokia_blue_6F90B0F4A73A2F780A1010B5D6CB5DDFB098181E\nokia_bluetooth.inf
Windows-Treiberpaket - Nokia Modem  (05/22/2008 7.00.0.1)-->C:\PROGRA~1\DIFX\270581355A767BF1\dpinst.exe /u C:\WINDOWS\system32\DRVSTORE\nokbtmdm_E68D50F7E25BFE399D47C864C3B52557346242A9\nokbtmdm.inf
Windows-Treiberpaket - Nokia Modem  (05/24/2007 6.84.0.1)-->C:\PROGRA~1\DIFX\270581355A767BF1\dpinst.exe /u C:\WINDOWS\system32\DRVSTORE\nokbtmdm_5E1541AFF1E1EA3554CE566743CCAD323ED1C108\nokbtmdm.inf
Windows-Treiberpaket - Nokia pccsmcfd  (08/22/2008 7.0.0.0)-->C:\PROGRA~1\DIFX\B4723E9A0713E5B1\dpinst.exe /u C:\WINDOWS\system32\DRVSTORE\pccsmcfd_A3B3916E5D8138F59EE218321B27B044D3B18294\pccsmcfd.inf
WinRAR-->D:\Programme\WinRAR\uninstall.exe
Xfire (remove only)-->"D:\Programme\Programme\Xfire\uninst.exe"
XML Paper Specification Shared Components Language Pack 1.0-->"C:\WINDOWS\$NtUninstallXPSEPSCLP$\spuninst\spuninst.exe"
XviD MPEG-4 Video Codec-->D:\Programme\XviD\unins000.exe

======Hosts File======

::1       localhost

======Security center information======

AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic (disabled)
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic (disabled)
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic (disabled)
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic (outdated)
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic (outdated)
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Norton 360
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: AntiVir Desktop
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic (disabled)
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic (disabled)
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Kaspersky Anti-Virus
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic (disabled)
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
FW: Norton 360

======System event log======

Computer Name: FINN
Event Code: 256
Message: Beim Senden der Benachrichtigung der Geräteschnittstellenänderung an Fenster von "Einstellungen" wurde das Zeitlimit überschritten.

Record Number: 81805
Source Name: PlugPlayManager
Time Written: 20100510064439.000000+120
Event Type: Warnung
User: 

Computer Name: FINN
Event Code: 256
Message: Beim Senden der Benachrichtigung der Geräteschnittstellenänderung an Fenster von "Einstellungen" wurde das Zeitlimit überschritten.

Record Number: 81804
Source Name: PlugPlayManager
Time Written: 20100510064439.000000+120
Event Type: Warnung
User: 

Computer Name: FINN
Event Code: 256
Message: Beim Senden der Benachrichtigung der Geräteschnittstellenänderung an Fenster von "Einstellungen" wurde das Zeitlimit überschritten.

Record Number: 81803
Source Name: PlugPlayManager
Time Written: 20100510064439.000000+120
Event Type: Warnung
User: 

Computer Name: FINN
Event Code: 256
Message: Beim Senden der Benachrichtigung der Geräteschnittstellenänderung an Fenster von "Einstellungen" wurde das Zeitlimit überschritten.

Record Number: 81802
Source Name: PlugPlayManager
Time Written: 20100510064439.000000+120
Event Type: Warnung
User: 

Computer Name: FINN
Event Code: 256
Message: Beim Senden der Benachrichtigung der Geräteschnittstellenänderung an Fenster von "Einstellungen" wurde das Zeitlimit überschritten.

Record Number: 81801
Source Name: PlugPlayManager
Time Written: 20100510064439.000000+120
Event Type: Warnung
User: 

=====Application event log=====

Computer Name: FINN
Event Code: 1
Message: 
Record Number: 3053
Source Name: OviSuite
Time Written: 20100901212504.000000+120
Event Type: Informationen
User: 

Computer Name: FINN
Event Code: 1
Message: 
Record Number: 3052
Source Name: OviSuite
Time Written: 20100901212504.000000+120
Event Type: Informationen
User: 

Computer Name: FINN
Event Code: 1
Message: 
Record Number: 3051
Source Name: OviSuite
Time Written: 20100901212504.000000+120
Event Type: Informationen
User: 

Computer Name: FINN
Event Code: 1
Message: 
Record Number: 3050
Source Name: OviSuite
Time Written: 20100901212504.000000+120
Event Type: Informationen
User: 

Computer Name: FINN
Event Code: 1
Message: 
Record Number: 3049
Source Name: OviSuite
Time Written: 20100901132059.000000+120
Event Type: Fehler
User: 

=====Security event log=====

Computer Name: FINN
Event Code: 576
Message: Besondere Rechte bei neuer Anmeldung:

	Benutzername:	

	Domäne:		

	Anmeldekennung:		(0x0,0x2000C)

	Berechtigungen:		SeChangeNotifyPrivilege
			SeBackupPrivilege
			SeRestorePrivilege
			SeDebugPrivilege

Record Number: 215461
Source Name: Security
Time Written: 20100709012336.000000+120
Event Type: Überwachung erfolgreich
User: FINN\Ich

Computer Name: FINN
Event Code: 528
Message: Erfolgreiche Anmeldung:

	Benutzername:	Ich

	Domäne:		FINN

	Anmeldekennung:		(0x0,0x2000C)

	Anmeldetyp:	2

	Anmeldevorgang:	Advapi  

	Authentifizierungspaket:	Negotiate

	Name der Arbeitsstation:	FINN

	Anmelde-GUID:	-

Record Number: 215460
Source Name: Security
Time Written: 20100709012336.000000+120
Event Type: Überwachung erfolgreich
User: FINN\Ich

Computer Name: FINN
Event Code: 680
Message: Anmeldversuch von: MICROSOFT_AUTHENTICATION_PACKAGE_V1_0

Anmeldekonto:  Ich

Arbeitsstation: FINN

Fehlercode: 0x0


Record Number: 215459
Source Name: Security
Time Written: 20100709012336.000000+120
Event Type: Überwachung erfolgreich
User: NT-AUTORITÄT\SYSTEM

Computer Name: FINN
Event Code: 806
Message: Die Benutzerrichtlinienüberwachung wurde aktualisiert.

	Anzahl der Elemente:	0

	Richtlinienkennung:	(0x0,0x1F611)


Record Number: 215458
Source Name: Security
Time Written: 20100709012336.000000+120
Event Type: Überwachung erfolgreich
User: NT-AUTORITÄT\SYSTEM

Computer Name: FINN
Event Code: 576
Message: Besondere Rechte bei neuer Anmeldung:

	Benutzername:	

	Domäne:		

	Anmeldekennung:		(0x0,0x3E5)

	Berechtigungen:		SeAuditPrivilege
			SeAssignPrimaryTokenPrivilege
			SeChangeNotifyPrivilege

Record Number: 215457
Source Name: Security
Time Written: 20100709012336.000000+120
Event Type: Überwachung erfolgreich
User: NT-AUTORITÄT\LOKALER DIENST

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"Path"=C:\Programme\PC Connectivity Solution\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Programme\Gemeinsame Dateien\DivX Shared\;C:\Programme\ATI Technologies\ATI.ACE\Core-Static;D:\Programme\QuickTime\QTSystem\
"windir"=%SystemRoot%
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_LEVEL"=15
"PROCESSOR_IDENTIFIER"=x86 Family 15 Model 43 Stepping 1, AuthenticAMD
"PROCESSOR_REVISION"=2b01
"NUMBER_OF_PROCESSORS"=2
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"SAN_DIR"=D:\Programme\SiSoftware\SiSoftware Sandra Lite 2009.SP3c
"CLASSPATH"=.;C:\Programme\Java\jre6\lib\ext\QTJava.zip
"QTJAVA"=C:\Programme\Java\jre6\lib\ext\QTJava.zip

-----------------EOF-----------------

--- --- ---

.Anti. · 07.09.2010, 20:15

log.txt (RSIT)

RSIT Logfile:

Code:

ATTFilter

Logfile of random's system information tool 1.08 (written by random/random)
Run by Ich at 2010-09-07 21:11:23
Microsoft Windows XP Home Edition Service Pack 3
System drive C: has 14 GB (19%) free of 74 GB
Total RAM: 1534 MB (35% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 21:12:50, on 07.09.2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.17055)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Programme\TuneUp WinStyler\WinStylerThemeSvc.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Programme\Avira\AntiVir Desktop\sched.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Programme\Avira\AntiVir Desktop\avguard.exe
C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Programme\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\svchost.exe
C:\Programme\Java\jre6\bin\jqs.exe
C:\Programme\Norton 360\Engine\4.0.0.127\ccSvcHst.exe
C:\WINDOWS\system32\rundll32.exe
C:\Programme\Microsoft IntelliType Pro\type32.exe
D:\Programme\T-Online\T-Online_Software_6\Basis-Software\Basis1\ToADiMon.exe
C:\Programme\Microsoft Application Virtualization Client\sftvsa.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\UAService7.exe
C:\Programme\Microsoft Application Virtualization Client\sftlist.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Programme\Microsoft IntelliPoint\ipoint.exe
C:\Programme\Avira\AntiVir Desktop\avgnt.exe
C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe
C:\Programme\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Dokumente und Einstellungen\Ich\Lokale Einstellungen\Anwendungsdaten\Google\Update\GoogleUpdate.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programme\Gemeinsame Dateien\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
C:\Programme\Microsoft IntelliPoint\dpupdchk.exe
C:\Programme\Norton 360\Engine\4.0.0.127\ccSvcHst.exe
C:\Programme\Gemeinsame Dateien\Microsoft Shared\Works Shared\WkCalRem.exe
C:\WINDOWS\system32\Macromed\Shockwave 10\PostUpdate.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Programme\Skype\Phone\Skype.exe
D:\Programme\ICQ7.0\ICQ.exe
D:\Programme\Mozilla Firefox\firefox.exe
D:\Programme\Malwarebytes' Anti-Malware\mbam.exe
C:\Dokumente und Einstellungen\Ich\Desktop\RSIT.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\Programme\trend micro\Ich.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://fullarticles.net
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R3 - URLSearchHook: (no name) - {855F3B16-6D32-4fe6-8A56-BBB695989046} - (no file)
O1 - Hosts: ÿþ127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: AskBar BHO - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Programme\AskBarDis\bar\bin\askBar.dll
O2 - BHO: Symantec NCO BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Programme\Norton 360\Engine\4.0.0.127\coIEPlg.dll
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Programme\Norton 360\Engine\4.0.0.127\IPSBHO.DLL
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\programme\google\googletoolbar3.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programme\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Programme\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: (no name) - {855F3B16-6D32-4fe6-8A56-BBB695989046} - (no file)
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\programme\google\googletoolbar3.dll
O3 - Toolbar: Ask Toolbar - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Programme\AskBarDis\bar\bin\askBar.dll
O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Programme\DAEMON Tools Toolbar\DTToolbar.dll
O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Programme\Norton 360\Engine\4.0.0.127\coIEPlg.dll
O4 - HKLM\..\Run: [LaunchApp] Alaunch
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [type32] "C:\Programme\Microsoft IntelliType Pro\type32.exe"
O4 - HKLM\..\Run: [ToADiMon.exe] D:\Programme\T-Online\T-Online_Software_6\Basis-Software\Basis1\ToADiMon.exe -TOnlineAutodialStart
O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAShCut.exe
O4 - HKLM\..\Run: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [IntelliPoint] "C:\Programme\Microsoft IntelliPoint\ipoint.exe"
O4 - HKLM\..\Run: [StartCCC] "C:\Programme\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [QuickTime Task] "D:\Programme\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [avgnt] "C:\Programme\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto
O4 - HKCU\..\Run: [swg] "C:\Programme\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [Google Update] "C:\Dokumente und Einstellungen\Ich\Lokale Einstellungen\Anwendungsdaten\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Skype] "C:\Programme\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [Steam] "d:\programme\steam\steam.exe" -silent
O4 - HKCU\..\Run: [ICQ] "D:\Programme\ICQ7.0\ICQ.exe" silent loginmode=4
O4 - HKCU\..\RunOnce: [SWHelper] "C:\WINDOWS\system32\Macromed\Shockwave 10\PostUpdate.exe" 1014020
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOKALER DIENST')
O4 - HKUS\S-1-5-19\..\Run: [InfoCockpit] D:\Programme\T-Online\T-Online_Software_6\Info-Cockpit\INFOCOCKPIT.EXE /nosplash (User 'LOKALER DIENST')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETZWERKDIENST')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: WKCALREM.LNK = C:\Programme\Gemeinsame Dateien\Microsoft Shared\Works Shared\WkCalRem.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Programme\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Programme\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Programme\ICQLite\ICQLite.exe (file missing)
O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Programme\ICQLite\ICQLite.exe (file missing)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - hxxp://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - hxxp://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1135673099383
O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} (Oberon Flash Game Host) - hxxp://icq.oberon-media.com/Gameshell/GameHost/1.0/OberonGameHost.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\GEMEIN~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Avira AntiVir Planer (AntiVirSchedulerService) - Avira GmbH - C:\Programme\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Programme\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Bonjour-Dienst (Bonjour Service) - Apple Inc. - C:\Programme\Bonjour\mDNSResponder.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Programme\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: ICQ Service - Unknown owner - C:\Programme\ICQ6Toolbar\ICQ Service.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programme\Gemeinsame Dateien\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Programme\Java\jre6\bin\jqs.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: Norton 360 (N360) - Symantec Corporation - C:\Programme\Norton 360\Engine\4.2.0.12\ccSvcHst.exe
O23 - Service: SiSoftware Deployment Agent Service (SandraAgentSrv) - SiSoftware - D:\Programme\SiSoftware\SiSoftware Sandra Lite 2009.SP3c\RpcAgentSrv.exe
O23 - Service: ServiceLayer - Nokia - C:\Programme\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: TuneUp WinStyler Theme Service (TUWinStylerThemeSvc) - TuneUp Software GmbH - C:\Programme\TuneUp WinStyler\WinStylerThemeSvc.exe
O23 - Service: SecuROM User Access Service (V7) (UserAccess7) - Sony DADC Austria AG. - C:\WINDOWS\system32\UAService7.exe

--
End of file - 11596 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\Microsoft_Hardware_Launch_IPoint_exe.job
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-3598312876-1066895871-4027723870-1007Core1cb0cc11dcdc67c.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Adobe PDF Reader Link Helper - C:\Programme\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll [2006-12-18 59032]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{201f27d4-3704-41d6-89c1-aa35e39143ed}]
AskBar BHO - C:\Programme\AskBarDis\bar\bin\askBar.dll [2008-08-26 279944]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408}]
Symantec NCO BHO - C:\Programme\Norton 360\Engine\4.0.0.127\coIEPlg.dll [2009-12-10 394608]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6D53EC84-6AAE-4787-AEEE-F4628F01010C}]
Symantec Intrusion Prevention - C:\Programme\Norton 360\Engine\4.0.0.127\IPSBHO.DLL [2009-11-17 79224]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7E853D72-626A-48EC-A868-BA8D5E23E045}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - c:\programme\google\googletoolbar3.dll [2007-01-19 2427968]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Programme\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll [2009-12-07 764912]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Programme\Java\jre6\bin\jp2ssv.dll [2010-08-04 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Programme\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2010-08-04 79648]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{855F3B16-6D32-4fe6-8A56-BBB695989046}
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - &Google - c:\programme\google\googletoolbar3.dll [2007-01-19 2427968]
{3041d03e-fd4b-44e0-b742-2d9b88305f98} - Ask Toolbar - C:\Programme\AskBarDis\bar\bin\askBar.dll [2008-08-26 279944]
{32099AAC-C132-4136-9E9A-4E364A424E17} - DAEMON Tools Toolbar - C:\Programme\DAEMON Tools Toolbar\DTToolbar.dll [2008-07-04 683464]
{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - Norton Toolbar - C:\Programme\Norton 360\Engine\4.0.0.127\coIEPlg.dll [2009-12-10 394608]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"LaunchApp"=Alaunch []
"IMJPMIG8.1"=C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE [2004-08-04 208952]
"MSPY2002"=C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe [2004-08-04 59392]
"PHIME2002ASync"=C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE [2004-08-04 455168]
"PHIME2002A"=C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE [2004-08-04 455168]
"BluetoothAuthenticationAgent"=bthprops.cpl,,BluetoothAuthenticationAgent []
"type32"=C:\Programme\Microsoft IntelliType Pro\type32.exe [2004-06-03 172032]
"ToADiMon.exe"=D:\Programme\T-Online\T-Online_Software_6\Basis-Software\Basis1\ToADiMon.exe [2005-06-27 278528]
"High Definition Audio Property Page Shortcut"=C:\WINDOWS\system32\HDAShCut.exe [2005-01-07 61952]
"UserFaultCheck"=C:\WINDOWS\system32\dumprep 0 -u []
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2005-07-01 14477312]
"Alcmtr"=C:\WINDOWS\ALCMTR.EXE [2005-07-01 69632]
"IntelliPoint"=C:\Programme\Microsoft IntelliPoint\ipoint.exe [2008-06-10 1406024]
"StartCCC"=C:\Programme\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2009-02-03 61440]
"QuickTime Task"=D:\Programme\QuickTime\QTTask.exe [2009-11-11 417792]
"avgnt"=C:\Programme\Avira\AntiVir Desktop\avgnt.exe [2009-03-02 209153]
"KernelFaultCheck"=C:\WINDOWS\system32\dumprep 0 -k []
"SunJavaUpdateSched"=C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe [2010-05-14 248552]
"MSConfig"=C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe [2008-04-14 172544]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"swg"=C:\Programme\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2007-06-16 68856]
"Google Update"=C:\Dokumente und Einstellungen\Ich\Lokale Einstellungen\Anwendungsdaten\Google\Update\GoogleUpdate.exe [2009-01-06 133104]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"Skype"=C:\Programme\Skype\Phone\Skype.exe [2010-05-13 26192168]
"Steam"=d:\programme\steam\steam.exe [2010-09-02 1242448]
"ICQ"=D:\Programme\ICQ7.0\ICQ.exe [2010-08-22 133432]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"SWHelper"=C:\WINDOWS\system32\Macromed\Shockwave 10\PostUpdate.exe [2009-12-07 53248]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Free Quick Keylogger]
D:\Programme\WideStep Software\Free Quick Keylogger\qpanel.exe /AUTORUN []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ Malwarebytes Anti-Malware  (reboot)]
D:\Programme\Malwarebytes' Anti-Malware\mbam.exe [2010-04-29 1090952]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
C:\Programme\Messenger\msmsgs.exe [2008-04-14 1695232]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaMServer]
C:\Programme\Gemeinsame Dateien\Nokia\MPlatform\NokiaMServer /watchfiles startup []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaMusic FastStart]
C:\Programme\Nokia\Ovi Player\NokiaOviPlayer.exe [2010-03-04 2192672]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ntiMUI]
c:\Programme\NewTech Infosystems\NTI CD & DVD-Maker 7\ntiMUI.exe [2005-05-11 45056]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Profiler]
C:\Programme\Saitek\Software\Profiler.exe [2004-01-28 159744]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl]
C:\Programme\CyberLink\PowerDVD\PDVDServ.exe [2004-07-15 32768]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RGSC]
D:\Programme\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe /silent []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SaiSmart]
C:\Programme\Saitek\Software\SaiSmart.exe [2004-01-28 98304]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Dokumente und Einstellungen^Ich^Startmenü^Programme^Zubehör^Autostart^Registration .LNK]
C:\Programme\Ubisoft\Peter Jackson's King Kong - The Official Game of the Movie\RegistrationReminder.exe -d 803617 -l german -r 7 -g  -c us -i 2309 []

C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart
Microsoft Office.lnk - C:\Programme\Microsoft Office\Office10\OSA.EXE
Adobe Reader Speed Launch.lnk - C:\Programme\Adobe\Acrobat 7.0\Reader\reader_sl.exe

C:\Dokumente und Einstellungen\Ich\Startmenü\Programme\Zubehör\Autostart
WKCALREM.LNK - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Works Shared\WkCalRem.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2009-02-04 155648]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2007-03-15 236928]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=0
"HonorAutoRunSetting"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"D:\Programme\LucasArts\Star Wars Battlefront II\GameData\BattlefrontII.exe"="D:\Programme\LucasArts\Star Wars Battlefront II\GameData\BattlefrontII.exe:*:Enabled:BattlefrontII"
"C:\WINDOWS\System32\LEXPPS.EXE"="C:\WINDOWS\System32\LEXPPS.EXE:*:Disabled:LEXPPS"
"D:\Programme\Xfire\Xfire.exe"="D:\Programme\Xfire\Xfire.exe:*:Enabled:Xfire"
"D:\Programme\BearShare\BearShare.exe"="D:\Programme\BearShare\BearShare.exe:*:Disabled:BearShare"
"D:\Programme\World of Warcraft\WoW-1.12.0-deDE-downloader.exe"="D:\Programme\World of Warcraft\WoW-1.12.0-deDE-downloader.exe:*:Enabled:Blizzard Downloader"
"D:\Programme\World of Warcraft\WoW-1.12.x-to-2.0.1-deDE-patch-downloader.exe"="D:\Programme\World of Warcraft\WoW-1.12.x-to-2.0.1-deDE-patch-downloader.exe:*:Enabled:Blizzard Downloader"
"D:\Programme\World of Warcraft\WoW-2.0.3-deDE-downloader.exe"="D:\Programme\World of Warcraft\WoW-2.0.3-deDE-downloader.exe:*:Enabled:Blizzard Downloader"
"D:\Programme\World of Warcraft\WoW-2.0.3.6299-to-2.0.10.6448-deDE-downloader.exe"="D:\Programme\World of Warcraft\WoW-2.0.3.6299-to-2.0.10.6448-deDE-downloader.exe:*:Enabled:Blizzard Downloader"
"D:\Programme\World of Warcraft\WoW-2.0.10.6448-to-2.0.12.6546-deDE-downloader.exe"="D:\Programme\World of Warcraft\WoW-2.0.10.6448-to-2.0.12.6546-deDE-downloader.exe:*:Enabled:Blizzard Downloader"
"D:\Programme\ICQ6\ICQ.exe"="D:\Programme\ICQ6\ICQ.exe:*:Enabled:ICQ6"
"D:\Programme\World of Warcraft\BackgroundDownloader.exe"="D:\Programme\World of Warcraft\BackgroundDownloader.exe:*:Enabled:Blizzard Downloader"
"D:\Programme\World of Warcraft\WoW-2.0.12.6546-to-2.1.0.6692-deDE-downloader.exe"="D:\Programme\World of Warcraft\WoW-2.0.12.6546-to-2.1.0.6692-deDE-downloader.exe:*:Enabled:Blizzard Downloader"
"D:\Programme\World of Warcraft\WoWTest\WoW-0.2.0.7125-to-0.2.0.7153-deDE-downloader.exe"="D:\Programme\World of Warcraft\WoWTest\WoW-0.2.0.7125-to-0.2.0.7153-deDE-downloader.exe:*:Enabled:Blizzard Downloader"
"C:\Programme\Acer\Acer eConsole\MediaSync.exe"="C:\Programme\Acer\Acer eConsole\MediaSync.exe:LocalSubNet:Disabled:Media Synchoronizer"
"C:\WINDOWS\System32\dplaysvr.exe"="C:\WINDOWS\System32\dplaysvr.exe:*:Disabled:Microsoft DirectPlay Helper"
"C:\WINDOWS\Network Diagnostic\xpnetdiag.exe"="C:\WINDOWS\Network Diagnostic\xpnetdiag.exe:*:Disabled:@xpsp3res.dll,-20000"
"C:\WINDOWS\system32\sessmgr.exe"="C:\WINDOWS\system32\sessmgr.exe:*:Disabled:@xpsp2res.dll,-22019"
"D:\Programme\T-Online\T-Online_Software_6\Browser\browser.exe"="D:\Programme\T-Online\T-Online_Software_6\Browser\browser.exe:*:Disabled:T-Online Browser 6.0"
"C:\Programme\Messenger\msmsgs.exe"="C:\Programme\Messenger\msmsgs.exe:*:Disabled:Windows Messenger"
"C:\Programme\LucasArts\Star Wars Republic Commando\GameData\System\SWRepublicCommando.exe"="C:\Programme\LucasArts\Star Wars Republic Commando\GameData\System\SWRepublicCommando.exe:*:Enabled:SWRepublicCommando"
"D:\Programme\World of Warcraft\WoW-2.2.3.7359-to-2.3.0.7561-deDE-downloader.exe"="D:\Programme\World of Warcraft\WoW-2.2.3.7359-to-2.3.0.7561-deDE-downloader.exe:*:Enabled:Blizzard Downloader"
"D:\Programme\Gamers.IRC\mirc.exe"="D:\Programme\Gamers.IRC\mirc.exe:*:Enabled:mIRC"
"D:\Programme\LimeWire\LimeWire.exe"="D:\Programme\LimeWire\LimeWire.exe:*:Enabled:LimeWire"
"D:\Programme\Atari\BOILING POINT\Xenus.exe"="D:\Programme\Atari\BOILING POINT\Xenus.exe:*:Enabled:Xenus"
"C:\Dokumente und Einstellungen\Ich\Desktop\Counter-Strike Source an DonMorten\hl2.exe"="C:\Dokumente und Einstellungen\Ich\Desktop\Counter-Strike Source an DonMorten\hl2.exe:*:Enabled:hl2"
"C:\Dokumente und Einstellungen\Ich\Desktop\Battlefield 2\bf2_w32ded.exe"="C:\Dokumente und Einstellungen\Ich\Desktop\Battlefield 2\bf2_w32ded.exe:*:Enabled:bf2_w32ded"
"C:\Dokumente und Einstellungen\Ich\Desktop\Battlefield 2\BF2VoipServer.exe"="C:\Dokumente und Einstellungen\Ich\Desktop\Battlefield 2\BF2VoipServer.exe:*:Enabled:BF2VoipServer"
"D:\Programme\Ubisoft\Assassin's Creed\AssassinsCreed_Dx9.exe"="D:\Programme\Ubisoft\Assassin's Creed\AssassinsCreed_Dx9.exe:*:Enabled:Assassin's Creed Dx9"
"D:\Programme\Ubisoft\Assassin's Creed\AssassinsCreed_Dx10.exe"="D:\Programme\Ubisoft\Assassin's Creed\AssassinsCreed_Dx10.exe:*:Enabled:Assassin's Creed Dx10"
"D:\Programme\Ubisoft\Assassin's Creed\AssassinsCreed_Launcher.exe"="D:\Programme\Ubisoft\Assassin's Creed\AssassinsCreed_Launcher.exe:*:Enabled:Assassin's Creed Update"
"C:\Programme\Internet Explorer\iexplore.exe"="C:\Programme\Internet Explorer\iexplore.exe:*:Enabled:Internet Explorer"
"C:\Programme\Steam\SteamApps\weithoff007\counter-strike source\hl2.exe"="C:\Programme\Steam\SteamApps\weithoff007\counter-strike source\hl2.exe:*:Enabled:hl2"
"C:\Programme\Steam\SteamApps\weithoff007\day of defeat source\hl2.exe"="C:\Programme\Steam\SteamApps\weithoff007\day of defeat source\hl2.exe:*:Enabled:hl2"
"C:\Programme\TeamViewer\Version4\TeamViewer.exe"="C:\Programme\TeamViewer\Version4\TeamViewer.exe:*:Enabled:TeamViewer Remote Control Application"
"C:\Programme\Nokia\Nokia Software Updater\nsu_ui_client.exe"="C:\Programme\Nokia\Nokia Software Updater\nsu_ui_client.exe:*:Enabled:Nokia Software Updater"
"C:\Programme\Java\jre6\bin\java.exe"="C:\Programme\Java\jre6\bin\java.exe:*:Enabled:Java(TM) Platform SE binary"
"D:\Programme\SiSoftware\SiSoftware Sandra Lite 2009.SP3c\RpcAgentSrv.exe"="D:\Programme\SiSoftware\SiSoftware Sandra Lite 2009.SP3c\RpcAgentSrv.exe:*:Enabled:SiSoftware Deployment Agent Service"
"D:\Programme\Valve\hl.exe"="D:\Programme\Valve\hl.exe:*:Enabled:Half-Life Launcher"
"D:\Programme\Valve\hltv.exe"="D:\Programme\Valve\hltv.exe:*:Enabled:HLTV Launcher"
"D:\Programme\Counter-Strike 1.6\hl.exe"="D:\Programme\Counter-Strike 1.6\hl.exe:*:Enabled:Half-Life Launcher"
"D:\Programme\Rockstar Games\Grand Theft Auto IV\LaunchGTAIV.exe"="D:\Programme\Rockstar Games\Grand Theft Auto IV\LaunchGTAIV.exe:*:Enabled:Grand Theft Auto IV"
"C:\Programme\TravManager\TravManager-Client.exe"="C:\Programme\TravManager\TravManager-Client.exe:*:Enabled:TravManager"
"D:\Programme\Mozilla Firefox\TravManager-Client.exe"="D:\Programme\Mozilla Firefox\TravManager-Client.exe:*:Enabled:TravManager"
"D:\Programme\TravManager\TravManager.exe"="D:\Programme\TravManager\TravManager.exe:*:Enabled:TravManager"
"D:\Programme\GSC Game World\Cossacks II\Data\engine.exe"="D:\Programme\GSC Game World\Cossacks II\Data\engine.exe:*:Enabled:Cossacks 2: Napoleonic Wars"
"D:\Programme\Azureus\Azureus.exe"="D:\Programme\Azureus\Azureus.exe:*:Enabled:Azureus"
"D:\Programme\LucasArts\Star Wars Empire at War\GameData\sweaw.exe"="D:\Programme\LucasArts\Star Wars Empire at War\GameData\sweaw.exe:*:Enabled:Star Wars: Empire at War"
"C:\Programme\Microsoft Games\Rise Of Legends\legends.exe"="C:\Programme\Microsoft Games\Rise Of Legends\legends.exe:*:Enabled:Rise Of Legends"
"D:\Programme\ICQ6.5\ICQ.exe"="D:\Programme\ICQ6.5\ICQ.exe:*:Enabled:ICQ6"
"C:\Programme\Steam\Steam.exe"="C:\Programme\Steam\Steam.exe:*:Enabled:Steam"
"C:\Programme\Skype\Plugin Manager\skypePM.exe"="C:\Programme\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"D:\Programme\SiSoftware\SiSoftware Sandra Lite 2009.SP3c\WNt500x86\RpcSandraSrv.exe"="D:\Programme\SiSoftware\SiSoftware Sandra Lite 2009.SP3c\WNt500x86\RpcSandraSrv.exe:*:Enabled:SiSoftware Sandra Agent Service"
"C:\Programme\TMbot\TM.EXE"="C:\Programme\TMbot\TM.EXE:*:Enabled:TMbot"
"C:\Programme\Bonjour\mDNSResponder.exe"="C:\Programme\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
"D:\Programme\Anno 1701\Anno1701.exe"="D:\Programme\Anno 1701\Anno1701.exe:*:Enabled:Anno 1701"
"D:\Programme\ICQ7.0\ICQ.exe"="D:\Programme\ICQ7.0\ICQ.exe:*:Enabled:ICQ7"
"D:\Programme\ICQ7.0\aolload.exe"="D:\Programme\ICQ7.0\aolload.exe:*:Enabled:aolload.exe"
"D:\Programme\Steam\Steam.exe"="D:\Programme\Steam\Steam.exe:*:Enabled:Steam"
"C:\Dokumente und Einstellungen\Ich\Desktop\Counter-Strike Source\hl2.exe"="C:\Dokumente und Einstellungen\Ich\Desktop\Counter-Strike Source\hl2.exe:*:Disabled:hl2"
"D:\Programme\League of Legends\Air\LolClient.exe"="D:\Programme\League of Legends\Air\LolClient.exe:*:Enabled:League of Legends Lobby"
"D:\Programme\League of Legends\Game\League of Legends.exe"="D:\Programme\League of Legends\Game\League of Legends.exe:*:Enabled:League of Legends Game Client"
"C:\Programme\Pando Networks\Media Booster\PMB.exe"="C:\Programme\Pando Networks\Media Booster\PMB.exe:*:Enabled:Pando Media Booster"
"D:\Programme\Steam\SteamApps\weithoff007\counter-strike source\hl2.exe"="D:\Programme\Steam\SteamApps\weithoff007\counter-strike source\hl2.exe:*:Enabled:Counter-Strike: Source"
"C:\Dokumente und Einstellungen\Ich\Desktop\P18943431.JPG-www.facebook.exe"="C:\WINDOWS\nvsvc32.exe:*:Enabled:NVIDIA driver monitor"
"C:\Programme\MSN Messenger\msnmsgr.exe"="C:\Programme\MSN Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"
"C:\Programme\MSN Messenger\livecall.exe"="C:\Programme\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"
"C:\Programme\Skype\Phone\Skype.exe"="C:\Programme\Skype\Phone\Skype.exe:*:Enabled:Skype"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"D:\Programme\ICQ7.0\ICQ.exe"="D:\Programme\ICQ7.0\ICQ.exe:*:Enabled:ICQ7"
"D:\Programme\ICQ7.0\aolload.exe"="D:\Programme\ICQ7.0\aolload.exe:*:Enabled:aolload.exe"
"C:\Programme\Pando Networks\Media Booster\PMB.exe"="C:\Programme\Pando Networks\Media Booster\PMB.exe:*:Enabled:Pando Media Booster"
"C:\Programme\MSN Messenger\msnmsgr.exe"="C:\Programme\MSN Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"
"C:\Programme\MSN Messenger\livecall.exe"="C:\Programme\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"

======List of files/folders created in the last 1 months======

2010-09-07 21:12:19 ----D---- C:\Programme\trend micro
2010-09-07 21:11:23 ----D---- C:\rsit
2010-09-07 18:27:11 ----D---- C:\WINDOWS\LastGood
2010-09-07 17:06:29 ----D---- C:\WINDOWS\system32\Adobe
2010-09-07 17:00:36 ----RA---- C:\WINDOWS\system32\GEARAspi.dll
2010-09-07 17:00:36 ----RA---- C:\WINDOWS\system32\drivers\GEARAspiWDM.sys
2010-09-07 17:00:31 ----D---- C:\Programme\Symantec
2010-09-07 17:00:31 ----D---- C:\Programme\Gemeinsame Dateien\Symantec Shared
2010-09-07 17:00:31 ----A---- C:\WINDOWS\system32\S32EVNT1.DLL
2010-09-07 17:00:31 ----A---- C:\WINDOWS\system32\drivers\SYMEVENT.SYS
2010-09-07 16:59:43 ----D---- C:\WINDOWS\system32\drivers\N360
2010-09-07 16:59:37 ----D---- C:\Programme\Windows Sidebar
2010-09-07 16:59:37 ----D---- C:\Programme\Norton 360
2010-09-07 16:59:36 ----D---- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Norton
2010-09-07 16:59:12 ----D---- C:\Programme\NortonInstaller
2010-09-07 16:56:10 ----D---- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\NortonInstaller
2010-09-06 23:29:18 ----D---- C:\_OTL
2010-09-06 22:16:47 ----D---- C:\Dokumente und Einstellungen\Ich\Anwendungsdaten\Malwarebytes
2010-09-06 22:16:28 ----A---- C:\WINDOWS\system32\drivers\mbamswissarmy.sys
2010-09-06 22:16:22 ----D---- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Malwarebytes
2010-09-06 22:16:21 ----A---- C:\WINDOWS\system32\drivers\mbam.sys
2010-09-06 16:35:22 ----D---- C:\Dokumente und Einstellungen\Ich\Anwendungsdaten\Mp3tag
2010-09-06 16:07:54 ----D---- C:\Dokumente und Einstellungen\Ich\Anwendungsdaten\DVDVideoSoftIEHelpers
2010-09-02 20:38:39 ----A---- C:\WINDOWS\ModemLog_Standardmodem über Bluetooth-Verbindung.txt
2010-09-01 21:27:52 ----D---- C:\Dokumente und Einstellungen\Ich\Anwendungsdaten\Nokia Ovi Suite
2010-09-01 04:12:41 ----HD---- C:\WINDOWS\$NtUninstallWudf01009$
2010-09-01 04:06:53 ----HD---- C:\WINDOWS\$NtUninstallWdf01009$
2010-09-01 03:50:49 ----D---- C:\WINDOWS\Globalization
2010-09-01 03:50:22 ----D---- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\NokiaMusic
2010-09-01 03:44:21 ----A---- C:\WINDOWS\system32\drivers\pccsmcfd.sys
2010-09-01 03:44:11 ----D---- C:\Programme\PC Connectivity Solution
2010-09-01 03:43:22 ----A---- C:\WINDOWS\system32\wdfcoinstaller01009.dll
2010-09-01 03:43:22 ----A---- C:\WINDOWS\system32\nmwcdcocls.dll
2010-09-01 03:43:22 ----A---- C:\WINDOWS\system32\drivers\ccdcmb.sys
2010-09-01 03:40:39 ----D---- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\NokiaInstallerCache
2010-08-21 18:33:32 ----SHD---- C:\FOUND.069
2010-08-20 03:55:24 ----A---- C:\WINDOWS\system32\javaws.exe
2010-08-20 03:55:24 ----A---- C:\WINDOWS\system32\javaw.exe
2010-08-20 03:55:24 ----A---- C:\WINDOWS\system32\java.exe
2010-08-11 04:42:15 ----D---- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Blizzard Entertainment
2010-08-11 04:41:24 ----D---- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Blizzard
2010-08-11 04:39:16 ----D---- C:\Programme\World of Warcraft Trial

======List of files/folders modified in the last 1 months======

2010-09-07 17:13:46 ----RSH---- C:\boot.ini
2010-09-07 17:13:46 ----A---- C:\WINDOWS\win.ini
2010-09-07 17:13:46 ----A---- C:\WINDOWS\system.ini
2010-09-06 22:19:28 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2010-09-02 20:29:54 ----A---- C:\WINDOWS\Brownie.ini
2010-09-01 04:07:14 ----A---- C:\WINDOWS\imsins.BAK

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 amdide;amdide; C:\WINDOWS\system32\DRIVERS\amdide.sys [2007-10-12 9096]
R0 AVG Anti-Rootkit;AVG Anti-Rootkit; C:\WINDOWS\System32\DRIVERS\avgarkt.sys [2007-01-31 5632]
R0 ohci1394;VIA OHCI-konformer IEEE 1394-Hostcontroller; C:\WINDOWS\system32\DRIVERS\ohci1394.sys [2008-04-13 61696]
R0 PxHelp20;PxHelp20; C:\WINDOWS\System32\Drivers\PxHelp20.sys [2009-04-28 44944]
R0 sfvfs02;StarForce Protection VFS Driver (version 2.x); C:\WINDOWS\System32\drivers\sfvfs02.sys [2005-11-03 63488]
R0 SI3112r;ATI-437A Serial ATA Controller; C:\WINDOWS\system32\DRIVERS\SI3112r.sys [2005-06-01 97920]
R0 SiFilter;SATALink driver accelerator; C:\WINDOWS\system32\DRIVERS\SiWinAcc.sys [2005-06-01 10240]
R0 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys [2009-06-15 717296]
R0 SymDS;Symantec Data Store; C:\WINDOWS\system32\drivers\N360\0402000.00C\SYMDS.SYS [2009-10-15 328752]
R0 SymEFA;Symantec Extended File Attributes; C:\WINDOWS\system32\drivers\N360\0402000.00C\SYMEFA.SYS [2010-04-22 173104]
R0 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2009-07-13 91904]
R1 AmdK8;AMD-Prozessortreiber; C:\WINDOWS\system32\DRIVERS\AmdK8.sys [2006-07-01 43520]
R1 AvgArCln;Avg Anti-Rootkit Clean Driver; C:\WINDOWS\System32\DRIVERS\AvgArCln.sys [2007-01-18 3968]
R1 avgio;avgio; \??\C:\Programme\Avira\AntiVir Desktop\avgio.sys []
R1 avipbb;avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [2009-03-30 96104]
R1 BHDrvx86;BHDrvx86; \??\C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\Definitions\BASHDefs\20100810.004\BHDrvx86.sys []
R1 ccHP;Symantec Hash Provider; C:\WINDOWS\system32\drivers\N360\0402000.00C\ccHPx86.sys [2010-02-26 501888]
R1 eeCtrl;Symantec Eraser Control driver; \??\C:\Programme\Gemeinsame Dateien\Symantec Shared\EENGINE\eeCtrl.sys []
R1 kbdhid;Tastatur-HID-Treiber; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14720]
R1 SRTSPX;Symantec Real Time Storage Protection (PEL); C:\WINDOWS\system32\drivers\N360\0402000.00C\SRTSPX.SYS [2010-04-22 43696]
R1 SymIRON;Symantec Iron Driver; C:\WINDOWS\system32\drivers\N360\0402000.00C\Ironx86.SYS [2010-04-29 116784]
R1 UBHelper;UBHelper; C:\WINDOWS\system32\drivers\UBHelper.sys [2004-12-17 13952]
R1 WS2IFSL;Windows Socket 2.0 Non-IFS-Dienstanbieter-Unterstützungsumgebung; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2004-08-04 12032]
R2 atksgt;atksgt; C:\WINDOWS\system32\DRIVERS\atksgt.sys [2007-03-09 271360]
R2 avgntflt;avgntflt; C:\WINDOWS\system32\DRIVERS\avgntflt.sys [2009-11-25 56816]
R2 BrPar;BrPar; C:\WINDOWS\System32\drivers\BrPar.sys [2000-07-24 19537]
R2 lirsgt;lirsgt; C:\WINDOWS\system32\DRIVERS\lirsgt.sys [2006-06-10 18048]
R3 Afc;PPdus ASPI Shell; C:\WINDOWS\system32\drivers\Afc.sys [2005-02-23 11776]
R3 Arp1394;1394-ARP-Clientprotokoll; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-13 60800]
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2009-02-04 3488768]
R3 AtiHdmiService;ATI Function Driver for HDMI Service; C:\WINDOWS\system32\drivers\AtiHdmi.sys [2008-10-31 93184]
R3 AVerA700;A700 service; C:\WINDOWS\system32\DRIVERS\AVerBDA3x.sys [2006-05-05 985472]
R3 BthEnum;Bluetooth-Auflistungsdienst; C:\WINDOWS\system32\DRIVERS\BthEnum.sys [2008-04-13 17024]
R3 BTHMODEM;Bluetooth-Modemkommunikationstreiber; C:\WINDOWS\system32\DRIVERS\bthmodem.sys [2008-04-13 37888]
R3 BthPan;Bluetooth-Gerät (PAN); C:\WINDOWS\system32\DRIVERS\bthpan.sys [2008-04-13 101120]
R3 BTHUSB;USB-Treiber für Bluetooth-Funkgerät; C:\WINDOWS\System32\Drivers\BTHUSB.sys [2008-04-13 18944]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys [2009-05-19 26600]
R3 HDAudBus;Microsoft UAA-Bustreiber für High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 HidBth;Microsoft Bluetooth-HID-Miniport; C:\WINDOWS\system32\DRIVERS\hidbth.sys [2008-04-14 25856]
R3 hidusb;Microsoft HID Class-Treiber; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 IDSxpx86;IDSxpx86; \??\C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\Definitions\IPSDefs\20100906.001\IDSxpx86.sys []
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2005-07-01 3134976]
R3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\WINDOWS\system32\drivers\mbamswissarmy.sys []
R3 mouhid;Maus-HID-Treiber; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-18 12288]
R3 NAVENG;NAVENG; \??\C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\Definitions\VirusDefs\20100906.024\NAVENG.SYS []
R3 NAVEX15;NAVEX15; \??\C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\Definitions\VirusDefs\20100906.024\NAVEX15.SYS []
R3 NIC1394;1394-Netzwerktreiber; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-13 61824]
R3 NTIDrvr;Upper Class Filter Driver; C:\WINDOWS\system32\DRIVERS\NTIDrvr.sys [2005-10-22 6144]
R3 NuidFltr;NUID filter driver; C:\WINDOWS\system32\DRIVERS\NuidFltr.sys [2009-05-09 14736]
R3 pfc;Padus ASPI Shell; C:\WINDOWS\system32\drivers\pfc.sys [2003-09-19 21248]
R3 Point32;Microsoft IntelliPoint Filter Driver; C:\WINDOWS\system32\DRIVERS\point32.sys [2008-12-04 27784]
R3 RFCOMM;Bluetooth-Gerät (RFCOMM-Protokoll-TDI); C:\WINDOWS\system32\DRIVERS\rfcomm.sys [2008-04-13 59136]
R3 SaiMini;SaiMini; C:\WINDOWS\system32\DRIVERS\SaiMini.sys [2004-01-28 15232]
R3 SaiNtBus;SaiNtBus; C:\WINDOWS\system32\drivers\SaiNtBus.sys [2004-01-28 26624]
R3 sftfs;sftfs; \??\C:\Programme\Microsoft Application Virtualization Client\drivers\sftfsXP.sys []
R3 sftplay;sftplay; \??\C:\Programme\Microsoft Application Virtualization Client\drivers\sftplayXP.sys []
R3 Sftredir;Sftredir; C:\WINDOWS\system32\DRIVERS\Sftredirxp.sys [2009-09-23 21864]
R3 sftvol;sftvol; \??\C:\Programme\Microsoft Application Virtualization Client\drivers\sftvolXP.sys []
R3 SRTSP;Symantec Real Time Storage Protection; C:\WINDOWS\system32\drivers\N360\0400000.07F\SRTSP.SYS [2009-12-03 325168]
R3 SymEvent;SymEvent; \??\C:\WINDOWS\system32\Drivers\SYMEVENT.SYS []
R3 SYMTDI;Symantec Network Dispatch Driver; C:\WINDOWS\system32\drivers\N360\0400000.07F\SYMTDI.SYS [2009-11-22 362032]
R3 Wdf01000;Wdf01000; C:\WINDOWS\system32\DRIVERS\Wdf01000.sys [2009-07-14 444136]
R3 yukonwxp;NDIS5.1 Miniport Driver for Marvell Yukon Ethernet Controller; C:\WINDOWS\system32\DRIVERS\yk51x86.sys [2005-07-01 230272]
S0 gagp30kx;Microsoft Allgemeiner AGPv3.0-Filter für K8-Prozessorplattformen; C:\WINDOWS\system32\DRIVERS\gagp30kx.sys [2008-04-13 46464]
S0 viaagp1;VIA AGP Filter; C:\WINDOWS\system32\DRIVERS\viaagp1.sys [2003-07-02 27904]
S2 int15.sys;int15.sys; \??\C:\Programme\Acer\eRecovery\int15.sys []
S3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [2005-06-08 2319680]
S3 BTHPORT;Bluetooth-Porttreiber; C:\WINDOWS\System32\Drivers\BTHport.sys [2008-06-14 273024]
S3 CCDECODE;Untertiteldecoder; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 DMSKSSRh;DMSKSSRh; \??\C:\DOKUME~1\Ich\LOKALE~1\Temp\DMSKSSRh.sys []
S3 ENTECH;ENTECH; \??\C:\WINDOWS\system32\DRIVERS\ENTECH.sys []
S3 EraserUtilDrv11010;EraserUtilDrv11010; \??\C:\Programme\Gemeinsame Dateien\Symantec Shared\EENGINE\EraserUtilDrv11010.sys []
S3 HdAudAddService;Microsoft UAA Function Driver for High Definition Audio Service; C:\WINDOWS\system32\drivers\HdAudio.sys [2005-01-07 145920]
S3 MIINPazX;MIINPazX NDIS Protocol Driver; \??\C:\PROGRA~1\GEMEIN~1\MARMIK~1\MInfraIS\MIINPazX.SYS []
S3 MPE;BDA MPE-Filter; C:\WINDOWS\system32\DRIVERS\MPE.sys [2008-04-13 15232]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink-Konvertierung; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 MTOnlPktAlyX;MTOnlPktAlyX NDIS Protocol Driver; \??\D:\PROGRA~1\T-Online\T-ONLI~1\BASIS-~1\Basis1\MTOnlPktAlyX.SYS []
S3 NABTSFEC;NABTS/FEC VBI-Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Microsoft TV-/Videoverbindung; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 nm;Netzwerkmonitortreiber; C:\WINDOWS\system32\DRIVERS\NMnt.sys [2008-04-13 40320]
S3 nmwcd;Nokia USB Phone Parent; C:\WINDOWS\system32\drivers\ccdcmb.sys [2010-02-26 18176]
S3 ovt530;TM507A USB Camera; C:\WINDOWS\System32\Drivers\ov530vid.sys [2005-03-15 161792]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816]
S3 RTL8023xp;Realtek 10/100/1000 NIC Family all in one NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtlnicxp.sys [2005-03-04 74496]
S3 rtl8139;NT-Treiber für Realtek RTL8139(A/B/C)-basierten PCI-Fast Ethernet-Adapter; C:\WINDOWS\system32\DRIVERS\RTL8139.SYS [2004-08-03 20992]
S3 SaiH0464;SaiH0464; C:\WINDOWS\system32\DRIVERS\SaiH0464.sys [2004-01-30 55808]
S3 SANDRA;SANDRA; \??\D:\Programme\SiSoftware\SiSoftware Sandra Lite 2009.SP3c\WNt500x86\Sandra.sys []
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 ssmdrv;ssmdrv; C:\WINDOWS\system32\DRIVERS\ssmdrv.sys [2009-05-11 28520]
S3 streamip;BDA-IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 ultradfg;ultradfg; C:\WINDOWS\System32\DRIVERS\ultradfg.sys []
S3 upperdev;upperdev; C:\WINDOWS\system32\DRIVERS\usbser_lowerflt.sys []
S3 USBAAPL;Apple Mobile USB Driver; C:\WINDOWS\System32\Drivers\usbaapl.sys [2009-08-28 40448]
S3 usbaudio;USB-Audiotreiber (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2008-04-13 60032]
S3 usbccgp;Microsoft Standard-USB-Haupttreiber; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2004-08-04 31616]
S3 usbprint;Microsoft USB-Druckerklasse; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 usbscan;USB-Scannertreiber; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 USBSTOR;USB-Massenspeichertreiber; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 usbuhci;Miniporttreiber für universellen Microsoft USB-Hostcontroller; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
S3 usbvideo;USB-Videogerät (WDM); C:\WINDOWS\System32\Drivers\usbvideo.sys [2008-04-13 121984]
S3 WpdUsb;WpdUsb; C:\WINDOWS\System32\Drivers\wpdusb.sys [2006-10-18 38528]
S3 WSTCODEC;World Standard Teletext-Codec; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2009-07-13 132224]
S4 mchInjDrv;mchInjDrv; \??\C:\WINDOWS\TEMP\mc21.tmp []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AntiVirSchedulerService;Avira AntiVir Planer; C:\Programme\Avira\AntiVir Desktop\sched.exe [2009-05-13 108289]
R2 AntiVirService;Avira AntiVir Guard; C:\Programme\Avira\AntiVir Desktop\avguard.exe [2009-07-21 185089]
R2 Apple Mobile Device;Apple Mobile Device; C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2009-08-28 144672]
R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2009-02-04 602112]
R2 Bonjour Service;Bonjour-Dienst; C:\Programme\Bonjour\mDNSResponder.exe [2008-12-12 238888]
R2 BthServ;Bluetooth Support Service; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R2 cvhsvc;Client Virtualization Handler; C:\Programme\Gemeinsame Dateien\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2009-09-26 819600]
R2 JavaQuickStarterService;Java Quick Starter; C:\Programme\Java\jre6\bin\jqs.exe [2010-07-17 153376]
R2 LexBceS;LexBce Server; C:\WINDOWS\system32\LEXBCES.EXE [2002-02-14 299008]
R2 N360;Norton 360; C:\Programme\Norton 360\Engine\4.2.0.12\ccSvcHst.exe [2010-02-26 126392]
R2 sftlist;Application Virtualization Client; C:\Programme\Microsoft Application Virtualization Client\sftlist.exe [2009-09-23 447832]
R2 TUWinStylerThemeSvc;TuneUp WinStyler Theme Service; C:\Programme\TuneUp WinStyler\WinStylerThemeSvc.exe [2004-05-04 117760]
R2 UserAccess7;SecuROM User Access Service (V7); C:\WINDOWS\system32\UAService7.exe [2006-03-11 221184]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R3 sftvsa;Application Virtualization Service Agent; C:\Programme\Microsoft Application Virtualization Client\sftvsa.exe [2009-09-23 203608]
S2 ATI Smart;ATI Smart; C:\WINDOWS\system32\ati2sgag.exe [2009-02-03 593920]
S2 Fax;Fax; C:\WINDOWS\system32\fxssvc.exe [2008-04-14 268800]
S2 ICQ Service;ICQ Service; C:\Programme\ICQ6Toolbar\ICQ Service.exe [2010-01-03 246520]
S3 aspnet_state;ASP.NET-Zustandsdienst; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 gusvc;Google Updater Service; C:\Programme\Google\Common\Google Updater\GoogleUpdaterService.exe [2007-02-02 138168]
S3 IDriverT;InstallDriver Table Manager; C:\Programme\Gemeinsame Dateien\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 ose;Office  Source Engine; C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE [2009-09-26 149336]
S3 osppsvc;Office Software Protection Platform; C:\Programme\Gemeinsame Dateien\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2009-09-26 4639136]
S3 SandraAgentSrv;SiSoftware Deployment Agent Service; D:\Programme\SiSoftware\SiSoftware Sandra Lite 2009.SP3c\RpcAgentSrv.exe [2009-05-17 98488]
S3 ServiceLayer;ServiceLayer; C:\Programme\PC Connectivity Solution\ServiceLayer.exe [2010-06-14 615936]
S3 usnjsvc;Messenger USN Journal Reader-Service für freigegebene Ordner; C:\Programme\MSN Messenger\usnsvc.exe [2007-01-19 97136]
S3 WMPNetworkSvc;Windows Media Player-Netzwerkfreigabedienst; C:\Programme\Windows Media Player\WMPNetwk.exe [2006-11-03 920576]
S4 NetTcpPortSharing;Net.Tcp-Portfreigabedienst; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------

--- --- ---

john.doe · 07.09.2010, 20:26

Zitat:

D:\Programme\WideStep Software\Free Quick Keylogger

Freiwillig installiert? Du weißt, was ein Keylogger macht?

ciao, andreas

.Anti. · 07.09.2010, 20:38

Ja ich weiß, was ein Keylogger ist und nein, nicht freiwillig installiert... bin ja nicht blöd

Ist der noch drauf, oder bereits gelöscht?

john.doe · 07.09.2010, 20:54

Er befindet sich noch in deiner Softwareliste.

Zitat:

"Free Quick Keylogger" = Free Quick Keylogger

Und die Starteinträge sind auch noch zu sehen.

Zitat:

O4 - HKLM..\Run: [Free Quick Keylogger] D:\Programme\WideStep Software\Free Quick Keylogger\qpanel.exe

Ich habe mir gerade die Beschreibung für den Keylogger durchgelesen.

a) Alle deine Tasteneingaben wurden protokolliert. Damit sind auch alle deine Kennwörter bekannt.
b) Alle eingehenden und ausgehenden Emails, sowie Instant Messenger wurden protokolliert.
c) Alle User, die an dem Rechner gearbeitet haben, wurden überwacht.

Möchtest du überhaupt noch weitermachen oder wählst du lieber den schnelleren Weg => http://www.trojaner-board.de/51262-a...sicherung.html

ciao, andreas

.Anti. · 07.09.2010, 21:02

Also im Arbeitsplatz finde ich den nicht mehr.
Norton 360 hat den glaube ich auch gelöscht, hier der Bericht:

Zitat:

Scanstatistik:
Scanzeit: 6805 Sekunden
Scanoptionen:
Scanziele: C:\, D:\, E:\
Zähler:
Gescannte Elemente insgesamt: 668.806
– Dateien und Laufwerke: 658.901
– Registrierungseinträge: 597
– Prozesse und Elemente beim Start: 4.731
– Netzwerk und Browser-Elemente: 4.570
– Sonstiges: 5
– Vertrauenswürdige Dateien: 0
– Übersprungene Dateien: 24

Erkannte Sicherheitsrisiken insgesamt: 2
Behobene Elemente insgesamt: 2
Elemente insgesamt, die Aufmerksamkeit erfordern: 0

Behobene Bedrohungen:
Spyware.QuickKeylogger
Typ: Anomalie
Risiko: Hoch (Hoch Verbergen, Hoch Entfernen, Gering Leistung, Hoch Datenschutz)
Kategorien: Spyware
Status: Vollständig behoben
-----------
3 Registrierungseinträge
HKEY_LOCAL_MACHINE\SOFTWARE\Free Quick Keylogger - Gelöscht
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Free Quick Keylogger - Gelöscht
HKEY_USERS\S-1-5-21-3598312876-1066895871-4027723870-1007\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\Free Quick Keylogger - Gelöscht

Suspicious.Lop.2
Typ: Anomalie
Risiko: Hoch (Hoch Verbergen, Hoch Entfernen, Hoch Leistung, Hoch Datenschutz)
Kategorien: Heuristikvirus
Status: Vollständig behoben
-----------
1 Datei
d:\programme\lucasarts\star wars battlefront ii pc server\swbf2sm.exe - Gelöscht
1 Browser-Cache

Nicht behobene Bedrohungen:
Keine nicht behobenen Risiken

Skype Virus: "is this your pic h**p://anitapunja.net/photo_id.php"

Plagegeister aller Art und deren Bekämpfung: Skype Virus: "is this your pic h**p://anitapunja.net/photo_id.php"