| |  Erst TAN-Trojaner, nun funktioniert Windows Update nicht mehr
 Hallo miteinander,
ich hatte vor ein paar Tagen plötzlich TAN-Abfragen nach dem Einloggen ins Onlinebanking (Postbank und Fiducia-System von Raiffeisenbanken) vor mir. Dort sollte ich jeweils gleich 40 bzw. 20 TANs eingeben. Außerdem war Firefox ungewöhnlich langsam beim Starten, Bedienen und beim Öffnen von Seiten ...
Ich habe danach direkt volle Scans mit Spybot S+D, MS Security Essentials (mein Standard-Virenprogramm) und Malwarebytes durchgeführt. Spybot und Malwarebytes haben ein paar Probleme gefunden (4-5), die behoben werden konnten. Leider kann ich mich nicht mehr genau entsinnen, was es für Trojaner waren. (Auf Anfrage kann ich aber mal nach den Logs gucken, wenn das interessant sein sollte.)
Danach hatte ich keine Probleme mehr. Firefox war wieder auf normaler Geschwindigkeit und die TAN-Abfragen kamen nicht mehr vor.
Nun habe ich allerdings das Problem, dass sich keine Windows Updates mehr installieren lassen. Sowohl per Windows Update als auch bei manueller Installation der einzelnen Hotfixes schlagen diese mit Code 800736B3 fehl. Ich habe bereits einige Dinge versucht: - Systemupdate-Vorbereitungstool für Windows 7 x64 erfolgreich installiert: hxxp://support.microsoft.com/kb/947821
- volle MSRT-Scans gemacht wie hier beschrieben: hxxp://www.vistaheads.com/forums/microsoft-public-windowsupdate/342498-error-code-800736b3.html#post1195635
Leider ohne Erfolg, ich bekomme immernoch den Fehlercode 800736B3 beim Installieren. Deshalb vermute ich nun, dass dies mit Schadsoftware zusammenhängen könnte.
Also dann mal los:
Malwarebytes: Zitat:
Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org
Datenbank Version: 4655
Windows 6.1.7600
Internet Explorer 8.0.7600.16385
20.09.2010 10:45:48
mbam-log-2010-09-20 (10-45-48).txt
Art des Suchlaufs: Quick-Scan
Durchsuchte Objekte: 141564
Laufzeit: 4 Minute(n), 5 Sekunde(n)
Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 0
Infizierte Registrierungswerte: 0
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 0
Infizierte Dateien: 0
Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)
Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)
Infizierte Registrierungsschlüssel:
(Keine bösartigen Objekte gefunden)
Infizierte Registrierungswerte:
(Keine bösartigen Objekte gefunden)
Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)
Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)
Infizierte Dateien:
(Keine bösartigen Objekte gefunden)
| OTL: Zitat:
vigOTL logfile created on: 20.09.2010 10:47:31 - Run 2
OTL by OldTimer - Version 3.2.14.0 Folder = C:\Users\***\Desktop
64bit- An unknown product (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
4,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 41,00% Memory free
8,00 Gb Paging File | 5,00 Gb Available in Paging File | 65,00% Paging File free
Paging file location(s): d:\pagefile.sys 0 0 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 48,73 Gb Total Space | 14,46 Gb Free Space | 29,68% Space Free | Partition Type: NTFS
Drive D: | 50,01 Gb Total Space | 37,48 Gb Free Space | 74,95% Space Free | Partition Type: NTFS
Drive E: | 50,01 Gb Total Space | 33,99 Gb Free Space | 67,95% Space Free | Partition Type: NTFS
Drive F: | 100,01 Gb Total Space | 40,83 Gb Free Space | 40,83% Space Free | Partition Type: NTFS
Drive G: | 100,01 Gb Total Space | 47,18 Gb Free Space | 47,18% Space Free | Partition Type: NTFS
Drive H: | 50,01 Gb Total Space | 16,07 Gb Free Space | 32,14% Space Free | Partition Type: NTFS
Drive I: | 400,00 Gb Total Space | 283,65 Gb Free Space | 70,91% Space Free | Partition Type: NTFS
Drive J: | 132,63 Gb Total Space | 64,12 Gb Free Space | 48,35% Space Free | Partition Type: NTFS
Computer Name: ***
Current User Name: ***
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Include 64bit Scans
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal
========== Processes (SafeList) ==========
PRC - C:\Users\***\Desktop\OTL.exe (OldTimer Tools)
PRC - D:\Mozilla Thunderbird\thunderbird.exe (Mozilla Messaging)
PRC - D:\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - D:\HijackThis\HijackThis.exe (Trend Micro Inc.)
PRC - D:\Songbird\songbird.exe (POTI, Inc.)
PRC - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.)
PRC - D:\Secunia\PSI\psi.exe (Secunia)
PRC - D:\OpenOffice.org 3\program\scalc.exe (OpenOffice.org)
PRC - D:\OpenOffice.org 3\program\soffice.bin (OpenOffice.org)
PRC - D:\OpenOffice.org 3\program\soffice.exe (OpenOffice.org)
PRC - C:\Program Files (x86)\Google\Update\1.2.183.23\GoogleCrashHandler.exe (Google Inc.)
PRC - D:\PCTV Systems\TVCenter\TVCenter.exe (PCTV Systems S.à r.l.)
PRC - C:\Program Files (x86)\Common Files\PCTV Systems\PVR\VideoControl.exe (PCTV Systems S.à r.l.)
PRC - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Common Files\PCTV Systems\RemoTerm\remoterm.exe (PCTV Systems S.à r.l.)
PRC - D:\Notepad++\notepad++.exe (Don HO don.h@free.fr)
PRC - D:\stickies\stickies.exe (Zhorn Software)
PRC - C:\Program Files (x86)\Extensis\Suitcase Fusion 2\FMCore.exe (Extensis a division of Celartem, Inc.)
PRC - D:\Razer\Diamondback\Razer\Diamondback\razerhid.exe ()
PRC - D:\Lavalys\EVEREST Ultimate Edition\everest.exe (Lavalys, Inc.)
PRC - C:\Program Files (x86)\GIGABYTE\EnergySaver2\des2svr.exe ()
PRC - C:\Windows\SysWOW64\Ctxfihlp.exe (Creative Technology Ltd)
PRC - C:\Windows\SysWOW64\CTxfispi.exe (Creative Technology Ltd)
PRC - D:\WinSplit Revolution\WinSplit.exe ()
PRC - C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe (Creative Technology Ltd)
PRC - D:\Spybot - Search & Destroy\SDWinSec.exe (Safer Networking Ltd.)
PRC - D:\Akademische Arbeitsgemeinschaft\AAVUpdateManager\aavus.exe ()
PRC - D:\Creative\Volume Panel\VolPanlu.exe (Creative Technology Ltd)
PRC - D:\Launchy\Launchy.exe ()
PRC - D:\Razer\Diamondback\Razer\Diamondback\razerofa.exe (Razer Inc.)
PRC - D:\Razer\Diamondback\Razer\Diamondback\razertra.exe ()
========== Modules (SafeList) ==========
MOD - C:\Users\***\Desktop\OTL.exe (OldTimer Tools)
MOD - C:\Program Files (x86)\Common Files\PCTV Systems\RemoTerm\HidInputFilter.dll ()
MOD - C:\Windows\SysWOW64\msscript.ocx (Microsoft Corporation)
MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc\comctl32.dll (Microsoft Corporation)
MOD - C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.4926_none_508ed732bcbc0e5a\msvcr90.dll (Microsoft Corporation)
MOD - C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.4926_none_508ed732bcbc0e5a\msvcp90.dll (Microsoft Corporation)
MOD - D:\WinSplit Revolution\winsplithook.dll ()
========== Win32 Services (SafeList) ==========
SRV:64bit: - (MSCamSvc) -- C:\Program Files\Microsoft LifeCam\MSCamS64.exe (Microsoft Corporation)
SRV:64bit: - (MsMpSvc) -- C:\Program Files\Microsoft Security Essentials\MsMpEng.exe (Microsoft Corporation)
SRV:64bit: - (AMD External Events Utility) -- C:\Windows\SysNative\atiesrxx.exe (AMD)
SRV:64bit: - (UmRdpService) -- C:\Windows\SysNative\umrdp.dll (Microsoft Corporation)
SRV:64bit: - (StorSvc) -- C:\Windows\SysNative\StorSvc.dll (Microsoft Corporation)
SRV:64bit: - (PeerDistSvc) -- C:\Windows\SysNative\PeerDistSvc.dll (Microsoft Corporation)
SRV:64bit: - (CscService) -- C:\Windows\SysNative\cscsvc.dll (Microsoft Corporation)
SRV:64bit: - (AppMgmt) -- C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
SRV - (Apple Mobile Device) -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.)
SRV - (FLEXnet Licensing Service) -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Macrovision Europe Ltd.)
SRV - (clr_optimization_v4.0.30319_64) -- C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (IAStorDataMgrSvc) Intel(R) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation)
SRV - (Creative ALchemy AL6 Licensing Service) -- C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe (Creative Labs)
SRV - (Creative Audio Engine Licensing Service) -- C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe (Creative Labs)
SRV - (Steam Client Service) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve Corporation)
SRV - (DES2 Service) -- C:\Program Files (x86)\GIGABYTE\EnergySaver2\des2svr.exe ()
SRV - (CTAudSvcService) -- C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe (Creative Technology Ltd)
SRV - (SBSDWSCService) -- D:\Spybot - Search & Destroy\SDWinSec.exe (Safer Networking Ltd.)
SRV - (AAV UpdateService) -- D:\Akademische Arbeitsgemeinschaft\AAVUpdateManager\aavus.exe ()
SRV - (AcronisOSSReinstallSvc) -- C:\Program Files (x86)\Common Files\Acronis\Acronis Disk Director\oss_reinstall_svc.exe ()
========== Driver Services (SafeList) ==========
DRV:64bit: - (sptd) -- C:\Windows\SysNative\drivers\sptd.sys ()
DRV:64bit: - (PSI) -- C:\Windows\SysNative\drivers\psi_mf.sys (Secunia)
DRV:64bit: - (MSHUSBVideo) -- C:\Windows\SysNative\drivers\nx6000.sys (Microsoft Corporation)
DRV:64bit: - (USBAAPL64) -- C:\Windows\SysNative\drivers\usbaapl64.sys (Apple, Inc.)
DRV:64bit: - (iaStor) -- C:\Windows\SysNative\drivers\iaStor.sys (Intel Corporation)
DRV:64bit: - (atikmdag) -- C:\Windows\SysNative\drivers\atikmdag.sys (ATI Technologies Inc.)
DRV:64bit: - (amdkmdag) -- C:\Windows\SysNative\drivers\atipmdag.sys (ATI Technologies Inc.)
DRV:64bit: - (amdkmdap) -- C:\Windows\SysNative\drivers\atikmpag.sys (Advanced Micro Devices, Inc.)
DRV:64bit: - (AtiHdmiService) -- C:\Windows\SysNative\drivers\AtiHdmi.sys (ATI Technologies, Inc.)
DRV:64bit: - (snapman) -- C:\Windows\SysNative\drivers\snapman.sys (Acronis)
DRV:64bit: - (tap0901) -- C:\Windows\SysNative\drivers\tap0901.sys (The OpenVPN Project)
DRV:64bit: - (azvusb) -- C:\Windows\SysNative\drivers\azvusb.sys (AzureWave Technologies, Inc.)
DRV:64bit: - (RTL8167) -- C:\Windows\SysNative\drivers\Rt64win7.sys (Realtek )
DRV:64bit: - (RtNdPt60) -- C:\Windows\SysNative\drivers\RtNdPt60.sys (Realtek )
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (vmbus) -- C:\Windows\SysNative\drivers\vmbus.sys (Microsoft Corporation)
DRV:64bit: - (storflt) -- C:\Windows\SysNative\drivers\vmstorfl.sys (Microsoft Corporation)
DRV:64bit: - (storvsc) -- C:\Windows\SysNative\drivers\storvsc.sys (Microsoft Corporation)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (s3cap) -- C:\Windows\SysNative\drivers\vms3cap.sys (Microsoft Corporation)
DRV:64bit: - (VMBusHID) -- C:\Windows\SysNative\drivers\VMBusHID.sys (Microsoft Corporation)
DRV:64bit: - (CSC) -- C:\Windows\SysNative\drivers\csc.sys (Microsoft Corporation)
DRV:64bit: - (Ntfs) -- C:\Windows\SysNative\wbem\ntfs.mof ()
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV:64bit: - (ha20x2k) -- C:\Windows\SysNative\drivers\ha20x2k.sys (Creative Technology Ltd)
DRV:64bit: - (emupia) -- C:\Windows\SysNative\drivers\emupia2k.sys (Creative Technology Ltd)
DRV:64bit: - (ctsfm2k) -- C:\Windows\SysNative\drivers\ctsfm2k.sys (Creative Technology Ltd)
DRV:64bit: - (ctprxy2k) -- C:\Windows\SysNative\drivers\ctprxy2k.sys (Creative Technology Ltd)
DRV:64bit: - (ossrv) -- C:\Windows\SysNative\drivers\ctoss2k.sys (Creative Technology Ltd.)
DRV:64bit: - (ctaud2k) Creative Audio Driver (WDM) -- C:\Windows\SysNative\drivers\ctaud2k.sys (Creative Technology Ltd)
DRV:64bit: - (ctac32k) -- C:\Windows\SysNative\drivers\ctac32k.sys (Creative Technology Ltd)
DRV:64bit: - (CTEXFIFX.SYS) -- C:\Windows\SysNative\drivers\CTEXFIFX.sys (Creative Technology Ltd.)
DRV:64bit: - (CTEXFIFX) -- C:\Windows\SysNative\drivers\CTEXFIFX.sys (Creative Technology Ltd.)
DRV:64bit: - (CTHWIUT.SYS) -- C:\Windows\SysNative\drivers\CTHWIUT.sys (Creative Technology Ltd.)
DRV:64bit: - (CTHWIUT) -- C:\Windows\SysNative\drivers\CTHWIUT.sys (Creative Technology Ltd.)
DRV:64bit: - (CT20XUT.SYS) -- C:\Windows\SysNative\drivers\CT20XUT.sys (Creative Technology Ltd.)
DRV:64bit: - (CT20XUT) -- C:\Windows\SysNative\drivers\CT20XUT.sys (Creative Technology Ltd.)
DRV:64bit: - (GEARAspiWDM) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys (GEAR Software Inc.)
DRV:64bit: - (TEAM) Realtek Virtual Miniport Driver for Teaming (NDIS 6.0) -- C:\Windows\SysNative\drivers\RtTeam60.sys (Realtek Corporation)
DRV:64bit: - (RTTEAMPT) Realtek Teaming Protocol Driver (NDIS 6.0) -- C:\Windows\SysNative\drivers\RtTeam60.sys (Realtek Corporation)
DRV:64bit: - (mod7700) -- C:\Windows\SysNative\drivers\mod7700.sys (DiBcom SA)
DRV:64bit: - (VLAN) Realtek Virtual Miniport Driver for VLAN (NDIS 6.2) -- C:\Windows\SysNative\drivers\RtVlan60.sys (Windows (R) Codename Longhorn DDK provider)
DRV:64bit: - (RTVLANPT) Realtek Vlan Protocol Driver (NDIS 6.2) -- C:\Windows\SysNative\drivers\RtVlan60.sys (Windows (R) Codename Longhorn DDK provider)
DRV:64bit: - (MODRC) -- C:\Windows\SysNative\drivers\modrc.sys (DiBcom S.A.)
DRV:64bit: - (Razerlow) -- C:\Windows\SysNative\drivers\Razerlow.sys (Razer (Asia-Pacific) Pte Ltd)
DRV - (gdrv) -- C:\Windows\gdrv.sys (Windows (R) Server 2003 DDK provider)
DRV - (GEARAspiWDM) -- C:\Windows\SysWOW64\drivers\GEARAspiWDM.sys (GEAR Software Inc.)
DRV - (EverestDriver) -- D:\Lavalys\EVEREST Ultimate Edition\kerneld.amd64 ()
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 8D 7C 94 F1 3C C5 CA 01 [binary data]
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "hxxp://www.rememberthemilk.com/home/***/"
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.2.2
FF - prefs.js..extensions.enabledItems: {ba243cb0-b824-4a26-9418-73ee795d9b9d}:1.0.3
FF - prefs.js..extensions.enabledItems: brief@mozdev.org:1.2.5
FF - prefs.js..extensions.enabledItems: inspector@mozilla.org:2.0.8
FF - prefs.js..extensions.enabledItems: {DDC359D1-844A-42a7-9AA1-88A850A938A8}:1.1.10
FF - prefs.js..extensions.enabledItems: twitternotifier@naan.net:1.9.6.7
FF - prefs.js..extensions.enabledItems: firebug@software.joehewitt.com:1.5.4
FF - prefs.js..extensions.enabledItems: {258735dc-6743-4805-95fc-f95941fffdad}:1.3.6
FF - prefs.js..extensions.enabledItems: {0538E3E3-7E9B-4d49-8831-A227C80A7AD3}:2.0.1
FF - prefs.js..extensions.enabledItems: {000a9d1c-beef-4f90-9363-039d445309b8}:0.5.36.0
FF - prefs.js..extensions.enabledItems: {8f8fe09b-0bd3-4470-bc1b-8cad42b8203a}:0.16
FF - prefs.js..extensions.enabledItems: {35106bca-6c78-48c7-ac28-56df30b51d2c}:0.6.4
FF - prefs.js..extensions.enabledItems: personas@christopher.beard:1.6.1
FF - prefs.js..extensions.enabledItems: isreaditlater@ideashower.com:2.0.6
FF - prefs.js..extensions.enabledItems: {02450954-cdd9-410f-b1da-db804e18c671}:0.96.3
FF - prefs.js..extensions.enabledItems: {d57c9ff1-6389-48fc-b770-f78bd89b6e8a}:1.33
FF - prefs.js..extensions.enabledItems: {dc572301-7619-498c-a57d-39143191b318}:0.3.8.4
FF - prefs.js..extensions.enabledItems: testpilot@labs.mozilla.com:1.0.1
FF - prefs.js..extensions.enabledItems: {c45c406e-ab73-11d8-be73-000a95be3b12}:1.1.8
FF - prefs.js..extensions.enabledItems: {8ea9957e-2953-402f-80e0-bceb5f169d6f}:0.5.3
FF - prefs.js..extensions.enabledItems: {b749fc7c-e949-447f-926c-3f4eed6accfe}:0.6.6
FF - prefs.js..extensions.enabledItems: {e968fc70-8f95-4ab9-9e79-304de2a71ee1}:0.7.2
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - HKLM\software\mozilla\Firefox\Extensions\\{000a9d1c-beef-4f90-9363-039d445309b8}: C:\Program Files (x86)\Google\Google Gears\Firefox\ [2010.03.09 23:42:20 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.10\extensions\\Components: D:\Mozilla Firefox\components [2010.09.17 20:45:34 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.10\extensions\\Plugins: D:\Mozilla Firefox\plugins [2010.09.17 20:45:34 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Thunderbird 3.1.4\extensions\\Components: D:\Mozilla Thunderbird\components [2010.09.18 15:39:18 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Thunderbird 3.1.4\extensions\\Plugins: D:\Mozilla Thunderbird\plugins
[2010.01.04 23:21:56 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\mozilla\Extensions
[2010.01.04 23:21:56 | 000,000,000 | ---D | M] (No name found) -- C:\Users\***\AppData\Roaming\mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}
[2008.12.02 21:56:55 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\mozilla\Extensions\songbird@songbirdnest.com
[2010.09.19 18:43:19 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\w79kmjb7.default\extensions
[2010.03.27 21:03:56 | 000,000,000 | ---D | M] (Screengrab) -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\w79kmjb7.default\extensions\{02450954-cdd9-410f-b1da-db804e18c671}
[2010.09.13 21:36:36 | 000,000,000 | ---D | M] (Forecastfox Weather) -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\w79kmjb7.default\extensions\{0538E3E3-7E9B-4d49-8831-A227C80A7AD3}
[2009.12.07 23:44:08 | 000,000,000 | ---D | M] (MultiSidebar) -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\w79kmjb7.default\extensions\{1c70e98e-bd0d-11db-8314-0800200c9a66}
[2010.03.10 23:34:55 | 000,000,000 | ---D | M] (Flash Game Maximizer) -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\w79kmjb7.default\extensions\{258735dc-6743-4805-95fc-f95941fffdad}
[2010.09.15 19:52:55 | 000,000,000 | ---D | M] (SeoQuake) -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\w79kmjb7.default\extensions\{317B5128-0B0B-49b2-B2DB-1E7560E16C74}
[2009.12.07 23:44:13 | 000,000,000 | ---D | M] (Organize Status Bar) -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\w79kmjb7.default\extensions\{35106bca-6c78-48c7-ac28-56df30b51d2c}
[2010.01.28 20:51:10 | 000,000,000 | ---D | M] (Html Validator) -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\w79kmjb7.default\extensions\{3b56bcc7-54e5-44a2-9b44-66c3ef58c13e}
[2010.03.17 16:57:41 | 000,000,000 | ---D | M] (Flashblock) -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\w79kmjb7.default\extensions\{3d7eb24f-2740-49df-8937-200b1cc08f8a}
[2010.04.06 18:53:33 | 000,000,000 | ---D | M] (Vyprázdnit vyrovnávacÃ* paměť) -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\w79kmjb7.default\extensions\{563e4790-7e70-11da-a72b-0800200c9a66}
[2010.06.28 22:16:05 | 000,000,000 | ---D | M] (XHTML Mobile Profile) -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\w79kmjb7.default\extensions\{8ea9957e-2953-402f-80e0-bceb5f169d6f}
[2010.02.11 23:02:40 | 000,000,000 | ---D | M] (Live HTTP Headers) -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\w79kmjb7.default\extensions\{8f8fe09b-0bd3-4470-bc1b-8cad42b8203a}
[2009.12.07 23:45:52 | 000,000,000 | ---D | M] (functions for keyconfig) -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\w79kmjb7.default\extensions\{9294da78-ac50-4658-a867-84b1275ed227}
[2010.06.28 22:16:05 | 000,000,000 | ---D | M] (Modify Headers) -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\w79kmjb7.default\extensions\{b749fc7c-e949-447f-926c-3f4eed6accfe}
[2010.03.04 19:35:48 | 000,000,000 | ---D | M] (Bookmark Duplicate Detector) -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\w79kmjb7.default\extensions\{ba243cb0-b824-4a26-9418-73ee795d9b9d}
[2009.12.07 23:45:57 | 000,000,000 | ---D | M] (Web Developer) -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\w79kmjb7.default\extensions\{c45c406e-ab73-11d8-be73-000a95be3b12}
[2010.06.29 14:30:13 | 000,000,000 | ---D | M] (Fast Video Download (with SearchMenu)) -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\w79kmjb7.default\extensions\{c50ca3c4-5656-43c2-a061-13e717f73fc8}
[2010.08.19 10:16:39 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\w79kmjb7.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2009.12.07 23:46:04 | 000,000,000 | ---D | M] (No name found) -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\w79kmjb7.default\extensions\{d57c9ff1-6389-48fc-b770-f78bd89b6e8a}
[2010.06.19 21:16:56 | 000,000,000 | ---D | M] (No name found) -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\w79kmjb7.default\extensions\{dc572301-7619-498c-a57d-39143191b318}
[2010.05.30 10:46:09 | 000,000,000 | ---D | M] (DownThemAll!) -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\w79kmjb7.default\extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}
[2010.06.19 21:16:59 | 000,000,000 | ---D | M] (Page Speed) -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\w79kmjb7.default\extensions\{e3f6c2cc-d8db-498c-af6c-499fb211db97}
[2010.06.28 22:16:05 | 000,000,000 | ---D | M] (User Agent Switcher) -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\w79kmjb7.default\extensions\{e968fc70-8f95-4ab9-9e79-304de2a71ee1}
[2009.12.07 23:46:45 | 000,000,000 | ---D | M] (IE View Lite) -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\w79kmjb7.default\extensions\{FDD8ECF0-451A-414D-8C8F-7B7F78B0ECD3}
[2009.12.20 17:16:04 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\w79kmjb7.default\extensions\brief@mozdev.org
[2010.01.12 17:16:36 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\w79kmjb7.default\extensions\fb_add_on@avm.de
[2010.05.19 20:50:28 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\w79kmjb7.default\extensions\firebug@software.joehewitt.com
[2009.12.07 23:42:20 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\w79kmjb7.default\extensions\firefox@tvunetworks.com
[2010.09.13 21:36:27 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\w79kmjb7.default\extensions\inspector@mozilla.org
[2010.04.07 10:46:58 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\w79kmjb7.default\extensions\isreaditlater@ideashower.com
[2009.12.07 23:42:36 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\w79kmjb7.default\extensions\keyconfig@dorando
[2009.12.15 19:15:10 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\w79kmjb7.default\extensions\pencil@evolus.vn
[2010.09.13 21:36:28 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\w79kmjb7.default\extensions\personas@christopher.beard
[2010.08.02 20:19:09 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\w79kmjb7.default\extensions\testpilot@labs.mozilla.com
[2010.09.13 21:36:30 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\w79kmjb7.default\extensions\twitternotifier@naan.net
[2010.03.04 19:35:48 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\w79kmjb7.default\extensions\yslow@yahoo-inc.com
[2010.09.13 21:40:45 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\w79kmjb7.default\extensions\zotero@chnm.gmu.edu
[2010.07.11 11:05:57 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\w79kmjb7.default\extensions\zoteroWinWordIntegration@zotero.org
[2010.07.19 20:43:33 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\w79kmjb7.default\ReadItLater\RIL_assets\bits.wikimedia.org\w\extensions
[2010.07.19 20:43:33 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\w79kmjb7.default\ReadItLater\RIL_assets\bits.wikimedia.org\w\extensions\UsabilityInitiative
[2010.07.19 20:43:33 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\w79kmjb7.default\ReadItLater\RIL_assets\de.wikipedia.org\w\extensions
[2010.07.19 20:43:33 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\w79kmjb7.default\ReadItLater\RIL_assets\de.wikipedia.org\w\extensions\FlaggedRevs
[2010.01.27 00:50:13 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\mozilla\Sunbird\Profiles\k92qvuhh.default\extensions
[2009.12.08 00:00:14 | 000,000,000 | ---D | M] (Gantt View) -- C:\Users\***\AppData\Roaming\mozilla\Sunbird\Profiles\k92qvuhh.default\extensions\{1510928E-A4FA-43C2-A9AF-99E521B90BC5}
[2009.12.08 00:00:15 | 000,000,000 | ---D | M] (MinimizeToTray) -- C:\Users\***\AppData\Roaming\mozilla\Sunbird\Profiles\k92qvuhh.default\extensions\{31513E58-F253-47ad-86DB-D5F21E905429}
[2009.12.08 00:00:15 | 000,000,000 | ---D | M] (Update Notifier) -- C:\Users\***\AppData\Roaming\mozilla\Sunbird\Profiles\k92qvuhh.default\extensions\{95f24680-9e31-11da-a746-0800200c9a66}
[2010.01.13 00:17:35 | 000,000,000 | ---D | M] (Provider for Google Calendar) -- C:\Users\***\AppData\Roaming\mozilla\Sunbird\Profiles\k92qvuhh.default\extensions\{a62ef8ec-5fdc-40c2-873c-223b8a6925cc}
[2009.12.08 00:00:17 | 000,000,000 | ---D | M] (No name found) -- C:\Users\***\AppData\Roaming\mozilla\Sunbird\Profiles\k92qvuhh.default\extensions\{A79E82DD-9CE6-87C7-0006-87D0FD2FCD42}
[2009.12.08 00:00:17 | 000,000,000 | ---D | M] (Minimize To Tray Enhancer) -- C:\Users\***\AppData\Roaming\mozilla\Sunbird\Profiles\k92qvuhh.default\extensions\{de1b245c-de57-11da-ba2d-0050c2490048}
[2010.09.06 11:43:25 | 000,001,693 | ---- | M] () -- C:\Users\***\AppData\Roaming\Mozilla\FireFox\Profiles\w79kmjb7.default\searchplugins\acmdl.xml
[2010.09.06 11:43:25 | 000,002,572 | ---- | M] () -- C:\Users\***\AppData\Roaming\Mozilla\FireFox\Profiles\w79kmjb7.default\searchplugins\amazon-de.xml
[2010.09.06 11:43:25 | 000,001,483 | ---- | M] () -- C:\Users\***\AppData\Roaming\Mozilla\FireFox\Profiles\w79kmjb7.default\searchplugins\apple-developer-connection.xml
[2010.09.06 11:43:25 | 000,004,647 | ---- | M] () -- C:\Users\***\AppData\Roaming\Mozilla\FireFox\Profiles\w79kmjb7.default\searchplugins\Chefkoch_de.xml
[2010.09.06 11:43:25 | 000,001,445 | ---- | M] () -- C:\Users\***\AppData\Roaming\Mozilla\FireFox\Profiles\w79kmjb7.default\searchplugins\dictcc-ende.xml
[2010.09.06 11:43:25 | 000,001,123 | ---- | M] () -- C:\Users\***\AppData\Roaming\Mozilla\FireFox\Profiles\w79kmjb7.default\searchplugins\dradio.xml
[2010.09.06 11:43:25 | 000,002,323 | ---- | M] () -- C:\Users\***\AppData\Roaming\Mozilla\FireFox\Profiles\w79kmjb7.default\searchplugins\drupalorg-via-google.xml
[2008.05.27 00:55:10 | 000,001,198 | ---- | M] () -- C:\Users\***\AppData\Roaming\Mozilla\FireFox\Profiles\w79kmjb7.default\searchplugins\ebay-de.xml
[2010.09.06 11:43:25 | 000,001,469 | ---- | M] () -- C:\Users\***\AppData\Roaming\Mozilla\FireFox\Profiles\w79kmjb7.default\searchplugins\fh-augsburg.xml
[2010.09.06 11:43:25 | 000,001,177 | ---- | M] () -- C:\Users\***\AppData\Roaming\Mozilla\FireFox\Profiles\w79kmjb7.default\searchplugins\geizhalsat-deutschland.xml
[2010.09.06 11:43:25 | 000,005,332 | ---- | M] () -- C:\Users\***\AppData\Roaming\Mozilla\FireFox\Profiles\w79kmjb7.default\searchplugins\hsa-hochschule-augsburg.xml
[2008.12.22 02:50:27 | 000,000,999 | ---- | M] () -- C:\Users\***\AppData\Roaming\Mozilla\FireFox\Profiles\w79kmjb7.default\searchplugins\IMDB_German.xml
[2010.09.06 11:43:25 | 000,001,973 | ---- | M] () -- C:\Users\***\AppData\Roaming\Mozilla\FireFox\Profiles\w79kmjb7.default\searchplugins\mycroft-project.xml
[2010.09.06 11:43:25 | 000,000,977 | ---- | M] () -- C:\Users\***\AppData\Roaming\Mozilla\FireFox\Profiles\w79kmjb7.default\searchplugins\php-manual.xml
[2010.09.06 11:43:25 | 000,002,259 | ---- | M] () -- C:\Users\***\AppData\Roaming\Mozilla\FireFox\Profiles\w79kmjb7.default\searchplugins\twitter---people.xml
[2010.09.06 11:43:25 | 000,002,246 | ---- | M] () -- C:\Users\***\AppData\Roaming\Mozilla\FireFox\Profiles\w79kmjb7.default\searchplugins\twitter-search.xml
[2010.09.06 11:43:25 | 000,001,238 | ---- | M] () -- C:\Users\***\AppData\Roaming\Mozilla\FireFox\Profiles\w79kmjb7.default\searchplugins\wikipedia-english.xml
O1 HOSTS File: ([2010.09.15 15:44:43 | 000,419,653 | R--- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 www.008k.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 www.00hq.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 www.032439.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 www.0scan.com
O1 - Hosts: 127.0.0.1 0scan.com
O1 - Hosts: 127.0.0.1 www.1000gratisproben.com
O1 - Hosts: 127.0.0.1 1000gratisproben.com
O1 - Hosts: 127.0.0.1 www.1001namen.com
O1 - Hosts: 127.0.0.1 1001namen.com
O1 - Hosts: 127.0.0.1 www.100888290cs.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 www.100sexlinks.com
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 www.10sek.com
O1 - Hosts: 127.0.0.1 1-2005-search.com
O1 - Hosts: 127.0.0.1 www.1-2005-search.com
O1 - Hosts: 127.0.0.1 123haustiereundmehr.com
O1 - Hosts: 14479 more lines...
O2:64bit: - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Programme\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - D:\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~3\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (Google Gears Helper) - {E0FEFE40-FBF9-42AE-BA58-794CA7E3FB53} - C:\Program Files (x86)\Google\Google Gears\Internet Explorer\0.5.36.0\gears.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - No CLSID value found.
O4:64bit: - HKLM..\Run: [MSSE] C:\Program Files\Microsoft Security Essentials\msseces.exe (Microsoft Corporation)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [BCSSync] C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe (Microsoft Corporation)
O4 - HKLM..\Run: [CTxfiHlp] C:\Windows\SysWow64\Ctxfihlp.exe (Creative Technology Ltd)
O4 - HKLM..\Run: [Diamondback] D:\Razer\Diamondback\Razer\Diamondback\razerhid.exe ()
O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
O4 - HKLM..\Run: [LifeCam] C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe (Microsoft Corporation)
O4 - HKLM..\Run: [StartCCC] D:\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [VolPanel] D:\Creative\Volume Panel\VolPanlu.exe (Creative Technology Ltd)
O4 - HKCU..\Run: [FileHippo.com] D:\FileHippo.com\UpdateChecker.exe (FileHippo.com)
O4 - HKCU..\Run: [FMCore.exe] C:\Program Files (x86)\Extensis\Suitcase Fusion 2\FMCore.exe (Extensis a division of Celartem, Inc.)
O4 - HKCU..\Run: [RemoTerm.exe] C:\Program Files (x86)\Common Files\PCTV Systems\RemoTerm\RemoTerm.exe (PCTV Systems S.à r.l.)
O4 - HKCU..\Run: [TVCenter.exe] D:\PCTV Systems\TVCenter\TVCenter.exe (PCTV Systems S.à r.l.)
O4 - HKCU..\Run: [Winsplit] D:\WinSplit Revolution\WinSplit.exe ()
O4 - Startup: C:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Stickies.lnk = D:\stickies\stickies.exe (Zhorn Software)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\SysWow64\GPhotos.scr (Google Inc.)
O9:64bit: - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra Button: Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : &Gears-Einstellungen - {09C04DA7-5B76-4EBC-BBEE-B25EAC5965F5} - C:\Program Files (x86)\Google\Google Gears\Internet Explorer\0.5.36.0\gears.dll (Google Inc.)
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - D:\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {3860DD98-0549-4D50-AA72-5D17D200EE10} hxxp://cdn.scan.onecare.live.com/resource/download/scanner/en-us/wlscctrl2.cab (Windows Live OneCare safety scanner control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {0D6709DD-4ED8-40CA-B459-2757AEEF7BEE} hxxp://download.gigabyte.com.tw/object/Dldrv.ocx (Dldrv2 Control)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} hxxp://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {3860DD98-0549-4D50-AA72-5D17D200EE10} hxxp://cdn.scan.onecare.live.com/resource/download/scanner/en-us/wlscctrl2.cab (Windows Live OneCare safety scanner control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} hxxp://ccfiles.creative.com/Web/softwareupdate/su2/ocx/15110/CTPID.cab (Creative Software AutoUpdate Support Package)
O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Reg Error: Key error. File not found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O18:64bit: - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysWow64\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{761aa68f-db97-11de-8e3a-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{761aa68f-db97-11de-8e3a-806e6f6e6963}\Shell\AutoRun\command - "" = L:\Autorun.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O36 - AppCertDlls: mfpmfo32 - (C:\Windows\system32\NETSexer.dll) - C:\Windows\SysWow64\NETSexer.dll File not found
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 30 Days ==========
[2010.09.20 00:27:12 | 000,000,000 | ---D | C] -- C:\Programme\Windows Live Safety Center
[2010.09.19 23:31:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Windows Live Safety Center
[2010.09.19 22:42:16 | 000,000,000 | ---D | C] -- C:\Users\***\Desktop\Updates
[2010.09.17 20:44:01 | 000,000,000 | ---D | C] -- C:\Programme\iPod
[2010.09.17 20:44:00 | 000,000,000 | ---D | C] -- C:\Programme\iTunes
[2010.09.17 20:31:24 | 000,000,000 | ---D | C] -- C:\ProgramData\InstallShield
[2010.09.17 20:31:01 | 000,073,728 | ---- | C] (InstallShield Software Corporation) -- C:\Windows\SysWow64\ISUSPM.cpl
[2010.09.17 20:19:18 | 000,183,296 | ---- | C] (Oracle) -- C:\Windows\SysNative\javaws.exe
[2010.09.17 20:19:18 | 000,165,888 | ---- | C] (Oracle) -- C:\Windows\SysNative\javaw.exe
[2010.09.17 20:19:18 | 000,165,888 | ---- | C] (Oracle) -- C:\Windows\SysNative\java.exe
[2010.09.17 20:19:12 | 000,000,000 | ---D | C] -- C:\Programme\Java
[2010.09.17 19:41:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Windows Genuine Advantage
[2010.09.17 10:56:38 | 000,576,000 | ---- | C] (OldTimer Tools) -- C:\Users\***\Desktop\OTL.exe
[2010.09.16 13:05:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Norton
[2010.09.16 13:05:52 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Local\NPE
[2010.09.15 16:13:25 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\Malwarebytes
[2010.09.15 16:04:44 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
[2010.09.15 16:04:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2010.09.15 16:04:40 | 000,024,664 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2010.09.15 15:53:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2010.09.15 15:51:23 | 000,411,368 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\deployJava1.dll
[2010.09.15 15:51:23 | 000,153,376 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaws.exe
[2010.09.15 15:51:22 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaw.exe
[2010.09.15 15:51:22 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\java.exe
[2010.09.14 22:24:34 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\DAEMON Tools Lite
[2010.09.14 22:24:32 | 000,000,000 | ---D | C] -- C:\ProgramData\DAEMON Tools Lite
[2010.09.14 18:37:36 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\microsoft
[2010.09.14 18:36:25 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Local\Rockstar Games
[2010.09.14 18:35:29 | 000,000,000 | RH-D | C] -- C:\Users\***\AppData\Roaming\SecuROM
[2010.09.14 17:41:34 | 000,031,232 | ---- | C] (The OpenVPN Project) -- C:\Windows\SysNative\drivers\tap0901.sys
[2010.09.13 21:42:51 | 000,178,800 | ---- | C] (Sony DADC Austria AG.) -- C:\Windows\SysWow64\CmdLineExt_x64.dll
[2010.09.13 21:40:30 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\xlive
[2010.09.13 21:40:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Games for Windows - LIVE
[2010.09.08 11:17:46 | 000,094,208 | ---- | C] (Apple Inc.) -- C:\Windows\SysWow64\QuickTimeVR.qtx
[2010.09.08 11:17:46 | 000,069,632 | ---- | C] (Apple Inc.) -- C:\Windows\SysWow64\QuickTime.qts
[2010.08.26 12:29:25 | 000,000,000 | ---D | C] -- C:\Users\***\Desktop\Top10_ByRadler_gpx
[2009.06.04 01:57:38 | 000,060,928 | ---- | C] ( ) -- C:\Windows\SysWow64\a3d.dll
========== Files - Modified Within 30 Days ==========
[2010.09.20 10:49:28 | 008,650,752 | -HS- | M] () -- C:\Users\***\NTUSER.DAT
[2010.09.20 10:47:00 | 000,576,000 | ---- | M] (OldTimer Tools) -- C:\Users\***\Desktop\OTL.exe
[2010.09.20 10:47:00 | 000,001,108 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2010.09.20 10:08:00 | 000,001,122 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2824996709-3619807592-4146439216-1005UA.job
[2010.09.20 09:27:40 | 000,013,248 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2010.09.20 09:27:40 | 000,013,248 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2010.09.20 09:20:57 | 000,000,349 | ---- | M] () -- C:\Users\Public\Documents\PCLECHAL.INI
[2010.09.20 09:20:34 | 000,025,640 | ---- | M] (Windows (R) Server 2003 DDK provider) -- C:\Windows\gdrv.sys
[2010.09.20 09:20:26 | 000,001,104 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2010.09.20 09:20:24 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2010.09.20 09:20:16 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010.09.20 09:20:08 | 3219,861,504 | -HS- | M] () -- C:\hiberfil.sys
[2010.09.20 09:19:18 | 000,062,476 | ---- | M] () -- C:\Windows\SysNative\BMXStateBkp-{00000005-00000000-00000000-00001102-00000005-00291102}.rfx
[2010.09.20 09:19:18 | 000,062,476 | ---- | M] () -- C:\Windows\SysNative\BMXState-{00000005-00000000-00000000-00001102-00000005-00291102}.rfx
[2010.09.20 09:19:18 | 000,000,788 | ---- | M] () -- C:\Windows\SysNative\DVCState-{00000005-00000000-00000000-00001102-00000005-00291102}.rfx
[2010.09.20 09:19:10 | 000,984,327 | -H-- | M] () -- C:\Users\***\AppData\Local\IconCache.db
[2010.09.19 22:02:14 | 103,351,067 | ---- | M] () -- C:\Users\***\Desktop\Windows6.1-KB947821-v7-x64.msu
[2010.09.18 17:29:39 | 000,012,446 | ---- | M] () -- C:\Users\***\Desktop\apple_studio_display_17clr.jpg
[2010.09.18 17:06:46 | 000,097,887 | ---- | M] () -- C:\Users\***\Desktop\g4.jpg
[2010.09.18 11:18:32 | 001,498,506 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2010.09.18 11:18:32 | 000,653,928 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2010.09.18 11:18:32 | 000,615,810 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2010.09.18 11:18:32 | 000,129,800 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2010.09.18 11:18:32 | 000,106,190 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2010.09.17 23:08:00 | 000,001,070 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2824996709-3619807592-4146439216-1005Core.job
[2010.09.17 21:54:24 | 002,339,668 | ---- | M] () -- C:\Users\***\Desktop\Kindle_User's_Guide_English.pdf
[2010.09.17 20:19:13 | 000,468,480 | ---- | M] (Oracle) -- C:\Windows\SysNative\deployJava1.dll
[2010.09.17 20:19:13 | 000,183,296 | ---- | M] (Oracle) -- C:\Windows\SysNative\javaws.exe
[2010.09.17 20:19:13 | 000,165,888 | ---- | M] (Oracle) -- C:\Windows\SysNative\javaw.exe
[2010.09.17 20:19:13 | 000,165,888 | ---- | M] (Oracle) -- C:\Windows\SysNative\java.exe
[2010.09.17 20:03:06 | 073,419,831 | ---- | M] () -- C:\Users\***\Desktop\WinFuture_7_x64_UpdatePack_1.06_September_2010-Vollversion.exe
[2010.09.17 15:19:37 | 000,866,328 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2010.09.17 12:14:08 | 000,000,600 | ---- | M] () -- C:\Users\***\AppData\Roaming\winscp.rnd
[2010.09.17 10:47:03 | 000,105,744 | ---- | M] () -- C:\Users\***\AppData\Local\GDIPFONTCACHEV1.DAT
[2010.09.16 22:50:07 | 000,003,422 | ---- | M] () -- C:\Windows\SysWow64\index.xml
[2010.09.15 16:04:48 | 000,000,573 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010.09.15 15:44:43 | 000,419,653 | R--- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2010.09.15 15:37:43 | 000,000,633 | ---- | M] () -- C:\Users\***\Desktop\HijackThis.lnk
[2010.09.14 22:25:06 | 000,834,544 | ---- | M] () -- C:\Windows\SysNative\drivers\sptd.sys
[2010.09.13 21:42:51 | 000,178,800 | ---- | M] (Sony DADC Austria AG.) -- C:\Windows\SysWow64\CmdLineExt_x64.dll
[2010.09.13 21:39:36 | 000,000,862 | ---- | M] () -- C:\Users\Public\Desktop\Grand Theft Auto IV.lnk
[2010.09.08 11:17:46 | 000,094,208 | ---- | M] (Apple Inc.) -- C:\Windows\SysWow64\QuickTimeVR.qtx
[2010.09.08 11:17:46 | 000,069,632 | ---- | M] (Apple Inc.) -- C:\Windows\SysWow64\QuickTime.qts
[2010.08.27 12:18:12 | 000,000,600 | ---- | M] () -- C:\Users\***\AppData\Local\PUTTY.RND
[2010.08.24 21:54:31 | 072,182,211 | ---- | M] () -- C:\Users\***\Desktop\20100819_Intro.mov
[2010.08.24 21:29:09 | 000,244,601 | ---- | M] () -- C:\Users\***\Desktop\boggel_testrendering_8_vergleich.jpg
[2010.08.23 15:29:09 | 000,245,015 | ---- | M] () -- C:\Users\***\Desktop\Gutschein-165-2435-VMPE7W.pdf
[2010.08.21 11:35:55 | 000,486,282 | ---- | M] () -- C:\Users\***\Desktop\_-2433379881432839937_Route-2-Radfernweg-D9.gpx
========== Files Created - No Company Name ==========
[2010.09.18 17:29:39 | 000,012,446 | ---- | C] () -- C:\Users\***\Desktop\apple_studio_display_17clr.jpg
[2010.09.18 17:06:42 | 000,097,887 | ---- | C] () -- C:\Users\***\Desktop\g4.jpg
[2010.09.17 21:54:16 | 002,339,668 | ---- | C] () -- C:\Users\***\Desktop\Kindle_User's_Guide_English.pdf
[2010.09.17 20:02:40 | 073,419,831 | ---- | C] () -- C:\Users\***\Desktop\WinFuture_7_x64_UpdatePack_1.06_September_2010-Vollversion.exe
[2010.09.17 19:43:06 | 103,351,067 | ---- | C] () -- C:\Users\***\Desktop\Windows6.1-KB947821-v7-x64.msu
[2010.09.15 16:04:48 | 000,000,573 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010.09.15 15:37:43 | 000,000,633 | ---- | C] () -- C:\Users\***\Desktop\HijackThis.lnk
[2010.09.14 22:25:06 | 000,834,544 | ---- | C] () -- C:\Windows\SysNative\drivers\sptd.sys
[2010.09.13 21:39:36 | 000,000,862 | ---- | C] () -- C:\Users\Public\Desktop\Grand Theft Auto IV.lnk
[2010.08.27 11:58:00 | 000,001,122 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2824996709-3619807592-4146439216-1005UA.job
[2010.08.27 11:57:59 | 000,001,070 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2824996709-3619807592-4146439216-1005Core.job
[2010.08.24 21:27:33 | 000,244,601 | ---- | C] () -- C:\Users\***\Desktop\boggel_testrendering_8_vergleich.jpg
[2010.08.24 21:27:29 | 072,182,211 | ---- | C] () -- C:\Users\***\Desktop\20100819_Intro.mov
[2010.08.23 15:29:08 | 000,245,015 | ---- | C] () -- C:\Users\***\Desktop\Gutschein-165-2435-VMPE7W.pdf
[2010.08.21 11:35:54 | 000,486,282 | ---- | C] () -- C:\Users\***\Desktop\_-2433379881432839937_Route-2-Radfernweg-D9.gpx
[2010.04.13 14:22:30 | 000,165,376 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll
[2010.03.20 23:23:10 | 000,000,069 | ---- | C] () -- C:\Windows\NeroDigital.ini
[2010.02.06 17:02:28 | 000,010,860 | ---- | C] () -- C:\Users\***\AppData\Roaming\UserTile.png
[2010.01.24 00:57:52 | 000,000,600 | ---- | C] () -- C:\Users\***\AppData\Local\PUTTY.RND
[2010.01.18 14:42:06 | 000,034,666 | ---- | C] () -- C:\Windows\Irremote.ini
[2009.12.15 23:53:25 | 000,015,873 | ---- | C] () -- C:\Windows\SysWow64\Inetde.dll
[2009.12.13 16:37:42 | 002,463,976 | ---- | C] () -- C:\Windows\SysWow64\NPSWF32.dll
[2009.12.12 12:34:24 | 000,007,597 | ---- | C] () -- C:\Users\***\AppData\Local\Resmon.ResmonCfg
[2009.12.11 23:38:06 | 000,000,600 | ---- | C] () -- C:\Users\***\AppData\Roaming\winscp.rnd
[2009.12.06 23:49:32 | 000,074,240 | ---- | C] () -- C:\Windows\SysWow64\zlibwapi.dll
[2009.12.01 00:41:14 | 000,148,480 | ---- | C] () -- C:\Windows\SysWow64\APOMngr.DLL
[2009.12.01 00:41:14 | 000,073,728 | ---- | C] () -- C:\Windows\SysWow64\CmdRtr.DLL
[2009.12.01 00:40:42 | 000,003,072 | ---- | C] () -- C:\Windows\SysWow64\CTXFIGER.DLL
[2009.07.14 01:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009.07.13 23:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009.06.04 02:37:08 | 000,021,093 | ---- | C] () -- C:\Windows\SysWow64\instwdm.ini
[2009.06.04 02:37:06 | 000,000,054 | ---- | C] () -- C:\Windows\SysWow64\ctzapxx.ini
[2009.06.04 01:55:20 | 000,002,560 | ---- | C] () -- C:\Windows\SysWow64\CtxfiRes.dll
[2009.05.27 10:49:00 | 000,000,285 | ---- | C] () -- C:\Windows\SysWow64\kill.ini
[2008.10.22 05:29:06 | 000,173,550 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat
[2007.09.06 02:01:22 | 000,012,288 | ---- | C] () -- C:\Windows\SysWow64\DivXWMPExtType.dll
[2007.08.23 18:55:34 | 003,596,288 | ---- | C] () -- C:\Windows\SysWow64\qt-dx331.dll
[2007.08.23 18:50:04 | 000,000,416 | ---- | C] () -- C:\Windows\SysWow64\dtu100.dll.manifest
[2007.08.23 18:50:04 | 000,000,416 | ---- | C] () -- C:\Windows\SysWow64\dpl100.dll.manifest
< End of report >
| Zitat:
OTL Extras logfile created on: 20.09.2010 10:47:31 - Run 2
OTL by OldTimer - Version 3.2.14.0 Folder = C:\Users\***\Desktop
64bit- An unknown product (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
4,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 41,00% Memory free
8,00 Gb Paging File | 5,00 Gb Available in Paging File | 65,00% Paging File free
Paging file location(s): d:\pagefile.sys 0 0 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 48,73 Gb Total Space | 14,46 Gb Free Space | 29,68% Space Free | Partition Type: NTFS
Drive D: | 50,01 Gb Total Space | 37,48 Gb Free Space | 74,95% Space Free | Partition Type: NTFS
Drive E: | 50,01 Gb Total Space | 33,99 Gb Free Space | 67,95% Space Free | Partition Type: NTFS
Drive F: | 100,01 Gb Total Space | 40,83 Gb Free Space | 40,83% Space Free | Partition Type: NTFS
Drive G: | 100,01 Gb Total Space | 47,18 Gb Free Space | 47,18% Space Free | Partition Type: NTFS
Drive H: | 50,01 Gb Total Space | 16,07 Gb Free Space | 32,14% Space Free | Partition Type: NTFS
Drive I: | 400,00 Gb Total Space | 283,65 Gb Free Space | 70,91% Space Free | Partition Type: NTFS
Drive J: | 132,63 Gb Total Space | 64,12 Gb Free Space | 48,35% Space Free | Partition Type: NTFS
Computer Name: ***
Current User Name: ***
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Include 64bit Scans
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- D:\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %* File not found
cmdfile [open] -- "%1" %* File not found
comfile [open] -- "%1" %* File not found
exefile [open] -- "%1" %* File not found
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- "C:\Program Files (x86)\Microsoft Office\Office14\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files (x86)\Microsoft Office\Office14\msohtmed.exe" /p %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %* File not found
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1" File not found
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S File not found
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- "C:\Program Files (x86)\Microsoft Office\Office14\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files (x86)\Microsoft Office\Office14\msohtmed.exe" /p %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{0E3DAF3D-FF69-345A-A99E-1FED304CA083}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{20140000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2010 (Beta)
"{20140000-002A-0407-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (German) 2010 (Beta)
"{26A24AE4-039D-4CA4-87B4-2F86416021FF}" = Java(TM) 6 Update 21 (64-bit)
"{33EB1061-ABF1-4470-A540-32E97A610536}" = Apple Mobile Device Support
"{350AA351-21FA-3270-8B7A-835434E766AD}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022
"{36A415C2-7181-421D-92C9-8255766E0FF3}" = TortoiseSVN 1.6.10.19898 (64 bit)
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{5F02C14D-A630-4771-8409-0BA89FCCA8D6}" = iTunes
"{5F94D3B9-2B02-9C37-740B-A59C7B8D17CC}" = ATI Catalyst Install Manager
"{64A3A4F4-B792-11D6-A78A-00B0D0160200}" = Java(TM) SE Development Kit 6 Update 20 (64-bit)
"{6965A8D2-465D-4F98-9FAA-0E9E2348F329}" = Microsoft LifeCam
"{74C109E4-5290-15B5-084F-F8BAE32F452B}" = ATI AVIVO64 Codecs
"{84ED5482-CFB0-4DD9-BF18-489FFDACD18A}" = Microsoft Antimalware Service DE-DE Language Pack
"{95C9C76F-ECF3-40FA-94F8-5DDFB6BAF40D}" = Microsoft Security Essentials
"{9C5A08BF-BB99-4998-81BD-F6CC32483B34}" = Microsoft Corporation
"{A792E67C-FDA4-A301-0C3C-53BA86EFBB5A}" = ccc-utility64
"{B6E3757B-5E77-3915-866A-CCFC4B8D194C}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053
"{B91110FB-33B4-468B-90C2-4D5E8AE3FAE1}" = Bonjour
"{E29B2B35-C365-4C9A-8C5C-224E3B9A9ED1}" = TVCenter
"{E62A1F01-07B7-4541-A835-EE5B0BF064C2}" = Microsoft Antimalware
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Microsoft Security Essentials" = Microsoft Security Essentials
"Windows Live OneCare safety scanner" = Windows Live OneCare safety scanner
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{0224CACC-994D-45F8-B973-D65056EA9C2F}" = Adobe XMP DVA Panels CS3
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{08B32819-6EEF-4057-AEDA-5AB681A36A23}" = Adobe Bridge Start Meeting
"{184CE391-7E0E-4C63-9935-D7A10EDFD3C6}" = Adobe WinSoft Linguistics Plugin
"{18D10072035C4515918F7E37EAFAACFC}" = AutoUpdate
"{193EAFD0-1BAF-4FB4-B18F-79D5D6A4B285}" = Adobe After Effects CS3 Presets
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{20140000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2010 (Beta)
"{20140000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2010 (Beta)
"{20140000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2010 (Beta)
"{20140000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2010 (Beta)
"{20140000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2010 (Beta)
"{20140000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2010 (Beta)
"{20140000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2010 (Beta)
"{20140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010 (Beta)
"{20140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010 (Beta)
"{20140000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2010 (Beta)
"{20140000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2010 (Beta)
"{20140000-003D-0000-0000-0000000FF1CE}" = Microsoft Office Single Image 2010 (Beta)
"{20140000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2010 (Beta)
"{20140000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2010 (Beta)
"{20ACB2F8-3BCA-45A8-80A2-9D3CB5C25F43}" = Safari
"{2300EE96-0A41-4FAB-BD03-989EC44577A0}" = Acronis*Disk Director Suite
"{24D7346D-D4B4-45E8-98EA-75EC14B42DD8}" = Adobe ExtendScript Toolkit 2
"{257C7A78-535E-1450-C720-AE353876C816}" = Catalyst Control Center InstallProxy
"{26A24AE4-039D-4CA4-87B4-2F83216018FF}" = Java(TM) 6 Update 20
"{29E5EA97-5F74-4A57-B8B2-D4F169117183}" = Adobe Stock Photos CS3
"{2EA870FA-585F-4187-903D-CB9FFD21E2E0}" = DHTML Editing Component
"{2FA41EBB-3F5A-35C3-85D6-51EC72A11FBD}" = Google Gears
"{30D1F3D2-54CF-481D-A005-F94B0E98FEEC}" = Sid Meier's Civilization 4 Complete
"{32E00E5E-22B1-4D5A-9DC2-CD75E087A5E6}" = Steuer-Spar-Erklärung 2009
"{3577E42B-3347-4EB8-BFDA-D36E8ED3C519}" = Windows 7 USB/DVD Download Tool
"{3D6A24EA-A543-6C84-351E-D7646E7AB86E}" = Catalyst Control Center InstallProxy
"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel(R) Rapid Storage Technology
"{411E0CC3-587A-468C-B461-95FAFD05E4DE}" = Adobe InDesign CS3
"{42CC5790-8526-4A73-A26C-60ED8A419803}" = Deutsche Post E-Porto
"{47CAFF95-C3D8-ABF2-70BC-89DE00D8FB19}" = Catalyst Control Center Graphics Light
"{4962EBAC-AE7C-1B22-1EA0-0916A7E40954}" = Catalyst Control Center Graphics Full Existing
"{49A62E2B-B35C-941D-DF48-601207CF14C0}" = Catalyst Control Center Graphics Previews Common
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{5454083B-1308-4485-BF17-1110000D8301}" = Grand Theft Auto IV
"{54793AA1-5001-42F4-ABB6-C364617C6078}" = Adobe Linguistics CS3
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{579BA58C-F33D-4970-9953-B94B43768AC3}" = Grand Theft Auto IV
"{59152D0E-DDFE-4769-A746-776457091048}" = Outlook 2007 HTML and CSS Validator
"{59E4543A-D49D-4489-B445-473D763C79AF}" = Microsoft Games for Windows - LIVE Redistributable
"{64C1FA9A-FA94-4B6E-B3E4-8573738E4AD1}" = Adobe Setup
"{675F86A8-E093-4002-87D5-915CC2C45571}" = DES 2.0
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6A490E11-6C8A-777C-4E00-43F3CC16A1EC}" = CCC Help English
"{6ABE0BEE-D572-4FE8-B434-9E72A289431B}" = Adobe Fonts All
"{6B708481-748A-4EB4-97C1-CD386244FF77}" = Adobe MotionPicture Color Files
"{6BBAA81D-6A7E-43AD-8889-2F002DCAAFDD}" = AHV content for Acrobat and Flash
"{6D4AC5A4-4CF9-4F90-8111-B9B53CE257BF}" = Adobe Color Common Settings
"{6FF5DD7A-FE28-4439-B8CF-1E9AF4EA0A61}" = Adobe Asset Services CS3
"{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK
"{7236672F-6430-439E-9B27-27EDEAF1D676}" = Diagnostic Utility
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{73B5D990-04EA-4751-B10F-5534770B91F2}" = Adobe Color EU Recommended Settings
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{77919701-C3E7-09AA-D2F7-DBF42CD7C13D}" = Catalyst Control Center HydraVision Full
"{78B2F09F-BDC7-7865-CF4C-233B64A3BE51}" = Catalyst Control Center Graphics Full New
"{7ACFB90E-8FD0-4397-AD3A-5195412623A3}" = Adobe Help Viewer CS3
"{7B63B2922B174135AFC0E1377DD81EC2}" = DivX Codec
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{845A8DB9-8802-4FD3-9FE3-938A6C46A2EC}" = Adobe Video Profiles
"{87BB78C4-F36D-4D93-A7C7-F80F18219848}" = AMD DnD V1.0.19
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver For Windows Vista and Later
"{8927E07C-97F7-4A54-88FB-D976F50DD46E}" = Turbo Lister 2
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8D1E61D1-1395-4E97-997F-D002DB3A5074}" = OpenOffice.org 3.2
"{8D2BA474-F406-4710-9AE4-D4F22D21F0DD}" = Adobe Device Central CS3
"{8D7133DE-27D2-47E5-B248-4180278D32AA}" = Catalyst Control Center - Branding
"{8E6808E2-613D-4FCD-81A2-6C8FA8E03312}" = Adobe Type Support
"{90176341-0A8B-4CCC-A78D-F862228A6B95}" = Adobe Anchor Service CS3
"{9C9824D9-9000-4373-A6A5-D0E5D4831394}" = Adobe Bridge CS3
"{A2B242BD-FF8D-4840-9DAA-9170EABEC59C}" = Adobe CMaps
"{A2D81E70-2A98-4A08-A628-94388B063C5E}" = Adobe Color - Photoshop Specific
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A94EFA5E-3595-404D-B279-75C93C141D9B}" = DistanTV Client
"{AAFADD10-282B-4FD4-B461-25DF3286450E}" = Adobe Setup
"{AC5B0C19-D851-42F4-BDA0-410ECF7F70A5}" = PDF Settings
"{AC76BA86-1033-F400-7760-000000000003}" = Adobe Acrobat 8 Professional - English, Français, Deutsch
"{AC76BA86-7AD7-1031-7B44-A93000000001}" = Adobe Reader 9.3.4 - Deutsch
"{AC76BA86-7AD7-5464-3428-900000000004}" = Spelling Dictionaries Support For Adobe Reader 9
"{AD432910-9459-46DA-9DE8-ABC142AE8E73}" = Adobe Creative Suite 3 Master Collection
"{B3BC9DB1-0B0A-48B0-B86B-EA77CAA7F800}" = Microsoft Corporation
"{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}" = Adobe Camera Raw 4.0
"{B3C02EC1-A7B0-4987-9A43-8789426AAA7D}" = Adobe Setup
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B671CBFD-4109-4D35-9252-3062D3CCB7B2}" = Adobe SING CS3
"{B73CFB12-C814-4638-AFFD-7E3AAFAF0B4E}" = Adobe BridgeTalk Plugin CS3
"{B9B35331-B7E4-4E5C-BF4C-7BC87856124D}" = Adobe Default Language CS3
"{BBBDA721-8885-42CE-A16C-8BEE27D37EB3}" = AAVUpdateManager
"{BE5F3842-8309-4754-92D5-83E02E6077A3}" = Adobe Extension Manager CS3
"{C5BD220A-EFE8-48A5-B70E-9503D535FACE}" = Adobe WAS CS3
"{C624403E-B51C-3A8E-570E-6FF2216EDFEE}" = HydraVision
"{C8D7A672-F697-4572-AC62-C856053A8DBC}" = Adobe Illustrator CS3
"{D0DFF92A-492E-4C40-B862-A74A173C25C5}" = Adobe Version Cue CS3 Client
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.2
"{D241BBEC-B1C7-7953-EDDE-D90A654A8D2C}" = ccc-core-static
"{D2559B88-CC9D-4B48-81BB-F492BAA9C48C}" = Adobe PDF Library Files
"{D3C605D8-3A5E-4BAD-965D-2C61441BF2AC}" = Adobe Photoshop CS3
"{D5A31AB1-345D-47C7-A87B-036A669F6DF1}" = Adobe XMP Panels CS3
"{D5C24E77-099E-9B84-5BE2-708E70B938A9}" = Catalyst Control Center Core Implementation
"{DAEAFD68-BB4A-4507-A241-C8804D2EA66D}" = Apple Application Support
"{DC4757E2-BAE3-0BFE-C6E5-576CB911FF52}" = Catalyst Control Center Graphics Previews Vista
"{DD7DB3C5-6FA3-4FA3-8A71-C2F2940EB029}" = Adobe Color JA Extra Settings
"{DE4CF159-4AD2-4754-BDA0-5FB088C8B58B}" = Razer Diamondback
"{DF6FE172-006A-4324-AF7F-ACFE4BA290FE}" = AAVUpdateManager
"{E503B4BF-F7BB-3D5F-8BC8-F694B1CFF942}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022.218
"{E69AE897-9E0B-485C-8552-7841F48D42D8}" = Adobe Update Manager CS3
"{E7004147-2CCA-431C-AA05-2AB166B9785D}" = QuickTime
"{EA7B3CC4-366D-4CF6-8350-FD7A7034116E}" = Adobe InDesign CS3 Icon Handler
"{F1CB76D8-ABF5-492F-8435-8239B228A2AE}" = Steuer-Spar-Erklärung Selbstständige 2010
"{F38ADCA4-AF7C-4C73-9021-6F1EA15D15EA}" = Pinnacle TVCenter Pro
"{F8A9085D-4C7A-41a9-8A77-C8998A96C421}" = Intel(R) Control Center
"{FB8BD91F-DC90-4770-AE33-8AA6AA2E691B}" = Extensis Suitcase Fusion 2
"{FE0646A7-19D0-41B4-A2BB-2C35D644270D}" = Windows Live OneCare safety scanner
"{FF29A7E2-FF40-4D07-B7E4-2093DE59E10A}" = Adobe Color NA Extra Settings
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"ABC" = ABC (remove only)
"Adobe Acrobat 8 Professional - English, Français, Deutsch" = Adobe Acrobat 8.2.4 Professional
"Adobe Acrobat 8 Professional - English, Français, Deutsch_824" = Adobe Acrobat 8.2.4 - CPSID_83708
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe_3e054d2218e7aa282c2369d939e58ff" = Adobe ExtendScript Toolkit 2
"Adobe_6c8e2cb4fd241c55406016127a6ab2e" = Adobe Color Common Settings
"Adobe_b8d47b526dcac7b06fa9efb844abcb5" = Adobe Creative Suite 3 Master Collection hinzufügen oder entfernen
"ALchemy" = Creative ALchemy
"AllSync_is1" = AllSync 3.4.56
"Amazon MP3-Downloader" = Amazon MP3-Downloader 1.0.9
"Ashampoo Burning Studio 6 FREE_is1" = Ashampoo Burning Studio 6 FREE
"AudioCS" = Creative Audio-Systemsteuerung
"Biet-O-Matic v2.12.6" = Biet-O-Matic v2.12.6
"CCleaner" = CCleaner
"CollabNet Automatic Update" = CollabNet Automatic Update 1.2
"CollabNet Subversion Client" = CollabNet Subversion Client 1.6.11
"Console Launcher" = Creative Konsole Starter
"Creative Software AutoUpdate" = Creative Software AutoUpdate
"Creative Sound Blaster Properties x64 Edition" = Creative Sound Blaster Properties x64 Edition
"Creative Volume Panel" = Lautstärkefenster
"Defraggler" = Defraggler
"EVEREST Ultimate Edition_is1" = EVEREST Ultimate Edition v5.30
"FileHippo.com" = FileHippo.com Update Checker
"HD Tune Pro_is1" = HD Tune Pro 3.50
"HijackThis" = HijackThis 2.0.2
"IETester" = IETester v0.4.4 (remove only)
"KLiteCodecPack_is1" = K-Lite Codec Pack 5.8.3 (Standard)
"LastFM_is1" = Last.fm 1.5.4.24567
"Launchy_21344213_is1" = Launchy 2.1.2
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Miranda IM" = Miranda IM 0.8.22
"Mozilla Firefox (3.6.10)" = Mozilla Firefox (3.6.10)
"Mozilla Thunderbird (3.1.4)" = Mozilla Thunderbird (3.1.4)
"Notepad++" = Notepad++
"Office14.SingleImage" = Microsoft Office Professional 2010
"OpenAL" = OpenAL
"Picasa 3" = Picasa 3
"Secunia PSI" = Secunia PSI
"Songbird-release-1146" = Songbird 1.2.0 (Build 1146)
"Steam App 220" = Half-Life 2
"Steam App 7670" = BioShock
"VLC media player" = VLC media player 1.0.5
"VP Suite 4.2" = VP Suite 4.2
"VTV digital_is1" = VTV digital 06
"Windows Live OneCare safety scanner" = Windows Live OneCare safety scanner
"WinRAR archiver" = WinRAR
"winscp3_is1" = WinSCP 4.2.7
"WinSplit Revolution" = WinSplit Revolution (v9.02)
"XMind" = XMind
"XnView_is1" = XnView 1.97.6
"ZhornStickies" = Stickies 7.0b
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Facebook Plug-In" = Facebook Plug-In
"Google Chrome" = Google Chrome
========== Last 10 Event Log Errors ==========
Error reading Event Logs: The Event Service is not operating properly or the Event Logs are corrupt!
< End of report >
|
Schonmal vielen Dank für jede Hilfe!
|
20.09.2010, 10:01
Linear-Darstellung
