| |
| |||||||
Log-Analyse und Auswertung: Mehrere Trojaner und Sonstiges im RecyclerWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
25.03.2011, 20:09
| #1 |
| |  Mehrere Trojaner und Sonstiges im Recycler Hallo zusammen, hab heute ne supertolle Trojaner&Co-Kombi in meinen Recyclern gehabt - konnte alle mit Avira löschen. Danach erneuter Scan mit Avira und MBAM - kein Fund. Aber irgendwie ist mir noch ziemlich unwohl - kann sich bitte einer mal meine Logs ansehen? OTL: Code:
ATTFilter OTL logfile created on: 25.03.2011 19:32:12 - Run 2 OTL by OldTimer - Version 3.2.22.3 Folder = C:\Users\***\Desktop 64bit- An unknown product (Version = 6.1.7600) - Type = NTWorkstation Internet Explorer (Version = 8.0.7600.16385) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 4,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 57,00% Memory free 8,00 Gb Paging File | 6,00 Gb Available in Paging File | 77,00% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 78,03 Gb Total Space | 19,68 Gb Free Space | 25,23% Space Free | Partition Type: NTFS Drive D: | 195,31 Gb Total Space | 129,34 Gb Free Space | 66,22% Space Free | Partition Type: NTFS Drive E: | 192,31 Gb Total Space | 90,18 Gb Free Space | 46,89% Space Free | Partition Type: NTFS Computer Name: *** | User Name: *** | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 180 Days ========== Processes (SafeList) ========== PRC - C:\Users\***\Desktop\OTL.exe (OldTimer Tools) PRC - C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira GmbH) PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avwebgrd.exe (Avira GmbH) PRC - C:\Program Files (x86)\PureSync\PureSyncTray.exe (Jumping Bytes) PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira GmbH) PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc.exe (Avira GmbH) PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH) PRC - C:\Users\***\AppData\Local\Google\Update\1.2.183.39\GoogleCrashHandler.exe (Google Inc.) PRC - C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\acrotray.exe (Adobe Systems Inc.) PRC - C:\Program Files (x86)\Unlocker\UnlockerAssistant.exe () PRC - C:\Users\***\AppData\Roaming\Dropbox\bin\Dropbox.exe () PRC - C:\Program Files (x86)\East-Tec Eraser 2010\etRiskMon.exe (EAST Technologies) PRC - C:\Program Files (x86)\Winamp\winampa.exe () PRC - C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.) ========== Modules (SafeList) ========== MOD - C:\Users\***\Desktop\OTL.exe (OldTimer Tools) MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd\comctl32.dll (Microsoft Corporation) ========== Win32 Services (SafeList) ========== SRV:64bit: - (!SASCORE) -- C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE (SUPERAntiSpyware.com) SRV:64bit: - (FLEXnet Licensing Service 64) -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe (Acresso Software Inc.) SRV:64bit: - (AppMgmt) -- C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation) SRV - (AntiVirService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira GmbH) SRV - (AntiVirWebService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE (Avira GmbH) SRV - (AntiVirSchedulerService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira GmbH) SRV - (AntiVirMailService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc.exe (Avira GmbH) SRV - (LBTServ) -- C:\Programme\Common Files\LogiShrd\Bluetooth\LBTServ.exe (Logitech, Inc.) SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation) SRV - (FLEXnet Licensing Service) -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Acresso Software Inc.) SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation) SRV - (Adobe Version Cue CS4) -- C:\Program Files (x86)\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe (Adobe Systems Incorporated) ========== Driver Services (SafeList) ========== DRV:64bit: - (avgntflt) -- C:\Windows\SysNative\drivers\avgntflt.sys (Avira GmbH) DRV:64bit: - (sptd) -- C:\Windows\SysNative\drivers\sptd.sys () DRV:64bit: - (LMouFilt) -- C:\Windows\SysNative\drivers\LMouFilt.Sys (Logitech, Inc.) DRV:64bit: - (LHidFilt) -- C:\Windows\SysNative\drivers\LHidFilt.Sys (Logitech, Inc.) DRV:64bit: - (LHidEqd) -- C:\Windows\SysNative\drivers\LHidEqd.sys (Logitech, Inc.) DRV:64bit: - (LEqdUsb) -- C:\Windows\SysNative\drivers\LEqdUsb.sys (Logitech, Inc.) DRV:64bit: - (avipbb) -- C:\Windows\SysNative\drivers\avipbb.sys (Avira GmbH) DRV:64bit: - (cmnsusbser) -- C:\Windows\SysNative\drivers\cmnsusbser.sys (Mobile Connector) DRV:64bit: - (vpcnfltr) -- C:\Windows\SysNative\drivers\vpcnfltr.sys (Microsoft Corporation) DRV:64bit: - (vpcvmm) -- C:\Windows\SysNative\drivers\vpcvmm.sys (Microsoft Corporation) DRV:64bit: - (vpcusb) -- C:\Windows\SysNative\drivers\vpcusb.sys (Microsoft Corporation) DRV:64bit: - (vpcbus) -- C:\Windows\SysNative\drivers\vpchbus.sys (Microsoft Corporation) DRV:64bit: - (RTL8167) -- C:\Windows\SysNative\drivers\Rt64win7.sys (Realtek ) DRV:64bit: - (JRAID) -- C:\Windows\SysNative\drivers\jraid.sys (JMicron Technology Corp.) DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices) DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices) DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.) DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation) DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company) DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology) DRV:64bit: - (StillCam) -- C:\Windows\SysNative\drivers\serscan.sys (Microsoft Corporation) DRV:64bit: - (L1E) NDIS Miniport Driver for Atheros AR8121/AR8113/AR8114 PCI-E Ethernet Controller(NDIS6.20) -- C:\Windows\SysNative\drivers\L1E62x64.sys (Atheros Communications, Inc.) DRV:64bit: - (Ntfs) -- C:\Windows\SysNative\wbem\ntfs.mof () DRV:64bit: - (netr7364) -- C:\Windows\SysNative\drivers\netr7364.sys (Ralink Technology, Corp.) DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation) DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation) DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation) DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.) DRV:64bit: - (nmwcdx64) -- C:\Windows\SysNative\drivers\ccdcmbx64.sys (Nokia) DRV:64bit: - (hwdatacard) -- C:\Windows\SysNative\drivers\ewusbmdm.sys (Huawei Technologies Co., Ltd.) DRV:64bit: - (athrusb) -- C:\Windows\SysNative\drivers\athrxusb.sys (Atheros Communications, Inc.) DRV:64bit: - (UGURU) -- C:\Windows\SysNative\drivers\uGuru.sys (ABIT) DRV - (adfs) -- C:\Windows\SysWow64\drivers\adfs.sys (Adobe Systems, Inc.) DRV - (SASDIFSV) -- C:\Programme\SUPERAntiSpyware\sasdifsv64.sys (SUPERAdBlocker.com and SUPERAntiSpyware.com) DRV - (SASKUTIL) -- C:\Programme\SUPERAntiSpyware\saskutil64.sys (SUPERAdBlocker.com and SUPERAntiSpyware.com) DRV - (speedfan) -- C:\Windows\SysWOW64\speedfan.sys (Windows (R) Server 2003 DDK provider) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 5A 9C 01 94 1A C5 CA 01 [binary data] IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - HKLM\software\mozilla\Firefox\Extensions\\fiddlerhook@fiddler2.com: C:\Program Files (x86)\Fiddler2\FiddlerHook [2010.03.16 15:56:34 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6.16\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011.03.24 00:18:13 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6.16\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011.03.25 08:30:06 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Thunderbird 3.1.9\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components [2011.03.05 19:36:40 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Thunderbird 3.1.9\extensions\\Plugins: C:\Program Files (x86)\Mozilla Thunderbird\plugins [2011.02.23 19:42:21 | 000,000,000 | ---D | M] (No name found) -- C:\Users\***\AppData\Roaming\mozilla\Extensions [2011.02.23 19:42:21 | 000,000,000 | ---D | M] (No name found) -- C:\Users\***\AppData\Roaming\mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6} [2010.01.19 10:00:51 | 000,000,000 | ---D | M] (No name found) -- C:\Users\***\AppData\Roaming\mozilla\Extensions\uploadr@flickr.com [2011.03.25 09:02:03 | 000,000,000 | ---D | M] (No name found) -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\0elrfldo.default\extensions [2011.01.26 11:36:05 | 000,000,000 | ---D | M] (Screengrab) -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\0elrfldo.default\extensions\{02450954-cdd9-410f-b1da-db804e18c671} [2010.04.05 22:38:05 | 000,000,000 | ---D | M] (Vyprázdnit vyrovnávacÃ* paměť) -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\0elrfldo.default\extensions\{563e4790-7e70-11da-a72b-0800200c9a66} [2011.03.23 07:53:18 | 000,000,000 | ---D | M] (ChatZilla) -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\0elrfldo.default\extensions\{59c81df5-4b7a-477b-912d-4e0fdf64e5f2} [2011.03.23 07:53:18 | 000,000,000 | ---D | M] (ColorZilla) -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\0elrfldo.default\extensions\{6AC85730-7D0F-4de0-B3FA-21142DD85326} [2010.10.05 14:59:13 | 000,000,000 | ---D | M] (Google Analytics Opt-out Browser Add-on) -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\0elrfldo.default\extensions\{6d96bb5e-1175-4ebf-8ab5-5f56f1c79f65} [2009.10.31 18:58:34 | 000,000,000 | ---D | M] ("lori (Life-of-request info)") -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\0elrfldo.default\extensions\{6dfc4f52-26f0-4e5f-89c7-31d6de480db9} [2011.03.11 08:59:44 | 000,000,000 | ---D | M] (NoScript) -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\0elrfldo.default\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232} [2009.11.18 12:56:03 | 000,000,000 | ---D | M] (IE Tab) -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\0elrfldo.default\extensions\{77b819fa-95ad-4f2c-ac7c-486b356188a9} [2011.03.18 09:58:44 | 000,000,000 | ---D | M] (CookieSafe) -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\0elrfldo.default\extensions\{9D23D0AA-D8F5-11DA-B3FC-0928ABF316DD} [2011.03.23 07:53:18 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\0elrfldo.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2011.01.26 11:36:35 | 000,000,000 | ---D | M] (Web Developer) -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\0elrfldo.default\extensions\{c45c406e-ab73-11d8-be73-000a95be3b12} [2011.01.26 11:36:40 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\0elrfldo.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} [2011.03.03 15:15:31 | 000,000,000 | ---D | M] (Extended Statusbar) -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\0elrfldo.default\extensions\{daf44bf7-a45e-4450-979c-91cf07434c3d} [2011.03.14 15:58:11 | 000,000,000 | ---D | M] (User Agent Switcher) -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\0elrfldo.default\extensions\{e968fc70-8f95-4ab9-9e79-304de2a71ee1} [2011.01.30 03:35:38 | 000,000,000 | ---D | M] (Fast Youtube Downloader) -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\0elrfldo.default\extensions\fastYoutubeDownloader@yevgenyandrov.net [2011.03.03 15:15:37 | 000,000,000 | ---D | M] (Firebug) -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\0elrfldo.default\extensions\firebug@software.joehewitt.com [2011.03.07 14:32:53 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions [2010.05.18 06:57:53 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} [2010.09.27 08:23:52 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} [2010.10.25 08:04:09 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} [2011.01.06 17:22:37 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} [2011.03.07 14:32:53 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} [2011.02.02 21:40:24 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll [2010.10.13 22:15:02 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\amazondotcom-de.xml [2010.10.13 22:15:02 | 000,002,344 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\eBay-de.xml [2010.10.13 22:15:02 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\leo_ende_de.xml [2010.10.13 22:15:02 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\wikipedia-de.xml [2010.10.13 22:15:02 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\yahoo-de.xml Hosts file not found O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited) O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O2 - BHO: (SmartSelect Class) - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O3 - HKCU\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O4:64bit: - HKLM..\Run: [EvtMgr6] C:\Program Files\Logitech\SetPointP\SetPoint.exe (Logitech, Inc.) O4:64bit: - HKLM..\Run: [Logitech Download Assistant] C:\Windows\SysNative\LogiLDA.dll (Logitech, Inc.) O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor) O4 - HKLM..\Run: [] File not found O4 - HKLM..\Run: [Acrobat Assistant 8.0] C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe (Adobe Systems Inc.) O4 - HKLM..\Run: [Adobe Acrobat Speed Launcher] C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [Adobe_ID0ENQBO] C:\Program Files (x86)\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4Tray.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [AdobeCS4ServiceManager] C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH) O4 - HKLM..\Run: [ControlCenter3] C:\Program Files (x86)\Brother\ControlCenter3\brctrcen.exe (Brother Industries, Ltd.) O4 - HKLM..\Run: [JMB36X IDE Setup] C:\Windows\RaidTool\xInsIDE.exe () O4 - HKLM..\Run: [UnlockerAssistant] C:\Program Files (x86)\Unlocker\UnlockerAssistant.exe () O4 - HKLM..\Run: [WinampAgent] C:\Program Files (x86)\Winamp\winampa.exe () O4 - HKCU..\Run: [ABIT uGuruIII] C:\Program Files (x86)\U-ABIT\uGuru\uGuru.exe (abit Computer Corporation) O4 - HKCU..\Run: [AdobeBridge] File not found O4 - HKCU..\Run: [DAEMON Tools Pro Agent] C:\Program Files (x86)\DAEMON Tools Pro\DTProAgent.exe (DT Soft Ltd) O4 - HKCU..\Run: [Eraser RiskMonitor] C:\Program Files (x86)\East-Tec Eraser 2010\Launch.exe () O4 - HKCU..\Run: [PureSync] C:\Program Files (x86)\PureSync\PureSyncTray.exe (Jumping Bytes) O4 - HKCU..\Run: [SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.) O4 - HKCU..\Run: [SUPERAntiSpyware] C:\Programme\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware.com) O4 - Startup: C:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\***\AppData\Roaming\Dropbox\bin\Dropbox.exe () O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O8:64bit: - Extra context menu item: An vorhandene PDF-Datei anfügen - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O8:64bit: - Extra context menu item: In Adobe PDF konvertieren - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O8:64bit: - Extra context menu item: Linkziel an vorhandene PDF-Datei anhängen - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O8:64bit: - Extra context menu item: Linkziel in Adobe PDF konvertieren - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O8 - Extra context menu item: An vorhandene PDF-Datei anfügen - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O8 - Extra context menu item: In Adobe PDF konvertieren - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O8 - Extra context menu item: Linkziel an vorhandene PDF-Datei anhängen - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O8 - Extra context menu item: Linkziel in Adobe PDF konvertieren - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O9 - Extra Button: Fiddler2 - {CF819DA3-9882-4944-ADF5-6EF17ECF3C6E} - C:\Program Files (x86)\Fiddler2\Fiddler.exe (Eric Lawrence) O9 - Extra 'Tools' menuitem : Fiddler2 - {CF819DA3-9882-4944-ADF5-6EF17ECF3C6E} - C:\Program Files (x86)\Fiddler2\Fiddler.exe (Eric Lawrence) O9 - Extra 'Tools' menuitem : Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited) O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira GmbH) O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira GmbH) O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira GmbH) O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira GmbH) O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira GmbH) O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira GmbH) O13 - gopher Prefix: missing O13 - gopher Prefix: missing O15 - HKCU\..Trusted Domains: microsoft.com ([]* in Vertrauenswürdige Sites) O15 - HKCU\..Trusted Domains: microsoft.com ([*.update] * in Vertrauenswürdige Sites) O15 - HKCU\..Trusted Domains: microsoft.com ([*.windowsupdate] * in Vertrauenswürdige Sites) O15 - HKCU\..Trusted Domains: windowsupdate.com ([]* in Vertrauenswürdige Sites) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24) O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1 O18:64bit: - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found O18:64bit: - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found O18:64bit: - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found O18:64bit: - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found O18:64bit: - Protocol\Handler\msdaipp - No CLSID value found O18:64bit: - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found O18:64bit: - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found O18:64bit: - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - Reg Error: Key error. File not found O18:64bit: - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Reg Error: Key error. File not found O18:64bit: - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - Reg Error: Key error. File not found O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies) O18:64bit: - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - Reg Error: Key error. File not found O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20:64bit: - Winlogon\Notify\LBTWlgn: DllName - Reg Error: Key error. - c:\Programme\Common Files\LogiShrd\Bluetooth\LBTWLgn.dll (Logitech, Inc.) O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found. O32 - HKLM CDRom: AutoRun - 1 O33 - MountPoints2\{6217b6b2-2a3b-11df-8a5e-00508db62f41}\Shell - "" = AutoRun O33 - MountPoints2\{6217b6b2-2a3b-11df-8a5e-00508db62f41}\Shell\AutoRun\command - "" = H:\autorun.exe O33 - MountPoints2\{6217b6b2-2a3b-11df-8a5e-00508db62f41}\Shell\readit\command - "" = notepad readme.doc O33 - MountPoints2\{63531cb4-c26a-11de-a5ea-00508db62f41}\Shell - "" = AutoRun O33 - MountPoints2\{63531cb4-c26a-11de-a5ea-00508db62f41}\Shell\AutoRun\command - "" = F:\start.exe O33 - MountPoints2\{784c1862-00ac-11d6-a2b7-00221589f0c0}\Shell - "" = AutoRun O33 - MountPoints2\{784c1862-00ac-11d6-a2b7-00221589f0c0}\Shell\AutoRun\command - "" = G:\setup_vmc_lite.exe /checkApplicationPresence O33 - MountPoints2\{784c1864-00ac-11d6-a2b7-00221589f0c0}\Shell - "" = AutoRun O33 - MountPoints2\{784c1864-00ac-11d6-a2b7-00221589f0c0}\Shell\AutoRun\command - "" = G:\setup_vmc_lite.exe /checkApplicationPresence O33 - MountPoints2\{870ca3ca-cbc8-11de-a6d3-00508db62f41}\Shell - "" = AutoRun O33 - MountPoints2\{870ca3ca-cbc8-11de-a6d3-00508db62f41}\Shell\AutoRun\command - "" = F:\autorun.exe O33 - MountPoints2\{870ca3ca-cbc8-11de-a6d3-00508db62f41}\Shell\readit\command - "" = notepad readme.doc O33 - MountPoints2\{9c18263b-f45e-11de-90c7-00508db62f41}\Shell - "" = AutoRun O33 - MountPoints2\{9c18263b-f45e-11de-90c7-00508db62f41}\Shell\AutoRun\command - "" = H:\autorun.exe O33 - MountPoints2\{ec35086f-009d-11d6-b919-f5dcbdbe7440}\Shell - "" = AutoRun O33 - MountPoints2\{ec35086f-009d-11d6-b919-f5dcbdbe7440}\Shell\AutoRun\command - "" = G:\setup_vmc_lite.exe /checkApplicationPresence O33 - MountPoints2\{ec350876-009d-11d6-b919-f5dcbdbe7440}\Shell - "" = AutoRun O33 - MountPoints2\{ec350876-009d-11d6-b919-f5dcbdbe7440}\Shell\AutoRun\command - "" = G:\setup_vmc_lite.exe /checkApplicationPresence O33 - MountPoints2\{f1fffbd1-00a1-11d6-aa59-00221589f0c0}\Shell - "" = AutoRun O33 - MountPoints2\{f1fffbd1-00a1-11d6-aa59-00221589f0c0}\Shell\AutoRun\command - "" = I:\setup_vmc_lite.exe /checkApplicationPresence O33 - MountPoints2\{f1fffbd3-00a1-11d6-aa59-00221589f0c0}\Shell - "" = AutoRun O33 - MountPoints2\{f1fffbd3-00a1-11d6-aa59-00221589f0c0}\Shell\AutoRun\command - "" = G:\setup_vmc_lite.exe /checkApplicationPresence O33 - MountPoints2\G\Shell - "" = AutoRun O33 - MountPoints2\G\Shell\AutoRun\command - "" = G:\LaunchU3.exe -a O33 - MountPoints2\I\Shell - "" = AutoRun O33 - MountPoints2\I\Shell\AutoRun\command - "" = I:\setup_vmc_lite.exe /checkApplicationPresence O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* ========== Files/Folders - Created Within 180 Days ========== [2011.03.25 11:39:21 | 000,000,000 | ---D | C] -- C:\ProgramData\SUPERAntiSpyware.com [2011.03.25 11:39:20 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\SUPERAntiSpyware.com [2011.03.25 11:38:58 | 000,000,000 | ---D | C] -- C:\ProgramData\!SASCORE [2011.03.25 11:38:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programme\SUPERAntiSpyware [2011.03.25 11:38:55 | 000,000,000 | ---D | C] -- C:\Programme\SUPERAntiSpyware [2011.03.25 09:55:14 | 000,580,608 | ---- | C] (OldTimer Tools) -- C:\Users\***\Desktop\OTL.exe [2011.03.25 08:30:25 | 000,024,416 | R--- | C] (Adobe Systems Inc.) -- C:\Windows\SysNative\AdobePDFUI.dll [2011.03.18 19:22:46 | 000,000,000 | ---D | C] -- C:\Programme\Recuva [2011.03.18 19:19:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programme\PC Inspector File Recovery [2011.03.18 19:19:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PC Inspector File Recovery [2011.03.16 19:48:53 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys [2011.03.16 19:48:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programme\Malwarebytes' Anti-Malware [2011.03.15 08:45:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programme\Microsoft Office [2011.03.15 08:45:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft ActiveSync [2011.03.15 08:45:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DESIGNER [2011.03.15 08:45:22 | 000,000,000 | ---D | C] -- C:\Windows\PCHEALTH [2011.03.09 09:27:42 | 001,074,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\DWrite.dll [2011.03.09 09:27:41 | 001,540,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\DWrite.dll [2011.03.09 09:27:41 | 000,902,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d2d1.dll [2011.03.09 09:27:41 | 000,739,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d2d1.dll [2011.03.09 09:27:40 | 000,961,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\CPFilters.dll [2011.03.09 09:27:40 | 000,723,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\EncDec.dll [2011.03.09 09:27:40 | 000,642,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\CPFilters.dll [2011.03.09 09:27:39 | 001,118,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sbe.dll [2011.03.09 09:27:39 | 000,850,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\sbe.dll [2011.03.09 09:27:39 | 000,534,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\EncDec.dll [2011.03.09 09:27:39 | 000,259,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mpg2splt.ax [2011.03.09 09:27:39 | 000,199,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mpg2splt.ax [2011.03.09 09:27:37 | 003,138,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mstscax.dll [2011.03.09 09:27:37 | 002,690,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mstscax.dll [2011.03.09 09:27:37 | 001,097,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mstsc.exe [2011.03.09 09:27:37 | 001,034,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mstsc.exe [2011.03.07 14:33:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java [2011.03.07 14:32:52 | 000,157,472 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaws.exe [2011.03.07 14:32:52 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaw.exe [2011.03.07 14:32:52 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\java.exe [2011.03.05 12:17:59 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\vlc [2011.03.05 12:17:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programme\VideoLAN [2011.03.03 10:48:02 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\Jumping Bytes [2011.03.03 10:47:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programme\PureSync [2011.03.03 10:47:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PureSync [2011.03.03 10:47:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Jumping Bytes [2011.03.01 00:05:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PostgreSQL [2011.03.01 00:01:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programme\PokerTracker 3 [2011.02.28 12:54:17 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\Luxology [2011.02.28 12:52:27 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\MAXON [2011.02.26 18:17:20 | 000,000,000 | ---D | C] -- C:\Users\***\Desktop\100NIKON [2011.02.23 19:42:21 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\Thunderbird [2011.02.23 19:42:21 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Local\Thunderbird [2011.02.23 19:42:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Thunderbird [2011.02.23 08:00:41 | 000,662,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsPrint.dll [2011.02.23 08:00:41 | 000,475,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsGdiConverter.dll [2011.02.23 08:00:41 | 000,442,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsPrint.dll [2011.02.23 08:00:41 | 000,288,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsGdiConverter.dll [2011.02.19 16:32:06 | 000,000,000 | ---D | C] -- C:\Users\***\Desktop\dd 19.02.2011 [2011.02.16 21:16:28 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Local\Zattoo [2011.02.16 21:16:24 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Zattoo4 [2011.02.16 21:16:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programme\Zattoo4 [2011.02.16 21:16:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Zattoo4 [2011.02.13 18:07:55 | 000,000,000 | ---D | C] -- C:\Users\Public\Desktop\BlastFM.ch - dub it up - by smartdynamic.ch [2011.02.10 07:52:51 | 000,599,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeeds.dll [2011.02.10 07:52:50 | 000,703,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll [2011.02.10 07:52:50 | 000,482,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec [2011.02.10 07:52:50 | 000,386,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec [2011.02.10 07:52:50 | 000,256,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll [2011.02.10 07:52:50 | 000,185,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll [2011.02.10 07:52:50 | 000,097,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll [2011.02.10 07:52:50 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll [2011.02.10 07:52:50 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll [2011.02.10 07:52:50 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll [2011.02.10 07:52:50 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe [2011.02.10 07:52:50 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe [2011.02.10 07:52:32 | 000,264,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\upnp.dll [2011.02.10 07:52:32 | 000,204,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\upnp.dll [2011.02.10 07:52:31 | 000,100,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\davclnt.dll [2011.02.10 07:52:31 | 000,062,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wscapi.dll [2011.02.10 07:52:30 | 000,080,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\davclnt.dll [2011.02.10 07:52:30 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wscapi.dll [2011.02.10 07:52:30 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\slwga.dll [2011.02.10 07:52:30 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\slwga.dll [2011.02.10 07:52:28 | 000,214,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winsrv.dll [2011.02.10 07:52:27 | 000,265,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\dxgmms1.sys [2011.02.10 07:52:26 | 000,144,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cdd.dll [2011.02.10 07:52:25 | 000,852,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll [2011.02.10 07:52:25 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll [2011.02.10 07:52:25 | 000,612,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll [2011.02.10 07:52:23 | 005,510,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe [2011.02.10 07:52:23 | 003,901,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe [2011.02.10 07:52:23 | 001,739,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntdll.dll [2011.02.10 07:52:22 | 003,957,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe [2011.02.10 07:52:22 | 000,366,080 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysNative\atmfd.dll [2011.02.10 07:52:21 | 000,294,400 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\atmfd.dll [2011.02.10 07:52:21 | 000,046,080 | ---- | C] (Adobe Systems) -- C:\Windows\SysNative\atmlib.dll [2011.02.10 07:52:21 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\SysWow64\atmlib.dll [2011.02.04 12:59:09 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\yWorks [2011.01.18 12:20:52 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\XMLmind [2011.01.18 12:20:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programme\XMLmind XML Editor [2011.01.18 12:19:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\XMLmind_XML_Editor [2011.01.12 09:20:37 | 001,837,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10warp.dll [2011.01.12 09:20:37 | 001,170,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3d10warp.dll [2011.01.12 09:20:36 | 004,068,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mf.dll [2011.01.12 09:20:36 | 003,181,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mf.dll [2011.01.12 09:20:36 | 001,888,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WMVDECOD.DLL [2011.01.12 09:20:35 | 001,863,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ExplorerFrame.dll [2011.01.12 09:20:35 | 001,619,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WMVDECOD.DLL [2011.01.12 09:20:35 | 001,495,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ExplorerFrame.dll [2011.01.12 09:20:35 | 000,320,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10_1core.dll [2011.01.12 09:20:35 | 000,257,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfreadwrite.dll [2011.01.12 09:20:35 | 000,229,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsRasterService.dll [2011.01.12 09:20:35 | 000,218,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3d10_1core.dll [2011.01.12 09:20:35 | 000,206,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfps.dll [2011.01.12 09:20:35 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10_1.dll [2011.01.12 09:20:35 | 000,196,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfreadwrite.dll [2011.01.12 09:20:35 | 000,135,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsRasterService.dll [2011.01.12 09:20:34 | 000,161,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3d10_1.dll [2011.01.12 09:20:31 | 000,720,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\odbc32.dll [2011.01.12 09:20:31 | 000,573,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbc32.dll [2011.01.06 17:09:19 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\IETester [2011.01.06 17:09:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Core Services [2011.01.06 13:27:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Logitech [2011.01.06 13:27:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\LogiShrd [2011.01.06 13:27:38 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\Leadertech [2011.01.06 13:27:28 | 000,018,960 | ---- | C] (Logitech, Inc.) -- C:\Windows\SysNative\drivers\LNonPnP.sys [2011.01.06 13:27:00 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\LogiShrd [2011.01.06 13:26:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programme\Logitech [2011.01.06 13:26:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Logishrd [2011.01.06 13:26:53 | 000,000,000 | ---D | C] -- C:\Programme\Logitech [2011.01.06 13:26:19 | 000,000,000 | ---D | C] -- C:\Programme\Common Files\LogiShrd [2011.01.06 13:26:13 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\Logitech [2011.01.06 13:26:13 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\Logishrd [2011.01.05 19:36:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programme\Rechnungsverwaltung [2011.01.05 19:36:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Olympsoft [2011.01.05 19:35:47 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\GetRightToGo [2011.01.04 17:19:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programme\Skype [2011.01.04 17:19:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype [2010.12.16 13:28:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programme\CCleaner [2010.12.16 13:28:50 | 000,000,000 | ---D | C] -- C:\Programme\CCleaner [2010.12.15 11:45:53 | 001,169,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\taskschd.dll [2010.12.15 11:45:53 | 000,524,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmicmiplugin.dll [2010.12.15 11:45:53 | 000,496,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\taskschd.dll [2010.12.15 11:45:53 | 000,473,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\taskcomp.dll [2010.12.15 11:45:53 | 000,464,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\taskeng.exe [2010.12.15 11:45:53 | 000,305,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\taskcomp.dll [2010.12.15 11:45:53 | 000,285,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\schtasks.exe [2010.12.15 11:45:53 | 000,179,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\schtasks.exe [2010.12.15 11:45:43 | 000,395,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\webio.dll [2010.12.15 11:45:43 | 000,314,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\webio.dll [2010.12.15 11:45:43 | 000,112,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\consent.exe [2010.12.15 11:45:38 | 000,247,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll [2010.12.15 11:45:38 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll [2010.12.14 13:00:13 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Local\Frameworkx.com [2010.12.14 12:57:53 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Frameworkx [2010.12.14 12:57:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Frameworkx [2010.12.10 13:35:33 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA Corporation [2010.12.10 13:35:22 | 000,000,000 | ---D | C] -- C:\Programme\NVIDIA Corporation [2010.12.09 12:05:07 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\PC-FAX TX [2010.12.08 12:43:26 | 000,000,000 | ---D | C] -- C:\Downloads [2010.12.08 03:29:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programme\Active@ UNERASER Demo [2010.12.08 03:28:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Active Data Recovery Software [2010.12.07 23:59:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Convar [2010.12.06 10:01:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programme\PuTTY [2010.12.06 10:01:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PuTTY [2010.11.25 19:45:01 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\TikGames [2010.11.25 19:44:54 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\Zylom [2010.11.25 19:44:51 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Local\Zylom Games [2010.11.25 19:37:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\directx [2010.11.18 23:06:02 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Local\Microsoft Help [2010.11.18 23:05:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft Help [2010.11.10 20:27:13 | 000,000,000 | ---D | C] -- C:\CadiaFakturaFreeware [2010.11.10 19:58:09 | 000,000,000 | ---D | C] -- C:\Users\***\Documents\ProSaldo [2010.11.10 19:57:34 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Local\ProSaldo [2010.11.03 21:50:28 | 001,580,368 | ---- | C] (Logitech, Inc.) -- C:\Windows\SysNative\LogiLDA.DLL [2010.10.30 15:52:53 | 000,000,000 | ---D | C] -- C:\Programme\Microsoft Sync Framework [2010.10.28 10:43:22 | 000,611,872 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RTSnMg64.cpl [2010.10.28 10:43:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Realtek [2010.10.28 10:43:19 | 000,831,488 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\RtlExUpd.dll [2010.10.28 10:41:57 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Local\ElevatedDiagnostics [2010.10.27 12:13:26 | 000,552,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msdri.dll [2010.10.27 12:13:26 | 000,288,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MSNP.ax [2010.10.27 12:13:26 | 000,204,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MSNP.ax [2010.10.27 12:13:20 | 000,027,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\Diskdump.sys [2010.10.20 16:19:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programme\AV Bros. Page Curl Pro 2.0 [2010.10.19 13:51:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Universal SQL Editor [2010.10.19 13:36:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programme\Database Viewer-Editor [2010.10.19 13:02:24 | 000,000,000 | ---D | C] -- C:\Users\***\Documents\Visual Studio 2008 [2010.10.18 19:59:19 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\Moyea [2010.10.18 19:59:19 | 000,000,000 | ---D | C] -- C:\Users\***\Documents\Leawo [2010.10.18 19:59:12 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\Leawo [2010.10.18 19:59:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programme\K-Lite Codec Pack [2010.10.18 19:59:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\K-Lite Codec Pack [2010.10.18 19:58:48 | 000,606,208 | ---- | C] (hxxp://www.xvid.org) -- C:\Windows\SysWow64\xvidcore.dll [2010.10.18 19:58:48 | 000,139,264 | ---- | C] (hxxp://www.xvid.org) -- C:\Windows\SysWow64\xvid.ax [2010.10.18 19:58:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programme\Moyea [2010.10.18 19:58:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Moyea [2010.10.18 19:46:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\SWF Studio [2010.10.18 19:46:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programme\Riva [2010.10.18 19:46:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Riva [2010.10.14 19:46:58 | 000,148,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\t2embed.dll [2010.10.14 19:46:58 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\t2embed.dll [2010.10.14 19:46:57 | 002,085,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ole32.dll [2010.10.14 19:46:50 | 000,483,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\StructuredQuery.dll [2010.10.14 19:46:44 | 000,633,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\comctl32.dll [2010.10.14 19:46:42 | 001,024,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmpmde.dll [2010.10.14 19:46:42 | 000,738,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmpmde.dll [2010.10.14 19:46:41 | 000,954,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc40.dll [2010.10.14 19:46:41 | 000,954,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc40u.dll [2010.10.14 19:46:12 | 014,627,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmp.dll [2010.10.14 19:46:11 | 011,406,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmp.dll [2010.10.14 19:46:10 | 012,625,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmploc.DLL [2010.10.14 19:46:09 | 012,625,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmploc.DLL [2010.10.14 19:45:55 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\sscore.dll [2010.10.14 10:03:42 | 000,000,000 | ---D | C] -- C:\_AcroTemp [2010.10.08 14:11:01 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\skypePM [2010.10.08 14:07:22 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\Skype [2010.10.08 14:07:10 | 000,000,000 | R--D | C] -- C:\Program Files (x86)\Skype [2010.10.08 14:07:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Skype [2010.10.05 19:44:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\LSoft Technologies [2010.10.05 19:44:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programme\Active@ ISO Burner ========== Files - Modified Within 180 Days ========== [2011.03.25 19:23:00 | 000,001,134 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-681877900-919319930-2659170955-1000UA.job [2011.03.25 17:12:32 | 000,014,640 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2011.03.25 17:12:32 | 000,014,640 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2011.03.25 17:05:06 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2011.03.25 17:05:00 | 3220,037,632 | -HS- | M] () -- C:\hiberfil.sys [2011.03.25 14:39:39 | 000,249,477 | ---- | M] () -- C:\Users\***\Desktop\anleitung_web.pdf [2011.03.25 14:37:36 | 003,466,217 | ---- | M] () -- C:\Users\***\Desktop\anleitung.pdf [2011.03.25 12:23:03 | 000,001,082 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-681877900-919319930-2659170955-1000Core.job [2011.03.25 11:44:33 | 001,612,698 | ---- | M] () -- C:\Users\***\Desktop\ts.pdf [2011.03.25 11:38:57 | 000,001,808 | ---- | M] () -- C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk [2011.03.25 09:13:26 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\***\Desktop\OTL.exe [2011.03.25 08:26:33 | 003,596,320 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT [2011.03.24 15:14:34 | 001,492,188 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2011.03.24 15:14:34 | 000,653,648 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat [2011.03.24 15:14:34 | 000,614,500 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2011.03.24 15:14:34 | 000,129,448 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat [2011.03.24 15:14:34 | 000,105,742 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2011.03.18 19:22:47 | 000,001,658 | ---- | M] () -- C:\Users\Public\Desktop\Recuva.lnk [2011.03.18 19:19:04 | 000,001,858 | ---- | M] () -- C:\Users\Public\Desktop\PC Inspector File Recovery.lnk [2011.03.16 19:48:53 | 000,001,069 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk [2011.03.15 08:46:06 | 000,000,376 | ---- | M] () -- C:\Windows\ODBC.INI [2011.03.14 12:58:59 | 000,019,456 | ---- | M] () -- C:\Users\***\AppData\Local\WebpageIcons.db [2011.03.01 00:01:15 | 000,004,997 | ---- | M] () -- C:\ProgramData\bltofzsb.qlf [2011.02.28 12:54:08 | 000,000,541 | ---- | M] () -- C:\Users\***\.lmmsrc.xml [2011.02.19 07:37:10 | 001,540,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\DWrite.dll [2011.02.19 07:36:49 | 000,902,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\d2d1.dll [2011.02.19 06:32:48 | 001,074,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\DWrite.dll [2011.02.19 06:32:35 | 000,739,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\d2d1.dll [2011.02.16 21:16:24 | 000,001,828 | ---- | M] () -- C:\Users\***\Desktop\Zattoo.lnk [2011.02.11 18:10:30 | 000,000,920 | ---- | M] () -- C:\Users\***\Desktop\Dropbox.lnk [2011.02.02 21:40:39 | 000,157,472 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaws.exe [2011.02.02 21:40:38 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaw.exe [2011.02.02 21:40:36 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\java.exe [2011.02.02 21:40:23 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\deployJava1.dll [2011.01.26 07:53:10 | 000,265,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\dxgmms1.sys [2011.01.26 07:31:20 | 000,144,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\cdd.dll [2011.01.12 11:33:49 | 000,018,960 | ---- | M] (Logitech, Inc.) -- C:\Windows\SysNative\drivers\LNonPnP.sys [2011.01.07 09:07:24 | 000,662,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\XpsPrint.dll [2011.01.07 09:07:24 | 000,475,648 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\XpsGdiConverter.dll [2011.01.07 09:06:50 | 000,046,080 | ---- | M] (Adobe Systems) -- C:\Windows\SysNative\atmlib.dll [2011.01.07 08:31:10 | 000,442,880 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsPrint.dll [2011.01.07 08:31:10 | 000,288,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsGdiConverter.dll [2011.01.07 08:27:11 | 000,034,304 | ---- | M] (Adobe Systems) -- C:\Windows\SysWow64\atmlib.dll [2011.01.07 06:49:20 | 000,366,080 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysNative\atmfd.dll [2011.01.07 06:33:11 | 000,294,400 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\atmfd.dll [2011.01.05 19:36:13 | 000,001,131 | ---- | M] () -- C:\Users\***\Desktop\Rechnungsverwaltung.lnk [2011.01.05 11:55:24 | 000,868,123 | ---- | M] () -- C:\Users\***\Desktop\microsite-doku.pdf [2011.01.05 07:20:30 | 000,612,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll [2011.01.05 07:16:55 | 000,852,480 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll [2011.01.05 06:34:32 | 000,716,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll [2010.12.23 07:07:50 | 001,118,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\sbe.dll [2010.12.23 07:07:49 | 000,961,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\CPFilters.dll [2010.12.23 07:07:49 | 000,723,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\EncDec.dll [2010.12.23 07:02:33 | 000,259,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mpg2splt.ax [2010.12.23 06:28:29 | 000,850,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\sbe.dll [2010.12.23 06:28:28 | 000,642,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\CPFilters.dll [2010.12.23 06:28:28 | 000,534,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\EncDec.dll [2010.12.23 06:24:02 | 000,199,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mpg2splt.ax [2010.12.21 07:16:27 | 000,062,976 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wscapi.dll [2010.12.21 07:16:16 | 000,214,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\winsrv.dll [2010.12.21 07:15:55 | 000,264,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\upnp.dll [2010.12.21 07:15:31 | 000,015,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\slwga.dll [2010.12.21 07:10:22 | 000,100,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\davclnt.dll [2010.12.21 06:38:24 | 000,051,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\wscapi.dll [2010.12.21 06:38:19 | 000,204,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\upnp.dll [2010.12.21 06:38:16 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\slwga.dll [2010.12.21 06:34:12 | 000,080,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\davclnt.dll [2010.12.20 18:09:00 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys [2010.12.20 18:08:40 | 000,024,152 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys [2010.12.18 07:12:28 | 003,138,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mstscax.dll [2010.12.18 07:12:18 | 000,097,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll [2010.12.18 07:12:14 | 000,703,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll [2010.12.18 07:11:41 | 000,057,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll [2010.12.18 07:11:16 | 000,256,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll [2010.12.18 07:08:15 | 001,097,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mstsc.exe [2010.12.18 07:08:11 | 000,012,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe [2010.12.18 06:30:20 | 002,690,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mstscax.dll [2010.12.18 06:30:10 | 000,067,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll [2010.12.18 06:30:07 | 000,599,040 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeeds.dll [2010.12.18 06:29:40 | 000,044,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll [2010.12.18 06:29:18 | 000,185,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll [2010.12.18 06:26:55 | 001,034,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mstsc.exe [2010.12.18 06:26:52 | 000,012,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe [2010.12.18 05:55:03 | 000,482,816 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec [2010.12.18 05:20:55 | 000,386,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec [2010.12.16 13:28:51 | 000,000,822 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk [2010.12.14 12:57:53 | 000,003,095 | ---- | M] () -- C:\Users\***\Desktop\Shortcut Manager.lnk [2010.12.14 12:39:45 | 000,001,484 | ---- | M] () -- C:\Users\***\Desktop\Downs.lnk [2010.12.09 12:05:41 | 000,000,808 | ---- | M] () -- C:\Windows\Brpfx04a.ini [2010.12.09 11:17:27 | 000,000,637 | ---- | M] () -- C:\Users\***\Desktop\Work.lnk [2010.12.09 01:22:30 | 000,000,466 | ---- | M] () -- C:\Users\***\Desktop\Zeug.lnk [2010.12.09 01:22:27 | 000,000,466 | ---- | M] () -- C:\Users\***\Desktop\Data.lnk [2010.12.09 00:29:00 | 000,001,062 | ---- | M] () -- C:\Users\***\Desktop\EVEREST Home Edition.lnk [2010.12.06 11:12:47 | 000,000,600 | ---- | M] () -- C:\Users\***\AppData\Local\PUTTY.RND [2010.11.25 19:36:26 | 000,000,000 | ---- | M] () -- C:\Windows\PowerReg.dat [2010.11.22 12:51:16 | 000,083,120 | ---- | M] (Avira GmbH) -- C:\Windows\SysNative\drivers\avgntflt.sys [2010.11.04 07:31:15 | 000,247,808 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll [2010.11.04 06:48:19 | 000,176,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll [2010.11.03 21:50:28 | 001,580,368 | ---- | M] (Logitech, Inc.) -- C:\Windows\SysNative\LogiLDA.DLL [2010.11.02 06:18:59 | 000,229,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\XpsRasterService.dll [2010.11.02 06:18:17 | 000,524,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wmicmiplugin.dll [2010.11.02 06:17:38 | 001,169,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\taskschd.dll [2010.11.02 06:17:38 | 000,473,600 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\taskcomp.dll [2010.11.02 06:12:08 | 001,837,568 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10warp.dll [2010.11.02 06:12:07 | 000,320,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10_1core.dll [2010.11.02 06:12:06 | 000,197,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10_1.dll [2010.11.02 06:10:47 | 000,464,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\taskeng.exe [2010.11.02 06:10:32 | 000,285,696 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\schtasks.exe [2010.11.02 05:41:36 | 000,135,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsRasterService.dll [2010.11.02 05:40:36 | 000,496,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\taskschd.dll [2010.11.02 05:40:36 | 000,305,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\taskcomp.dll [2010.11.02 05:35:35 | 001,170,944 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\d3d10warp.dll [2010.11.02 05:35:34 | 000,218,624 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\d3d10_1core.dll [2010.11.02 05:35:34 | 000,161,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\d3d10_1.dll [2010.11.02 05:34:33 | 000,179,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\schtasks.exe [2010.10.30 14:28:57 | 001,003,520 | ---- | M] () -- C:\Users\***\AppData\Local\filesync.metadata [2010.10.29 07:58:47 | 000,000,432 | ---- | M] () -- C:\Windows\BRWMARK.INI [2010.10.27 06:18:36 | 005,510,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe [2010.10.27 06:16:01 | 001,739,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ntdll.dll [2010.10.27 05:43:38 | 003,901,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe [2010.10.27 05:43:37 | 003,957,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe [2010.10.19 14:00:06 | 000,286,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\Setup1.exe [2010.10.19 14:00:05 | 000,073,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\ST6UNST.EXE [2010.10.18 19:58:48 | 000,001,057 | ---- | M] () -- C:\Users\Public\Desktop\Moyea Video4Web Converter.lnk [2010.10.16 06:23:13 | 000,112,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\consent.exe [2010.10.16 06:19:41 | 000,395,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\webio.dll [2010.10.16 06:17:44 | 000,720,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\odbc32.dll [2010.10.16 05:36:10 | 000,314,368 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\webio.dll [2010.10.16 05:34:37 | 000,573,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\odbc32.dll [2010.10.08 14:11:02 | 000,000,056 | -H-- | M] () -- C:\ProgramData\ezsidmv.dat [2010.10.05 19:44:45 | 000,834,544 | ---- | M] () -- C:\Windows\SysNative\drivers\sptd.sys [2010.09.29 11:55:05 | 000,346,890 | ---- | M] () -- C:\Users\***\Documents\backup-2010-09-28_11-30-38.sql ========== Files Created - No Company Name ========== [2011.03.25 11:38:57 | 000,001,808 | ---- | C] () -- C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk [2011.03.18 19:22:47 | 000,001,658 | ---- | C] () -- C:\Users\Public\Desktop\Recuva.lnk [2011.03.18 19:19:05 | 000,006,200 | ---- | C] () -- C:\Windows\SysWow64\INT13EXT.VXD [2011.03.18 19:19:04 | 000,001,858 | ---- | C] () -- C:\Users\Public\Desktop\PC Inspector File Recovery.lnk [2011.03.16 19:48:53 | 000,001,069 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk [2011.03.01 14:55:58 | 000,001,598 | ---- | C] () -- C:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Online Poker Bot.lnk [2011.03.01 00:01:15 | 000,004,997 | ---- | C] () -- C:\ProgramData\bltofzsb.qlf [2011.02.28 12:54:08 | 000,000,541 | ---- | C] () -- C:\Users\***\.lmmsrc.xml [2011.02.16 21:16:27 | 000,019,456 | ---- | C] () -- C:\Users\***\AppData\Local\WebpageIcons.db [2011.02.16 21:16:24 | 000,001,828 | ---- | C] () -- C:\Users\***\Desktop\Zattoo.lnk [2011.02.11 18:10:32 | 000,000,920 | ---- | C] () -- C:\Users\***\Desktop\Dropbox.lnk [2011.02.03 20:49:43 | 000,001,801 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk [2011.01.05 19:36:13 | 000,001,131 | ---- | C] () -- C:\Users\***\Desktop\Rechnungsverwaltung.lnk [2011.01.05 11:55:12 | 000,868,123 | ---- | C] () -- C:\Users\***\Desktop\microsite-doku.pdf [2010.12.16 13:28:51 | 000,000,822 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk [2010.12.14 12:57:53 | 000,003,095 | ---- | C] () -- C:\Users\***\Desktop\Shortcut Manager.lnk [2010.12.14 12:38:56 | 000,001,484 | ---- | C] () -- C:\Users\***\Desktop\Downs.lnk [2010.12.09 11:17:29 | 000,000,637 | ---- | C] () -- C:\Users\***\Desktop\Work.lnk [2010.12.09 01:22:30 | 000,000,466 | ---- | C] () -- C:\Users\***\Desktop\Zeug.lnk [2010.12.09 01:22:27 | 000,000,466 | ---- | C] () -- C:\Users\***\Desktop\Data.lnk [2010.12.06 10:07:23 | 000,000,600 | ---- | C] () -- C:\Users\***\AppData\Local\PUTTY.RND [2010.11.25 19:36:26 | 000,000,000 | ---- | C] () -- C:\Windows\PowerReg.dat [2010.10.18 19:59:08 | 000,165,376 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll [2010.10.18 19:58:48 | 000,001,057 | ---- | C] () -- C:\Users\Public\Desktop\Moyea Video4Web Converter.lnk [2010.10.08 14:11:02 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat [2010.06.03 15:00:16 | 001,591,958 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI [2010.03.28 14:11:04 | 000,027,648 | ---- | C] () -- C:\Windows\SysWow64\AVSredirect.dll [2010.03.16 03:13:42 | 000,007,599 | ---- | C] () -- C:\Users\***\AppData\Local\Resmon.ResmonCfg [2010.02.13 10:22:18 | 000,131,072 | ---- | C] () -- C:\Windows\SysWow64\msnscmoad.dll [2010.01.19 14:23:34 | 001,003,520 | ---- | C] () -- C:\Users\***\AppData\Local\filesync.metadata [2010.01.01 20:36:57 | 000,021,840 | ---- | C] () -- C:\Windows\SysWow64\SIntfNT.dll [2010.01.01 20:36:57 | 000,017,212 | ---- | C] () -- C:\Windows\SysWow64\SIntf32.dll [2010.01.01 20:36:57 | 000,012,067 | ---- | C] () -- C:\Windows\SysWow64\SIntf16.dll [2009.10.28 19:35:09 | 000,000,432 | ---- | C] () -- C:\Windows\BRWMARK.INI [2009.10.28 19:35:08 | 000,000,034 | ---- | C] () -- C:\Windows\SysWow64\BD7840W.DAT [2009.10.28 19:28:25 | 000,000,808 | ---- | C] () -- C:\Windows\Brpfx04a.ini [2009.10.28 19:28:25 | 000,000,093 | ---- | C] () -- C:\Windows\brpcfx.ini [2009.10.28 19:22:38 | 000,045,056 | ---- | C] () -- C:\Windows\SysWow64\BRTCPCON.DLL [2009.10.28 19:22:38 | 000,000,114 | ---- | C] () -- C:\Windows\SysWow64\BRLMW03A.INI [2009.10.28 19:22:36 | 000,000,000 | ---- | C] () -- C:\Windows\brdfxspd.dat [2009.10.28 19:22:35 | 000,000,066 | ---- | C] () -- C:\Windows\Brfaxrx.ini [2009.10.28 19:22:33 | 000,106,496 | ---- | C] () -- C:\Windows\SysWow64\BrMuSNMP.dll [2009.10.27 18:34:16 | 000,000,376 | ---- | C] () -- C:\Windows\ODBC.INI [2009.07.14 06:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat [2009.07.14 03:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT [2009.07.14 03:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat [2009.07.14 01:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin [2009.07.14 00:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll [2009.07.13 22:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll [2009.06.10 22:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat [2008.11.30 15:35:37 | 000,009,849 | ---- | C] () -- C:\Windows\SysWow64\mswsnmoae.dll [2005.07.12 14:44:42 | 000,015,872 | ---- | C] () -- C:\Windows\SysWow64\InsDrvZD64.DLL [2004.03.23 16:38:00 | 000,028,672 | ---- | C] () -- C:\Windows\SysWow64\InsDrvZD.dll [2003.03.14 12:24:00 | 000,024,576 | ---- | C] () -- C:\Windows\SysWow64\ZyDelReg.exe [2003.01.07 16:05:08 | 000,002,695 | ---- | C] () -- C:\Windows\SysWow64\OUTLPERF.INI ========== Alternate Data Streams ========== @Alternate Data Stream - 213 bytes -> C:\ProgramData\TEMP:8927A071 @Alternate Data Stream - 176 bytes -> C:\ProgramData\TEMP:C97C8631 @Alternate Data Stream - 132 bytes -> C:\ProgramData\TEMP:ECF54A0E < End of report > Code:
ATTFilter OTL Extras logfile created on: 25.03.2011 19:32:12 - Run 2
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Users\***\Desktop
64bit- An unknown product (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
4,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 57,00% Memory free
8,00 Gb Paging File | 6,00 Gb Available in Paging File | 77,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 78,03 Gb Total Space | 19,68 Gb Free Space | 25,23% Space Free | Partition Type: NTFS
Drive D: | 195,31 Gb Total Space | 129,34 Gb Free Space | 66,22% Space Free | Partition Type: NTFS
Drive E: | 192,31 Gb Total Space | 90,18 Gb Free Space | 46,89% Space Free | Partition Type: NTFS
Computer Name: *** | User Name: *** | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 180 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %* File not found
cmdfile [open] -- "%1" %* File not found
comfile [open] -- "%1" %* File not found
exefile [open] -- "%1" %* File not found
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %* File not found
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1" File not found
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l File not found
scrfile [open] -- "%1" /S File not found
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft)
Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\winamp.exe" /ADD "%1" (Nullsoft)
Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\winamp.exe" "%1" (Nullsoft)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft)
Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\winamp.exe" /ADD "%1" (Nullsoft)
Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\winamp.exe" "%1" (Nullsoft)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
========== Authorized Applications List ==========
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{1374CC63-B520-4f3f-98E8-E9020BF01CFF}" = Windows XP Mode
"{295CFB7C-A57E-4313-93E7-68E7CE1D0332}" = Adobe WinSoft Linguistics Plugin x64
"{2D74E972-5A85-44DC-9193-8A302BA8C181}" = Photoshop Camera Raw_x64
"{3D3E663D-4E7E-4577-A560-7ECDDD45548A}" = PVSonyDll
"{6631325A-9B1B-4EE7-8E64-8CC4A6F10643}" = Adobe Fonts All x64
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{8875A1C0-6308-4790-8CF6-D34E89880052}" = Adobe Linguistics CS4 x64
"{887797BF-37A5-4199-B0C9-0D38D6196E9A}" = Adobe Anchor Service x64 CS4
"{8C8D673B-20FB-43E6-BCB7-9B3F78F2E762}" = Adobe Type Support x64 CS4
"{8DAA31EB-6830-4006-A99F-4DF8AB24714F}" = Adobe CSI CS4 x64
"{90BA8112-80B3-4617-A3C1-BD2771B60F74}" = Adobe CMaps x64 CS4
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{A3454894-144A-4D80-B605-C128FE0D7329}" = Adobe Drive CS4 x64
"{B37A99DD-88E2-4ED0-80B4-1E054AB354BF}" = Adobe InDesign CS4 Icon Handler x64
"{BC4AE628-81A4-4FC6-863A-7A9BA2E2531F}" = Nokia Connectivity Cable Driver
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware
"{D40172D6-CE2D-4B72-BF5F-26A04A900B7B}" = Adobe Photoshop CS4 (64 Bit)
"{DFFABE78-8173-4E97-9C5C-22FB26192FC5}" = Adobe PDF Library Files x64 CS4
"{EE936C7A-EA40-31D5-9B65-8E3E089C3828}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"CCleaner" = CCleaner
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"NVIDIA Display Control Panel" = NVIDIA Display Control Panel
"NVIDIA Drivers" = NVIDIA Drivers
"Recuva" = Recuva
"sp6" = Logitech SetPoint 6.20
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{03CAB33F-D1C2-48C6-8766-DAE84DFC25FE}" = Microsoft Sync Framework Services v1.0 (x86)
"{04830D0F-F980-4EC0-89F1-594F2FD2A1B5}" = ElsterFormular 2008/2009
"{05308C4E-7285-4066-BAE3-6B50DA6ED755}" = Adobe Update Manager CS4
"{054EFA56-2AC1-48F4-A883-0AB89874B972}" = Adobe Extension Manager CS4
"{098727E1-775A-4450-B573-3F441F1CA243}" = kuler
"{098A2A49-7CF3-4F08-A38D-FB879117152A}" = Adobe Color NA Extra Settings CS4
"{0D6013AB-A0C7-41DC-973C-E93129C9A29F}" = Adobe Color JA Extra Settings CS4
"{0DC0E85F-36E4-463B-B3EA-4CD8ED2222A1}" = Adobe Color EU Recommended Settings CS4
"{0DD140D3-9563-481E-AA75-BA457CBDAEF2}" = PC Inspector File Recovery
"{0F022A2E-7022-497D-90A5-0F46746D8275}" = Macromedia Extension Manager
"{0F723FC1-7606-4867-866C-CE80AD292DAF}" = Adobe CSI CS4
"{13F3917B56CD4C25848BDC69916971BB}" = DivX Converter
"{15BF7AAF-846C-4A6D-80E1-5D1FC7FB461B}" = Adobe SGM CS4
"{1618734A-3957-4ADD-8199-F973763109A8}" = Adobe Anchor Service CS4
"{16E16F01-2E2D-4248-A42F-76261C147B6C}" = Adobe Drive CS4
"{16E6D2C1-7C90-4309-8EC4-D2212690AAA4}" = AdobeColorCommonSetRGB
"{18D10072035C4515918F7E37EAFAACFC}" = AutoUpdate
"{1B7C06E1-4888-47A6-992A-0990B9683486}" = Adobe Version Cue CS4 Server
"{1DCA3EAA-6EB5-4563-A970-EA14D75037BA}" = Adobe InDesign CS4
"{1DDB66EE-7EDB-83A6-669E-DA98666DE200}" = Fireworks-AutoBackup
"{1E04CB54-AF4E-4AC3-B4B7-C0A160BE57F1}" = Adobe InDesign CS4 Icon Handler
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{25C571B2-2451-5B3C-726A-9EE6960B1586}" = emCalculator
"{26A24AE4-039D-4CA4-87B4-2F83216016FF}" = Java(TM) 6 Update 24
"{2BAF2B96-7560-48B4-87D4-10178DDBE217}" = Adobe InDesign CS4 Application Feature Set Files (Roman)
"{2BD5C305-1B27-4D41-B690-7A61172D2FEB}" = Macromedia Flash 8
"{30C8AA56-4088-426F-91D1-0EDFD3A25678}" = Adobe Dreamweaver CS4
"{35D94F92-1D3A-43C5-8605-EA268B1A7BD9}" = PDF Settings CS4
"{3A1B5D40-41E9-43FA-8C7B-A8667F5586EF}" = JMicron JMB36X Driver
"{3A4E8896-C2E7-4084-A4A4-B8FD1894E739}" = Adobe XMP Panels CS4
"{3A6829EF-0791-4FDD-9382-C690DD0821B9}" = Adobe Flash Player 10 ActiveX
"{3D2C9DE6-9ADE-4252-A241-E43723B0CE02}" = Adobe Color - Photoshop Specific CS4
"{3DA8DF9A-044E-46C4-8531-DEDBB0EE37FF}" = Adobe WinSoft Linguistics Plugin
"{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}" = eReg
"{3FC7CBBC4C1E11DCA1A752EA55D89593}" = DivX Version Checker
"{428FDF9F-E010-4C4C-A8BB-156960AFCA1C}" = Adobe Fireworks CS4
"{43509E18-076E-40FE-AF38-CA5ED400A5A9}" = Pixel Bender Toolkit
"{46E1B1F2-A279-4356-9B17-029F9CC72EAE}" = MFC-7840W
"{47609E69-4C5E-48B1-A889-24C6B82B5C04}" = Vista Shortcut Manager
"{47C6F987-685A-41AE-B092-E75B277AEE39}" = Adobe Flash CS4 Extension - Flash Lite STI others
"{4943EFF5-229F-435D-BEA9-BE3CAEA783A7}" = Adobe Service Manager Extension
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A52555C-032A-4083-BDD9-6A85ABFB39A8}" = Adobe SING CS4
"{52B97218-98CB-4B8B-9283-D213C85E1AA4}" = Windows Live Anmelde-Assistent
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{60DB5894-B5A1-4B62-B0F3-669A22C0EE5D}" = Adobe Dynamiclink Support
"{63C24A08-70F3-4C8E-B9FB-9F21A903801D}" = Adobe Color Video Profiles CS CS4
"{63E5CDBF-8214-4F03-84F8-CD3CE48639AD}" = Adobe Photoshop CS4 Support
"{67F0E67A-8E93-4C2C-B29D-47C48262738A}" = Adobe Device Central CS4
"{68243FF8-83CA-466B-B2B8-9F99DA5479C4}" = AdobeColorCommonSetCMYK
"{68EB2C37-083A-4303-B5D8-41FA67E50B8F}_is1" = Poedit
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6AFCA4E1-9B78-3640-8F72-A7BF33448200}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{6DED41BC-C9EF-4330-B4E5-46CB2C5C6E2D}" = No23 Recorder
"{6E637484-7ED6-4AA5-BEDC-FD821F64D372}_is1" = Moyea Video4Web Converter Version 3.0.0.1
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{7694E0B1-2332-448B-9235-929F84B41E3F}" = Active@ ISO Burner
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7B63B2922B174135AFC0E1377DD81EC2}" = DivX Codec
"{7CC7BDD5-6F10-4724-96A1-EAC7D9F2831C}" = Adobe InDesign CS4 Common Base Files
"{8186FF34-D389-4B7E-9A2F-C197585BCFBD}" = Adobe Media Encoder CS4 Importer
"{820D3F45-F6EE-4AAF-81EF-CE21FF21D230}" = Adobe Type Support CS4
"{83877DB1-8B77-45BC-AB43-2BAC22E093E0}" = Adobe Bridge CS4
"{842B4B72-9E8F-4962-B3C1-1C422A5C4434}" = Suite Shared Configuration CS4
"{87532CAB-7932-4F84-8937-823337622807}" = Adobe Illustrator CS4
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8ADFC4160D694100B5B8A22DE9DCABD9}" = DivX Player
"{8BF2C401-02CE-424D-BC26-6C4F9FB446B6}" = Macromedia Flash 8 Video Encoder
"{90110409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{90120000-0020-0407-0000-0000000FF1CE}" = Compatibility Pack für 2007 Office System
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{931AB7EA-3656-4BB7-864D-022B09E3DD67}" = Adobe Linguistics CS4
"{94D398EB-D2FD-4FD1-B8C4-592635E8A191}" = Adobe CMaps CS4
"{95120000-003F-0407-0000-0000000FF1CE}" = Microsoft Office Excel Viewer
"{A128921B-D03F-4BFB-8141-C365AA48D660}" = Adobe Setup
"{A2881E09-38DB-4F79-9135-00FDA01768A7}" = Adobe Creative Suite 4 Design Premium
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A6359CCF-215D-43D9-8366-479D231F2A72}" = Belkin Wireless USB Utility
"{A67BB21E-D419-45BB-AB86-7D87D14BBCE2}" = Safari
"{A8BD5A60-E843-46DC-8271-ABF20756BE0F}" = Microsoft Sync Framework Runtime v1.0 (x86)
"{A96E97134CA649888820BCDE5E300BBD}" = H.264 Decoder
"{AAC389499AEF40428987B3D30CFC76C9}" = MKV Splitter
"{AAF4238F-7C29-451D-9925-C753271A5728}" = Microsoft Visual C++ Run Time Lib Setup
"{AC76BA86-1033-F400-7760-000000000004}" = Adobe Acrobat 9 Pro - English, Français, Deutsch
"{AC76BA86-1033-F400-7760-000000000004}_943" = Adobe Acrobat 9.4.3 - CPSID_83708
"{AEF9DC35ADDF4825B049ACBFD1C6EB37}" = AAC Decoder
"{AFDFC350-C142-4790-BE12-8357AECD028F}" = SyncToy 2.0 (x86)
"{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter
"{B29AD377-CC12-490A-A480-1452337C618D}" = Connect
"{B3276CB1-20B6-4AF9-AAEC-E72C83816495}" = IKEA Home Planner
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B480BD2A-F1BA-4FE6-8C8E-34C6111B72C9}" = ElsterFormular 2007/2008
"{B65BA85C-0A27-4BC0-A22D-A66F0E5B9494}" = Adobe Photoshop CS4
"{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Plus Web Player
"{B9F4561A-924D-4510-A85A-BB0960C338CB}" = Adobe Asset Services CS4
"{BB4E33EC-8181-4685-96F7-8554293DEC6A}" = Adobe Output Module
"{BD3374D3-C2E6-42B7-A80B-E850B6886246}" = Adobe Flash CS4 STI-other
"{C4D738F7-996A-4C81-B8FA-C4E26D767E41}" = Windows Live Mail
"{C52E3EC1-048C-45E1-8D53-10B0C6509683}" = Adobe Default Language CS4
"{C86E7C99-E4AD-79C7-375B-1AEF9A91EC2B}" = Acrobat.com
"{CC75AB5C-2110-4A7F-AF52-708680D22FE8}" = Photoshop Camera Raw
"{CCE0D148-D6FD-4F2A-A631-748DC7727613}" = Universal SQL Editor 1.2.5
"{DA703982C580418795BF4001AA9D7061}" = DivX Plus Media Foundation Components
"{DEB90B8E-0DCB-48CE-B90E-8842A2BD643E}" = Adobe Media Encoder CS4
"{E1B2DF7C-A176-4A1D-9D32-3CEC5037A524}" = Apple Application Support
"{E2DFE069-083E-4631-9B6C-43C48E991DE5}" = Junk Mail filter update
"{E633D396-5188-4E9D-8F6B-BFB8BF3467E8}" = Skype™ 5.0
"{EB7D6F0D-B5BB-4E69-83BA-E238178C08A9}" = ODF Add-in für Microsoft Excel
"{ED00D08A-3C5F-488D-93A0-A04F21F23956}" = Windows Live Communications Platform
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F0E64E2E-3A60-40D8-A55D-92F6831875DA}" = Adobe Search for Help
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F2BAD936-F6FB-482F-9012-F3E089CA1F53}" = PureSync
"{F6E99614-F042-4459-82B7-8B38B2601356}" = Adobe Flash CS4
"{F8EF2B3F-C345-4F20-8FE4-791A20333CD5}" = Adobe ExtendScript Toolkit CS4
"{F8FF18EE-264A-43FD-B2F6-5EAD40798C2F}" = Windows Live Essentials
"{F93C84A6-0DC6-42AF-89FA-776F7C377353}" = Adobe PDF Library Files CS4
"{FCDD51BB-CAD0-4BB1-B7DF-CE86D1032794}" = Adobe Fonts All
"{FF8500E6-EA0D-11D7-8755-0080C8F92A32}" = abti uGuru
"Active@ UNERASER Demo" = Active@ UNERASER Demo
"Adobe AIR" = Adobe AIR
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe_55230b0b70661df0f212e88f0b655f7" = Adobe Creative Suite 4 Design Premium
"Avira AntiVir Desktop" = Avira AntiVir Premium
"Box Shot 3D" = Box Shot 3D
"com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com
"com.webcreate.open.emCalculator.D332A7B670A68A217C34D45EFF4A55029236AF6A.1" = emCalculator
"DivX Plus DirectShow Filters" = DivX Plus DirectShow Filters
"East-Tec Eraser 2010_is1" = East-Tec Eraser 2010 Version 9.9
"ElsterFormular 11.5.1.4843" = ElsterFormular
"EVEREST Home Edition_is1" = EVEREST Home Edition v2.20
"Fiddler2" = Fiddler2
"FileZilla Client" = FileZilla Client 3.2.4.1
"Fireworks-AutoBackup.5CF6F99B1CB29F052B0CE9E8F0A7D569474F8AC2.1" = Fireworks-AutoBackup
"Flickr Uploadr" = Flickr Uploadr 3.2.1
"HijackThis" = HijackThis 2.0.2
"Hugin_release_is1" = Hugin 2009.4.0
"IETester" = IETester v0.4.8 (remove only)
"InstallShield_{A6359CCF-215D-43D9-8366-479D231F2A72}" = Belkin Wireless USB Utility
"IsoBuster_is1" = IsoBuster 2.6
"KLiteCodecPack_is1" = K-Lite Codec Pack 6.1.0 (Basic)
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Miranda IM" = Miranda IM 0.8.9
"Mozilla Firefox (3.6.16)" = Mozilla Firefox (3.6.16)
"Mozilla Thunderbird (3.1.9)" = Mozilla Thunderbird (3.1.9)
"Opera 11.01.1190" = Opera 11.01
"PokerStars" = PokerStars
"PokerStars.net" = PokerStars.net
"PureSync" = PureSync 2.8.5
"PuTTY_is1" = PuTTY version 0.60
"Rechnungsverwaltung_is1" = Rechnungsverwaltung 1.1.3
"Red Alert 2" = Command & Conquer Alarmstufe Rot 2
"Riva FLV Encoder 2.0_is1" = Riva FLV Encoder 2.0
"SpeedFan" = SpeedFan (remove only)
"Streamripper" = Streamripper (Remove only)
"SUPER ©" = SUPER © Version 2010.bld.38 (May 2, 2010)
"Totalcmd" = Total Commander (Remove or Repair)
"TrueCrypt" = TrueCrypt
"Unlocker" = Unlocker 1.8.9
"VLC media player" = VLC media player 1.1.7
"Winamp" = Winamp
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinRAR archiver" = WinRAR
"WOLAPI" = Gemeinsam genutzte Internet-Komponenten von Westwood
"XMLmind XML Editor_is1" = XMLmind XML Editor Personal Edition 4.6.0 (2010-05-31)
"Zattoo4" = Zattoo4 4.0.5
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Dropbox" = Dropbox
"Google Chrome" = Google Chrome
"yEd Graph Editor" = yEd Graph Editor
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 24.03.2011 03:24:16 | Computer Name = *** | Source = SideBySide | ID = 16842815
Description = Fehler beim Generieren des Aktivierungskontextes für "c:\Program Files
(x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll". Fehler in Manifest- oder
Richtliniendatei "c:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe
AIR.dll" in Zeile 3. Der Wert "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR"
des "version"-Attributs im assemblyIdentity-Element ist ungültig.
Error - 24.03.2011 03:24:59 | Computer Name = *** | Source = SideBySide | ID = 16842815
Description = Fehler beim Generieren des Aktivierungskontextes für "c:\program files
(x86)\spybot - search & destroy\DelZip179.dll". Fehler in Manifest- oder Richtliniendatei
"c:\program files (x86)\spybot - search & destroy\DelZip179.dll" in Zeile 8. Der
Wert "*" des "language"-Attributs im assemblyIdentity-Element ist ungültig.
Error - 24.03.2011 03:25:04 | Computer Name = *** | Source = SideBySide | ID = 16842832
Description = Fehler beim Generieren des Aktivierungskontexts für "C:\Program Files
(x86)\Adobe\Acrobat 9.0\Designer 8.2\FormDesigner.exe". Fehler in Manifest- oder
Richtliniendatei "" in Zeile . Eine für die Anwendung erforderliche Komponentenversion
steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion. In Konflikt
stehende Komponenten:. Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest.
Komponente
2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd.manifest.
Error - 25.03.2011 06:26:42 | Computer Name = *** | Source = Application Hang | ID = 1002
Description = Programm WINWORD.EXE, Version 11.0.8328.0 kann nicht mehr unter Windows
ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung,
um nach weiteren Informationen zum Problem zu suchen. Prozess-ID: 10bc Startzeit:
01cbead68775881e Endzeit: 14 Anwendungspfad: C:\Program Files (x86)\Microsoft Office\OFFICE11\WINWORD.EXE
Berichts-ID:
58212c27-56ca-11e0-8a20-00508db62f41
Error - 25.03.2011 06:49:35 | Computer Name = *** | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Fehler beim Extrahieren der Drittanbieterstammliste aus der automatischen
Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>.
Fehler: Ein erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum
gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei.
.
Error - 25.03.2011 06:49:35 | Computer Name = *** | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Fehler beim Extrahieren der Drittanbieterstammliste aus der automatischen
Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>.
Fehler: Ein erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum
gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei.
.
Error - 25.03.2011 06:49:37 | Computer Name = *** | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Fehler beim Extrahieren der Drittanbieterstammliste aus der automatischen
Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>.
Fehler: Ein erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum
gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei.
.
Error - 25.03.2011 08:21:25 | Computer Name = *** | Source = SideBySide | ID = 16842815
Description = Fehler beim Generieren des Aktivierungskontextes für "c:\Program Files
(x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll". Fehler in Manifest- oder
Richtliniendatei "c:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe
AIR.dll" in Zeile 3. Der Wert "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR"
des "version"-Attributs im assemblyIdentity-Element ist ungültig.
Error - 25.03.2011 08:22:29 | Computer Name = *** | Source = SideBySide | ID = 16842815
Description = Fehler beim Generieren des Aktivierungskontextes für "c:\program files
(x86)\spybot - search & destroy\DelZip179.dll". Fehler in Manifest- oder Richtliniendatei
"c:\program files (x86)\spybot - search & destroy\DelZip179.dll" in Zeile 8. Der
Wert "*" des "language"-Attributs im assemblyIdentity-Element ist ungültig.
Error - 25.03.2011 08:22:36 | Computer Name = *** | Source = SideBySide | ID = 16842832
Description = Fehler beim Generieren des Aktivierungskontexts für "C:\Program Files
(x86)\Adobe\Acrobat 9.0\Designer 8.2\FormDesigner.exe". Fehler in Manifest- oder
Richtliniendatei "" in Zeile . Eine für die Anwendung erforderliche Komponentenversion
steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion. In Konflikt
stehende Komponenten:. Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest.
Komponente
2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd.manifest.
[ System Events ]
Error - 25.03.2011 12:05:16 | Computer Name = *** | Source = Microsoft-Windows-DNS-Client | ID = 1012
Description = Fehler beim Lesen der Datei für lokale Hosts.
Error - 25.03.2011 12:05:28 | Computer Name = *** | Source = Microsoft-Windows-DNS-Client | ID = 1012
Description = Fehler beim Lesen der Datei für lokale Hosts.
Error - 25.03.2011 12:05:29 | Computer Name = *** | Source = Microsoft-Windows-DNS-Client | ID = 1012
Description = Fehler beim Lesen der Datei für lokale Hosts.
Error - 25.03.2011 13:25:43 | Computer Name = *** | Source = Microsoft-Windows-DNS-Client | ID = 1012
Description = Fehler beim Lesen der Datei für lokale Hosts.
Error - 25.03.2011 13:25:43 | Computer Name = *** | Source = Microsoft-Windows-DNS-Client | ID = 1012
Description = Fehler beim Lesen der Datei für lokale Hosts.
Error - 25.03.2011 13:59:19 | Computer Name = *** | Source = Microsoft-Windows-DNS-Client | ID = 1012
Description = Fehler beim Lesen der Datei für lokale Hosts.
Error - 25.03.2011 13:59:19 | Computer Name = *** | Source = Microsoft-Windows-DNS-Client | ID = 1012
Description = Fehler beim Lesen der Datei für lokale Hosts.
Error - 25.03.2011 13:59:19 | Computer Name = *** | Source = Microsoft-Windows-DNS-Client | ID = 1012
Description = Fehler beim Lesen der Datei für lokale Hosts.
Error - 25.03.2011 13:59:20 | Computer Name = *** | Source = Microsoft-Windows-DNS-Client | ID = 1012
Description = Fehler beim Lesen der Datei für lokale Hosts.
Error - 25.03.2011 13:59:22 | Computer Name = *** | Source = Microsoft-Windows-DNS-Client | ID = 1012
Description = Fehler beim Lesen der Datei für lokale Hosts.
< End of report >
|
| Themen zu Mehrere Trojaner und Sonstiges im Recycler |
| 0x00000001, alternate, analytics, antivir, avgntflt.sys, avira, bho, browser, c:\windows\system32\rundll32.exe, data recovery, downloader, eraser, error, excel, firefox, flash player, google, google analytics, google chrome, hijack, hijackthis, home, hängen, install.exe, langs, location, locker, logfile, mozilla thunderbird, oldtimer, otl.exe, pixel, plug-in, programdata, realtek, recycle, registry, richtlinie, safer networking, saver, scan, sched.exe, searchplugins, security, server, shell32.dll, shortcut, software, sptd.sys, start menu, studio, super, syswow64, total commander, trojaner, user agent, visual studio, webcheck, windows, windows xp, youtube downloader |
Baum-Darstellung