kreshnik | 16.12.2009 17:00 | Otl logfile: Code:
OTL logfile created on: 16.12.2009 16:54:07 - Run 1
OTL by OldTimer - Version 3.1.17.0 Folder = C:\Dokumente und Einstellungen\Shukri Bajgora\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.5512)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
1,44 Gb Total Physical Memory | 0,96 Gb Available Physical Memory | 67,07% Memory free
4,00 Gb Paging File | 3,86 Gb Available in Paging File | 96,44% Paging File free
Paging file location(s): C:\pagefile.sys 3022 4096 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 149,05 Gb Total Space | 121,37 Gb Free Space | 81,43% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: SHUKRI
Current User Name: Shukri Bajgora
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal
========== Processes (SafeList) ==========
PRC - C:\Dokumente und Einstellungen\Shukri Bajgora\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Programme\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Programme\AVG\AVG8\avgtray.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Programme\AVG\AVG8\avgcsrvx.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Programme\AVG\AVG8\avgrsx.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Programme\AVG\AVG8\avgnsx.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Programme\AVG\AVG8\avgemc.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Programme\AVG\AVG8\avgam.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Programme\AVG\AVG8\avgfws8.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Programme\AVG\AVG8\avgwdsvc.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Programme\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe (Microsoft Corporation)
PRC - C:\Programme\TeamViewer\Version4\TeamViewer.exe (TeamViewer GmbH)
PRC - C:\WINDOWS\system32\wscntfy.exe (Microsoft Corporation)
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\Programme\Gemeinsame Dateien\LogiShrd\LVMVFM\LVPrcSrv.exe (Logitech Inc.)
PRC - C:\Programme\Gemeinsame Dateien\LogiShrd\LVCOMSER\LVComSer.exe (Logitech Inc.)
PRC - C:\Programme\ANI\ANIWZCS2 Service\ANIWZCSdS.exe (Wireless Service)
PRC - C:\WINDOWS\Domino.EXE (Vimicro)
PRC - C:\WINDOWS\VMSnap5.EXE (Vimicro)
PRC - C:\WINDOWS\SOUNDMAN.EXE (Realtek Semiconductor Corp.)
PRC - C:\WINDOWS\system32\VTTrayp.exe (S3 Graphics Co., Ltd.)
PRC - C:\WINDOWS\system32\VTTimer.exe (S3 Graphics, Inc.)
PRC - C:\Programme\Gemeinsame Dateien\Ulead Systems\DVD\ULCDRSvr.exe (Ulead Systems, Inc.)
PRC - C:\WINDOWS\system32\HPZipm12.exe (HP)
========== Modules (SafeList) ==========
MOD - C:\Dokumente und Einstellungen\Shukri Bajgora\Desktop\OTL.exe (OldTimer Tools)
MOD - C:\Programme\TeamViewer\Version4\TV.dll (TeamViewer GmbH)
MOD - C:\Programme\Gemeinsame Dateien\LogiShrd\LVMVFM\LVPrcInj.dll (Logitech Inc.)
========== Win32 Services (SafeList) ==========
SRV - (avg8emc) -- C:\Programme\AVG\AVG8\avgemc.exe (AVG Technologies CZ, s.r.o.)
SRV - (avgfws8) -- C:\Programme\AVG\AVG8\avgfws8.exe (AVG Technologies CZ, s.r.o.)
SRV - (avg8wd) -- C:\Programme\AVG\AVG8\avgwdsvc.exe (AVG Technologies CZ, s.r.o.)
SRV - (SeaPort) -- C:\Programme\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe (Microsoft Corporation)
SRV - (TeamViewer4) -- C:\Programme\TeamViewer\Version4\TeamViewer_Service.exe (TeamViewer GmbH)
SRV - (LVSrvLauncher) -- C:\Programme\Gemeinsame Dateien\LogiShrd\SrvLnch\SrvLnch.exe (Logitech Inc.)
SRV - (LVPrcSrv) -- C:\Programme\Gemeinsame Dateien\LogiShrd\LVMVFM\LVPrcSrv.exe (Logitech Inc.)
SRV - (LVCOMSer) -- C:\Programme\Gemeinsame Dateien\LogiShrd\LVCOMSER\LVComSer.exe (Logitech Inc.)
SRV - (usnjsvc) -- C:\Programme\Windows Live\Messenger\usnsvc.exe (Microsoft Corporation)
SRV - (WLSetupSvc) -- C:\Programme\Windows Live\installer\WLSetupSvc.exe ()
SRV - (ANIWZCSdService) -- C:\Programme\ANI\ANIWZCS2 Service\ANIWZCSdS.exe (Wireless Service)
SRV - (UleadBurningHelper) -- C:\Programme\Gemeinsame Dateien\Ulead Systems\DVD\ULCDRSvr.exe (Ulead Systems, Inc.)
SRV - (Pml Driver HPZ12) -- C:\WINDOWS\system32\HPZipm12.exe (HP)
========== Driver Services (SafeList) ==========
DRV - (AvgLdx86) -- C:\WINDOWS\System32\Drivers\avgldx86.sys (AVG Technologies CZ, s.r.o.)
DRV - (AvgMfx86) -- C:\WINDOWS\System32\Drivers\avgmfx86.sys (AVG Technologies CZ, s.r.o.)
DRV - (Avgfwfd) -- C:\WINDOWS\system32\drivers\avgfwdx.sys (AVG Technologies CZ, s.r.o.)
DRV - (Avgfwdx) -- C:\WINDOWS\system32\drivers\avgfwdx.sys (AVG Technologies CZ, s.r.o.)
DRV - (AvgRkx86) -- C:\WINDOWS\System32\Drivers\avgrkx86.sys (AVG Technologies CZ, s.r.o.)
DRV - (AvgTdiX) -- C:\WINDOWS\System32\Drivers\avgtdix.sys (AVG Technologies CZ, s.r.o.)
DRV - (Tcpip6) -- C:\WINDOWS\system32\drivers\tcpip6.sys (Microsoft Corporation)
DRV - (NwlnkIpx) -- C:\WINDOWS\system32\drivers\nwlnkipx.sys (Microsoft Corporation)
DRV - (usbaudio) USB-Audiotreiber (WDM) -- C:\WINDOWS\system32\drivers\usbaudio.sys (Microsoft Corporation)
DRV - (Secdrv) -- C:\WINDOWS\system32\drivers\secdrv.sys (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.)
DRV - (ssmdrv) -- C:\WINDOWS\system32\drivers\ssmdrv.sys (AVIRA GmbH)
DRV - (LVcKap) -- C:\WINDOWS\system32\drivers\Lvckap.sys (Logitech Inc.)
DRV - (LVUSBSta) -- C:\WINDOWS\system32\drivers\LVUSBSta.sys (Logitech Inc.)
DRV - (PID_PEPI) Logitech QuickCam IM(PID_PEPI) -- C:\WINDOWS\system32\drivers\LV302V32.SYS (Logitech Inc.)
DRV - (pepifilter) -- C:\WINDOWS\system32\drivers\lv302af.sys (Logitech Inc.)
DRV - (LVPr2Mon) -- C:\WINDOWS\system32\drivers\LVPr2Mon.sys ()
DRV - (LVMVDrv) -- C:\WINDOWS\system32\drivers\LVMVdrv.sys (Logitech Inc.)
DRV - (ZSMC0305) Vimicro USB PC Camera (VC0305) -- C:\WINDOWS\system32\drivers\usbVM305.sys (Vimicro Corporation)
DRV - (RTL8023xp) -- C:\WINDOWS\system32\drivers\Rtnicxp.sys (Realtek Semiconductor Corporation )
DRV - (ALCXWDM) Service for Realtek AC97 Audio (WDM) -- C:\WINDOWS\system32\drivers\ALCXWDM.SYS (Realtek Semiconductor Corp.)
DRV - (viagfx) -- C:\WINDOWS\system32\drivers\vtmini.sys (Copyright (C) VIA/S3 Graphics Co, Ltd.)
DRV - (ANIO) -- C:\WINDOWS\system32\ANIO.sys (Alpha Networks Inc.)
DRV - (Iviaspi) -- C:\WINDOWS\system32\drivers\iviaspi.sys (InterVideo, Inc.)
DRV - (HPZius12) -- C:\WINDOWS\system32\drivers\HPZius12.sys (HP)
DRV - (HPZipr12) -- C:\WINDOWS\system32\drivers\HPZipr12.sys (HP)
DRV - (HPZid412) -- C:\WINDOWS\system32\drivers\HPZid412.sys (HP)
DRV - (NwlnkNb) -- C:\WINDOWS\system32\drivers\nwlnknb.sys (Microsoft Corporation)
DRV - (NwlnkSpx) -- C:\WINDOWS\system32\drivers\nwlnkspx.sys (Microsoft Corporation)
DRV - (Ptilink) -- C:\WINDOWS\system32\drivers\ptilink.sys (Parallel Technologies, Inc.)
DRV - (ROOTMODEM) -- C:\WINDOWS\system32\drivers\rootmdm.sys (Microsoft Corporation)
DRV - (pfc) -- C:\WINDOWS\system32\drivers\pfc.sys (Padus, Inc.)
DRV - (viaagp1) -- C:\WINDOWS\system32\DRIVERS\viaagp1.sys (VIA Technologies, Inc.)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://alice.aol.de
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://alice.aol.de
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.live.com/sphome.aspx
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://search.live.com
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.search.defaultenginename: "Live Search"
FF - prefs.js..browser.search.defaulturl: "http://search.live.com/results.aspx?FORM=IEFM1&q="
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "google.de"
FF - prefs.js..keyword.URL: "http://search.live.com/results.aspx?FORM=IEFM1&q="
FF - HKLM\software\mozilla\Firefox\Extensions\\{3f963a5b-e555-4543-90e2-c3908898db71}: C:\Programme\AVG\AVG8\Firefox [2009.06.17 09:00:41 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.5\extensions\\Components: C:\Programme\Mozilla Firefox\components [2009.11.22 17:37:58 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.5\extensions\\Plugins: C:\Programme\Mozilla Firefox\plugins [2009.11.22 17:37:58 | 00,000,000 | ---D | M]
[2009.11.22 17:35:40 | 00,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Shukri Bajgora\Anwendungsdaten\Mozilla\Extensions
[2009.12.15 20:26:48 | 00,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Shukri Bajgora\Anwendungsdaten\Mozilla\Firefox\Profiles\guqxbs4i.default\extensions
[2009.11.06 19:56:24 | 00,002,163 | ---- | M] () -- C:\Dokumente und Einstellungen\Shukri Bajgora\Anwendungsdaten\Mozilla\Firefox\Profiles\guqxbs4i.default\searchplugins\bing.xml
[2009.11.22 17:35:42 | 00,000,000 | ---D | M] -- C:\Programme\Mozilla Firefox\extensions
[2008.03.04 19:16:08 | 00,000,000 | ---D | M] (Google Toolbar for Firefox) -- C:\Programme\Mozilla Firefox\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}
[2007.11.20 16:52:00 | 02,884,992 | ---- | M] () -- C:\Programme\Mozilla Firefox\plugins\NPSWF32.dll
[2009.11.22 17:37:53 | 00,001,392 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\amazondotcom-de.xml
[2009.11.22 17:37:53 | 00,002,344 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\eBay-de.xml
[2009.11.22 17:37:53 | 00,006,805 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\leo_ende_de.xml
[2009.11.22 17:37:53 | 00,001,178 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\wikipedia-de.xml
[2009.11.22 17:37:53 | 00,000,801 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\yahoo-de.xml
O1 HOSTS File: (820 bytes) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Programme\AVG\AVG8\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (Search Helper) - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Programme\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation)
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - No CLSID value found.
O2 - BHO: (Windows Live Anmelde-Hilfsprogramm) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O3 - HKCU\..\Toolbar\ShellBrowser: (no name) - {C4069E3A-68F1-403E-B40E-20066696354B} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7} - No CLSID value found.
O4 - HKLM..\Run: [AVG8_TRAY] C:\Programme\AVG\AVG8\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [Domino] C:\WINDOWS\Domino.EXE (Vimicro)
O4 - HKLM..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe (Ahead Software Gmbh)
O4 - HKLM..\Run: [SoundMan] C:\WINDOWS\SOUNDMAN.EXE (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [VMSnap5] C:\WINDOWS\VMSnap5.EXE (Vimicro)
O4 - HKLM..\Run: [VTTimer] C:\WINDOWS\System32\VTTimer.exe (S3 Graphics, Inc.)
O4 - HKLM..\Run: [VTTrayp] C:\WINDOWS\System32\VTTrayp.exe (S3 Graphics Co., Ltd.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\WINDOWS\system32\nwprovau.dll (Microsoft Corporation)
O15 - HKLM\..Trusted Domains: 1 domain(s) and sub-domain(s) not assigned to a zone.
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} http://gfx1.hotmail.com/mail/w3/resources/MSNPUpld.cab (MSN Photo Upload Tool)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1204655321579 (WUWebControl Class)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O16 - DPF: Microsoft XML Parser for Java file://C:\WINDOWS\Java\classes\xmldso.cab (Reg Error: Key error.)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Programme\AVG\AVG8\avgpp.dll (AVG Technologies CZ, s.r.o.)
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.8.5.1235.0517.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.8.5.1235.0517.dll (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\avgrsstarter: DllName - avgrsstx.dll - C:\WINDOWS\System32\avgrsstx.dll (AVG Technologies CZ, s.r.o.)
O24 - Desktop Components:0 (Die derzeitige Homepage) - About:Home
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.16 01:44:05 | 00,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2009.12.15 23:11:01 | 00,000,053 | RHS- | M] () - C:\autorun.inf -- [ NTFS ]
O33 - MountPoints2\{9f4d0f56-cc74-11de-831d-0016ece2e5b3}\Shell\AutoRun\command - "" = E:\v1cbvsmq.exe -- File not found
O33 - MountPoints2\{9f4d0f56-cc74-11de-831d-0016ece2e5b3}\Shell\open\Command - "" = E:\v1cbvsmq.exe -- File not found
O33 - MountPoints2\{a66a13fc-b053-11de-82ce-0016ece2e5b3}\Shell\AutoRun\command - "" = E:\sp1jensi.exe -- File not found
O33 - MountPoints2\{a66a13fc-b053-11de-82ce-0016ece2e5b3}\Shell\open\Command - "" = E:\sp1jensi.exe -- File not found
O33 - MountPoints2\{ac382dd4-dc48-11de-8341-0016ece2e5b3}\Shell\AutoRun\command - "" = E:\q3kku.exe -- File not found
O33 - MountPoints2\{ac382dd4-dc48-11de-8341-0016ece2e5b3}\Shell\open\Command - "" = E:\q3kku.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - comfile [open] -- "%1" %*
O35 - exefile [open] -- "%1" %*
========== Files/Folders - Created Within 30 Days ==========
[2009.12.16 16:53:13 | 00,538,112 | ---- | C] (OldTimer Tools) -- C:\Dokumente und Einstellungen\Shukri Bajgora\Desktop\OTL.exe
[2009.12.16 16:11:03 | 00,000,000 | ---D | C] -- C:\Avenger
[2009.12.15 23:12:34 | 00,000,000 | ---D | C] -- C:\Programme\trend micro
[2009.12.15 23:12:33 | 00,000,000 | ---D | C] -- C:\rsit
[2009.12.15 21:53:40 | 00,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Shukri Bajgora\Anwendungsdaten\Malwarebytes
[2009.12.15 21:53:34 | 00,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2009.12.15 21:53:32 | 00,019,160 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2009.12.15 21:53:32 | 00,000,000 | ---D | C] -- C:\Programme\Malwarebytes' Anti-Malware
[2009.12.15 21:53:32 | 00,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Malwarebytes
[2009.12.15 21:48:38 | 00,000,000 | RH-D | C] -- C:\Dokumente und Einstellungen\Shukri Bajgora\Recent
[2009.12.15 21:42:59 | 00,000,000 | ---D | C] -- C:\Programme\CCleaner
[2009.12.15 19:46:04 | 00,000,000 | ---D | C] -- C:\Programme\TrendMicro
[2009.12.12 13:37:37 | 00,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Shukri Bajgora\Desktop\Neuer Ordner
[2009.12.11 23:02:05 | 00,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Shukri Bajgora\Lokale Einstellungen\Anwendungsdaten\FullTiltPoker
[2009.12.11 23:01:15 | 00,000,000 | ---D | C] -- C:\Programme\Full Tilt Poker
[2009.12.11 22:55:18 | 00,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Shukri Bajgora\Lokale Einstellungen\Anwendungsdaten\FullTiltPoker.NET
[2009.12.11 22:53:32 | 00,000,000 | ---D | C] -- C:\Programme\Full Tilt Poker.Net
[2009.12.08 21:45:06 | 00,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Shukri Bajgora\Desktop\kerri
[2009.11.28 19:07:00 | 00,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Shukri Bajgora\Desktop\TransFO
[2009.11.28 19:06:43 | 00,000,000 | RHSD | C] -- C:\Dokumente und Einstellungen\Shukri Bajgora\Desktop\transfremes
[2009.11.22 19:20:10 | 00,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Shukri Bajgora\Eigene Dateien\Downloads
[2009.11.22 17:54:38 | 00,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\WindowsLiveInstaller
[2009.11.22 17:54:30 | 00,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\WLInstaller
[2009.07.23 14:15:46 | 00,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\NetworkService\Lokale Einstellungen\Anwendungsdaten\Microsoft
[2009.01.30 21:45:47 | 00,000,000 | --SD | M] -- C:\Dokumente und Einstellungen\NetworkService\Anwendungsdaten\Microsoft
[2009.01.30 21:45:47 | 00,000,000 | --SD | M] -- C:\Dokumente und Einstellungen\LocalService\Anwendungsdaten\Microsoft
[2009.01.30 21:45:47 | 00,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\Anwendungsdaten\Microsoft
[2008.07.23 21:54:30 | 00,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\Anwendungsdaten\Adobe
[2008.07.23 21:54:13 | 00,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\LocalService\Anwendungsdaten\Adobe
[4 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2009.12.16 16:53:14 | 00,538,112 | ---- | M] (OldTimer Tools) -- C:\Dokumente und Einstellungen\Shukri Bajgora\Desktop\OTL.exe
[2009.12.16 16:13:44 | 00,001,230 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2009.12.16 16:11:35 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2009.12.16 16:11:28 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2009.12.16 16:11:27 | 15,428,36224 | -HS- | M] () -- C:\hiberfil.sys
[2009.12.16 16:10:45 | 05,242,880 | -H-- | M] () -- C:\Dokumente und Einstellungen\Shukri Bajgora\NTUSER.DAT
[2009.12.16 16:09:33 | 00,000,190 | -HS- | M] () -- C:\Dokumente und Einstellungen\Shukri Bajgora\ntuser.ini
[2009.12.16 16:03:22 | 00,731,136 | ---- | M] () -- C:\Dokumente und Einstellungen\Shukri Bajgora\Desktop\gehweg.exe
[2009.12.16 14:27:58 | 00,000,597 | ---- | M] () -- C:\Dokumente und Einstellungen\Shukri Bajgora\Eigene Dateien\My Sharing Folders.lnk
[2009.12.15 23:16:37 | 00,014,081 | ---- | M] () -- C:\Dokumente und Einstellungen\Shukri Bajgora\Desktop\logs.rar
[2009.12.15 23:12:18 | 00,781,909 | ---- | M] () -- C:\Dokumente und Einstellungen\Shukri Bajgora\Desktop\RSIT.exe
[2009.12.15 23:11:01 | 00,000,053 | RHS- | M] () -- C:\autorun.inf
[2009.12.15 21:53:37 | 00,000,682 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2009.12.15 21:49:46 | 00,001,926 | ---- | M] () -- C:\Dokumente und Einstellungen\Shukri Bajgora\Eigene Dateien\cc_20091215_214929.reg
[2009.12.15 21:49:13 | 00,120,914 | ---- | M] () -- C:\Dokumente und Einstellungen\Shukri Bajgora\Eigene Dateien\cc_20091215_214908.reg
[2009.12.15 21:43:01 | 00,001,518 | ---- | M] () -- C:\Dokumente und Einstellungen\Shukri Bajgora\Desktop\CCleaner.lnk
[2009.12.15 19:46:16 | 00,002,443 | ---- | M] () -- C:\Dokumente und Einstellungen\Shukri Bajgora\Desktop\HiJackThis.lnk
[2009.12.15 16:21:02 | 00,000,572 | ---- | M] () -- C:\Dokumente und Einstellungen\Shukri Bajgora\Eigene Dateien\spider.sav
[2009.12.14 20:35:29 | 00,001,418 | ---- | M] () -- C:\Dokumente und Einstellungen\Shukri Bajgora\Anwendungsdaten\wklnhst.dat
[2009.12.12 00:48:10 | 00,045,763 | -H-- | M] () -- C:\Dokumente und Einstellungen\Shukri Bajgora\Desktop\mxfilerelatedcache.mxc2
[2009.12.11 12:54:29 | 01,074,602 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2009.12.11 12:54:29 | 00,460,664 | ---- | M] () -- C:\WINDOWS\System32\perfh007.dat
[2009.12.11 12:54:29 | 00,442,602 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2009.12.11 12:54:29 | 00,085,396 | ---- | M] () -- C:\WINDOWS\System32\perfc007.dat
[2009.12.11 12:54:29 | 00,071,868 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2009.12.10 17:56:17 | 00,000,049 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2009.12.10 15:08:38 | 00,074,752 | ---- | M] () -- C:\Dokumente und Einstellungen\Shukri Bajgora\Eigene Dateien\Bewrbung Fedex.wps
[2009.12.08 23:08:44 | 00,065,024 | ---- | M] () -- C:\Dokumente und Einstellungen\Shukri Bajgora\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009.12.03 16:14:06 | 00,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2009.12.03 16:13:56 | 00,019,160 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2009.11.22 19:24:25 | 00,094,811 | ---- | M] () -- C:\Dokumente und Einstellungen\Shukri Bajgora\Desktop\PDF_Rechnung_M211090093273323_11-2009.pdf
[2009.11.22 19:21:24 | 00,094,416 | ---- | M] () -- C:\Dokumente und Einstellungen\Shukri Bajgora\Desktop\PDF_Rechnung_M211090090692686_10-2009.pdf
[4 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
========== Files Created - No Company Name ==========
[2009.12.16 16:03:19 | 00,731,136 | ---- | C] () -- C:\Dokumente und Einstellungen\Shukri Bajgora\Desktop\gehweg.exe
[2009.12.15 23:16:37 | 00,014,081 | ---- | C] () -- C:\Dokumente und Einstellungen\Shukri Bajgora\Desktop\logs.rar
[2009.12.15 23:12:18 | 00,781,909 | ---- | C] () -- C:\Dokumente und Einstellungen\Shukri Bajgora\Desktop\RSIT.exe
[2009.12.15 21:53:37 | 00,000,682 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2009.12.15 21:49:31 | 00,001,926 | ---- | C] () -- C:\Dokumente und Einstellungen\Shukri Bajgora\Eigene Dateien\cc_20091215_214929.reg
[2009.12.15 21:49:09 | 00,120,914 | ---- | C] () -- C:\Dokumente und Einstellungen\Shukri Bajgora\Eigene Dateien\cc_20091215_214908.reg
[2009.12.15 21:43:01 | 00,001,518 | ---- | C] () -- C:\Dokumente und Einstellungen\Shukri Bajgora\Desktop\CCleaner.lnk
[2009.12.15 19:46:04 | 00,002,443 | ---- | C] () -- C:\Dokumente und Einstellungen\Shukri Bajgora\Desktop\HiJackThis.lnk
[2009.12.12 00:48:03 | 00,045,763 | -H-- | C] () -- C:\Dokumente und Einstellungen\Shukri Bajgora\Desktop\mxfilerelatedcache.mxc2
[2009.12.10 14:49:19 | 00,074,752 | ---- | C] () -- C:\Dokumente und Einstellungen\Shukri Bajgora\Eigene Dateien\Bewrbung Fedex.wps
[2009.11.22 19:24:24 | 00,094,811 | ---- | C] () -- C:\Dokumente und Einstellungen\Shukri Bajgora\Desktop\PDF_Rechnung_M211090093273323_11-2009.pdf
[2009.11.22 19:21:23 | 00,094,416 | ---- | C] () -- C:\Dokumente und Einstellungen\Shukri Bajgora\Desktop\PDF_Rechnung_M211090090692686_10-2009.pdf
[2009.11.22 17:56:36 | 00,000,597 | ---- | C] () -- C:\Dokumente und Einstellungen\Shukri Bajgora\Eigene Dateien\My Sharing Folders.lnk
[2009.10.14 20:11:22 | 00,000,118 | ---- | C] () -- C:\WINDOWS\System32\MRT.INI
[2008.08.05 20:23:23 | 00,164,352 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2008.08.05 20:23:18 | 00,755,027 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2008.08.05 20:23:18 | 00,159,839 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2008.08.05 20:23:17 | 03,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll
[2008.08.05 20:23:15 | 00,007,680 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2008.08.05 20:23:15 | 00,000,547 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll.manifest
[2008.05.17 18:34:37 | 00,059,500 | R--- | C] () -- C:\WINDOWS\System32\lvcoinst.ini
[2008.04.19 18:30:16 | 00,000,032 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\ezsid.dat
[2008.04.13 10:27:27 | 00,004,342 | ---- | C] () -- C:\Dokumente und Einstellungen\Shukri Bajgora\Anwendungsdaten\Hewlett-PackardHP PSC 1400 series1170610957_PROTOCOL.log
[2008.04.13 10:27:27 | 00,000,232 | ---- | C] () -- C:\Dokumente und Einstellungen\Shukri Bajgora\Anwendungsdaten\Hewlett-PackardHP PSC 1400 series1170610957_API.log
[2008.04.13 10:27:26 | 00,001,286 | ---- | C] () -- C:\Dokumente und Einstellungen\Shukri Bajgora\Anwendungsdaten\Hewlett-PackardHP PSC 1400 series1170610957_UI.log
[2008.04.13 10:27:26 | 00,000,221 | ---- | C] () -- C:\WINDOWS\NCLogConfig.ini
[2008.03.04 20:51:28 | 00,000,049 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2008.03.03 21:47:43 | 00,049,152 | ---- | C] () -- C:\WINDOWS\System32\JJAKEn.dll
[2008.03.03 19:58:13 | 00,000,111 | ---- | C] () -- C:\WINDOWS\telephon.ini
[2007.10.11 17:59:24 | 00,025,624 | ---- | C] () -- C:\WINDOWS\System32\drivers\LVPr2Mon.sys
[2007.02.04 18:33:32 | 00,003,167 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\hpzinstall.log
[2006.12.16 19:33:28 | 00,001,418 | ---- | C] () -- C:\Dokumente und Einstellungen\Shukri Bajgora\Anwendungsdaten\wklnhst.dat
[2006.10.31 20:00:21 | 00,065,024 | ---- | C] () -- C:\Dokumente und Einstellungen\Shukri Bajgora\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2006.10.31 19:27:29 | 00,000,147 | ---- | C] () -- C:\Dokumente und Einstellungen\Shukri Bajgora\Lokale Einstellungen\Anwendungsdaten\fusioncache.dat
[2006.09.16 03:05:01 | 00,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2006.09.16 02:44:38 | 00,019,968 | ---- | C] () -- C:\WINDOWS\System32\cpuinf32.dll
[2006.09.16 02:41:48 | 00,002,856 | ---- | C] () -- C:\WINDOWS\mgxoschk.ini
[2006.09.16 02:41:27 | 00,000,180 | ---- | C] () -- C:\WINDOWS\Option.ini
[2006.09.16 02:33:29 | 00,000,849 | ---- | C] () -- C:\WINDOWS\orun32.ini
[2006.09.16 01:48:16 | 00,000,778 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini
[2006.09.16 01:41:17 | 00,003,776 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini
[2001.07.06 15:30:00 | 00,003,254 | ---- | C] () -- C:\WINDOWS\System32\HPTCPMON.INI
[2000.04.04 21:02:10 | 00,143,360 | R--- | C] () -- C:\WINDOWS\System32\RTLCPAPI.dll
< End of report > Extras logfile: Code:
OTL Extras logfile created on: 16.12.2009 16:54:07 - Run 1
OTL by OldTimer - Version 3.1.17.0 Folder = C:\Dokumente und Einstellungen\Shukri Bajgora\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.5512)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
1,44 Gb Total Physical Memory | 0,96 Gb Available Physical Memory | 67,07% Memory free
4,00 Gb Paging File | 3,86 Gb Available in Paging File | 96,44% Paging File free
Paging file location(s): C:\pagefile.sys 3022 4096 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 149,05 Gb Total Space | 121,37 Gb Free Space | 81,43% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: SHUKRI
Current User Name: Shukri Bajgora
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Programme\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Programme\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
htmlfile [opennew] -- "C:\Programme\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Programme\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)
https [open] -- "C:\Programme\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Programme\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Programme\Internet Explorer\iexplore.exe" (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\Programme\Windows Live\Sync\WindowsLiveSync.exe" = C:\Programme\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync -- (Microsoft Corporation)
"C:\Programme\Windows Live\Messenger\livecall.exe" = C:\Programme\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone) -- (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Programme\HP\Digital Imaging\bin\hpqste08.exe" = C:\Programme\HP\Digital Imaging\bin\hpqste08.exe:*:Enabled:hpqste08.exe -- (Hewlett-Packard Co.)
"C:\Programme\HP\Digital Imaging\bin\hpofxm08.exe" = C:\Programme\HP\Digital Imaging\bin\hpofxm08.exe:*:Enabled:hpofxm08.exe -- (Hewlett-Packard Co.)
"C:\Programme\HP\Digital Imaging\bin\hposfx08.exe" = C:\Programme\HP\Digital Imaging\bin\hposfx08.exe:*:Enabled:hposfx08.exe -- (Hewlett-Packard Co.)
"C:\Programme\HP\Digital Imaging\bin\hposid01.exe" = C:\Programme\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe -- (Hewlett-Packard Co.)
"C:\Programme\HP\Digital Imaging\bin\hpqscnvw.exe" = C:\Programme\HP\Digital Imaging\bin\hpqscnvw.exe:*:Enabled:hpqscnvw.exe -- ()
"C:\Programme\HP\Digital Imaging\bin\hpqkygrp.exe" = C:\Programme\HP\Digital Imaging\bin\hpqkygrp.exe:*:Enabled:hpqkygrp.exe -- (Hewlett-Packard)
"C:\Programme\HP\Digital Imaging\bin\hpqCopy.exe" = C:\Programme\HP\Digital Imaging\bin\hpqCopy.exe:*:Enabled:hpqcopy.exe -- (Hewlett-Packard Co.)
"C:\Programme\HP\Digital Imaging\bin\hpfccopy.exe" = C:\Programme\HP\Digital Imaging\bin\hpfccopy.exe:*:Enabled:hpfccopy.exe -- (Hewlett-Packard)
"C:\Programme\HP\Digital Imaging\bin\hpzwiz01.exe" = C:\Programme\HP\Digital Imaging\bin\hpzwiz01.exe:*:Enabled:hpzwiz01.exe -- (Hewlett-Packard Co.)
"C:\Programme\HP\Digital Imaging\Unload\HpqPhUnl.exe" = C:\Programme\HP\Digital Imaging\Unload\HpqPhUnl.exe:*:Enabled:hpqphunl.exe -- ()
"C:\Programme\HP\Digital Imaging\bin\hpoews01.exe" = C:\Programme\HP\Digital Imaging\bin\hpoews01.exe:*:Enabled:hpoews01.exe -- (Hewlett-Packard Co.)
"C:\Programme\Alice\Signup\AliceCnn.exe" = C:\Programme\Alice\Signup\AliceCnn.exe:*:Enabled:Alice Einwahlassistent -- File not found
"C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Kaspersky Lab Setup Files\Kaspersky Internet Security 7.0.1.325\English\setup.exe" = C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Kaspersky Lab Setup Files\Kaspersky Internet Security 7.0.1.325\English\setup.exe:*:Enabled:Kaspersky Internet Security 7.0 Setup -- (Kaspersky Lab)
"C:\WINDOWS\system32\dpvsetup.exe" = C:\WINDOWS\system32\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test -- (Microsoft Corporation)
"C:\Programme\AVG\AVG8\avgemc.exe" = C:\Programme\AVG\AVG8\avgemc.exe:*:Enabled:avgemc.exe -- (AVG Technologies CZ, s.r.o.)
"C:\Programme\AVG\AVG8\avgupd.exe" = C:\Programme\AVG\AVG8\avgupd.exe:*:Enabled:avgupd.exe -- File not found
"C:\Programme\AVG\AVG8\avgnsx.exe" = C:\Programme\AVG\AVG8\avgnsx.exe:*:Enabled:avgnsx.exe -- (AVG Technologies CZ, s.r.o.)
"C:\Programme\Skype\Phone\Skype.exe" = C:\Programme\Skype\Phone\Skype.exe:*:Enabled:Skype -- File not found
"C:\Programme\TeamViewer\Version4\TeamViewer.exe" = C:\Programme\TeamViewer\Version4\TeamViewer.exe:*:Enabled:TeamViewer Remote Control Application -- (TeamViewer GmbH)
"C:\Programme\Windows Live\Sync\WindowsLiveSync.exe" = C:\Programme\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync -- (Microsoft Corporation)
"C:\Programme\Windows Live\Messenger\livecall.exe" = C:\Programme\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone) -- (Microsoft Corporation)
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0611BD4E-4FE4-4a62-B0C0-18A4CC463428}" = CP_Package_Variety1
"{0761C9A8-8F3A-4216-B4A7-B7AFBF24A24A}" = HiJackThis
"{0819E89D-6214-4B6F-A18D-4633CB4E0E4A}" = Softwareupdate für Webordner
"{09984AEC-6B9F-4ca7-B78D-CB44D4771DA3}" = Destinations
"{0B33B738-AD79-4E32-90C5-E67BFB10BBFF}" = AiO_Scan
"{0BFD2603-0F69-4AAC-9189-60EC466CA348}" = ArcSoft VideoImpression 2
"{15EE79F4-4ED1-4267-9B0F-351009325D7D}" = HP Software Update
"{193DB24F-9A66-4896-8404-22D53EA89075}" = 1400_Help
"{1C139D7D-9FEA-468d-A9C8-2A6E3BDE564A}" = CP_Package_Variety3
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool
"{266959FA-0AEE-41D0-A88E-F1EAC10A7C14}" = 1400
"{2CADCEAB-D5DA-44D6-B5FC-7DEE87AB3C0C}" = Unload
"{30C19FF2-7FBA-4d09-B9DE-1659977F64F6}" = TrayApp
"{33F8EAD4-B6EC-498B-B487-696B973D1C0C}" = Windows Live Messenger
"{34F0D55F-C386-4195-9A5B-961D3F6ACD46}" = InterVideo MediaOne Gallery
"{350C97B3-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{4C590030-7469-453E-8589-D15DA9D03F52}" = ANIWZCS2 Service
"{4CBA3D4C-8F51-4D60-B27E-F6B641C571E7}" = Microsoft Search Enhancement Pack
"{4EA2F95F-A537-4d17-9E7F-6B3FF8D9BBE3}" = Microsoft Works
"{52B97218-98CB-4B8B-9283-D213C85E1AA4}" = Windows Live Anmelde-Assistent
"{54E3707F-808E-4fd4-95C9-15D1AB077E5D}" = NewCopy
"{56F8AFC3-FA98-4ff1-9673-8A026CBF85BE}" = WebReg
"{5B79CFD1-6845-4158-9D7D-6BE89DF2C135}" = HP PSC & OfficeJet 5.3.B
"{621AF8B2-75D2-4074-BA44-79178A617255}" = Windows Live installer
"{66E6CE0C-5A1E-430C-B40A-0C90FF1804A8}" = eSupportQFolder
"{6814036F-EFA8-4D45-B76B-2EDEEAE6C51B}" = WLAN Monitor
"{6BB6627C-694F-4FDC-A3E5-C7F4BED4C724}" = DocProc
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{75D17044-BF23-4AA5-829C-93E16129EA74}" = Schreibmaschinenkurs 3.5
"{76618402-179D-4699-A66B-D351C59436BC}" = Windows Live Sync
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7850A6D2-CBEA-4728-9877-F1BEDEA9F619}" = AiOSoftware
"{7B5CE976-C7A9-4E38-A7F3-6C8EF025DD8E}" = ANIO Service
"{7C9B95B7-B598-4398-B30F-7F6827192E6C}" = ProductContext
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{900B1197-53F5-4F46-A882-2CFFFE2EEDCB}" = Logitech Desktop Messenger
"{923A7F5A-1E8C-4FBE-8DF6-85940A60A79F}" = Readme
"{945AC98B-3DC8-45BE-BAE0-22CEEE37A103}" = Logitech QuickCam
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{A195B13E-A5E3-4BAF-A995-7F70F445CD06}" = ScannerCopy
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{AB5D51AE-EBC3-438D-872C-705C7C2084B0}" = DeviceManagementQFolder
"{AC76BA86-7AD7-1031-7B44-A70800000002}" = Adobe Reader 7.0.8 - Deutsch
"{B1271FC1-A638-431F-B7FA-2892F8B3FB53}" = KIKA-ROM 3
"{B5FDA445-CAC4-4BA6-A8FB-A7212BD439DE}" = Microsoft XML Parser
"{B824B5C9-849F-4b9e-9EA7-6FD8CD8116DA}" = CP_Package_Variety2
"{B996AE66-10DB-4ac5-B151-E8B4BFBC42FC}" = BufferChm
"{BB65C393-C76E-4F06-9B0C-2124AA8AF97B}" = Adobe Flash Player 9 ActiveX
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C506A18C-1469-4678-B094-F4EC9DAE6DB7}" = Scan
"{C510CA36-98D6-4F07-8AFF-81E7399A075B}" = 1400Trb
"{C7340571-7773-4A8C-9EBC-4E4243B38C76}" = Microsoft XML Parser
"{C87E3974-50FD-4CA7-B3DA-DA7A83B2239C}" = Vimicro Cam 2nd Edition
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CE24344F-DFD8-40C8-8FD8-C9740B5F25AC}" = Fax
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D4C9692E-4EFA-4DA0-8B7F-9439466D9E31}" = Full Tilt Poker
"{D6FD93C9-F253-4127-B94A-E454B5E07A38}" = KIKA-Karaoke
"{DEA5062A-C2FB-4D0A-B558-5B7C8E2E1BF9}" = Vimicro Cam 2nd Edition
"{E07B7A31-E160-466D-A003-3BB7B8989D52}" = Full Tilt Poker.Net
"{E3F90083-80D4-4b5a-87C7-E97E12F5516D}" = HPProductAssistant
"{EA103B64-C0E4-4C0E-A506-751590E1653D}" = SolutionCenter
"{F4C2E5F5-2970-45f4-ABD3-C180C4D961C4}" = Status
"{FB08F381-6533-4108-B7DD-039E11FBC27E}" = Realtek AC'97 Audio
"{FE64AE29-0883-4C70-8388-DC026019C900}" = HP Image Zone Express
"Adobe Flash Player ActiveX" = Adobe Flash Player ActiveX
"AVG8Uninstall" = AVG 8.5
"CCleaner" = CCleaner
"HijackThis" = HijackThis 2.0.2
"HP Imaging Device Functions" = HP Imaging Device Functions 5.3
"HP Solution Center & Imaging Support Tools" = HP Solution Center & Imaging Support Tools 5.3
"InstallShield_{6814036F-EFA8-4D45-B76B-2EDEEAE6C51B}" = WLAN Monitor
"KLiteCodecPack_is1" = K-Lite Codec Pack 4.1.0 (Full)
"lvdrivers_11.50" = Logitech QuickCam-Treiberpaket
"MAGIX Digital Foto Maker SE D" = MAGIX Digital Foto Maker SE (D)
"MAGIX Fotos auf CD D" = MAGIX Fotos auf CD (D)
"MAGIX Media Suite - Standard Edition D" = MAGIX Media Suite - Standard Edition (D)
"MAGIX mp3 maker SE D" = MAGIX mp3 maker SE (D)
"MAGIX Online Druck Service (FS)" = MAGIX Online Druck Service (FS)
"MAGIX Video deLuxe SE D" = MAGIX Video deLuxe SE (D)
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Messenger Plus! Live" = Messenger Plus! Live
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mozilla Firefox (3.5.5)" = Mozilla Firefox (3.5.5)
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"MSNINST" = MSN
"Nero - Burning Rom!UninstallKey" = Nero OEM
"QuickTime" = QuickTime
"Shockwave" = Shockwave
"TeamViewer 4" = TeamViewer 4
"VLC media player" = VideoLAN VLC media player 0.8.6a
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinRAR archiver" = WinRAR
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 17.11.2009 14:11:15 | Computer Name = SHUKRI | Source = Application Error | ID = 1000
Description = Fehlgeschlagene Anwendung wlcomm.exe, Version 14.0.8098.930, fehlgeschlagenes
Modul cvasds0.dll, Version 0.0.0.0, Fehleradresse 0x00020615.
Error - 18.11.2009 16:20:36 | Computer Name = SHUKRI | Source = Application Error | ID = 1000
Description = Fehlgeschlagene Anwendung wlcomm.exe, Version 14.0.8098.930, fehlgeschlagenes
Modul cvasds0.dll, Version 0.0.0.0, Fehleradresse 0x00020615.
Error - 20.11.2009 13:20:34 | Computer Name = SHUKRI | Source = Application Error | ID = 1000
Description = Fehlgeschlagene Anwendung wlcomm.exe, Version 14.0.8098.930, fehlgeschlagenes
Modul cvasds0.dll, Version 0.0.0.0, Fehleradresse 0x00020615.
Error - 20.11.2009 14:04:14 | Computer Name = SHUKRI | Source = Application Error | ID = 1000
Description = Fehlgeschlagene Anwendung wlcomm.exe, Version 14.0.8098.930, fehlgeschlagenes
Modul cvasds0.dll, Version 0.0.0.0, Fehleradresse 0x00020615.
Error - 20.11.2009 17:05:03 | Computer Name = SHUKRI | Source = Windows Live Messenger | ID = 1000
Description =
Error - 22.11.2009 05:36:38 | Computer Name = SHUKRI | Source = Application Error | ID = 1000
Description = Fehlgeschlagene Anwendung wlcomm.exe, Version 14.0.8098.930, fehlgeschlagenes
Modul cvasds0.dll, Version 0.0.0.0, Fehleradresse 0x00020615.
Error - 22.11.2009 10:41:42 | Computer Name = SHUKRI | Source = Windows Live Messenger | ID = 1000
Description =
Error - 22.11.2009 12:32:24 | Computer Name = SHUKRI | Source = Application Error | ID = 1000
Description = Fehlgeschlagene Anwendung wlcomm.exe, Version 14.0.8098.930, fehlgeschlagenes
Modul cvasds0.dll, Version 0.0.0.0, Fehleradresse 0x00020615.
Error - 25.11.2009 08:51:22 | Computer Name = SHUKRI | Source = Application Hang | ID = 1002
Description = Stillstehende Anwendung msnmsgr.exe, Version 8.5.1235.517, Stillstandmodul
hungapp, Version 0.0.0.0, Stillstandadresse 0x00000000.
Error - 04.12.2009 09:48:25 | Computer Name = SHUKRI | Source = Application Hang | ID = 1002
Description = Stillstehende Anwendung firefox.exe, Version 1.9.1.3593, Stillstandmodul
hungapp, Version 0.0.0.0, Stillstandadresse 0x00000000.
========== Last 10 Event Log Errors ==========
Error reading Event Logs: The Event Service is not operating properly or the Event Logs are corrupt!
< End of report > |