| TommyXP08 | 18.07.2010 15:05 |
Anbei die gewünschten Logs
Malwarebytes Code:
Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org
Datenbank Version: 4323
Windows 5.1.2600 Service Pack 2
Internet Explorer 6.0.2900.2180
18.07.2010 14:59:37
mbam-log-2010-07-18 (14-59-37).txt
Art des Suchlaufs: Vollständiger Suchlauf (C:\|F:\|G:\|M:\|N:\|P:\|)
Durchsuchte Objekte: 319861
Laufzeit: 1 Stunde(n), 35 Minute(n), 14 Sekunde(n)
Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 0
Infizierte Registrierungswerte: 0
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 0
Infizierte Dateien: 11
Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)
Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)
Infizierte Registrierungsschlüssel:
(Keine bösartigen Objekte gefunden)
Infizierte Registrierungswerte:
(Keine bösartigen Objekte gefunden)
Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)
Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)
Infizierte Dateien:
C:\Programme\pdfforge Toolbar\WidgiHelper.exe (Adware.WidgiToolbar) -> Quarantined and deleted successfully.
C:\Dokumente und Einstellungen\Rühle\Anwendungsdaten\Microsoft\Installer\{CCD58DA0-8FC9-40F6-9346-5B1528DEA638}\NewShortcut7_CCD58DA08FC940F693465B1528DEA638.reg (Extension.Mismatch) -> Quarantined and deleted successfully.
C:\Dokumente und Einstellungen\Rühle\Anwendungsdaten\Microsoft\Installer\{CCD58DA0-8FC9-40F6-9346-5B1528DEA638}\NewShortcut8_CCD58DA08FC940F693465B1528DEA638.reg (Extension.Mismatch) -> Quarantined and deleted successfully.
C:\WINDOWS\temp\1C.tmp (Rootkit.TDSS) -> Quarantined and deleted successfully.
C:\WINDOWS\temp\1E.tmp (Rootkit.TDSS) -> Quarantined and deleted successfully.
C:\WINDOWS\temp\Temporary Internet Files\Content.IE5\G56V8XYZ\exe[1].exe (Rootkit.TDSS) -> Quarantined and deleted successfully.
P:\Programme\Internet\eMule0.46c-ionix-4.33-uni-bin.dl.by.www.emulebase.de\eMule0.46c-ionix-4.33-uni-bin\config\countryflag.dll (Malware.Packer) -> Quarantined and deleted successfully.
P:\Programme\Internet\eMule0.46c-ionix-4.33-uni-bin.dl.by.www.emulebase.de\eMule0.46c-ionix-4.33-uni-bin\config\countryflag32.dll (Malware.Packer) -> Quarantined and deleted successfully.
P:\Programme\Internet\eMule0.46c-ionix-4.33-uni-bin.dl.by.www.emulebase.de\eMule0.46c-ionix-4.33-uni-bin\lang\es_ES_T.dll (Trojan.KillAV) -> Quarantined and deleted successfully.
P:\Programme\Internet\eMule0.46c-ionix-4.33-uni-bin.dl.by.www.emulebase.de\eMule0.46c-ionix-4.33-uni-bin\lang\fr_FR.dll (Trojan.KillAV) -> Quarantined and deleted successfully.
P:\Programme\Music\BPM-Studio Profi\UNWISE.EXE (Malware.Packer.Morphine) -> Quarantined and deleted successfully.
OTL Log Code:
OTL logfile created on: 18.07.2010 15:11:06 - Run 2
OTL by OldTimer - Version 3.2.9.1 Folder = C:\Dokumente und Einstellungen\Rühle\Desktop
Windows XP Professional Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 81,00% Memory free
4,00 Gb Paging File | 4,00 Gb Available in Paging File | 91,00% Paging File free
Paging file location(s): c:\pagefile.sys 1536 3072 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 20,13 Gb Total Space | 0,64 Gb Free Space | 3,20% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
Drive F: | 19,53 Gb Total Space | 4,79 Gb Free Space | 24,52% Space Free | Partition Type: NTFS
Drive G: | 29,30 Gb Total Space | 5,42 Gb Free Space | 18,49% Space Free | Partition Type: NTFS
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Drive M: | 39,07 Gb Total Space | 5,60 Gb Free Space | 14,34% Space Free | Partition Type: NTFS
Drive N: | 465,76 Gb Total Space | 371,47 Gb Free Space | 79,76% Space Free | Partition Type: NTFS
Drive P: | 41,01 Gb Total Space | 0,48 Gb Free Space | 1,17% Space Free | Partition Type: NTFS
Computer Name: TOMMY
Current User Name: Rühle
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal
========== Processes (SafeList) ==========
PRC - C:\Dokumente und Einstellungen\Rühle\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Programme\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Programme\ICQ7.0\ICQ.exe (ICQ, LLC.)
PRC - C:\Programme\Gemeinsame Dateien\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
PRC - C:\Programme\Google\Update\1.2.183.23\GoogleCrashHandler.exe (Google Inc.)
PRC - C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)
PRC - C:\Programme\Application Updater\ApplicationUpdater.exe (Spigot, Inc.)
PRC - C:\Programme\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
PRC - C:\Programme\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
PRC - C:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
PRC - C:\Programme\Brother\BRAdmin Professional 3\bratimer.exe ()
PRC - P:\Programme\Sonstige\Logitech\SetPoint\SetPoint.exe (Logitech, Inc.)
PRC - C:\Programme\Gemeinsame Dateien\Logishrd\KHAL2\KHALMNPR.exe (Logitech, Inc.)
PRC - P:\Programme\Internet\Advanced VPN Client\NCPRWSNT.EXE (NCP Engineering GmbH)
PRC - P:\Programme\Internet\Advanced VPN Client\ncpclcfg.exe ()
PRC - P:\Programme\Internet\Advanced VPN Client\RWSRSU.exe ()
PRC - C:\Programme\Canon\CAL\CALMAIN.exe (Canon Inc.)
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - P:\Programme\Sonstige\BlueSoleil\BlueSoleil.exe (IVT Corporation)
PRC - P:\Programme\Sonstige\BlueSoleil\BTNtService.exe ()
PRC - C:\WINDOWS\SOUNDMAN.EXE (Realtek Semiconductor Corp.)
PRC - P:\Programme\Internet\Advanced VPN Client\NCPSEC.EXE ()
PRC - P:\Programme\Office\Microsoft Office\OFFICE11\WINWORD.EXE (Microsoft Corporation)
PRC - P:\Programme\Office\Microsoft Office\OFFICE11\OUTLOOK.EXE (Microsoft Corporation)
========== Modules (SafeList) ==========
MOD - C:\Dokumente und Einstellungen\Rühle\Desktop\OTL.exe (OldTimer Tools)
MOD - P:\Programme\Sonstige\Logitech\SetPoint\lgscroll.dll (Logitech, Inc.)
MOD - C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_6b128700\msvcr80.dll (Microsoft Corporation)
MOD - C:\WINDOWS\system32\msscript.ocx (Microsoft Corporation)
MOD - C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2649_x-ww_aac16c8b\comctl32.dll (Microsoft Corporation)
========== Win32 Services (SafeList) ==========
SRV - (iPod Service) -- P:\Programme\iPod\bin\iPodService.exe File not found
SRV - (Application Updater) -- C:\Programme\Application Updater\ApplicationUpdater.exe (Spigot, Inc.)
SRV - (WiselinkPro) -- P:\Programme\Video\SAMSUNG PC Share Manager\WiselinkPro.exe ()
SRV - (AntiVirService) -- C:\Programme\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
SRV - (Adobe LM Service) -- C:\Programme\Gemeinsame Dateien\Adobe Systems Shared\Service\Adobelmsvc.exe (Adobe Systems)
SRV - (AntiVirSchedulerService) -- C:\Programme\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
SRV - (BRA_Scheduler) -- C:\Programme\Brother\BRAdmin Professional 3\bratimer.exe ()
SRV - (LBTServ) -- C:\Programme\Gemeinsame Dateien\Logitech\Bluetooth\LBTServ.exe (Logitech, Inc.)
SRV - (usnjsvc) -- C:\Programme\Windows Live\Messenger\usnsvc.exe (Microsoft Corporation)
SRV - (ncprwsnt) -- P:\Programme\Internet\Advanced VPN Client\NCPRWSNT.EXE (NCP Engineering GmbH)
SRV - (ncpclcfg) -- P:\Programme\Internet\Advanced VPN Client\ncpclcfg.exe ()
SRV - (rwsrsu) -- P:\Programme\Internet\Advanced VPN Client\RWSRSU.exe ()
SRV - (CCALib8) -- C:\Programme\Canon\CAL\CALMAIN.exe (Canon Inc.)
SRV - (ose) -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE (Microsoft Corporation)
SRV - (MSCSPTISRV) -- C:\Programme\Gemeinsame Dateien\Sony Shared\AVLib\MSCSPTISRV.exe (Sony Corporation)
SRV - (PACSPTISVR) -- C:\Programme\Gemeinsame Dateien\Sony Shared\AVLib\PACSPTISVR.exe (Sony Corporation)
SRV - (SPTISRV) -- C:\Programme\Gemeinsame Dateien\Sony Shared\AVLib\SPTISRV.exe (Sony Corporation)
SRV - (WMConnectCDS) -- C:\Programme\Windows Media Connect 2\wmccds.exe (Microsoft Corporation)
SRV - (BlueSoleil Hid Service) -- P:\Programme\Sonstige\BlueSoleil\BTNtService.exe ()
SRV - (IDriverT) -- C:\Programme\Gemeinsame Dateien\InstallShield\Driver\11\Intel 32\IDriverT.exe (Macrovision Corporation)
SRV - (NcpSec) -- P:\Programme\Internet\Advanced VPN Client\NCPSEC.EXE ()
========== Driver Services (SafeList) ==========
DRV - (zntport) -- C:\WINDOWS\System32\zntport.sys File not found
DRV - (vvftUVC) -- C:\WINDOWS\System32\drivers\vvftUVC.sys File not found
DRV - (VMUVC) -- C:\WINDOWS\System32\Drivers\VMUVC.sys File not found
DRV - (sptd) -- C:\WINDOWS\System32\Drivers\sptd.sys File not found
DRV - (sfvfs02) StarForce Protection VFS Driver (version 2.x) -- C:\WINDOWS\System32\drivers\sfvfs02.sys File not found
DRV - (Pcouffin) -- C:\WINDOWS\System32\Drivers\Pcouffin.sys File not found
DRV - (mbr) -- C:\DOKUME~1\RHLE~1\LOKALE~1\Temp\mbr.sys File not found
DRV - (ASInsHelp) -- C:\WINDOWS\System32\drivers\AsInsHelp32.sys File not found
DRV - (avgntflt) -- C:\WINDOWS\system32\drivers\avgntflt.sys (Avira GmbH)
DRV - (ssmdrv) -- C:\WINDOWS\system32\drivers\ssmdrv.sys (Avira GmbH)
DRV - (avipbb) -- C:\WINDOWS\system32\drivers\avipbb.sys (Avira GmbH)
DRV - (avgio) -- C:\Programme\Avira\AntiVir Desktop\avgio.sys (Avira GmbH)
DRV - (nv) -- C:\WINDOWS\system32\drivers\nv4_mini.sys (NVIDIA Corporation)
DRV - (ggsemc) -- C:\WINDOWS\system32\drivers\ggsemc.sys (Sony Ericsson Mobile Communications)
DRV - (ggflt) -- C:\WINDOWS\system32\drivers\ggflt.sys (Sony Ericsson Mobile Communications)
DRV - (FWLANUSB) -- C:\WINDOWS\system32\drivers\fwlanusb.sys (AVM GmbH)
DRV - (avmeject) -- C:\WINDOWS\system32\drivers\avmeject.sys (AVM Berlin)
DRV - (ttBudget2) TechnoTrend BDA/DVB (BDA) -- C:\WINDOWS\system32\drivers\ttBudget2.sys (TechnoTrend AG)
DRV - (LMouFilt) -- C:\WINDOWS\system32\drivers\LMouFilt.Sys (Logitech, Inc.)
DRV - (LHidFilt) -- C:\WINDOWS\system32\drivers\LHidFilt.Sys (Logitech, Inc.)
DRV - (atksgt) -- C:\WINDOWS\system32\drivers\atksgt.sys ()
DRV - (lirsgt) -- C:\WINDOWS\system32\drivers\lirsgt.sys ()
DRV - (ncplentp) -- C:\WINDOWS\system32\drivers\NCPLENTP.SYS ()
DRV - (s115mgmt) Sony Ericsson Device 115 USB WMC Device Management Drivers (WDM) -- C:\WINDOWS\system32\drivers\s115mgmt.sys (MCCI Corporation)
DRV - (s115obex) -- C:\WINDOWS\system32\drivers\s115obex.sys (MCCI Corporation)
DRV - (s115mdm) -- C:\WINDOWS\system32\drivers\s115mdm.sys (MCCI Corporation)
DRV - (s115mdfl) -- C:\WINDOWS\system32\drivers\s115mdfl.sys (MCCI Corporation)
DRV - (s115bus) Sony Ericsson Device 115 driver (WDM) -- C:\WINDOWS\system32\drivers\s115bus.sys (MCCI Corporation)
DRV - (s116unic) Sony Ericsson Device 116 USB Ethernet Emulation SEMC116 (WDM) -- C:\WINDOWS\system32\drivers\s116unic.sys (MCCI Corporation)
DRV - (s116obex) -- C:\WINDOWS\system32\drivers\s116obex.sys (MCCI Corporation)
DRV - (s116nd5) Sony Ericsson Device 116 USB Ethernet Emulation SEMC116 (NDIS) -- C:\WINDOWS\system32\drivers\s116nd5.sys (MCCI Corporation)
DRV - (s116mgmt) Sony Ericsson Device 116 USB WMC Device Management Drivers (WDM) -- C:\WINDOWS\system32\drivers\s116mgmt.sys (MCCI Corporation)
DRV - (s116mdm) -- C:\WINDOWS\system32\drivers\s116mdm.sys (MCCI Corporation)
DRV - (s116mdfl) -- C:\WINDOWS\system32\drivers\s116mdfl.sys (MCCI Corporation)
DRV - (s116bus) Sony Ericsson Device 116 driver (WDM) -- C:\WINDOWS\system32\drivers\s116bus.sys (MCCI Corporation)
DRV - (LMouKE) -- C:\WINDOWS\system32\drivers\LMouKE.Sys (Logitech Inc.)
DRV - (L8042mou) -- C:\WINDOWS\system32\drivers\L8042mou.Sys (Logitech Inc.)
DRV - (L8042Kbd) -- C:\WINDOWS\system32\drivers\L8042Kbd.sys (Logitech Inc.)
DRV - (NwlnkIpx) -- C:\WINDOWS\system32\drivers\nwlnkipx.sys (Microsoft Corporation)
DRV - (NwlnkNb) -- C:\WINDOWS\system32\drivers\nwlnknb.sys (Microsoft Corporation)
DRV - (NwlnkSpx) -- C:\WINDOWS\system32\drivers\nwlnkspx.sys (Microsoft Corporation)
DRV - (MPE) -- C:\WINDOWS\system32\drivers\mpe.sys (Microsoft Corporation)
DRV - (gameenum) -- C:\WINDOWS\system32\drivers\gameenum.sys (Microsoft Corporation)
DRV - (SE27obex) -- C:\WINDOWS\system32\drivers\SE27obex.sys (MCCI)
DRV - (SE27mgmt) Sony Ericsson Device 039 USB WMC Device Management Drivers (WDM) -- C:\WINDOWS\system32\drivers\SE27mgmt.sys (MCCI)
DRV - (SE27mdm) -- C:\WINDOWS\system32\drivers\SE27mdm.sys (MCCI)
DRV - (SE27mdfl) -- C:\WINDOWS\system32\drivers\SE27mdfl.sys (MCCI)
DRV - (SE27bus) Sony Ericsson Device 039 Driver driver (WDM) -- C:\WINDOWS\system32\drivers\SE27bus.sys (MCCI)
DRV - (se27nd5) Sony Ericsson Device 039 USB Ethernet Emulation SEMC39 (NDIS) -- C:\WINDOWS\system32\drivers\se27nd5.sys (MCCI)
DRV - (se27unic) Sony Ericsson Device 039 USB Ethernet Emulation SEMC39 (WDM) -- C:\WINDOWS\system32\drivers\se27unic.sys (MCCI)
DRV - (FTSER2K) -- C:\WINDOWS\system32\drivers\ftser2k.sys (FTDI Ltd.)
DRV - (FTDIBUS) -- C:\WINDOWS\system32\drivers\ftdibus.sys (FTDI Ltd.)
DRV - (FTLUND) -- C:\WINDOWS\system32\drivers\ftlund.sys (FTDI Ltd.)
DRV - (BlueletSCOAudio) -- C:\WINDOWS\system32\drivers\BlueletSCOAudio.sys (IVT Corporation)
DRV - (BlueletAudio) -- C:\WINDOWS\system32\drivers\blueletaudio.sys (IVT Corporation)
DRV - (sfsync02) StarForce Protection Synchronization Driver (version 2.x) -- C:\WINDOWS\System32\drivers\sfsync02.sys (Protection Technology)
DRV - (sfdrv01) StarForce Protection Environment Driver (version 1.x) -- C:\WINDOWS\System32\drivers\sfdrv01.sys (Protection Technology)
DRV - (Btcsrusb) -- C:\WINDOWS\system32\drivers\btcusb.sys (IVT Corporation)
DRV - (VHidMinidrv) -- C:\WINDOWS\system32\drivers\VHIDMini.sys (IVT Corporation)
DRV - (BTHidEnum) -- C:\WINDOWS\system32\drivers\vbtenum.sys ()
DRV - (nvatabus) -- C:\WINDOWS\system32\DRIVERS\nvatabus.sys (NVIDIA Corporation)
DRV - (sfhlp02) StarForce Protection Helper Driver (version 2.x) -- C:\WINDOWS\System32\drivers\sfhlp02.sys (Protection Technology)
DRV - (BTHidMgr) -- C:\WINDOWS\System32\Drivers\BTHidMgr.sys (IVT Corporation)
DRV - (BT) -- C:\WINDOWS\system32\drivers\BtNetDrv.sys (IVT Corporation)
DRV - (nvnetbus) -- C:\WINDOWS\system32\drivers\nvnetbus.sys (NVIDIA Corporation)
DRV - (NVENETFD) -- C:\WINDOWS\system32\drivers\NVENETFD.sys (NVIDIA Corporation)
DRV - (VcommMgr) -- C:\WINDOWS\system32\drivers\VcommMgr.sys (IVT Corporation)
DRV - (cpuidlep) -- C:\WINDOWS\System32\drivers\cpuidlep.sys ()
DRV - (k750obex) -- C:\WINDOWS\system32\drivers\k750obex.sys (MCCI)
DRV - (k750mgmt) -- C:\WINDOWS\system32\drivers\k750mgmt.sys (MCCI)
DRV - (k750mdm) -- C:\WINDOWS\system32\drivers\k750mdm.sys (MCCI)
DRV - (k750mdfl) -- C:\WINDOWS\system32\drivers\k750mdfl.sys (MCCI)
DRV - (k750bus) Sony Ericsson 750 driver (WDM) -- C:\WINDOWS\system32\drivers\k750bus.sys (MCCI)
DRV - (ALCXWDM) Service for Realtek AC97 Audio (WDM) -- C:\WINDOWS\system32\drivers\ALCXWDM.SYS (Realtek Semiconductor Corp.)
DRV - (VComm) -- C:\WINDOWS\system32\drivers\VComm.sys (IVT Corporation)
DRV - (AsIO) -- C:\WINDOWS\system32\drivers\AsIO.sys ()
DRV - (MagicTune) -- C:\WINDOWS\system32\drivers\MTictwl.sys ()
DRV - (DSDrv4) -- P:\Programme\TV-Karte\DScaler\DSDrv4.sys ()
DRV - (d347prt) -- C:\WINDOWS\System32\Drivers\d347prt.sys ( )
DRV - (d347bus) -- C:\WINDOWS\system32\DRIVERS\d347bus.sys ( )
DRV - (yukonwxp) -- C:\WINDOWS\system32\drivers\yk51x86.sys (Marvell)
DRV - (MTsensor) -- C:\WINDOWS\system32\drivers\ASACPI.sys ()
DRV - (usbaudio) USB-Audiotreiber (WDM) -- C:\WINDOWS\system32\drivers\usbaudio.sys (Microsoft Corporation)
DRV - (61883) -- C:\WINDOWS\system32\drivers\61883.sys (Microsoft Corporation)
DRV - (Avc) -- C:\WINDOWS\system32\drivers\avc.sys (Microsoft Corporation)
DRV - (MSDV) -- C:\WINDOWS\system32\drivers\msdv.sys (Microsoft Corporation)
DRV - (MarvinBus) -- C:\WINDOWS\system32\drivers\MarvinBus.sys (Pinnacle Systems GmbH)
DRV - (HCWBT8XX) -- C:\WINDOWS\system32\drivers\HCWBT8xx.sys (Hauppauge Computer Works)
DRV - (cdrbsvsd) -- C:\WINDOWS\System32\drivers\cdrbsvsd.sys (B.H.A Corporation)
DRV - (pfc) -- C:\WINDOWS\system32\drivers\pfc.sys (Padus, Inc.)
DRV - (PQNTDrv) -- C:\WINDOWS\System32\drivers\PQNTDRV.sys (PowerQuest Corporation)
DRV - (PCLEPCI) -- C:\WINDOWS\system32\drivers\Pclepci.sys (Pinnacle Systems GmbH)
DRV - (phil2vid) Philips VGA-Kamera (USB) -- C:\WINDOWS\system32\drivers\philcam2.sys (Microsoft Corporation)
DRV - (Aspi32) -- C:\WINDOWS\System32\drivers\aspi32.sys (Adaptec)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://start.icq.com/
IE - HKCU\..\URLSearchHook: {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Programme\pdfforge Toolbar\SearchSettings.dll (Spigot, Inc.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.search.defaultenginename: "ICQ Search"
FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&type=971163"
FF - prefs.js..browser.search.selectedEngine: "ICQ Search"
FF - prefs.js..browser.startup.homepage: "hxxp://de.start2.mozilla.com/firefox?client=firefox-a&rls=org.mozilla:de:official"
FF - prefs.js..extensions.enabledItems: {df4e4df5-5cb7-46b0-9aef-6c784c3249f8}:1.0.7
FF - prefs.js..extensions.enabledItems: {000a9d1c-beef-4f90-9363-039d445309b8}:0.5.36.0
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: pdfforge@mybrowserbar.com:1.1.2
FF - prefs.js..extensions.enabledItems: searchsettings@spigot.com:1.2.3
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: exif_viewer@mozilla.doslash.org:1.55
FF - prefs.js..keyword.URL: "hxxp://search.icq.com/search/afe_results.php?ch_id=afex&q="
FF - HKLM\software\mozilla\Firefox\Extensions\\{000a9d1c-beef-4f90-9363-039d445309b8}: C:\Programme\Google\Google Gears\Firefox\ [2010.03.06 12:50:57 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.6\extensions\\Components: C:\Programme\Mozilla Firefox\components [2010.06.27 15:24:06 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.6\extensions\\Plugins: C:\Programme\Mozilla Firefox\plugins [2010.06.27 15:24:05 | 000,000,000 | ---D | M]
[2009.09.27 11:30:17 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Rühle\Anwendungsdaten\Mozilla\Extensions
[2010.07.17 22:04:48 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Rühle\Anwendungsdaten\Mozilla\Firefox\Profiles\6r2guqhk.default\extensions
[2008.07.02 21:36:09 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\Rühle\Anwendungsdaten\Mozilla\Firefox\Profiles\6r2guqhk.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
[2010.01.02 00:47:38 | 000,000,000 | ---D | M] (Fox!Box) -- C:\Dokumente und Einstellungen\Rühle\Anwendungsdaten\Mozilla\Firefox\Profiles\6r2guqhk.default\extensions\{df4e4df5-5cb7-46b0-9aef-6c784c3249f8}
[2010.05.09 18:13:49 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Rühle\Anwendungsdaten\Mozilla\Firefox\Profiles\6r2guqhk.default\extensions\exif_viewer@mozilla.doslash.org
[2009.09.27 11:31:00 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Rühle\Anwendungsdaten\Mozilla\Firefox\Profiles\6r2guqhk.default\extensions\piclens@cooliris.com
[2008.06.17 23:05:48 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Rühle\Anwendungsdaten\Mozilla\Firefox\Profiles\6r2guqhk.default\extensions\turntoolviewer@turntool.com
[2007.09.23 14:34:57 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Rühle\Anwendungsdaten\Mozilla\Firefox\Profiles\6r2guqhk.default\extensions\videodowloader@videodownloader.net
[2010.07.17 22:04:48 | 000,000,950 | ---- | M] () -- C:\Dokumente und Einstellungen\Rühle\Anwendungsdaten\Mozilla\Firefox\Profiles\6r2guqhk.default\searchplugins\icqplugin-1.xml
[2008.07.17 21:44:10 | 000,000,950 | ---- | M] () -- C:\Dokumente und Einstellungen\Rühle\Anwendungsdaten\Mozilla\Firefox\Profiles\6r2guqhk.default\searchplugins\icqplugin-2.xml
[2008.09.24 22:58:51 | 000,000,950 | ---- | M] () -- C:\Dokumente und Einstellungen\Rühle\Anwendungsdaten\Mozilla\Firefox\Profiles\6r2guqhk.default\searchplugins\icqplugin-3.xml
[2008.11.13 23:55:47 | 000,000,950 | ---- | M] () -- C:\Dokumente und Einstellungen\Rühle\Anwendungsdaten\Mozilla\Firefox\Profiles\6r2guqhk.default\searchplugins\icqplugin-4.xml
[2008.12.17 23:56:02 | 000,000,950 | ---- | M] () -- C:\Dokumente und Einstellungen\Rühle\Anwendungsdaten\Mozilla\Firefox\Profiles\6r2guqhk.default\searchplugins\icqplugin-5.xml
[2008.12.20 22:12:30 | 000,000,950 | ---- | M] () -- C:\Dokumente und Einstellungen\Rühle\Anwendungsdaten\Mozilla\Firefox\Profiles\6r2guqhk.default\searchplugins\icqplugin-6.xml
[2008.02.19 19:16:46 | 000,000,951 | ---- | M] () -- C:\Dokumente und Einstellungen\Rühle\Anwendungsdaten\Mozilla\Firefox\Profiles\6r2guqhk.default\searchplugins\icqplugin.xml
[2010.07.17 22:04:48 | 000,000,000 | ---D | M] -- C:\Programme\Mozilla Firefox\extensions
[2008.07.02 21:20:58 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
[2010.05.08 19:07:51 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2004.07.03 22:09:11 | 000,140,800 | ---- | M] (Icenet LLC) -- C:\Programme\Mozilla Firefox\plugins\al2np.dll
[2008.08.16 18:42:02 | 000,070,456 | ---- | M] (Citrix Systems, Inc.) -- C:\Programme\Mozilla Firefox\plugins\CgpCore.dll
[2008.08.16 18:42:12 | 000,091,448 | ---- | M] () -- C:\Programme\Mozilla Firefox\plugins\confmgr.dll
[2008.08.16 18:42:08 | 000,020,800 | ---- | M] () -- C:\Programme\Mozilla Firefox\plugins\ctxlogging.dll
[2008.05.21 09:41:08 | 000,479,232 | ---- | M] (Microsoft Corporation) -- C:\Programme\Mozilla Firefox\plugins\msvcm80.dll
[2008.05.21 09:41:08 | 000,548,864 | ---- | M] (Microsoft Corporation) -- C:\Programme\Mozilla Firefox\plugins\msvcp80.dll
[2008.05.21 09:41:08 | 000,626,688 | ---- | M] (Microsoft Corporation) -- C:\Programme\Mozilla Firefox\plugins\msvcr80.dll
[2008.06.19 10:16:24 | 000,118,784 | ---- | M] (CANON INC.) -- C:\Programme\Mozilla Firefox\plugins\MyCamera.dll
[2008.06.19 10:16:24 | 000,053,248 | ---- | M] (CANON INC.) -- C:\Programme\Mozilla Firefox\plugins\NPCIG.dll
[2010.04.12 17:29:19 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Programme\Mozilla Firefox\plugins\npdeployJava1.dll
[2008.08.16 18:44:46 | 000,427,312 | ---- | M] () -- C:\Programme\Mozilla Firefox\plugins\npicaN.dll
[2008.08.16 18:42:04 | 000,023,864 | ---- | M] (Citrix Systems, Inc.) -- C:\Programme\Mozilla Firefox\plugins\TcpPServ.dll
[2010.06.26 10:03:55 | 000,001,392 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\amazondotcom-de.xml
[2010.06.26 10:03:55 | 000,002,344 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\eBay-de.xml
[2010.06.26 10:03:55 | 000,006,805 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\leo_ende_de.xml
[2010.06.26 10:03:55 | 000,001,178 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\wikipedia-de.xml
[2010.06.26 10:03:55 | 000,001,105 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\yahoo-de.xml
O1 HOSTS File: ([2009.02.23 23:06:41 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (AcroIEHlprObj Class) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - P:\Programme\Office\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (AcroIEToolbarHelper Class) - {AE7CD045-E861-484f-8273-0445EE161910} - P:\Programme\Office\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (pdfforge Toolbar) - {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Programme\pdfforge Toolbar\IE\1.1.2\pdfforgeToolbarIE.dll File not found
O2 - BHO: (Google Gears Helper) - {E0FEFE40-FBF9-42AE-BA58-794CA7E3FB53} - C:\Programme\Google\Google Gears\Internet Explorer\0.5.36.0\gears.dll (Google Inc.)
O2 - BHO: (no name) - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Programme\pdfforge Toolbar\SearchSettings.dll (Spigot, Inc.)
O3 - HKLM\..\Toolbar: (Easy-WebPrint) - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - P:\Programme\Hardware\Drucker\Canon\Easy-WebPrint\Toolband.dll ()
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - P:\Programme\Office\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (&RoboForm) - {724d43a0-0d85-11d4-9908-00400523e39a} - P:\Programme\Internet\robocom\roboform.dll (Siber Systems)
O3 - HKLM\..\Toolbar: (pdfforge Toolbar) - {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Programme\pdfforge Toolbar\IE\1.1.2\pdfforgeToolbarIE.dll File not found
O3 - HKCU\..\Toolbar\ShellBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - P:\Programme\Office\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKCU\..\Toolbar\ShellBrowser: (&RoboForm) - {724D43A0-0D85-11D4-9908-00400523E39A} - P:\Programme\Internet\robocom\roboform.dll (Siber Systems)
O3 - HKCU\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - P:\Programme\Office\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKCU\..\Toolbar\WebBrowser: (&RoboForm) - {724D43A0-0D85-11D4-9908-00400523E39A} - P:\Programme\Internet\robocom\roboform.dll (Siber Systems)
O4 - HKLM..\Run: [avgnt] C:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [Kernel and Hardware Abstraction Layer] C:\WINDOWS\KHALMNPR.Exe (Logitech, Inc.)
O4 - HKLM..\Run: [Logitech Hardware Abstraction Layer] C:\WINDOWS\KHALMNPR.Exe (Logitech, Inc.)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe ()
O4 - HKLM..\Run: [SearchSettings] C:\Programme\pdfforge Toolbar\SearchSettings.exe (Spigot, Inc.)
O4 - HKLM..\Run: [SoundMan] C:\WINDOWS\SOUNDMAN.EXE (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [TkBellExe] C:\Programme\Gemeinsame Dateien\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
O4 - HKCU..\Run: [ICQ] C:\Programme\ICQ7.0\ICQ.exe (ICQ, LLC.)
O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\Adobe Acrobat - Schnellstart.lnk = C:\WINDOWS\Installer\{AC76BA86-1033-F400-7760-000000000002}\SC_Acrobat.exe ()
O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\BlueSoleil.lnk = P:\Programme\Sonstige\BlueSoleil\BlueSoleil.exe (IVT Corporation)
O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\Logitech SetPoint.lnk = P:\Programme\Sonstige\Logitech\SetPoint\SetPoint.exe (Logitech, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: SynchronousMachineGroupPolicy = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: SynchronousUserGroupPolicy = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableCAD = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O8 - Extra context menu item: Ausgewählte Verknüpfungen in Adobe PDF konvertieren - P:\Programme\Office\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Ausgewählte Verknüpfungen in vorhandene PDF-Datei konvertieren - P:\Programme\Office\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Auswahl in Adobe PDF konvertieren - P:\Programme\Office\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Auswahl in vorhandene PDF-Datei konvertieren - P:\Programme\Office\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Easy-WebPrint - Drucken - P:\Programme\Hardware\Drucker\Canon\Easy-WebPrint\Resource.dll ()
O8 - Extra context menu item: Easy-WebPrint - Schnelldruck - P:\Programme\Hardware\Drucker\Canon\Easy-WebPrint\Resource.dll ()
O8 - Extra context menu item: Easy-WebPrint - Vorschau - P:\Programme\Hardware\Drucker\Canon\Easy-WebPrint\Resource.dll ()
O8 - Extra context menu item: Easy-WebPrint - Zu Druckliste hinzufügen - P:\Programme\Hardware\Drucker\Canon\Easy-WebPrint\Resource.dll ()
O8 - Extra context menu item: In Adobe PDF konvertieren - P:\Programme\Office\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: In vorhandene PDF-Datei konvertieren - P:\Programme\Office\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Nach Microsoft &Excel exportieren - P:\Programme\Office\Microsoft Office\OFFICE11\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: RF - Formular ausfüllen - P:\Programme\Internet\robocom\RoboFormComFillForms.html ()
O8 - Extra context menu item: RF - Formular speichern - P:\Programme\Internet\robocom\RoboFormComSavePass.html ()
O8 - Extra context menu item: RF - Menü anpassen - P:\Programme\Internet\robocom\RoboFormComCustomizeIEMenu.html ()
O8 - Extra context menu item: RF - RoboForm-Leiste ein/aus - P:\Programme\Internet\robocom\RoboFormComShowToolbar.html ()
O8 - Extra context menu item: Verknüpfungsziel in Adobe PDF konvertieren - P:\Programme\Office\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Verknüpfungsziel in vorhandene PDF-Datei konvertieren - P:\Programme\Office\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O9 - Extra 'Tools' menuitem : &Gears-Einstellungen - {09C04DA7-5B76-4EBC-BBEE-B25EAC5965F5} - C:\Programme\Google\Google Gears\Internet Explorer\0.5.36.0\gears.dll (Google Inc.)
O9 - Extra Button: Ausfüllen - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - P:\Programme\Internet\robocom\RoboFormComFillForms.html ()
O9 - Extra 'Tools' menuitem : RF - Formular ausfüllen - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - P:\Programme\Internet\robocom\RoboFormComFillForms.html ()
O9 - Extra Button: Speichern - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - P:\Programme\Internet\robocom\RoboFormComSavePass.html ()
O9 - Extra 'Tools' menuitem : RF - Formular speichern - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - P:\Programme\Internet\robocom\RoboFormComSavePass.html ()
O9 - Extra Button: RoboForm - {724d43aa-0d85-11d4-9908-00400523e39a} - P:\Programme\Internet\robocom\RoboFormComShowToolbar.html ()
O9 - Extra 'Tools' menuitem : RF - RoboForm-Leiste ein/aus - {724d43aa-0d85-11d4-9908-00400523e39a} - P:\Programme\Internet\robocom\RoboFormComShowToolbar.html ()
O9 - Extra 'Tools' menuitem : Uninstall BitDefender Online Scanner - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe File not found
O9 - Extra Button: ICQ7 - {88EB38EF-4D2C-436D-ABD3-56B232674062} - C:\Programme\ICQ7.0\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7 - {88EB38EF-4D2C-436D-ABD3-56B232674062} - C:\Programme\ICQ7.0\ICQ.exe (ICQ, LLC.)
O9 - Extra Button: Recherchieren - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - P:\Programme\Office\Microsoft Office\OFFICE11\REFIEBAR.DLL (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\WINDOWS\system32\nwprovau.dll (Microsoft Corporation)
O15 - HKLM\..Trusted Domains: cyber-deployment.com ([]http in Vertrauenswürdige Sites)
O15 - HKCU\..Trusted Domains: cyber-deployment.com ([]http in Vertrauenswürdige Sites)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: DirectAnimation Java Classes Reg Error: Value error. (Reg Error: Key error.)
O16 - DPF: Microsoft XML Parser for Java Reg Error: Value error. (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1
O18 - Protocol\Handler\cdo {CD00020A-8B95-11D1-82DB-00C04FB1625D} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Web Folders\PKMCDO.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.8.5.1302.1018.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.8.5.1302.1018.dll (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Web Components\10\OWC10.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Web Components\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Gemeinsame Dateien\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\LBTWlgn: DllName - c:\programme\gemeinsame dateien\logitech\bluetooth\LBTWlgn.dll - c:\Programme\Gemeinsame Dateien\Logitech\Bluetooth\LBTWLgn.dll (Logitech, Inc.)
O24 - Desktop WallPaper: C:\Dokumente und Einstellungen\Rühle\Lokale Einstellungen\Anwendungsdaten\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Dokumente und Einstellungen\Rühle\Lokale Einstellungen\Anwendungsdaten\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2005.01.24 23:10:21 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2009.02.23 22:33:47 | 000,000,000 | RHSD | M] - C:\autorun.inf -- [ NTFS ]
O32 - AutoRun File - [2009.02.23 22:33:47 | 000,000,000 | RHSD | M] - F:\autorun.inf -- [ NTFS ]
O32 - AutoRun File - [2009.02.23 22:33:47 | 000,000,000 | RHSD | M] - G:\autorun.inf -- [ NTFS ]
O32 - AutoRun File - [2009.02.23 22:33:48 | 000,000,000 | RHSD | M] - M:\autorun.inf -- [ NTFS ]
O32 - AutoRun File - [2009.02.23 22:33:48 | 000,000,000 | RHSD | M] - P:\autorun.inf -- [ NTFS ]
O33 - MountPoints2\{04451b77-37cc-11de-bc7e-0011d849f781}\Shell\AutoRun\command - "" = RESTORE\k-1-3542-4232123213-7676767-8888886\RanDll.exe
O33 - MountPoints2\{04451b77-37cc-11de-bc7e-0011d849f781}\Shell\open\command - "" = RESTORE\k-1-3542-4232123213-7676767-8888886\RanDll.exe
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 30 Days ==========
[2010.07.18 11:29:52 | 000,574,976 | ---- | C] (OldTimer Tools) -- C:\Dokumente und Einstellungen\Rühle\Desktop\OTL.exe
[2010.07.17 13:01:05 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Rühle\Desktop\backups
[2010.07.17 12:58:11 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Rühle\Desktop\lspfix
[2010.07.17 12:57:55 | 000,388,608 | ---- | C] (Trend Micro Inc.) -- C:\Dokumente und Einstellungen\Rühle\Desktop\HiJackThis204.exe
[2010.07.15 19:03:04 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Macromedia
[2010.07.14 23:49:39 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Rühle\Anwendungsdaten\Xilisoft
[2010.07.14 22:19:37 | 000,000,000 | ---D | C] -- C:\Programme\Video
[2010.07.10 19:20:25 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\CSP
[2010.07.03 20:32:42 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Rühle\Desktop\wm
[2010.06.27 12:49:13 | 000,000,000 | R--D | C] -- C:\Dokumente und Einstellungen\Rühle\Anwendungsdaten\Brother
[2010.06.27 12:42:54 | 000,000,000 | ---D | C] -- C:\Programme\Brother
[2005.05.10 21:39:28 | 000,155,136 | ---- | C] ( ) -- C:\WINDOWS\System32\drivers\d347bus.sys
[2005.05.10 21:39:28 | 000,005,248 | ---- | C] ( ) -- C:\WINDOWS\System32\drivers\d347prt.sys
[2004.11.24 21:25:52 | 000,335,872 | ---- | C] ( ) -- C:\WINDOWS\System32\drvc.dll
[6 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[349 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[3 C:\WINDOWS\System32\drivers\*.tmp files -> C:\WINDOWS\System32\drivers\*.tmp -> ]
[2 C:\Dokumente und Einstellungen\Rühle\Eigene Dateien\*.tmp files -> C:\Dokumente und Einstellungen\Rühle\Eigene Dateien\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2010.07.18 15:02:20 | 000,001,084 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2010.07.18 15:02:17 | 000,000,270 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-1844237615-920026266-839522115-1003.job
[2010.07.18 15:02:15 | 000,205,884 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
[2010.07.18 15:02:15 | 000,002,191 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\Adobe Acrobat - Schnellstart.lnk
[2010.07.18 15:02:11 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010.07.18 15:02:09 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010.07.18 15:00:30 | 021,233,664 | -H-- | M] () -- C:\Dokumente und Einstellungen\Rühle\NTUSER.DAT
[2010.07.18 14:55:00 | 000,001,088 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2010.07.18 11:29:52 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Dokumente und Einstellungen\Rühle\Desktop\OTL.exe
[2010.07.18 00:06:19 | 000,196,608 | ---- | M] () -- C:\Dokumente und Einstellungen\Rühle\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.07.17 12:57:56 | 000,388,608 | ---- | M] (Trend Micro Inc.) -- C:\Dokumente und Einstellungen\Rühle\Desktop\HiJackThis204.exe
[2010.07.16 19:49:16 | 000,001,099 | ---- | M] () -- C:\Dokumente und Einstellungen\Rühle\Anwendungsdaten\ShiftN.ini
[2010.07.14 23:48:08 | 000,000,845 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Xilisoft Video Converter Ultimate 6.lnk
[2010.07.14 20:02:11 | 000,002,228 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010.07.13 22:41:10 | 000,000,629 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Free Video Joiner.lnk
[2010.07.13 21:22:28 | 000,054,156 | -H-- | M] () -- C:\WINDOWS\QTFont.qfn
[2010.07.10 19:07:08 | 000,001,595 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\SAMSUNG PC Share Manager.lnk
[2010.07.06 23:38:54 | 000,000,116 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2010.07.05 23:31:59 | 000,376,684 | ---- | M] () -- C:\Dokumente und Einstellungen\Rühle\Desktop\8_passig_gemacht.jpg
[2010.06.27 15:24:10 | 000,001,566 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Mozilla Firefox.lnk
[2010.06.27 12:59:43 | 000,000,425 | ---- | M] () -- C:\WINDOWS\BRWMARK.INI
[2010.06.27 12:53:54 | 000,000,027 | ---- | M] () -- C:\WINDOWS\BRPP2KA.INI
[2010.06.26 11:21:00 | 000,000,278 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-1844237615-920026266-839522115-1003.job
[6 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[349 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[3 C:\WINDOWS\System32\drivers\*.tmp files -> C:\WINDOWS\System32\drivers\*.tmp -> ]
[2 C:\Dokumente und Einstellungen\Rühle\Eigene Dateien\*.tmp files -> C:\Dokumente und Einstellungen\Rühle\Eigene Dateien\*.tmp -> ]
========== Files Created - No Company Name ==========
[2010.07.14 23:48:07 | 000,000,845 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Xilisoft Video Converter Ultimate 6.lnk
[2010.07.13 22:41:10 | 000,000,629 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Free Video Joiner.lnk
[2010.07.10 19:07:08 | 000,001,595 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\SAMSUNG PC Share Manager.lnk
[2010.07.05 23:31:58 | 000,376,684 | ---- | C] () -- C:\Dokumente und Einstellungen\Rühle\Desktop\8_passig_gemacht.jpg
[2010.06.27 12:31:26 | 000,000,425 | ---- | C] () -- C:\WINDOWS\BRWMARK.INI
[2010.06.27 12:31:26 | 000,000,027 | ---- | C] () -- C:\WINDOWS\BRPP2KA.INI
[2009.05.13 23:06:55 | 000,116,224 | ---- | C] () -- C:\WINDOWS\System32\pdfcmnnt.dll
[2009.03.29 16:24:43 | 000,000,000 | ---- | C] () -- C:\WINDOWS\mngui.INI
[2008.12.19 17:15:58 | 004,338,246 | ---- | C] () -- C:\WINDOWS\System32\libavcodec.dll
[2008.12.17 19:41:18 | 000,884,237 | ---- | C] () -- C:\WINDOWS\System32\ff_x264.dll
[2008.12.17 19:22:58 | 000,093,184 | ---- | C] () -- C:\WINDOWS\System32\ff_wmv9.dll
[2008.12.17 19:22:48 | 000,057,344 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2008.12.17 19:17:34 | 000,239,247 | ---- | C] () -- C:\WINDOWS\System32\ff_theora.dll
[2008.12.17 18:59:54 | 000,560,802 | ---- | C] () -- C:\WINDOWS\System32\libmplayer.dll
[2008.12.11 13:27:02 | 000,000,547 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll.manifest
[2008.12.06 16:46:56 | 000,027,648 | ---- | C] () -- C:\WINDOWS\System32\AVSredirect.dll
[2008.04.06 16:23:37 | 000,073,408 | ---- | C] () -- C:\WINDOWS\System32\drivers\NCPLENTP.SYS
[2008.04.02 00:15:17 | 000,000,000 | ---- | C] () -- C:\WINDOWS\PPViewer.INI
[2008.03.13 20:45:39 | 000,000,353 | ---- | C] () -- C:\WINDOWS\pdf2word.INI
[2008.03.13 20:30:06 | 000,090,112 | ---- | C] () -- C:\WINDOWS\System32\custmon2k.dll
[2008.03.13 20:14:53 | 000,116,224 | ---- | C] () -- C:\WINDOWS\System32\redmonnt.dll
[2008.03.13 20:14:28 | 000,000,043 | ---- | C] () -- C:\WINDOWS\gswin32.ini
[2007.11.19 23:33:52 | 000,278,728 | ---- | C] () -- C:\WINDOWS\System32\drivers\atksgt.sys
[2007.11.19 23:33:51 | 000,025,416 | ---- | C] () -- C:\WINDOWS\System32\drivers\lirsgt.sys
[2007.10.06 00:29:42 | 000,217,088 | ---- | C] () -- C:\WINDOWS\System32\libmySQL.dll
[2007.10.06 00:29:42 | 000,102,400 | ---- | C] () -- C:\WINDOWS\System32\TrackerNET.dll
[2007.09.23 14:55:56 | 003,086,336 | ---- | C] () -- C:\WINDOWS\System32\NCMedia.dll
[2007.09.23 14:55:56 | 003,086,336 | ---- | C] () -- C:\WINDOWS\System32\flvvideo.dll
[2007.09.23 14:55:56 | 000,383,238 | ---- | C] () -- C:\WINDOWS\System32\libmp3lame-0.dll
[2007.05.05 21:27:40 | 000,000,026 | ---- | C] () -- C:\WINDOWS\GaebGetter.INI
[2007.02.11 16:24:58 | 000,208,896 | ---- | C] () -- C:\WINDOWS\System32\HPPAPR01.DLL
[2006.11.11 11:55:20 | 000,000,032 | ---- | C] () -- C:\WINDOWS\CD_Start.INI
[2006.10.19 23:05:32 | 000,000,444 | ---- | C] () -- C:\WINDOWS\3gptoavi3.INI
[2006.07.17 02:00:00 | 000,081,920 | ---- | C] () -- C:\WINDOWS\System32\ieencode.dll
[2006.07.17 02:00:00 | 000,027,440 | ---- | C] () -- C:\WINDOWS\System32\drivers\secdrv.sys
[2006.05.27 18:00:43 | 000,001,248 | ---- | C] () -- C:\WINDOWS\System32\vscfdx.dll
[2006.05.27 17:58:49 | 000,000,067 | ---- | C] () -- C:\WINDOWS\batchrec.ini
[2006.04.15 10:00:04 | 000,034,308 | ---- | C] () -- C:\WINDOWS\System32\BASSMOD.dll
[2006.03.09 15:29:00 | 001,724,416 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll
[2006.03.09 15:29:00 | 001,507,328 | ---- | C] () -- C:\WINDOWS\System32\nview.dll
[2006.03.09 15:29:00 | 001,101,824 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll
[2006.03.09 15:29:00 | 000,581,632 | ---- | C] () -- C:\WINDOWS\System32\nvhwvid.dll
[2006.03.09 15:29:00 | 000,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll
[2006.03.09 15:29:00 | 000,286,720 | ---- | C] () -- C:\WINDOWS\System32\nvnt4cpl.dll
[2006.02.18 16:48:28 | 000,000,071 | ---- | C] () -- C:\WINDOWS\KTEL.INI
[2006.02.09 01:06:12 | 000,000,092 | ---- | C] () -- C:\WINDOWS\System32\ftdiun2k.ini
[2006.01.22 22:39:09 | 000,000,051 | ---- | C] () -- C:\WINDOWS\TSetup.INI
[2005.12.26 13:40:32 | 000,000,000 | ---- | C] () -- C:\WINDOWS\OpPrintServer.INI
[2005.12.26 13:38:56 | 000,008,704 | ---- | C] () -- C:\WINDOWS\System32\CNMVS78.DLL
[2005.10.30 21:39:40 | 000,000,016 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2005.10.27 23:26:05 | 000,000,185 | ---- | C] () -- C:\WINDOWS\mdm.ini
[2005.10.14 12:56:50 | 000,344,064 | ---- | C] () -- C:\WINDOWS\System32\xvid.dll
[2005.10.01 11:19:29 | 000,000,000 | ---- | C] () -- C:\WINDOWS\iPlayer.INI
[2005.09.16 20:01:21 | 000,012,062 | ---- | C] () -- C:\WINDOWS\System32\drivers\MTiCtwl.sys
[2005.09.16 19:58:37 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\Gif89.dll
[2005.09.09 17:11:43 | 000,001,798 | ---- | C] () -- C:\WINDOWS\cdplayer.ini
[2005.08.27 14:51:15 | 000,000,203 | ---- | C] () -- C:\WINDOWS\videodeLuxe.INI
[2005.08.27 14:47:42 | 000,019,968 | ---- | C] () -- C:\WINDOWS\System32\cpuinf32.dll
[2005.08.27 14:37:53 | 000,000,085 | ---- | C] () -- C:\WINDOWS\magix.ini
[2005.08.27 14:37:52 | 000,001,208 | ---- | C] () -- C:\WINDOWS\mgxoschk.ini
[2005.08.05 01:07:47 | 000,024,576 | R--- | C] () -- C:\WINDOWS\System32\AsIO.dll
[2005.08.05 01:07:47 | 000,004,962 | R--- | C] () -- C:\WINDOWS\System32\drivers\AsIO.sys
[2005.07.29 16:21:32 | 000,011,988 | ---- | C] () -- C:\WINDOWS\System32\drivers\vbtenum.sys
[2005.07.16 23:02:00 | 000,001,071 | ---- | C] () -- C:\WINDOWS\wincmd.ini
[2005.07.13 15:05:56 | 000,000,056 | ---- | C] () -- C:\WINDOWS\System32\winxp32.sys
[2005.05.05 15:52:47 | 000,000,272 | ---- | C] () -- C:\WINDOWS\BUHL.INI
[2005.05.05 15:51:26 | 000,209,920 | ---- | C] () -- C:\WINDOWS\fpuninst.dll
[2005.03.29 21:09:01 | 000,056,832 | ---- | C] () -- C:\WINDOWS\System32\Iyvu9_32.dll
[2005.03.26 21:04:45 | 000,000,701 | ---- | C] () -- C:\WINDOWS\QIII.INI
[2005.03.12 23:19:54 | 000,043,520 | ---- | C] () -- C:\WINDOWS\System32\CmdLineExt03.dll
[2005.02.19 19:44:39 | 000,204,800 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeW7.dll
[2005.02.19 19:44:39 | 000,200,704 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeA6.dll
[2005.02.19 19:44:39 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeP6.dll
[2005.02.19 19:44:39 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeM6.dll
[2005.02.19 19:44:39 | 000,188,416 | ---- | C] () -- C:\WINDOWS\System32\IVIresizePX.dll
[2005.02.19 19:44:39 | 000,020,480 | ---- | C] () -- C:\WINDOWS\System32\IVIresize.dll
[2005.02.19 19:01:53 | 000,000,032 | ---- | C] () -- C:\WINDOWS\HCWBTDLG.INI
[2005.02.19 18:57:18 | 000,000,877 | ---- | C] () -- C:\WINDOWS\HCWPNP.INI
[2005.02.19 00:18:04 | 000,002,154 | ---- | C] () -- C:\WINDOWS\System32\ssmute.ini
[2005.02.14 18:03:44 | 000,000,468 | ---- | C] () -- C:\WINDOWS\bobdown.ini
[2005.02.13 01:43:00 | 000,004,484 | ---- | C] () -- C:\WINDOWS\System32\drivers\cpuidlep.sys
[2005.01.30 22:35:59 | 000,003,972 | ---- | C] () -- C:\WINDOWS\System32\drivers\PciBus.sys
[2005.01.30 21:09:59 | 000,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2005.01.26 21:37:33 | 000,122,880 | ---- | C] () -- C:\WINDOWS\System32\cddvdint.dll
[2005.01.26 21:05:27 | 000,000,192 | ---- | C] () -- C:\WINDOWS\winamp.ini
[2005.01.25 00:52:21 | 000,000,169 | ---- | C] () -- C:\WINDOWS\RtlRack.ini
[2005.01.25 00:51:43 | 000,000,023 | ---- | C] () -- C:\WINDOWS\PTSPEECH.INI
[2005.01.25 00:51:38 | 000,000,190 | ---- | C] () -- C:\WINDOWS\LangIDlib.INI
[2005.01.25 00:51:38 | 000,000,143 | ---- | C] () -- C:\WINDOWS\DICTEDIT.INI
[2005.01.25 00:51:34 | 000,001,140 | ---- | C] () -- C:\WINDOWS\tm.ini
[2005.01.25 00:51:30 | 000,002,364 | ---- | C] () -- C:\WINDOWS\PTP2004G.INI
[2005.01.25 00:35:50 | 000,000,926 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2005.01.24 23:52:50 | 000,000,164 | ---- | C] () -- C:\WINDOWS\avrack.ini
[2005.01.24 23:52:47 | 000,156,672 | ---- | C] () -- C:\WINDOWS\System32\RTLCPAPI.dll
[2005.01.24 23:45:37 | 000,000,269 | R--- | C] () -- C:\WINDOWS\System32\raidmgmt.ini
[2005.01.24 23:45:18 | 000,005,810 | R--- | C] () -- C:\WINDOWS\System32\drivers\ASACPI.sys
[2005.01.24 23:45:17 | 000,006,344 | ---- | C] () -- C:\WINDOWS\Ascd_tmp.ini
[2005.01.24 23:45:15 | 000,005,824 | ---- | C] () -- C:\WINDOWS\System32\drivers\ASUSHWIO.SYS
[2005.01.15 10:31:58 | 000,199,168 | ---- | C] () -- C:\WINDOWS\System32\PhotomatixLib.dll
[2004.12.16 16:32:54 | 000,013,304 | ---- | C] () -- C:\WINDOWS\System32\drivers\BTNetFilter.sys
[2004.12.14 12:19:34 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\pmexr.dll
[2004.10.03 19:50:54 | 000,129,024 | ---- | C] () -- C:\WINDOWS\System32\ff_mpeg2enc.dll
[2004.08.22 17:04:56 | 000,069,120 | ---- | C] () -- C:\WINDOWS\daemon.dll
[2004.08.12 12:33:02 | 000,321,024 | ---- | C] () -- C:\WINDOWS\System32\pmtf2.dll
[2004.08.12 11:50:46 | 000,140,800 | ---- | C] () -- C:\WINDOWS\System32\pmjp.dll
[2004.08.04 02:57:34 | 000,363,520 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2004.06.04 21:22:14 | 000,782,336 | ---- | C] () -- C:\WINDOWS\System32\IlmImf.dll
[2004.05.18 22:20:50 | 000,622,592 | ---- | C] () -- C:\WINDOWS\System32\contfilt.dll
[2004.03.18 09:44:29 | 001,663,068 | ---- | C] () -- C:\WINDOWS\System32\libmmd.dll
[2003.11.26 10:47:24 | 000,011,776 | ---- | C] () -- C:\WINDOWS\System32\pmbm.dll
[2003.03.11 12:56:52 | 000,051,200 | ---- | C] () -- C:\WINDOWS\System32\ThriXXX010205PNG.dll
[2003.03.11 12:56:36 | 000,023,040 | ---- | C] () -- C:\WINDOWS\System32\ThriXXX010104Z.dll
[2003.03.11 12:56:24 | 000,056,832 | ---- | C] () -- C:\WINDOWS\System32\ThriXXX015003JP2.dll
[2003.02.20 18:53:42 | 000,005,702 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI
[2002.04.01 18:45:50 | 000,047,616 | ---- | C] () -- C:\WINDOWS\System32\ODBCMON.DLL
[2002.03.21 15:39:02 | 000,073,728 | ---- | C] () -- C:\WINDOWS\System32\UNACEV2.DLL
[2000.04.03 23:00:00 | 000,130,560 | ---- | C] () -- C:\WINDOWS\System32\ZIPDLL.DLL
[1998.04.24 00:00:00 | 000,000,218 | ---- | C] () -- C:\WINDOWS\FRONTPG.INI
[1996.04.03 21:33:26 | 000,005,248 | ---- | C] () -- C:\WINDOWS\System32\giveio.sys
========== Alternate Data Streams ==========
@Alternate Data Stream - 229 bytes -> C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Temp:8FF81EB0
< End of report >
OTL Extras Log Code:
OTL Extras logfile created on: 18.07.2010 15:11:06 - Run 2
OTL by OldTimer - Version 3.2.9.1 Folder = C:\Dokumente und Einstellungen\Rühle\Desktop
Windows XP Professional Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 81,00% Memory free
4,00 Gb Paging File | 4,00 Gb Available in Paging File | 91,00% Paging File free
Paging file location(s): c:\pagefile.sys 1536 3072 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 20,13 Gb Total Space | 0,64 Gb Free Space | 3,20% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
Drive F: | 19,53 Gb Total Space | 4,79 Gb Free Space | 24,52% Space Free | Partition Type: NTFS
Drive G: | 29,30 Gb Total Space | 5,42 Gb Free Space | 18,49% Space Free | Partition Type: NTFS
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Drive M: | 39,07 Gb Total Space | 5,60 Gb Free Space | 14,34% Space Free | Partition Type: NTFS
Drive N: | 465,76 Gb Total Space | 371,47 Gb Free Space | 79,76% Space Free | Partition Type: NTFS
Drive P: | 41,01 Gb Total Space | 0,48 Gb Free Space | 1,17% Space Free | Partition Type: NTFS
Computer Name: TOMMY
Current User Name: Rühle
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Programme\Mozilla Firefox\firefox.exe (Mozilla Corporation)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Programme\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
htmlfile [edit] -- Reg Error: Key error.
http [open] -- "C:\Programme\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)
https [open] -- "C:\Programme\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [ACDSee 11.0.Browse] -- "P:\Programme\Grafik\ACD Systems\ACDSee\11.0\ACDSeeQV11.exe" "%1" (ACD Systems)
Directory [Betrachten mit XnView] -- "P:\Programme\Grafik\XnView\xnview.exe" "%1" (XnView, hxxp://www.xnview.com)
Directory [cmd] -- cmd.exe /k "cd %L" (Microsoft Corporation)
Directory [Digital Photo Professional] -- P:\Programme\Grafik\Canon\Digital Photo Professional\DPPViewer.exe /path "%1" (CANON INC.)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Winamp.Bookmark] -- "P:\Programme\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft)
Directory [Winamp.Enqueue] -- "P:\Programme\Winamp\winamp.exe" /ADD "%1" (Nullsoft)
Directory [Winamp.Play] -- "P:\Programme\Winamp\winamp.exe" "%1" (Nullsoft)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
"FirstRunDisabled" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"enablefirewall" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"10280:UDP" = 10280:UDP:LocalSubNet:Enabled:Windows Media Connect
"10281:UDP" = 10281:UDP:LocalSubNet:Enabled:Windows Media Connect
"10282:UDP" = 10282:UDP:LocalSubNet:Enabled:Windows Media Connect
"10283:UDP" = 10283:UDP:LocalSubNet:Enabled:Windows Media Connect
"10284:UDP" = 10284:UDP:LocalSubNet:Enabled:Windows Media Connect
"10243:TCP" = 10243:TCP:LocalSubNet:Enabled:Windows Media Connect
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"10280:UDP" = 10280:UDP:LocalSubNet:Enabled:Windows Media Connect
"10281:UDP" = 10281:UDP:LocalSubNet:Enabled:Windows Media Connect
"10282:UDP" = 10282:UDP:LocalSubNet:Enabled:Windows Media Connect
"10283:UDP" = 10283:UDP:LocalSubNet:Enabled:Windows Media Connect
"10284:UDP" = 10284:UDP:LocalSubNet:Enabled:Windows Media Connect
"10243:TCP" = 10243:TCP:LocalSubNet:Enabled:Windows Media Connect
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\Programme\Windows Live\Messenger\livecall.exe" = C:\Programme\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone) -- (Microsoft Corporation)
"C:\Programme\ICQ6.5\ICQ.exe" = C:\Programme\ICQ6.5\ICQ.exe:*:Enabled:ICQ.exe -- (ICQ, LLC.)
"C:\Programme\ICQ7.0\ICQ.exe" = C:\Programme\ICQ7.0\ICQ.exe:*:Enabled:ICQ7 -- (ICQ, LLC.)
"C:\Programme\ICQ7.0\aolload.exe" = C:\Programme\ICQ7.0\aolload.exe:*:Enabled:aolload.exe -- (AOL LLC)
"C:\WINDOWS\TEMP\alg.exe" = C:\WINDOWS\TEMP\alg.exe:*:Enabled:Application Layer Gateway Service -- File not found
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"P:\Programme\Internet\eMule0.46c-ionix-4.33-uni-bin.dl.by.www.emulebase.de\eMule0.46c-ionix-4.33-uni-bin\emule.exe" = P:\Programme\Internet\eMule0.46c-ionix-4.33-uni-bin.dl.by.www.emulebase.de\eMule0.46c-ionix-4.33-uni-bin\emule.exe:*:Enabled:eMule iONiX Mod -- (hxxp://www.emule-project.net)
"G:\Programme\GameSpy Arcade\Aphex.exe" = G:\Programme\GameSpy Arcade\Aphex.exe:*:Enabled:GameSpy Arcade -- (IGN Entertainment, Inc.)
"G:\Programme\EA GAMES\Need for Speed Underground 2\SPEED2.EXE" = G:\Programme\EA GAMES\Need for Speed Underground 2\SPEED2.EXE:*:Enabled:SPEED2 -- ()
"G:\Programme\Electronic Arts\Need for Speed Carbon\NFSC.exe" = G:\Programme\Electronic Arts\Need for Speed Carbon\NFSC.exe:*:Enabled:NFSC -- ()
"P:\Programme\Sonstige\BlueSoleil\BlueSoleil.exe" = P:\Programme\Sonstige\BlueSoleil\BlueSoleil.exe:*:Enabled:BlueSoleil -- (IVT Corporation)
"C:\Programme\Java\jre1.5.0_10\bin\javaw.exe" = C:\Programme\Java\jre1.5.0_10\bin\javaw.exe:*:Enabled:Java(TM) 2 Platform Standard Edition binary -- (Sun Microsystems, Inc.)
"P:\Programme\Internet\Azureus\Azureus.exe" = P:\Programme\Internet\Azureus\Azureus.exe:*:Enabled:Azureus -- (Aelitis)
"P:\Programme\Video\VideoLAN\vlc.exe" = P:\Programme\Video\VideoLAN\vlc.exe:*:Enabled:VLC media player -- ()
"P:\utorrent161.exe" = P:\utorrent161.exe:*:Enabled:µTorrent -- ()
"P:\Programme\Hardware\WMU-6500FS\Configure.exe" = P:\Programme\Hardware\WMU-6500FS\Configure.exe:*:Enabled:Configure -- (OvisLink Corp.)
"C:\Programme\Mozilla Firefox\firefox.exe" = C:\Programme\Mozilla Firefox\firefox.exe:*:Enabled:Firefox -- (Mozilla Corporation)
"C:\Programme\ITscope MarketViewer 2.0\jre\bin\javaw.exe" = C:\Programme\ITscope MarketViewer 2.0\jre\bin\javaw.exe:*:Enabled:Java(TM) Platform SE binary -- (Sun Microsystems, Inc.)
"C:\Programme\Java\jre1.6.0_03\bin\javaw.exe" = C:\Programme\Java\jre1.6.0_03\bin\javaw.exe:*:Enabled:Java(TM) Platform SE binary -- (Sun Microsystems, Inc.)
"P:\Programme\Internet\Advanced VPN Client\NCPMON.exe" = P:\Programme\Internet\Advanced VPN Client\NCPMON.exe:*:Enabled:ncpmon.exe -- (NCP engineering GmbH)
"C:\Programme\Java\jre1.6.0_05\bin\javaw.exe" = C:\Programme\Java\jre1.6.0_05\bin\javaw.exe:*:Enabled:Java(TM) Platform SE binary -- (Sun Microsystems, Inc.)
"G:\Programme\Empire Interactive\FlatOut Ultimate Carnage\Fouc.exe" = G:\Programme\Empire Interactive\FlatOut Ultimate Carnage\Fouc.exe:*:Enabled:FlatOut Ultimate Carnage -- (Empire Interactive Ltd.)
"C:\Programme\Java\jre1.6.0_07\bin\javaw.exe" = C:\Programme\Java\jre1.6.0_07\bin\javaw.exe:*:Enabled:Java(TM) Platform SE binary -- (Sun Microsystems, Inc.)
"C:\Program Files\Real\RealPlayer\realplay.exe" = C:\Program Files\Real\RealPlayer\realplay.exe:*:Enabled:RealPlayer -- (RealNetworks, Inc.)
"C:\Programme\Java\jre6\bin\javaw.exe" = C:\Programme\Java\jre6\bin\javaw.exe:*:Enabled:Java(TM) Platform SE binary -- (Sun Microsystems, Inc.)
"C:\Programme\Windows Live\Messenger\livecall.exe" = C:\Programme\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone) -- (Microsoft Corporation)
"C:\Programme\ICQ6.5\ICQ.exe" = C:\Programme\ICQ6.5\ICQ.exe:*:Enabled:ICQ.exe -- (ICQ, LLC.)
"C:\Programme\ICQ7.0\ICQ.exe" = C:\Programme\ICQ7.0\ICQ.exe:*:Enabled:ICQ7 -- (ICQ, LLC.)
"C:\Programme\ICQ7.0\aolload.exe" = C:\Programme\ICQ7.0\aolload.exe:*:Enabled:aolload.exe -- (AOL LLC)
"P:\Programme\Music\MusicBrainz Picard\picard.exe" = P:\Programme\Music\MusicBrainz Picard\picard.exe:*:Enabled:The next generation MusicBrainz tagger -- ()
"C:\Programme\Brother\BRAdmin Professional 3\discover.exe" = C:\Programme\Brother\BRAdmin Professional 3\discover.exe:*:Enabled:BRAdmin Professional 3 -- ()
"C:\Programme\Brother\BRAdmin Professional 3\AuditorServer.exe" = C:\Programme\Brother\BRAdmin Professional 3\AuditorServer.exe:*:Enabled:BRAdmin Professional 3 -- ()
"C:\Programme\Brother\BRAdmin Professional 3\bradminv3.exe" = C:\Programme\Brother\BRAdmin Professional 3\bradminv3.exe:*:Enabled:BRAdmin Professional 3 -- (Brother Industries, Ltd.)
"P:\Programme\Video\SAMSUNG PC Share Manager\WiselinkPro.exe" = P:\Programme\Video\SAMSUNG PC Share Manager\WiselinkPro.exe:*:Enabled:WiselinkPro -- ()
"P:\Programme\Video\SAMSUNG PC Share Manager\http_ss_win_pro.exe" = P:\Programme\Video\SAMSUNG PC Share Manager\http_ss_win_pro.exe:*:Enabled:http_ss_win_pro -- ()
"C:\WINDOWS\TEMP\alg.exe" = C:\WINDOWS\TEMP\alg.exe:*:Enabled:Application Layer Gateway Service -- File not found
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator
"{0C826C5B-B131-423A-A229-C71B3CACCD6A}" = CDDRV_Installer
"{14FA6DD9-92ED-493D-A937-81A78870E08A}_is1" = Free Video Joiner 1.1
"{18A5DFF2-8A95-49F3-873F-743CB5549F3D}" = Canon ScanGear Starter
"{1B399A41-C1D0-40A2-9E4F-095868EFAF01}" = InterVideo WinDVD 5
"{1C04D433-2EDF-4AFB-B31B-C0B13065092F}" = MagicTune3.6_Client_pivot
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{259C0ABB-A3B2-4D70-008F-BF7EE491B70B}" = Need for Speed™ Carbon
"{25BEC3AB-5CD4-481D-9143-215C1BBB189E}" = Sony Ericsson PC Suite
"{26A24AE4-039D-4CA4-87B4-2F83216011FF}" = Java(TM) 6 Update 20
"{2A2E822B-3B0E-46C1-9E3B-ACD7D1E95139}" = SAMSUNG PC Share Manager
"{2B091530-69AA-442E-AB09-39ED06B58220}" = Windows Live Messenger
"{2FA41EBB-3F5A-35C3-85D6-51EC72A11FBD}" = Google Gears
"{300578F9-9EFF-4B93-9AB1-C0E5707EF463}" = ACDSee Foto-Manager 2009
"{3101CB58-3482-4D21-AF1A-7057FC935355}" = KhalInstallWrapper
"{3248F0A8-6813-11D6-A77B-00B0D0150010}" = J2SE Runtime Environment 5.0 Update 1
"{3248F0A8-6813-11D6-A77B-00B0D0150040}" = J2SE Runtime Environment 5.0 Update 4
"{3248F0A8-6813-11D6-A77B-00B0D0150060}" = J2SE Runtime Environment 5.0 Update 6
"{3248F0A8-6813-11D6-A77B-00B0D0150090}" = J2SE Runtime Environment 5.0 Update 9
"{3248F0A8-6813-11D6-A77B-00B0D0150100}" = J2SE Runtime Environment 5.0 Update 10
"{3248F0A8-6813-11D6-A77B-00B0D0150110}" = J2SE Runtime Environment 5.0 Update 11
"{3248F0A8-6813-11D6-A77B-00B0D0160010}" = Java(TM) SE Runtime Environment 6 Update 1
"{3248F0A8-6813-11D6-A77B-00B0D0160020}" = Java(TM) 6 Update 2
"{3248F0A8-6813-11D6-A77B-00B0D0160030}" = Java(TM) 6 Update 3
"{3248F0A8-6813-11D6-A77B-00B0D0160050}" = Java(TM) 6 Update 5
"{3248F0A8-6813-11D6-A77B-00B0D0160070}" = Java(TM) 6 Update 7
"{339E14FF-8FDC-4809-AAF2-87BA22905C7F}" = DirectX for Managed Code Update (December 2004)
"{350C97B3-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{388C130B-0079-46B4-A0D5-DC2DD7A89A7B}" = Citrix XenApp Plugin für gehostete Anwendungen
"{3DED3A72-61A8-4B87-98A5-EF0BC8038AA0}" = DAEMON Tools
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A0BAA62-FE2F-4C93-A10B-5E6DE3B424A5}" = BlueSoleil
"{4ecaf021-478c-40c1-b777-3368a15f9966}" = Macromedia Flash Player
"{53480880-18E0-4097-A460-F22DD3AC6D70}" = O&O DiskRecovery
"{53735ECE-E461-4FD0-B742-23A352436D3A}" = Logitech Updater
"{5791B7D3-8B34-4218-9750-6A8E45D0AD32}" = pdfforge Toolbar v1.1.2
"{5C29CB8B-AC1E-4114-8D68-9CD080140D4A}" = Sony USB Driver
"{69640730-B830-4C24-BB5C-222DA1260548}" = Turbo Lister 2
"{6BE2A4A4-99FB-48ED-AE1E-4E850389F804}" = PartitionMagic
"{6BF4613C-0A46-43AA-8FA8-0CB9F2C1A548}" = InterVideo WinDVR 3
"{7131646D-CD3C-40F4-97B9-CD9E4E6262EF}" = Microsoft .NET Framework 2.0
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{75C885D4-C758-4896-A3B4-90DA34B44C31}" = BRAdmin Professional 3
"{88EB38EF-4D2C-436D-ABD3-56B232674062}" = ICQ7
"{8937FCB2-2FC6-4FC3-9FB5-DE2C92DB9C38}" = Microsoft .NET Framework 2.0 Language Pack - DEU
"{90110407-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{90120000-0020-0407-0000-0000000FF1CE}" = Compatibility Pack für 2007 Office System
"{90170407-6000-11D3-8CFE-0150048383C9}" = Microsoft Office FrontPage 2003
"{903B0407-6000-11D3-8CFE-0050048383C9}" = Microsoft Project Professional 2002
"{90510407-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Visio Professional 2003
"{95A890AA-B3B1-44B6-9C18-A8F7AB3EE7FC}" = QuickTime
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{A50C25D7-62E9-4511-AD70-8E2DA5E79B7D}" = Apple Software Update
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AA9CCD6A-495C-43B3-8CBC-71BE9B0B9DC2}" = Zeitungen und Visitenkarten
"{AC76BA86-1033-F400-7760-000000000002}" = Adobe Acrobat 7.0 Professional - English, Français, Deutsch
"{AC76BA86-7AD7-1031-7B44-A70000000000}" = Adobe Reader 7.0 - Deutsch
"{AFA4E5FD-ED70-4D92-99D0-162FD56DC986}" = Windows Live Anmelde-Assistent
"{BB3AB664-D92B-4CB5-8B3E-D841841F4E68}" = Canon Camera WIA Driver
"{BBBC2B89-E193-4348-A83C-C8DD8210A4AC}" = Canon PhotoRecord
"{C151CE54-E7EA-4804-854B-F515368B0798}" = Athlon 64 Processor Driver
"{C60BA916-9E44-4DA4-B11A-9E27B7624EF5}" = Sony Ericsson Drivers
"{C7340571-7773-4A8C-9EBC-4E4243B38C76}" = Microsoft XML Parser
"{C92E7DF1-624A-4D95-A4C4-18CB491B44A4}" = Sony Ericsson Device Data
"{C950420B-4182-49EA-850A-A6A2ABF06C6B}" = Marvell Miniport Driver
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CCD58DA0-8FC9-40F6-9346-5B1528DEA638}" = IndyCar Series
"{CD522250-7AEE-4266-A821-6FB7C7018F13}" = ImageShack QuickLoad
"{CFB17307-B244-4EAD-AE8E-CDAF440477C2}" = OpenMG Secure Module 4.4.00
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.2
"{D6BF6477-8369-489F-8DE6-3731F4B88560}" = Sony Ericsson PC Suite
"{EFB21DE7-8C19-4A88-BB28-A766E16493BC}" = Adobe Photoshop CS
"{F29B21BD-CAA6-445F-8EF7-A7E2B9D8B14E}" = Logitech SetPoint
"{F4F4F84E-804F-4E9A-84D7-C34283F0088F}" = RealUpgrade 1.0
"{F51D9393-BB14-4566-99BF-D6ED63AEFCD7}" = Natural Color
"{F69FD33C-8815-46BF-9134-A643DE68F3C0}" = WinFast(R) Display Driver
"{F7B0939E-58DF-11DF-B3A6-005056806466}" = Google Earth
"{FB08F381-6533-4108-B7DD-039E11FBC27E}" = Realtek AC'97 Audio
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"3GP Video Converter 3" = 3GP Video Converter 3
"Adobe Acrobat 7.0 Professional - EFG" = Adobe Acrobat 7.0 Professional - English, Français, Deutsch
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player
"AI RoboForm" = AI RoboForm (All Users)
"AirLive WMU-6500FS" = AirLive WMU-6500FS
"Alcatech BPM Studio Professional v4.9.1" = Alcatech BPM Studio Professional v4.9.1
"Amazon MP3-Downloader" = Amazon MP3-Downloader 1.0.9
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"Azureus" = Azureus
"baywotch3_is1" = BayWotch Update v3.1.101
"CAL" = Canon Camera Access Library
"CameraWindowDC" = Canon Utilities CameraWindow DC
"CameraWindowDVC5" = Canon Utilities CameraWindow DC_DV 5 for ZoomBrowser EX
"CameraWindowDVC6" = Canon Utilities CameraWindow DC_DV 6 for ZoomBrowser EX
"CameraWindowLauncher" = Canon Utilities CameraWindow
"CANON iMAGE GATEWAY Task" = CANON iMAGE GATEWAY Task for ZoomBrowser EX
"Canon Internet Library for ZoomBrowser EX" = Canon Internet Library for ZoomBrowser EX
"Canon Setup Utility 2.0" = Canon Setup Utility 2.0
"CCleaner" = CCleaner
"Cool's_Codec_pack_4.12" = Codec Pack - All In 1 6.0.3.0
"CSCLIB" = Canon Camera Support Core Library
"DPP" = Canon Utilities Digital Photo Professional 3.4
"DRI Tool 2.0_is1" = DRI Tool 2.0
"DScaler 4.1.10_is1" = DScaler 4.1.10
"DVD Decrypter" = DVD Decrypter (Remove Only)
"Dynamic-Photo HDR 4 (Trial)_is1" = Dynamic-Photo HDR Trial 4.5
"Easy-PhotoPrint" = Canon Utilities Easy-PhotoPrint
"Easy-PrintToolBox" = Canon Utilities Easy-PrintToolBox
"Easy-WebPrint" = Easy-WebPrint
"EOS Utility" = Canon Utilities EOS Utility
"Exif-Viewer" = Exif-Viewer 2.40
"FlatOut Ultimate Carnage" = FlatOut Ultimate Carnage
"FLV Player" = FLV Player 2.0, build 24
"Free YouTube to Mp3 Converter_is1" = Free YouTube to Mp3 Converter version 3.1
"Freez FLV to AVI/MPEG/WMV Converter 1.5_is1" = Freez FLV to AVI/MPEG/WMV Converter
"FTDICOMM" = SEMC DSS SyncStation Driver
"GameSpy Arcade" = GameSpy Arcade
"GcMail_is1" = GcMail
"Indeo® software" = Indeo® software
"InstallShield_{2A2E822B-3B0E-46C1-9E3B-ACD7D1E95139}" = SAMSUNG PC Share Manager
"InstallShield_{69640730-B830-4C24-BB5C-222DA1260548}" = Turbo Lister 2
"InstallShield_{6BE2A4A4-99FB-48ED-AE1E-4E850389F804}" = PowerQuest PartitionMagic 8.0
"InstallShield_{BB3AB664-D92B-4CB5-8B3E-D841841F4E68}" = Canon EOS 5D WIA-Treiber
"InstallShield_{CFB17307-B244-4EAD-AE8E-CDAF440477C2}" = OpenMG Secure Module 4.4.00
"IrfanView" = IrfanView (remove only)
"IsoBuster_is1" = IsoBuster 1.7
"MAGIX Media Manager 2004 gold" = MAGIX Media Manager 2004 gold
"MAGIX Online Druck Service" = MAGIX Online Druck Service
"MAGIX Video deLuxe 2005 PLUS" = MAGIX Video deLuxe 2005 PLUS
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"MarketViewer" = MarketViewer 2.0.8
"MediaNavigation.CDLabelPrint" = CD-LabelPrint
"Microsoft .NET Framework 2.0" = Microsoft .NET Framework 2.0
"Microsoft .NET Framework 2.0 Language Pack - DEU" = Microsoft .NET Framework 2.0 Language Pack - DEU
"Mozilla Firefox (3.6.6)" = Mozilla Firefox (3.6.6)
"MPE" = MyPhoneExplorer
"MusicBrainz Picard" = MusicBrainz Picard
"MyCamera" = Canon Utilities MyCamera
"MyCameraDC" = Canon Utilities MyCamera DC
"NCP RWS/GA" = LANCOM Advanced VPN Client
"Nero - Burning Rom!UninstallKey" = Nero 6 Ultra Edition
"NeroVision!UninstallKey" = Nero Digital
"NVIDIA Drivers" = NVIDIA Drivers
"OpenMG HotFix4.4-05-12-06-01" = OpenMG Limited Patch 4.4-06-13-19-01
"Original Data Security Tools" = Canon Utilities Original Data Security Tools
"PDFill PDF Writer" = PDFill PDF Writer
"PDF-XChange 3_is1" = PDF-XChange 3
"Personal Translator 2004 Office plus" = Personal Translator 2004 Office plus
"Phlips Vesta (Pro) Camera Uninstall" = Philips Vesta (Pro) Camera
"Phlips Vesta Camera WebUpdate Uninstall" = Philips Vesta Camera WebUpdate
"Photomatix Basic_is1" = Photomatix Basic version 1.0
"PhotomatixPro3_is1" = Photomatix Pro version 3.1.3
"PhotoStitch" = Canon Utilities PhotoStitch
"Picture Style Editor" = Canon Utilities Picture Style Editor
"Qtpfsgui_is1" = Qtpfsgui 1.9.1
"RAW Image Task" = Canon RAW Image Task for ZoomBrowser EX
"RealPlayer 12.0" = RealPlayer
"Redirection Port Monitor" = RedMon - Redirection Port Monitor
"RemoteCaptureDC" = Canon Utilities RemoteCapture DC
"RemoteCaptureTask" = Canon Utilities RemoteCapture Task for ZoomBrowser EX
"ShapeCollage" = Shape Collage
"ShiftN_is1" = ShiftN 3.5
"SystemRequirementsLab" = System Requirements Lab
"Totalcmd" = Total Commander (Remove or Repair)
"Tunatic" = Tunatic
"Update Service" = Update Service
"VLC media player" = VideoLAN VLC media player 0.8.1
"WebPost" = Microsoft Web Publishing Wizard 1.53
"WFTK" = Canon Utilities WFT-E1/E2/E3 Utility
"Winamp" = Winamp
"Windows Media Format Runtime" = Windows Media Format Runtime
"Windows Media Player" = Windows Media Player 10
"WinGimp-2.0_is1" = GIMP 2.6.6
"WinISO_is1" = WinISO 5.3
"WinRAR archiver" = WinRAR
"WMCSetup" = Windows Media Connect
"Xilisoft Video Converter Ultimate" = Xilisoft Video Converter Ultimate 6
"XnView_is1" = XnView 1.96
"XP Codec Pack" = XP Codec Pack
"YouTube Downloader_is1" = YouTube Downloader 2.3
"ZoomBrowser EX" = Canon Utilities ZoomBrowser EX
"ZoomBrowser EX Memory Card Utility" = Canon ZoomBrowser EX Memory Card Utility
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"ITscope MarketViewer 2.0" = ITscope MarketViewer 2.0
"PhotoFiltre" = PhotoFiltre
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 12.07.2010 16:04:18 | Computer Name = TOMMY | Source = crypt32 | ID = 131083
Description = Die Extrahierung der Drittanbieterstammlisten aus der automatischen
Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>
ist fehlgeschlagen mit dem Fehler: Ein erforderliches Zertifikat befindet sich
nicht im Gültigkeitszeitraum gemessen an der aktuellen Systemzeit oder dem Zeitstempel
in der signierten Datei. .
Error - 12.07.2010 16:04:20 | Computer Name = TOMMY | Source = crypt32 | ID = 131083
Description = Die Extrahierung der Drittanbieterstammlisten aus der automatischen
Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>
ist fehlgeschlagen mit dem Fehler: Ein erforderliches Zertifikat befindet sich
nicht im Gültigkeitszeitraum gemessen an der aktuellen Systemzeit oder dem Zeitstempel
in der signierten Datei. .
Error - 14.07.2010 14:11:08 | Computer Name = TOMMY | Source = Microsoft Office 11 | ID = 2000
Description = Accepted Safe Mode action : Microsoft Office Outlook.
[ System Events ]
Error - 24.05.2010 13:28:37 | Computer Name = TOMMY | Source = Service Control Manager | ID = 7026
Description = Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
sptd
Error - 25.05.2010 16:17:11 | Computer Name = TOMMY | Source = Service Control Manager | ID = 7000
Description = Der Dienst "ASInsHelp" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error - 25.05.2010 16:17:11 | Computer Name = TOMMY | Source = Service Control Manager | ID = 7000
Description = Der Dienst "NTPort Library Driver" wurde aufgrund folgenden Fehlers
nicht gestartet: %%2
Error - 25.05.2010 16:17:11 | Computer Name = TOMMY | Source = Service Control Manager | ID = 7026
Description = Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
sptd
Error - 26.05.2010 04:23:27 | Computer Name = TOMMY | Source = Service Control Manager | ID = 7000
Description = Der Dienst "ASInsHelp" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error - 26.05.2010 04:23:27 | Computer Name = TOMMY | Source = Service Control Manager | ID = 7000
Description = Der Dienst "NTPort Library Driver" wurde aufgrund folgenden Fehlers
nicht gestartet: %%2
Error - 26.05.2010 04:23:27 | Computer Name = TOMMY | Source = Service Control Manager | ID = 7026
Description = Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
sptd
Error - 26.05.2010 07:59:26 | Computer Name = TOMMY | Source = Service Control Manager | ID = 7000
Description = Der Dienst "ASInsHelp" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error - 26.05.2010 07:59:26 | Computer Name = TOMMY | Source = Service Control Manager | ID = 7000
Description = Der Dienst "NTPort Library Driver" wurde aufgrund folgenden Fehlers
nicht gestartet: %%2
Error - 26.05.2010 07:59:26 | Computer Name = TOMMY | Source = Service Control Manager | ID = 7026
Description = Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
sptd
[ TuneUp Events ]
Error - 26.08.2009 05:45:27 | Computer Name = TOMMY | Source = TuneUp Program Statistics | ID = 131840
Description =
Error - 26.08.2009 06:47:13 | Computer Name = TOMMY | Source = TuneUp Program Statistics | ID = 131840
Description =
Error - 26.08.2009 08:49:14 | Computer Name = TOMMY | Source = TuneUp Program Statistics | ID = 131840
Description =
< End of report >
Besten Dank! |
