TR/Crypt:Xpack.gen in Skype.exe
Hi,
ich hatte vor 4 Tagen meinen Laptop angemacht und nachdem ich Skype gestartet hatte, kam eine Meldung von Avira Antivir, dass sich TR/Crypt:Xpack.gen in der Skype.exe befindet.
Ich habe auf entfernen geklickt und dann einen Systemscan mit Avira und Malwarebytes Antimalware gemacht. Es wurde nichts gefunden.
Danach habe ich nochmal einen Scan mit einer Rescue Disk von Kaspersky Antivirus 10 gemacht (mit neuesten Updates). Es wurde wieder nichts gefunden.
Als ich den Laptop dann gestern wieder angeschaltet hatte, kam wieder die Meldung von Avira "TR/Crypt:Xpack.gen" in Skype.exe.
Also habe ich die Systemwiederherstellung ausgestellt und bei Avira auf entfernen geklickt. Habe einen vollen Systemscan mit Malwarebytes gemacht, sowie einen HiJackThis log und einen OTL scan log erstellt.
Dies folgt weiter unten.
Ich bin für Eure Hilfe sehr dankbar.
Frohe Weihnachten,
aware
Hijack This
[CODE]
HiJackthis Logfile: Code:
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 09:19:23, on 25.12.2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Programme\Cisco\Cisco AnyConnect VPN Client\vpnagent.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Programme\Avira\AntiVir Desktop\sched.exe
C:\PROGRA~1\Agnitum\Outpost\acs.exe
C:\WINDOWS\system32\agrsmsvc.exe
C:\Programme\Avira\AntiVir Desktop\avguard.exe
C:\Programme\Java\jre6\bin\jqs.exe
C:\Programme\Avira\AntiVir Desktop\avshadow.exe
C:\Programme\Gemeinsame Dateien\LogiShrd\LVCOMSER\LVComSer.exe
C:\WINDOWS\System32\snmp.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\UTSCSI.EXE
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\Programme\ASUS Security Center\ASUS Security Protect Manager\Bin\AsGHost.exe
C:\WINDOWS\Explorer.EXE
C:\Programme\ATK Hotkey\HcontrolUser.exe
C:\Programme\ATK Hotkey\MsgTranAgt.exe
C:\Programme\ATKOSD2\ATKOSD2.exe
C:\Programme\Wireless Console 2\wcourier.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Programme\Power4 Gear\BatteryLife.exe
C:\Programme\CyberLink\PowerDVD\PDVDServ.exe
C:\Programme\Avira\AntiVir Desktop\avgnt.exe
C:\Programme\ATK Hotkey\Hcontrol.exe
F:\iTunes\iTunesHelper.exe
C:\Programme\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe
C:\Programme\Synaptics\SynTP\SynTPEnh.exe
C:\Programme\Gemeinsame Dateien\Real\Update_OB\realsched.exe
C:\Programme\ATK Hotkey\ATKOSD.exe
C:\Programme\Gemeinsame Dateien\LogiShrd\LComMgr\Communications_Helper.exe
C:\Programme\ATK Hotkey\KBFiltr.exe
C:\Programme\ATK Hotkey\WDC.exe
C:\Programme\Logitech\QuickCam\Quickcam.exe
C:\PROGRA~1\Agnitum\Outpost\op_mon.exe
C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programme\Microsoft Office 2007\Office12\ONENOTEM.EXE
C:\Programme\iPod\bin\iPodService.exe
C:\Programme\Gemeinsame Dateien\Logishrd\LQCVFX\COCIManager.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\System32\svchost.exe
C:\Dokumente und Einstellungen\lucky8\Desktop\HiJackThis204.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
O2 - BHO: CmjBrowserHelperObject Object - {07A11D74-9D25-4fea-A833-8B0D76A5577A} - C:\Programme\Mindjet\MindManager 7\Mm7InternetExplorer.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: CmjBrowserHelperObject Object - {6FE6A929-59D1-4763-91AD-29B61CFFB35B} - C:\Programme\Mindjet\MindManager 8\Mm8InternetExplorer.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre6\bin\jp2ssv.dll
O2 - BHO: ASUS Security Protect Manager - {DF21F1DB-80C6-11D3-9483-B03D0EC10000} - C:\Programme\ASUS Security Center\ASUS Security Protect Manager\Bin\ItIEAddIn.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Programme\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O4 - HKLM\..\Run: [HControlUser] "C:\Programme\ATK Hotkey\HcontrolUser.exe"
O4 - HKLM\..\Run: [MsgTranAgt] "C:\Programme\ATK Hotkey\MsgTranAgt.exe"
O4 - HKLM\..\Run: [ATKOSD2] "C:\Programme\ATKOSD2\ATKOSD2.exe"
O4 - HKLM\..\Run: [CognizanceTS] rundll32.exe C:\PROGRA~1\ASUSSE~1\ASUSSE~1\Bin\ASTSVCC.dll,RegisterModule
O4 - HKLM\..\Run: [Wireless Console 2] "C:\Programme\Wireless Console 2\wcourier.exe"
O4 - HKLM\..\Run: [StartCCC] "C:\Programme\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [Power_Gear] C:\Programme\Power4 Gear\BatteryLife.exe 1
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\GEMEIN~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Programme\Gemeinsame Dateien\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [ScanSoft OmniPage 16-reminder] "C:\Programme\ScanSoft\OmniPage\Ereg\Ereg.exe" -r "C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\ScanSoft\OmniPage 16\Ereg\Ereg.ini"
O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Programme\Gemeinsame Dateien\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
O4 - HKLM\..\Run: [RemoteControl] C:\Programme\CyberLink\PowerDVD\PDVDServ.exe
O4 - HKLM\..\Run: [LanguageShortcut] C:\Programme\CyberLink\PowerDVD\Language\Language.exe
O4 - HKLM\..\Run: [OutpostFeedBack] "C:\Programme\Agnitum\Outpost\feedback.exe" /dump:os_startup
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [avgnt] "C:\Programme\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [QuickTime Task] "C:\Programme\QuickTime Alternative\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [ATKHOTKEY] "C:\Programme\ATK Hotkey\Hcontrol.exe"
O4 - HKLM\..\Run: [iTunesHelper] "F:\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [Adobe Acrobat Speed Launcher] "C:\Programme\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe"
O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Programme\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [SynTPEnh] C:\Programme\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Programme\Gemeinsame Dateien\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Programme\Gemeinsame Dateien\LogiShrd\LComMgr\Communications_Helper.exe"
O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Programme\Logitech\QuickCam\Quickcam.exe" /hide
O4 - HKLM\..\Run: [OutpostMonitor] "C:\PROGRA~1\Agnitum\Outpost\op_mon.exe" /tray /noservice
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [OpAgent] "OpAgent.exe" /agent
O4 - HKCU\..\Run: [TrueCrypt] "C:\Programme\Ud\Ud.exe" /q preferences /a favorites
O4 - HKCU\..\RunOnce: [FlashPlayerUpdate] C:\WINDOWS\system32\Macromed\Flash\FlashUtil10k_Plugin.exe -update plugin
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOKALER DIENST')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETZWERKDIENST')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: OneNote 2007 Screen Clipper and Launcher.lnk = C:\Programme\Microsoft Office 2007\Office12\ONENOTEM.EXE
O8 - Extra context menu item: An vorhandene PDF-Datei anfügen - res://C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Free YouTube Download - C:\Dokumente und Einstellungen\lucky8\Anwendungsdaten\DVDVideoSoftIEHelpers\youtubedownload.htm
O8 - Extra context menu item: Free YouTube to Mp3 Converter - C:\Dokumente und Einstellungen\lucky8\Anwendungsdaten\DVDVideoSoftIEHelpers\youtubetomp3.htm
O8 - Extra context menu item: In Adobe PDF konvertieren - res://C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Linkziel an vorhandene PDF-Datei anhängen - res://C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Linkziel in Adobe PDF konvertieren - res://C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: An Mindjet MindManager senden - {2F72393D-2472-4F82-B600-ED77F354B7FF} - C:\Programme\Mindjet\MindManager 8\Mm8InternetExplorer.dll
O9 - Extra button: Outpost Firewall Pro Quick Tune - {44627E97-789B-40d4-B5C2-58BD171129A1} - C:\Programme\Agnitum\Outpost\ie_bar.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: An Mindjet MindManager senden - {941E1A34-C6AF-4baa-A973-224F9C3E04BF} - C:\Programme\Mindjet\MindManager 7\Mm7InternetExplorer.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe
O16 - DPF: 55963676-2F5E-4BAF-AC28-CF26AA587566 - vpnweb.cab
O16 - DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} (Office Genuine Advantage Validation Tool) - hxxp://go.microsoft.com/fwlink/?linkid=58813
O16 - DPF: {5AE58FCF-6F6A-49B2-B064-02492C66E3F4} (MUCatalogWebControl Class) - hxxp://catalog.update.microsoft.com/v7/site/ClientControl/en/x86/MuCatalogWebControl.cab?1285851806468
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - hxxp://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1262448081406
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - hxxp://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1262448071296
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\GEMEIN~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: c:\progra~1\agnitum\outpost\wl_hook.dll apshook.dll
O20 - Winlogon Notify: OneCard - C:\Programme\ASUS Security Center\ASUS Security Protect Manager\Bin\ASWLNPkg.dll
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Agnitum Client Security Service (acssrv) - Agnitum Ltd. - C:\PROGRA~1\Agnitum\Outpost\acs.exe
O23 - Service: AdeonaClientService - Unknown owner - C:\Programme\Dell\cygrunsrv.exe
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\WINDOWS\system32\agrsmsvc.exe
O23 - Service: Avira AntiVir Planer (AntiVirSchedulerService) - Avira GmbH - C:\Programme\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Programme\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Programme\Gemeinsame Dateien\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: iPod Service - Apple Inc. - C:\Programme\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Programme\Java\jre6\bin\jqs.exe
O23 - Service: LVCOMSer - Logitech Inc. - C:\Programme\Gemeinsame Dateien\LogiShrd\LVCOMSER\LVComSer.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Programme\Gemeinsame Dateien\LogiShrd\LVMVFM\LVPrcSrv.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Programme\Gemeinsame Dateien\LogiShrd\SrvLnch\SrvLnch.exe
O23 - Service: CLCV0 (UTSCSI) - Unknown owner - C:\WINDOWS\system32\UTSCSI.EXE
O23 - Service: Cisco AnyConnect VPN Agent (vpnagent) - Cisco Systems, Inc. - C:\Programme\Cisco\Cisco AnyConnect VPN Client\vpnagent.exe
O23 - Service: webcamXP Service (wxpSvc) - Unknown owner - C:\Programme\webcamXP5\wService.exe
--
End of file - 13552 bytes
--- --- ---
Malwarebytes Anti-Malware Code:
Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org
Datenbank Version: 5388
Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702
25.12.2010 02:24:42
mbam-log-2010-12-25 (02-24-42).txt
Art des Suchlaufs: Vollständiger Suchlauf (C:\|F:\|G:\|H:\|)
Durchsuchte Objekte: 296430
Laufzeit: 9 Stunde(n), 39 Minute(n), 48 Sekunde(n)
Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 0
Infizierte Registrierungswerte: 0
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 0
Infizierte Dateien: 0
Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)
Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)
Infizierte Registrierungsschlüssel:
(Keine bösartigen Objekte gefunden)
Infizierte Registrierungswerte:
(Keine bösartigen Objekte gefunden)
Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)
Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)
Infizierte Dateien:
(Keine bösartigen Objekte gefunden)
OTL
OTL Logfile: Code:
OTL logfile created on: 25.12.2010 08:45:59 - Run 1
OTL by OldTimer - Version 3.2.18.0 Folder = C:\Dokumente und Einstellungen\X\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 62,00% Memory free
3,00 Gb Paging File | 2,00 Gb Available in Paging File | 69,00% Paging File free
Paging file location(s): [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 39,06 Gb Total Space | 15,21 Gb Free Space | 38,93% Space Free | Partition Type: NTFS
Drive F: | 49,63 Gb Total Space | 17,74 Gb Free Space | 35,75% Space Free | Partition Type: NTFS
Drive G: | 49,63 Gb Total Space | 34,43 Gb Free Space | 69,37% Space Free | Partition Type: NTFS
Drive H: | 59,08 Mb Total Space | 46,31 Mb Free Space | 78,39% Space Free | Partition Type: FAT
Computer Name: HUMPAA | User Name: X | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - C:\Dokumente und Einstellungen\X\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Programme\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
PRC - C:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
PRC - C:\Programme\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
PRC - C:\Programme\Agnitum\Outpost\op_mon.exe (Agnitum Ltd.)
PRC - C:\Programme\Agnitum\Outpost\acs.exe (Agnitum Ltd.)
PRC - C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)
PRC - C:\Programme\Avira\AntiVir Desktop\avshadow.exe (Avira GmbH)
PRC - C:\Programme\Adobe\Acrobat 9.0\Acrobat\acrotray.exe (Adobe Systems Inc.)
PRC - C:\Programme\Cisco\Cisco AnyConnect VPN Client\vpnagent.exe (Cisco Systems, Inc.)
PRC - C:\WINDOWS\system32\UTSCSI.EXE ()
PRC - C:\Programme\Microsoft Office 2007\Office12\ONENOTEM.EXE (Microsoft Corporation)
PRC - C:\Programme\Gemeinsame Dateien\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\WINDOWS\system32\agrsmsvc.exe (Agere Systems)
PRC - C:\Programme\ATK Hotkey\HControl.exe (ATK0100)
PRC - C:\Programme\ATKOSD2\ATKOSD2.exe ()
PRC - C:\Programme\ATK Hotkey\WDC.exe ()
PRC - C:\Programme\ATK Hotkey\HControlUser.exe ()
PRC - C:\Programme\ATK Hotkey\ATKOSD.exe ()
PRC - C:\Programme\ATK Hotkey\MsgTranAgt.exe ()
PRC - C:\Programme\ATK Hotkey\KBFiltr.exe ()
PRC - C:\Programme\Logitech\QuickCam\Quickcam.exe ()
PRC - C:\Programme\Gemeinsame Dateien\LogiShrd\LComMgr\Communications_Helper.exe ()
PRC - C:\Programme\Gemeinsame Dateien\LogiShrd\LQCVFX\COCIManager.exe (Logitech Inc.)
PRC - C:\Programme\Gemeinsame Dateien\LogiShrd\LVCOMSER\LVComSer.exe (Logitech Inc.)
PRC - C:\Programme\Wireless Console 2\wcourier.exe ()
PRC - C:\Programme\ASUS Security Center\ASUS Security Protect Manager\Bin\asghost.exe (Cognizance Corporation)
PRC - C:\Programme\Power4 Gear\BatteryLife.exe (ASUSTeK Computer Inc.)
========== Modules (SafeList) ==========
MOD - C:\Dokumente und Einstellungen\X\Desktop\OTL.exe (OldTimer Tools)
MOD - c:\Programme\Agnitum\Outpost\wl_hook.dll (Agnitum Ltd.)
MOD - C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll (Microsoft Corporation)
MOD - C:\Programme\Mindjet\MindManager 8\msscript.ocx (Microsoft Corporation)
MOD - C:\WINDOWS\system32\APSHook.dll (Cognizance Corporation)
========== Win32 Services (SafeList) ==========
SRV - (getPlusHelper) getPlus(R) -- C:\Programme\NOS\bin\getPlus_Helper.dll File not found
SRV - (AntiVirService) -- C:\Programme\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
SRV - (AntiVirSchedulerService) -- C:\Programme\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
SRV - (acssrv) -- C:\Programme\Agnitum\Outpost\acs.exe (Agnitum Ltd.)
SRV - (wxpSvc) -- C:\Programme\webcamXP5\wService.exe (Moonware Studios)
SRV - (FLEXnet Licensing Service) -- C:\Programme\Gemeinsame Dateien\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Macrovision Europe Ltd.)
SRV - (vpnagent) -- C:\Programme\Cisco\Cisco AnyConnect VPN Client\vpnagent.exe (Cisco Systems, Inc.)
SRV - (Apple Mobile Device) -- C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe (Apple Inc.)
SRV - (UTSCSI) -- C:\WINDOWS\system32\UTSCSI.EXE ()
SRV - (odserv) -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE12\ODSERV.EXE (Microsoft Corporation)
SRV - (AdeonaClientService) -- C:\Programme\Dell\cygrunsrv.exe ()
SRV - (AgereModemAudio) -- C:\WINDOWS\system32\agrsmsvc.exe (Agere Systems)
SRV - (LVSrvLauncher) -- C:\Programme\Gemeinsame Dateien\LogiShrd\SrvLnch\SrvLnch.exe (Logitech Inc.)
SRV - (LVPrcSrv) -- C:\Programme\Gemeinsame Dateien\LogiShrd\LVMVFM\LVPrcSrv.exe (Logitech Inc.)
SRV - (LVCOMSer) -- C:\Programme\Gemeinsame Dateien\LogiShrd\LVCOMSER\LVComSer.exe (Logitech Inc.)
SRV - (ASBroker) -- C:\Programme\ASUS Security Center\ASUS Security Protect Manager\Bin\ASWLNPkg.dll (Cognizance Corporation)
SRV - (rpcapd) Remote Packet Capture Protocol v.0 (experimental) -- C:\Programme\WinPcap\rpcapd.exe (CACE Technologies)
SRV - (ose) -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE (Microsoft Corporation)
SRV - (ASChannel) -- C:\Programme\ASUS Security Center\ASUS Security Protect Manager\Bin\ASChnl.dll (Cognizance Corporation)
========== Driver Services (SafeList) ==========
DRV - (slabser) -- C:\WINDOWS\System32\DRIVERS\slabser.sys File not found
DRV - (slabbus) CP2101 USB Composite Device driver (WDM) -- C:\WINDOWS\System32\DRIVERS\slabbus.sys File not found
DRV - (avipbb) -- C:\WINDOWS\system32\drivers\avipbb.sys (Avira GmbH)
DRV - (avgntflt) -- C:\WINDOWS\system32\drivers\avgntflt.sys (Avira GmbH)
DRV - (SandBox) -- C:\WINDOWS\system32\drivers\SandBox.sys (Agnitum Ltd.)
DRV - (ASWFilt) -- C:\WINDOWS\system32\Filt\ASWFilt.dll (Agnitum Ltd.)
DRV - (afwcore) -- C:\WINDOWS\system32\drivers\afwcore.sys (Agnitum Ltd.)
DRV - (snapman) -- C:\WINDOWS\system32\DRIVERS\snapman.sys (Acronis)
DRV - (truecrypt) -- C:\WINDOWS\system32\drivers\truecrypt.sys (TrueCrypt Foundation)
DRV - (afw) -- C:\WINDOWS\system32\drivers\afw.sys (Agnitum Ltd.)
DRV - (vpnva) -- C:\WINDOWS\system32\drivers\vpnva.sys (Cisco Systems, Inc.)
DRV - (silabser) -- C:\WINDOWS\system32\drivers\silabser.sys (Silicon Laboratories)
DRV - (silabenm) -- C:\WINDOWS\system32\drivers\silabenm.sys (Silicon Laboratories, Inc.)
DRV - (NETw5x32) Intel(R) -- C:\WINDOWS\system32\drivers\NETw5x32.sys (Intel Corporation)
DRV - (ssmdrv) -- C:\WINDOWS\system32\drivers\ssmdrv.sys (Avira GmbH)
DRV - (avgio) -- C:\Programme\Avira\AntiVir Desktop\avgio.sys (Avira GmbH)
DRV - (SynTP) -- C:\WINDOWS\system32\drivers\SynTP.sys (Synaptics, Inc.)
DRV - (IntcAzAudAddService) Service for Realtek HD Audio (WDM) -- C:\WINDOWS\system32\drivers\RtkHDAud.sys (Realtek Semiconductor Corp.)
DRV - (RTHDMIAzAudService) -- C:\WINDOWS\system32\drivers\RtHDMI.sys (Realtek Semiconductor Corp.)
DRV - (ati2mtag) -- C:\WINDOWS\system32\drivers\ati2mtag.sys (ATI Technologies Inc.)
DRV - (AtiHdmiService) -- C:\WINDOWS\system32\drivers\AtiHdmi.sys (ATI Research Inc.)
DRV - (RTLE8023xp) -- C:\WINDOWS\system32\drivers\Rtenicxp.sys (Realtek Semiconductor Corporation )
DRV - (nm) -- C:\WINDOWS\system32\drivers\nmnt.sys (Microsoft Corporation)
DRV - (HDAudBus) -- C:\WINDOWS\system32\drivers\hdaudbus.sys (Windows (R) Server 2003 DDK provider)
DRV - (usbaudio) USB-Audiotreiber (WDM) -- C:\WINDOWS\system32\drivers\USBAUDIO.sys (Microsoft Corporation)
DRV - (AgereSoftModem) -- C:\WINDOWS\system32\drivers\AGRSM.sys (Agere Systems)
DRV - (rimmptsk) -- C:\WINDOWS\system32\drivers\rimmptsk.sys (REDC)
DRV - (SCDEmu) -- C:\WINDOWS\System32\drivers\scdemu.sys (PowerISO Computing, Inc.)
DRV - (itecir) -- C:\WINDOWS\system32\drivers\itecir.sys (ITE Tech. Inc. )
DRV - (IFXTPM) -- C:\WINDOWS\system32\drivers\ifxtpm.sys (Infineon Technologies AG)
DRV - (SNP2UVC) USB2.0 PC Camera (SNP2UVC) -- C:\WINDOWS\system32\drivers\snp2uvc.sys ()
DRV - (MTsensor) -- C:\WINDOWS\system32\drivers\ATKACPI.sys ()
DRV - (rismxdp) -- C:\WINDOWS\system32\drivers\rixdptsk.sys (REDC)
DRV - (rimsptsk) -- C:\WINDOWS\system32\drivers\rimsptsk.sys (REDC)
DRV - (LVUVC) Logitech QuickCam Pro 5000(UVC) -- C:\WINDOWS\system32\drivers\lvuvc.sys (Logitech Inc.)
DRV - (FilterService) -- C:\WINDOWS\system32\drivers\lvuvcflt.sys (Logitech Inc.)
DRV - (LVUSBSta) -- C:\WINDOWS\system32\drivers\LVUSBSta.sys (Logitech Inc.)
DRV - (lvpopflt) -- C:\WINDOWS\system32\drivers\lvpopflt.sys (Logitech Inc.)
DRV - (ATSWPDRV) AuthenTec TruePrint USB Driver (SwipeSensor) -- C:\WINDOWS\system32\drivers\atswpdrv.sys (AuthenTec, Inc.)
DRV - (NPF) -- C:\WINDOWS\system32\drivers\npf.sys (CACE Technologies)
DRV - (kbfiltr) -- C:\WINDOWS\system32\drivers\kbfiltr.sys ( )
DRV - ({95808DC4-FA4A-4c74-92FE-5B863F82066B}) -- C:\Programme\CyberLink\PowerDVD\000.fcl (Cyberlink Corp.)
DRV - (speedfan) -- C:\WINDOWS\system32\speedfan.sys (Windows (R) 2000 DDK provider)
DRV - (giveio) -- C:\WINDOWS\system32\giveio.sys ()
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
========== FireFox ==========
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.1
FF - prefs.js..extensions.enabledItems: {097d3191-e6fa-4728-9826-b533d755359d}:0.7.12
FF - prefs.js..extensions.enabledItems: {0FED7D55-65D4-47b6-A6DE-9A4ADB55355F}:1.0.1
FF - prefs.js..extensions.enabledItems: {d40f5e7b-d2cf-4856-b441-cc613eeffbe3}:1.48.3
FF - prefs.js..extensions.enabledItems: {987311C6-B504-4aa2-90BF-60CC49808D42}:2.2
FF - prefs.js..extensions.enabledItems: {962e0d4d-6b89-4b73-aa72-df03360da12e}:0.3.8
FF - prefs.js..extensions.enabledItems: {0545b830-f0aa-4d7e-8820-50a4629a56fe}:4.6.4
FF - prefs.js..extensions.enabledItems: copyandgo@vimperator:1.2
FF - prefs.js..extensions.enabledItems: ctrl-tab@design-noir.de:0.21.1
FF - prefs.js..extensions.enabledItems: de-DE@dictionaries.addons.mozilla.org:2.0.2
FF - prefs.js..extensions.enabledItems: {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.8.1
FF - prefs.js..extensions.enabledItems: {DDC359D1-844A-42a7-9AA1-88A850A938A8}:1.1.10
FF - prefs.js..extensions.enabledItems: dendzones@captaincaveman.nl:1.5.0.2
FF - prefs.js..extensions.enabledItems: fastdial@telega.phpnet.us:2.23b2
FF - prefs.js..extensions.enabledItems: {c50ca3c4-5656-43c2-a061-13e717f73fc8}:3.1.1
FF - prefs.js..extensions.enabledItems: firebug@software.joehewitt.com:1.6.0
FF - prefs.js..extensions.enabledItems: {0b457cAA-602d-484a-8fe7-c1d894a011ba}:0.87
FF - prefs.js..extensions.enabledItems: max@subfighter.com:1.0.3
FF - prefs.js..extensions.enabledItems: {477c4c36-24eb-11da-94d4-00e08161165f}:2.7.6
FF - prefs.js..extensions.enabledItems: activities@kaply.com:0.7.7
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: {6e764c17-863a-450f-bdd0-6772bd5aaa18}:1.0.3
FF - prefs.js..extensions.enabledItems: multipletab@piro.sakura.ne.jp:0.6.2010120202
FF - prefs.js..extensions.enabledItems: netvideohunter@netvideohunter.com:1.4
FF - prefs.js..extensions.enabledItems: nosquint@urandom.ca:2.0.3
FF - prefs.js..extensions.enabledItems: openbookmarkintab@piro.sakura.ne.jp:0.1.2010043001
FF - prefs.js..extensions.enabledItems: pastego@jeremy:2.0.4
FF - prefs.js..extensions.enabledItems: pnbuttons@phdul.projects:1.3.2
FF - prefs.js..extensions.enabledItems: {8FFE139B-90A7-4460-A972-9D2738997F6D}:1.6.3
FF - prefs.js..extensions.enabledItems: {d5ea4520-61a1-11da-8cd6-0800200c9a66}:2009.07.19
FF - prefs.js..extensions.enabledItems: {53A03D43-5363-4669-8190-99061B2DEBA5}:1.3.7
FF - prefs.js..extensions.enabledItems: {EF522540-89F5-46b9-B6FE-1829E2B572C6}:4.9.4
FF - prefs.js..extensions.enabledItems: {1280606b-2510-4fe0-97ef-9b5a22eafe30}:0.6.9.3
FF - prefs.js..extensions.enabledItems: {5F590AA2-1221-4113-A6F4-A4BB62414FAC}:0.45.6.20100202.1
FF - prefs.js..extensions.enabledItems: {dc572301-7619-498c-a57d-39143191b318}:0.3.8.4
FF - prefs.js..extensions.enabledItems: tabscope@xuldev.org:0.3.7
FF - prefs.js..extensions.enabledItems: {dc5d9a10-2736-11da-8cd6-0800200c9a66}:1.4.8
FF - prefs.js..extensions.enabledItems: en-US@dictionaries.addons.mozilla.org:5.0.1
FF - prefs.js..extensions.enabledItems: unplug@compunach:2.035
FF - prefs.js..extensions.enabledItems: VacuumPlacesImproved@lultimouomo-gmail.com:1.1
FF - prefs.js..extensions.enabledItems: {9ab67d74-ec41-4cb2-b417-df5d93ba1beb}:1.5.1
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: CrystalFox_Qute@BigRedBrent:3.7
FF - prefs.js..extensions.enabledItems: cheeaun@phoenity.com:0.5
FF - prefs.js..extensions.enabledItems: {36C13C8F-54F1-412e-8177-2E411719162D}:4.1.1
FF - prefs.js..network.proxy.autoconfig_url: "hxxp://www.icts.unimaas.nl/um.proxy"
FF - prefs.js..network.proxy.type: 0
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.12\extensions\\Components: C:\Programme\Firefox\components [2010.12.01 13:33:30 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.12\extensions\\Plugins: C:\Programme\Firefox\plugins [2010.12.01 13:33:30 | 000,000,000 | ---D | M]
[2008.08.21 23:34:34 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\X\Anwendungsdaten\Mozilla\Extensions
[2010.12.09 11:39:56 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\X\Anwendungsdaten\Mozilla\Firefox\Profiles\d1pj8w7n.default\extensions
[2010.11.27 14:59:57 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\X\Anwendungsdaten\Mozilla\Firefox\Profiles\d1pj8w7n.default\extensions\{0545b830-f0aa-4d7e-8820-50a4629a56fe}
[2010.11.30 22:16:44 | 000,000,000 | ---D | M] (All-in-One Sidebar) -- C:\Dokumente und Einstellungen\X\Anwendungsdaten\Mozilla\Firefox\Profiles\d1pj8w7n.default\extensions\{097d3191-e6fa-4728-9826-b533d755359d}
[2010.11.27 14:59:57 | 000,000,000 | ---D | M] (FireShot) -- C:\Dokumente und Einstellungen\X\Anwendungsdaten\Mozilla\Firefox\Profiles\d1pj8w7n.default\extensions\{0b457cAA-602d-484a-8fe7-c1d894a011ba}
[2010.03.07 10:16:21 | 000,000,000 | ---D | M] (Auto Copy) -- C:\Dokumente und Einstellungen\X\Anwendungsdaten\Mozilla\Firefox\Profiles\d1pj8w7n.default\extensions\{0FED7D55-65D4-47b6-A6DE-9A4ADB55355F}
[2010.11.30 22:16:44 | 000,000,000 | ---D | M] (Session Manager) -- C:\Dokumente und Einstellungen\X\Anwendungsdaten\Mozilla\Firefox\Profiles\d1pj8w7n.default\extensions\{1280606b-2510-4fe0-97ef-9b5a22eafe30}
[2010.04.28 10:14:41 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Dokumente und Einstellungen\X\Anwendungsdaten\Mozilla\Firefox\Profiles\d1pj8w7n.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010.03.26 10:52:47 | 000,000,000 | ---D | M] (Qute) -- C:\Dokumente und Einstellungen\X\Anwendungsdaten\Mozilla\Firefox\Profiles\d1pj8w7n.default\extensions\{36C13C8F-54F1-412e-8177-2E411719162D}
[2009.11.08 01:37:06 | 000,000,000 | ---D | M] (Grab and Drag) -- C:\Dokumente und Einstellungen\X\Anwendungsdaten\Mozilla\Firefox\Profiles\d1pj8w7n.default\extensions\{477c4c36-24eb-11da-94d4-00e08161165f}
[2010.03.27 10:47:09 | 000,000,000 | ---D | M] (ScrapBook) -- C:\Dokumente und Einstellungen\X\Anwendungsdaten\Mozilla\Firefox\Profiles\d1pj8w7n.default\extensions\{53A03D43-5363-4669-8190-99061B2DEBA5}
[2010.02.02 18:07:31 | 000,000,000 | ---D | M] (SmoothWheel (mozdev.org)) -- C:\Dokumente und Einstellungen\X\Anwendungsdaten\Mozilla\Firefox\Profiles\d1pj8w7n.default\extensions\{5F590AA2-1221-4113-A6F4-A4BB62414FAC}
[2009.04.06 15:12:13 | 000,000,000 | ---D | M] (Media Converter) -- C:\Dokumente und Einstellungen\X\Anwendungsdaten\Mozilla\Firefox\Profiles\d1pj8w7n.default\extensions\{6e764c17-863a-450f-bdd0-6772bd5aaa18}
[2010.01.09 21:00:18 | 000,000,000 | ---D | M] (QuickPageZoom) -- C:\Dokumente und Einstellungen\X\Anwendungsdaten\Mozilla\Firefox\Profiles\d1pj8w7n.default\extensions\{8FFE139B-90A7-4460-A972-9D2738997F6D}
[2009.10.04 14:02:41 | 000,000,000 | ---D | M] (Close Button) -- C:\Dokumente und Einstellungen\X\Anwendungsdaten\Mozilla\Firefox\Profiles\d1pj8w7n.default\extensions\{962e0d4d-6b89-4b73-aa72-df03360da12e}
[2009.09.15 06:53:56 | 000,000,000 | ---D | M] (BugMeNot) -- C:\Dokumente und Einstellungen\X\Anwendungsdaten\Mozilla\Firefox\Profiles\d1pj8w7n.default\extensions\{987311C6-B504-4aa2-90BF-60CC49808D42}
[2010.07.19 07:58:02 | 000,000,000 | ---D | M] (Table2Clipboard) -- C:\Dokumente und Einstellungen\X\Anwendungsdaten\Mozilla\Firefox\Profiles\d1pj8w7n.default\extensions\{9ab67d74-ec41-4cb2-b417-df5d93ba1beb}
[2010.07.15 17:01:16 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\X\Anwendungsdaten\Mozilla\Firefox\Profiles\d1pj8w7n.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
[2010.10.18 17:35:27 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Dokumente und Einstellungen\X\Anwendungsdaten\Mozilla\Firefox\Profiles\d1pj8w7n.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2010.07.04 09:32:54 | 000,000,000 | ---D | M] (Fast Video Download (with SearchMenu)) -- C:\Dokumente und Einstellungen\X\Anwendungsdaten\Mozilla\Firefox\Profiles\d1pj8w7n.default\extensions\{c50ca3c4-5656-43c2-a061-13e717f73fc8}
[2010.11.27 14:59:56 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Dokumente und Einstellungen\X\Anwendungsdaten\Mozilla\Firefox\Profiles\d1pj8w7n.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2010.08.01 15:01:36 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\X\Anwendungsdaten\Mozilla\Firefox\Profiles\d1pj8w7n.default\extensions\{d40f5e7b-d2cf-4856-b441-cc613eeffbe3}
[2009.08.31 15:39:52 | 000,000,000 | ---D | M] (QuickProxy) -- C:\Dokumente und Einstellungen\X\Anwendungsdaten\Mozilla\Firefox\Profiles\d1pj8w7n.default\extensions\{d5ea4520-61a1-11da-8cd6-0800200c9a66}
[2010.06.18 15:36:56 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\X\Anwendungsdaten\Mozilla\Firefox\Profiles\d1pj8w7n.default\extensions\{dc572301-7619-498c-a57d-39143191b318}
[2008.08.22 11:06:00 | 000,000,000 | ---D | M] (Tabs Menu) -- C:\Dokumente und Einstellungen\X\Anwendungsdaten\Mozilla\Firefox\Profiles\d1pj8w7n.default\extensions\{dc5d9a10-2736-11da-8cd6-0800200c9a66}
[2010.06.10 09:07:55 | 000,000,000 | ---D | M] (DownThemAll!) -- C:\Dokumente und Einstellungen\X8\Anwendungsdaten\Mozilla\Firefox\Profiles\d1pj8w7n.default\extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}
[2010.11.30 22:16:44 | 000,000,000 | ---D | M] (SearchPreview) -- C:\Dokumente und Einstellungen\X\Anwendungsdaten\Mozilla\Firefox\Profiles\d1pj8w7n.default\extensions\{EF522540-89F5-46b9-B6FE-1829E2B572C6}
[2010.03.21 09:53:36 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\X\Anwendungsdaten\Mozilla\Firefox\Profiles\d1pj8w7n.default\extensions\activities@kaply.com
[2010.03.25 11:23:16 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\X\Anwendungsdaten\Mozilla\Firefox\Profiles\d1pj8w7n.default\extensions\cheeaun@phoenity.com
[2009.11.09 19:16:12 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\X\Anwendungsdaten\Mozilla\Firefox\Profiles\d1pj8w7n.default\extensions\copyandgo@vimperator
[2009.10.04 13:54:45 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\X\Anwendungsdaten\Mozilla\Firefox\Profiles\d1pj8w7n.default\extensions\CrystalFox_Qute@BigRedBrent
[2010.03.22 23:43:02 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\X\Anwendungsdaten\Mozilla\Firefox\Profiles\d1pj8w7n.default\extensions\ctrl-tab@design-noir.de
[2010.11.30 22:16:43 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\X\Anwendungsdaten\Mozilla\Firefox\Profiles\d1pj8w7n.default\extensions\de-DE@dictionaries.addons.mozilla.org
[2010.02.08 23:12:36 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\X\Anwendungsdaten\Mozilla\Firefox\Profiles\d1pj8w7n.default\extensions\dendzones@captaincaveman.nl
[2010.09.25 22:16:35 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\X\Anwendungsdaten\Mozilla\Firefox\Profiles\d1pj8w7n.default\extensions\en-US@dictionaries.addons.mozilla.org
[2010.07.20 07:56:30 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\X\Anwendungsdaten\Mozilla\Firefox\Profiles\d1pj8w7n.default\extensions\fastdial@telega.phpnet.us
[2010.11.30 22:16:42 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\X\Anwendungsdaten\Mozilla\Firefox\Profiles\d1pj8w7n.default\extensions\firebug@software.joehewitt.com
[2009.12.04 15:13:11 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\X\Anwendungsdaten\Mozilla\Firefox\Profiles\d1pj8w7n.default\extensions\max@subfighter.com
[2010.12.09 11:39:28 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\X\Anwendungsdaten\Mozilla\Firefox\Profiles\d1pj8w7n.default\extensions\multipletab@piro.sakura.ne.jp
[2009.07.07 13:08:38 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\X\Anwendungsdaten\Mozilla\Firefox\Profiles\d1pj8w7n.default\extensions\nemesis@www.spuler.us
[2010.11.27 14:59:55 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\X\Anwendungsdaten\Mozilla\Firefox\Profiles\d1pj8w7n.default\extensions\netvideohunter@netvideohunter.com
[2009.11.04 11:31:25 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\X\Anwendungsdaten\Mozilla\Firefox\Profiles\d1pj8w7n.default\extensions\nosquint@urandom.ca
[2010.05.10 10:19:47 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\X\Anwendungsdaten\Mozilla\Firefox\Profiles\d1pj8w7n.default\extensions\openbookmarkintab@piro.sakura.ne.jp
[2009.11.09 19:16:12 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\X\Anwendungsdaten\Mozilla\Firefox\Profiles\d1pj8w7n.default\extensions\pastego@jeremy
[2010.04.13 19:26:43 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\X\Anwendungsdaten\Mozilla\Firefox\Profiles\d1pj8w7n.default\extensions\pnbuttons@phdul.projects
[2010.09.20 18:01:08 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\X\Anwendungsdaten\Mozilla\Firefox\Profiles\d1pj8w7n.default\extensions\tabscope@xuldev.org
[2010.11.27 14:59:54 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\X\Anwendungsdaten\Mozilla\Firefox\Profiles\d1pj8w7n.default\extensions\unplug@compunach
[2010.03.23 14:48:26 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\X\Anwendungsdaten\Mozilla\Firefox\Profiles\d1pj8w7n.default\extensions\VacuumPlacesImproved@lultimouomo-gmail.com
[2008.09.09 08:13:15 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\X\Anwendungsdaten\Mozilla\Firefox\Profiles\d1pj8w7n.default\extensions\video-dowloader@magic-imv.ro
[2009.04.08 10:55:02 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\X\Anwendungsdaten\Mozilla\Firefox\Profiles\d1pj8w7n.default\extensions\zoomit@disruptive-innovations.com
[2009.07.07 13:08:39 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\X\Anwendungsdaten\Mozilla\Firefox\Profiles\d1pj8w7n.default\extensions\nemesis@www.spuler.us\chrome\browser\extensions
[2009.07.07 13:08:39 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\X\Anwendungsdaten\Mozilla\Firefox\Profiles\d1pj8w7n.default\extensions\nemesis@www.spuler.us\chrome\browser\extensions\icons
[2009.07.07 13:08:39 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\X\Anwendungsdaten\Mozilla\Firefox\Profiles\d1pj8w7n.default\extensions\nemesis@www.spuler.us\chrome\mozapps\extensions
[2009.01.07 11:27:25 | 000,001,447 | ---- | M] () -- C:\Dokumente und Einstellungen\X\Anwendungsdaten\Mozilla\Firefox\Profiles\d1pj8w7n.default\searchplugins\userlogos.xml
O1 HOSTS File: ([2010.12.01 15:05:25 | 000,427,812 | R--- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 www.008k.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 www.00hq.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 www.032439.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 www.0scan.com
O1 - Hosts: 127.0.0.1 0scan.com
O1 - Hosts: 127.0.0.1 www.1000gratisproben.com
O1 - Hosts: 127.0.0.1 1000gratisproben.com
O1 - Hosts: 127.0.0.1 www.1001namen.com
O1 - Hosts: 127.0.0.1 1001namen.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 www.100888290cs.com
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 www.100sexlinks.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 www.10sek.com
O1 - Hosts: 127.0.0.1 www.1-2005-search.com
O1 - Hosts: 127.0.0.1 1-2005-search.com
O1 - Hosts: 14727 more lines...
O2 - BHO: (CmjBrowserHelperObject Object) - {07A11D74-9D25-4fea-A833-8B0D76A5577A} - C:\Programme\Mindjet\MindManager 7\Mm7InternetExplorer.dll (Mindjet)
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Programme\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (CmjBrowserHelperObject Object) - {6FE6A929-59D1-4763-91AD-29B61CFFB35B} - C:\Programme\Mindjet\MindManager 8\Mm8InternetExplorer.dll (Mindjet)
O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (ASUS Security Protect Manager) - {DF21F1DB-80C6-11D3-9483-B03D0EC10000} - C:\Programme\ASUS Security Center\ASUS Security Protect Manager\Bin\ItIEAddIn.dll (Bioscrypt Inc.)
O2 - BHO: (SmartSelect Class) - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKCU\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [Acrobat Assistant 8.0] C:\Programme\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe (Adobe Systems Inc.)
O4 - HKLM..\Run: [Adobe Acrobat Speed Launcher] C:\Programme\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Adobe ARM] C:\Programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\Alcmtr.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [ATKHOTKEY] C:\Programme\ATK Hotkey\Hcontrol.exe (ATK0100)
O4 - HKLM..\Run: [ATKOSD2] C:\Programme\ATKOSD2\ATKOSD2.exe ()
O4 - HKLM..\Run: [avgnt] C:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [BluetoothAuthenticationAgent] C:\WINDOWS\System32\bthprops.cpl (Microsoft Corporation)
O4 - HKLM..\Run: [CognizanceTS] C:\Programme\ASUS Security Center\ASUS Security Protect Manager\Bin\ASTSVCC.dll (Cognizance Corporation)
O4 - HKLM..\Run: [Copy Handler] File not found
O4 - HKLM..\Run: [HControlUser] C:\Programme\ATK Hotkey\HcontrolUser.exe ()
O4 - HKLM..\Run: [ISUSPM Startup] C:\Programme\Gemeinsame Dateien\InstallShield\UpdateService\ISUSPM.exe (InstallShield Software Corporation)
O4 - HKLM..\Run: [ISUSScheduler] C:\Programme\Gemeinsame Dateien\InstallShield\UpdateService\issch.exe (InstallShield Software Corporation)
O4 - HKLM..\Run: [LanguageShortcut] C:\Programme\CyberLink\PowerDVD\Language\Language.exe ()
O4 - HKLM..\Run: [LogitechCommunicationsManager] C:\Programme\Gemeinsame Dateien\LogiShrd\LComMgr\Communications_Helper.exe ()
O4 - HKLM..\Run: [LogitechQuickCamRibbon] C:\Programme\Logitech\QuickCam\Quickcam.exe ()
O4 - HKLM..\Run: [MsgTranAgt] C:\Programme\ATK Hotkey\MsgTranAgt.exe ()
O4 - HKLM..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe (Ahead Software Gmbh)
O4 - HKLM..\Run: [OutpostFeedBack] C:\Programme\Agnitum\Outpost\feedback.exe (Agnitum Ltd.)
O4 - HKLM..\Run: [OutpostMonitor] C:\Programme\Agnitum\Outpost\op_mon.exe (Agnitum Ltd.)
O4 - HKLM..\Run: [pdfSaver3] File not found
O4 - HKLM..\Run: [Power_Gear] C:\Programme\Power4 Gear\BatteryLife.exe (ASUSTeK Computer Inc.)
O4 - HKLM..\Run: [QuickTime Task] C:\Programme\QuickTime Alternative\QTTask.exe (Apple Inc.)
O4 - HKLM..\Run: [ScanSoft OmniPage 16-reminder] C:\Programme\ScanSoft\OmniPage\Ereg\Ereg.exe (Nuance Communications, Inc.)
O4 - HKLM..\Run: [SSBkgdUpdate] C:\Programme\Gemeinsame Dateien\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe (Nuance Communications, Inc.)
O4 - HKLM..\Run: [StartCCC] C:\Programme\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [TkBellExe] C:\Programme\Gemeinsame Dateien\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [Wireless Console 2] C:\Programme\Wireless Console 2\wcourier.exe ()
O4 - HKCU..\Run: [OpAgent] File not found
O4 - HKCU..\Run: [TrueCrypt] C:\Programme\Ud\Ud.exe (TrueCrypt Foundation)
O4 - HKCU..\RunOnce: [FlashPlayerUpdate] C:\WINDOWS\System32\Macromed\Flash\FlashUtil10k_Plugin.exe (Adobe Systems, Inc.)
O4 - Startup: C:\Dokumente und Einstellungen\X\Startmenü\Programme\Autostart\OneNote 2007 Screen Clipper and Launcher.lnk = C:\Programme\Microsoft Office 2007\Office12\ONENOTEM.EXE (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: An vorhandene PDF-Datei anfügen - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Free YouTube Download - C:\Dokumente und Einstellungen\X\Anwendungsdaten\DVDVideoSoftIEHelpers\youtubedownload.htm ()
O8 - Extra context menu item: Free YouTube to Mp3 Converter - C:\Dokumente und Einstellungen\X\Anwendungsdaten\DVDVideoSoftIEHelpers\youtubetomp3.htm ()
O8 - Extra context menu item: In Adobe PDF konvertieren - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Linkziel an vorhandene PDF-Datei anhängen - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Linkziel in Adobe PDF konvertieren - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - C:\Programme\Microsoft Office 2007\Office12\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: An Mindjet MindManager senden - {2F72393D-2472-4F82-B600-ED77F354B7FF} - C:\Programme\Mindjet\MindManager 8\Mm8InternetExplorer.dll (Mindjet)
O9 - Extra Button: Outpost Firewall Pro Quick Tune - {44627E97-789B-40d4-B5C2-58BD171129A1} - C:\Programme\Agnitum\Outpost\ie_bar.dll (Agnitum Ltd.)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Programme\Microsoft Office 2007\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra Button: An Mindjet MindManager senden - {941E1A34-C6AF-4baa-A973-224F9C3E04BF} - C:\Programme\Mindjet\MindManager 7\Mm7InternetExplorer.dll (Mindjet)
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Programme\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} hxxp://go.microsoft.com/fwlink/?linkid=58813 (Office Genuine Advantage Validation Tool)
O16 - DPF: {5AE58FCF-6F6A-49B2-B064-02492C66E3F4} hxxp://catalog.update.microsoft.com/v7/site/ClientControl/en/x86/MuCatalogWebControl.cab?1285851806468 (MUCatalogWebControl Class)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} hxxp://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1262448081406 (WUWebControl Class)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} hxxp://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1262448071296 (MUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {C7DB51B4-BCF7-4923-8874-7F1A0DC92277} hxxp://office.microsoft.com/officeupdate/content/opuc4.cab (Office Update Installation Engine)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O16 - DPF: 55963676-2F5E-4BAF-AC28-CF26AA587566 vpnweb.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 217.0.43.65 217.0.43.81
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Web Components\10\OWC10.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Web Components\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Gemeinsame Dateien\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - AppInit_DLLs: (c:\progra~1\agnitum\outpost\wl_hook.dll) - c:\Programme\Agnitum\Outpost\wl_hook.dll (Agnitum Ltd.)
O20 - AppInit_DLLs: (apshook.dll) - C:\WINDOWS\System32\APSHook.dll (Cognizance Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: GinaDLL - (C:\Programme\ASUS Security Center\ASUS Security Protect Manager\bin\ocgina.dll) - C:\Programme\ASUS Security Center\ASUS Security Protect Manager\Bin\OCGina.dll (Cognizance Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O20 - Winlogon\Notify\OneCard: DllName - C:\Programme\ASUS Security Center\ASUS Security Protect Manager\Bin\ASWLNPkg.dll - C:\Programme\ASUS Security Center\ASUS Security Protect Manager\Bin\ASWLNPkg.dll (Cognizance Corporation)
O24 - Desktop Components:0 (Die derzeitige Homepage) - About:Home
O24 - Desktop WallPaper: C:\Dokumente und Einstellungen\X\Lokale Einstellungen\Anwendungsdaten\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Dokumente und Einstellungen\X\Lokale Einstellungen\Anwendungsdaten\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2008.08.19 00:34:11 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{8f1c6048-fd15-11dd-8eb4-0016ea55006c}\Shell\AutoRun\command - "" = e.exe
O33 - MountPoints2\{8f1c6048-fd15-11dd-8eb4-0016ea55006c}\Shell\explore\Command - "" = e.exe
O33 - MountPoints2\{8f1c6048-fd15-11dd-8eb4-0016ea55006c}\Shell\open\Command - "" = e.exe
O33 - MountPoints2\{98e80456-d588-11dd-8e69-0016ea55006c}\Shell\AutoRun\command - "" = I:\wd_windows_tools\setup.exe -- File not found
O33 - MountPoints2\{992b1fd6-a083-11de-a835-0016ea55006c}\Shell - "" = AutoRun
O33 - MountPoints2\{992b1fd6-a083-11de-a835-0016ea55006c}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{992b1fd6-a083-11de-a835-0016ea55006c}\Shell\AutoRun\command - "" = J:\LaunchU3.exe -- File not found
O33 - MountPoints2\{992b1fd7-a083-11de-a835-0016ea55006c}\Shell\AutoRun\command - "" = K:\boyedt.com -- File not found
O33 - MountPoints2\{992b1fd7-a083-11de-a835-0016ea55006c}\Shell\open\Command - "" = K:\boyedt.com -- File not found
O33 - MountPoints2\{aba59bb8-fb73-11dd-8eaf-0016ea55006c}\Shell - "" = AutoRun
O33 - MountPoints2\{aba59bb8-fb73-11dd-8eaf-0016ea55006c}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{aba59bb8-fb73-11dd-8eaf-0016ea55006c}\Shell\AutoRun\command - "" = J:\LaunchU3.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 30 Days ==========
[2010.12.25 08:42:58 | 000,602,624 | ---- | C] (OldTimer Tools) -- C:\Dokumente und Einstellungen\X\Desktop\OTL.exe
[2009.04.05 00:30:02 | 004,411,392 | ---- | C] (Gabest) -- C:\Programme\mplayerc6491.exe
[2008.08.19 12:38:00 | 000,005,632 | R--- | C] ( ) -- C:\WINDOWS\System32\drivers\kbfiltr.sys
[7 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2010.12.25 08:43:02 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Dokumente und Einstellungen\X\Desktop\OTL.exe
[2010.12.24 16:16:22 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010.12.24 16:13:02 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010.12.23 21:03:28 | 000,176,640 | ---- | M] () -- C:\Dokumente und Einstellungen\X\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.12.22 23:22:20 | 000,135,096 | ---- | M] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avipbb.sys
[2010.12.22 22:45:29 | 000,002,243 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Skype.lnk
[2010.12.22 13:36:45 | 000,172,650 | ---- | M] () -- C:\Dokumente und Einstellungen\X\Desktop\4.m3u
[2010.12.21 23:23:54 | 014,189,390 | ---- | M] () -- C:\Dokumente und Einstellungen\X\Desktop\4hbody.pdf
[2010.12.20 18:09:00 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010.12.20 18:08:40 | 000,020,952 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2010.12.18 19:37:22 | 000,000,569 | ---- | M] () -- C:\Dokumente und Einstellungen\X\Desktop\UM.lnk
[2010.12.18 17:12:38 | 000,000,572 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Opera.lnk
[2010.12.18 16:02:04 | 000,452,914 | ---- | M] () -- C:\WINDOWS\System32\perfh007.dat
[2010.12.18 16:02:04 | 000,436,280 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010.12.18 16:02:04 | 000,081,710 | ---- | M] () -- C:\WINDOWS\System32\perfc007.dat
[2010.12.18 16:02:04 | 000,068,984 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010.12.13 15:34:37 | 000,014,541 | ---- | M] () -- C:\Dokumente und Einstellungen\X\Desktop\Experiment_notes.docx
[2010.12.13 15:32:41 | 000,014,520 | ---- | M] () -- C:\Dokumente und Einstellungen\X\Desktop\Backup of Experiment_notes.wbk
[2010.12.10 00:59:43 | 000,209,388 | ---- | M] () -- C:\Dokumente und Einstellungen\X\Desktop\aa1.jpg
[2010.12.10 00:17:32 | 001,558,221 | ---- | M] () -- C:\Dokumente und Einstellungen\X\Desktop\bodymeasures_shirt.pdf
[2010.12.05 11:32:19 | 000,179,406 | ---- | M] () -- C:\Dokumente und Einstellungen\X\Desktop\hemd.jpg
[2010.12.02 16:50:41 | 000,460,824 | ---- | M] () -- C:\snp2uvc-001.raw
[2010.12.01 15:05:25 | 000,427,812 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2010.11.27 14:56:14 | 000,061,960 | ---- | M] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avgntflt.sys
[7 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
========== Files Created - No Company Name ==========
[2010.12.16 12:44:02 | 014,189,390 | ---- | C] () -- C:\Dokumente und Einstellungen\X\Desktop\4hbody.pdf
[2010.12.13 11:06:04 | 000,014,541 | ---- | C] () -- C:\Dokumente und Einstellungen\X\Desktop\Experiment_notes.docx
[2010.12.13 11:06:04 | 000,014,520 | ---- | C] () -- C:\Dokumente und Einstellungen\X\Desktop\Backup of Experiment_notes.wbk
[2010.12.10 00:59:42 | 000,209,388 | ---- | C] () -- C:\Dokumente und Einstellungen\X\Desktop\aa1.jpg
[2010.12.10 00:17:30 | 001,558,221 | ---- | C] () -- C:\Dokumente und Einstellungen\X\Desktop\bodymeasures_shirt.pdf
[2010.12.05 11:32:17 | 000,179,406 | ---- | C] () -- C:\Dokumente und Einstellungen\X\Desktop\hemd.jpg
[2010.08.02 13:50:16 | 000,000,183 | ---- | C] () -- C:\Dokumente und Einstellungen\X\Anwendungsdaten\wss.ini
[2010.08.02 12:20:09 | 000,058,163 | ---- | C] () -- C:\WINDOWS\System32\lvcoinst.ini
[2010.07.08 15:20:01 | 001,769,984 | ---- | C] () -- C:\WINDOWS\System32\drivers\snp2uvc.sys
[2010.07.08 15:20:01 | 000,028,160 | ---- | C] () -- C:\WINDOWS\System32\drivers\sncduvc.sys
[2010.03.20 11:00:45 | 001,060,424 | ---- | C] () -- C:\WINDOWS\System32\WdfCoInstaller01000.dll
[2009.08.19 16:29:42 | 000,000,062 | ---- | C] () -- C:\WINDOWS\pcvcdbr.INI
[2009.08.19 16:28:24 | 000,000,000 | ---- | C] () -- C:\WINDOWS\pcvcdvw.INI
[2008.11.02 09:02:08 | 000,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2008.09.21 06:33:38 | 000,000,030 | ---- | C] () -- C:\WINDOWS\Iedit_.INI
[2008.09.19 14:44:22 | 000,010,752 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2008.08.21 23:34:52 | 000,176,640 | ---- | C] () -- C:\Dokumente und Einstellungen\X\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008.08.21 19:35:16 | 000,034,308 | ---- | C] () -- C:\WINDOWS\System32\BASSMOD.dll
[2008.08.20 16:45:13 | 000,000,383 | ---- | C] () -- C:\WINDOWS\MAXLINK.INI
[2008.08.20 16:34:16 | 000,000,352 | ---- | C] () -- C:\WINDOWS\cdplayer.ini
[2008.08.19 21:38:32 | 000,000,162 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2008.08.19 14:04:16 | 000,000,010 | ---- | C] () -- C:\WINDOWS\WININIT.INI
[2008.08.19 01:23:13 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2008.07.23 17:50:52 | 003,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll
[2008.07.23 17:46:38 | 000,012,288 | ---- | C] () -- C:\WINDOWS\System32\DivXWMPExtType.dll
[2008.02.04 17:23:10 | 000,693,792 | ---- | C] () -- C:\WINDOWS\System32\OGACheckControl.DLL
[2007.08.28 04:58:00 | 000,005,760 | ---- | C] () -- C:\WINDOWS\System32\drivers\ATKACPI.sys
[2007.07.18 16:42:42 | 000,025,624 | ---- | C] () -- C:\WINDOWS\System32\drivers\LVPr2Mon.sys
[2007.01.25 18:31:36 | 000,053,299 | ---- | C] () -- C:\WINDOWS\System32\pthreadVC.dll
[2005.04.03 00:30:00 | 000,110,592 | R--- | C] () -- C:\WINDOWS\System32\scardsyn.dll
[1998.05.06 05:10:00 | 000,069,632 | R--- | C] () -- C:\WINDOWS\System32\ODMA32.dll
[1996.04.03 20:33:26 | 000,005,248 | ---- | C] () -- C:\WINDOWS\System32\giveio.sys
< End of report >
--- --- ---
OTL EXTRAS
OTL Logfile: Code:
OTL Extras logfile created on: 25.12.2010 08:45:59 - Run 1
OTL by OldTimer - Version 3.2.18.0 Folder = C:\Dokumente und Einstellungen\X\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 62,00% Memory free
3,00 Gb Paging File | 2,00 Gb Available in Paging File | 69,00% Paging File free
Paging file location(s): [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 39,06 Gb Total Space | 15,21 Gb Free Space | 38,93% Space Free | Partition Type: NTFS
Drive F: | 49,63 Gb Total Space | 17,74 Gb Free Space | 35,75% Space Free | Partition Type: NTFS
Drive G: | 49,63 Gb Total Space | 34,43 Gb Free Space | 69,37% Space Free | Partition Type: NTFS
Drive H: | 59,08 Mb Total Space | 46,31 Mb Free Space | 78,39% Space Free | Partition Type: FAT
Computer Name: HUMPAA | User Name: X | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html [@ = Opera.HTML] -- C:\Programme\Opera\Opera.exe (Opera Software)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Programme\Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
http [open] -- "C:\Programme\Opera\opera.exe" (Opera Software)
https [open] -- "C:\Programme\Opera\opera.exe" (Opera Software)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Programme\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [Betrachten mit XnView] -- "C:\Programme\XnView\xnview.exe" "%1" (XnView, hxxp://www.xnview.com)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [MediaMonkey.1Play] -- "C:\Programme\MediaMonkey\MediaMonkey.exe" "%1" (Ventis Media Inc.)
Directory [MediaMonkey.2PlayNext] -- "C:\Programme\MediaMonkey\MediaMonkey.exe" /NEXT "%1" (Ventis Media Inc.)
Directory [MediaMonkey.3Enqueue] -- "C:\Programme\MediaMonkey\MediaMonkey.exe" /ADD "%1" (Ventis Media Inc.)
Directory [OneNote.Open] -- C:\PROGRA~1\MICROS~2\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Programme\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 4
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22008
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Programme\Microsoft Office 2007\Office12\OUTLOOK.EXE" = C:\Programme\Microsoft Office 2007\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook -- (Microsoft Corporation)
"C:\Programme\Miranda IM\miranda32.exe" = C:\Programme\Miranda IM\miranda32.exe:*:Enabled:Miranda IM -- ( )
"F:\iTunes\iTunes.exe" = F:\iTunes\iTunes.exe:*:Enabled:iTunes -- (Apple Inc.)
"C:\Programme\Opera\opera.exe" = C:\Programme\Opera\opera.exe:*:Enabled:Opera Internet Browser -- (Opera Software)
"C:\Programme\Microsoft Office 2007\Office12\ONENOTE.EXE" = C:\Programme\Microsoft Office 2007\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote -- (Microsoft Corporation)
"C:\Programme\webcamXP5\wLite.exe" = C:\Programme\webcamXP5\wLite.exe:*:Enabled:webcamXP -- (Moonware Studios)
"C:\Programme\webcamXP5\wService.exe" = C:\Programme\webcamXP5\wService.exe:*:Enabled:webcamXP Service -- (Moonware Studios)
"C:\Programme\Webcam Zone Trigger 2\ZoneTrigger.exe" = C:\Programme\Webcam Zone Trigger 2\ZoneTrigger.exe:*:Enabled:Zone Trigger -- File not found
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0004D4C8-7F6C-BA20-32B2-5C861FA340CB}" = Catalyst Control Center Graphics Full Existing
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{02D7C83F-FCCB-4EEC-9E4B-C6FF8AADC015}" = Power4 Gear
"{03F4BC14-1267-4637-B164-C80381D9EE9D}" = Silicon Laboratories CP210x VCP Drivers for Windows 2000/XP/2003 Server/Vista
"{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu
"{055EE59D-217B-43A7-ABFF-507B966405D8}" = ATI Catalyst Control Center
"{07287123-B8AC-41CE-8346-3D777245C35B}" = Bonjour
"{0DD140D3-9563-481E-AA75-BA457CBDAEF2}" = PC Inspector File Recovery
"{10053F59-0765-163D-F759-155E6DA35AB6}" = CCC Help English
"{101E4225-8983-7850-3E8C-00C5E0A13B40}" = ccc-core-static
"{1116FD69-3C49-BE9A-C206-E8BA26CCA10F}" = CCC Help English
"{11AFE21E-B193-430D-B57A-DFF7815BB962}" = Ulead PhotoImpact 12
"{13702021-43FB-480C-912F-D9B74A538288}" = OpenProj
"{16FE2579-06B2-3E32-58F2-4B70B69A3070}" = ccc-core-preinstall
"{18D10072035C4515918F7E37EAFAACFC}" = AutoUpdate
"{1EB21F28-E3AF-A317-4658-6C0C455C2F61}" = Catalyst Control Center Core Implementation
"{1EE88B84-7BE5-4FB5-8DEA-B81D5409D62E}" = Opera 11.00
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{26A24AE4-039D-4CA4-87B4-2F83216022FF}" = Java(TM) 6 Update 22
"{34BC45FF-669B-95CF-5F1D-52312A2699F4}" = Catalyst Control Center Core Implementation
"{350C97B3-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{35725FBC-A136-4A46-9F29-091759D9BB93}" = MVision
"{364EC092-93CF-4DDC-9D7A-7278452028E0}" = Logitech QuickCam
"{3912D529-02BC-4CA8-B5ED-0D0C20EB6003}" = ATK Hotkey
"{3CDFEE23-66D2-4DB0-8269-12634E871725}" = Mindjet MindManager Pro 7
"{3CEA4CA8-CDD4-451C-B673-E8F17BE01B15}" = Ulead COOL 360 1.0
"{3F555374-449A-0734-73EA-5FF6207FA30F}" = Skins
"{46D9C523-FABB-FFF1-321D-F493A68E2C3E}" = Catalyst Control Center Graphics Previews Common
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{5141D667-6FE0-DFD6-FDC8-C981DC06520C}" = Catalyst Control Center Graphics Full New
"{51C9B6D6-BF0F-3BA5-1EA4-17C6190DBE07}" = ccc-core-preinstall
"{57D32909-FCA8-A78B-2AD2-2A50F5E11858}" = ccc-core-static
"{57EA735B-4F1D-9FC5-6A36-B0C0F1D704FE}" = Catalyst Control Center Graphics Light
"{58514A8B-C701-FE26-375C-EE036A06EC3D}" = CCC Help English
"{59F6A514-9813-47A3-948C-8A155460CC2A}" = RICOH R5C83x/84x Flash Media Controller Driver Ver.3.55.01
"{5C1DB4ED-E9B4-402D-BB14-D75D97D6C1A6}" = ATKOSD2
"{67EC0AB2-8CF7-4415-9F70-7FBC593C0D5E}" = ScanSoft PDF Create! 4
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7B63B2922B174135AFC0E1377DD81EC2}" = DivX Codec
"{80B70B4B-C90C-4938-A956-76F5021DE412}" = Cisco DART
"{83F73CB1-7705-49D1-9852-84D839CA2A45}" = Wireless Console 2
"{8448D435-7543-411F-A0CC-7AA40D815E8F}" = Express Gate
"{86F4F32B-77C7-4951-B33C-05D41A8190C1}" = Microsoft RichCopy 4.0
"{86F68693-A637-1F4D-5D4F-4D58486A4601}" = ccc-utility
"{87F7773C-EC9C-461A-AA7B-4AF8EF54DF49}" = EndNote X1
"{89AF1545-57A0-FA69-455F-BA8683C4AE7C}" = Catalyst Control Center Graphics Full Existing
"{8ADFC4160D694100B5B8A22DE9DCABD9}" = DivX Player
"{90120000-0010-0407-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (German) 12
"{90120000-0010-0409-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (English) 12
"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007
"{90120000-0015-0409-0000-0000000FF1CE}_ENTERPRISER_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_ENTERPRISER_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_ENTERPRISER_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
"{90120000-0019-0409-0000-0000000FF1CE}_ENTERPRISER_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}_ENTERPRISER_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_ENTERPRISER_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_VISPRO_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISER_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}_VISPRO_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISER_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}_VISPRO_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_VISPRO_{322296D4-1EAE-4030-9FBC-D2787EB25FA2}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_ENTERPRISER_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2007
"{90120000-0044-0409-0000-0000000FF1CE}_ENTERPRISER_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0051-0000-0000-0000000FF1CE}" = Microsoft Office Visio Professional 2007
"{90120000-0051-0000-0000-0000000FF1CE}_VISPRO_{0FD405D3-CAF8-4CA6-8BFD-911D2F8A6585}" = Microsoft Office Visio 2007 Service Pack 2 (SP2)
"{90120000-0051-0000-0000-0000000FF1CE}_VISPRO_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{90120000-0051-0000-0000-0000000FF1CE}_VISPRO_{C92FB469-D5B7-48C6-B171-785E1126F099}" =
"{90120000-0054-0407-0000-0000000FF1CE}" = Microsoft Office Visio MUI (German) 2007
"{90120000-0054-0407-0000-0000000FF1CE}_VISPRO_{60CC0F2D-BFA0-4851-903D-809D876DD87B}" = Microsoft Office Visio 2007 Service Pack 2 (SP2)
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_VISPRO_{26454C26-D259-4543-AA60-3189E09C5F76}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_ENTERPRISER_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_ENTERPRISER_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A4-0409-0000-0000000FF1CE}" = Microsoft Office 2003 Web Components
"{90120000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2007
"{90120000-00BA-0409-0000-0000000FF1CE}_ENTERPRISER_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0114-0409-0000-0000000FF1CE}" = Microsoft Office Groove Setup Metadata MUI (English) 2007
"{90120000-0114-0409-0000-0000000FF1CE}_ENTERPRISER_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_ENTERPRISER_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007
"{90120000-0117-0409-0000-0000000FF1CE}_ENTERPRISER_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90260409-6000-11D3-8CFE-0050048383C9}" = Microsoft Office XP Web Components
"{91120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{91120000-0030-0000-0000-0000000FF1CE}_ENTERPRISER_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-0030-0000-0000-0000000FF1CE}_ENTERPRISER_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{92083A9A-549D-4057-88E8-223EA08563FA}" = Cisco AnyConnect VPN Client
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A429C2AE-EBF1-4F81-A221-1C115CAADDAD}" = QuickTime
"{A43BF6A5-D5F0-4AAA-BF41-65995063EC44}" = MSXML 6.0 Parser
"{A799F828-A53D-5DFB-5BAB-4A5633A4BBEF}" = ccc-core-static
"{AADEA55D-C834-4BCB-98A3-4B8D1C18F4EE}" = Apple Mobile Device Support
"{AC76BA86-1033-F400-7761-000000000004}" = Adobe Acrobat 9 Pro Extended - English, Français, Deutsch
"{AC76BA86-1033-F400-7761-000000000004}_931" = Adobe Acrobat 9.3.1 - CPSID_50570
"{AC76BA86-1033-F400-7761-000000000004}{AC76BA86-1033-F400-7761-000000000004}" = Adobe Acrobat 9 Pro Extended - English, Français, Deutsch
"{AE888E0F-6727-0045-A966-CFB975AC15BA}" = Catalyst Control Center Graphics Previews Common
"{B01ED126-67BD-4878-863C-FE1207CF0949}" = Mindjet MindManager 8
"{B3AF9C30-AB7C-835D-A41A-91C7165F5AE3}" = Catalyst Control Center Graphics Light
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B607C354-CD79-4D22-86D1-92DC94153F42}" = Apple Application Support
"{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Web Player
"{BAF78226-3200-4DB4-BE33-4D922A799840}" = Windows Presentation Foundation
"{BB1B3E46-A646-8703-EAD8-6906640D7C56}" = ccc-core-preinstall
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C2C284D2-6BD7-3B34-B0C5-B2CAED168DF7}" = Microsoft .NET Framework 3.0 Service Pack 2 Language Pack - DEU
"{C314CE45-3392-3B73-B4E1-139CD41CA933}" = Microsoft .NET Framework 2.0 Service Pack 2 Language Pack - DEU
"{C49067A8-8212-4A82-A4D9-1519701644F0}" = Citrix Presentation Server Client - Nur Web
"{C6EEA8DC-110D-112F-4B31-024B8CEA53AF}" = Catalyst Control Center Graphics Full New
"{C7DEE429-4C9B-4126-894F-50B4F54FF196}" = inSSIDer
"{C952BD03-9AC6-F898-B17F-9352638EC93C}" = Catalyst Control Center Core Implementation
"{CADF1911-C4FB-8651-36E0-FF06DAA75F28}" = Catalyst Control Center Graphics Light
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D1A74FBB-CA8D-4CCA-9B89-BAAA436DB178}" = iTunes
"{D8D4AF9A-6ADE-4B14-A7F5-BA858792729E}" = ASUS Security Protect Manager
"{DE31F8AA-B12D-3A38-E561-C657EED45465}" = Catalyst Control Center Graphics Full Existing
"{DF74C7BA-5C9F-4F17-8B6F-5ECE08280F34}" = ScanSoft OmniPage 16
"{E09D99BD-B17E-C6FE-F4D2-B4A85BCF49C6}" = Skins
"{E239F8B2-AE00-467D-9F05-47C8E1FAAFA7}" = WD Align - Powered by Acronis
"{E2657EF7-74B0-79EA-252C-C4263F0E8B65}" = ccc-utility
"{E2883E8F-472F-4fb0-9522-AC9BF37916A7}" = Adobe Download Manager
"{E633D396-5188-4E9D-8F6B-BFB8BF3467E8}" = Skype™ 5.0
"{E6EB53D4-5AD0-07F0-2DAC-0A2D624DF39D}" = ccc-utility
"{E74CC47C-28D3-25E1-14D2-68EBC87C31BA}" = Skins
"{EB4DF30B-102B-4F0C-927A-D50E037A325D}" = AuthenTec Fingerprint Sensor Minimum Install
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F251B61F-9D18-13C4-02EE-71A36343D442}" = Catalyst Control Center Graphics Full New
"{F850707C-B6A0-4B56-8709-F89CF8F9AC6D}" = Eraser
"8461-7759-5462-8226" = Vuze
"Active WebCam" = Active WebCam
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Agere Systems Soft Modem" = Agere Systems HDA Modem
"Agnitum Outpost Firewall Pro_is1" = Outpost Firewall Pro 7.0.3
"All ATI Software" = ATI - Software Uninstall Utility
"ATI Display Driver" = ATI Display Driver
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"AviSynth" = AviSynth 2.5
"D218FEA96DC3C16D9185D0BB35988DE2A7A406D8" = Windows Driver Package - Broadcom Bluetooth (03/25/2008 6.0.6001.18000)
"Davory" = Davory
"dBpowerAMP AAC Codec" = dBpowerAMP AAC Codec
"dBpowerAMP DirectShow Decoder Codec" = dBpowerAMP DirectShow Decoder Codec
"dBpowerAMP FLAC Codec" = dBpowerAMP FLAC Codec
"dBpowerAMP Monkeys Audio Codec" = dBpowerAMP Monkeys Audio Codec
"dBpowerAMP Mp3 (MPEG Suite 2000 CLI)" = dBpowerAMP Mp3 (MPEG Suite 2000 CLI)
"dBpowerAMP Music Converter" = dBpowerAMP Music Converter
"dBpowerAMP Ogg Vorbis Codec" = dBpowerAMP Ogg Vorbis Codec
"dBpowerAMP Shorten Codec" = dBpowerAMP Shorten Codec
"dBpowerAMP Wavpack Codec" = dBpowerAMP Wavpack Codec
"dBpoweramp Windows Media Audio 10 Codec" = dBpoweramp Windows Media Audio 10 Codec
"dBpowerAMP Windows Media Audio 9 Codec" = dBpowerAMP Windows Media Audio 9 Codec
"dBpowerAMP WMA V9.1 Codec" = dBpowerAMP WMA V9.1 Codec
"dMC Power Pack" = dMC Power Pack
"Easy Duplicate Finder_is1" = Easy Duplicate Finder v. 2.4.1
"ENTERPRISER" = Microsoft Office Enterprise 2007
"Eraser" = Eraser
"Everything" = Everything 1.2.1.371
"ffdshow_is1" = ffdshow [rev 1324] [2007-07-01]
"FLV Player" = FLV Player 2.0, build 24
"Free Audio CD Burner_is1" = Free Audio CD Burner version 1.4
"Free YouTube Download_is1" = Free YouTube Download 2.7
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.6
"Gold Wave Editor_is1" = Gold Wave Editor v9.1
"GraphCalc v4.0.1_is1" = GraphCalc v4.0.1
"HijackThis" = HijackThis 2.0.2
"ie8" = Windows Internet Explorer 8
"ISI ResearchSoft - Export Helper" = ISI ResearchSoft - Export Helper
"IsoBuster_is1" = IsoBuster 2.3
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"MediaMonkey_is1" = MediaMonkey 3.2
"Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Miranda IM" = Miranda IM 0.7.8
"MobilityDotNET" = DH Mobility Modder.NET
"Mozilla Firefox (3.6.12)" = Mozilla Firefox (3.6.12)
"NeroMultiInstaller!UninstallKey" = Nero Suite
"NMPUninstallKey" = Nero Media Player
"PDF-XChange 3_is1" = PDF-XChange 3.0
"PhotoFiltre Studio" = PhotoFiltre Studio
"POIbase_is1" = POIbase 1.004
"PowerISO" = PowerISO
"QcDrv" = Logitech® Camera-Treiber
"QuicktimeAlt_is1" = QuickTime Alternative 2.6.0
"Radeon Omega Drivers for Windows XP/2kv4.8.442" = Radeon Omega Drivers v4.8.442 Setup Files and Tools
"RealPlayer 6.0" = RealPlayer
"SLABCOMM&10C4&EA60" = Silicon Laboratories CP210x USB to UART Bridge (Driver Removal)
"SpeedFan" = SpeedFan (remove only)
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"TeraCopy_is1" = TeraCopy 2.12
"TrueCrypt" = TrueCrypt
"Uninstall_is1" = Uninstall 1.0.0.1
"USB 2.0 1.3M UVC WebCam" = USB 2.0 1.3M UVC WebCam
"VISPRO" = Microsoft Office Visio Professional 2007
"VLC media player" = VLC media player 1.0.5
"Wdf01000" = Microsoft Kernel-Mode Driver Framework 1.0
"Wdf01007" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.7
"Webcam Surveyor_is1" = Webcam Surveyor 1.8.0
"Winamp" = Winamp
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinHex" = WinHex
"WinPcapInst" = WinPcap 4.0
"WinRAR archiver" = WinRAR archiver
"WM Recorder 12.0" = WM Recorder 12.0
"WM Recorder 12.3" = WM Recorder 12.3
"WMFDist11" = Windows Media Format 11 runtime
"XnView_is1" = XnView 1.94.2
"xp-AntiSpy" = xp-AntiSpy 3.96-8
"XpsEPSC" = XML Paper Specification Shared Components Pack 1.0
"XPSEPSCLP" = XML Paper Specification Shared Components Language Pack 1.0
"X-Ways Security" = X-Ways Security
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"2e9583a60ce0668c" = RoboGUI
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 15.06.2010 04:35:28 | Computer Name = HUMPAA | Source = AdeonaClientService | ID = 0
Description =
Error - 15.06.2010 18:11:24 | Computer Name = HUMPAA | Source = Application Error | ID = 1000
Description = Fehlgeschlagene Anwendung explorer.exe, Version 6.0.2900.5512, fehlgeschlagenes
Modul unknown, Version 0.0.0.0, Fehleradresse 0x055d5c54.
Error - 16.06.2010 03:21:34 | Computer Name = HUMPAA | Source = AdeonaClientService | ID = 0
Description =
Error - 16.06.2010 10:35:30 | Computer Name = HUMPAA | Source = Application Error | ID = 1000
Description = Fehlgeschlagene Anwendung explorer.exe, Version 6.0.2900.5512, fehlgeschlagenes
Modul wmvcore.dll, Version 11.0.5705.5043, Fehleradresse 0x000fd9bd.
Error - 16.06.2010 10:40:39 | Computer Name = HUMPAA | Source = Application Error | ID = 1000
Description = Fehlgeschlagene Anwendung explorer.exe, Version 6.0.2900.5512, fehlgeschlagenes
Modul wmvcore.dll, Version 11.0.5705.5043, Fehleradresse 0x000fd9bd.
Error - 16.06.2010 10:57:14 | Computer Name = HUMPAA | Source = Application Error | ID = 1000
Description = Fehlgeschlagene Anwendung explorer.exe, Version 6.0.2900.5512, fehlgeschlagenes
Modul wmvcore.dll, Version 11.0.5705.5043, Fehleradresse 0x000fd9bd.
Error - 17.06.2010 02:48:01 | Computer Name = HUMPAA | Source = AdeonaClientService | ID = 0
Description =
Error - 17.06.2010 03:15:52 | Computer Name = HUMPAA | Source = AdeonaClientService | ID = 0
Description =
Error - 17.06.2010 08:24:23 | Computer Name = HUMPAA | Source = Application Error | ID = 1000
Description = Fehlgeschlagene Anwendung acrobat.exe, Version 9.3.0.148, fehlgeschlagenes
Modul acrobat.dll, Version 9.3.0.148, Fehleradresse 0x000932ed.
Error - 17.06.2010 10:01:24 | Computer Name = HUMPAA | Source = AdeonaClientService | ID = 0
Description =
[ ASUS Security Protect Manager Events ]
Error - 31.12.2008 17:59:58 | Computer Name = HUMPAA | Source = AuthWiz | ID = 100796068
Description = The submitted credentials were rejected. Benutzer: X@HUMPAA Anmeldeinformationen:
Kennwort Fehler: (0xC516020B) Anmeldung fehlgeschlagen. Überprüfen Sie, ob Benutzername
und Domäne korrekt sind, und geben Sie Ihr Kennwort erneut ein. Bei Kennwörtern
wird die Groß- und Kleinschreibung beachtet. Stellen Sie sicher, dass die Feststelltaste
nicht aktiviert ist.
Error - 30.06.2009 12:25:09 | Computer Name = HUMPAA | Source = AuthWiz | ID = 100861620
Description = The submitted credentials were not successfully registered. Benutzer:
X@HUMPAA Anmeldeinformationen: Kennwort Fehler: (0x8007052B) Das Kennwort
kann nicht aktualisiert werden. Der Wert, der für das aktuelle Kennwort angegeben
wurde, ist falsch.
Error - 18.08.2009 05:49:54 | Computer Name = HUMPAA | Source = AuthWiz | ID = 100796068
Description = The submitted credentials were rejected. Benutzer: X@HUMPAA Anmeldeinformationen:
Kennwort Fehler: (0xC516020B) Anmeldung fehlgeschlagen. Überprüfen Sie, ob Benutzername
und Domäne korrekt sind, und geben Sie Ihr Kennwort erneut ein. Bei Kennwörtern
wird die Groß- und Kleinschreibung beachtet. Stellen Sie sicher, dass die Feststelltaste
nicht aktiviert ist.
[ Cisco AnyConnect VPN Client Events ]
Error - 20.12.2010 18:23:44 | Computer Name = HUMPAA | Source = vpnagent | ID = 67108866
Description = Function: MSSaxErrorHandlerImpl::fatalError File: .\Xml\MSSaxErrorHandlerImpl.cpp
Line:
31 Invoked Function: CVCMSSaxParser Return Code: -1072897499 (0xC00CE225) Description:
WINDOWS_ERROR_CODE XML Parser fatal error: Fehler bei der Überprüfung.
Error - 21.12.2010 05:38:39 | Computer Name = HUMPAA | Source = vpnagent | ID = 67108866
Description = Function: MSSaxErrorHandlerImpl::fatalError File: .\Xml\MSSaxErrorHandlerImpl.cpp
Line:
31 Invoked Function: CVCMSSaxParser Return Code: -1072897499 (0xC00CE225) Description:
WINDOWS_ERROR_CODE XML Parser fatal error: Fehler bei der Überprüfung.
Error - 21.12.2010 18:41:56 | Computer Name = HUMPAA | Source = vpnagent | ID = 67108866
Description = Function: MSSaxErrorHandlerImpl::fatalError File: .\Xml\MSSaxErrorHandlerImpl.cpp
Line:
31 Invoked Function: CVCMSSaxParser Return Code: -1072897499 (0xC00CE225) Description:
WINDOWS_ERROR_CODE XML Parser fatal error: Fehler bei der Überprüfung.
Error - 21.12.2010 18:48:36 | Computer Name = HUMPAA | Source = vpnagent | ID = 67108866
Description = Function: service_main_NT File: .\Agent.cpp Line: 674 Invoked Function:
WaitForSingleObject Return Code: 6 (0x00000006) Description: Das Handle ist ungültig.
Error - 22.12.2010 07:20:46 | Computer Name = HUMPAA | Source = vpnagent | ID = 67108866
Description = Function: MSSaxErrorHandlerImpl::fatalError File: .\Xml\MSSaxErrorHandlerImpl.cpp
Line:
31 Invoked Function: CVCMSSaxParser Return Code: -1072897499 (0xC00CE225) Description:
WINDOWS_ERROR_CODE XML Parser fatal error: Fehler bei der Überprüfung.
Error - 22.12.2010 10:55:22 | Computer Name = HUMPAA | Source = vpnagent | ID = 67108866
Description = Function: MSSaxErrorHandlerImpl::fatalError File: .\Xml\MSSaxErrorHandlerImpl.cpp
Line:
31 Invoked Function: CVCMSSaxParser Return Code: -1072897499 (0xC00CE225) Description:
WINDOWS_ERROR_CODE XML Parser fatal error: Fehler bei der Überprüfung.
Error - 22.12.2010 18:08:44 | Computer Name = HUMPAA | Source = vpnagent | ID = 67108866
Description = Function: MSSaxErrorHandlerImpl::fatalError File: .\Xml\MSSaxErrorHandlerImpl.cpp
Line:
31 Invoked Function: CVCMSSaxParser Return Code: -1072897499 (0xC00CE225) Description:
WINDOWS_ERROR_CODE XML Parser fatal error: Fehler bei der Überprüfung.
Error - 23.12.2010 05:52:26 | Computer Name = HUMPAA | Source = vpnagent | ID = 67108866
Description = Function: MSSaxErrorHandlerImpl::fatalError File: .\Xml\MSSaxErrorHandlerImpl.cpp
Line:
31 Invoked Function: CVCMSSaxParser Return Code: -1072897499 (0xC00CE225) Description:
WINDOWS_ERROR_CODE XML Parser fatal error: Fehler bei der Überprüfung.
Error - 23.12.2010 18:08:49 | Computer Name = HUMPAA | Source = vpnagent | ID = 67108866
Description = Function: MSSaxErrorHandlerImpl::fatalError File: .\Xml\MSSaxErrorHandlerImpl.cpp
Line:
31 Invoked Function: CVCMSSaxParser Return Code: -1072897499 (0xC00CE225) Description:
WINDOWS_ERROR_CODE XML Parser fatal error: Fehler bei der Überprüfung.
Error - 24.12.2010 11:13:38 | Computer Name = HUMPAA | Source = vpnagent | ID = 67108866
Description = Function: MSSaxErrorHandlerImpl::fatalError File: .\Xml\MSSaxErrorHandlerImpl.cpp
Line:
31 Invoked Function: CVCMSSaxParser Return Code: -1072897499 (0xC00CE225) Description:
WINDOWS_ERROR_CODE XML Parser fatal error: Fehler bei der Überprüfung.
[ OSession Events ]
Error - 13.06.2009 13:33:40 | Computer Name = HUMPAA | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
12.0.6504.5001, Microsoft Office Version: 12.0.6425.1000. This session lasted 2053
seconds with 0 seconds of active time. This session ended with a crash.
Error - 18.06.2009 04:41:01 | Computer Name = HUMPAA | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
12.0.6504.5001, Microsoft Office Version: 12.0.6425.1000. This session lasted 32
seconds with 0 seconds of active time. This session ended with a crash.
Error - 30.09.2009 08:36:12 | Computer Name = HUMPAA | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
12.0.6504.5001, Microsoft Office Version: 12.0.6425.1000. This session lasted 2
seconds with 0 seconds of active time. This session ended with a crash.
Error - 11.03.2010 07:27:29 | Computer Name = HUMPAA | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6504.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 6
seconds with 0 seconds of active time. This session ended with a crash.
Error - 18.03.2010 17:01:38 | Computer Name = HUMPAA | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6504.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 4
seconds with 0 seconds of active time. This session ended with a crash.
Error - 21.04.2010 03:48:54 | Computer Name = HUMPAA | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6504.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 5
seconds with 0 seconds of active time. This session ended with a crash.
Error - 21.04.2010 03:48:54 | Computer Name = HUMPAA | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6504.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 8
seconds with 0 seconds of active time. This session ended with a crash.
Error - 23.04.2010 16:27:59 | Computer Name = HUMPAA | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6504.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 5
seconds with 0 seconds of active time. This session ended with a crash.
Error - 12.05.2010 09:17:43 | Computer Name = HUMPAA | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 3, Application Name: Microsoft Office PowerPoint, Application
Version: 12.0.6500.5000, Microsoft Office Version: 12.0.6425.1000. This session
lasted 1742 seconds with 600 seconds of active time. This session ended with a
crash.
Error - 19.05.2010 10:53:58 | Computer Name = HUMPAA | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 3, Application Name: Microsoft Office PowerPoint, Application
Version: 12.0.6500.5000, Microsoft Office Version: 12.0.6425.1000. This session
lasted 330 seconds with 60 seconds of active time. This session ended with a crash.
[ System Events ]
Error - 23.12.2010 03:24:54 | Computer Name = HUMPAA | Source = VolSnap | ID = 393238
Description = Das angegebene Vergleichsbereichsvolume für Schattenkopien auf Volume
"C:" konnte nicht hinzugefügt werden.
Error - 23.12.2010 03:29:40 | Computer Name = HUMPAA | Source = VolSnap | ID = 393238
Description = Das angegebene Vergleichsbereichsvolume für Schattenkopien auf Volume
"C:" konnte nicht hinzugefügt werden.
Error - 24.12.2010 11:21:29 | Computer Name = HUMPAA | Source = Wechselmediendienst | ID = 262255
Description = Der Wechselmediendienst konnte die Medien in Laufwerk Laufwerk 0 der
Bibliothek Ricoh SD Disk Device nicht laden.
Error - 24.12.2010 11:21:36 | Computer Name = HUMPAA | Source = Wechselmediendienst | ID = 262255
Description = Der Wechselmediendienst konnte die Medien in Laufwerk Laufwerk 0 der
Bibliothek Ricoh SD Disk Device nicht laden.
Error - 24.12.2010 11:24:13 | Computer Name = HUMPAA | Source = Wechselmediendienst | ID = 262255
Description = Der Wechselmediendienst konnte die Medien in Laufwerk Laufwerk 0 der
Bibliothek Ricoh SD Disk Device nicht laden.
Error - 24.12.2010 11:24:18 | Computer Name = HUMPAA | Source = Wechselmediendienst | ID = 262255
Description = Der Wechselmediendienst konnte die Medien in Laufwerk Laufwerk 0 der
Bibliothek Ricoh SD Disk Device nicht laden.
Error - 24.12.2010 11:27:39 | Computer Name = HUMPAA | Source = Wechselmediendienst | ID = 262255
Description = Der Wechselmediendienst konnte die Medien in Laufwerk Laufwerk 0 der
Bibliothek Ricoh SD Disk Device nicht laden.
Error - 24.12.2010 11:27:53 | Computer Name = HUMPAA | Source = Wechselmediendienst | ID = 262255
Description = Der Wechselmediendienst konnte die Medien in Laufwerk Laufwerk 0 der
Bibliothek Ricoh SD Disk Device nicht laden.
Error - 24.12.2010 11:31:07 | Computer Name = HUMPAA | Source = Wechselmediendienst | ID = 262255
Description = Der Wechselmediendienst konnte die Medien in Laufwerk Laufwerk 0 der
Bibliothek Ricoh SD Disk Device nicht laden.
Error - 24.12.2010 11:31:11 | Computer Name = HUMPAA | Source = Wechselmediendienst | ID = 262255
Description = Der Wechselmediendienst konnte die Medien in Laufwerk Laufwerk 0 der
Bibliothek Ricoh SD Disk Device nicht laden.
< End of report >
--- --- --- |
