Hallo kira,
alle Programme die du aufgelistet hast, auch eMule und DVDVideoSoftTB Toolbar sind deinstalliert. Adobe Reader 9.4.6 ist konfiguriert, Updates sind keine verfügbar. Adobe Reader X(10.11) ist im Netz, aber ich habe es nicht heruntergeladen. SUPERAntiSyware FREE Edition geladen und nach dem Scan wieder deinstalliert. iPhone an den Rechner angeschlossen (eine externe Festplatte oder einen USB Stick habe ich im Moment nicht) und einen Komplett-Systemcheck mit Eset Online Scanner durchgeführt. Danach Eset Online Scanner V3 entfernt und den Ordner Eset manuell gelöscht. Danach System bereinigt (cleanmgr) (was ist HJT ?) (mit HJT folgenden Eintrag fixen: habe ich nicht gemacht).
Zum Schluss noch mit OTL einen Scan gemacht und danach die komplette Liste gepostet. Ich hoffe das passt soweit alles.
Gruß ArMin.K Code:
SUPERAntiSpyware Scan Log
hxxp://www.superantispyware.com
Generated 11/25/2011 at 04:18 PM
Application Version : 5.0.1136
Core Rules Database Version : 7986
Trace Rules Database Version: 5798
Scan type : Complete Scan
Total Scan Time : 03:11:28
Operating System Information
Windows XP Home Edition 32-bit, Service Pack 3 (Build 5.01.2600)
Administrator
Memory items scanned : 627
Memory threats detected : 0
Registry items scanned : 39726
Registry threats detected : 22
File items scanned : 53091
File threats detected : 9
Security.HiJack[ImageFileExecutionOptions]
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\BACKITUP.EXE
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\BACKITUP.EXE#Debugger
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\COMPONENTLAUNCHER.EXE
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\COMPONENTLAUNCHER.EXE#Debugger
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\COVERDES.EXE
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\COVERDES.EXE#Debugger
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\EMUUSBAUDIOCP.EXE
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\EMUUSBAUDIOCP.EXE#Debugger
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\NERO.EXE
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\NERO.EXE#Debugger
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\NEROVISION.EXE
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\NEROVISION.EXE#Debugger
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\PGADMIN3.EXE
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\PGADMIN3.EXE#Debugger
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\PG_CTL.EXE
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\PG_CTL.EXE#Debugger
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\PHOTOSHOP ALBUM STARTER EDITION.EXE
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\PHOTOSHOP ALBUM STARTER EDITION.EXE#Debugger
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\PHOTOSNAPVIEWER.EXE
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\PHOTOSNAPVIEWER.EXE#Debugger
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\UIMAIN.EXE
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\UIMAIN.EXE#Debugger
Adware.Tracking Cookie
C:\Dokumente und Einstellungen\Armin\Cookies\PG7GRXLA.txt [ /microsoftinternetexplorer.112.2o7.net ]
C:\DOKUMENTE UND EINSTELLUNGEN\ARMIN\Cookies\TXEZO5JY.txt [ Cookie:armin@clkads.com/adServe/ ]
.partyaccount.com [ C:\DOKUMENTE UND EINSTELLUNGEN\ARMIN\ANWENDUNGSDATEN\MOZILLA-CACHE\PARTY\PARTYPOKER\COOKIES.TXT ]
secure.partyaccount.com [ C:\DOKUMENTE UND EINSTELLUNGEN\ARMIN\ANWENDUNGSDATEN\MOZILLA-CACHE\PARTY\PARTYPOKER\COOKIES.TXT ]
secure.partyaccount.com [ C:\DOKUMENTE UND EINSTELLUNGEN\ARMIN\ANWENDUNGSDATEN\MOZILLA-CACHE\PARTY\PARTYPOKER\COOKIES.TXT ]
secure.partyaccount.com [ C:\DOKUMENTE UND EINSTELLUNGEN\ARMIN\ANWENDUNGSDATEN\MOZILLA-CACHE\PARTY\PARTYPOKER\COOKIES.TXT ]
secure.partyaccount.com [ C:\DOKUMENTE UND EINSTELLUNGEN\ARMIN\ANWENDUNGSDATEN\MOZILLA-CACHE\PARTY\PARTYPOKER\COOKIES.TXT ]
earlyexperience.partyaccount.com [ C:\DOKUMENTE UND EINSTELLUNGEN\ARMIN\ANWENDUNGSDATEN\MOZILLA-CACHE\PARTY\PARTYPOKER\COOKIES.TXT ]
Trojan.Agent/Gen-Nullo[Short]
C:\SYSTEM VOLUME INFORMATION\_RESTORE{B8CDCA7F-D75A-41CB-A024-E55E1EBCEE28}\RP530\A0320630.EXE Code:
ESETSmartInstaller@High as CAB hook log:
OnlineScanner.ocx - registred OK
# version=7
# iexplore.exe=7.00.6000.17103 (vista_gdr.110816-1000)
# OnlineScanner.ocx=1.0.0.6583
# api_version=3.0.2
# EOSSerial=8d65875598164641817491c2553678e6
# end=finished
# remove_checked=true
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2011-11-26 02:41:46
# local_time=2011-11-26 03:41:46 (+0100, Westeuropäische Normalzeit)
# country="Germany"
# lang=1033
# osver=5.1.2600 NT Service Pack 3
# compatibility_mode=crash
# scanned=117568
# found=2
# cleaned=2
# scan_time=21834
C:\Dokumente und Einstellungen\Armin\Eigene Dateien\Tobi+Gesine\registrybooster.exe multiple threats (deleted - quarantined) 00000000000000000000000000000000 C
C:\Dokumente und Einstellungen\Armin\Eigene Dateien\Tobi+Gesine\SoftonicDownloader_fuer_vuze.exe a variant of Win32/SoftonicDownloader.A application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C Code:
OTL logfile created on: 26.11.2011 08:35:15 - Run 3
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Dokumente und Einstellungen\Armin\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
2,00 Gb Total Physical Memory | 1,49 Gb Available Physical Memory | 74,38% Memory free
3,85 Gb Paging File | 3,33 Gb Available in Paging File | 86,50% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 74,52 Gb Total Space | 18,18 Gb Free Space | 24,39% Space Free | Partition Type: NTFS
Drive D: | 299,60 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
Drive E: | 74,52 Gb Total Space | 46,91 Gb Free Space | 62,95% Space Free | Partition Type: NTFS
Computer Name: KRAGL-5F606B60D | User Name: Armin | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2011.11.23 12:41:20 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Dokumente und Einstellungen\Armin\Desktop\OTL.exe
PRC - [2011.10.24 21:32:00 | 000,055,144 | ---- | M] (Apple Inc.) -- C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\AppleMobileDeviceService.exe
PRC - [2011.09.16 15:51:28 | 000,671,552 | ---- | M] (TuneUp Software) -- C:\Programme\TuneUp Utilities 2011\TuneUpUtilitiesApp32.exe
PRC - [2011.09.16 15:48:46 | 001,526,080 | ---- | M] (TuneUp Software) -- C:\Programme\TuneUp Utilities 2011\TuneUpUtilitiesService32.exe
PRC - [2011.07.29 00:08:12 | 001,259,376 | ---- | M] () -- C:\Programme\DivX\DivX Update\DivXUpdate.exe
PRC - [2011.04.14 15:07:58 | 000,156,992 | ---- | M] (Panda Security, S.L.) -- C:\Programme\Panda Security\Panda Global Protection 2012\TPSrv.exe
PRC - [2011.04.13 16:06:56 | 001,000,768 | ---- | M] (Panda Security, S.L.) -- C:\Programme\Panda Security\Panda Global Protection 2012\ApVxdWin.exe
PRC - [2010.10.20 14:49:18 | 000,202,048 | ---- | M] (Panda Security, S.L.) -- C:\Programme\Panda Security\Panda Global Protection 2012\PavFnSvr.exe
PRC - [2010.08.16 13:54:46 | 000,028,992 | ---- | M] (Panda Security, S.L.) -- C:\Programme\Panda Security\Panda Global Protection 2012\psksvc.exe
PRC - [2010.06.04 09:37:50 | 000,314,176 | ---- | M] (Panda Security, S.L.) -- C:\Programme\Panda Security\Panda Global Protection 2012\pavsrvx86.exe
PRC - [2010.05.28 12:42:32 | 000,225,600 | ---- | M] (Panda Security, S.L.) -- C:\Programme\Panda Security\Panda Global Protection 2012\AVENGINE.EXE
PRC - [2010.04.22 17:29:12 | 000,107,776 | ---- | M] (Panda Security, S.L.) -- C:\Programme\Panda Security\Panda Global Protection 2012\WebProxy.exe
PRC - [2010.02.23 11:09:34 | 000,111,872 | ---- | M] (Panda Security, S.L.) -- C:\Programme\Panda Security\Panda Global Protection 2012\PavBckPT.exe
PRC - [2009.11.26 16:03:56 | 000,226,560 | ---- | M] (Panda Security International) -- c:\Programme\Panda Security\Panda Global Protection 2012\FIREWALL\PSHost.exe
PRC - [2009.08.10 13:46:08 | 000,173,312 | ---- | M] (Panda Security, S.L.) -- C:\Programme\Panda Security\Panda Global Protection 2012\PsCtrlS.exe
PRC - [2009.03.05 02:18:48 | 000,054,784 | ---- | M] (Macrovision) -- C:\WINDOWS\system32\drivers\CDAC11BA.EXE
PRC - [2008.06.27 12:23:00 | 000,091,392 | ---- | M] (Panda Security, S.L.) -- C:\Programme\Panda Security\Panda Global Protection 2012\SrvLoad.exe
PRC - [2008.06.19 11:59:50 | 000,108,288 | ---- | M] (Panda Security S.L.) -- C:\Programme\Panda Security\Panda Global Protection 2012\PsImSvc.exe
PRC - [2008.04.14 03:22:45 | 001,036,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007.11.26 14:10:08 | 000,020,992 | ---- | M] (E-MU Systems) -- C:\WINDOWS\system32\emaudsv.exe
PRC - [2007.08.23 16:40:48 | 000,079,136 | ---- | M] (Hewlett-Packard Company) -- C:\Programme\Gemeinsame Dateien\LightScribe\LSSrvc.exe
PRC - [2006.10.04 20:36:26 | 000,061,440 | ---- | M] (Deutsche Telekom AG, Marmiko IT-Solutions GmbH) -- C:\Programme\Gemeinsame Dateien\Marmiko Shared\MZCCntrl.exe
PRC - [2003.06.19 23:25:00 | 000,322,120 | ---- | M] (Microsoft Corporation) -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7Debug\mdm.exe
========== Modules (No Company Name) ==========
MOD - [2011.07.29 00:09:42 | 000,096,112 | ---- | M] () -- C:\Programme\DivX\DivX Update\DivXUpdateCheck.dll
MOD - [2011.07.29 00:08:12 | 001,259,376 | ---- | M] () -- C:\Programme\DivX\DivX Update\DivXUpdate.exe
MOD - [2011.06.24 21:56:36 | 000,087,328 | ---- | M] () -- C:\Programme\Gemeinsame Dateien\Apple\Apple Application Support\zlib1.dll
MOD - [2011.06.24 21:56:14 | 001,241,888 | ---- | M] () -- C:\Programme\Gemeinsame Dateien\Apple\Apple Application Support\libxml2.dll
MOD - [2009.02.27 16:41:26 | 000,311,296 | ---- | M] () -- C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\pdfshell.DEU
MOD - [2007.02.14 12:55:12 | 000,165,424 | ---- | M] () -- C:\Programme\Panda Security\Panda Global Protection 2012\MiniCrypto.dll
MOD - [2007.02.14 12:55:12 | 000,099,888 | ---- | M] () -- C:\Programme\Panda Security\Panda Global Protection 2012\APIcr.dll
MOD - [2004.05.19 10:33:12 | 000,507,904 | ---- | M] () -- C:\Programme\Panda Security\Panda Global Protection 2012\LIBXML2.DLL
========== Win32 Services (SafeList) ==========
SRV - File not found [Disabled | Stopped] -- -- (Pertfraugch)
SRV - File not found [Disabled | Stopped] -- -- (HidServ)
SRV - File not found [On_Demand | Stopped] -- -- (AppMgmt)
SRV - [2011.10.24 21:32:00 | 000,055,144 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2011.09.16 15:48:46 | 001,526,080 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Programme\TuneUp Utilities 2011\TuneUpUtilitiesService32.exe -- (TuneUp.UtilitiesSvc)
SRV - [2011.09.16 15:44:28 | 000,029,504 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\WINDOWS\system32\uxtuneup.dll -- (UxTuneUp)
SRV - [2011.04.14 15:07:58 | 000,156,992 | ---- | M] (Panda Security, S.L.) [Auto | Running] -- C:\Programme\Panda Security\Panda Global Protection 2012\TPSrv.exe -- (TPSrv)
SRV - [2010.10.20 14:49:18 | 000,202,048 | ---- | M] (Panda Security, S.L.) [Auto | Running] -- C:\Programme\Panda Security\Panda Global Protection 2012\PavFnSvr.exe -- (PAVFNSVR)
SRV - [2010.08.16 13:54:46 | 000,028,992 | ---- | M] (Panda Security, S.L.) [Auto | Running] -- C:\Programme\Panda Security\Panda Global Protection 2012\PskSvc.exe -- (PskSvcRetail)
SRV - [2010.06.04 09:37:50 | 000,314,176 | ---- | M] (Panda Security, S.L.) [Auto | Running] -- C:\Programme\Panda Security\Panda Global Protection 2012\pavsrvx86.exe -- (PAVSRV)
SRV - [2009.11.26 16:03:56 | 000,226,560 | ---- | M] (Panda Security International) [Auto | Running] -- c:\programme\panda security\panda global protection 2012\firewall\PSHOST.EXE -- (PSHost)
SRV - [2009.08.10 13:46:08 | 000,173,312 | ---- | M] (Panda Security, S.L.) [Auto | Running] -- C:\Programme\Panda Security\Panda Global Protection 2012\PsCtrls.exe -- (Panda Software Controller)
SRV - [2009.08.07 11:43:04 | 000,045,816 | ---- | M] (NOS Microsystems Ltd.) [On_Demand | Stopped] -- C:\Programme\NOS\bin\getPlus_Helper.dll -- (getPlusHelper) getPlus(R)
SRV - [2009.03.05 02:18:48 | 000,054,784 | ---- | M] (Macrovision) [Auto | Running] -- C:\WINDOWS\system32\drivers\CDAC11BA.EXE -- (C-DillaCdaC11BA)
SRV - [2008.10.21 14:50:00 | 000,548,864 | ---- | M] (Magix AG) [On_Demand | Stopped] -- C:\Programme\Gemeinsame Dateien\MAGIX Shared\UPnPService\UPnPService.exe -- (UPnPService)
SRV - [2008.09.19 02:03:58 | 000,065,536 | ---- | M] (PostgreSQL Global Development Group) [Disabled | Stopped] -- C:\Programme\PostgreSQL\8.3\bin\pg_ctl.exe -- (pgsql-8.3)
SRV - [2008.06.19 11:59:50 | 000,108,288 | ---- | M] (Panda Security S.L.) [Auto | Running] -- C:\Programme\Panda Security\Panda Global Protection 2012\PsImSvc.exe -- (PSIMSVC)
SRV - [2008.01.22 09:13:26 | 000,275,752 | ---- | M] (Nero AG) [Disabled | Stopped] -- C:\Programme\Gemeinsame Dateien\Ahead\Lib\NMIndexingService.exe -- (NMIndexingService)
SRV - [2007.11.26 14:10:08 | 000,020,992 | ---- | M] (E-MU Systems) [Auto | Running] -- C:\WINDOWS\system32\emaudsv.exe -- (emaudsv)
SRV - [2007.11.26 13:54:12 | 001,554,728 | ---- | M] (Nero AG) [Disabled | Stopped] -- C:\Programme\Nero\Nero 7\InCD\InCDsrv.exe -- (InCDsrv)
SRV - [2007.08.23 16:40:48 | 000,079,136 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Programme\Gemeinsame Dateien\LightScribe\LSSrvc.exe -- (LightScribeService)
SRV - [2007.02.08 15:13:46 | 000,212,480 | ---- | M] (Nokia.) [Disabled | Stopped] -- C:\Programme\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2006.10.04 20:36:26 | 000,061,440 | ---- | M] (Deutsche Telekom AG, Marmiko IT-Solutions GmbH) [Auto | Running] -- C:\Programme\Gemeinsame Dateien\Marmiko Shared\MZCCntrl.exe -- (MZCCntrl)
SRV - [2005.02.24 15:30:50 | 000,073,728 | ---- | M] (Macrovision Corporation) [On_Demand | Stopped] -- C:\Programme\Gemeinsame Dateien\InstallShield\Driver\1050\Intel 32\IDriverT.exe -- (IDriverT)
SRV - [2003.06.19 23:25:00 | 000,322,120 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7Debug\mdm.exe -- (MDM)
========== Driver Services (SafeList) ==========
DRV - File not found [Kernel | Unknown | Running] -- -- (SASKUTIL)
DRV - File not found [Kernel | On_Demand | Running] -- -- (PavTPK.sys)
DRV - File not found [Kernel | On_Demand | Running] -- -- (PavSRK.sys)
DRV - File not found [File_System | On_Demand | Running] -- -- (AvFlt)
DRV - [2011.11.25 18:44:25 | 000,013,880 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\COMFiltr.sys -- (ComFiltr)
DRV - [2011.01.31 15:41:28 | 000,083,528 | ---- | M] (Panda Security, S.L.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\APPFLT.SYS -- (APPFLT)
DRV - [2010.11.29 19:27:40 | 000,010,064 | ---- | M] (TuneUp Software) [Kernel | On_Demand | Running] -- C:\Programme\TuneUp Utilities 2011\TuneUpUtilitiesDriver32.sys -- (TuneUpUtilitiesDrv)
DRV - [2010.09.09 15:23:00 | 000,193,864 | ---- | M] (Panda Security, S.L.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\idsflt.sys -- (IDSFLT)
DRV - [2010.09.01 10:09:14 | 000,201,032 | ---- | M] (Panda Security, S.L.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\neti1644.sys -- (NETIMFLT01060044)
DRV - [2010.06.22 17:13:00 | 000,026,696 | ---- | M] (Panda Security, S.L.) [File_System | Boot | Running] -- C:\WINDOWS\system32\Drivers\pavboot.sys -- (pavboot)
DRV - [2010.05.21 12:50:26 | 000,059,080 | ---- | M] (Panda Security, S.L.) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\amm8651.sys -- (AmFSM)
DRV - [2010.03.02 12:10:10 | 000,271,360 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\atksgt.sys -- (atksgt)
DRV - [2010.03.02 12:10:09 | 000,018,048 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\lirsgt.sys -- (lirsgt)
DRV - [2009.09.25 13:54:08 | 000,046,856 | ---- | M] (Panda Security, S.L.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\wnmflt.sys -- (WNMFLT)
DRV - [2009.09.25 13:54:06 | 000,159,112 | ---- | M] (Panda Security, S.L.) [TDI Layer] [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\NETFLTDI.SYS -- (NETFLTDI)
DRV - [2009.09.25 13:54:04 | 000,022,024 | ---- | M] (Panda Security, S.L.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\fnetmon.sys -- (FNETMON)
DRV - [2009.09.25 13:54:02 | 000,053,256 | ---- | M] (Panda Security, S.L.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\dsaflt.sys -- (DSAFLT)
DRV - [2009.03.05 02:18:47 | 000,012,464 | ---- | M] (Macrovision Europe Ltd) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\CdaC15BA.SYS -- (CdaC15BA)
DRV - [2008.12.17 20:51:45 | 000,022,304 | ---- | M] (Doug Fetter Software Wizardry) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbkt1x1.sys -- (USBKT1X1)
DRV - [2008.12.17 20:51:45 | 000,013,504 | ---- | M] (MIDIMAN) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\uks11ldr.sys -- (UKS11LDR)
DRV - [2008.04.13 19:53:09 | 000,040,320 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nmnt.sys -- (nm)
DRV - [2008.01.24 15:09:34 | 000,048,904 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\WmXlCore.sys -- (WmXlCore)
DRV - [2008.01.24 15:09:24 | 000,014,728 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\WmVirHid.sys -- (WmVirHid)
DRV - [2008.01.24 15:09:04 | 000,028,168 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\WmFilter.sys -- (WmFilter)
DRV - [2008.01.24 15:08:54 | 000,019,336 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\WmBEnum.sys -- (WmBEnum)
DRV - [2007.11.26 14:14:54 | 000,163,352 | ---- | M] (E-MU Systems) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\emusba10.sys -- (emusba10)
DRV - [2007.11.26 13:54:12 | 000,038,440 | ---- | M] (Nero AG) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\InCDRm.sys -- (incdrm)
DRV - [2007.11.26 13:54:12 | 000,036,776 | ---- | M] (Nero AG) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\InCDPass.sys -- (InCDPass)
DRV - [2007.11.26 13:54:02 | 000,118,952 | ---- | M] (Nero AG) [File_System | Disabled | Running] -- C:\WINDOWS\system32\drivers\InCDfs.sys -- (InCDfs)
DRV - [2007.09.18 17:02:44 | 000,009,472 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\dumpdrv.sys -- (DumpDrv)
DRV - [2007.09.18 17:02:40 | 000,025,244 | ---- | M] (Adaptec) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aspi32.sys -- (Aspi32)
DRV - [2007.09.06 02:31:30 | 004,611,072 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2007.02.22 09:15:56 | 000,137,216 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nmwcd.sys -- (nmwcd)
DRV - [2007.02.22 09:15:14 | 000,012,288 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nmwcdcm.sys -- (nmwcdcm)
DRV - [2007.02.22 09:15:14 | 000,012,288 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nmwcdcj.sys -- (nmwcdcj)
DRV - [2007.02.22 09:15:14 | 000,008,320 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nmwcdc.sys -- (nmwcdc)
DRV - [2006.11.22 07:01:00 | 000,250,496 | ---- | M] (Marvell) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\yk51x86.sys -- (yukonwxp)
DRV - [2006.10.04 08:14:26 | 000,017,280 | ---- | M] (Marmiko IT-Solutions GmbH) [Kernel | On_Demand | Stopped] -- C:\Programme\Gemeinsame Dateien\Marmiko Shared\MAcNdis5.sys -- (MACNDIS5)
DRV - [2005.05.09 20:08:40 | 000,033,792 | ---- | M] (Team H2O) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\cledx.sys -- (CLEDX)
DRV - [2001.04.09 14:03:56 | 000,017,784 | ---- | M] (Syncrosoft Hard- und Software GmbH) [Kernel | Auto | Stopped] -- C:\WINDOWS\System32\drivers\NSynas32.sys -- (Nsynas32)
DRV - [1999.01.15 07:38:00 | 000,073,216 | ---- | M] () [Kernel | Auto | Stopped] -- C:\WINDOWS\System32\Drivers\SENTINEL.SYS -- (Sentinel)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\..\URLSearchHook: {57BCA5FA-5DBB-45a2-B558-1755C3F6253B} - C:\Programme\Winamp Toolbar\winamptb.dll (AOL LLC.)
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.conduit.com?SearchSource=10&ctid=CT2269050/
IE - HKCU\..\URLSearchHook: {57BCA5FA-5DBB-45A2-B558-1755C3F6253B} - C:\Programme\Winamp Toolbar\winamptb.dll (AOL LLC.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
========== FireFox ==========
FF - prefs.js..browser.startup.homepage: "hxxp://www.searchqu.com/410"
FF - prefs.js..browser.search.defaultenginename: "Search Results"
FF - prefs.js..browser.search.selectedEngine: "Search Results"
FF - prefs.js..keyword.URL: "hxxp://dts.search-results.com/sr?src=ffb&appid=0&systemid=410&sr=0&q="
FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&type=937811&ilc=12"
FF - prefs.js..browser.search.order.1: "Search Results"
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Programme\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Programme\DivX\DivX Plus Web Player\npdivx32.dll (DivX,Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Programme\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Programme\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Programme\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Programme\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Programme\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Programme\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Programme\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Dokumente und Einstellungen\Armin\Lokale Einstellungen\Anwendungsdaten\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Dokumente und Einstellungen\Armin\Lokale Einstellungen\Anwendungsdaten\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Programme\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 2.0.0.17\extensions\\Components: C:\PROGRA~1\Mozilla Firefox\components [2011.11.03 11:12:56 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 2.0.0.17\extensions\\Plugins: C:\PROGRA~1\Mozilla Firefox\plugins [2011.11.03 11:12:56 | 000,000,000 | ---D | M]
[2011.11.25 12:01:15 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\Armin\Anwendungsdaten\Mozilla\Firefox\Profiles\5s5hodkx.default\extensions
[2009.02.20 16:34:10 | 000,000,000 | ---D | M] (Winamp Toolbar) -- C:\Dokumente und Einstellungen\Armin\Anwendungsdaten\Mozilla\Firefox\Profiles\5s5hodkx.default\extensions\{0b38152b-1b20-484d-a11f-5e04a9b0661f}
[2011.10.30 09:55:39 | 000,000,000 | ---D | M] ("Free YouTube Download (Free Studio) Menu") -- C:\Dokumente und Einstellungen\Armin\Anwendungsdaten\Mozilla\Firefox\Profiles\5s5hodkx.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
[2011.11.23 11:12:21 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\Armin\Anwendungsdaten\Mozilla\Firefox\Profiles\5s5hodkx.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}
[2010.03.22 19:20:06 | 000,000,000 | ---D | M] (DVDVideoSoft Toolbar) -- C:\Dokumente und Einstellungen\Armin\Anwendungsdaten\Mozilla\Firefox\Profiles\5s5hodkx.default\extensions\{e9911ec6-1bcc-40b0-9993-e0eea7f6953f}
[2008.04.18 21:32:36 | 000,000,000 | ---D | M] (Wortliste von hxxp://tkltrans.sf.net (alte und neue deutsche Rechtschreibung)) -- C:\Dokumente und Einstellungen\Armin\Anwendungsdaten\Mozilla\Firefox\Profiles\5s5hodkx.default\extensions\de-DE-comb@dictionaries.addons.mozilla.org
[2011.11.22 14:19:33 | 000,002,515 | ---- | M] () -- C:\Dokumente und Einstellungen\Armin\Anwendungsdaten\Mozilla\Firefox\Profiles\5s5hodkx.default\searchplugins\Search_Results.xml
[2011.11.25 11:40:44 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
[2010.05.24 20:47:29 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions\{8AA36F4F-6DC7-4c06-77AF-5035170634FE}
[2010.06.07 11:28:26 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010.09.18 04:56:57 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
[2011.10.02 13:02:19 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA}
[2011.11.03 19:55:38 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA}
[2008.09.04 14:15:02 | 000,000,000 | ---D | M] (Talkback) -- C:\Programme\Mozilla Firefox\extensions\talkback@mozilla.org
[2008.11.08 04:08:27 | 000,067,696 | ---- | M] (Mozilla Foundation) -- C:\Programme\mozilla firefox\components\jar50.dll
[2008.11.08 04:08:27 | 000,054,376 | ---- | M] (Mozilla Foundation) -- C:\Programme\mozilla firefox\components\jsd3250.dll
[2008.11.08 04:08:27 | 000,034,952 | ---- | M] (Mozilla Foundation) -- C:\Programme\mozilla firefox\components\myspell.dll
[2008.11.08 04:08:27 | 000,046,720 | ---- | M] (Mozilla Foundation) -- C:\Programme\mozilla firefox\components\spellchk.dll
[2008.11.08 04:08:27 | 000,172,144 | ---- | M] (Mozilla Foundation) -- C:\Programme\mozilla firefox\components\xpinstal.dll
[2011.10.03 05:06:04 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Programme\mozilla firefox\plugins\npdeployJava1.dll
[2008.09.04 14:15:01 | 000,001,525 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\amazondotcom-de.xml
[2007.07.26 12:05:16 | 000,001,329 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\crawlersrch.xml
[2008.09.04 14:15:01 | 000,001,063 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\eBay-de.xml
[2011.11.22 14:19:33 | 000,002,515 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\Search_Results.xml
[2008.09.04 14:15:01 | 000,000,998 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\wikipedia-de.xml
[2008.09.04 14:15:01 | 000,000,815 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\yahoo-de.xml
========== Chrome ==========
CHR - default_search_provider: Search Results (Enabled)
CHR - default_search_provider: search_url = hxxp://dts.search-results.com/sr?src=crb&appid=0&systemid=410&sr=0&q={searchTerms}
CHR - default_search_provider: suggest_url =
CHR - plugin: Shockwave Flash (Enabled) = C:\Dokumente und Einstellungen\Armin\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\Application\15.0.874.121\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\PROGRA~1\Mozilla Firefox\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\PROGRA~1\Mozilla Firefox\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\PROGRA~1\Mozilla Firefox\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\PROGRA~1\Mozilla Firefox\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\PROGRA~1\Mozilla Firefox\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\PROGRA~1\Mozilla Firefox\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\PROGRA~1\Mozilla Firefox\plugins\npqtplugin7.dll
CHR - plugin: Java Deployment Toolkit 6.0.210.7 (Enabled) = C:\PROGRA~1\Mozilla Firefox\plugins\npdeployJava1.dll
CHR - plugin: Java(TM) Platform SE 6 U21 (Enabled) = C:\Programme\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\PROGRA~1\Mozilla Firefox\plugins\nppdf32.dll
CHR - plugin: DivX Web Player (Enabled) = C:\Programme\DivX\DivX Plus Web Player\npdivx32.dll
CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = C:\Programme\Windows Media Player\npdsplay.dll
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Dokumente und Einstellungen\Armin\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\Application\15.0.874.121\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Dokumente und Einstellungen\Armin\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\Application\15.0.874.121\pdf.dll
CHR - plugin: getPlusPlus for Adobe 16241 (Enabled) = C:\PROGRA~1\Mozilla Firefox\plugins\np_gp.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Programme\Windows Media Player\npdrmv2.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Programme\Windows Media Player\npwmsdrm.dll
CHR - plugin: Google Update (Enabled) = C:\Dokumente und Einstellungen\Armin\Lokale Einstellungen\Anwendungsdaten\Google\Update\1.3.21.69\npGoogleUpdate3.dll
CHR - plugin: DivX VOD Helper Plug-in (Enabled) = C:\Programme\DivX\DivX OVS Helper\npovshelper.dll
CHR - plugin: Google Earth Plugin (Enabled) = C:\Programme\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Picasa (Enabled) = C:\Programme\Google\Picasa3\npPicasa3.dll
CHR - plugin: Pando Web Plugin (Enabled) = C:\Programme\Pando Networks\Media Booster\npPandoWebPlugin.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Programme\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
O1 HOSTS File: ([2006.02.28 13:00:00 | 000,000,820 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (Winamp Toolbar Loader) - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Programme\Winamp Toolbar\winamptb.dll (AOL LLC.)
O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programme\Google\GoogleToolbarNotifier\5.7.7018.1622\swg.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (no name) - {99079a25-328f-4bd4-be04-00955acaa0a7} - No CLSID value found.
O3 - HKLM\..\Toolbar: (Winamp Toolbar) - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Programme\Winamp Toolbar\winamptb.dll (AOL LLC.)
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (Winamp Toolbar) - {EBF2BA02-9094-4C5A-858B-BB198F3D8DE2} - C:\Programme\Winamp Toolbar\winamptb.dll (AOL LLC.)
O4 - HKLM..\Run: [Adobe ARM] C:\Programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Adobe Photo Downloader] C:\Programme\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\Alcmtr.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [AppleSyncNotifier] C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\AppleSyncNotifier.exe (Apple Inc.)
O4 - HKLM..\Run: [APSDaemon] C:\Programme\Gemeinsame Dateien\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [APVXDWIN] C:\Programme\Panda Security\Panda Global Protection 2012\APVXDWIN.EXE (Panda Security, S.L.)
O4 - HKLM..\Run: [DivXUpdate] C:\Programme\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [SCANINICIO] C:\Programme\Panda Security\Panda Global Protection 2012\Inicio.exe (Panda Security, S.L.)
O4 - HKLM..\Run: [sclauncher] C:\Programme\SimpleCenter\bin\win\sclauncher.exe (Universal Electronics Inc.)
O4 - HKCU..\Run: [E-MU USB Audio Control Panel] C:\Programme\Creative Professional\E-MU USB Audio\EmuUsbAudioCP.exe (E-MU Systems)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 91 00 00 00 [binary data]
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutorun = 0
O8 - Extra context menu item: &Winamp Search - C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html ()
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\WINDOWS\System32\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Dokumente und Einstellungen\Armin\Anwendungsdaten\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O9 - Extra 'Tools' menuitem : Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre6\bin\npjpi160_29.dll (Sun Microsystems, Inc.)
O9 - Extra Button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Programme\PokerStars\PokerStarsUpdate.exe (PokerStars)
O9 - Extra Button: PartyGammon.com - {59A861EE-32B3-42cd-8CCA-FC130EDF3A44} - C:\Programme\PartyGaming\PartyGammon\RunBackGammon.exe File not found
O9 - Extra 'Tools' menuitem : PartyGammon.com - {59A861EE-32B3-42cd-8CCA-FC130EDF3A44} - C:\Programme\PartyGaming\PartyGammon\RunBackGammon.exe File not found
O9 - Extra Button: PartyCasino - {B4B52284-A248-4c51-9F7C-F0A0C67FCC9D} - C:\Programme\PartyGaming\PartyCasino\RunApp.exe File not found
O9 - Extra 'Tools' menuitem : PartyCasino - {B4B52284-A248-4c51-9F7C-F0A0C67FCC9D} - C:\Programme\PartyGaming\PartyCasino\RunApp.exe File not found
O9 - Extra Button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Programme\PartyGaming\PartyPoker\RunApp.exe File not found
O9 - Extra 'Tools' menuitem : PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Programme\PartyGaming\PartyPoker\RunApp.exe File not found
O9 - Extra Button: PartyPoker.net - {F4430FE8-2638-42e5-B849-800749B94EED} - C:\Programme\PartyGaming.Net\PartyPokerNet\RunPF.exe File not found
O9 - Extra 'Tools' menuitem : PartyPoker.net - {F4430FE8-2638-42e5-B849-800749B94EED} - C:\Programme\PartyGaming.Net\PartyPokerNet\RunPF.exe File not found
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} hxxp://download.eset.com/special/eos/OnlineScanner.cab (OnlineScanner Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Reg Error: Key error.)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (get_atlcom Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{51E3B382-B40C-4C1E-98A9-A6B65311DE7D}: DhcpNameServer = 192.168.2.1
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Information Retrieval\MSITSS.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Web Components\10\OWC10.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) -C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\avldr: DllName - (avldr.dll) - C:\WINDOWS\System32\avldr.dll (On-Access Anti-Malware Scanner Sync)
O24 - Desktop Components:0 (Die derzeitige Homepage) - About:Home
O24 - Desktop WallPaper: C:\Dokumente und Einstellungen\Armin\Lokale Einstellungen\Anwendungsdaten\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Dokumente und Einstellungen\Armin\Lokale Einstellungen\Anwendungsdaten\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2008.04.18 17:01:08 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2007.05.15 18:03:54 | 000,000,065 | R--- | M] () - D:\autorun.inf -- [ CDFS ]
O33 - MountPoints2\{3f92a136-825e-11dd-81fa-00508dbb41a0}\Shell\verb1\command - "" = desktop.exe
O33 - MountPoints2\{ca78eb4f-0d6e-11dd-83c8-806d6172696f}\Shell - "" = AutoRun
O33 - MountPoints2\{ca78eb4f-0d6e-11dd-83c8-806d6172696f}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{ca78eb4f-0d6e-11dd-83c8-806d6172696f}\Shell\AutoRun\command - "" = C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL rechtschreibtrainer.msi
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 30 Days ==========
[2011.11.25 21:33:00 | 000,000,000 | ---D | C] -- C:\Programme\ESET
[2011.11.25 20:09:02 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Armin\.duden
[2011.11.25 18:56:39 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Duden
[2011.11.25 18:55:15 | 000,000,000 | ---D | C] -- C:\Programme\Duden
[2011.11.25 12:57:25 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\SUPERAntiSpyware.com
[2011.11.24 13:31:50 | 000,000,000 | RH-D | C] -- C:\Dokumente und Einstellungen\Armin\Recent
[2011.11.24 12:24:18 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\CCleaner
[2011.11.24 12:24:15 | 000,000,000 | ---D | C] -- C:\Programme\CCleaner
[2011.11.24 09:18:30 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Armin\Anwendungsdaten\Malwarebytes
[2011.11.24 09:17:48 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Malwarebytes' Anti-Malware
[2011.11.24 09:17:47 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Malwarebytes
[2011.11.24 09:17:37 | 000,022,216 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2011.11.24 09:17:37 | 000,000,000 | ---D | C] -- C:\Programme\Malwarebytes' Anti-Malware
[2011.11.23 21:13:13 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Armin\Lokale Einstellungen\Anwendungsdaten\Opera
[2011.11.23 21:13:13 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Armin\Anwendungsdaten\Opera
[2011.11.23 21:12:52 | 000,000,000 | ---D | C] -- C:\Programme\Opera
[2011.11.23 18:57:08 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\7-Zip
[2011.11.23 18:57:07 | 000,000,000 | ---D | C] -- C:\Programme\7-Zip
[2011.11.23 18:36:53 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Armin\Eigene Dateien\7-Zip
[2011.11.23 12:43:51 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Dokumente und Einstellungen\Armin\Desktop\OTL.exe
[2011.11.23 11:13:28 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Armin\AppData
[2011.11.23 11:13:27 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Armin\Anwendungsdaten\searchquband
[2011.11.23 09:27:09 | 000,414,368 | ---- | C] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl
[2011.11.22 19:36:31 | 000,606,568 | ---- | C] (Google Inc.) -- C:\Dokumente und Einstellungen\Armin\Eigene Dateien\ChromeSetup.exe
[2011.11.22 14:19:45 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\boost_interprocess
[2011.11.22 14:18:58 | 000,000,000 | ---D | C] -- C:\Programme\Free mp3 Wma Converter
[2011.11.18 19:21:07 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\iTunes
[2011.11.18 19:19:51 | 000,000,000 | ---D | C] -- C:\Programme\iPod
[2011.11.03 19:55:35 | 000,157,472 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe
[2011.11.03 19:55:34 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe
[2011.11.03 19:55:34 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe
[2011.11.02 11:44:29 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Armin\Lokale Einstellungen\Anwendungsdaten\WMTools Downloaded Files
[2011.11.02 09:32:10 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Armin\Lokale Einstellungen\Anwendungsdaten\Video Converter
[2011.11.02 09:32:10 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Armin\Eigene Dateien\Video Converter
[2011.11.02 09:31:37 | 000,000,000 | ---D | C] -- C:\Programme\Haali
[2011.11.02 09:26:41 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\VideoConverter
[2011.10.30 09:56:00 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Armin\Anwendungsdaten\DVDVideoSoft
[2011.10.30 09:55:35 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Armin\Anwendungsdaten\DVDVideoSoftIEHelpers
[2011.10.29 16:50:57 | 000,282,624 | ---- | C] (Stirling Technologies, Inc.) -- C:\WINDOWS\uninst.exe
[2011.10.29 15:46:13 | 000,000,000 | ---D | C] -- C:\DUKE3D
[2004.11.24 19:25:52 | 000,335,872 | ---- | C] ( ) -- C:\WINDOWS\System32\drvc.dll
[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2011.11.26 08:05:01 | 000,001,210 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-790525478-1757981266-1801674531-1004UA.job
[2011.11.26 08:05:01 | 000,001,088 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2011.11.26 08:05:00 | 000,001,084 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2011.11.25 21:34:31 | 000,304,456 | ---- | M] () -- C:\WINDOWS\System32\drivers\APPFCONT.DAT.bck
[2011.11.25 21:34:31 | 000,304,456 | ---- | M] () -- C:\WINDOWS\System32\drivers\APPFCONT.DAT
[2011.11.25 20:28:47 | 000,002,495 | ---- | M] () -- C:\Dokumente und Einstellungen\Armin\Desktop\Microsoft Word.lnk
[2011.11.25 18:47:12 | 000,002,163 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Safari.lnk
[2011.11.25 18:44:33 | 000,001,132 | ---- | M] () -- C:\WINDOWS\System32\drivers\APPFLTR.CFG.bck
[2011.11.25 18:44:33 | 000,001,132 | ---- | M] () -- C:\WINDOWS\System32\drivers\APPFLTR.CFG
[2011.11.25 18:44:33 | 000,000,252 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\IdsFlt.cfg.bck
[2011.11.25 18:44:33 | 000,000,252 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\IdsFlt.cfg
[2011.11.25 18:44:33 | 000,000,068 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\NetLoc.wlt.bck
[2011.11.25 18:44:33 | 000,000,068 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\NetLoc.wlt
[2011.11.25 18:44:33 | 000,000,068 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\NetFlt.cfg.bck
[2011.11.25 18:44:33 | 000,000,068 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\NetFlt.cfg
[2011.11.25 18:44:33 | 000,000,056 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\WnmFlt.cfg.bck
[2011.11.25 18:44:33 | 000,000,056 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\WnmFlt.cfg
[2011.11.25 18:44:33 | 000,000,056 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\DsaFlt.cfg.bck
[2011.11.25 18:44:33 | 000,000,056 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\DsaFlt.cfg
[2011.11.25 18:44:32 | 000,303,044 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\DsaFlt.rls.bck
[2011.11.25 18:44:32 | 000,303,044 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\DsaFlt.rls
[2011.11.25 18:44:25 | 000,013,880 | ---- | M] () -- C:\WINDOWS\System32\drivers\COMFiltr.sys
[2011.11.25 18:42:51 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011.11.25 18:42:23 | 000,000,104 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\NetAdapt.cfg.bck
[2011.11.25 18:42:23 | 000,000,104 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\NetAdapt.cfg
[2011.11.25 18:42:23 | 000,000,060 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\NetAR.wlt.bck
[2011.11.25 18:42:23 | 000,000,060 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\NetAR.wlt
[2011.11.25 18:40:54 | 000,170,865 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
[2011.11.25 18:40:04 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011.11.25 16:43:21 | 000,008,627 | ---- | M] () -- C:\WINDOWS\System32\PAV_FOG.OPC
[2011.11.25 12:32:47 | 000,007,936 | ---- | M] () -- C:\Dokumente und Einstellungen\Armin\Eigene Dateien\cc_20111125_123152.reg
[2011.11.25 12:13:08 | 000,001,709 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Adobe Reader 9.lnk
[2011.11.25 10:05:00 | 000,001,158 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-790525478-1757981266-1801674531-1004Core.job
[2011.11.24 13:36:49 | 000,135,950 | ---- | M] () -- C:\Dokumente und Einstellungen\Armin\Eigene Dateien\cc_20111124_133530.reg
[2011.11.24 12:24:18 | 000,000,654 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\CCleaner.lnk
[2011.11.24 09:17:48 | 000,000,756 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2011.11.23 21:13:05 | 000,001,456 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Opera.lnk
[2011.11.23 13:07:04 | 000,302,592 | ---- | M] () -- C:\Dokumente und Einstellungen\Armin\Desktop\vjlf3u2v.exe
[2011.11.23 12:41:20 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Dokumente und Einstellungen\Armin\Desktop\OTL.exe
[2011.11.23 12:34:42 | 000,001,070 | ---- | M] () -- C:\Dokumente und Einstellungen\Armin\Desktop\Verknüpfung mit Defogger.lnk
[2011.11.23 12:26:41 | 000,000,000 | ---- | M] () -- C:\Dokumente und Einstellungen\Armin\defogger_reenable
[2011.11.23 09:27:09 | 000,414,368 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl
[2011.11.23 00:02:11 | 000,000,480 | ---- | M] () -- C:\WINDOWS\tasks\Grundlegende Bereinigung.job
[2011.11.22 19:44:34 | 000,002,364 | ---- | M] () -- C:\Dokumente und Einstellungen\Armin\Desktop\Google Chrome.lnk
[2011.11.22 19:36:40 | 000,606,568 | ---- | M] (Google Inc.) -- C:\Dokumente und Einstellungen\Armin\Eigene Dateien\ChromeSetup.exe
[2011.11.22 14:38:15 | 000,163,840 | ---- | M] () -- C:\Dokumente und Einstellungen\Armin\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011.11.22 14:27:55 | 000,000,069 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2011.11.22 08:54:48 | 000,441,112 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2011.11.22 08:54:47 | 000,458,904 | ---- | M] () -- C:\WINDOWS\System32\perfh007.dat
[2011.11.22 08:54:47 | 000,084,940 | ---- | M] () -- C:\WINDOWS\System32\perfc007.dat
[2011.11.22 08:54:47 | 000,071,430 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2011.11.22 01:06:45 | 000,000,196 | ---- | M] () -- C:\Dokumente und Einstellungen\Armin\default.pls
[2011.11.21 18:31:27 | 000,000,734 | ---- | M] () -- C:\Dokumente und Einstellungen\Armin\Desktop\Verknüpfung mit Vuze Downloads.lnk
[2011.11.19 13:05:11 | 000,000,276 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2011.11.18 19:21:07 | 000,001,522 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\iTunes.lnk
[2011.11.18 15:46:02 | 000,030,256 | -H-- | M] () -- C:\WINDOWS\System32\mlfcache.dat
[2011.11.03 10:48:53 | 000,161,136 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2011.11.03 10:37:54 | 000,000,211 | ---- | M] () -- C:\WINDOWS\uno.ini
[2011.11.02 11:58:28 | 000,000,758 | ---- | M] () -- C:\Dokumente und Einstellungen\Armin\Desktop\Windows Movie Maker.lnk
[2011.11.02 11:57:32 | 000,000,461 | ---- | M] () -- C:\Dokumente und Einstellungen\Armin\Desktop\Verknüpfung mit DVDVideoSoft.lnk
[2011.10.29 15:46:32 | 000,000,024 | ---- | M] () -- C:\DUKE3D.BAT
[2011.10.29 14:41:22 | 000,000,618 | ---- | M] () -- C:\WINDOWS\eReg.dat
[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
========== Files Created - No Company Name ==========
[2011.11.25 12:32:40 | 000,007,936 | ---- | C] () -- C:\Dokumente und Einstellungen\Armin\Eigene Dateien\cc_20111125_123152.reg
[2011.11.24 13:35:42 | 000,135,950 | ---- | C] () -- C:\Dokumente und Einstellungen\Armin\Eigene Dateien\cc_20111124_133530.reg
[2011.11.24 12:24:18 | 000,000,654 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\CCleaner.lnk
[2011.11.24 09:17:48 | 000,000,756 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2011.11.23 21:13:05 | 000,001,462 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Opera.lnk
[2011.11.23 21:13:05 | 000,001,456 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Opera.lnk
[2011.11.23 13:09:41 | 000,302,592 | ---- | C] () -- C:\Dokumente und Einstellungen\Armin\Desktop\vjlf3u2v.exe
[2011.11.23 12:34:42 | 000,001,070 | ---- | C] () -- C:\Dokumente und Einstellungen\Armin\Desktop\Verknüpfung mit Defogger.lnk
[2011.11.23 12:26:41 | 000,000,000 | ---- | C] () -- C:\Dokumente und Einstellungen\Armin\defogger_reenable
[2011.11.23 00:02:11 | 000,000,480 | ---- | C] () -- C:\WINDOWS\tasks\Grundlegende Bereinigung.job
[2011.11.21 18:31:27 | 000,000,734 | ---- | C] () -- C:\Dokumente und Einstellungen\Armin\Desktop\Verknüpfung mit Vuze Downloads.lnk
[2011.11.18 19:21:07 | 000,001,522 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\iTunes.lnk
[2011.11.02 11:58:28 | 000,000,758 | ---- | C] () -- C:\Dokumente und Einstellungen\Armin\Desktop\Windows Movie Maker.lnk
[2011.11.02 11:57:32 | 000,000,461 | ---- | C] () -- C:\Dokumente und Einstellungen\Armin\Desktop\Verknüpfung mit DVDVideoSoft.lnk
[2011.10.29 15:46:32 | 000,000,024 | ---- | C] () -- C:\DUKE3D.BAT
[2011.10.29 14:41:22 | 000,000,618 | ---- | C] () -- C:\WINDOWS\eReg.dat
[2011.10.24 12:39:21 | 000,013,880 | ---- | C] () -- C:\WINDOWS\System32\drivers\COMFiltr.sys
[2011.10.24 12:31:14 | 000,000,254 | ---- | C] () -- C:\WINDOWS\System32\PavCPL.dat
[2011.10.24 12:31:06 | 000,304,456 | ---- | C] () -- C:\WINDOWS\System32\drivers\APPFCONT.DAT.bck
[2011.10.24 12:31:06 | 000,304,456 | ---- | C] () -- C:\WINDOWS\System32\drivers\APPFCONT.DAT
[2011.07.19 13:41:31 | 000,000,043 | ---- | C] () -- C:\WINDOWS\gswin32.ini
[2011.07.08 20:37:16 | 000,002,319 | R--- | C] () -- C:\WINDOWS\System32\emaud.ini
[2011.07.08 20:37:16 | 000,000,035 | R--- | C] () -- C:\WINDOWS\System32\ctzapxx.ini
[2010.11.26 12:13:05 | 000,000,400 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2010.08.19 17:42:06 | 000,000,311 | ---- | C] () -- C:\WINDOWS\game.ini
[2010.07.01 21:35:46 | 000,520,880 | ---- | C] () -- C:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\Anwendungsdaten\FontCache3.0.0.0.dat
[2010.06.14 12:25:30 | 000,000,468 | ---- | C] () -- C:\WINDOWS\BRWMARK.INI
[2010.06.14 12:25:30 | 000,000,030 | ---- | C] () -- C:\WINDOWS\System32\brss01a.ini
[2010.06.14 12:25:30 | 000,000,027 | ---- | C] () -- C:\WINDOWS\BRPP2KA.INI
[2010.03.02 12:10:10 | 000,271,360 | ---- | C] () -- C:\WINDOWS\System32\drivers\atksgt.sys
[2010.03.02 12:10:09 | 000,018,048 | ---- | C] () -- C:\WINDOWS\System32\drivers\lirsgt.sys
[2010.02.26 19:14:36 | 000,000,754 | ---- | C] () -- C:\WINDOWS\WORDPAD.INI
[2010.01.29 12:35:17 | 000,138,160 | ---- | C] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys
[2010.01.29 12:35:17 | 000,022,328 | ---- | C] () -- C:\Dokumente und Einstellungen\Armin\Anwendungsdaten\PnkBstrK.sys
[2010.01.29 12:35:01 | 000,271,200 | ---- | C] () -- C:\WINDOWS\System32\PnkBstrB.exe
[2010.01.29 12:34:55 | 000,075,136 | ---- | C] () -- C:\WINDOWS\System32\PnkBstrA.exe
[2009.12.14 19:23:46 | 000,110,080 | ---- | C] () -- C:\WINDOWS\System32\advd.dll
[2009.12.14 19:23:45 | 000,023,040 | ---- | C] () -- C:\WINDOWS\System32\auth.dll
[2009.12.02 06:27:59 | 000,030,256 | -H-- | C] () -- C:\WINDOWS\System32\mlfcache.dat
[2009.09.27 15:12:22 | 001,604,482 | ---- | C] () -- C:\WINDOWS\System32\nvdata.bin
[2009.09.15 20:28:59 | 000,120,200 | ---- | C] () -- C:\WINDOWS\System32\DLLDEV32i.dll
[2009.09.15 20:27:20 | 000,007,119 | ---- | C] () -- C:\WINDOWS\mgxoschk.ini
[2009.09.12 10:27:56 | 000,043,520 | ---- | C] () -- C:\WINDOWS\System32\CmdLineExt03.dll
[2009.07.26 16:13:01 | 000,005,086 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\ojvzdisj.xda
[2009.07.25 23:27:44 | 000,000,530 | ---- | C] () -- C:\WINDOWS\System32\tx14_ic.ini
[2009.03.15 11:44:48 | 000,288,627 | ---- | C] () -- C:\Dokumente und Einstellungen\Armin\Lokale Einstellungen\Anwendungsdaten\mwmyyoo_nav.dat
[2009.03.15 11:44:48 | 000,003,004 | ---- | C] () -- C:\Dokumente und Einstellungen\Armin\Lokale Einstellungen\Anwendungsdaten\mwmyyoo.dat
[2009.03.15 11:44:48 | 000,001,304 | ---- | C] () -- C:\Dokumente und Einstellungen\Armin\Lokale Einstellungen\Anwendungsdaten\mwmyyoo_navps.dat
[2009.03.05 02:06:48 | 000,000,016 | ---- | C] () -- C:\WINDOWS\System32\msvcsv60.dll
[2009.03.05 02:06:48 | 000,000,016 | ---- | C] () -- C:\WINDOWS\msocreg32.dat
[2009.03.05 02:04:05 | 000,118,784 | ---- | C] () -- C:\WINDOWS\dsdxirmv.exe
[2009.02.17 00:30:34 | 000,073,216 | ---- | C] () -- C:\WINDOWS\System32\drivers\SENTINEL.SYS
[2009.02.17 00:30:34 | 000,017,920 | ---- | C] () -- C:\WINDOWS\System32\RNBOVDD.DLL
[2009.02.15 17:21:32 | 000,000,038 | ---- | C] () -- C:\WINDOWS\AviSplitter.INI
[2009.01.24 04:27:59 | 000,163,840 | ---- | C] () -- C:\Dokumente und Einstellungen\Armin\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008.09.02 15:51:38 | 000,000,138 | ---- | C] () -- C:\Dokumente und Einstellungen\Armin\Lokale Einstellungen\Anwendungsdaten\fusioncache.dat
[2008.09.02 15:49:04 | 000,000,211 | ---- | C] () -- C:\WINDOWS\uno.ini
[2008.09.02 15:48:56 | 000,287,744 | ---- | C] () -- C:\WINDOWS\uno364mi.dll
[2008.09.02 15:48:56 | 000,109,568 | ---- | C] () -- C:\WINDOWS\vos364mi.dll
[2008.09.02 15:48:56 | 000,091,648 | ---- | C] () -- C:\WINDOWS\osl364mi.dll
[2008.07.17 19:40:00 | 000,000,623 | ---- | C] () -- C:\WINDOWS\SIERRA.INI
[2008.07.12 15:00:25 | 000,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2008.04.19 14:38:54 | 000,008,192 | ---- | C] () -- C:\WINDOWS\d3dx.dat
[2008.04.18 21:31:24 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2008.04.18 18:16:55 | 000,003,972 | ---- | C] () -- C:\WINDOWS\System32\drivers\PciBus.sys
[2008.04.18 17:52:05 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2008.04.18 17:47:47 | 000,161,136 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2008.04.18 17:08:57 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\ChCfg.exe
[2008.04.18 17:03:07 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2008.04.18 16:58:12 | 000,021,740 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2008.03.24 18:52:00 | 001,703,936 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll
[2008.03.24 18:52:00 | 001,626,112 | ---- | C] () -- C:\WINDOWS\System32\nwiz.exe
[2008.03.24 18:52:00 | 001,482,752 | ---- | C] () -- C:\WINDOWS\System32\nview.dll
[2008.03.24 18:52:00 | 001,339,392 | ---- | C] () -- C:\WINDOWS\System32\nvdspsch.exe
[2008.03.24 18:52:00 | 001,019,904 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll
[2008.03.24 18:52:00 | 000,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll
[2008.03.24 18:52:00 | 000,442,368 | ---- | C] () -- C:\WINDOWS\System32\nvappbar.exe
[2008.03.24 18:52:00 | 000,425,984 | ---- | C] () -- C:\WINDOWS\System32\keystone.exe
[2008.03.24 18:52:00 | 000,286,720 | ---- | C] () -- C:\WINDOWS\System32\nvnt4cpl.dll
[2007.12.24 11:47:52 | 000,007,680 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2007.12.24 11:40:26 | 000,404,992 | ---- | C] () -- C:\WINDOWS\System32\libmplayer.dll
[2007.12.22 20:02:50 | 000,188,416 | ---- | C] () -- C:\WINDOWS\System32\ff_theora.dll
[2007.12.22 19:27:22 | 003,104,256 | ---- | C] () -- C:\WINDOWS\System32\libavcodec.dll
[2007.12.03 14:34:32 | 000,026,624 | ---- | C] () -- C:\WINDOWS\System32\ff_wmv9.dll
[2007.12.01 11:43:30 | 000,520,192 | ---- | C] () -- C:\WINDOWS\System32\ff_x264.dll
[2007.11.26 14:10:10 | 000,007,680 | ---- | C] () -- C:\WINDOWS\System32\emcoinst.dll
[2007.09.18 17:02:52 | 001,800,192 | ---- | C] () -- C:\WINDOWS\System32\hmtcdres.dll
[2007.09.18 17:02:49 | 000,394,240 | ---- | C] () -- C:\WINDOWS\System32\hmtcd.dll
[2007.03.23 02:03:14 | 000,001,049 | ---- | C] () -- C:\WINDOWS\emasio.dat
[2007.03.12 21:31:28 | 001,732,608 | ---- | C] () -- C:\WINDOWS\System32\BCGPStyle2007Luna.dll
[2006.11.02 16:10:16 | 000,080,912 | ---- | C] () -- C:\WINDOWS\System32\sherlock2.exe
[2006.07.22 10:12:06 | 000,656,495 | ---- | C] () -- C:\WINDOWS\System32\royale.exe
[2006.06.10 06:17:56 | 000,000,830 | ---- | C] () -- C:\WINDOWS\System32\drivers\emusba10.dat
[2006.02.28 13:00:00 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2006.02.28 13:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2006.02.28 13:00:00 | 000,458,904 | ---- | C] () -- C:\WINDOWS\System32\perfh007.dat
[2006.02.28 13:00:00 | 000,441,112 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2006.02.28 13:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2006.02.28 13:00:00 | 000,269,480 | ---- | C] () -- C:\WINDOWS\System32\perfi007.dat
[2006.02.28 13:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2006.02.28 13:00:00 | 000,084,940 | ---- | C] () -- C:\WINDOWS\System32\perfc007.dat
[2006.02.28 13:00:00 | 000,071,430 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2006.02.28 13:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2006.02.28 13:00:00 | 000,034,478 | ---- | C] () -- C:\WINDOWS\System32\perfd007.dat
[2006.02.28 13:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2006.02.28 13:00:00 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2006.02.28 13:00:00 | 000,004,461 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2006.02.28 13:00:00 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin
[2006.02.28 13:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2005.12.07 11:31:00 | 000,202,752 | R--- | C] () -- C:\WINDOWS\System32\CddbCdda.dll
[2005.02.05 21:46:00 | 000,004,608 | ---- | C] () -- C:\WINDOWS\fgexec.dll
[2004.10.03 17:50:54 | 000,129,024 | ---- | C] () -- C:\WINDOWS\System32\ff_mpeg2enc.dll
========== LOP Check ==========
[2009.03.06 00:35:39 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Ableton
[2008.09.05 14:48:13 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Backup
[2011.11.23 09:21:43 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\boost_interprocess
[2009.12.09 20:54:36 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\ChessBase
[2008.10.31 17:20:45 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\GKit
[2008.10.17 17:23:25 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\LightScribe
[2009.09.28 18:28:23 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\MAGIX
[2011.08.02 18:29:17 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\mquadr.at
[2008.07.12 13:25:15 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Nokia
[2011.10.24 12:27:05 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Panda Security
[2010.12.17 23:33:06 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Panda Software
[2008.07.12 13:30:04 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\PC Suite
[2010.04.07 03:47:01 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Ping Sign Byte Tool
[2010.11.03 19:51:22 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\PMB Files
[2009.12.01 17:31:27 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\PRMT
[2008.12.17 20:24:08 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Propellerhead Software
[2008.04.18 21:20:49 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\sentinel
[2008.09.02 15:48:45 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\T-Online
[2009.07.26 16:43:49 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TEMP
[2011.01.19 01:08:38 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TuneUp Software
[2011.11.02 09:26:41 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\VideoConverter
[2011.11.25 14:47:29 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\YouTube Downloader
[2011.01.19 01:02:55 | 000,000,000 | -HSD | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\{24036256-BFDB-4CD3-BE8A-A3D6160F2E16}
[2010.04.07 16:03:09 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2010.03.11 06:55:53 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\{755AC846-7372-4AC8-8550-C52491DAA8BD}
[2011.08.04 14:42:45 | 000,000,000 | -H-D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\~0
[2009.03.06 00:35:39 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Armin\Anwendungsdaten\Ableton
[2010.05.24 20:33:37 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Armin\Anwendungsdaten\Academic Software Zurich
[2011.11.24 13:32:12 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Armin\Anwendungsdaten\Azureus
[2009.03.26 21:03:42 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Armin\Anwendungsdaten\Cakewalk
[2009.12.09 20:48:53 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Armin\Anwendungsdaten\ChessBase
[2010.04.08 03:58:43 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Armin\Anwendungsdaten\compchinteam
[2009.12.14 19:47:38 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Armin\Anwendungsdaten\concept design
[2011.10.30 09:56:05 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Armin\Anwendungsdaten\DVDVideoSoft
[2011.10.30 09:55:35 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Armin\Anwendungsdaten\DVDVideoSoftIEHelpers
[2011.07.10 14:48:39 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Armin\Anwendungsdaten\FreeAudioPack
[2011.09.23 10:44:58 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Armin\Anwendungsdaten\FreeCDRipper
[2010.12.06 23:50:46 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Armin\Anwendungsdaten\FreeTorentPlayer
[2011.07.09 17:12:14 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Armin\Anwendungsdaten\GetRightToGo
[2009.02.16 00:09:30 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Armin\Anwendungsdaten\GlarySoft
[2009.07.09 17:29:11 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Armin\Anwendungsdaten\Laconic Software
[2008.11.06 19:29:07 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Armin\Anwendungsdaten\Leadertech
[2009.12.05 08:05:23 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Armin\Anwendungsdaten\MSNInstaller
[2009.02.03 07:07:23 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Armin\Anwendungsdaten\Nokia
[2009.08.29 18:28:51 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Armin\Anwendungsdaten\Nokia Multimedia Player
[2008.07.12 13:33:29 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Armin\Anwendungsdaten\NSeries
[2011.11.23 21:13:13 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Armin\Anwendungsdaten\Opera
[2011.10.24 12:27:05 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Armin\Anwendungsdaten\Panda Security
[2008.07.12 13:23:05 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Armin\Anwendungsdaten\PC Suite
[2011.11.25 11:25:06 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Armin\Anwendungsdaten\PriceGong
[2008.12.17 20:32:15 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Armin\Anwendungsdaten\Propellerhead Software
[2011.11.23 11:13:27 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Armin\Anwendungsdaten\searchquband
[2009.08.19 14:20:16 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Armin\Anwendungsdaten\Steganos
[2009.03.05 02:21:12 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Armin\Anwendungsdaten\Steinberg
[2008.09.02 15:49:19 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Armin\Anwendungsdaten\T-Online
[2009.09.09 06:05:09 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Armin\Anwendungsdaten\Tipp4u
[2011.09.14 21:12:35 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Armin\Anwendungsdaten\TuneUp Software
[2009.11.14 05:04:24 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Armin\Anwendungsdaten\UltimateBet
[2011.01.10 14:29:05 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Armin\Anwendungsdaten\Uniblue
[2010.10.29 12:21:19 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Armin\Anwendungsdaten\Valuga Software
[2011.10.05 09:51:00 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Armin\Anwendungsdaten\WordToPDF
[2011.11.23 00:02:11 | 000,000,480 | ---- | M] () -- C:\WINDOWS\Tasks\Grundlegende Bereinigung.job
========== Purity Check ==========
========== Alternate Data Streams ==========
@Alternate Data Stream - 124 bytes -> C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TEMP:C05A8628
< End of report > Code:
OTL Extras logfile created on: 26.11.2011 08:35:15 - Run 3
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Dokumente und Einstellungen\Armin\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
2,00 Gb Total Physical Memory | 1,49 Gb Available Physical Memory | 74,38% Memory free
3,85 Gb Paging File | 3,33 Gb Available in Paging File | 86,50% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 74,52 Gb Total Space | 18,18 Gb Free Space | 24,39% Space Free | Partition Type: NTFS
Drive D: | 299,60 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
Drive E: | 74,52 Gb Total Space | 46,91 Gb Free Space | 62,95% Space Free | Partition Type: NTFS
Computer Name: KRAGL-5F606B60D | User Name: Armin | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.html [@ = SafariHTML] -- C:\Programme\Safari\Safari.exe (Apple Inc.)
.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l
.js [@ = JSFile] -- C:\Programme\Panda Security\Panda Global Protection 2012\PAVSCRIP.EXE (Panda Security, S.L.)
.jse [@ = JSEFile] -- C:\Programme\Panda Security\Panda Global Protection 2012\PAVSCRIP.EXE (Panda Security, S.L.)
.vbe [@ = VBEFile] -- C:\Programme\Panda Security\Panda Global Protection 2012\PAVSCRIP.EXE (Panda Security, S.L.)
.vbs [@ = VBSFile] -- C:\Programme\Panda Security\Panda Global Protection 2012\PAVSCRIP.EXE (Panda Security, S.L.)
.wsf [@ = WSFFile] -- C:\Programme\Panda Security\Panda Global Protection 2012\PAVSCRIP.EXE (Panda Security, S.L.)
.wsh [@ = WSHFile] -- C:\Programme\Panda Security\Panda Global Protection 2012\PAVSCRIP.EXE (Panda Security, S.L.)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = SafariHTML] -- C:\Programme\Safari\Safari.exe (Apple Inc.)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
htafile [open] -- "%1" %*
http [open] -- "C:\Programme\Safari\Safari.exe" -url "%1" (Apple Inc.)
https [open] -- "C:\Programme\Safari\Safari.exe" -url "%1" (Apple Inc.)
InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l
jsfile [open] -- C:\PROGRA~1\PANDAS~1\PANDAG~1\PavScrip.exe "%1" %* (Panda Security, S.L.)
jsefile [open] -- C:\PROGRA~1\PANDAS~1\PANDAG~1\PavScrip.exe "%1" %* (Panda Security, S.L.)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
vbefile [open] -- C:\PROGRA~1\PANDAS~1\PANDAG~1\PavScrip.exe "%1" %* (Panda Security, S.L.)
vbsfile [open] -- C:\PROGRA~1\PANDAS~1\PANDAG~1\PavScrip.exe "%1" %* (Panda Security, S.L.)
wsffile [open] -- C:\PROGRA~1\PANDAS~1\PANDAG~1\PavScrip.exe "%1" %* (Panda Security, S.L.)
wshfile [open] -- C:\PROGRA~1\PANDAS~1\PANDAG~1\PavScrip.exe "%1" %* (Panda Security, S.L.)
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Winamp.Bookmark] -- "C:\Programme\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft)
Directory [Winamp.Enqueue] -- "C:\Programme\Winamp\winamp.exe" /ADD "%1" (Nullsoft)
Directory [Winamp.Play] -- "C:\Programme\Winamp\winamp.exe" "%1" (Nullsoft)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 1
"FirewallOverride" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
"DisableMonitoring" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
"DisableMonitoring" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"56874:TCP" = 56874:TCP:*:Enabled:Pando Media Booster
"56874:UDP" = 56874:UDP:*:Enabled:Pando Media Booster
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"4661:TCP" = 4661:TCP:*:Disabled:"eMule_TCP"
"56874:TCP" = 56874:TCP:*:Enabled:Pando Media Booster
"56874:UDP" = 56874:UDP:*:Enabled:Pando Media Booster
"139:TCP" = 139:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22002
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\Programme\concept design\onlineTV 5\onlineTV.exe" = C:\Programme\concept design\onlineTV 5\onlineTV.exe:*:Enabled:onlineTV
"C:\Programme\Pando Networks\Media Booster\PMB.exe" = C:\Programme\Pando Networks\Media Booster\PMB.exe:*:Enabled:Pando Media Booster -- ()
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"D:\Installation\Setupx.exe" = D:\Installation\Setupx.exe:*:Enabled:Nero ProductSetup
"C:\Programme\Gemeinsame Dateien\Nokia\Service Layer\A\nsl_host_process.exe" = C:\Programme\Gemeinsame Dateien\Nokia\Service Layer\A\nsl_host_process.exe:*:Enabled:Nokia Service Layer Host Process -- (Nokia Corporation)
"C:\Programme\Nokia\Nokia Software Updater\nsu_ui_client.exe" = C:\Programme\Nokia\Nokia Software Updater\nsu_ui_client.exe:*:Enabled:Nokia Software Updater -- (Nokia Corporation)
"C:\Programme\SimpleCenter\Home Media Server.exe" = C:\Programme\SimpleCenter\Home Media Server.exe:*:Enabled:Home Media Server -- (Universal Electronics, Inc.)
"C:\Programme\Pando Networks\Media Booster\PMB.exe" = C:\Programme\Pando Networks\Media Booster\PMB.exe:*:Enabled:Pando Media Booster -- ()
"D:\DVD-START.EXE" = D:\DVD-START.EXE:*:Enabled:Schnellstart-DVD
"C:\Programme\Gemeinsame Dateien\Apple\Apple Application Support\WebKit2WebProcess.exe" = C:\Programme\Gemeinsame Dateien\Apple\Apple Application Support\WebKit2WebProcess.exe:*:Enabled:WebKit -- (Apple Inc.)
"C:\Programme\Opera\opera.exe" = C:\Programme\Opera\opera.exe:*:Enabled:Opera Internet Browser -- (Opera Software)
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{0819E89D-6214-4B6F-A18D-4633CB4E0E4A}" = Softwareupdate für Webordner
"{1545207E-C6F3-31D7-9918-BDBB65075FBF}" = Microsoft .NET Framework 3.5 Language Pack - deu
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{1a413f37-ed88-4fec-9666-5c48dc4b7bb7}" = YouTube Downloader 3.4
"{1A655D51-1423-48A3-B748-8F5A0BE294C8}" = Microsoft Visual J# .NET Redistributable Package 1.1
"{1C99893D-BC98-4456-AA3E-B67AB42301A6}" = E-MU USB Audio
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{216EAAD9-D733-4141-BEAF-2C0B6F6B1D04}" = AmpliTube LE
"{22FB6750-ADDF-4726-B67F-6901E1991031}" = Nero 7 Essentials
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{24036256-BFDB-4CD3-BE8A-A3D6160F2E16}" = TuneUp Utilities 2011
"{26A24AE4-039D-4CA4-87B4-2F83216011FF}" = Java(TM) 6 Update 29
"{295C31E5-3F91-498E-9623-DA24D2FA2B6A}" = T-Online WLAN-Access Finder
"{2D21ECE3-8EC1-4315-AE4E-1970FB3AF17A}" = Nokia Nseries Video Manager
"{2DF7B278-D3B6-40A4-B25C-0E7149F439EA}" = 3DMark05
"{3127F76D-5335-4AC7-BD1E-2F5247A23C24}" = iTunes
"{3186AEAE-E104-424D-9152-1BF6A4404758}" = Nokia Software Updater
"{43602F34-1AA3-44FB-AEB2-D08C2C73743F}" = Paint.NET v3.36
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4BDFD2CE-6329-42E4-9801-9B3D1F10D79B}" = Adobe® Photoshop® Album Starter Edition 3.0
"{509EF82D-16E8-11D4-B85B-00C04F8EDF25}" = Solid Edge V9
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{5D4C60AA-84E6-4E1A-8A68-69970D387BE1}" = TuneUp Utilities Language Pack (de-DE)
"{5E1375CB-6792-4464-8715-CC3EC83D48FA}" = VirtualDJ Home FREE
"{5E453519-60F6-4A4D-A0BF-16663F9B3536}" = Safari
"{6094AB91-4CC8-498E-9DFF-134CC0B159DE}" = PC Connectivity Solution
"{64B20B36-AEE7-4DD4-897C-C5DA5C218F60}" = Logitech Gaming Software 5.02
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD
"{68EC89D9-B4F2-43F3-907A-5DC56D3A4B12}" = PROMT Translation Agent
"{70C592EC-AE9B-4734-928B-676E824FB41E}" = MFC RunTime files
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{79155F2B-9895-49D7-8612-D92580E0DE5B}" = Bonjour
"{8153ED9A-C94A-426E-9880-5E6775C08B62}" = Apple Mobile Device Support
"{81A25967-DB85-4B48-A8A7-D25AC191DEE4}" = Panda Global Protection 2012
"{90280407-6000-11D3-8CFE-0050048383C9}" = Microsoft Office XP Professional mit FrontPage
"{90D1201F-2B53-45A5-B940-B7DE21B995FC}" = Duden Rechtschreibtrainer
"{926BD0E8-24A3-41D2-AF9B-340F1A37ED12}" = MobileMe Control Panel
"{9309DD7E-EBFE-3C95-8B47-30D3A012F606}" = Microsoft .NET Framework 2.0 Service Pack 1 Language Pack - DEU
"{933B4015-4618-4716-A828-5289FC03165F}" = VC80CRTRedist - 8.0.50727.6195
"{96E94E18-54D6-42C1-8FC4-24DACEDC3395}" = Nokia NSeries System Utilities
"{972B1D9B-0EAD-49E8-B7D6-3B83FD5665B1}" = Nokia Connectivity Cable Driver
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{9A17B0B6-AD89-4321-99E6-09D9ABFA254D}" = MelodyneEssential 1.5
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D2EB0A0-57B2-4484-BE08-0E5F1CE219A2}" = Panda Global Protection 2012
"{A1071AEB-B0EF-3F5F-BC84-83A270EBE496}" = Microsoft .NET Framework 3.0 Service Pack 1 Language Pack - DEU
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A83279FD-CA4B-4206-9535-90974DE76654}" = Apple Application Support
"{A8C856AD-63CD-4613-AA29-E6C85607EA06}" = Nokia Software Launcher
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1031-7B44-A94000000001}" = Adobe Reader 9.4.6 - Deutsch
"{AC76BA86-7AD7-5464-3428-900000000004}" = Spelling Dictionaries Support For Adobe Reader 9
"{B1D3568D-BC21-4C50-92A5-2396570DF1DE}_is1" = Panda Secure Vault 5
"{B4F3A360-E1E2-479D-ADE7-9BE3B07F4539}" = NVIDIA PhysX
"{B5FDA445-CAC4-4BA6-A8FB-A7212BD439DE}" = Microsoft XML Parser
"{B823632F-3B72-4514-8861-B961CE263224}" = PostgreSQL 8.3
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C950420B-4182-49EA-850A-A6A2ABF06C6B}" = Marvell Miniport Driver
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CC4A73BF-938E-4C19-A553-853C035C9BA1}" = LightScribe System Software 1.10.13.1
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CE7CB214-DB11-4B5D-A6AF-3B4ED47C68B7}" = Microsoft Game Studios Common Redistributables Pack 1
"{D4C9692E-4EFA-4DA0-8B7F-9439466D9E31}" = Full Tilt Poker
"{E2883E8F-472F-4fb0-9522-AC9BF37916A7}" = Adobe Download Manager
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{E78BFA60-5393-4C38-82AB-E8019E464EB4}" = Microsoft .NET Framework 1.1 German Language Pack
"{E89B484C-B913-49A0-959B-89E836001658}" = GEAR 32bit Driver Installer
"{E94603CA-2996-4154-8EE2-A5FCD4BFB500}" = Nokia Lifeblog 2.5
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F4EE8763-EAA8-4BC1-8594-8501F5F00414}" = Nokia NSeries One Touch Access
"{F779EC8D-6703-4C4A-817C-37B07898E647}" = Nokia NSeries Content Copier
"{F89E5AD8-AE47-49B5-B9F9-C498791E6255}" = Nokia NSeries Music Manager
"{FA25FAF6-3097-43C9-BBB2-A77CE8AF1881}" = Nokia NSeries Multimedia Player
"{FD349381-D79C-4E5C-8980-015DFFB962D5}" = Nokia NSeries Application Installer
"{FF35F637-72B9-43BE-A281-06EB2854393A}" = 3DMark03
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"7-Zip" = 7-Zip 9.20
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"AFPL Ghostscript 8.50" = AFPL Ghostscript 8.50
"AFPL Ghostscript Fonts" = AFPL Ghostscript Fonts
"AquaMark3" = AquaMark3
"asmart10_is1" = Adenix S.M.A.R.T. Explorer 1.0
"Burn4Free CD & DVD_is1" = Burn4Free CD & DVD 5.4.0.0
"Cakewalk VST Adapter 4" = Cakewalk VST Adapter 4
"CCleaner" = CCleaner
"CdaC13Ba" = SafeCast Shared Components
"ColdZero" = ColdZero
"Collab" = Collab
"DivX Setup.divx.com" = DivX-Setup
"DreamStation DXi2" = DreamStation DXi2
"ESET Online Scanner" = ESET Online Scanner v3
"F064B256B4A20996EA9E333B5E0F14B61AB3333D" = Windows Driver Package - Nokia (WUDFRd) WPD (03/19/2007 6.83.31.1)
"Free Fire Screensaver" = Free Fire Screensaver
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.10.11.923
"Freelancer 1.0" = Freelancer
"Gothic II" = Gothic II
"Home Media Server 4.2.0.32" = Home Media Server 4.2.0.32
"JkDefragGUI 1.16" = JkDefragGUI 1.16
"KeyStation1x1" = USB Keyboard Device 1.0.1.0
"KRISTAL Audio Engine" = KRISTAL Audio Engine
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware Version 1.51.2.1300
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 Language Pack - deu" = Microsoft .NET Framework 3.5 Language Pack - DEU
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mozilla Firefox (2.0.0.17)" = Mozilla Firefox (2.0.0.17)
"MSNINST" = MSN
"NVIDIA Drivers" = NVIDIA Drivers
"Opera 11.52.1100" = Opera 11.52
"Picasa 3" = Picasa 3
"PokerStars" = PokerStars
"PRE-XP-SP3" = Sereby's Updatepack Version 1.7.9.1
"Rainbow Sentinel Driver" = Sentinel System Driver
"Reason_is1" = Reason 3.0.4
"Sierra Utilities" = Sierra Utilities
"SONAR LE" = SONAR LE
"Steinberg Cubase LE" = Steinberg Cubase LE
"SynapseOrion_is1" = Orion Platinum v5.5 Demo
"SyncroSoft Emu" = SyncroSoft Emu (Remove only)
"Syncrosoft's License Control" = Syncrosofts Lizenz Kontrolle
"Tomb Raider: Underworld" = Tomb Raider: Underworld 1.1
"TuneUp Utilities 2011" = TuneUp Utilities 2011
"Uninstall_is1" = Uninstall 1.0.0.1
"Winamp" = Winamp
"Winamp Toolbar" = Winamp Toolbar for Internet Explorer
"Winamp Toolbar for Firefox" = Winamp Toolbar for Firefox
"Windows CE Services" = Microsoft ActiveSync 3.7
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"WinRAR archiver" = WinRAR
"WordToPDF_is1" = WordToPDF 2.4
"XP Codec Pack" = XP Codec Pack
"XpsEPSC" = XML Paper Specification Shared Components Pack 1.0
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Cake Lite Itch" = CiD Help
"Google Chrome" = Google Chrome
"UltimateBet" = UltimateBet
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 24.11.2011 07:14:35 | Computer Name = KRAGL-5F606B60D | Source = Application Error | ID = 1000
Description = Fehlgeschlagene Anwendung brsvc01a.exe, Version 1.0.0.3, fehlgeschlagenes
Modul unknown, Version 0.0.0.0, Fehleradresse 0x00000000.
Error - 24.11.2011 07:35:51 | Computer Name = KRAGL-5F606B60D | Source = SecurityCenter | ID = 1802
Description = Das Windows-Sicherheitscenter konnte keine Ereignisabfragen mit der
WMI herstellen, um Antivirus- und Firewallprogramme von Drittanbietern zu überwachen.
Error - 24.11.2011 08:41:02 | Computer Name = KRAGL-5F606B60D | Source = SecurityCenter | ID = 1802
Description = Das Windows-Sicherheitscenter konnte keine Ereignisabfragen mit der
WMI herstellen, um Antivirus- und Firewallprogramme von Drittanbietern zu überwachen.
Error - 24.11.2011 08:42:58 | Computer Name = KRAGL-5F606B60D | Source = Application Error | ID = 1000
Description = Fehlgeschlagene Anwendung brsvc01a.exe, Version 1.0.0.3, fehlgeschlagenes
Modul unknown, Version 0.0.0.0, Fehleradresse 0x00000000.
Error - 25.11.2011 01:54:42 | Computer Name = KRAGL-5F606B60D | Source = SecurityCenter | ID = 1802
Description = Das Windows-Sicherheitscenter konnte keine Ereignisabfragen mit der
WMI herstellen, um Antivirus- und Firewallprogramme von Drittanbietern zu überwachen.
Error - 25.11.2011 01:56:38 | Computer Name = KRAGL-5F606B60D | Source = Application Error | ID = 1000
Description = Fehlgeschlagene Anwendung , Version 0.0.0.0, fehlgeschlagenes Modul
unknown, Version 0.0.0.0, Fehleradresse 0x00000000.
Error - 25.11.2011 07:36:16 | Computer Name = KRAGL-5F606B60D | Source = SecurityCenter | ID = 1802
Description = Das Windows-Sicherheitscenter konnte keine Ereignisabfragen mit der
WMI herstellen, um Antivirus- und Firewallprogramme von Drittanbietern zu überwachen.
Error - 25.11.2011 07:38:24 | Computer Name = KRAGL-5F606B60D | Source = Application Error | ID = 1000
Description = Fehlgeschlagene Anwendung brsvc01a.exe, Version 1.0.0.3, fehlgeschlagenes
Modul unknown, Version 0.0.0.0, Fehleradresse 0x00000000.
Error - 25.11.2011 13:40:26 | Computer Name = KRAGL-5F606B60D | Source = SecurityCenter | ID = 1802
Description = Das Windows-Sicherheitscenter konnte keine Ereignisabfragen mit der
WMI herstellen, um Antivirus- und Firewallprogramme von Drittanbietern zu überwachen.
Error - 25.11.2011 13:42:25 | Computer Name = KRAGL-5F606B60D | Source = Application Error | ID = 1000
Description = Fehlgeschlagene Anwendung brsvc01a.exe, Version 1.0.0.3, fehlgeschlagenes
Modul unknown, Version 0.0.0.0, Fehleradresse 0x00000000.
[ System Events ]
Error - 25.11.2011 07:08:52 | Computer Name = KRAGL-5F606B60D | Source = Service Control Manager | ID = 7023
Description = Der Dienst "Anwendungsverwaltung" wurde mit folgendem Fehler beendet:
%%126
Error - 25.11.2011 07:08:52 | Computer Name = KRAGL-5F606B60D | Source = Service Control Manager | ID = 7023
Description = Der Dienst "Anwendungsverwaltung" wurde mit folgendem Fehler beendet:
%%126
Error - 25.11.2011 07:36:11 | Computer Name = KRAGL-5F606B60D | Source = SR | ID = 1
Description = Beim Verarbeiten der Datei "NetAdapt.cfg" auf Volume "HarddiskVolume1"
ist im Wiederherstellungsfilter der unerwartete Fehler "0xC0000243" aufgetreten.
Die Volumeüberwachung wurde angehalten.
Error - 25.11.2011 07:36:18 | Computer Name = KRAGL-5F606B60D | Source = Service Control Manager | ID = 7000
Description = Der Dienst "Nsynas32" wurde aufgrund folgenden Fehlers nicht gestartet:
%%20
Error - 25.11.2011 07:36:18 | Computer Name = KRAGL-5F606B60D | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Sentinel" ist vom Dienst "Parport" abhängig, der aufgrund
folgenden Fehlers nicht gestartet wurde: %%1058
Error - 25.11.2011 07:38:16 | Computer Name = KRAGL-5F606B60D | Source = Service Control Manager | ID = 7016
Description = Der Dienst "BrSplService" hat einen ungültigen aktuellen Status gemeldet:
0
Error - 25.11.2011 13:40:27 | Computer Name = KRAGL-5F606B60D | Source = Service Control Manager | ID = 7000
Description = Der Dienst "Nsynas32" wurde aufgrund folgenden Fehlers nicht gestartet:
%%20
Error - 25.11.2011 13:40:27 | Computer Name = KRAGL-5F606B60D | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Sentinel" ist vom Dienst "Parport" abhängig, der aufgrund
folgenden Fehlers nicht gestartet wurde: %%1058
Error - 25.11.2011 13:42:17 | Computer Name = KRAGL-5F606B60D | Source = Service Control Manager | ID = 7016
Description = Der Dienst "BrSplService" hat einen ungültigen aktuellen Status gemeldet:
0
Error - 25.11.2011 15:44:07 | Computer Name = KRAGL-5F606B60D | Source = PlugPlayManager | ID = 11
Description = Das Gerät "Root\LEGACY_SASDIFSV\0000" wurde ohne vorbereitende Maßnahmen
vom System entfernt.
< End of report > |