Schonmal Danke für die schnelle Hilfe ! hier die beiden logs:
OTL: Code:
OTL logfile created on: 6/5/2012 12:44:48 PM - Run
OTLPE by OldTimer - Version 3.1.48.0 Folder = X:\Programs\OTLPE
Microsoft Windows XP Service Pack 3 (Version = 5.1.2600) - Type = SYSTEM
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
1,023.00 Mb Total Physical Memory | 723.00 Mb Available Physical Memory | 71.00% Memory free
907.00 Mb Paging File | 793.00 Mb Available in Paging File | 87.00% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 117.19 Gb Total Space | 72.55 Gb Free Space | 61.91% Space Free | Partition Type: NTFS
Drive D: | 111.79 Gb Total Space | 109.20 Gb Free Space | 97.68% Space Free | Partition Type: NTFS
Drive E: | 3.90 Gb Total Space | 0.80 Gb Free Space | 20.41% Space Free | Partition Type: FAT32
Drive X: | 436.59 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
Computer Name: REATOGO | User Name: SYSTEM
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
Using ControlSet: ControlSet001
========== Win32 Services (SafeList) ==========
SRV - File not found [On_Demand] -- -- (AppMgmt)
SRV - [2007/08/09 03:27:52 | 000,073,728 | ---- | M] (HP) [Auto] -- C:\WINDOWS\system32\HPZipm12.exe -- (Pml Driver HPZ12)
SRV - [2007/01/09 11:16:12 | 000,061,440 | ---- | M] (Deutsche Telekom AG, Marmiko IT-Solutions GmbH) [Auto] -- C:\Programme\Gemeinsame Dateien\Marmiko Shared\MZCCntrl.exe -- (MZCCntrl)
SRV - [2005/04/03 18:41:10 | 000,069,632 | ---- | M] (Macrovision Corporation) [On_Demand] -- C:\Programme\Gemeinsame Dateien\InstallShield\Driver\11\Intel 32\IDriverT.exe -- (IDriverT)
SRV - [2002/09/20 10:41:02 | 000,077,824 | ---- | M] (Computer Associates) [On_Demand] -- C:\Programme\CA\SharedComponents\CA_LIC\lic98rmtd.exe -- (CA_LIC_SRVR)
SRV - [2002/09/20 10:29:30 | 000,053,248 | ---- | M] (Computer Associates) [Auto] -- C:\Programme\CA\SharedComponents\CA_LIC\LogWatNT.exe -- (LogWatch)
SRV - [2002/09/20 10:27:06 | 000,077,824 | ---- | M] (Computer Associates) [On_Demand] -- C:\Programme\CA\SharedComponents\CA_LIC\lic98rmt.exe -- (CA_LIC_CLNT)
SRV - [2001/11/12 07:31:48 | 000,020,480 | ---- | M] (X10) [On_Demand] -- C:\Programme\Common Files\X10\Common\X10nets.exe -- (x10nets)
========== Driver Services (SafeList) ==========
DRV - File not found [Kernel | On_Demand] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand] -- -- (wanatw) WAN Miniport (ATW)
DRV - File not found [Kernel | On_Demand] -- -- (TSMPacket)
DRV - File not found [Kernel | On_Demand] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand] -- -- (PDCOMP)
DRV - File not found [Kernel | System] -- -- (PCIDump)
DRV - File not found [Kernel | System] -- -- (lbrtfdc)
DRV - File not found [Kernel | Boot] -- -- (kgueum)
DRV - File not found [Kernel | On_Demand] -- -- (IIUSBISP)
DRV - File not found [Kernel | System] -- -- (i2omgmt)
DRV - File not found [Kernel | System] -- -- (Changer)
DRV - [2010/08/27 08:23:08 | 000,019,200 | ---- | M] (Deutsche Telekom AG AG, Marmiko IT-Solutions GmbH) [Kernel | On_Demand] -- C:\Programme\T-Online\T-Online_Software_6\Basis-Software\Basis1\MTOnlPktAlyx.sys -- (MTOnlPktAlyX)
DRV - [2009/08/05 09:39:04 | 000,017,408 | ---- | M] (ICSI Technology Ltd.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\USBCRFT.SYS -- (CardReaderFilter)
DRV - [2008/04/13 14:53:09 | 000,040,320 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\nmnt.sys -- (nm)
DRV - [2008/04/13 14:46:22 | 000,015,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\mpe.sys -- (MPE)
DRV - [2006/10/09 09:03:56 | 000,017,152 | ---- | M] (Deutsche Telekom AG, Marmiko IT-Solutions GmbH) [Kernel | On_Demand] -- C:\Programme\Gemeinsame Dateien\Marmiko Shared\MInfraIS\MIINPazx.sys -- (MIINPazX)
DRV - [2006/10/04 03:14:26 | 000,017,280 | ---- | M] (Marmiko IT-Solutions GmbH) [Kernel | On_Demand] -- C:\Programme\Gemeinsame Dateien\Marmiko Shared\MAcNdis5.sys -- (MACNDIS5)
DRV - [2005/02/02 19:29:28 | 000,009,344 | R--- | M] (Hewlett Packard) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\hpplsbulk.sys -- (HPPLSBULK)
DRV - [2004/11/24 17:19:54 | 000,872,960 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2004/10/08 05:51:08 | 001,270,540 | ---- | M] (Agere Systems) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\AGRSM.sys -- (AgereSoftModem)
DRV - [2004/10/06 09:10:46 | 000,945,152 | ---- | M] (Philips Semiconductors GmbH) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\3xHybrid.sys -- (3xHybrid)
DRV - [2004/10/01 08:58:10 | 001,272,000 | ---- | M] (C-Media Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\cmudax.sys -- (cmudax)
DRV - [2004/03/17 08:10:40 | 000,113,664 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\HdAudio.sys -- (HdAudAddService)
DRV - [2003/12/05 12:46:36 | 000,010,368 | ---- | M] (Padus, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\pfc.sys -- (pfc)
DRV - [2002/06/26 10:34:12 | 000,013,645 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | Auto] -- C:\WINDOWS\system32\drivers\s4ntdng.sys -- (s4ntdng)
DRV - [2001/11/14 12:07:42 | 000,010,761 | ---- | M] (X10 Wireless Technology, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\x10uif.sys -- (X10UIF)
DRV - [2001/08/17 07:53:32 | 000,003,328 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\qv2kux.sys -- (QV2KUX)
DRV - [1997/05/29 11:51:22 | 000,064,512 | ---- | M] () [Kernel | Auto] -- C:\WINDOWS\System32\Drivers\SENTINEL.SYS -- (Sentinel)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = hxxp://www.google.com/ie
IE - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://www.google.com/ie
IE - HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.avira.com/?l=dis&o=APN10395&gct=hp&dc=EU&locale=de_DE
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\Administrator_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKU\Administrator_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\drs_ON_C\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
IE - HKU\drs_ON_C\Software\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google
IE - HKU\drs_ON_C\Software\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
IE - HKU\drs_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.westernunion.de/
IE - HKU\drs_ON_C\Software\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://www.google.com/ie
IE - HKU\drs_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\LocalService_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\NetworkService_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Programme\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pack.google.com/Google Updater;version=14: C:\Programme\Google\Google Updater\2.4.2432.1652\npCIDetect14.dll (Google)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.11.2061: C:\Programme\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=1.0.2.2122: C:\Programme\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.1059: C:\Programme\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=:
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Programme\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Programme\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@viewpoint.com/VMP: C:\Programme\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll ()
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{184AA5E6-741D-464a-820E-94B3ABC2F3B4}: C:\WINDOWS\system32\10014 [2012/03/12 11:13:42 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0.2\extensions\\Components: C:\Programme\Mozilla Firefox\components [2012/02/20 03:20:38 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0.2\extensions\\Plugins: C:\Programme\Mozilla Firefox\plugins
[2011/05/23 13:33:53 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
[2012/02/20 03:20:38 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Programme\mozilla firefox\components\browsercomps.dll
[2012/02/20 03:20:34 | 000,001,392 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012/02/20 03:20:34 | 000,002,252 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\bing.xml
[2012/02/20 03:20:34 | 000,001,153 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\eBay-de.xml
[2012/02/20 03:20:34 | 000,006,805 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\leo_ende_de.xml
[2012/02/20 03:20:34 | 000,001,178 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\wikipedia-de.xml
[2012/02/20 03:20:34 | 000,001,105 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\yahoo-de.xml
O1 HOSTS File: ([2002/08/29 08:00:00 | 000,000,820 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programme\Google\GoogleToolbarNotifier\5.7.7227.1100\swg.dll (Google Inc.)
O2 - BHO: (Avira SearchFree Toolbar plus Web Protection) - {D4027C7F-154A-4066-A1AD-4243D8127440} - File not found
O3 - HKLM\..\Toolbar: (Avira SearchFree Toolbar plus Web Protection) - {D4027C7F-154A-4066-A1AD-4243D8127440} - File not found
O3 - HKU\drs_ON_C\..\Toolbar\WebBrowser: (no name) - {0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7} - No CLSID value found.
O3 - HKU\drs_ON_C\..\Toolbar\WebBrowser: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No CLSID value found.
O3 - HKU\drs_ON_C\..\Toolbar\WebBrowser: (Avira SearchFree Toolbar plus Web Protection) - {D4027C7F-154A-4066-A1AD-4243D8127440} - File not found
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [ApnUpdater] File not found
O4 - HKLM..\Run: [DWQueuedReporting] C:\Programme\Gemeinsame Dateien\Microsoft Shared\DW\DWTRIG20.EXE (Microsoft Corporation)
O4 - HKLM..\Run: [KernelFaultCheck] File not found
O4 - HKLM..\Run: [L1QtW710QzepO1Z] C:\Dokumente und Einstellungen\drs\Anwendungsdaten\WinArchiver.exe ()
O4 - HKLM..\Run: [THGuard] C:\Programme\TrojanHunter 5.5\THGuard.exe (Mischel Internet Security)
O4 - HKU\.DEFAULT..\Run: [InfoCockpit] C:\Programme\T-Online\T-Online_Software_6\Info-Cockpit\IC_START.EXE (Deutsche Telekom AG, T-Com)
O4 - HKU\Administrator_ON_C..\Run: [L1QtW710QzepO1Z] C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\WinArchiver.exe ()
O4 - HKU\drs_ON_C..\Run: [L1QtW710QzepO1Z] C:\Dokumente und Einstellungen\drs\Anwendungsdaten\WinArchiver.exe ()
O4 - HKU\LocalService_ON_C..\Run: [InfoCockpit] C:\Programme\T-Online\T-Online_Software_6\Info-Cockpit\IC_START.EXE (Deutsche Telekom AG, T-Com)
O4 - HKU\NetworkService_ON_C..\Run: [InfoCockpit] C:\Programme\T-Online\T-Online_Software_6\Info-Cockpit\IC_START.EXE (Deutsche Telekom AG, T-Com)
O4 - HKLM..\RunOnce: [Malwarebytes Anti-Malware] C:\Programme\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\Administrator_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\Administrator_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDesktop = 1
O7 - HKU\Administrator_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableTaskMgr = 1
O7 - HKU\Administrator_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 1
O7 - HKU\drs_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\drs_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDesktop = 1
O7 - HKU\drs_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableTaskMgr = 1
O7 - HKU\drs_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 1
O7 - HKU\LocalService_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\NetworkService_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9 - Extra 'Tools' menuitem : Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.5.0_02\bin\NPJPI150_02.dll (Sun Microsystems, Inc.)
O16 - DPF: {15B782AF-55D8-11D1-B477-006097098764} hxxp://fpdownload.macromedia.com/get/shockwave/cabs/authorware/awswaxd.cab (Macromedia Authorware Web Player Control)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} hxxp://fpdownload.macromedia.com/get/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {22CF0C35-80CE-11D3-9354-00105AA793BF} hxxp://www.immdesign.com/webview/IPAWebView.cab (Ipa Control)
O16 - DPF: {4C0942C1-C405-4805-B3B6-EA16F2DDD1BD} hxxp://www.webplaner-innoplus.de/innova/pano/prog/rundum.7.0.2.0.cab (innova-Panorama-Viewer Object)
O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} hxxp://software-dl.real.com/23ea10ffae3267990f05/netzip/RdxIE601_de.cab (RdxIE Class)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} hxxp://v5.windowsupdate.microsoft.com/v5consumer/V5Controls/en/x86/client/wuweb_site.cab?1094650967218 (WUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_02-windows-i586.cab (Java Plug-in 1.5.0_02)
O16 - DPF: {CAFEEFAC-0015-0000-0002-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_02-windows-i586.cab (Java Plug-in 1.5.0_02)
O16 - DPF: DirectAnimation Java Classes file://C:\WINDOWS\Java\classes\dajava.cab (Reg Error: Key error.)
O16 - DPF: Microsoft XML Parser for Java file://C:\WINDOWS\Java\classes\xmldso.cab (Reg Error: Key error.)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (C:\Dokumente und Einstellungen\drs\Anwendungsdaten\WinArchiver.exe) - C:\Dokumente und Einstellungen\drs\Anwendungsdaten\WinArchiver.exe ()
O20 - HKLM Winlogon: UserInit - (C:\Dokumente und Einstellungen\drs\Anwendungsdaten\WinArchiver.exe) - C:\Dokumente und Einstellungen\drs\Anwendungsdaten\WinArchiver.exe ()
O20 - HKU\Administrator_ON_C Winlogon: Shell - (C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\WinArchiver.exe) - C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\WinArchiver.exe ()
O20 - HKU\Administrator_ON_C Winlogon: UserInit - (C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\WinArchiver.exe) - C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\WinArchiver.exe ()
O20 - HKU\drs_ON_C Winlogon: Shell - (C:\Dokumente und Einstellungen\drs\Anwendungsdaten\WinArchiver.exe) - C:\Dokumente und Einstellungen\drs\Anwendungsdaten\WinArchiver.exe ()
O20 - HKU\drs_ON_C Winlogon: UserInit - (C:\Dokumente und Einstellungen\drs\Anwendungsdaten\WinArchiver.exe) - C:\Dokumente und Einstellungen\drs\Anwendungsdaten\WinArchiver.exe ()
O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O20 - Winlogon\Notify\sclgntfy: DllName - sclgntfy.dll - File not found
O24 - Desktop Components:0 (Die derzeitige Homepage) - About:Home
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2004/06/22 11:43:45 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2006/03/24 07:06:41 | 000,000,053 | R--- | M] () - X:\AUTORUN.INF -- [ CDFS ]
O33 - MountPoints2\{65533088-6ab3-11d9-9a71-806d6172696f}\Shell\AutoRun\command - "" = C:\WINDOWS\explorer.exe -- [2008/04/13 22:22:45 | 001,036,800 | ---- | M] (Microsoft Corporation)
O33 - MountPoints2\{de79ffbb-49f0-11d9-af23-000c76adb999}\Shell\AutoRun\command - "" = C:\WINDOWS\explorer.exe -- [2008/04/13 22:22:45 | 001,036,800 | ---- | M] (Microsoft Corporation)
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 30 Days ==========
[2012/06/04 07:28:58 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\TrojanHunter
[2012/06/04 07:24:07 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\TrojanHunter
[2012/06/04 07:24:05 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TrojanHunter
[2012/06/04 07:23:44 | 000,000,000 | ---D | C] -- C:\Programme\TrojanHunter 5.5
[2012/06/04 07:23:16 | 000,000,000 | ---D | C] -- C:\Programme\Toolbar Uninstaller
[2012/06/04 07:23:16 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Toolbar Uninstaller
[2012/06/04 05:38:48 | 000,000,000 | -HSD | C] -- C:\Dokumente und Einstellungen\Administrator\PrivacIE
[2012/06/04 03:58:41 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Malwarebytes' Anti-Malware
[2012/06/04 03:58:37 | 000,022,344 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2012/06/04 03:58:37 | 000,000,000 | ---D | C] -- C:\Programme\Malwarebytes' Anti-Malware
[2012/05/31 10:18:02 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Malwarebytes
[2012/05/31 10:16:41 | 000,000,000 | -HSD | C] -- C:\Dokumente und Einstellungen\Administrator\IETldCache
[2012/05/31 10:16:07 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\AOL
[2012/05/31 10:16:07 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Ahead
[2012/05/31 10:16:07 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Adobe
[2012/05/31 10:16:06 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Macromedia
[2012/05/31 10:16:06 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Identities
[2012/05/31 10:16:06 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Help
[2012/05/31 10:16:06 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\CyberLink
[2012/05/31 10:16:05 | 000,000,000 | --SD | C] -- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Microsoft
[2012/05/31 10:16:05 | 000,000,000 | RH-D | C] -- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten
[2012/05/31 10:16:05 | 000,000,000 | R--D | C] -- C:\Dokumente und Einstellungen\Administrator\Favoriten
[2012/05/31 10:16:05 | 000,000,000 | R--D | C] -- C:\Dokumente und Einstellungen\Administrator\Eigene Dateien\Eigene Videos
[2012/05/31 10:16:05 | 000,000,000 | R--D | C] -- C:\Dokumente und Einstellungen\Administrator\Eigene Dateien\Eigene Musik
[2012/05/31 10:16:05 | 000,000,000 | R--D | C] -- C:\Dokumente und Einstellungen\Administrator\Eigene Dateien
[2012/05/31 10:16:05 | 000,000,000 | R--D | C] -- C:\Dokumente und Einstellungen\Administrator\Eigene Dateien\Eigene Bilder
[2012/05/31 10:16:05 | 000,000,000 | -HSD | C] -- C:\Dokumente und Einstellungen\Administrator\Cookies
[2012/05/31 10:16:05 | 000,000,000 | -H-D | C] -- C:\Dokumente und Einstellungen\Administrator\Druckumgebung
[2012/05/31 10:16:05 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\You've Got Pictures Screensaver
[2012/05/31 10:16:05 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Sun
[2012/05/31 10:16:05 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Real
[2012/05/31 10:16:05 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Musicmatch
[2012/05/31 10:16:05 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Administrator\Desktop
[2012/05/31 10:16:05 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Anwendungsdaten\AskToolbar
[2012/05/31 10:16:05 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Anwendungsdaten\ApplicationHistory
[2012/05/31 10:16:05 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Anwendungsdaten\Adobe
[2012/05/31 10:16:04 | 000,000,000 | --SD | C] -- C:\Dokumente und Einstellungen\Administrator\UserData
[2012/05/31 10:16:04 | 000,000,000 | RH-D | C] -- C:\Dokumente und Einstellungen\Administrator\SendTo
[2012/05/31 10:16:04 | 000,000,000 | RH-D | C] -- C:\Dokumente und Einstellungen\Administrator\Recent
[2012/05/31 10:16:04 | 000,000,000 | R--D | C] -- C:\Dokumente und Einstellungen\Administrator\Startmenü\Programme\Zubehör
[2012/05/31 10:16:04 | 000,000,000 | R--D | C] -- C:\Dokumente und Einstellungen\Administrator\Startmenü\Programme\Verwaltung
[2012/05/31 10:16:04 | 000,000,000 | R--D | C] -- C:\Dokumente und Einstellungen\Administrator\Startmenü
[2012/05/31 10:16:04 | 000,000,000 | R--D | C] -- C:\Dokumente und Einstellungen\Administrator\Startmenü\Programme\Autostart
[2012/05/31 10:16:04 | 000,000,000 | -H-D | C] -- C:\Dokumente und Einstellungen\Administrator\Vorlagen
[2012/05/31 10:16:04 | 000,000,000 | -H-D | C] -- C:\Dokumente und Einstellungen\Administrator\Netzwerkumgebung
[2012/05/31 10:16:04 | 000,000,000 | -H-D | C] -- C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen
[2012/05/31 10:16:04 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Anwendungsdaten\WMTools Downloaded Files
[2012/05/31 10:16:04 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Administrator\WINDOWS
[2012/05/31 10:16:04 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Anwendungsdaten\Powercinema
[2012/05/31 10:16:04 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Anwendungsdaten\Musicmatch
[2012/05/31 10:16:04 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Anwendungsdaten\Microsoft
[2012/05/31 10:16:04 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Anwendungsdaten\Help
[2012/05/31 10:16:04 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Anwendungsdaten\{3248F0A6-6813-11D6-A77B-00B0D0150020}
[2012/05/22 10:08:00 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\drs\Anwendungsdaten\AskToolbar
[2012/05/22 10:06:23 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\drs\Lokale Einstellungen\Anwendungsdaten\AskToolbar
[2012/05/22 01:37:06 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Default User\Lokale Einstellungen\Anwendungsdaten\AskToolbar
[2012/05/22 01:37:01 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\Anwendungsdaten\APN
[2012/05/22 01:36:28 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Avira
[2009/03/23 13:35:45 | 000,357,768 | ---- | C] (Symantec Corporation) -- C:\Dokumente und Einstellungen\drs\SymXPep2.dll
[2 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\System\*.tmp files -> C:\WINDOWS\System\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2012/06/05 03:27:27 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2012/06/04 09:17:00 | 000,000,228 | ---- | M] () -- C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job
[2012/06/04 09:16:52 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2012/06/04 09:16:36 | 000,001,086 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2012/06/04 07:24:07 | 000,059,392 | R--- | M] () -- C:\WINDOWS\System32\streamhlp.dll
[2012/06/04 07:24:07 | 000,000,694 | ---- | M] () -- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Microsoft\Internet Explorer\Quick Launch\TrojanHunter Scanner.lnk
[2012/06/04 07:24:07 | 000,000,676 | ---- | M] () -- C:\Dokumente und Einstellungen\Administrator\Desktop\TrojanHunter.lnk
[2012/06/04 07:24:07 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\TrojanHunter
[2012/06/04 07:23:16 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Toolbar Uninstaller
[2012/06/04 03:58:41 | 000,000,760 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Malwarebytes Anti-Malware.lnk
[2012/06/04 03:58:41 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Malwarebytes' Anti-Malware
[2012/06/01 08:32:08 | 000,001,891 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2012/05/31 02:43:14 | 000,001,090 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2012/05/31 01:57:47 | 000,243,200 | ---- | M] () -- C:\Dokumente und Einstellungen\drs\Anwendungsdaten\WinArchiver.exe
[2012/05/31 01:57:47 | 000,243,200 | ---- | M] () -- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\WinArchiver.exe
[2012/05/28 08:25:00 | 000,001,044 | ---- | M] () -- C:\WINDOWS\tasks\Google Software Updater.job
[2012/05/24 01:46:08 | 000,001,781 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Google Chrome.lnk
[2012/05/11 01:17:37 | 000,411,880 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2012/05/10 15:02:31 | 000,454,926 | ---- | M] () -- C:\WINDOWS\System32\perfh007.dat
[2012/05/10 15:02:31 | 000,437,362 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2012/05/10 15:02:31 | 000,083,958 | ---- | M] () -- C:\WINDOWS\System32\perfc007.dat
[2012/05/10 15:02:31 | 000,070,682 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2012/05/08 01:59:25 | 000,000,000 | R--D | M] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart
[2 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\System\*.tmp files -> C:\WINDOWS\System\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
========== Files Created - No Company Name ==========
[2012/06/04 07:34:21 | 000,243,200 | ---- | C] () -- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\WinArchiver.exe
[2012/06/04 07:24:07 | 000,000,694 | ---- | C] () -- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Microsoft\Internet Explorer\Quick Launch\TrojanHunter Scanner.lnk
[2012/06/04 07:24:07 | 000,000,676 | ---- | C] () -- C:\Dokumente und Einstellungen\Administrator\Desktop\TrojanHunter.lnk
[2012/06/04 07:23:44 | 000,059,392 | R--- | C] () -- C:\WINDOWS\System32\streamhlp.dll
[2012/06/04 03:58:41 | 000,000,760 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Malwarebytes Anti-Malware.lnk
[2012/05/31 10:16:13 | 000,000,763 | ---- | C] () -- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Microsoft\Internet Explorer\Quick Launch\Internet Explorer Browser starten.lnk
[2012/05/31 10:16:13 | 000,000,079 | ---- | C] () -- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Microsoft\Internet Explorer\Quick Launch\Desktop anzeigen.scf
[2012/05/31 10:16:08 | 000,004,608 | ---- | C] () -- C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012/05/31 10:16:08 | 000,000,141 | ---- | C] () -- C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Anwendungsdaten\fusioncache.dat
[2012/05/31 10:16:07 | 000,001,599 | ---- | C] () -- C:\Dokumente und Einstellungen\Administrator\Startmenü\Programme\Remoteunterstützung.lnk
[2012/05/31 10:16:07 | 000,000,751 | ---- | C] () -- C:\Dokumente und Einstellungen\Administrator\Startmenü\Programme\Internet Explorer.lnk
[2012/05/31 10:16:07 | 000,000,722 | ---- | C] () -- C:\Dokumente und Einstellungen\Administrator\Startmenü\Programme\Outlook Express.lnk
[2012/05/31 01:59:10 | 000,243,200 | ---- | C] () -- C:\Dokumente und Einstellungen\drs\Anwendungsdaten\WinArchiver.exe
[2012/05/22 01:37:14 | 000,000,228 | ---- | C] () -- C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job
[2012/03/07 11:55:59 | 000,000,019 | ---- | C] () -- C:\WINDOWS\System32\urhtps.dat
[2012/02/16 02:20:48 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2009/12/08 12:25:31 | 000,015,873 | ---- | C] () -- C:\WINDOWS\System32\Inetde.dll
[2008/11/24 13:56:08 | 000,064,512 | ---- | C] () -- C:\WINDOWS\System32\drivers\SENTINEL.SYS
[2008/11/24 13:56:08 | 000,038,400 | ---- | C] () -- C:\WINDOWS\System32\SNTI386.DLL
[2008/11/24 13:56:08 | 000,016,896 | ---- | C] () -- C:\WINDOWS\System32\RNBOVDD.DLL
[2008/11/24 13:55:51 | 000,000,000 | ---- | C] () -- C:\WINDOWS\MTSTACK.INI
[2008/11/24 13:55:49 | 000,043,520 | ---- | C] () -- C:\WINDOWS\System32\MTSTACK.EXE
[2008/01/12 10:34:57 | 000,000,000 | ---- | C] () -- C:\WINDOWS\hpqEmlSz.INI
[2008/01/03 14:49:54 | 000,000,148 | ---- | C] () -- C:\Dokumente und Einstellungen\drs\Anwendungsdaten\mdb.bin
[2007/12/03 07:40:21 | 000,000,032 | ---- | C] () -- C:\WINDOWS\CD_Start.INI
[2006/09/30 13:32:30 | 000,102,400 | ---- | C] () -- C:\WINDOWS\System32\PMLJNI.dll
[2006/09/30 13:32:30 | 000,074,752 | ---- | C] () -- C:\WINDOWS\System32\jst.dll
[2006/09/30 13:32:30 | 000,032,768 | ---- | C] () -- C:\WINDOWS\System32\compJNI.dll
[2006/09/30 13:22:42 | 000,001,030 | ---- | C] () -- C:\WINDOWS\hpbvnstp.ini
[2006/09/30 13:17:07 | 000,054,332 | ---- | C] () -- C:\WINDOWS\hppins01.dat
[2006/09/30 13:17:07 | 000,002,392 | ---- | C] () -- C:\WINDOWS\hppmdl01.dat
[2006/09/29 16:25:24 | 000,000,314 | ---- | C] () -- C:\WINDOWS\hpbvspst.ini
[2006/09/29 16:08:49 | 000,000,206 | ---- | C] () -- C:\WINDOWS\HPGdiPlus.ini
[2006/09/25 15:23:56 | 000,208,896 | ---- | C] () -- C:\WINDOWS\System32\HPP2800V.DLL
[2006/09/25 15:23:56 | 000,000,484 | ---- | C] () -- C:\WINDOWS\System32\HPP2800V.DAT
[2006/09/25 15:18:13 | 000,000,123 | ---- | C] () -- C:\WINDOWS\Readiris.ini
[2006/09/25 15:18:11 | 000,023,040 | ---- | C] () -- C:\WINDOWS\System32\irisco32.dll
[2006/01/15 12:51:17 | 000,000,167 | ---- | C] () -- C:\Dokumente und Einstellungen\drs\default.pls
[2005/06/07 15:13:15 | 000,000,403 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2005/06/07 15:13:15 | 000,000,063 | ---- | C] () -- C:\WINDOWS\mdm.ini
[2005/06/07 05:46:38 | 000,058,880 | ---- | C] () -- C:\Dokumente und Einstellungen\drs\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2005/06/07 05:46:38 | 000,000,136 | ---- | C] () -- C:\Dokumente und Einstellungen\drs\Lokale Einstellungen\Anwendungsdaten\fusioncache.dat
[2005/06/07 05:45:39 | 000,004,608 | ---- | C] () -- C:\Dokumente und Einstellungen\Default User\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2005/06/07 05:45:39 | 000,000,141 | ---- | C] () -- C:\Dokumente und Einstellungen\Default User\Lokale Einstellungen\Anwendungsdaten\fusioncache.dat
[2005/04/07 08:13:42 | 000,000,000 | ---- | C] () -- C:\WINDOWS\PROTOCOL.INI
[2005/04/07 08:11:29 | 000,302,592 | ---- | C] () -- C:\WINDOWS\mauninst.exe
[2005/04/07 08:11:29 | 000,000,003 | ---- | C] () -- C:\WINDOWS\Typing.ini
[2005/04/07 06:51:13 | 000,004,184 | -HS- | C] () -- C:\WINDOWS\System32\KGyGaAvL.sys
[2005/04/07 06:51:13 | 000,000,008 | RHS- | C] () -- C:\WINDOWS\System32\319320460B.sys
[2005/04/07 06:35:42 | 000,543,232 | ---- | C] () -- C:\WINDOWS\zHotkey.exe
[2005/04/07 06:35:42 | 000,532,544 | ---- | C] () -- C:\WINDOWS\PIC.dll
[2005/04/07 06:35:42 | 000,036,864 | ---- | C] () -- C:\WINDOWS\ShowWnd.exe
[2005/04/07 06:35:42 | 000,024,576 | ---- | C] () -- C:\WINDOWS\HKNTDLL.dll
[2005/04/04 06:11:57 | 000,019,968 | ---- | C] () -- C:\WINDOWS\System32\cpuinf32.dll
[2005/04/04 05:53:05 | 000,001,208 | ---- | C] () -- C:\WINDOWS\mgxoschk.ini
[2005/04/04 05:53:05 | 000,000,024 | ---- | C] () -- C:\WINDOWS\magix.ini
[2005/04/04 05:27:52 | 000,000,269 | ---- | C] () -- C:\WINDOWS\Dit.INI
[2005/04/04 04:22:21 | 000,061,440 | ---- | C] () -- C:\WINDOWS\System32\vuins32.dll
[2004/12/09 10:58:56 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\34CoInstaller.dll
[2004/10/11 08:47:48 | 000,001,176 | ---- | C] () -- C:\WINDOWS\ImpTable.bin
[2004/10/11 08:46:52 | 000,001,928 | ---- | C] () -- C:\WINDOWS\cdplayer.ini
[2004/09/28 17:54:30 | 003,375,104 | ---- | C] () -- C:\WINDOWS\System32\qt-mt331.dll
[2004/09/08 09:22:54 | 000,000,296 | ---- | C] () -- C:\WINDOWS\Speaker.bin
[2004/09/08 09:22:53 | 000,000,472 | ---- | C] () -- C:\WINDOWS\Microphone.bin
[2004/09/08 09:22:53 | 000,000,256 | ---- | C] () -- C:\WINDOWS\LineIn.bin
[2004/09/08 09:22:53 | 000,000,200 | ---- | C] () -- C:\WINDOWS\Headphone.bin
[2004/09/08 09:19:34 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2004/08/06 12:17:40 | 000,237,568 | ---- | C] () -- C:\WINDOWS\System32\cmirmdrv.exe
[2004/08/06 12:17:40 | 000,028,672 | ---- | C] () -- C:\WINDOWS\System32\cmirmdrv.dll
[2004/08/06 10:10:10 | 000,000,016 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2004/08/02 08:20:40 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2004/06/25 05:47:09 | 000,380,736 | ---- | C] () -- C:\WINDOWS\System32\drivers\PRISMA00.sys
[2004/06/25 05:25:06 | 000,000,004 | ---- | C] () -- C:\WINDOWS\msoffice.ini
[2004/06/23 05:54:41 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2004/06/23 04:51:06 | 000,000,202 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2004/06/23 04:27:30 | 000,127,184 | ---- | C] () -- C:\WINDOWS\Unwise.exe
[2004/06/23 03:20:12 | 000,000,335 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2004/06/22 19:17:55 | 000,006,550 | ---- | C] () -- C:\WINDOWS\jautoexp.dat
[2004/06/22 12:55:22 | 000,000,047 | ---- | C] () -- C:\WINDOWS\InoSetup.ini
[2004/06/22 12:40:33 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2004/06/22 12:40:00 | 000,411,880 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2004/06/22 12:20:55 | 000,003,776 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini
[2004/06/22 11:52:24 | 000,363,520 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2004/06/22 11:49:43 | 000,000,871 | ---- | C] () -- C:\WINDOWS\orun32.ini
[2004/06/22 11:44:53 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2004/06/22 11:42:25 | 000,021,740 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2004/06/22 11:37:01 | 000,454,926 | ---- | C] () -- C:\WINDOWS\System32\perfh007.dat
[2004/06/22 11:37:01 | 000,269,480 | ---- | C] () -- C:\WINDOWS\System32\perfi007.dat
[2004/06/22 11:37:01 | 000,083,958 | ---- | C] () -- C:\WINDOWS\System32\perfc007.dat
[2004/06/22 11:37:01 | 000,034,478 | ---- | C] () -- C:\WINDOWS\System32\perfd007.dat
[2004/06/22 11:36:47 | 000,437,362 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2004/06/22 11:36:47 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2004/06/22 11:36:47 | 000,070,682 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2004/06/22 11:36:47 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2004/06/22 11:36:47 | 000,004,518 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2004/06/22 11:36:45 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2004/06/22 11:36:45 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2004/06/22 11:36:42 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2004/06/22 11:36:42 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2004/06/22 11:36:37 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2004/06/22 11:36:31 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin
[2004/06/08 13:32:32 | 000,000,852 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini
[2001/10/24 06:49:32 | 000,000,032 | ---- | C] () -- C:\WINDOWS\hppcap.ini
========== LOP Check ==========
[2005/04/04 07:26:23 | 000,000,000 | ---D | M] -- C:\WINDOWS\system32\config\systemprofile\Anwendungsdaten\Musicmatch
[2005/04/04 07:26:23 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Musicmatch
[2012/06/04 07:28:58 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\TrojanHunter
[2012/05/22 10:08:02 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\drs\Anwendungsdaten\AskToolbar
[2011/01/30 15:16:10 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\drs\Anwendungsdaten\BOM
[2005/04/04 07:26:23 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\drs\Anwendungsdaten\Musicmatch
[2005/06/07 14:07:00 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\drs\Anwendungsdaten\T-DSL SpeedManager
[2007/12/16 07:36:15 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\drs\Anwendungsdaten\T-Online
[2012/01/16 03:43:10 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\drs\Anwendungsdaten\Xelyh
[2012/01/15 12:57:17 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\drs\Anwendungsdaten\Ymy
[2005/07/07 15:03:19 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\LocalService\Anwendungsdaten\X10 Commander
[2007/08/04 10:17:15 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\NetworkService\Anwendungsdaten\X10 Commander
[2006/08/16 13:31:19 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\T-DSL SpeedManager
[2007/12/16 07:35:39 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\T-Online
[2012/06/04 07:24:05 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TrojanHunter
[2005/04/07 06:41:12 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Viewpoint
[2007/09/05 02:43:01 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\WinZip
[2008/10/07 02:27:11 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
[2012/06/04 09:17:00 | 000,000,228 | ---- | M] () -- C:\WINDOWS\Tasks\Scheduled Update for Ask Toolbar.job
========== Purity Check ==========
========== Custom Scans ==========
< %SYSTEMDRIVE%\*. >
[2012/05/28 09:08:08 | 000,000,000 | -H-D | M] -- C:\Config.Msi
[2012/05/31 10:16:01 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen
[2008/04/28 12:56:12 | 000,000,000 | -HSD | M] -- C:\found.000
[2002/12/31 18:02:58 | 000,000,000 | -HSD | M] -- C:\found.001
[2004/06/23 03:20:58 | 000,000,000 | ---D | M] -- C:\My Music
[2007/09/05 13:49:33 | 000,000,000 | ---D | M] -- C:\Profil Kalkulator
[2007/12/16 06:46:41 | 000,000,000 | ---D | M] -- C:\Program Files
[2012/06/04 07:23:44 | 000,000,000 | R--D | M] -- C:\Programme
[2012/06/04 07:10:03 | 000,000,000 | -HSD | M] -- C:\RECYCLER
[2012/05/29 10:51:44 | 000,000,000 | ---D | M] -- C:\S4PROV4
[2005/06/07 05:45:47 | 000,000,000 | -HSD | M] -- C:\System Volume Information
[2008/01/12 10:34:53 | 000,000,000 | ---D | M] -- C:\Temp
[2012/06/01 08:32:22 | 000,000,000 | ---D | M] -- C:\WINDOWS
< %PROGRAMFILES%\*.exe >
Invalid Environment Variable: %LOCALAPPDATA%\*.exe
< %systemroot%\*. /mp /s >
< MD5 for: AGP440.SYS >
[2004/08/04 08:00:00 | 018,782,319 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:AGP440.sys
[2008/09/26 06:40:47 | 023,898,261 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:AGP440.sys
[2004/08/04 08:00:00 | 018,782,319 | ---- | M] () .cab file -- C:\WINDOWS\I386\sp2.cab:AGP440.sys
[2008/09/26 06:40:47 | 023,898,261 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:AGP440.sys
[2008/04/13 14:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\ServicePackFiles\i386\agp440.sys
[2008/04/13 14:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\system32\drivers\agp440.sys
[2004/08/03 17:07:42 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=2C428FA0C3E3A01ED93C9B2A27D8D4BB -- C:\WINDOWS\$NtServicePackUninstall$\agp440.sys
< MD5 for: ATAPI.SYS >
[2004/08/04 08:00:00 | 018,782,319 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2008/09/26 06:40:47 | 023,898,261 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2004/08/04 08:00:00 | 018,782,319 | ---- | M] () .cab file -- C:\WINDOWS\I386\sp2.cab:atapi.sys
[2008/09/26 06:40:47 | 023,898,261 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:atapi.sys
[2008/04/13 14:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys
[2008/04/13 14:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys
[2004/08/03 16:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\$NtServicePackUninstall$\atapi.sys
< MD5 for: EVENTLOG.DLL >
[2008/04/13 22:22:10 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=04955AA695448C181B367D964AF158AA -- C:\WINDOWS\ServicePackFiles\i386\eventlog.dll
[2008/04/13 22:22:10 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=04955AA695448C181B367D964AF158AA -- C:\WINDOWS\system32\eventlog.dll
[2004/08/03 18:57:20 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=B932C077D5A65B71B4512544AC404CB4 -- C:\WINDOWS\$NtServicePackUninstall$\eventlog.dll
< MD5 for: EXPLORER.EXE >
[2004/08/03 18:57:54 | 001,035,264 | ---- | M] (Microsoft Corporation) MD5=22FE1BE02EADDE1632E478E4125639E0 -- C:\WINDOWS\$NtUninstallKB938828$\explorer.exe
[2007/06/13 09:10:08 | 001,036,288 | ---- | M] (Microsoft Corporation) MD5=331ED93570BAF3CFE30340298762CD56 -- C:\WINDOWS\$hf_mig$\KB938828\SP2QFE\explorer.exe
[2008/04/13 22:22:45 | 001,036,800 | ---- | M] (Microsoft Corporation) MD5=418045A93CD87A352098AB7DABE1B53E -- C:\WINDOWS\explorer.exe
[2008/04/13 22:22:45 | 001,036,800 | ---- | M] (Microsoft Corporation) MD5=418045A93CD87A352098AB7DABE1B53E -- C:\WINDOWS\ServicePackFiles\i386\explorer.exe
[2007/06/13 09:21:45 | 001,036,288 | ---- | M] (Microsoft Corporation) MD5=64D320C0E301EEDC5A4ADBBDC5024F7F -- C:\WINDOWS\$NtServicePackUninstall$\explorer.exe
< MD5 for: NETLOGON.DLL >
[2008/04/13 22:22:19 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=0098D35F91DEAB9C127360A877F2CF84 -- C:\WINDOWS\ServicePackFiles\i386\netlogon.dll
[2008/04/13 22:22:19 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=0098D35F91DEAB9C127360A877F2CF84 -- C:\WINDOWS\system32\netlogon.dll
[2004/08/03 18:57:32 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=D27395EDCD3416AFD125A9370DCB585C -- C:\WINDOWS\$NtServicePackUninstall$\netlogon.dll
< MD5 for: SCECLI.DLL >
[2008/04/13 22:22:23 | 000,187,904 | ---- | M] (Microsoft Corporation) MD5=5132443DF6FC3771A17AB4AE55DCBC28 -- C:\WINDOWS\ServicePackFiles\i386\scecli.dll
[2008/04/13 22:22:23 | 000,187,904 | ---- | M] (Microsoft Corporation) MD5=5132443DF6FC3771A17AB4AE55DCBC28 -- C:\WINDOWS\system32\scecli.dll
[2004/08/03 18:57:34 | 000,186,880 | ---- | M] (Microsoft Corporation) MD5=64DC26B3CF7BCCAD431CE360A4C625D5 -- C:\WINDOWS\$NtServicePackUninstall$\scecli.dll
< MD5 for: USER32.DLL >
[2005/03/02 14:09:46 | 000,578,560 | ---- | M] (Microsoft Corporation) MD5=3751D7CF0E0A113D84414992146BCE6A -- C:\WINDOWS\$NtUninstallKB925902$\user32.dll
[2007/03/08 11:36:30 | 000,579,072 | ---- | M] (Microsoft Corporation) MD5=492E166CFD26A50FB9160DB536FF7D2B -- C:\WINDOWS\$NtServicePackUninstall$\user32.dll
[2005/03/02 14:19:56 | 000,578,560 | ---- | M] (Microsoft Corporation) MD5=4C90159A69A5FD3EB39C71411F28FCFF -- C:\WINDOWS\$hf_mig$\KB890859\SP2QFE\user32.dll
[2004/08/03 18:57:38 | 000,578,560 | ---- | M] (Microsoft Corporation) MD5=56785FD5236D7B22CF471A6DA9DB46D8 -- C:\WINDOWS\$NtUninstallKB890859$\user32.dll
[2007/03/08 11:48:39 | 000,579,584 | ---- | M] (Microsoft Corporation) MD5=78785EFF8CB90CEC1862A4CCFD9A3C3A -- C:\WINDOWS\$hf_mig$\KB925902\SP2QFE\user32.dll
[2008/04/13 22:22:31 | 000,580,096 | ---- | M] (Microsoft Corporation) MD5=B0050CC5340E3A0760DD8B417FF7AEBD -- C:\WINDOWS\ServicePackFiles\i386\user32.dll
[2008/04/13 22:22:31 | 000,580,096 | ---- | M] (Microsoft Corporation) MD5=B0050CC5340E3A0760DD8B417FF7AEBD -- C:\WINDOWS\system32\user32.dll
< MD5 for: USERINIT.EXE >
[2008/04/13 22:23:03 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=788F95312E26389D596C0FA55834E106 -- C:\WINDOWS\ServicePackFiles\i386\userinit.exe
[2008/04/13 22:23:03 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=788F95312E26389D596C0FA55834E106 -- C:\WINDOWS\system32\userinit.exe
[2004/08/03 18:58:18 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=D1E53DC57143F2584B1DD53B036C0633 -- C:\WINDOWS\$NtServicePackUninstall$\userinit.exe
< MD5 for: WINLOGON.EXE >
[2012/04/04 09:56:38 | 000,199,240 | ---- | M] () MD5=097D0E812D7A9A3101CE46CB2BE0474D -- C:\Programme\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe
[2004/08/03 18:58:20 | 000,507,392 | ---- | M] (Microsoft Corporation) MD5=2B6A0BAF33A9918F09442D873848FF72 -- C:\WINDOWS\$NtServicePackUninstall$\winlogon.exe
[2008/04/13 22:23:05 | 000,513,024 | ---- | M] (Microsoft Corporation) MD5=F09A527B422E25C478E38CAA0E44417A -- C:\WINDOWS\ServicePackFiles\i386\winlogon.exe
[2008/04/13 22:23:05 | 000,513,024 | ---- | M] (Microsoft Corporation) MD5=F09A527B422E25C478E38CAA0E44417A -- C:\WINDOWS\system32\winlogon.exe
< MD5 for: WS2IFSL.SYS >
[2002/08/29 08:00:00 | 000,012,032 | ---- | M] (Microsoft Corporation) MD5=6ABE6E225ADB5A751622A9CC3BC19CE8 -- C:\WINDOWS\system32\dllcache\ws2ifsl.sys
[2002/08/29 08:00:00 | 000,012,032 | ---- | M] (Microsoft Corporation) MD5=6ABE6E225ADB5A751622A9CC3BC19CE8 -- C:\WINDOWS\system32\drivers\ws2ifsl.sys
< %systemroot%\system32\drivers\*.sys /lockedfiles >
< %systemroot%\System32\config\*.sav >
[2004/06/22 13:39:21 | 000,094,208 | ---- | M] () -- C:\WINDOWS\System32\config\default.sav
[2004/06/22 13:39:21 | 000,606,208 | ---- | M] () -- C:\WINDOWS\System32\config\software.sav
[2004/06/22 13:39:21 | 000,409,600 | ---- | M] () -- C:\WINDOWS\System32\config\system.sav
< %systemroot%\system32\*.dll /lockedfiles >
[2006/10/18 16:47:08 | 000,276,992 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\audiodev.dll
[2008/04/13 22:22:07 | 001,025,024 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\browseui.dll
[2008/04/13 22:22:08 | 000,102,912 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\cscdll.dll
[2008/04/13 22:22:08 | 000,334,848 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\cscui.dll
[2008/04/13 22:22:08 | 000,025,600 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\davclnt.dll
[2011/03/03 02:54:43 | 000,149,504 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\dnsapi.dll
[2008/04/13 22:22:09 | 000,014,336 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\drprov.dll
[2012/03/02 00:00:10 | 011,082,752 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\ieframe.dll
[2012/03/01 07:00:08 | 002,000,384 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\iertutil.dll
[2008/04/13 22:22:18 | 000,280,064 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\mstask.dll
[2008/04/13 22:22:19 | 000,011,776 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\netrap.dll
[2008/04/13 22:22:20 | 000,081,920 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\netui0.dll
[2008/04/13 22:22:20 | 000,245,760 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\netui1.dll
[2008/04/13 22:22:20 | 000,067,072 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\ntdsapi.dll
[2008/04/13 22:22:20 | 000,044,032 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\ntlanman.dll
[2006/10/18 16:47:18 | 000,284,160 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\PortableDeviceApi.dll
[2008/04/13 22:22:23 | 000,064,000 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\samlib.dll
[2009/06/25 04:25:23 | 000,056,832 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\secur32.dll
[2008/04/13 22:22:25 | 001,499,136 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\shdocvw.dll
[2011/01/21 10:44:10 | 008,503,296 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\shell32.dll
[2008/04/13 22:22:25 | 000,068,096 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\shgina.dll
[2007/10/25 04:28:30 | 000,222,720 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\wmasf.dll
[2010/04/05 23:52:46 | 002,462,720 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\WMVCore.dll
[2006/10/18 16:47:22 | 002,603,008 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\WpdShext.dll
[2 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]
Invalid Environment Variable: %USERPROFILE%\*.*
Invalid Environment Variable: %USERPROFILE%\Local Settings\Temp\*.exe
Invalid Environment Variable: %USERPROFILE%\Local Settings\Temp\*.dll
Invalid Environment Variable: %USERPROFILE%\Application Data\*.exe
========== Alternate Data Streams ==========
@Alternate Data Stream - 88 bytes -> C:\Dokumente und Einstellungen\drs\Desktop\S4PROV4.pif:�SummaryInformation
< End of report >
und Extras: Code:
OTL Extras logfile created on: 6/5/2012 12:44:48 PM - Run
OTLPE by OldTimer - Version 3.1.48.0 Folder = X:\Programs\OTLPE
Microsoft Windows XP Service Pack 3 (Version = 5.1.2600) - Type = SYSTEM
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
1,023.00 Mb Total Physical Memory | 723.00 Mb Available Physical Memory | 71.00% Memory free
907.00 Mb Paging File | 793.00 Mb Available in Paging File | 87.00% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 117.19 Gb Total Space | 72.55 Gb Free Space | 61.91% Space Free | Partition Type: NTFS
Drive D: | 111.79 Gb Total Space | 109.20 Gb Free Space | 97.68% Space Free | Partition Type: NTFS
Drive E: | 3.90 Gb Total Space | 0.80 Gb Free Space | 20.41% Space Free | Partition Type: FAT32
Drive X: | 436.59 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
Computer Name: REATOGO | User Name: SYSTEM
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
Using ControlSet: ControlSet001
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.html [@ = ChromeHTML] -- C:\Programme\Google\Chrome\Application\chrome.exe (Google Inc.)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
htmlfile [edit] -- "C:\Programme\Microsoft Office\Office\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Programme\Microsoft Office\Office\msohtmed.exe" /p %1 (Microsoft Corporation)
http [open] -- "C:\Programme\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
https [open] -- "C:\Programme\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 1
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Sr]
"Start" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\SrService]
"Start" = 2
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"10243:TCP" = 10243:TCP:LocalSubNet:Enabled:Windows Media Player-Netzwerkfreigabedienst
"10280:UDP" = 10280:UDP:LocalSubNet:Enabled:Windows Media Player-Netzwerkfreigabedienst
"10281:UDP" = 10281:UDP:LocalSubNet:Enabled:Windows Media Player-Netzwerkfreigabedienst
"10282:UDP" = 10282:UDP:LocalSubNet:Enabled:Windows Media Player-Netzwerkfreigabedienst
"10283:UDP" = 10283:UDP:LocalSubNet:Enabled:Windows Media Player-Netzwerkfreigabedienst
"10284:UDP" = 10284:UDP:LocalSubNet:Enabled:Windows Media Player-Netzwerkfreigabedienst
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"10243:TCP" = 10243:TCP:LocalSubNet:Enabled:Windows Media Player-Netzwerkfreigabedienst
"10280:UDP" = 10280:UDP:LocalSubNet:Enabled:Windows Media Player-Netzwerkfreigabedienst
"10281:UDP" = 10281:UDP:LocalSubNet:Enabled:Windows Media Player-Netzwerkfreigabedienst
"10282:UDP" = 10282:UDP:LocalSubNet:Enabled:Windows Media Player-Netzwerkfreigabedienst
"10283:UDP" = 10283:UDP:LocalSubNet:Enabled:Windows Media Player-Netzwerkfreigabedienst
"10284:UDP" = 10284:UDP:LocalSubNet:Enabled:Windows Media Player-Netzwerkfreigabedienst
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\Programme\AOL 9.0\AOL.exe" = C:\Programme\AOL 9.0\AOL.exe:*:enabled:AOL 9.0
"C:\Programme\AOL 9.0\WAOL.exe" = C:\Programme\AOL 9.0\WAOL.exe:*:enabled:AOL 9.0
"C:\Programme\Gemeinsame Dateien\AOL\ACS\AOLACSD.exe" = C:\Programme\Gemeinsame Dateien\AOL\ACS\AOLACSD.exe:*:enabled:AOL 9.0 (Connectivity Service)
"C:\Programme\Gemeinsame Dateien\AOL\ACS\AOLDIAL.exe" = C:\Programme\Gemeinsame Dateien\AOL\ACS\AOLDIAL.exe:*:enabled:AOL 9.0 (Connectivity Service Dialer)
"C:\WINDOWS\system32\fxsclnt.exe" = C:\WINDOWS\system32\fxsclnt.exe:*:enabled:Microsoft Fax Console -- (Microsoft Corporation)
"C:\Programme\CA\eTrust Antivirus\InocIT.exe" = C:\Programme\CA\eTrust Antivirus\InocIT.exe:*:enabled:eTrust Antivirus - Local Scanner
"C:\Programme\CA\eTrust Antivirus\Realmon.exe" = C:\Programme\CA\eTrust Antivirus\Realmon.exe:*:enabled:eTrust Antivirus - Realtime monitor
"C:\Programme\CA\eTrust Antivirus\InoRpc.exe" = C:\Programme\CA\eTrust Antivirus\InoRpc.exe:*:enabled:eTrust Antivirus - RPC Server
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Programme\AOL 9.0\AOL.exe" = C:\Programme\AOL 9.0\AOL.exe:*:enabled:AOL 9.0
"C:\Programme\AOL 9.0\WAOL.exe" = C:\Programme\AOL 9.0\WAOL.exe:*:enabled:AOL 9.0
"C:\Programme\Gemeinsame Dateien\AOL\ACS\AOLACSD.exe" = C:\Programme\Gemeinsame Dateien\AOL\ACS\AOLACSD.exe:*:enabled:AOL 9.0 (Connectivity Service)
"C:\Programme\Gemeinsame Dateien\AOL\ACS\AOLDIAL.exe" = C:\Programme\Gemeinsame Dateien\AOL\ACS\AOLDIAL.exe:*:enabled:AOL 9.0 (Connectivity Service Dialer)
"C:\WINDOWS\system32\fxsclnt.exe" = C:\WINDOWS\system32\fxsclnt.exe:*:enabled:Microsoft Fax Console -- (Microsoft Corporation)
"C:\Programme\CA\eTrust Antivirus\InocIT.exe" = C:\Programme\CA\eTrust Antivirus\InocIT.exe:*:enabled:eTrust Antivirus - Local Scanner
"C:\Programme\CA\eTrust Antivirus\Realmon.exe" = C:\Programme\CA\eTrust Antivirus\Realmon.exe:*:enabled:eTrust Antivirus - Realtime monitor
"C:\Programme\CA\eTrust Antivirus\InoRpc.exe" = C:\Programme\CA\eTrust Antivirus\InoRpc.exe:*:enabled:eTrust Antivirus - RPC Server
"C:\Programme\Hewlett-Packard\Toolbox\jre\bin\javaw.exe" = C:\Programme\Hewlett-Packard\Toolbox\jre\bin\javaw.exe:*:Disabled:javaw -- ()
"C:\Dokumente und Einstellungen\drs\Lokale Einstellungen\Temp\7zS11.tmp\SymNRT.exe" = C:\Dokumente und Einstellungen\drs\Lokale Einstellungen\Temp\7zS11.tmp\SymNRT.exe:*:Enabled:Norton Removal Tool
"C:\Programme\Google\Google Earth\client\googleearth.exe" = C:\Programme\Google\Google Earth\client\googleearth.exe:*:Enabled:Google Earth -- (Google)
"C:\Programme\Google\Google Earth\plugin\geplugin.exe" = C:\Programme\Google\Google Earth\plugin\geplugin.exe:*:Enabled:Google Earth -- (Google)
"C:\WINDOWS\explorer.exe" = C:\WINDOWS\explorer.exe:*:Disabled:Windows Explorer -- (Microsoft Corporation)
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00030407-78E1-11D2-B60F-006097C998E7}" = Microsoft Office 2000 Small Business
"{048B8DA2-DD68-11D6-B9E5-0040053BA3BA}" = Propeller Scanner
"{0AB76F69-E761-4CFA-B9B0-A1906B4E9E4B}" = WD Diagnostics
"{0BEDBD4E-2D34-47B5-9973-57E62B29307C}" = ATI Control Panel
"{1030DCDC-2425-407d-BEE1-13558B837FCA}" = HP Color LaserJet 2820/2830/2840 2.0
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{18D10072035C4515918F7E37EAFAACFC}" = AutoUpdate
"{1A655D51-1423-48A3-B748-8F5A0BE294C8}" = Microsoft Visual J# .NET Redistributable Package 1.1
"{1AD5F465-8282-4DAD-B957-E09C0B783D18}" = InstantShare
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{20FBC0A0-3160-4F14-83ED-3A74BB6B8C31}" = TrayApp
"{2154375F-A35D-4CB5-A996-3466251F6B3B}" = hpp2800usg
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{2637C347-9DAD-11D6-9EA2-00055D0CA761}" = PowerCinema 3.0
"{295C31E5-3F91-498E-9623-DA24D2FA2B6A}" = T-Online WLAN-Access Finder
"{2E8428AD-6CD2-4031-916A-3CF9BBF2DEC9}" = Unload
"{30C10EE3-EFB3-4B7A-9CDC-50790C2B5200}" = CA Licensing
"{3248F0A8-6813-11D6-A77B-00B0D0150020}" = J2SE Runtime Environment 5.0 Update 2
"{350C97B3-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3C907932-0AA6-46E9-A6FA-86FE4DD62EE9}" = Digital MP3 Music Player
"{3CA9D105-113C-11D8-AB3E-000102B0F79A}" = Readiris Pro 9
"{3D1A6B70-3E02-49BC-88B0-916C80274632}" = Informationen über Ihren PC
"{402C8EC2-DD5C-11D6-B9E5-0040053BA3BA}" = A.C. Calculator
"{43DCF766-6838-4F9A-8C91-D92DA586DFA7}" = Microsoft Windows-Journal-Viewer
"{5421155F-B033-49DB-9B33-8F80F233D4D5}" = GdiplusUpgrade
"{55508A44-8225-47AB-9666-1F57A5B5CE2E}" = CP_PLSBusinessFlyers
"{59073DF9-3D3D-4FFC-AF41-C2C268A1A31E}" = hppTooCool
"{5A3C1721-F8ED-11E0-8AFB-B8AC6F97B88E}" = Google Earth
"{606E5C0D-6039-42A7-988E-9D51DE773AFF}" = hppFonts
"{644D04A2-C682-4FD5-977D-03B804C4B9C5}" = CreativeProjects
"{646A65DD-23FC-418E-B9F0-E0500FB42CB1}" = PhotoGallery
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD
"{688EC50D-0155-4490-8DBF-686CD3B2893F}" = hppScanTo
"{68963635-14A4-48D9-B431-DF3A74D1AAE1}" = Destinations
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{6E66ECBD-FCA7-4AE1-A8C5-1CA78BEEB057}" = Multimedia Keyboard Driver
"{700A6597-3CE6-49C1-AA75-846B24CDA66D}" = BufferChm
"{74E5E862-F1FF-412B-B824-9582ED7DE84A}" = hppSendFax
"{76EFFC7C-17A6-479D-9E47-8E658C1695AE}" = Windows-Sicherungsprogramm
"{7AD25C9F-9957-4D1C-95EF-9BCD09F6D31B}" = HPSystemDiagnostics
"{7B63B2922B174135AFC0E1377DD81EC2}" = DivX Pro
"{7D7F2CB5-F9A4-4E86-853D-1BADD936DDAD}" = hppscan2800
"{8043D1B8-81AE-4597-AAA8-1E1F49D6E4DF}" = hppManuals2800
"{84CDF5A8-1D57-4B69-BAB6-1F11D8923375}" = SkinsHP1
"{851D5410-0851-46F0-8836-74E0D8D20196}" = hppDustDevil
"{86D4B82A-ABED-442A-BE86-96357B70F4FE}" = Ask Toolbar
"{8777AC6D-89F9-4793-8266-DE406F343E89}" = QFolder
"{8ADFC4160D694100B5B8A22DE9DCABD9}" = DivX Player
"{8B2EF64A-1D1F-4AD8-91BF-7B5F1BC36E00}" = hppFaxDrv
"{8BC3B99B-A6BE-4A0B-8535-B1B94BA4B1B1}" = DocProc
"{8EF1122E-E90C-4EE9-AB0C-7FDE2BA42C26}" = Musicmatch® Jukebox
"{90120000-0020-0407-0000-0000000FF1CE}" = Compatibility Pack für 2007 Office System
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{A28F43DA-258F-42EC-9C95-E6C9A7475670}" = hppIOFiles
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{ABEB838C-A1A7-4C5D-B7E1-8B4314600777}" = MSN Messenger 7.0
"{AC76BA86-7AD7-1031-7B44-A70900000002}" = Adobe Reader 7.0.9 - Deutsch
"{AC76BA86-7AD7-5464-3428-7050000000A7}" = Adobe Reader 7.0.5 Language Support
"{B1275E23-717A-4D52-997A-1AD1E24BC7F3}" = T-Online 6.0
"{B7A0CE06-068E-11D6-97FD-0050BACBF861}" = PowerProducer
"{B911B811-BA3E-46D4-90F8-6F3338359651}" = Director
"{BD29EBAC-AD7D-4b27-B727-4CC6AC52D36B}" = MarketResearch
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C3E6DC57-473A-4424-9617-AF60BA8403C3}" = hppCLJ2800
"{C7340571-7773-4A8C-9EBC-4E4243B38C76}" = Microsoft XML Parser
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CB84F0F2-927B-458D-9DC5-87832E3DC653}" = GearDrvs
"{CD95F661-A5C4-44F5-A6AA-ECDD91C240B5}" = WinZip 11.1
"{CDFCF124-115F-4976-8BF4-08C89187A146}" = WebReg
"{CE0C8CC5-E396-442B-A50E-D1D374A9E820}" = DocumentViewer
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{DAEAFD68-BB4A-4507-A241-C8804D2EA66D}" = Apple Application Support
"{DDC63227-BA06-4855-B002-BDB49E9F677E}" = Symantec Technical Support Web Controls
"{DFAA3D2B-7087-464E-823B-738A23C29C27}" = Microsoft Visual J# 2.0 Redistributable Package - SE
"{E7004147-2CCA-431C-AA05-2AB166B9785D}" = QuickTime
"{E78BFA60-5393-4C38-82AB-E8019E464EB4}" = Microsoft .NET Framework 1.1 German Language Pack
"{EA1CB7AC-E221-4822-A789-0ADB051DC498}" = Generic USB CardReader 2.0
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{FCE65C4E-B0E8-4FBD-AD16-EDCBE6CD591F}" = HighMAT-Erweiterung für den Microsoft Windows XP-Assistenten zum Schreiben von CDs
"{FE3F3C9B-2C29-4FEE-A74F-11E436729F2C}" = Scan
"{FE57DE70-95DE-4B64-9266-84DA811053DB}" = HP Update
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"All ATI Software" = ATI - Dienstprogramm zur Deinstallation der Software
"ATI Display Driver" = ATI Display Driver
"AutoCAD R14.0 - Deutsch Deinstaller" = AutoCAD R14.0 - Deutsch
"AutumnMahjongg_is1" = AutumnMahjongg
"Biet-O-Matic v2.12.6" = Biet-O-Matic v2.12.6
"CCleaner" = CCleaner (remove only)
"C-Media Audio Driver" = C-Media High Definition Audio Driver
"Combat Flight Simulator 1.00" = Microsoft Combat Flight Simulator
"Combat Flight Simulator 2.0" = Microsoft Combat Flight Simulator 2
"Creatix V.92 Data Fax Modem" = Creatix V.92 Data Fax Modem
"CTV Blitz - Training Windows XP" = CTV Blitz - Training Windows XP
"Flight Simulator 9.0" = Microsoft Flight Simulator 2004 - Das Jahrhundert der Luftfahrt
"FMS" = FMS
"Google Chrome" = Google Chrome
"Google Updater" = Google Updater
"HP Photo & Imaging" = HP Image Zone 4.7
"HPExtendedCapabilities" = HP Extended Capabilities 4.7
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie7" = Windows Internet Explorer 7
"ie8" = Windows Internet Explorer 8
"Macromedia Shockwave Player" = Macromedia Shockwave Player
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.61.0.1400
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft Visual J# 2.0 Redistributable Package - SE" = Microsoft Visual J# 2.0 Redistributable Package - SE
"Mozilla Firefox 10.0.2 (x86 de)" = Mozilla Firefox 10.0.2 (x86 de)
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"MSNINST" = MSN
"NeroMultiInstaller!UninstallKey" = Nero Suite
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"Picasa2" = Picasa 2
"RealPlayer 6.0" = RealPlayer
"Schiffe versenken" = Schiffe versenken
"ST6UNST #1" = Silencer Analysis Application
"StreetPlugin" = Learn2 Player (Uninstall Only)
"Tipptrainer" = Tipptrainer Gold
"Toolbar Uninstaller_is1" = Toolbar Uninstaller 1.0.0.1
"TrojanHunter_is1" = TrojanHunter 5.5
"ViewpointMediaPlayer" = Viewpoint Media Player
"VN_VUIns_Rhine_VIA" = VIA Rhine-Family Fast Ethernet Adapter
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"X10Hardware" = X10 Hardware(TM)
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{79A765E1-C399-405B-85AF-466F52E918B0}" = Avira SearchFree Toolbar plus Web Protection Updater
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\drs_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
< End of report >
|
OTLPENet.exe von OldTimer herunter und speichere sie auf Deinem Desktop. Anmerkung: Die Datei ist ca. 120 MB groß und es wird bei langsamer Internet-Verbindung ein wenig dauern, bis Du sie runtergeladen hast.