so malwarebytes is durch. Code:
OTL logfile created on: 16.08.2010 21:45:37 - Run 1
OTL by OldTimer - Version 3.2.10.0 Folder = C:\Users\Rico Teube\Downloads
64bit- Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
4,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 42,00% Memory free
8,00 Gb Paging File | 5,00 Gb Available in Paging File | 68,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 465,66 Gb Total Space | 407,21 Gb Free Space | 87,45% Space Free | Partition Type: NTFS
Drive D: | 7,39 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
Drive E: | 59,31 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: RICOTEUBE-LAPPI
Current User Name: Rico Teube
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Include 64bit Scans
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal
========== Processes (SafeList) ==========
PRC - C:\Users\Rico Teube\Downloads\OTL.exe (OldTimer Tools)
PRC - C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe (Mozilla Corporation)
PRC - C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve Corporation)
PRC - C:\Program Files (x86)\Steam\steam.exe (Valve Corporation)
PRC - C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe (Mozilla Messaging)
PRC - C:\Programme\Alwil Software\Avast5\AvastUI.exe (AVAST Software)
PRC - C:\Programme\Alwil Software\Avast5\AvastSvc.exe (AVAST Software)
PRC - C:\Programme\Alwil Software\Avast5\afwServ.exe (AVAST Software)
PRC - C:\Windows\SysWOW64\PnkBstrB.exe ()
PRC - C:\Windows\SysWOW64\PnkBstrA.exe ()
PRC - C:\Program Files (x86)\TeamViewer\Version5\TeamViewer_Service.exe (TeamViewer GmbH)
PRC - C:\Program Files (x86)\1&1\1&1 EasyLogin\EasyLogin.exe (1&1 Internet AG)
PRC - C:\Programme\Logitech\SetPoint\x86\SetPoint32.exe ()
PRC - C:\Program Files (x86)\Vodafone\Vodafone Mobile Connect\Bin\MobileConnect.EXE (Vodafone)
PRC - C:\Program Files (x86)\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe (Vodafone)
PRC - C:\Windows\BisonCam\BisonAPP.exe (Bison Inc.)
PRC - C:\Program Files (x86)\Common Files\Hornet\SkipWHQL.exe (Alcor Micro, Corp.)
PRC - C:\Program Files (x86)\Common Files\Hornet\MntrHrnt.exe (Alcor Micro, Corp.)
========== Modules (SafeList) ==========
MOD - C:\Users\Rico Teube\Downloads\OTL.exe (OldTimer Tools)
MOD - C:\Windows\SysWOW64\msscript.ocx (Microsoft Corporation)
MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc\comctl32.dll (Microsoft Corporation)
========== Win32 Services (SafeList) ==========
SRV:64bit: - (PnkBstrB) -- C:\Windows\SysNative\PnkBstrB.exe File not found
SRV:64bit: - (PnkBstrA) -- C:\Windows\SysNative\PnkBstrA.exe File not found
SRV:64bit: - (avast! Web Scanner) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe (AVAST Software)
SRV:64bit: - (avast! Mail Scanner) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe (AVAST Software)
SRV:64bit: - (avast! Antivirus) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe (AVAST Software)
SRV:64bit: - (avast! Firewall) -- C:\Program Files\Alwil Software\Avast5\afwServ.exe (AVAST Software)
SRV:64bit: - (Microsoft SharePoint Workspace Audit Service) -- C:\Program Files\Microsoft Office\Office14\GROOVE.EXE (Microsoft Corporation)
SRV:64bit: - (ose64) -- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE (Microsoft Corporation)
SRV:64bit: - (UmRdpService) -- C:\Windows\SysNative\umrdp.dll (Microsoft Corporation)
SRV:64bit: - (PeerDistSvc) -- C:\Windows\SysNative\PeerDistSvc.dll (Microsoft Corporation)
SRV:64bit: - (CscService) -- C:\Windows\SysNative\cscsvc.dll (Microsoft Corporation)
SRV:64bit: - (AppMgmt) -- C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
SRV - (Steam Client Service) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve Corporation)
SRV - (PnkBstrB) -- C:\Windows\SysWOW64\PnkBstrB.exe ()
SRV - (PnkBstrA) -- C:\Windows\SysWOW64\PnkBstrA.exe ()
SRV - (TeamViewer5) -- C:\Program Files (x86)\TeamViewer\Version5\TeamViewer_Service.exe (TeamViewer GmbH)
SRV - (VMCService) -- C:\Program Files (x86)\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe (Vodafone)
========== Driver Services (SafeList) ==========
DRV:64bit: - (SANDRA) -- C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2010.SP1d\WNt500x64\Sandra.sys File not found
DRV:64bit: - (aswMonFlt) -- C:\Windows\SysNative\drivers\aswMonFlt.sys (ALWIL Software)
DRV:64bit: - (aswNdis) -- C:\Windows\SysNative\drivers\aswNdis.sys (ALWIL Software)
DRV:64bit: - (RTL8167) -- C:\Windows\SysNative\drivers\Rt64win7.sys (Realtek )
DRV:64bit: - (smserial) -- C:\Windows\SysNative\drivers\smserial.sys (Motorola Inc.)
DRV:64bit: - (FTDIBUS) -- C:\Windows\SysNative\drivers\ftdibus.sys (FTDI Ltd.)
DRV:64bit: - (FTSER2K) -- C:\Windows\SysNative\drivers\ftser2k.sys (FTDI Ltd.)
DRV:64bit: - (BthAvrcp) -- C:\Windows\SysNative\drivers\BthAvrcp.sys (CSR, plc)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (MODEMCSA) -- C:\Windows\SysNative\drivers\MODEMCSA.sys (Microsoft Corporation)
DRV:64bit: - (CSC) -- C:\Windows\SysNative\drivers\csc.sys (Microsoft Corporation)
DRV:64bit: - (LMouFilt) -- C:\Windows\SysNative\drivers\LMouFilt.Sys (Logitech, Inc.)
DRV:64bit: - (LHidFilt) -- C:\Windows\SysNative\drivers\LHidFilt.Sys (Logitech, Inc.)
DRV:64bit: - (Ntfs) -- C:\Windows\SysNative\wbem\ntfs.mof ()
DRV:64bit: - (netw5v64) Intel(R) -- C:\Windows\SysNative\drivers\netw5v64.sys (Intel Corporation)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV:64bit: - (SiFilter) -- C:\Windows\SysNative\drivers\SiWinAcc.sys (Silicon Image, Inc.)
DRV:64bit: - (SiRemFil) -- C:\Windows\SysNative\drivers\SiRemFil.sys (Silicon Image, Inc.)
DRV:64bit: - (Si3531) -- C:\Windows\SysNative\drivers\Si3531.sys (Silicon Image, Inc)
DRV:64bit: - (DRHARD64) -- C:\Windows\SysNative\drivers\DRHARD64.sys (Licensed for Gebhard Software)
DRV:64bit: - (hwdatacard) -- C:\Windows\SysNative\drivers\ewusbmdm.sys (Huawei Technologies Co., Ltd.)
DRV:64bit: - (Cam5603D) -- C:\Windows\SysNative\drivers\BisonCam.sys (Bison Electronics. Inc. )
DRV:64bit: - (WinDriver6) -- C:\Windows\SysNative\drivers\windrvr6.sys (Jungo)
DRV - (DRHARD64) -- C:\Windows\SysWOW64\drivers\DRHARD64.sys (Licensed for Gebhard Software)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.search.openintab: true
FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&type=302398"
FF - prefs.js..browser.search.selectedEngine: "qtl"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..extensions.enabledItems: DeviceDetection@logitech.com:1.0.176.0
FF - prefs.js..extensions.enabledItems: {dc572301-7619-498c-a57d-39143191b318}:0.3.8.4
FF - prefs.js..extensions.enabledItems: {a7c6cf7f-112c-4500-a7ea-39801a327e5f}:1.0.9
FF - prefs.js..extensions.enabledItems: {D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}:0.9.7
FF - prefs.js..extensions.enabledItems: {9AA46F4F-4DC7-4c06-97AF-5035170634FE}:3.3.3
FF - prefs.js..extensions.enabledItems: {19503e42-ca3c-4c27-b1e2-9cdb2170ee34}:1.2.1.29
FF - prefs.js..extensions.enabledItems: {1BC9BA34-1EED-42ca-A505-6D2F1A935BBB}:2.5.10.1
FF - prefs.js..extensions.enabledItems: {35106bca-6c78-48c7-ac28-56df30b51d2b}:1.1.12
FF - prefs.js..extensions.enabledItems: de_DE@dicts.j3e.de:20100720
FF - prefs.js..extensions.enabledItems: {73a6fe31-595d-460b-a920-fcc0f8843232}:2.0.1
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {1280606b-2510-4fe0-97ef-9b5a22eafe30}:0.6.8.3
FF - prefs.js..extensions.enabledItems: {ef62e1ce-d2a4-4cdd-b7ec-92b120366b66}:2.6.5
FF - HKLM\software\mozilla\Firefox\Extensions\\FFToolbar@bitdefender.com: C:\Program Files\BitDefender\BitDefender 2010\bdaphffext\
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.8\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2010.08.01 06:03:11 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.8\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2010.08.09 18:42:42 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Thunderbird 3.0.6\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components [2010.07.24 09:47:49 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Thunderbird 3.0.6\extensions\\Plugins: C:\Program Files (x86)\Mozilla Thunderbird\plugins
FF - HKLM\software\mozilla\Thunderbird\Extensions\\bdThunderbird@bitdefender.com: C:\Program Files\BitDefender\BitDefender 2010\bdtbext\
[2010.05.12 17:15:52 | 000,000,000 | ---D | M] -- C:\Users\Rico Teube\AppData\Roaming\mozilla\Extensions
[2010.05.12 17:15:52 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Rico Teube\AppData\Roaming\mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}
[2010.08.13 08:55:56 | 000,000,000 | ---D | M] -- C:\Users\Rico Teube\AppData\Roaming\mozilla\Firefox\Profiles\75667r69.default\extensions
[2010.08.13 08:55:41 | 000,000,000 | ---D | M] (Session Manager) -- C:\Users\Rico Teube\AppData\Roaming\mozilla\Firefox\Profiles\75667r69.default\extensions\{1280606b-2510-4fe0-97ef-9b5a22eafe30}
[2010.08.13 08:55:41 | 000,000,000 | ---D | M] (FlashGot) -- C:\Users\Rico Teube\AppData\Roaming\mozilla\Firefox\Profiles\75667r69.default\extensions\{19503e42-ca3c-4c27-b1e2-9cdb2170ee34}
[2010.05.25 14:50:55 | 000,000,000 | ---D | M] (IE Tab 2 (FF 3.6+)) -- C:\Users\Rico Teube\AppData\Roaming\mozilla\Firefox\Profiles\75667r69.default\extensions\{1BC9BA34-1EED-42ca-A505-6D2F1A935BBB}
[2010.05.12 23:26:31 | 000,000,000 | ---D | M] (WindowsUpdate) -- C:\Users\Rico Teube\AppData\Roaming\mozilla\Firefox\Profiles\75667r69.default\extensions\{35106bca-6c78-48c7-ac28-56df30b51d2b}
[2010.08.13 08:55:41 | 000,000,000 | ---D | M] (NoScript) -- C:\Users\Rico Teube\AppData\Roaming\mozilla\Firefox\Profiles\75667r69.default\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}
[2010.08.13 08:55:41 | 000,000,000 | ---D | M] (ReloadEvery) -- C:\Users\Rico Teube\AppData\Roaming\mozilla\Firefox\Profiles\75667r69.default\extensions\{888d99e7-e8b5-46a3-851e-1ec45da1e644}
[2010.05.12 23:26:31 | 000,000,000 | ---D | M] (ImTranslator) -- C:\Users\Rico Teube\AppData\Roaming\mozilla\Firefox\Profiles\75667r69.default\extensions\{9AA46F4F-4DC7-4c06-97AF-5035170634FE}
[2010.08.13 08:55:41 | 000,000,000 | ---D | M] (FireFTP) -- C:\Users\Rico Teube\AppData\Roaming\mozilla\Firefox\Profiles\75667r69.default\extensions\{a7c6cf7f-112c-4500-a7ea-39801a327e5f}
[2010.08.13 08:55:40 | 000,000,000 | ---D | M] (Download Statusbar) -- C:\Users\Rico Teube\AppData\Roaming\mozilla\Firefox\Profiles\75667r69.default\extensions\{D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}
[2010.08.13 08:55:40 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Rico Teube\AppData\Roaming\mozilla\Firefox\Profiles\75667r69.default\extensions\{dc572301-7619-498c-a57d-39143191b318}
[2010.06.19 10:13:05 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Rico Teube\AppData\Roaming\mozilla\Firefox\Profiles\75667r69.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}
[2010.08.13 08:55:40 | 000,000,000 | ---D | M] (FoxLingo) -- C:\Users\Rico Teube\AppData\Roaming\mozilla\Firefox\Profiles\75667r69.default\extensions\{ef62e1ce-d2a4-4cdd-b7ec-92b120366b66}
[2010.08.13 08:55:41 | 000,000,000 | ---D | M] -- C:\Users\Rico Teube\AppData\Roaming\mozilla\Firefox\Profiles\75667r69.default\extensions\de_DE@dicts.j3e.de
[2010.05.12 17:21:31 | 000,000,000 | ---D | M] -- C:\Users\Rico Teube\AppData\Roaming\mozilla\Firefox\Profiles\75667r69.default\extensions\DeviceDetection@logitech.com
[2010.05.16 22:45:47 | 000,000,000 | ---D | M] -- C:\Users\Rico Teube\AppData\Roaming\mozilla\Firefox\Profiles\75667r69.default\extensions\qtl.co.il@gmail.com
[2010.08.13 08:55:41 | 000,000,000 | ---D | M] -- C:\Users\Rico Teube\AppData\Roaming\mozilla\Firefox\Profiles\75667r69.default\extensions\staged-xpis
[2010.08.01 22:43:21 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\mozilla firefox\extensions
[2010.05.12 20:24:33 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010.05.12 20:24:17 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll
[2010.04.01 18:54:38 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2010.04.01 18:54:38 | 000,002,344 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2010.04.01 18:54:38 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2010.04.01 18:54:38 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2010.04.01 18:54:38 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
O1 HOSTS File: ([2009.06.10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Programme\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2:64bit: - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Programme\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [BCSSync] C:\Program Files\Microsoft Office\Office14\BCSSync.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [BisonAPP] C:\Windows\BisonCam\BisonAPP.exe (Bison Inc.)
O4:64bit: - HKLM..\Run: [Kernel and Hardware Abstraction Layer] C:\Windows\KHALMNPR.Exe (Logitech, Inc.)
O4:64bit: - HKLM..\Run: [NvCplDaemon] C:\Windows\SysNative\NvCpl.DLL (NVIDIA Corporation)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [SMSERIAL] C:\Programme\Motorola\SMSERIAL\sm56hlpr.exe (Motorola Inc.)
O4 - HKLM..\Run: [avast5] C:\Program Files\Alwil Software\Avast5\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [HornetMonitor] C:\Program Files (x86)\Common Files\Hornet\MntrHrnt.exe (Alcor Micro, Corp.)
O4 - HKLM..\Run: [MobileConnect] C:\Program Files (x86)\Vodafone\Vodafone Mobile Connect\Bin\MobileConnect.exe (Vodafone)
O4 - HKCU..\Run: [1&1 EasyLogin] C:\Program Files (x86)\1&1\1&1 EasyLogin\EasyLogin.exe (1&1 Internet AG)
O4 - HKCU..\Run: [HijackThis startup scan] C:\Program Files (x86)\Trend Micro\HijackThis\HijackThis.exe (Trend Micro Inc.)
O4 - HKCU..\Run: [Steam] C:\Program Files (x86)\Steam\Steam.exe (Valve Corporation)
O4 - Startup: C:\Users\Rico Teube\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk = C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8:64bit: - Extra context menu item: An OneNote s&enden - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O8:64bit: - Extra context menu item: Nach Microsoft E&xcel exportieren - C:\Programme\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: An OneNote s&enden - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O8 - Extra context menu item: Nach Microsoft E&xcel exportieren - C:\Programme\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
O9:64bit: - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra Button: Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {3860DD98-0549-4D50-AA72-5D17D200EE10} hxxp://cdn.scan.onecare.live.com/resource/download/scanner/de-de/wlscctrl2.cab (Windows Live OneCare safety scanner control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Reg Error: Key error. File not found
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O18:64bit: - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysWow64\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O28:64bit: - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Programme\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010.04.26 09:07:10 | 000,000,070 | R--- | M] () - C:\autorun.inf -- [ NTFS ]
O32 - AutoRun File - [2008.03.13 22:39:50 | 000,000,070 | R--- | M] () - E:\Autorun.inf -- [ CDFS ]
O33 - MountPoints2\{62e19084-86a6-11df-b4ca-001060d14c30}\Shell - "" = AutoRun
O33 - MountPoints2\{62e19084-86a6-11df-b4ca-001060d14c30}\Shell\AutoRun\command - "" = E:\setup.exe -- [2008.03.13 20:33:06 | 000,323,584 | R--- | M] (Vodafone)
O33 - MountPoints2\{62e1908a-86a6-11df-b4ca-001060d14c30}\Shell - "" = AutoRun
O33 - MountPoints2\{62e1908a-86a6-11df-b4ca-001060d14c30}\Shell\AutoRun\command - "" = E:\setup.exe -- [2008.03.13 20:33:06 | 000,323,584 | R--- | M] (Vodafone)
O33 - MountPoints2\{62e19349-86a6-11df-b4ca-001060d14c30}\Shell - "" = AutoRun
O33 - MountPoints2\{62e19349-86a6-11df-b4ca-001060d14c30}\Shell\AutoRun\command - "" = E:\setup.exe -- [2008.03.13 20:33:06 | 000,323,584 | R--- | M] (Vodafone)
O33 - MountPoints2\{62e1934c-86a6-11df-b4ca-001060d14c30}\Shell - "" = AutoRun
O33 - MountPoints2\{62e1934c-86a6-11df-b4ca-001060d14c30}\Shell\AutoRun\command - "" = E:\setup.exe -- [2008.03.13 20:33:06 | 000,323,584 | R--- | M] (Vodafone)
O33 - MountPoints2\{62e1936e-86a6-11df-b4ca-001060d14c30}\Shell - "" = AutoRun
O33 - MountPoints2\{62e1936e-86a6-11df-b4ca-001060d14c30}\Shell\AutoRun\command - "" = E:\setup.exe -- [2008.03.13 20:33:06 | 000,323,584 | R--- | M] (Vodafone)
O33 - MountPoints2\{62e19371-86a6-11df-b4ca-001060d14c30}\Shell - "" = AutoRun
O33 - MountPoints2\{62e19371-86a6-11df-b4ca-001060d14c30}\Shell\AutoRun\command - "" = E:\setup.exe -- [2008.03.13 20:33:06 | 000,323,584 | R--- | M] (Vodafone)
O33 - MountPoints2\E\Shell - "" = AutoRun
O33 - MountPoints2\E\Shell\AutoRun\command - "" = E:\setup.exe -- [2008.03.13 20:33:06 | 000,323,584 | R--- | M] (Vodafone)
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 30 Days ==========
[2010.08.16 04:07:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MSXML 4.0
[2010.08.15 23:20:14 | 000,000,000 | ---D | C] -- C:\Users\Rico Teube\Desktop\dokumente
[2010.08.15 20:15:53 | 000,000,000 | ---D | C] -- C:\Users\Rico Teube\Desktop\Keys Underword Fausto Ipnosys 02.08.2010
[2010.08.15 20:07:15 | 000,000,000 | ---D | C] -- C:\Users\Rico Teube\Desktop\DiabloKeyFreaker
[2010.08.15 18:07:54 | 000,285,696 | ---- | C] (Jungo) -- C:\Windows\SysNative\drivers\windrvr6.sys
[2010.08.15 17:45:12 | 000,102,400 | ---- | C] (Jungo) -- C:\Windows\SysWow64\wdapi901.dll
[2010.08.15 17:44:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Duolabs
[2010.08.15 17:43:18 | 000,000,000 | ---D | C] -- C:\Windows\Downloaded Installations
[2010.08.15 17:36:09 | 020,297,349 | ---- | C] (Duolabs ) -- C:\Users\Rico Teube\Desktop\CIS871.exe
[2010.08.15 12:55:00 | 000,035,892 | ---- | C] (Prolific Technology Inc.) -- C:\Windows\SysWow64\SER9PL.sys
[2010.08.15 12:46:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Unknown Device Identifier
[2010.08.15 12:18:07 | 000,000,000 | ---D | C] -- C:\Programme\KermWin
[2010.08.15 11:51:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Hornet
[2010.08.14 18:18:49 | 000,000,000 | ---D | C] -- C:\Users\Rico Teube\AppData\Local\Unattneded
[2010.08.14 18:14:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AAF Recovery tool AT700
[2010.08.12 18:21:54 | 005,507,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2010.08.12 18:21:54 | 003,955,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
[2010.08.12 18:21:54 | 003,899,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe
[2010.08.12 18:21:39 | 000,256,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll
[2010.08.12 18:21:39 | 000,185,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll
[2010.08.12 18:21:38 | 000,247,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2010.08.12 18:21:38 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2010.08.12 18:21:38 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe
[2010.08.12 18:21:38 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe
[2010.08.12 18:21:16 | 000,052,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rtutils.dll
[2010.08.12 18:21:16 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rtutils.dll
[2010.08.12 18:21:15 | 000,082,944 | ---- | C] (Radius Inc.) -- C:\Windows\SysWow64\iccvid.dll
[2010.07.31 18:36:42 | 000,000,000 | ---D | C] -- C:\Users\Rico Teube\Documents\Sniper - Ghost Warrior
[2010.07.25 10:49:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Steam
[2010.07.25 10:49:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Steam
[2010.07.25 01:20:19 | 000,000,000 | ---D | C] -- C:\ProgramData\eMule
[2010.07.25 01:18:06 | 000,000,000 | ---D | C] -- C:\Users\Rico Teube\AppData\Local\eMule
[2010.07.25 01:18:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\eMule
[2010.07.24 19:50:47 | 000,020,048 | ---- | C] (ALWIL Software) -- C:\Windows\SysNative\drivers\aswFsBlk.sys
[2010.07.24 19:50:46 | 000,121,936 | ---- | C] (ALWIL Software) -- C:\Windows\SysNative\drivers\aswSP.sys
[2010.07.24 19:50:44 | 000,432,720 | ---- | C] (ALWIL Software) -- C:\Windows\SysNative\drivers\aswSnx.sys
[2010.07.24 19:50:41 | 000,124,496 | ---- | C] (ALWIL Software) -- C:\Windows\SysNative\drivers\aswFW.sys
[2010.07.24 19:50:09 | 000,250,448 | ---- | C] (ALWIL Software) -- C:\Windows\SysNative\drivers\aswNdis2.sys
[2010.07.24 19:50:08 | 000,028,752 | ---- | C] (ALWIL Software) -- C:\Windows\SysNative\drivers\aswRdr.sys
[2010.07.24 19:50:02 | 000,051,280 | ---- | C] (ALWIL Software) -- C:\Windows\SysNative\drivers\aswTdi.sys
[2010.07.24 19:49:52 | 000,061,008 | ---- | C] (ALWIL Software) -- C:\Windows\SysNative\drivers\aswMonFlt.sys
[2010.07.24 19:49:14 | 000,165,032 | ---- | C] (AVAST Software) -- C:\Windows\SysWow64\aswBoot.exe
[2010.07.24 19:49:14 | 000,038,848 | ---- | C] (ALWIL Software) -- C:\Windows\avastSS.scr
[2010.07.24 19:49:14 | 000,012,368 | ---- | C] (ALWIL Software) -- C:\Windows\SysNative\drivers\aswNdis.sys
[2010.07.24 19:49:10 | 000,000,000 | ---D | C] -- C:\Programme\Alwil Software
[2010.07.24 19:49:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Alwil Software
[3 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
[3 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[1 C:\*.tmp files -> C:\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2010.08.16 21:48:10 | 002,359,296 | -HS- | M] () -- C:\Users\Rico Teube\NTUSER.DAT
[2010.08.16 20:22:22 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010.08.16 12:47:02 | 001,472,002 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2010.08.16 12:47:02 | 000,643,866 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2010.08.16 12:47:02 | 000,607,190 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2010.08.16 12:47:02 | 000,126,394 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2010.08.16 12:47:02 | 000,103,568 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2010.08.15 20:28:01 | 000,001,282 | ---- | M] () -- C:\Users\Rico Teube\Desktop\DiabloKeyFreaker 1.3 - Verknüpfung.lnk
[2010.08.15 18:02:52 | 000,002,039 | ---- | M] () -- C:\Users\Public\Desktop\Cas Interface Studio 8.7.1.lnk
[2010.08.15 18:01:43 | 000,015,104 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2010.08.15 18:01:43 | 000,015,104 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2010.08.15 18:00:44 | 000,190,419 | ---- | M] () -- C:\Users\Rico Teube\Documents\cas fehler.png
[2010.08.15 12:46:39 | 000,001,107 | ---- | M] () -- C:\Users\Rico Teube\Desktop\Unknown Device Identifier.lnk
[2010.08.15 12:34:51 | 000,001,488 | ---- | M] () -- C:\Users\Rico Teube\Desktop\putty - Verknüpfung.lnk
[2010.08.15 12:18:23 | 000,000,984 | ---- | M] () -- C:\Users\Rico Teube\Desktop\Kermit.lnk
[2010.08.14 18:14:04 | 000,001,087 | ---- | M] () -- C:\Users\Rico Teube\Desktop\AAF Recovery tool.lnk
[2010.08.14 03:30:34 | 000,000,036 | ---- | M] () -- C:\Users\Rico Teube\AppData\Local\housecall.guid.cache
[2010.08.14 03:28:48 | 000,002,999 | ---- | M] () -- C:\Users\Rico Teube\Desktop\HiJackThis.lnk
[2010.08.13 03:20:48 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2010.08.13 03:20:33 | 000,414,968 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2010.08.13 03:20:08 | 3219,988,480 | -HS- | M] () -- C:\hiberfil.sys
[2010.08.13 03:19:05 | 000,938,792 | -H-- | M] () -- C:\Users\Rico Teube\AppData\Local\IconCache.db
[2010.08.08 17:02:30 | 000,000,604 | ---- | M] () -- C:\Windows\Sof2.INI
[2010.08.06 18:11:02 | 000,078,974 | ---- | M] () -- C:\Users\Rico Teube\Documents\MitteilungRufnummernTelefonwerbung.pdf
[2010.07.29 08:30:34 | 000,082,944 | ---- | M] (Radius Inc.) -- C:\Windows\SysWow64\iccvid.dll
[2010.07.25 18:36:03 | 000,000,221 | ---- | M] () -- C:\Users\Rico Teube\Desktop\Sniper Ghost Warrior.url
[2010.07.25 18:17:14 | 000,000,917 | ---- | M] () -- C:\Users\Public\Desktop\Steam.lnk
[2010.07.25 01:18:14 | 000,001,003 | ---- | M] () -- C:\Users\Public\Desktop\eMule.lnk
[2010.07.24 19:50:47 | 000,001,852 | ---- | M] () -- C:\Users\Public\Desktop\avast! Internet Security.lnk
[2010.07.24 19:49:52 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\config.nt
[2010.07.24 11:45:39 | 002,055,680 | ---- | M] () -- C:\Users\Public\Documents\Mappe1.xls
[2010.07.22 19:44:02 | 000,000,052 | ---- | M] () -- C:\Windows\SysNative\ashttpstats.csv
[2010.07.19 14:48:22 | 000,108,824 | ---- | M] () -- C:\Users\Rico Teube\AppData\Local\GDIPFONTCACHEV1.DAT
[2010.07.19 10:36:41 | 000,024,581 | ---- | M] () -- C:\Windows\KernelMessage
[2010.07.18 16:14:44 | 001,878,589 | ---- | M] () -- C:\Users\Public\Documents\Mappe1.xlsx
[3 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
[3 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[1 C:\*.tmp files -> C:\*.tmp -> ]
========== Files Created - No Company Name ==========
[2010.08.15 20:28:01 | 000,001,282 | ---- | C] () -- C:\Users\Rico Teube\Desktop\DiabloKeyFreaker 1.3 - Verknüpfung.lnk
[2010.08.15 18:00:44 | 000,190,419 | ---- | C] () -- C:\Users\Rico Teube\Documents\cas fehler.png
[2010.08.15 17:44:06 | 000,002,039 | ---- | C] () -- C:\Users\Public\Desktop\Cas Interface Studio 8.7.1.lnk
[2010.08.15 12:55:00 | 000,026,719 | ---- | C] () -- C:\Windows\SysWow64\SERSPL.VXD
[2010.08.15 12:46:39 | 000,001,107 | ---- | C] () -- C:\Users\Rico Teube\Desktop\Unknown Device Identifier.lnk
[2010.08.15 12:34:51 | 000,001,488 | ---- | C] () -- C:\Users\Rico Teube\Desktop\putty - Verknüpfung.lnk
[2010.08.15 12:18:23 | 000,000,984 | ---- | C] () -- C:\Users\Rico Teube\Desktop\Kermit.lnk
[2010.08.14 18:14:04 | 000,001,087 | ---- | C] () -- C:\Users\Rico Teube\Desktop\AAF Recovery tool.lnk
[2010.08.14 03:30:34 | 000,000,036 | ---- | C] () -- C:\Users\Rico Teube\AppData\Local\housecall.guid.cache
[2010.08.06 18:11:02 | 000,078,974 | ---- | C] () -- C:\Users\Rico Teube\Documents\MitteilungRufnummernTelefonwerbung.pdf
[2010.07.25 18:36:03 | 000,000,221 | ---- | C] () -- C:\Users\Rico Teube\Desktop\Sniper Ghost Warrior.url
[2010.07.25 10:49:15 | 000,000,917 | ---- | C] () -- C:\Users\Public\Desktop\Steam.lnk
[2010.07.25 01:18:14 | 000,001,003 | ---- | C] () -- C:\Users\Public\Desktop\eMule.lnk
[2010.07.24 19:50:47 | 000,001,852 | ---- | C] () -- C:\Users\Public\Desktop\avast! Internet Security.lnk
[2010.07.24 19:49:52 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\config.nt
[2010.06.20 15:56:35 | 000,000,331 | ---- | C] () -- C:\Windows\game.ini
[2010.06.15 12:44:23 | 000,338,944 | ---- | C] () -- C:\Windows\SysWow64\Lffpx7.dll
[2010.06.15 12:44:23 | 000,122,880 | ---- | C] () -- C:\Windows\SysWow64\Lfkodak.dll
[2010.06.15 12:44:23 | 000,088,576 | ---- | C] () -- C:\Windows\SysWow64\Lffpx90n.dll
[2010.06.03 18:44:38 | 000,000,064 | ---- | C] () -- C:\ProgramData\sandra.ldb
[2010.06.03 14:12:50 | 000,015,190 | ---- | C] () -- C:\Windows\M2000Twn.ini
[2010.05.19 14:36:21 | 000,000,604 | ---- | C] () -- C:\Windows\Sof2.INI
[2010.05.13 02:25:03 | 000,000,025 | ---- | C] () -- C:\Users\Rico Teube\AppData\Roaming\bdfvconp.ini
[2010.05.12 15:21:55 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2009.07.14 01:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009.07.13 23:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2008.03.07 16:43:56 | 000,084,734 | R--- | C] () -- C:\ProgramData\DeviceManager.xml.rc4
[2008.03.07 13:47:30 | 000,020,270 | ---- | C] () -- C:\ProgramData\DeviceInstaller.xml
[2007.06.19 08:59:36 | 000,070,400 | ---- | C] () -- C:\Windows\SysWow64\PhysXLoader.dll
[2007.04.20 07:57:30 | 000,053,248 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelTraditionalChinese.dll
[2007.04.20 07:57:28 | 000,053,248 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelSwedish.dll
[2007.04.20 07:57:28 | 000,053,248 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelSpanish.dll
[2007.04.20 07:57:28 | 000,053,248 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelSimplifiedChinese.dll
[2007.04.20 07:57:28 | 000,053,248 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelPortugese.dll
[2007.04.20 07:57:28 | 000,053,248 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelKorean.dll
[2007.04.20 07:57:28 | 000,053,248 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelJapanese.dll
[2007.04.20 07:57:28 | 000,053,248 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelGerman.dll
[2007.04.20 07:57:28 | 000,053,248 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelFrench.dll
< End of report >
Code:
OTL Extras logfile created on: 16.08.2010 21:45:37 - Run 1
OTL by OldTimer - Version 3.2.10.0 Folder = C:\Users\Rico Teube\Downloads
64bit- Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
4,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 42,00% Memory free
8,00 Gb Paging File | 5,00 Gb Available in Paging File | 68,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 465,66 Gb Total Space | 407,21 Gb Free Space | 87,45% Space Free | Partition Type: NTFS
Drive D: | 7,39 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
Drive E: | 59,31 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: RICOTEUBE-LAPPI
Current User Name: Rico Teube
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Include 64bit Scans
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = UltraEdit.html] -- C:\Program Files (x86)\IDM Computer Solutions\UltraEdit\Uedit32.exe (IDM Computer Solutions, Inc.)
.ini [@ = UltraEdit.ini] -- C:\Program Files (x86)\IDM Computer Solutions\UltraEdit\Uedit32.exe (IDM Computer Solutions, Inc.)
.js [@ = UltraEdit.js] -- C:\Program Files (x86)\IDM Computer Solutions\UltraEdit\Uedit32.exe (IDM Computer Solutions, Inc.)
.txt [@ = UltraEdit.txt] -- C:\Program Files (x86)\IDM Computer Solutions\UltraEdit\Uedit32.exe (IDM Computer Solutions, Inc.)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %* File not found
cmdfile [open] -- "%1" %* File not found
comfile [open] -- "%1" %* File not found
exefile [open] -- "%1" %* File not found
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office14\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files\Microsoft Office\Office14\msohtmed.exe" /p %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %* File not found
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1" File not found
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S File not found
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office14\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files\Microsoft Office\Office14\msohtmed.exe" /p %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{0C826C5B-B131-423A-A229-C71B3CACCD6A}" = CDDRV_Installer
"{3D3E663D-4E7E-4577-A560-7ECDDD45548A}" = PVSonyDll
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{90140000-0015-0407-1000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2010
"{90140000-0016-0407-1000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2010
"{90140000-0018-0407-1000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2010
"{90140000-0019-0407-1000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2010
"{90140000-001A-0407-1000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2010
"{90140000-001B-0407-1000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2010
"{90140000-001F-0407-1000-0000000FF1CE}" = Microsoft Office Proof (German) 2010
"{90140000-001F-0409-1000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-040C-1000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-0410-1000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2010
"{90140000-002C-0407-1000-0000000FF1CE}" = Microsoft Office Proofing (German) 2010
"{90140000-0043-0000-1000-0000000FF1CE}" = Microsoft Office Office 32-bit Components 2010
"{90140000-0043-0407-1000-0000000FF1CE}" = Microsoft Office Shared 32-bit MUI (German) 2010
"{90140000-0044-0407-1000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2010
"{90140000-006E-0407-1000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2010
"{90140000-00A1-0407-1000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2010
"{90140000-00BA-0407-1000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2010
"{91140000-0011-0000-1000-0000000FF1CE}" = Microsoft Office Professional Plus 2010
"{B6E3757B-5E77-3915-866A-CCFC4B8D194C}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053
"{EE936C7A-EA40-31D5-9B65-8E3E089C3828}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148
"{F0E2B312-D7FD-4349-A9B6-E90B36DB1BD1}" = Paint.NET v3.5.5
"{F3F18612-7B5D-4C05-86C9-AB50F6F71727}" = KhalInstallWrapper
"0F5C7B3CFC52532DF1B4197D18B194DE5AD05130" = Windows-Treiberpaket - Auto-Intern Virtueller COM-Port-Treiber (02/17/2009 2.04.18)
"11048BF85F94917099C328B5A6204F2805030C64" = Windows-Treiberpaket - Ross-Tech USB Driver Package (05/21/2009 2.04.18)
"947671B77E4C5263102586E2E437A3673CC2795F" = Windows-Treiberpaket - Auto-Intern USB-Treiber (05/21/2009 2.04.18)
"NVIDIA Drivers" = NVIDIA Drivers
"Office14.PROPLUSR" = Microsoft Office Professional Plus 2010
"Recuva" = Recuva
"SMSERIAL" = Motorola SM56 Speakerphone Modem
"Windows Live OneCare safety scanner" = Windows Live OneCare safety scanner
"WinRAR archiver" = WinRAR
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{26A24AE4-039D-4CA4-87B4-2F83216020FF}" = Java(TM) 6 Update 20
"{2BCF80C8-C84F-43C6-A721-8AF93D64EA3D}" = CAS Interface Studio 8.7.1
"{2EA870FA-585F-4187-903D-CB9FFD21E2E0}" = DHTML Editing Component
"{45A66726-69BC-466B-A7A4-12FCBA4883D7}" = HiJackThis
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A57592C-FF92-4083-97A9-92783BD5AFB4}" = Bison WebCam
"{65F1CF63-31E0-450B-96F3-4A88BE7361A6}" = AGEIA PhysX v7.07.09
"{6D8DDB4A-C263-40DE-BA16-AFDAD159D59A}" = Tom Clancy's Splinter Cell Conviction
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{75C73547-240E-4DA1-AB63-58146F377085}" = UltraEdit 16.00
"{7DA64485-2CEE-4F7B-84AB-B287236703B6}" = HERMA Label Designer plus 1.1
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{888F1505-C2B3-4FDE-835D-36353EBD4754}" = Ubisoft Game Launcher
"{8927E07C-97F7-4A54-88FB-D976F50DD46E}" = Turbo Lister 2
"{931C37FC-594D-43A9-B10F-A2F2B1F03498}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{AC76BA86-7AD7-1031-7B44-A93000000001}" = Adobe Reader 9.3.3 - Deutsch
"{B39C475A-77A7-446D-B423-8051E976D910}" = USB to Serial Bridge Controller
"{CD95F661-A5C4-44F5-A6AA-ECDD91C240BB}" = WinZip 14.0
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.2
"{E48469CC-635E-4FD5-A122-1497C286D217}" = Call of Duty(R) 4 - Modern Warfare(TM)
"{ECC3713C-08A4-40E3-95F1-7D0704F1CE5E}" = PL-2303 USB-to-Serial
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F29B21BD-CAA6-445F-8EF7-A7E2B9D8B14E}" = Logitech SetPoint
"{F7C0163D-9CD8-4F5F-BAC8-3E45A0000AFF}" = Vodafone Mobile Connect Lite Huawei
"{FE0646A7-19D0-41B4-A2BB-2C35D644270D}" = Windows Live OneCare safety scanner
"1&1 EasyLogin" = 1&1 EasyLogin
"7-Zip" = 7-Zip 4.65
"AAF Recovery tool AT700_is1" = AAF_Recovery_tool installer V3.1
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Audacity_is1" = Audacity 1.2.6
"avast5" = avast! Internet Security
"CCleaner" = CCleaner
"Dr. Hardware 2010_is1" = Dr. Hardware 2010 10.2d
"eMule" = eMule
"HDClone" = HDClone
"HijackThis" = HijackThis 2.0.2
"InstallShield_{931C37FC-594D-43A9-B10F-A2F2B1F03498}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch
"InstallShield_{B39C475A-77A7-446D-B423-8051E976D910}" = USB to Serial Bridge Controller
"InstallShield_{E48469CC-635E-4FD5-A122-1497C286D217}" = Call of Duty(R) 4 - Modern Warfare(TM)
"Kermit" = Kermit for Windows
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"MozBackup" = MozBackup 1.4.10
"Mozilla Firefox (3.6.8)" = Mozilla Firefox (3.6.8)
"Mozilla Thunderbird (3.0.6)" = Mozilla Thunderbird (3.0.6)
"Steam App 34830" = Sniper: Ghost Warrior
"TeamViewer 5" = TeamViewer 5
"Totalcmd" = Total Commander (Remove or Repair)
"TrueCrypt" = TrueCrypt
"Unknown Device Identifier_is1" = Unknown Device Identifier 7.00
"VLC media player" = VLC media player 1.0.5
"WinRAR archiver" = WinRAR
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 12.08.2010 21:34:24 | Computer Name = RicoTeube-Lappi | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Fehler beim Extrahieren der Drittanbieterstammliste aus der automatischen
Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>.
Fehler: Ein erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum
gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei.
.
Error - 12.08.2010 21:34:24 | Computer Name = RicoTeube-Lappi | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Fehler beim Extrahieren der Drittanbieterstammliste aus der automatischen
Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>.
Fehler: Ein erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum
gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei.
.
Error - 12.08.2010 21:34:25 | Computer Name = RicoTeube-Lappi | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Fehler beim Extrahieren der Drittanbieterstammliste aus der automatischen
Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>.
Fehler: Ein erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum
gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei.
.
Error - 12.08.2010 21:34:25 | Computer Name = RicoTeube-Lappi | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Fehler beim Extrahieren der Drittanbieterstammliste aus der automatischen
Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>.
Fehler: Ein erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum
gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei.
.
Error - 12.08.2010 21:35:23 | Computer Name = RicoTeube-Lappi | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Fehler beim Extrahieren der Drittanbieterstammliste aus der automatischen
Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>.
Fehler: Ein erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum
gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei.
.
Error - 12.08.2010 21:35:23 | Computer Name = RicoTeube-Lappi | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Fehler beim Extrahieren der Drittanbieterstammliste aus der automatischen
Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>.
Fehler: Ein erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum
gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei.
.
Error - 12.08.2010 22:03:31 | Computer Name = RicoTeube-Lappi | Source = SideBySide | ID = 16842815
Description = Fehler beim Generieren des Aktivierungskontextes für "c:\program files
(x86)\mozbackup\dll\DelZip179.dll". Fehler in Manifest- oder Richtliniendatei "c:\program
files (x86)\mozbackup\dll\DelZip179.dll" in Zeile 8. Der Wert "*" des "language"-Attributs
im assemblyIdentity-Element ist ungültig.
Error - 13.08.2010 21:28:47 | Computer Name = RicoTeube-Lappi | Source = Application Hang | ID = 1002
Description = Programm HijackThis.exe, Version 2.0.0.2 kann nicht mehr unter Windows
ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung,
um nach weiteren Informationen zum Problem zu suchen. Prozess-ID: fd0 Startzeit:
01cb3b4e8f83e9d9 Endzeit: 44 Anwendungspfad: C:\Program Files (x86)\Trend Micro\HijackThis\HijackThis.exe
Berichts-ID:
4262f89c-a743-11df-a03b-001060d14c30
Error - 15.08.2010 06:24:57 | Computer Name = RicoTeube-Lappi | Source = MsiInstaller | ID = 1013
Description =
Error - 15.08.2010 06:28:38 | Computer Name = RicoTeube-Lappi | Source = Application Hang | ID = 1002
Description = Programm mmc.exe, Version 6.1.7600.16385 kann nicht mehr unter Windows
ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung,
um nach weiteren Informationen zum Problem zu suchen. Prozess-ID: 3a20 Startzeit:
01cb3c63cf0b2443 Endzeit: 84 Anwendungspfad: C:\Windows\system32\mmc.exe Berichts-ID:
d6ec2e41-a857-11df-a03b-001060d14c30
[ System Events ]
Error - 25.07.2010 04:54:32 | Computer Name = RicoTeube-Lappi | Source = Service Control Manager | ID = 7009
Description = Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst
Steam Client Service erreicht.
Error - 25.07.2010 04:54:32 | Computer Name = RicoTeube-Lappi | Source = Service Control Manager | ID = 7000
Description = Der Dienst "Steam Client Service" wurde aufgrund folgenden Fehlers
nicht gestartet: %%1053
Error - 25.07.2010 15:30:56 | Computer Name = RicoTeube-Lappi | Source = Service Control Manager | ID = 7034
Description = Dienst "BitDefender Virus Shield" wurde unerwartet beendet. Dies ist
bereits 1 Mal passiert.
Error - 25.07.2010 15:31:27 | Computer Name = RicoTeube-Lappi | Source = DCOM | ID = 10010
Description =
Error - 31.07.2010 23:40:11 | Computer Name = RicoTeube-Lappi | Source = bowser | ID = 8003
Description =
Error - 01.08.2010 00:16:16 | Computer Name = RicoTeube-Lappi | Source = bowser | ID = 8003
Description =
Error - 01.08.2010 00:18:26 | Computer Name = RicoTeube-Lappi | Source = NetBT | ID = 4321
Description = Der Name "WORKGROUP :1d" konnte nicht auf der Schnittstelle mit
IP-Adresse 192.168.5.62 registriert werden. Der Computer mit IP-Adresse 192.168.5.98
hat nicht zugelassen, dass dieser Computer diesen Namen verwendet.
Error - 09.08.2010 12:42:03 | Computer Name = RicoTeube-Lappi | Source = EventLog | ID = 6008
Description = Das System wurde zuvor am ?09.?08.?2010 um 11:58:33 unerwartet heruntergefahren.
Error - 12.08.2010 07:34:24 | Computer Name = RicoTeube-Lappi | Source = EventLog | ID = 6008
Description = Das System wurde zuvor am ?12.?08.?2010 um 13:00:35 unerwartet heruntergefahren.
Error - 16.08.2010 06:42:56 | Computer Name = RicoTeube-Lappi | Source = BTHUSB | ID = 327697
Description = Der lokale Bluetooth-Adapter ist aus einem unbekannten Grund fehlgeschlagen
und wird nicht verwendet. Der Treiber wurde entladen.
< End of report >
Code:
Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org
Datenbank Version: 4437
Windows 6.1.7600
Internet Explorer 8.0.7600.16385
16.08.2010 21:31:10
mbam-log-2010-08-16 (21-31-10).txt
Art des Suchlaufs: Vollständiger Suchlauf (C:\|)
Durchsuchte Objekte: 215365
Laufzeit: 34 Minute(n), 2 Sekunde(n)
Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 0
Infizierte Registrierungswerte: 0
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 0
Infizierte Dateien: 1
Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)
Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)
Infizierte Registrierungsschlüssel:
(Keine bösartigen Objekte gefunden)
Infizierte Registrierungswerte:
(Keine bösartigen Objekte gefunden)
Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)
Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)
Infizierte Dateien:
C:\Program Files (x86)\Trend Micro\HijackThis\backups\backup-20100520-150011-374.dll (Adware.WidgiToolbar) -> No action taken.
|
