Trojaner-Board

Trojaner-Board (https://www.trojaner-board.de/)
-   Plagegeister aller Art und deren Bekämpfung (https://www.trojaner-board.de/plagegeister-aller-art-deren-bekaempfung/)
-   -   TR/Spy.Banker.AG.1 auf dem Rechner wie werde ich den los ? (https://www.trojaner-board.de/87231-tr-spy-banker-ag-1-rechner-los.html)

KaiGeorgiadi 16.06.2010 19:29
TR/Spy.Banker.AG.1 auf dem Rechner wie werde ich den los ?
 
Hallo ich habe vorgestern einen Virenscann durchgeführt weilmein PC in den letzten paar tagen ca. 10 min. gebraucht hat zu booten.
Dabei hat Antivir angezeigt das ich ein Trojaner habe.

TR/Spy.Banker.AG.1

C:Windows/system32/chknsmui.dll

ich habe gelesen das dieser Trojaner Passwörter und Bank zugangsdaten ausspioniert !

sollte ich das jetzt alles sperren oder änder ?

wie werde ich den TRojaner wieder los ?
kenne mich auch nicht so extrem gut aus und kann mit den Threats die es bereits gibt nicht so viel anfangen !

Kann mir hier jemand helfen ?

KaiGeorgiadi 16.06.2010 20:18
mein system :

AMD Athlon (TM) XP 2200+
1,79 Ghz, 1 GB Ram

Windows XP HomeEdition
Service Pack 2

KaiGeorgiadi 16.06.2010 20:19
OTL EXTRAS Logfile:
Code:
OTL Extras logfile created on: 16.06.2010 20:43:24 - Run 1
OTL by OldTimer - Version 3.2.6.0    Folder = C:\Dokumente und Einstellungen\Kai\Eigene Dateien\Downloads
Windows XP Home Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.11)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
1.024,00 Mb Total Physical Memory | 232,00 Mb Available Physical Memory | 23,00% Memory free
2,00 Gb Paging File | 1,00 Gb Available in Paging File | 36,00% Paging File free
Paging file location(s): C:\pagefile.sys 768 1536 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 74,55 Gb Total Space | 13,38 Gb Free Space | 17,95% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Drive Q: | 189,92 Gb Total Space | 70,39 Gb Free Space | 37,06% Space Free | Partition Type: NTFS
 
Computer Name: ALTERNATE
Current User Name: Kai
Logged in as Administrator.
 
Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Programme\Mozilla Firefox\firefox.exe (Mozilla Corporation)
.js [@ = JSFile] -- C:\Programme\Macromedia\Dreamweaver MX\Dreamweaver.exe (Macromedia, Inc.)
 
[HKEY_USERS\S-1-5-21-1614895754-1935655697-725345543-1004\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Programme\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
========== Shell Spawning ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
htmlfile [edit] -- "C:\Programme\Microsoft Office\OFFICE11\msohtmed.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Programme\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)
https [open] -- "C:\Programme\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)
jsfile [open] -- "C:\Programme\Macromedia\Dreamweaver MX\Dreamweaver.exe" "%1" (Macromedia, Inc.)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Programme\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Programme\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002
"59000:TCP" = 59000:TCP:*:Enabled:azureus
"59000:UDP" = 59000:UDP:*:Enabled:azureus
 
========== Authorized Applications List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\Programme\ICQ7.1\ICQ.exe" = C:\Programme\ICQ7.1\ICQ.exe:*:Enabled:ICQ7.1 -- (ICQ, LLC.)
"C:\Programme\ICQ7.1\aolload.exe" = C:\Programme\ICQ7.1\aolload.exe:*:Enabled:aolload.exe -- (AOL LLC)
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Programme\Dreamweaver 4\Dreamweaver.exe" = C:\Programme\Dreamweaver 4\Dreamweaver.exe:*:Enabled:Dreamweaver -- (Macromedia, Inc.)
"E:\EDGEOFCHAOS.EXE" = E:\EDGEOFCHAOS.EXE:*:Enabled:Edge of Chaos Autorun -- File not found
"C:\WINDOWS\system32\dplaysvr.exe" = C:\WINDOWS\system32\dplaysvr.exe:*:Enabled:Microsoft DirectPlay Helper -- (Microsoft Corporation)
"Q:\Programme\Infogrames\Edge of Chaos - Indepedence War 2\EdgeOfChaos.exe" = Q:\Programme\Infogrames\Edge of Chaos - Indepedence War 2\EdgeOfChaos.exe:*:Enabled:Edge of Chaos Autorun -- File not found
"Q:\Programme\Infogrames\Edge of Chaos - Indepedence War 2\bin\release\loader.exe" = Q:\Programme\Infogrames\Edge of Chaos - Indepedence War 2\bin\release\loader.exe:*:Enabled:Independence War 2 Loader -- File not found
"C:\Programme\Macromedia\Dreamweaver 4\Dreamweaver.exe" = C:\Programme\Macromedia\Dreamweaver 4\Dreamweaver.exe:*:Enabled:Dreamweaver -- (Macromedia, Inc.)
"C:\Programme\Macromedia\Dreamweaver MX\Dreamweaver.exe" = C:\Programme\Macromedia\Dreamweaver MX\Dreamweaver.exe:*:Enabled:Dreamweaver MX -- (Macromedia, Inc.)
"C:\Programme\Soulseek\slsk.exe" = C:\Programme\Soulseek\slsk.exe:*:Enabled:SoulSeek -- File not found
"C:\Programme\BitTorrent\bittorrent.exe" = C:\Programme\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent -- File not found
"C:\Programme\eMule\emule.exe" = C:\Programme\eMule\emule.exe:*:Disabled:eMule -- File not found
"C:\Programme\Azureus\Azureus.exe" = C:\Programme\Azureus\Azureus.exe:*:Enabled:Azureus -- File not found
"C:\Programme\BitTornado\btdownloadgui.exe" = C:\Programme\BitTornado\btdownloadgui.exe:*:Enabled:btdownloadgui -- File not found
"C:\Programme\ICQLite\ICQLite.exe" = C:\Programme\ICQLite\ICQLite.exe:*:Enabled:ICQ Lite -- File not found
"C:\Programme\Mozilla Firefox\firefox.exe" = C:\Programme\Mozilla Firefox\firefox.exe:*:Enabled:Firefox -- (Mozilla Corporation)
"C:\Programme\Ares Lite Edition\AresLite.exe" = C:\Programme\Ares Lite Edition\AresLite.exe:*:Enabled:AresLite -- File not found
"C:\Programme\Ahead\Nero ShowTime\ShowTime.exe" = C:\Programme\Ahead\Nero ShowTime\ShowTime.exe:*:Enabled:Nero ShowTime -- (Nero Software AG)
"C:\Programme\ICQ6\ICQ.exe" = C:\Programme\ICQ6\ICQ.exe:*:Enabled:ICQ6 -- File not found
"C:\Programme\Sony Ericsson\Sony Ericsson Media Manager\MediaManager.exe" = C:\Programme\Sony Ericsson\Sony Ericsson Media Manager\MediaManager.exe:*:Enabled:Sony Ericsson Media Manager 1.1 -- (Sony Creative Software Inc.)
"C:\Programme\Intuwave\Shared\mRouterRuntime\mRouterRuntime.exe" = C:\Programme\Intuwave\Shared\mRouterRuntime\mRouterRuntime.exe:*:Disabled:mRouterRuntime Module -- (Intuwave Ltd.)
"C:\Programme\ICQ6.5\ICQ.exe" = C:\Programme\ICQ6.5\ICQ.exe:*:Enabled:ICQ6 -- File not found
"C:\Programme\Microsoft LifeCam\LifeExp.exe" = C:\Programme\Microsoft LifeCam\LifeExp.exe:*:Enabled:LifeExp.exe -- File not found
"C:\Programme\iTunes\iTunes.exe" = C:\Programme\iTunes\iTunes.exe:*:Enabled:iTunes -- (Apple Inc.)
"C:\Programme\Hercules\Classic Silver\Station2.exe" = C:\Programme\Hercules\Classic Silver\Station2.exe:*:Enabled:Hercules Webcam Station Evolution -- (Guillemot Corporation S.A.)
"E:\AliceSetup.exe" = E:\AliceSetup.exe:LocalSubNet:Enabled:AliceSetup.exe -- File not found
"C:\Programme\Sony Ericsson\Update Service\Update Service.exe" = C:\Programme\Sony Ericsson\Update Service\Update Service.exe:*:Enabled:Update Service -- ()
"C:\Programme\ICQ7.1\ICQ.exe" = C:\Programme\ICQ7.1\ICQ.exe:*:Enabled:ICQ7.1 -- (ICQ, LLC.)
"C:\Programme\ICQ7.1\aolload.exe" = C:\Programme\ICQ7.1\aolload.exe:*:Enabled:aolload.exe -- (AOL LLC)
"C:\Programme\VideoLAN\VLC\vlc.exe" = C:\Programme\VideoLAN\VLC\vlc.exe:*:Enabled:VLC media player -- ()
 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{04830D0F-F980-4EC0-89F1-594F2FD2A1B5}" = ElsterFormular 2008/2009
"{065D5505-3821-4C2E-BB6C-FE66A7E7CB4F}" = USB Flash Port Driver
"{07287123-B8AC-41CE-8346-3D777245C35B}" = Bonjour
"{0BEDBD4E-2D34-47B5-9973-57E62B29307C}" = ATI Control Panel
"{0DD140D3-9563-481E-AA75-BA457CBDAEF2}" = PC Inspector File Recovery
"{10C1A383-5FB9-4868-859C-E64F6822E9C8}" = Sony Ericsson Mobile Phone Monitor
"{127445D6-69BE-4B19-8789-09E9C8AA94AD}" = sep1i
"{13F3917B56CD4C25848BDC69916971BB}" = DivX Converter
"{24D753CA-6AE9-4E30-8F5F-EFC93E08BF3D}" = Skype™ 4.0
"{26A24AE4-039D-4CA4-87B4-2F83216013FF}" = Java(TM) 6 Update 20
"{2BA00471-0328-3743-93BD-FA813353A783}" = Microsoft .NET Framework 3.0 Service Pack 1
"{2D6ED011-055B-4041-B198-BB903827EBFB}" = Safari
"{2E0C1913-886B-4C5C-8DAF-D1E649CE5FCC}" = Creative MediaSource
"{2F84AD97-6952-4801-A20B-7C8DD1E9A301}" = CapMan
"{2FC099BD-AC9B-33EB-809C-D332E1B27C40}" = Microsoft .NET Framework 3.5
"{31851B85-C98E-44DE-8750-9843BCD63963}" = Adobe After Effects 5.5
"{3248F0A8-6813-11D6-A77B-00B0D0150010}" = J2SE Runtime Environment 5.0 Update 1
"{3248F0A8-6813-11D6-A77B-00B0D0150020}" = J2SE Runtime Environment 5.0 Update 2
"{3248F0A8-6813-11D6-A77B-00B0D0150040}" = J2SE Runtime Environment 5.0 Update 4
"{3248F0A8-6813-11D6-A77B-00B0D0150060}" = J2SE Runtime Environment 5.0 Update 6
"{3248F0A8-6813-11D6-A77B-00B0D0150080}" = J2SE Runtime Environment 5.0 Update 8
"{3248F0A8-6813-11D6-A77B-00B0D0150090}" = J2SE Runtime Environment 5.0 Update 9
"{3248F0A8-6813-11D6-A77B-00B0D0150100}" = J2SE Runtime Environment 5.0 Update 10
"{3248F0A8-6813-11D6-A77B-00B0D0150110}" = J2SE Runtime Environment 5.0 Update 11
"{3248F0A8-6813-11D6-A77B-00B0D0160010}" = Java(TM) SE Runtime Environment 6 Update 1
"{3248F0A8-6813-11D6-A77B-00B0D0160020}" = Java(TM) 6 Update 2
"{3248F0A8-6813-11D6-A77B-00B0D0160030}" = Java(TM) 6 Update 3
"{3248F0A8-6813-11D6-A77B-00B0D0160050}" = Java(TM) 6 Update 5
"{3248F0A8-6813-11D6-A77B-00B0D0160070}" = Java(TM) 6 Update 7
"{350C97B3-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3B64983B-A039-11D4-8B5A-0050DA45E354}" = SmartSurfer2.3
"{3BE480ED-E17A-431A-981C-5C2EDDBCD3BF}" = Macromedia Flash MX
"{3EA9D975-BFDC-4E8E-B88B-0446FBC8CA66}" = ATI HydraVision
"{3FC7CBBC4C1E11DCA1A752EA55D89593}" = DivX Version Checker
"{40034B11-149E-4310-AE89-BB575B02525B}" = LG Internet Kit
"{40A6C96D-808E-41DD-8716-617AB6B0F1F1}" = Brother MFL-Pro Suite
"{412033BC-44CF-48D9-B813-4B835101F4D3}" = Adobe Illustrator 10
"{430EB7ED-8588-430D-B17C-BFFA00CB370A}" = PC Suite for Sony Ericsson
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4B35F00C-E63D-40DC-9839-DF15A33EAC46}" = Grand Theft Auto Vice City
"{4BDFD2CE-6329-42E4-9801-9B3D1F10D79B}" = Adobe® Photoshop® Album Starter Edition 3.0
"{4EC8B911-98AB-4819-B5EE-D32E8A0A8AAA}_is1" = DVDx 2
"{4EF1E127-890D-32EE-C4EA-6A502911BD15}" = Vimeo Uploader
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{5721A8EA-A30F-4F66-9046-3F40C43AE1DC}" = Driver Detective
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{651CA61C-6803-4E74-8CA6-9DA721F1D24E}" = iDumpPod2iTunes
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{69E8BEBD-B3AA-4981-BA49-AD0AEA731031}" = Nero BackItUp 2 Essentials
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6AFCA4E1-9B78-3640-8F72-A7BF33448200}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{6BD31B80-7E9E-4FAF-B911-0AC31FB94BF6}" = Adobe Encore DVD 1.5
"{7148F0A8-6813-11D6-A77B-00B0D0142100}" = Java 2 Runtime Environment, SE v1.4.2_10
"{71BFC818-0CED-42D6-9C87-5142918957EE}" = ICQ7.1
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{7689CA7A-1270-425A-9959-EB4CB25EA29A}" = Sony Ericsson PC Suite 1.20.224
"{7B63B2922B174135AFC0E1377DD81EC2}" =
"{82AF8AF6-6D0B-4EE6-B11F-CF9877877F69}" = USB Driver for Panasonic DVC (with Web Camera)
"{8937FCB2-2FC6-4FC3-9FB5-DE2C92DB9C38}" = Microsoft .NET Framework 2.0 Language Pack - DEU
"{8B4AB829-DFD3-436D-B808-D9733D76C590}" = Macromedia Dreamweaver MX
"{8D2C1E44-7685-4D05-8342-B0DC6422FA47}" = Ulead Disc-Direct SDK
"{90110407-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{99ECF41F-5CCA-42BD-B8B8-A8333E2E2944}" = iTunes
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{A17EABB6-D0C6-44E5-820C-72DC7F495064}" = PaperPort
"{A2092B2A-A4FB-4464-A4C0-023D2C9993F8}" =
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{A5BA14E0-7384-11D4-BAE7-00409631A2C8}" = Macromedia Extension Manager
"{A7BF5297-3E74-11D5-B00F-00104B398D77}" = QuarkXPress Passport 5.0
"{A8AD6CB8-DE96-43FA-9B73-5FB873DD1CAE}" = Sound Blaster Audigy 4
"{A8BB9906-E618-406A-B161-7383AFF46C39}" = EasyRecovery Professional
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{ABD7DBE3-E344-4BCA-B8AD-4360494DD1D9}" = LG MC USB U330 driver
"{ABDA9912-5D00-11D4-BAE7-9367CA097955}" = Macromedia Dreamweaver 4
"{AC76BA86-7AD7-1031-7B44-A70500000002}" = Adobe Reader 7.0.8 - Deutsch
"{AC76BA86-7AD7-5464-3428-7050000000A7}" = Adobe Reader 7.0.5 Language Support
"{AC7EE5F1-0DE4-4256-8E43-92B73C8E6019}" = LG Bluetooth Drivers
"{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter
"{B194272D-1F92-46DF-99EB-8D5CE91CB4EC}" = Adobe AIR
"{B480BD2A-F1BA-4FE6-8C8E-34C6111B72C9}" = ElsterFormular 2007/2008
"{B508B3F1-A24A-32C0-B310-85786919EF28}" = Microsoft .NET Framework 2.0 Service Pack 1
"{B7A0CE06-068E-11D6-97FD-0050BACBF861}" = PowerProducer
"{B97CF5C3-0487-11D8-A36E-0050BAE317E1}" = DVD Solution
"{BE4AA694-815A-4045-BD49-C94F2BED7458}" = WinFast Entertainment Center(WDM Driver)
"{C337BDAF-CB4E-47E2-BE1A-CB31BB7DD0E3}" = Apple Mobile Device Support
"{C78EAC6F-7A73-452E-8134-DBB2165C5A68}" = QuickTime
"{C882DE6B-1482-42D6-A7C2-A9F946EDBAF6}" = WinFast PVR
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CBBCBE04-EA5E-4201-A924-E7ED3E8686AE}" = ElsterFormular 2006/2007
"{D62DA280-A5C8-40B3-85FA-1DB27F4C5828}" = CompuServe Starterkit 3.0
"{D94BA408-F110-488B-A65E-3AE7945F79E6}_is1" = LG PC Suite III deinstallieren
"{DDB263D3-2FD7-47BF-850E-9851EFFF6C6C}" = Sony Ericsson Media Manager 1.1
"{E1252473-6306-4d5d-904D-B06AA7F38161}" = PC Suite for Sony Ericsson
"{E1640DA5-89B4-4F52-B15D-5DA3D14F29D4}" = LG USB Modem Drivers
"{E728E952-DD4F-4BCD-A5C8-40FBFEFF91FE}" = OpenOffice.org Installer 1.0
"{E8092DBF-7B0E-377E-F98C-AB002A994CF2}" = Allergie.com - Pollenflugvorhersage
"{F0312AC6-988B-11DA-9C49-000476F770CC}" = CIB pdf brewer 2.5.29
"{F0A37341-D692-11D4-A984-009027EC0A9C}" = SoundMAX
"{FD4FE0F7-91FC-43A2-9C3A-187553991FFF}" = Hercules Classic Silver Webcam
"{FE90E9E7-A158-4687-8853-DF677A939A61}" = D-Link Bluetooth Software
"{FFAB5ABB-8AAB-42E2-847F-1743E51E01E9}" = Disc2Phone
"7D6D030B3D73FCCA3D4E45319380F315DFBE7A54" = Windows-Treiberpaket - Infineon Technologies (FlashUSB) USB  (04/16/2009 1.0.0.6)
"A2FlashPreload 1.0" = A2FlashPreload 1.0
"Ad-Aware SE Personal" = Ad-Aware SE Personal
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Photoshop 7.0" = Adobe Photoshop 7.0
"Adobe Premiere 6.0" = Adobe Premiere 6.0
"Adobe SVG Viewer" = Adobe SVG Viewer 3.0
"Adobe Type Manager Deluxe 4.1" = Adobe Type Manager Deluxe 4.1
"AntiVir PersonalEdition Classic" = Avira AntiVir Personal - Free Antivirus
"Any Video Converter_is1" = Any Video Converter 3.0.3
"AnyDVD" = AnyDVD
"ATI Display Driver" = ATI Display Driver
"AudioConSole" = Creative-Audiokonsole
"Browser Defender_is1" = Browser Defender 2.0.6.15
"CANONBJ_Deinstall_CNMCP58.DLL" = Canon i560
"CCleaner" = CCleaner (remove only)
"Cleaner 5 EZ" = Cleaner 5 EZ
"Colorado 600p/1200p" = Primax Colorado 600p/1200p (CD erforderlich)
"com.allergie.pollenflug.3050FB5128FEC1DEC54E712B37D3D876472C4367.1" = Allergie.com - Pollenflugvorhersage
"Cool Edit Pro 2.0" = Cool Edit Pro 2.0
"Corel Applications" = Corel Applications
"Dictionary4Free" = LingoMAXX Dictionary4Free
"DivX Plus DirectShow Filters" = DivX Plus DirectShow Filters
"DivX Setup.divx.com" = DivX-Setup
"DVD Shrink_is1" = DVD Shrink 3.2
"Easy-PhotoPrint" = Canon Utilities Easy-PhotoPrint
"Easy-WebPrint" = Easy-WebPrint
"ElsterFormular 11.3.0.4235" = ElsterFormular
"Free Ipod Video Converter_is1" = Free Ipod Video Converter V 2.6
"FS Kassenbuch5.0.4" = FS Kassenbuch
"Google Chrome" = Google Chrome
"GoogleVideoPlayer" = Google Video Player
"Guitar Pro 4.0" = Guitar Pro 4.0
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"iDump" = iDump (Build: 28)
"ie7" = Windows Internet Explorer 7
"InCD!UninstallKey" = InCD
"Infineon USB driver_is1" = Infineon USB driver 1.0.0.6
"InstallShield_{A8BB9906-E618-406A-B161-7383AFF46C39}" = EasyRecovery Professional
"Language pack for Ad-Aware SE" = Language pack for Ad-Aware SE
"LHTTSGED" = L&H TTS3000 Deutsch
"Magic DVD Ripper_is1" = Magic DVD Ripper V5.3 build 8
"MAGIX video deLuxe" = MAGIX video deLuxe
"MGI_PHOTOSUITE_V806" = MGI PhotoSuite 8.06 (nur entfernen)
"Microsoft .NET Framework 1.1  (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 2.0 Language Pack - DEU" = Microsoft .NET Framework 2.0 Language Pack - DEU
"Microsoft .NET Framework 3.5" = Microsoft .NET Framework 3.5
"MozBackup_is1" = MozBackup 1.4.7
"Mozilla Firefox (3.5.9)" = Mozilla Firefox (3.5.9)
"mRouterRuntime" =
"MySpaceIM" = MySpaceIM
"Native Instruments GuitarRig2 RTAS VSTi DXi" = Native Instruments GuitarRig2 RTAS VSTi DXi
"Nero - Burning Rom!UninstallKey" = Nero OEM
"NeroVision!UninstallKey" = Nero Digital
"Nicht vergessen" = Nicht vergessen
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"NSS" = Norton Security Scan
"Planet Online Bilder Service - POBS" = Planet Online Bilder Service - POBS
"PrimaPAGE 98" = PrimaPAGE 98
"Rainbow Sentinel Driver" = Sentinel System Driver
"Rainlendar2" = Rainlendar2 (remove only)
"RealPlayer 6.0" = RealPlayer
"RNCompiler 6.0" = Advanced RealMedia Export Plug-in for Premiere 6.0
"RocketDock_is1" = RocketDock 1.3.1
"Security Task Manager" = Security Task Manager 1.7e
"Serials 2000" = Serials 2000
"Sony Ericsson" = Sony Ericsson Symbian 9 Drivers
"Spyware Doctor" = Spyware Doctor 7.0
"Tony Tough and The Night of Roasted Moths" = Tony Tough and The Night of Roasted Moths
"USB Vibration Joystick" = USB Vibration Joystick
"vimeo.Duplo.3E2F2984357E7A95AE95C69EF2C5C14640284048.1" = Vimeo Uploader
"VLC media player" = VLC media player 1.0.5
"Wdf01007" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.7
"WIC" = Windows Imaging Component
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 10
"Windows XP Service Pack" = Windows XP Service Pack 2
"WindowsDrawLE" = Micrografx Windows Draw 6 Limited Edition
"winLAME" = winLAME rc3 (remove only)
"WinRAR archiver" = WinRAR Archivierer
"WMFDist11" = Windows Media Format 11 runtime
"XMedia Recode" = XMedia Recode 2.1.1.1
"XpsEPSC" = XML Paper Specification Shared Components Pack 1.0
"YInstHelper" = Yahoo! Install Manager
 
========== HKEY_USERS Uninstall List ==========
 
[HKEY_USERS\S-1-5-21-1614895754-1935655697-725345543-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"e034e552c09804a7" = WordpressThemeGen
"Facebook Plug-In" = Facebook Plug-In
 
========== Last 10 Event Log Errors ==========
 
[ Application Events ]
Error - 15.06.2010 13:48:28 | Computer Name = ALTERNATE | Source = Application Hang | ID = 1002
Description = Stillstehende Anwendung OUTLOOK.EXE, Version 11.0.5510.0, Stillstandmodul
 hungapp, Version 0.0.0.0, Stillstandadresse 0x00000000.
 
Error - 15.06.2010 14:01:14 | Computer Name = ALTERNATE | Source = Microsoft Office 11 | ID = 1000
Description = Faulting application outlook.exe, version 11.0.5510.0, stamp 3f1380f0,
 faulting module outllib.dll, version 11.0.5608.0, stamp 3f35d24e, debug? 0, fault
 address 0x0023e0c0.
 
Error - 15.06.2010 19:03:33 | Computer Name = ALTERNATE | Source = Microsoft Office 11 | ID = 2001
Description = Rejected Safe Mode action : Microsoft Office Outlook.
 
Error - 15.06.2010 19:09:11 | Computer Name = ALTERNATE | Source = Application Hang | ID = 1002
Description = Stillstehende Anwendung Skype.exe, Version 4.0.0.226, Stillstandmodul
 hungapp, Version 0.0.0.0, Stillstandadresse 0x00000000.
 
Error - 15.06.2010 19:13:13 | Computer Name = ALTERNATE | Source = Microsoft Office 11 | ID = 1000
Description = Faulting application outlook.exe, version 11.0.5510.0, stamp 3f1380f0,
 faulting module outllib.dll, version 11.0.5608.0, stamp 3f35d24e, debug? 0, fault
 address 0x0023e0c0.
 
Error - 16.06.2010 02:26:02 | Computer Name = ALTERNATE | Source = Microsoft Office 11 | ID = 2001
Description = Rejected Safe Mode action : Microsoft Office Outlook.
 
Error - 16.06.2010 10:32:11 | Computer Name = ALTERNATE | Source = Microsoft Office 11 | ID = 1000
Description = Faulting application outlook.exe, version 11.0.5510.0, stamp 3f1380f0,
 faulting module outllib.dll, version 11.0.5608.0, stamp 3f35d24e, debug? 0, fault
 address 0x0023e0c0.
 
Error - 16.06.2010 10:44:04 | Computer Name = ALTERNATE | Source = Microsoft Office 11 | ID = 2001
Description = Rejected Safe Mode action : Microsoft Office Outlook.
 
Error - 16.06.2010 10:50:47 | Computer Name = ALTERNATE | Source = ESENT | ID = 474
Description = wuauclt (1704)  Bei Überprüfung der aus Datei "C:\WINDOWS\SoftwareDistribution\DataStore\DataStore.edb"
 bei Offset 6266880 (0x00000000005fa000) für 4096 (0x00001000) Bytes gelesenen Datenbankseite
 ist durch eine Inkonsistenz der Seitenprüfsumme ein Fehler aufgetreten. Die erwartete
 Prüfsumme war 2723521727 (0xa255a4bf), die tatsächliche Prüfsumme 2722473151 (0xa245a4bf).
 Fehler -1018 (0xfffffc06) bei Leseoperation. Wenn dieser Zustand andauert, stellen
 Sie die Datenbank aus einer vorherigen Sicherung wieder her.
 
Error - 16.06.2010 11:37:57 | Computer Name = ALTERNATE | Source = Application Error | ID = 1000
Description = Fehlgeschlagene Anwendung avscan.exe, Version 8.1.4.10, fehlgeschlagenes
 Modul msvcr71.dll, Version 7.10.3052.4, Fehleradresse 0x00010513.
 
[ System Events ]
Error - 15.06.2010 19:03:22 | Computer Name = ALTERNATE | Source = Service Control Manager | ID = 7000
Description = Der Dienst "WinFast TV2000 XP WDM TVTuner" wurde aufgrund folgenden
 Fehlers nicht gestartet:  %%1058
 
Error - 15.06.2010 19:03:22 | Computer Name = ALTERNATE | Source = Service Control Manager | ID = 7000
Description = Der Dienst "WinFast TV2000 XP WDM Crossbar" wurde aufgrund folgenden
 Fehlers nicht gestartet:  %%1058
 
Error - 16.06.2010 02:31:14 | Computer Name = ALTERNATE | Source = Service Control Manager | ID = 7034
Description = Dienst "AntiVir PersonalEdition Classic Service" wurde unerwartet
beendet. Dies ist bereits 1 Mal passiert.
 
Error - 16.06.2010 02:47:23 | Computer Name = ALTERNATE | Source = DCOM | ID = 10005
Description = Bei DCOM ist der Fehler "%1058" aufgetreten, als der Dienst "NMIndexingService"
 mit den Argumenten ""  gestartet wurde, um den folgenden Server zu verwenden:  {C6A811AB-F8FF-45A4-93E5-FC5CCB650BE7}
 
Error - 16.06.2010 02:47:24 | Computer Name = ALTERNATE | Source = DCOM | ID = 10005
Description = Bei DCOM ist der Fehler "%1058" aufgetreten, als der Dienst "NMIndexingService"
 mit den Argumenten ""  gestartet wurde, um den folgenden Server zu verwenden:  {C6A811AB-F8FF-45A4-93E5-FC5CCB650BE7}
 
Error - 16.06.2010 02:47:25 | Computer Name = ALTERNATE | Source = DCOM | ID = 10005
Description = Bei DCOM ist der Fehler "%1058" aufgetreten, als der Dienst "NMIndexingService"
 mit den Argumenten ""  gestartet wurde, um den folgenden Server zu verwenden:  {C6A811AB-F8FF-45A4-93E5-FC5CCB650BE7}
 
Error - 16.06.2010 02:48:59 | Computer Name = ALTERNATE | Source = Service Control Manager | ID = 7000
Description = Der Dienst "WinFast TV2000 XP WDM Video Capture" wurde aufgrund folgenden
 Fehlers nicht gestartet:  %%1058
 
Error - 16.06.2010 02:48:59 | Computer Name = ALTERNATE | Source = Service Control Manager | ID = 7000
Description = Der Dienst "Reset 5" wurde aufgrund folgenden Fehlers nicht gestartet:
  %%2
 
Error - 16.06.2010 02:48:59 | Computer Name = ALTERNATE | Source = Service Control Manager | ID = 7000
Description = Der Dienst "WinFast TV2000 XP WDM TVTuner" wurde aufgrund folgenden
 Fehlers nicht gestartet:  %%1058
 
Error - 16.06.2010 02:48:59 | Computer Name = ALTERNATE | Source = Service Control Manager | ID = 7000
Description = Der Dienst "WinFast TV2000 XP WDM Crossbar" wurde aufgrund folgenden
 Fehlers nicht gestartet:  %%1058
 
 
< End of report >
--- --- ---

KaiGeorgiadi 16.06.2010 20:20
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 74,55 Gb Total Space | 13,38 Gb Free Space | 17,95% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Drive Q: | 189,92 Gb Total Space | 70,39 Gb Free Space | 37,06% Space Free | Partition Type: NTFS

Computer Name: ALTERNATE
Current User Name: Kai
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal

========== Processes (SafeList) ==========

PRC - C:\Dokumente und Einstellungen\Kai\Eigene Dateien\Downloads\OTL.exe (OldTimer Tools)
PRC - C:\Programme\ICQ7.1\ICQ.exe (ICQ, LLC.)
PRC - C:\Programme\DivX\DivX Update\DivXUpdate.exe ()
PRC - C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\LGMOBILEAX\B2C_Client\B2CNotiAgent.exe (LG Electronics)
PRC - C:\Programme\Spyware Doctor\pctsTray.exe (PC Tools)
PRC - C:\Programme\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Programme\Spyware Doctor\pctsSvc.exe (PC Tools)
PRC - C:\Programme\Spyware Doctor\pctsAuxs.exe (PC Tools)
PRC - C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)
PRC - C:\Programme\Spyware Doctor\BDT\BDTUpdateService.exe (Threat Expert Ltd.)
PRC - C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe (Apple Inc.)
PRC - C:\Programme\AntiVir PersonalEdition Classic\sched.exe (Avira GmbH)
PRC - C:\Programme\AntiVir PersonalEdition Classic\avguard.exe (Avira GmbH)
PRC - C:\Programme\AntiVir PersonalEdition Classic\avgnt.exe (Avira GmbH)
PRC - C:\Dokumente und Einstellungen\Kai\Anwendungsdaten\Transcend\JFSW2\JFSW2Launch.exe ()
PRC - C:\Programme\Sony Ericsson\Mobile4\Sync Manager\SyncIndicator.exe (Teleca Sweden AB)
PRC - C:\Programme\Nero\Nero 7\Nero BackItUp\NBKeyScan.exe (Nero AG)
PRC - C:\Programme\Rainlendar2\Rainlendar2.exe ()
PRC - C:\WINDOWS\vVX1000.exe (Microsoft Corporation)
PRC - C:\Programme\RocketDock\RocketDock.exe ()
PRC - C:\Programme\Gemeinsame Dateien\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
PRC - C:\Programme\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe (Adobe Systems Incorporated)
PRC - C:\Dokumente und Einstellungen\Kai\Eigene Dateien\Downloads\Any DVD\AnyDVD 4.3.0.1 Crack\Crack\AnyDVD.exe (SlySoft, Inc.)
PRC - C:\WINDOWS\system32\usbicon.exe ()
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\Programme\Ahead\InCD\incdsrv.exe (Ahead Software AG)
PRC - C:\Programme\Ahead\InCD\InCD.exe (Ahead Software AG)
PRC - C:\Programme\ScanSoft\PaperPort\pptd40nt.exe (ScanSoft, Inc.)
PRC - C:\Programme\CyberLink DVD Solution\PowerDVD\PDVDServ.exe (Cyberlink Corp.)
PRC - C:\Programme\DLink\Bluetooth Software\bin\btwdins.exe (WIDCOMM, Inc.)
PRC - C:\Programme\Microsoft Office\OFFICE11\WINWORD.EXE (Microsoft Corporation)
PRC - C:\Programme\Microsoft Office\OFFICE11\OUTLOOK.EXE (Microsoft Corporation)
PRC - C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7DEBUG\MDM.EXE (Microsoft Corporation)
PRC - C:\WINDOWS\system32\Brmfrmps.exe (Brother Industries, Ltd.)
PRC - C:\Programme\Analog Devices\SoundMAX\SMAgent.exe (Analog Devices, Inc.)
PRC - C:\WINDOWS\system32\brsvc01a.exe (brother Industries Ltd)
PRC - C:\WINDOWS\system32\brss01a.exe (brother Industries Ltd)


========== Modules (SafeList) ==========

MOD - C:\Dokumente und Einstellungen\Kai\Eigene Dateien\Downloads\OTL.exe (OldTimer Tools)
MOD - C:\WINDOWS\system32\chknsmui.dll ()
MOD - C:\Programme\Spyware Doctor\smum32.dll (PC Tools)
MOD - C:\Programme\Spyware Doctor\PCTGMhk.dll (PC Tools)
MOD - C:\Programme\RocketDock\RocketDock.dll ()
MOD - C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll (Microsoft Corporation)
MOD - C:\WINDOWS\system32\msscript.ocx (Microsoft Corporation)


========== Win32 Services (SafeList) ==========

SRV - (Reset 5) -- File not found
SRV - (de_serv) -- File not found
SRV - (sdCoreService) -- C:\Programme\Spyware Doctor\pctsSvc.exe (PC Tools)
SRV - (sdAuxService) -- C:\Programme\Spyware Doctor\pctsAuxs.exe (PC Tools)
SRV - (Browser Defender Update Service) -- C:\Programme\Spyware Doctor\BDT\BDTUpdateService.exe (Threat Expert Ltd.)
SRV - (Apple Mobile Device) -- C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe (Apple Inc.)
SRV - (AntiVirScheduler) -- C:\Programme\AntiVir PersonalEdition Classic\sched.exe (Avira GmbH)
SRV - (AntiVirService) -- C:\Programme\AntiVir PersonalEdition Classic\avguard.exe (Avira GmbH)
SRV - (NMIndexingService) -- C:\Programme\Gemeinsame Dateien\Ahead\Lib\NMIndexingService.exe (Nero AG)
SRV - (IDriverT) -- C:\Programme\Gemeinsame Dateien\InstallShield\Driver\11\Intel 32\IDriverT.exe (Macrovision Corporation)
SRV - (InCDsrv) -- C:\Programme\Ahead\InCD\incdsrv.exe (Ahead Software AG)
SRV - (btwdins) -- C:\Programme\DLink\Bluetooth Software\bin\btwdins.exe (WIDCOMM, Inc.)
SRV - (ose) -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE (Microsoft Corporation)
SRV - (MDM) -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7DEBUG\MDM.EXE (Microsoft Corporation)
SRV - (brmfrmps) -- C:\WINDOWS\System32\Brmfrmps.exe (Brother Industries, Ltd.)
SRV - (SoundMAX Agent Service (default)) -- C:\Programme\Analog Devices\SoundMAX\SMAgent.exe (Analog Devices, Inc.)
SRV - (Brother XP spl Service) -- C:\WINDOWS\system32\brsvc01a.exe (brother Industries Ltd)
SRV - (ATMsrvc) -- C:\WINDOWS\system32\ATMsrvc.exe (Adobe Systems Incorporated)


========== Driver Services (SafeList) ==========

DRV - (avgntdd) -- C:\WINDOWS\system32\drivers\avgntdd.sys (Avira GmbH)
DRV - (avgntmgr) -- C:\WINDOWS\SYSTEM32\drivers\avgntmgr.sys (Avira GmbH)
DRV - (PCTCore) -- C:\WINDOWS\system32\drivers\PCTCore.sys (PC Tools)
DRV - (ggsemc) -- C:\WINDOWS\system32\drivers\ggsemc.sys (Sony Ericsson Mobile Communications)
DRV - (ggflt) -- C:\WINDOWS\system32\drivers\ggflt.sys (Sony Ericsson Mobile Communications)
DRV - (zebrmdmc) Sony Ericsson mRouter Port (WDM) -- C:\WINDOWS\system32\drivers\zebrmdmc.sys (MCCI)
DRV - (zebrsce) -- C:\WINDOWS\system32\drivers\zebrsce.sys (MCCI)
DRV - (LgBttPort) -- C:\WINDOWS\system32\drivers\lgbtport.sys (LG Electronics Inc.)
DRV - (LGVMODEM) -- C:\WINDOWS\system32\drivers\lgvmodem.sys (LG Electronics Inc.)
DRV - (lgbusenum) -- C:\WINDOWS\system32\drivers\lgbtbus.sys (LG Electronics Inc.)
DRV - (zebrmdm) Sony Ericsson Port (WDM) -- C:\WINDOWS\system32\drivers\zebrmdm.sys (MCCI)
DRV - (zebrmdfl) -- C:\WINDOWS\system32\drivers\zebrmdfl.sys (MCCI Corporation)
DRV - (zebrbus) -- C:\WINDOWS\system32\drivers\zebrbus.sys (MCCI)
DRV - (zebrceb) Sony Ericsson Cable Emulation Bus (WDM) -- C:\WINDOWS\system32\drivers\zebrceb.sys (MCCI)
DRV - (FlashUSB) -- C:\WINDOWS\system32\drivers\FlashUsb.sys (Danish Wireless Design A/S)
DRV - (USBModem) -- C:\WINDOWS\system32\drivers\lgusbmodem.sys (LG Electronics Inc.)
DRV - (UsbDiag) -- C:\WINDOWS\system32\drivers\lgusbdiag.sys (LG Electronics Inc.)
DRV - (usbbus) -- C:\WINDOWS\system32\drivers\lgusbbus.sys (LG Electronics Inc.)
DRV - (camfilt2) -- C:\WINDOWS\system32\drivers\camfilt2.sys (Guillemot Corporation)
DRV - (SNPSTD3) -- C:\WINDOWS\system32\drivers\snpstd3.sys (Sonix Co. Ltd.)
DRV - (VX1000) -- C:\WINDOWS\system32\drivers\VX1000.sys (Microsoft Corporation)
DRV - (ASPI32) -- C:\WINDOWS\system32\drivers\aspi32.sys (Adaptec)
DRV - (SE27bus) Sony Ericsson Device 039 Driver driver (WDM) -- C:\WINDOWS\system32\drivers\SE27bus.sys (MCCI)
DRV - (ctprxy2k) -- C:\WINDOWS\system32\drivers\ctprxy2k.sys (Creative Technology Ltd)
DRV - (ctaud2k) Creative Audio Driver (WDM) -- C:\WINDOWS\system32\drivers\ctaud2k.sys (Creative Technology Ltd)
DRV - (hap17v2k) -- C:\WINDOWS\system32\drivers\haP17v2k.sys (Creative Technology Ltd)
DRV - (hap16v2k) -- C:\WINDOWS\system32\drivers\haP16v2k.sys (Creative Technology Ltd)
DRV - (ha10kx2k) -- C:\WINDOWS\system32\drivers\ha10kx2k.sys (Creative Technology Ltd)
DRV - (ossrv) -- C:\WINDOWS\system32\drivers\ctoss2k.sys (Creative Technology Ltd.)
DRV - (ctsfm2k) -- C:\WINDOWS\system32\drivers\ctsfm2k.sys (Creative Technology Ltd)
DRV - (emupia) -- C:\WINDOWS\system32\drivers\emupia2k.sys (Creative Technology Ltd)
DRV - (ctac32k) -- C:\WINDOWS\system32\drivers\ctac32k.sys (Creative Technology Ltd)
DRV - (ctdvda2k) -- C:\WINDOWS\system32\drivers\ctdvda2k.sys (Creative Technology Ltd)
DRV - (PDDSLHND) -- C:\WINDOWS\system32\drivers\pddslhnd.sys (ProDyne)
DRV - (PDDSLADP) -- C:\WINDOWS\system32\drivers\pddsladp.sys (ProDyne)
DRV - (AnyDVD) -- C:\WINDOWS\system32\drivers\AnyDVD.sys (SlySoft, Inc.)
DRV - (ati2mtag) -- C:\WINDOWS\system32\drivers\ati2mtag.sys (ATI Technologies Inc.)
DRV - (61883) -- C:\WINDOWS\system32\drivers\61883.sys (Microsoft Corporation)
DRV - (Avc) -- C:\WINDOWS\system32\drivers\avc.sys (Microsoft Corporation)
DRV - (MSDV) -- C:\WINDOWS\system32\drivers\msdv.sys (Microsoft Corporation)
DRV - (gameenum) -- C:\WINDOWS\system32\drivers\gameenum.sys (Microsoft Corporation)
DRV - (usbaudio) USB-Audiotreiber (WDM) -- C:\WINDOWS\system32\drivers\USBAUDIO.sys (Microsoft Corporation)
DRV - (ElbyCDIO) -- C:\WINDOWS\system32\drivers\ElbyCDIO.sys (Elaborate Bytes AG)
DRV - (InCDPass) -- C:\WINDOWS\system32\drivers\incdpass.sys (Ahead Software AG)
DRV - (InCDfs) -- C:\WINDOWS\system32\drivers\incdfs.sys (Ahead Software AG)
DRV - (BT848) -- C:\WINDOWS\system32\drivers\wf2kvcap.sys (Leadtek Research Inc.)
DRV - (tv2ktunr) -- C:\WINDOWS\system32\drivers\wf2ktunr.sys (Leadtek Research Inc.)
DRV - (Tv2kXbar) -- C:\WINDOWS\system32\drivers\wf2kXbar.sys (Leadtek Research Inc.)
DRV - (imagesrv) -- C:\WINDOWS\system32\DRIVERS\imagesrv.sys (Ahead Software AG)
DRV - (imagedrv) -- C:\WINDOWS\System32\Drivers\imagedrv.sys (Ahead Software AG)
DRV - (BrScnUsb) -- C:\WINDOWS\system32\drivers\BrScnUsb.sys (Brother Industries Ltd.)
DRV - (pfc) -- C:\WINDOWS\system32\drivers\pfc.sys (Padus, Inc.)
DRV - (WFIOCTL) -- C:\Programme\WinFast\WFTVFM\WFIOCTL.sys (Leadtek Research Inc.)
DRV - (prohlp02) -- C:\WINDOWS\System32\drivers\prohlp02.sys (Protection Technology)
DRV - (sfhlp01) -- C:\WINDOWS\System32\drivers\sfhlp01.sys (Protection Technology)
DRV - (prodrv06) -- C:\WINDOWS\System32\drivers\prodrv06.sys (Protection Technology)
DRV - (prosync1) -- C:\WINDOWS\System32\drivers\prosync1.sys (Protection Technology)
DRV - (BTSERIAL) -- C:\WINDOWS\system32\drivers\btserial.sys ()
DRV - (BTSLBCSP) -- C:\WINDOWS\system32\drivers\btslbcsp.sys (WIDCOMM, Inc.)
DRV - (BTKRNL) -- C:\WINDOWS\system32\drivers\btkrnl.sys (WIDCOMM, Inc.)
DRV - (BTDriver) -- C:\WINDOWS\system32\drivers\btport.sys (WIDCOMM, Inc.)
DRV - (BTWDNDIS) -- C:\WINDOWS\system32\drivers\btwdndis.sys (WIDCOMM, Inc.)
DRV - (BtAudio) -- C:\WINDOWS\system32\drivers\btaudio.sys (WIDCOMM, Inc.)
DRV - (WmFilter) -- C:\WINDOWS\system32\drivers\WmFilter.sys (Logitech Inc.)
DRV - (WmBEnum) -- C:\WINDOWS\system32\drivers\WmBEnum.sys (Logitech Inc.)
DRV - (WmVirHid) -- C:\WINDOWS\system32\drivers\WmVirHid.sys (Logitech Inc.)
DRV - (WmXlCore) -- C:\WINDOWS\system32\drivers\WmXlCore.sys (Logitech Inc.)
DRV - (kbfilter) -- C:\WINDOWS\system32\drivers\kbfilter.sys (WayTech Development, Inc.)
DRV - (moufiltr) -- C:\WINDOWS\system32\drivers\moufiltr.sys (Windows (R) 2000 DDK provider)
DRV - (BsUDF) -- C:\WINDOWS\system32\drivers\bsudf.sys (ahead software)
DRV - (BsStor) -- C:\WINDOWS\System32\DRIVERS\bsstor.sys (B.H.A Co.,Ltd.)
DRV - (Sentinel) -- C:\WINDOWS\System32\Drivers\SENTINEL.SYS ()
DRV - (ppsio2) -- C:\WINDOWS\system32\drivers\PPSIO2.SYS ()


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = Google Toolbar


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-1614895754-1935655697-725345543-1004\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google
IE - HKU\S-1-5-21-1614895754-1935655697-725345543-1004\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
IE - HKU\S-1-5-21-1614895754-1935655697-725345543-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = ICQ.com Suche
IE - HKU\S-1-5-21-1614895754-1935655697-725345543-1004\..\URLSearchHook: - Reg Error: Key error. File not found
IE - HKU\S-1-5-21-1614895754-1935655697-725345543-1004\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - Reg Error: Key error. File not found
IE - HKU\S-1-5-21-1614895754-1935655697-725345543-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1614895754-1935655697-725345543-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "ICQ Search"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.startup.homepage: "hxxp://www.rockwoodskateboards.de/"
FF - prefs.js..extensions.enabledItems: {e67fcdff-f9cb-4b45-b6f3-6f71f1a1ce40}:2.0.0.59
FF - prefs.js..extensions.enabledItems: {800b5000-a755-47e1-992b-48a1c1357f07}:2.0.0.2
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: {ea97a0ec-cb67-41d1-a4ce-37b3e022ef8b}:12.0.7600
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..keyword.URL: "hxxp://search.icq.com/search/afe_results.php?ch_id=afex&tb_ver=2.0.0.2&q="

FF - HKLM\software\mozilla\Mozilla Firefox 3.5.9\extensions\\Components: C:\Programme\Mozilla Firefox\components [2010.04.01 08:17:03 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.9\extensions\\Plugins: C:\Programme\Mozilla Firefox\plugins [2010.05.24 02:25:38 | 000,000,000 | ---D | M]

[2008.08.28 20:38:22 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Kai\Anwendungsdaten\Mozilla\Extensions
[2010.06.16 20:04:08 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Kai\Anwendungsdaten\Mozilla\Firefox\Profiles\jkrqxriy.default\extensions
[2010.03.30 23:54:51 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\Kai\Anwendungsdaten\Mozilla\Firefox\Profiles\jkrqxriy.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
[2009.07.10 02:28:22 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Dokumente und Einstellungen\Kai\Anwendungsdaten\Mozilla\Firefox\Profiles\jkrqxriy.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}(2)
[2009.05.23 08:20:22 | 000,000,000 | ---D | M] (Handy Antivirus Toolbar) -- C:\Dokumente und Einstellungen\Kai\Anwendungsdaten\Mozilla\Firefox\Profiles\jkrqxriy.default\extensions\{e67fcdff-f9cb-4b45-b6f3-6f71f1a1ce40}
[2007.09.23 20:20:46 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Kai\Anwendungsdaten\Mozilla\Firefox\Profiles\jkrqxriy.default\extensions\de-DE@dictionaries.addons.mozilla.org
[2008.07.31 10:14:16 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Kai\Anwendungsdaten\Mozilla\Firefox\Profiles\jkrqxriy.default\extensions\en-US@dictionaries.addons.mozilla.org
[2009.07.10 02:28:21 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Kai\Anwendungsdaten\Mozilla\Firefox\Profiles\jkrqxriy.default\extensions\smartbookmarksbar@remy(2).juteau
[2010.06.11 08:35:19 | 000,000,961 | ---- | M] () -- C:\Dokumente und Einstellungen\Kai\Anwendungsdaten\Mozilla\Firefox\Profiles\jkrqxriy.default\searchplugins\icqplugin-1.xml
[2009.03.31 00:16:44 | 000,000,950 | ---- | M] () -- C:\Dokumente und Einstellungen\Kai\Anwendungsdaten\Mozilla\Firefox\Profiles\jkrqxriy.default\searchplugins\icqplugin-10.xml
[2009.04.24 08:45:54 | 000,000,950 | ---- | M] () -- C:\Dokumente und Einstellungen\Kai\Anwendungsdaten\Mozilla\Firefox\Profiles\jkrqxriy.default\searchplugins\icqplugin-11.xml
[2009.04.28 08:49:39 | 000,000,950 | ---- | M] () -- C:\Dokumente und Einstellungen\Kai\Anwendungsdaten\Mozilla\Firefox\Profiles\jkrqxriy.default\searchplugins\icqplugin-12.xml
[2009.06.13 13:23:05 | 000,000,950 | ---- | M] () -- C:\Dokumente und Einstellungen\Kai\Anwendungsdaten\Mozilla\Firefox\Profiles\jkrqxriy.default\searchplugins\icqplugin-13.xml
[2009.06.14 19:22:15 | 000,000,950 | ---- | M] () -- C:\Dokumente und Einstellungen\Kai\Anwendungsdaten\Mozilla\Firefox\Profiles\jkrqxriy.default\searchplugins\icqplugin-14.xml
[2009.06.14 23:47:07 | 000,000,950 | ---- | M] () -- C:\Dokumente und Einstellungen\Kai\Anwendungsdaten\Mozilla\Firefox\Profiles\jkrqxriy.default\searchplugins\icqplugin-15.xml
[2009.08.05 08:22:13 | 000,000,961 | ---- | M] () -- C:\Dokumente und Einstellungen\Kai\Anwendungsdaten\Mozilla\Firefox\Profiles\jkrqxriy.default\searchplugins\icqplugin-16.xml
[2009.09.11 20:14:30 | 000,000,961 | ---- | M] () -- C:\Dokumente und Einstellungen\Kai\Anwendungsdaten\Mozilla\Firefox\Profiles\jkrqxriy.default\searchplugins\icqplugin-17.xml
[2009.09.12 08:16:48 | 000,000,961 | ---- | M] () -- C:\Dokumente und Einstellungen\Kai\Anwendungsdaten\Mozilla\Firefox\Profiles\jkrqxriy.default\searchplugins\icqplugin-18.xml
[2009.09.13 16:51:16 | 000,000,666 | ---- | M] () -- C:\Dokumente und Einstellungen\Kai\Anwendungsdaten\Mozilla\Firefox\Profiles\jkrqxriy.default\searchplugins\icqplugin-19.xml
[2008.09.24 19:35:46 | 000,000,950 | ---- | M] () -- C:\Dokumente und Einstellungen\Kai\Anwendungsdaten\Mozilla\Firefox\Profiles\jkrqxriy.default\searchplugins\icqplugin-2.xml
[2009.11.07 21:31:44 | 000,000,961 | ---- | M] () -- C:\Dokumente und Einstellungen\Kai\Anwendungsdaten\Mozilla\Firefox\Profiles\jkrqxriy.default\searchplugins\icqplugin-20.xml
[2009.12.17 01:12:55 | 000,000,961 | ---- | M] () -- C:\Dokumente und Einstellungen\Kai\Anwendungsdaten\Mozilla\Firefox\Profiles\jkrqxriy.default\searchplugins\icqplugin-21.xml
[2010.01.07 09:47:12 | 000,000,961 | ---- | M] () -- C:\Dokumente und Einstellungen\Kai\Anwendungsdaten\Mozilla\Firefox\Profiles\jkrqxriy.default\searchplugins\icqplugin-22.xml
[2010.02.19 01:21:43 | 000,000,961 | ---- | M] () -- C:\Dokumente und Einstellungen\Kai\Anwendungsdaten\Mozilla\Firefox\Profiles\jkrqxriy.default\searchplugins\icqplugin-23.xml
[2010.03.30 23:55:27 | 000,000,961 | ---- | M] () -- C:\Dokumente und Einstellungen\Kai\Anwendungsdaten\Mozilla\Firefox\Profiles\jkrqxriy.default\searchplugins\icqplugin-24.xml
[2008.09.27 20:24:12 | 000,000,950 | ---- | M] () -- C:\Dokumente und Einstellungen\Kai\Anwendungsdaten\Mozilla\Firefox\Profiles\jkrqxriy.default\searchplugins\icqplugin-3.xml
[2008.09.27 20:49:13 | 000,000,950 | ---- | M] () -- C:\Dokumente und Einstellungen\Kai\Anwendungsdaten\Mozilla\Firefox\Profiles\jkrqxriy.default\searchplugins\icqplugin-4.xml
[2008.11.14 00:55:38 | 000,000,950 | ---- | M] () -- C:\Dokumente und Einstellungen\Kai\Anwendungsdaten\Mozilla\Firefox\Profiles\jkrqxriy.default\searchplugins\icqplugin-5.xml
[2008.12.19 01:28:31 | 000,000,950 | ---- | M] () -- C:\Dokumente und Einstellungen\Kai\Anwendungsdaten\Mozilla\Firefox\Profiles\jkrqxriy.default\searchplugins\icqplugin-6.xml
[2009.02.05 00:29:22 | 000,000,950 | ---- | M] () -- C:\Dokumente und Einstellungen\Kai\Anwendungsdaten\Mozilla\Firefox\Profiles\jkrqxriy.default\searchplugins\icqplugin-7.xml
[2009.02.07 20:03:50 | 000,000,950 | ---- | M] () -- C:\Dokumente und Einstellungen\Kai\Anwendungsdaten\Mozilla\Firefox\Profiles\jkrqxriy.default\searchplugins\icqplugin-8.xml
[2009.03.07 21:54:03 | 000,000,950 | ---- | M] () -- C:\Dokumente und Einstellungen\Kai\Anwendungsdaten\Mozilla\Firefox\Profiles\jkrqxriy.default\searchplugins\icqplugin-9.xml
[2010.03.30 23:54:51 | 000,000,168 | ---- | M] () -- C:\Dokumente und Einstellungen\Kai\Anwendungsdaten\Mozilla\Firefox\Profiles\jkrqxriy.default\searchplugins\icqplugin.gif
[2010.03.30 23:54:51 | 000,000,618 | ---- | M] () -- C:\Dokumente und Einstellungen\Kai\Anwendungsdaten\Mozilla\Firefox\Profiles\jkrqxriy.default\searchplugins\icqplugin.src
[2010.02.03 14:37:50 | 000,000,947 | ---- | M] () -- C:\Dokumente und Einstellungen\Kai\Anwendungsdaten\Mozilla\Firefox\Profiles\jkrqxriy.default\searchplugins\icqplugin.xml
[2010.06.15 19:56:15 | 000,000,000 | ---D | M] -- C:\Programme\Mozilla Firefox\extensions
[2006.11.08 13:03:21 | 000,000,000 | ---D | M] (Google Toolbar for Firefox) -- C:\Programme\Mozilla Firefox\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}
[2009.06.14 19:29:11 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
[2010.05.24 02:25:39 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010.04.26 23:35:39 | 000,000,000 | ---D | M] (Windows Media Player) -- C:\Programme\Mozilla Firefox\extensions\{ea97a0ec-cb67-41d1-a4ce-37b3e022ef8b}
[2010.04.12 17:29:19 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Programme\Mozilla Firefox\plugins\npdeployJava1.dll
[2009.09.14 23:15:19 | 000,001,392 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\amazondotcom-de.xml
[2009.09.14 23:15:19 | 000,002,344 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\eBay-de.xml
[2009.09.14 23:15:20 | 000,006,805 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\leo_ende_de.xml
[2009.09.14 23:15:20 | 000,001,178 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\wikipedia-de.xml
[2009.09.14 23:15:20 | 000,000,801 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\yahoo-de.xml

O1 HOSTS File: ([2006.02.01 00:34:32 | 000,000,874 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (XTTBPos00 Class) - {055FD26D-3A88-4e15-963D-DC8493744B1D} - C:\Programme\ICQToolbar\toolbaru.dll (IE Toolbar)
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (PC Tools Browser Guard BHO) - {2A0F3D1B-0909-4FF4-B272-609CCE6054E7} - C:\Programme\Spyware Doctor\BDT\PCTBrowserDefender.dll (Threat Expert Ltd.)
O2 - BHO: (no name) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - No CLSID value found.
O2 - BHO: (Windows Media Player) - {EA97A0EC-CB67-41D1-A4CE-37B3E022EF8B} - C:\Dokumente und Einstellungen\Kai\Anwendungsdaten\WMPlayer\IE\WMPlayer.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (Easy-WebPrint) - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Programme\Canon\Easy-WebPrint\Toolband.dll ()
O3 - HKLM\..\Toolbar: (PC Tools Browser Guard) - {472734EA-242A-422B-ADF8-83D1E48CC825} - C:\Programme\Spyware Doctor\BDT\PCTBrowserDefender.dll (Threat Expert Ltd.)
O3 - HKU\S-1-5-21-1614895754-1935655697-725345543-1004\..\Toolbar\ShellBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKU\S-1-5-21-1614895754-1935655697-725345543-1004\..\Toolbar\ShellBrowser: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No CLSID value found.
O3 - HKU\S-1-5-21-1614895754-1935655697-725345543-1004\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKU\S-1-5-21-1614895754-1935655697-725345543-1004\..\Toolbar\WebBrowser: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No CLSID value found.
O3 - HKU\S-1-5-21-1614895754-1935655697-725345543-1004\..\Toolbar\WebBrowser: (PC Tools Browser Guard) - {472734EA-242A-422B-ADF8-83D1E48CC825} - C:\Programme\Spyware Doctor\BDT\PCTBrowserDefender.dll (Threat Expert Ltd.)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [Adobe Photo Downloader] C:\Programme\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AnyDVD] C:\Dokumente und Einstellungen\Kai\Eigene Dateien\Downloads\Any DVD\AnyDVD 4.3.0.1 Crack\Crack\AnyDVD.exe (SlySoft, Inc.)
O4 - HKLM..\Run: [avgnt] C:\Programme\AntiVir PersonalEdition Classic\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [B2C_AGENT] C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\LGMOBILEAX\B2C_Client\B2CNotiAgent.exe (LG Electronics)
O4 - HKLM..\Run: [BluetoothAuthenticationAgent] C:\WINDOWS\System32\bthprops.cpl (Microsoft Corporation)
O4 - HKLM..\Run: [ControlCenter2.0] C:\Programme\Brother\ControlCenter2\brctrcen.exe (Brother Industries, Ltd.)
O4 - HKLM..\Run: [Dictionary4Free] File not found
O4 - HKLM..\Run: [DivXUpdate] C:\Programme\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [InCD] C:\Programme\Ahead\InCD\InCD.exe (Ahead Software AG)
O4 - HKLM..\Run: [IndexSearch] C:\Programme\ScanSoft\PaperPort\IndexSearch.exe (ScanSoft, Inc.)
O4 - HKLM..\Run: [ISTray] C:\Programme\Spyware Doctor\pctsTray.exe (PC Tools)
O4 - HKLM..\Run: [KernelFaultCheck] File not found
O4 - HKLM..\Run: [MCI USB Icon] C:\WINDOWS\system32\usbicon.exe ()
O4 - HKLM..\Run: [NBKeyScan] C:\Programme\Nero\Nero 7\Nero BackItUp\NBKeyScan.exe (Nero AG)
O4 - HKLM..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe (Ahead Software Gmbh)
O4 - HKLM..\Run: [PaperPort PTD] C:\Programme\ScanSoft\PaperPort\pptd40nt.exe (ScanSoft, Inc.)
O4 - HKLM..\Run: [PC Suite for Smartphones] C:\Programme\Sony Ericsson\Mobile4\Application Launcher\Application Launcher.exe ()
O4 - HKLM..\Run: [RemoteControl] C:\Programme\CyberLink DVD Solution\PowerDVD\PDVDServ.exe (Cyberlink Corp.)
O4 - HKLM..\Run: [SetDefPrt] C:\Programme\Brother\Brmfl04a\BrStDvPt.exe (Brother Industories, Ltd.)
O4 - HKLM..\Run: [Sony Ericsson PC Suite] C:\Programme\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe (Sony Ericsson Mobile Communications AB)
O4 - HKLM..\Run: [SSBkgdUpdate] C:\Programme\Gemeinsame Dateien\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe (Scansoft, Inc.)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [TkBellExe] C:\Programme\Gemeinsame Dateien\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [VX1000] C:\WINDOWS\vVX1000.exe (Microsoft Corporation)
O4 - HKU\.DEFAULT..\Run: [MySpaceIM] C:\Programme\MySpace\IM\MySpaceIM.exe ()
O4 - HKU\S-1-5-18..\Run: [MySpaceIM] C:\Programme\MySpace\IM\MySpaceIM.exe ()
O4 - HKU\S-1-5-21-1614895754-1935655697-725345543-1004..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] C:\Programme\Gemeinsame Dateien\Ahead\Lib\NMBgMonitor.exe (Nero AG)
O4 - HKU\S-1-5-21-1614895754-1935655697-725345543-1004..\Run: [JFSW2Launch] C:\Dokumente und Einstellungen\Kai\Anwendungsdaten\Transcend\JFSW2\JFSW2Launch.exe ()
O4 - HKU\S-1-5-21-1614895754-1935655697-725345543-1004..\Run: [Rainlendar2] C:\Programme\Rainlendar2\Rainlendar2.exe ()
O4 - HKU\S-1-5-21-1614895754-1935655697-725345543-1004..\Run: [RocketDock] C:\Programme\RocketDock\RocketDock.exe ()
O4 - HKLM..\RunOnceEx: [Flag] Reg Error: Invalid data type. File not found
O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\Adobe Reader - Schnellstart.lnk = C:\Programme\Adobe\Acrobat 7.0\Reader\reader_sl.exe (Adobe Systems Incorporated)
O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\Status Monitor.lnk = C:\Programme\Brother\Brmfcmon\BrMfcWnd.exe (Brother Industries, Ltd.)
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 91 00 00 00 [binary data]
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 91 00 00 00 [binary data]
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1614895754-1935655697-725345543-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: Easy-WebPrint Drucken - C:\Programme\Canon\Easy-WebPrint\Resource.dll ()
O8 - Extra context menu item: Easy-WebPrint Schnelldruck - C:\Programme\Canon\Easy-WebPrint\Resource.dll ()
O8 - Extra context menu item: Easy-WebPrint Vorschau - C:\Programme\Canon\Easy-WebPrint\Resource.dll ()
O8 - Extra context menu item: Easy-WebPrint Zu Druckliste hinzufügen - C:\Programme\Canon\Easy-WebPrint\Resource.dll ()
O8 - Extra context menu item: Senden an &Bluetooth - C:\Programme\DLink\Bluetooth Software\btsendto_ie_ctx.htm ()
O9 - Extra Button: ICQ7.1 - {71BFC818-0CED-42D6-9C87-5142918957EE} - C:\Programme\ICQ7.1\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.1 - {71BFC818-0CED-42D6-9C87-5142918957EE} - C:\Programme\ICQ7.1\ICQ.exe (ICQ, LLC.)
O9 - Extra Button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Programme\ICQLite\ICQLite.exe File not found
O9 - Extra 'Tools' menuitem : ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Programme\ICQLite\ICQLite.exe File not found
O9 - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\DLink\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\DLink\Bluetooth Software\btsendto_ie.htm ()
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Programme\Gemeinsame Dateien\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Programme\Gemeinsame Dateien\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Programme\Gemeinsame Dateien\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000032 - C:\Programme\Gemeinsame Dateien\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O15 - HKU\S-1-5-21-1614895754-1935655697-725345543-1004\..Trusted Domains: fritz.box ([]* in Lokales Intranet)
O16 - DPF: {00000163-9980-0010-8000-00AA00389B71} hxxp://codecs.microsoft.com/codecs/i386/wma9dmo.cab (Reg Error: Key error.)
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} hxxp://www.apple.com/qtactivex/qtplugin.cab (QuickTime Object)
O16 - DPF: {27FA5271-12D2-43E3-9424-365A43236EE7} hxxp://www.pixaco.de/static/download/iedropupload.cab (PIXACO upload plugin)
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} C:\Programme\Yahoo!\Common\yinsthelper.dll (YInstStarter Class)
O16 - DPF: {33564D57-0000-0010-8000-00AA00389B71} hxxp://download.microsoft.com/download/F/6/E/F6E491A6-77E1-4E20-9F5F-94901338C922/wmv9VCM.CAB (Reg Error: Key error.)
O16 - DPF: {33564D57-9980-0010-8000-00AA00389B71} hxxp://codecs.microsoft.com/codecs/i386/wmv9dmo.cab (Reg Error: Key error.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-0014-0002-0010-ABCDEFFEDCBA} Java Plug-in Technology (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0015-0000-0001-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_01-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0015-0000-0002-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_02-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0015-0000-0004-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_04-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0015-0000-0008-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_08-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0015-0000-0009-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_09-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0015-0000-0010-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_10-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0015-0000-0011-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_11-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_01-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_02-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O16 - DPF: DirectAnimation Java Classes file://C:\WINDOWS\Java\classes\dajava.cab (Reg Error: Key error.)
O16 - DPF: Microsoft XML Parser for Java file://C:\WINDOWS\Java\classes\xmldso.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Information Retrieval\MSITSS.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Web Components\10\OWC10.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Web Components\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Gemeinsame Dateien\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\reset5: DllName - reset5.dll - File not found
O24 - Desktop Components:0 (Die derzeitige Homepage) - About:Home
O24 - Desktop WallPaper: C:\Dokumente und Einstellungen\Kai\Lokale Einstellungen\Anwendungsdaten\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Dokumente und Einstellungen\Kai\Lokale Einstellungen\Anwendungsdaten\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2004.01.23 15:20:42 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{30511268-61df-11df-a335-0011957d3f00}\Shell - "" = AutoRun
O33 - MountPoints2\{30511268-61df-11df-a335-0011957d3f00}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{30511268-61df-11df-a335-0011957d3f00}\Shell\AutoRun\command - "" = G:\USBAutoRun.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O36 - AppCertDlls: ati2acls - (C:\WINDOWS\system32\chknsmui.dll) - C:\WINDOWS\system32\chknsmui.dll ()
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: 6to4 - File not found
NetSvcs: Ias - C:\WINDOWS\system32\ias [2004.01.23 15:20:19 | 000,000,000 | ---D | M]
NetSvcs: Iprip - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: Wmi - C:\WINDOWS\system32\wmi.dll (Microsoft Corporation)
NetSvcs: WmdmPmSp - File not found

MsConfig - StartUpFolder: C:^Dokumente und Einstellungen^All Users^Startmenü^Programme^Autostart^Adobe Gamma Loader.lnk - C:\Programme\Gemeinsame Dateien\Adobe\Calibration\Adobe Gamma Loader.exe - (Adobe Systems, Inc.)
MsConfig - StartUpFolder: C:^Dokumente und Einstellungen^All Users^Startmenü^Programme^Autostart^BTTray.lnk - C:\Programme\DLink\Bluetooth Software\BTTray.exe - (WIDCOMM, Inc.)
MsConfig - StartUpReg: QuickTime Task - hkey= - key= - C:\Programme\QuickTime\QTTask.exe (Apple Inc.)
MsConfig - StartUpReg: updateMgr - hkey= - key= - C:\Programme\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe (Adobe Systems Incorporated)
MsConfig - StartUpReg: WinFast Schedule - hkey= - key= - C:\Programme\WinFast\WFTVFM\WFWIZ.exe (Leadtek Research Inc.)
MsConfig - State: "system.ini" - 0
MsConfig - State: "win.ini" - 0
MsConfig - State: "bootini" - 0
MsConfig - State: "services" - 0
MsConfig - State: "startup" - 2

SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: sermouse.sys - Driver
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vds - Service
SafeBootMin: vga.sys - Driver
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: sermouse.sys - Driver
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: UploadMgr - Service
SafeBootNet: vga.sys - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

ActiveX: {0291E591-EA41-4c82-8106-3DC6CE7F7664} - Reg Error: Value error.
ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Microsoft VM
ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608555} - Internet Explorer Classes for Java
ActiveX: {10072CEC-8CC1-11D1-986E-00A0C955B42F} - Vektorgrafik-Rendering (VML)
ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - NetShow
ActiveX: {2298d453-bcae-4519-bf33-1cbf3faf1524} - Q867801
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 6.4
ActiveX: {283807B5-2C60-11D0-A31D-00AA00B92C03} - DirectAnimation
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {2cc9d512-6db6-4f1c-8979-9a41fae88de0} - Q837009
ActiveX: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} - Reg Error: Value error.
ActiveX: {347B0667-C7ED-429B-BDE3-CC8D3BACAA31} - Reg Error: Value error.
ActiveX: {36f8ec70-c29a-11d1-b5c7-0000f8051515} - Dynamic HTML-Datenbindung für Java
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {3bf42070-b3b1-11d1-b5c5-0000f8051515} - Uniscribe
ActiveX: {3e7bb08a-a7a3-4692-8eac-ac5e7895755b} - KB834707
ActiveX: {411EDCF7-755D-414E-A74B-3DCD6583F589} - Microsoft .NET Framework 1.1 Service Pack 1 (KB867460)
ActiveX: {4278c270-a269-11d1-b5bf-0000f8051515} - Erweitertes Authoring
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install
ActiveX: {44BBA842-CC51-11CF-AAFA-00AA00B6015B} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT
ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - DirectShow
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015C} - Microsoft DirectX
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f216970-c90c-11d1-b5c7-0000f8051515} - DirectAnimation Java Classes
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5945c046-1e7d-11d1-bc44-00c04fd912be} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser
ActiveX: {5A8D6EE0-3E18-11D0-821E-444553540000} - ICW
ActiveX: {5f3c70b3-ac2f-432c-8f9c-1624df61f54f} - Microsoft Data Access Components KB870669
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7131646D-CD3C-40F4-97B9-CD9E4E6262EF} - .NET Framework
ActiveX: {73FA19D0-2D75-11D2-995D-00C04F98BBC9} - Webordner
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install
ActiveX: {795d0712-722c-43ec-906a-fc5e678eada9} - Q831167
ActiveX: {839117ee-2132-4bae-a56a-42b50204c9b9} - KB889293
ActiveX: {8937FCB2-2FC6-4FC3-9FB5-DE2C92DB9C38} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\WINDOWS\system32\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\WINDOWS\system32\Rundll32.exe C:\WINDOWS\system32\mscories.dll,Install
ActiveX: {8D1D0E9A-C799-4D28-9E29-0061D1E66E43} - Microsoft .NET Framework 1.1 Hotfix (KB928366)
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {B508B3F1-A24A-32C0-B310-85786919EF28} - .NET Framework
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} - .NET Framework
ActiveX: {CC2A9BA0-3BDD-11D0-821E-444553540000} - Taskplaner
ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1
ActiveX: {D27CDB6E-AE6D-11cf-96B8-444553540000} - Adobe Flash Player
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: {eddbec60-89cb-44ef-8291-0850fd28ff6a} - Q832894
ActiveX: {f5173cf0-1dfb-4978-8e50-a90169ee7ca9} - Q823353
ActiveX: {F5776D81-AE53-4935-8E84-B0B283D8BCEF} - Q330994
ActiveX: <{12d0ed0d-0ee0-4f90-8827-78cefb8f4988} - C:\WINDOWS\system32\ieudinit.exe
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\WINDOWS\inf\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\WINDOWS\system32\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP
ActiveX: >{881dd1c5-3dcf-431b-b061-f3f88e8be88a} - %systemroot%\system32\shmgrate.exe OCInstallUserConfigOE

Drivers32: MIDI1 - C:\WINDOWS\System32\Syncor11.dll (SoundMAX)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.scg726 - C:\WINDOWS\System32\scg726.acm (SHARP Corporation)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: MSVideo8 - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: SENTINEL - C:\WINDOWS\System32\SNTI386.DLL ()
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.DIVX - C:\WINDOWS\System32\DivX.dll (DivX, Inc.)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: VIDC.IV50 - C:\WINDOWS\System32\Ir50_32.dll (Intel Corporation)
Drivers32: VIDC.MP42 - C:\WINDOWS\System32\mpg4c32.dll (Microsoft Corporation)
Drivers32: VIDC.MP43 - C:\WINDOWS\System32\mpg4c32.dll (Microsoft Corporation)
Drivers32: VIDC.MPG4 - C:\WINDOWS\System32\mpg4c32.dll (Microsoft Corporation)
Drivers32: VIDC.WMV3 - C:\WINDOWS\System32\wmv9vcm.dll (Microsoft Corporation)
Drivers32: vidc.yv12 - C:\WINDOWS\System32\DivX.dll (DivX, Inc.)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point (7050485169127424)

========== Files/Folders - Created Within 30 Days ==========

[2010.06.16 20:32:58 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Kai\Lokale Einstellungen\Anwendungsdaten\Threat Expert
[2010.06.16 20:08:28 | 000,149,456 | ---- | C] (PC Tools) -- C:\WINDOWS\SGDetectionTool.dll
[2010.06.16 20:08:27 | 001,652,688 | ---- | C] (Threat Expert Ltd.) -- C:\WINDOWS\PCTBDCore.dll.old
[2010.06.16 20:08:27 | 001,652,664 | ---- | C] (Threat Expert Ltd.) -- C:\WINDOWS\PCTBDCore.dll
[2010.06.16 20:08:27 | 000,165,840 | ---- | C] (Threat Expert Ltd.) -- C:\WINDOWS\PCTBDRes.dll
[2010.06.16 20:06:30 | 000,233,136 | ---- | C] (PC Tools) -- C:\WINDOWS\System32\drivers\pctgntdi.sys
[2010.06.16 20:06:18 | 000,218,592 | ---- | C] (PC Tools) -- C:\WINDOWS\System32\drivers\PCTCore.sys
[2010.06.16 20:06:17 | 000,088,040 | ---- | C] (PC Tools) -- C:\WINDOWS\System32\drivers\PCTAppEvent.sys
[2010.06.16 20:06:02 | 000,063,360 | ---- | C] (PC Tools) -- C:\WINDOWS\System32\drivers\pctplsg.sys
[2010.06.16 20:05:45 | 000,000,000 | ---D | C] -- C:\Programme\Gemeinsame Dateien\PC Tools
[2010.06.16 20:05:44 | 000,000,000 | ---D | C] -- C:\Programme\Spyware Doctor
[2010.06.16 20:05:44 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Kai\Anwendungsdaten\PC Tools
[2010.06.16 20:05:44 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\PC Tools
[2010.06.16 20:05:25 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TEMP
[2010.06.16 09:04:29 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\LocalService\Anwendungsdaten\Adobe
[2010.06.12 01:33:23 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Kai\Anwendungsdaten\Facebook
[2010.06.12 00:38:43 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Kai\Anwendungsdaten\vimeo.Duplo.3E2F2984357E7A95AE95C69EF2C5C14640284048.1
[2010.06.12 00:36:20 | 000,000,000 | ---D | C] -- C:\Programme\Vimeo Uploader
[2010.06.11 20:17:11 | 000,000,000 | ---D | C] -- C:\Programme\DVDx
[2010.06.10 13:35:23 | 000,126,976 | ---- | C] (Brother Industries,LTD) -- C:\WINDOWS\System32\BrfxD04a.dll
[2010.06.08 09:46:53 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Kai\Eigene Dateien\Flyer Hall11
[2010.05.28 19:50:01 | 000,000,000 | R--D | C] -- C:\Dokumente und Einstellungen\Kai\Anwendungsdaten\Brother
[2010.05.27 08:50:55 | 000,000,000 | ---D | C] -- C:\Programme\LGInternetKit
[2010.05.25 22:11:09 | 000,025,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usbprint.sys
[2010.05.25 22:07:42 | 000,131,072 | ---- | C] (Brother Industries,ltd) -- C:\WINDOWS\System32\bsplmf01.exe
[2010.05.25 22:07:41 | 000,258,048 | ---- | C] (Brother Industries, Ltd) -- C:\WINDOWS\System32\bsplmf01.dll
[2010.05.25 22:07:41 | 000,120,832 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\BrWia04a.dll
[2010.05.25 22:07:41 | 000,057,344 | ---- | C] (brother Industries Ltd) -- C:\WINDOWS\System32\brsvc01a.exe
[2010.05.25 22:07:41 | 000,045,056 | ---- | C] (brother Industries Ltd) -- C:\WINDOWS\System32\brss01a.exe
[2010.05.25 22:07:41 | 000,037,376 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\BrUSi04a.dll
[2010.05.25 22:07:40 | 000,065,536 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\Brmfrmps.exe
[2010.05.25 22:07:40 | 000,054,272 | ---- | C] (Brother Industries,Ltd.) -- C:\WINDOWS\System32\brinsstr.dll
[2010.05.25 22:07:40 | 000,015,263 | ---- | C] (Brother Industries Ltd.) -- C:\WINDOWS\System32\drivers\BrScnUsb.sys
[2010.05.25 22:07:33 | 000,176,128 | ---- | C] (brother) -- C:\WINDOWS\System32\Pdrvinst.dll
[2010.05.25 22:07:33 | 000,081,920 | ---- | C] (brother) -- C:\WINDOWS\System32\BrWebIns.dll
[2010.05.25 22:07:33 | 000,065,536 | ---- | C] (brother) -- C:\WINDOWS\System32\Brwebup.exe
[2010.05.25 22:07:32 | 000,000,000 | ---D | C] -- C:\Programme\Brother
[2010.05.25 22:07:31 | 000,000,000 | ---D | C] -- C:\Brother
[2010.05.25 22:07:29 | 000,147,456 | ---- | C] (Brother Industries,Ltd.) -- C:\WINDOWS\brunin03.dll
[2010.05.25 21:57:38 | 000,000,000 | ---D | C] -- C:\Programme\Gemeinsame Dateien\ScanSoft Shared
[2010.05.25 21:57:28 | 000,000,000 | ---D | C] -- C:\Programme\ScanSoft
[2010.05.25 21:57:28 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\ScanSoft
[2010.05.25 21:56:03 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Brother
[2010.05.24 12:07:35 | 000,014,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\spmsgXP_2k3.dll
[2010.05.24 02:25:56 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Sun
[2010.05.24 02:25:38 | 000,411,368 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\deployJava1.dll
[2010.05.24 02:25:37 | 000,153,376 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe
[2010.05.24 02:25:37 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe
[2010.05.24 02:25:37 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe
[2010.05.18 22:43:54 | 000,000,000 | ---D | C] -- C:\Programme\DIFX
[2010.05.18 22:43:50 | 000,016,896 | ---- | C] (Danish Wireless Design A/S) -- C:\WINDOWS\System32\drivers\FlashUsb.sys
[2010.05.18 22:43:50 | 000,000,000 | ---D | C] -- C:\Programme\infineon
[2010.05.18 22:43:20 | 000,000,000 | ---D | C] -- C:\GD510
[2010.05.18 22:42:01 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msxml4a.dll
[2010.05.18 22:41:55 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\LGMOBILEAX
[2010.05.18 22:37:23 | 000,258,048 | ---- | C] (LG Electronics Inc.) -- C:\WINDOWS\esn.dll
[2010.05.18 22:37:23 | 000,180,224 | ---- | C] (LG Electronics) -- C:\WINDOWS\AuthDll.dll
[2010.05.18 22:37:23 | 000,090,112 | ---- | C] (LG Electronics) -- C:\WINDOWS\LGMobileDL.dll
[2010.05.18 01:05:17 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\NSS
[2010.05.18 01:05:17 | 000,000,000 | ---D | C] -- C:\Programme\Norton Security Scan
[2010.05.18 01:05:17 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Norton
[2010.05.18 01:05:17 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\NSS\0207030.022
[2010.05.18 01:05:10 | 000,000,000 | ---D | C] -- C:\Programme\NortonInstaller
[2010.05.18 01:05:10 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\NortonInstaller
[2010.05.17 22:02:53 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\DivX
[2009.07.21 23:49:49 | 000,057,344 | ---- | C] ( ) -- C:\WINDOWS\System32\vsnpstd3.dll
[2009.07.21 23:49:49 | 000,053,248 | ---- | C] ( ) -- C:\WINDOWS\System32\csnpstd3.dll
[2005.06.18 08:04:56 | 000,033,792 | ---- | C] ( ) -- C:\WINDOWS\System32\a3d.dll
[9 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2010.06.16 20:31:02 | 000,001,088 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2010.06.16 20:06:10 | 000,001,598 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Spyware Doctor.lnk
[2010.06.16 19:26:00 | 000,000,116 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2010.06.16 08:47:03 | 000,001,084 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2010.06.16 08:47:00 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010.06.16 08:46:56 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010.06.16 08:46:10 | 016,252,928 | ---- | M] () -- C:\Dokumente und Einstellungen\Kai\ntuser.dat
[2010.06.16 08:46:10 | 000,030,600 | ---- | M] () -- C:\WINDOWS\System32\BMXStateBkp-{00000000-00000000-0000000D-00001102-00000008-10211102}.rfx
[2010.06.16 08:46:10 | 000,030,600 | ---- | M] () -- C:\WINDOWS\System32\BMXState-{00000000-00000000-0000000D-00001102-00000008-10211102}.rfx
[2010.06.16 08:46:10 | 000,029,604 | ---- | M] () -- C:\WINDOWS\System32\BMXCtrlState-{00000000-00000000-0000000D-00001102-00000008-10211102}.rfx
[2010.06.16 08:46:10 | 000,029,604 | ---- | M] () -- C:\WINDOWS\System32\BMXBkpCtrlState-{00000000-00000000-0000000D-00001102-00000008-10211102}.rfx
[2010.06.16 08:46:10 | 000,011,564 | ---- | M] () -- C:\WINDOWS\System32\DVCState-{00000000-00000000-0000000D-00001102-00000008-10211102}.rfx
[2010.06.16 08:46:10 | 000,001,080 | ---- | M] () -- C:\WINDOWS\System32\settingsbkup.sfm
[2010.06.16 08:46:10 | 000,001,080 | ---- | M] () -- C:\WINDOWS\System32\settings.sfm
[2010.06.16 08:46:01 | 000,000,300 | -HS- | M] () -- C:\Dokumente und Einstellungen\Kai\ntuser.ini
[2010.06.16 08:31:18 | 000,075,096 | ---- | M] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avipbb.sys
[2010.06.16 08:31:18 | 000,045,400 | ---- | M] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avgntdd.sys
[2010.06.16 08:31:18 | 000,022,360 | ---- | M] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avgntmgr.sys
[2010.06.15 09:28:48 | 000,039,202 | ---- | M] () -- C:\Dokumente und Einstellungen\Kai\Eigene Dateien\img_0628.jpg
[2010.06.15 09:28:39 | 000,037,594 | ---- | M] () -- C:\Dokumente und Einstellungen\Kai\Eigene Dateien\img_0627.jpg
[2010.06.15 09:28:29 | 000,038,333 | ---- | M] () -- C:\Dokumente und Einstellungen\Kai\Eigene Dateien\img_0626.jpg
[2010.06.15 09:26:58 | 000,035,242 | ---- | M] () -- C:\Dokumente und Einstellungen\Kai\Eigene Dateien\img_0573.jpg
[2010.06.12 00:36:22 | 000,000,681 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Vimeo Uploader.lnk
[2010.06.12 00:34:14 | 000,165,376 | ---- | M] () -- C:\Dokumente und Einstellungen\Kai\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.06.11 22:19:12 | 000,261,004 | -H-- | M] () -- C:\Dokumente und Einstellungen\Kai\Lokale Einstellungen\Anwendungsdaten\IconCache.db
[2010.06.11 22:14:04 | 000,112,968 | ---- | M] () -- C:\Dokumente und Einstellungen\Kai\Eigene Dateien\Kai_Matthias.jpg
[2010.06.11 21:36:22 | 457,477,076 | ---- | M] () -- C:\Dokumente und Einstellungen\Kai\Desktop\flohinke.mpg
[2010.06.11 20:17:17 | 000,000,609 | ---- | M] () -- C:\Dokumente und Einstellungen\Kai\Desktop\DVDx.lnk
[2010.06.11 09:34:52 | 000,016,554 | ---- | M] () -- C:\Dokumente und Einstellungen\Kai\Desktop\flo.gif
[2010.06.10 18:16:43 | 000,134,937 | ---- | M] () -- C:\Dokumente und Einstellungen\Kai\Desktop\profile.php
[2010.06.10 13:53:09 | 000,000,468 | ---- | M] () -- C:\WINDOWS\BRWMARK.INI
[2010.06.10 13:41:50 | 000,002,278 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010.06.10 13:36:53 | 000,001,703 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\Status Monitor.lnk
[2010.06.10 13:36:26 | 000,000,050 | ---- | M] () -- C:\WINDOWS\System32\BRIDF04A.dat
[2010.06.10 01:15:31 | 000,046,592 | ---- | M] () -- C:\WINDOWS\System32\chknsmui.dll
[2010.06.09 22:38:27 | 064,862,820 | ---- | M] () -- C:\Dokumente und Einstellungen\Kai\Desktop\mark_line.avi
[2010.06.08 04:16:01 | 000,763,832 | ---- | M] () -- C:\WINDOWS\BDTSupport.dll
[2010.06.08 02:21:02 | 001,652,664 | ---- | M] (Threat Expert Ltd.) -- C:\WINDOWS\PCTBDCore.dll
[2010.06.05 20:08:26 | 000,000,454 | -H-- | M] () -- C:\WINDOWS\tasks\Norton Security Scan for Kai.job
[2010.06.05 01:36:41 | 000,064,768 | ---- | M] () -- C:\Dokumente und Einstellungen\Kai\Eigene Dateien\Pic-20100605-001.jpg
[2010.05.30 22:07:30 | 000,049,870 | ---- | M] () -- C:\Dokumente und Einstellungen\Kai\Desktop\jenn2.jpg
[2010.05.30 22:04:34 | 000,021,387 | ---- | M] () -- C:\Dokumente und Einstellungen\Kai\Desktop\jenn.jpg
[2010.05.26 23:54:13 | 000,384,582 | ---- | M] () -- C:\Dokumente und Einstellungen\Kai\Eigene Dateien\P1010053.JPG
[2010.05.26 23:50:45 | 001,109,406 | ---- | M] () -- C:\Dokumente und Einstellungen\Kai\Eigene Dateien\000_0007.JPG
[2010.05.26 19:35:17 | 000,000,000 | ---- | M] () -- C:\WINDOWS\Brownie.ini
[2010.05.25 22:11:37 | 000,000,030 | ---- | M] () -- C:\WINDOWS\System32\brss01a.ini
[2010.05.25 22:11:37 | 000,000,027 | ---- | M] () -- C:\WINDOWS\BRPP2KA.INI
[2010.05.25 22:11:36 | 000,000,184 | ---- | M] () -- C:\WINDOWS\System32\brsvc01a.bsi
[2010.05.25 21:44:10 | 001,080,330 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2010.05.25 21:44:10 | 000,462,770 | ---- | M] () -- C:\WINDOWS\System32\perfh007.dat
[2010.05.25 21:44:10 | 000,444,528 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010.05.25 21:44:10 | 000,085,704 | ---- | M] () -- C:\WINDOWS\System32\perfc007.dat
[2010.05.25 21:44:10 | 000,072,152 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010.05.24 12:07:47 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\Msft_Kernel_ggsemc_01007.Wdf
[2010.05.24 12:07:45 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\MsftWdf_Kernel_01007_Coinstaller_Critical.Wdf
[2010.05.19 20:58:48 | 000,001,319 | ---- | M] () -- C:\WINDOWS\win.ini
[2010.05.19 20:58:48 | 000,000,253 | ---- | M] () -- C:\WINDOWS\system.ini
[2010.05.18 22:45:07 | 000,002,413 | ---- | M] () -- C:\WINDOWS\System32\lgAxconfig.ini
[2010.05.18 01:05:24 | 000,000,962 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Norton Security Scan.lnk
[2010.05.18 01:05:17 | 000,000,172 | ---- | M] () -- C:\WINDOWS\System32\drivers\NSS\0207030.022\isolate.ini
[9 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files Created - No Company Name ==========

[2010.06.16 20:08:30 | 000,767,952 | ---- | C] () -- C:\WINDOWS\BDTSupport.dll.old
[2010.06.16 20:08:30 | 000,763,832 | ---- | C] () -- C:\WINDOWS\BDTSupport.dll
[2010.06.16 20:08:28 | 000,000,882 | ---- | C] () -- C:\WINDOWS\RegSDImport.xml
[2010.06.16 20:08:28 | 000,000,879 | ---- | C] () -- C:\WINDOWS\RegISSImport.xml
[2010.06.16 20:08:28 | 000,000,131 | ---- | C] () -- C:\WINDOWS\IDB.zip
[2010.06.16 20:08:27 | 001,152,444 | ---- | C] () -- C:\WINDOWS\UDB.zip
[2010.06.16 20:06:30 | 000,007,387 | ---- | C] () -- C:\WINDOWS\System32\drivers\pctgntdi.cat
[2010.06.16 20:06:18 | 000,007,412 | ---- | C] () -- C:\WINDOWS\System32\drivers\PCTAppEvent.cat
[2010.06.16 20:06:18 | 000,007,383 | ---- | C] () -- C:\WINDOWS\System32\drivers\pctcore.cat
[2010.06.16 20:06:10 | 000,001,598 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Spyware Doctor.lnk
[2010.06.16 20:06:02 | 000,007,383 | ---- | C] () -- C:\WINDOWS\System32\drivers\pctplsg.cat
[2010.06.15 09:28:48 | 000,039,202 | ---- | C] () -- C:\Dokumente und Einstellungen\Kai\Eigene Dateien\img_0628.jpg
[2010.06.15 09:28:39 | 000,037,594 | ---- | C] () -- C:\Dokumente und Einstellungen\Kai\Eigene Dateien\img_0627.jpg
[2010.06.15 09:28:28 | 000,038,333 | ---- | C] () -- C:\Dokumente und Einstellungen\Kai\Eigene Dateien\img_0626.jpg
[2010.06.15 09:26:56 | 000,035,242 | ---- | C] () -- C:\Dokumente und Einstellungen\Kai\Eigene Dateien\img_0573.jpg
[2010.06.12 00:36:22 | 000,000,681 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Vimeo Uploader.lnk
[2010.06.11 22:14:02 | 000,112,968 | ---- | C] () -- C:\Dokumente und Einstellungen\Kai\Eigene Dateien\Kai_Matthias.jpg
[2010.06.11 20:29:38 | 457,477,076 | ---- | C] () -- C:\Dokumente und Einstellungen\Kai\Desktop\flohinke.mpg
[2010.06.11 20:17:17 | 000,000,609 | ---- | C] () -- C:\Dokumente und Einstellungen\Kai\Desktop\DVDx.lnk
[2010.06.11 09:34:52 | 000,016,554 | ---- | C] () -- C:\Dokumente und Einstellungen\Kai\Desktop\flo.gif
[2010.06.10 18:16:40 | 000,134,937 | ---- | C] () -- C:\Dokumente und Einstellungen\Kai\Desktop\profile.php
[2010.06.10 13:35:24 | 000,000,000 | ---- | C] () -- C:\WINDOWS\brdfxspd.dat
[2010.06.10 01:15:31 | 000,046,592 | ---- | C] () -- C:\WINDOWS\System32\chknsmui.dll
[2010.06.09 22:41:26 | 064,862,820 | ---- | C] () -- C:\Dokumente und Einstellungen\Kai\Desktop\mark_line.avi
[2010.06.05 01:36:41 | 000,064,768 | ---- | C] () -- C:\Dokumente und Einstellungen\Kai\Eigene Dateien\Pic-20100605-001.jpg
[2010.05.30 22:07:28 | 000,049,870 | ---- | C] () -- C:\Dokumente und Einstellungen\Kai\Desktop\jenn2.jpg
[2010.05.30 22:04:32 | 000,021,387 | ---- | C] () -- C:\Dokumente und Einstellungen\Kai\Desktop\jenn.jpg
[2010.05.26 23:57:42 | 000,384,325 | ---- | C] () -- C:\Dokumente und Einstellungen\Kai\Eigene Dateien\P1010055.JPG
[2010.05.26 23:57:35 | 000,374,314 | ---- | C] () -- C:\Dokumente und Einstellungen\Kai\Eigene Dateien\P1010054.JPG
[2010.05.26 23:54:01 | 000,384,582 | ---- | C] () -- C:\Dokumente und Einstellungen\Kai\Eigene Dateien\P1010053.JPG
[2010.05.26 19:35:17 | 000,000,000 | ---- | C] () -- C:\WINDOWS\Brownie.ini
[2010.05.25 22:12:16 | 000,001,703 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\Status Monitor.lnk
[2010.05.25 22:11:37 | 000,000,468 | ---- | C] () -- C:\WINDOWS\BRWMARK.INI
[2010.05.25 22:11:37 | 000,000,030 | ---- | C] () -- C:\WINDOWS\System32\brss01a.ini
[2010.05.25 22:11:37 | 000,000,027 | ---- | C] () -- C:\WINDOWS\BRPP2KA.INI
[2010.05.25 22:11:36 | 000,000,184 | ---- | C] () -- C:\WINDOWS\System32\brsvc01a.bsi
[2010.05.25 22:08:28 | 000,000,050 | ---- | C] () -- C:\WINDOWS\System32\BRIDF04A.dat
[2010.05.25 22:07:31 | 000,006,224 | ---- | C] () -- C:\WINDOWS\CVRPAGE.bmp
[2010.05.25 21:58:18 | 000,027,114 | ---- | C] () -- C:\WINDOWS\maxlink.ini
[2010.05.24 12:07:47 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\Msft_Kernel_ggsemc_01007.Wdf
[2010.05.24 12:07:45 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\MsftWdf_Kernel_01007_Coinstaller_Critical.Wdf
[2010.05.18 22:42:01 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\CommonDL.dll
[2010.05.18 22:42:01 | 000,002,413 | ---- | C] () -- C:\WINDOWS\System32\lgAxconfig.ini
[2010.05.18 22:37:23 | 000,221,291 | ---- | C] () -- C:\WINDOWS\Imei_dll.dll
[2010.05.18 22:37:23 | 000,040,960 | ---- | C] () -- C:\WINDOWS\Sublock.dll
[2010.05.18 01:05:30 | 000,000,454 | -H-- | C] () -- C:\WINDOWS\tasks\Norton Security Scan for Kai.job
[2010.05.18 01:05:24 | 000,000,962 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Norton Security Scan.lnk
[2010.05.18 01:05:17 | 000,000,172 | ---- | C] () -- C:\WINDOWS\System32\drivers\NSS\0207030.022\isolate.ini
[2009.07.21 23:49:49 | 000,015,478 | ---- | C] () -- C:\WINDOWS\snpstd3.ini
[2009.07.14 20:05:29 | 000,015,498 | ---- | C] () -- C:\WINDOWS\VX1000.ini
[2008.03.25 23:36:27 | 000,000,072 | ---- | C] () -- C:\WINDOWS\MediaManager.INI
[2008.03.05 12:56:20 | 000,000,000 | ---- | C] () -- C:\WINDOWS\mngui.INI
[2008.01.18 02:37:47 | 000,073,728 | ---- | C] () -- C:\WINDOWS\System32\realbap1.dll
[2007.10.23 20:08:06 | 000,003,404 | ---- | C] () -- C:\WINDOWS\tm.ini
[2006.11.04 13:21:18 | 000,007,207 | R--- | C] () -- C:\WINDOWS\Disktool.INI
[2006.11.04 13:21:18 | 000,006,565 | R--- | C] () -- C:\WINDOWS\fwupgrade.ini
[2006.11.04 13:21:18 | 000,005,826 | R--- | C] () -- C:\WINDOWS\GenAmvTool.INI
[2006.11.04 13:21:18 | 000,003,677 | R--- | C] () -- C:\WINDOWS\SoundCon.INI
[2006.10.05 00:49:44 | 000,003,677 | ---- | C] () -- C:\WINDOWS\PlaySnd.INI
[2006.08.27 20:07:46 | 000,000,298 | ---- | C] () -- C:\WINDOWS\cdplayer.ini
[2006.01.24 22:05:56 | 000,050,410 | ---- | C] () -- C:\WINDOWS\System32\e10kxwdm.ini
[2006.01.24 01:19:22 | 000,000,072 | ---- | C] () -- C:\WINDOWS\sbwin.ini
[2006.01.23 20:20:44 | 000,000,193 | ---- | C] () -- C:\WINDOWS\System32\ctzapxx.ini
[2005.12.08 13:24:52 | 000,038,400 | ---- | C] () -- C:\WINDOWS\System32\CTBURST.DLL
[2005.09.27 12:43:59 | 000,000,151 | ---- | C] () -- C:\WINDOWS\PhotoSnapViewer.INI
[2005.06.16 19:17:16 | 000,071,680 | ---- | C] () -- C:\WINDOWS\System32\CTMMACTL.DLL
[2005.03.11 22:13:47 | 000,057,344 | ---- | C] () -- C:\WINDOWS\System32\HKLock.dll
[2005.03.11 22:13:47 | 000,057,344 | ---- | C] () -- C:\WINDOWS\HKLock.dll
[2005.03.01 01:16:26 | 000,000,199 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2005.02.28 20:41:03 | 000,008,192 | ---- | C] () -- C:\WINDOWS\suecmdial.dll
[2005.02.28 19:54:39 | 000,042,990 | ---- | C] () -- C:\WINDOWS\System32\pddsladp.dll
[2004.11.05 14:28:59 | 000,363,520 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2004.10.18 00:14:56 | 000,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2004.08.20 00:19:57 | 000,072,704 | ---- | C] () -- C:\WINDOWS\System32\drivers\SENTINEL.SYS
[2004.08.20 00:19:57 | 000,047,616 | ---- | C] () -- C:\WINDOWS\System32\SNTI386.DLL
[2004.08.20 00:19:57 | 000,017,920 | ---- | C] () -- C:\WINDOWS\System32\RNBOVDD.DLL
[2004.08.17 23:41:34 | 000,102,400 | ---- | C] () -- C:\WINDOWS\dhp2.dll
[2004.07.28 14:40:03 | 000,000,327 | ---- | C] () -- C:\WINDOWS\alchem.ini
[2004.07.28 12:30:59 | 000,000,045 | ---- | C] () -- C:\WINDOWS\IHKJKIPP.ini
[2004.05.24 00:53:33 | 000,000,090 | ---- | C] () -- C:\WINDOWS\CAIRN.INI
[2004.04.12 12:30:35 | 000,000,173 | ---- | C] () -- C:\WINDOWS\KPCMS.INI
[2004.04.12 12:30:08 | 000,210,944 | ---- | C] () -- C:\WINDOWS\System32\MSVCRT10.DLL
[2004.01.28 19:29:39 | 000,112,688 | ---- | C] () -- C:\WINDOWS\System32\shw32.dll
[2004.01.28 19:20:29 | 000,306,688 | ---- | C] () -- C:\WINDOWS\System32\LFFPX7.DLL
[2004.01.28 19:20:29 | 000,095,232 | ---- | C] () -- C:\WINDOWS\System32\LFKODAK.DLL
[2004.01.28 19:20:24 | 001,483,776 | ---- | C] () -- C:\WINDOWS\MGXRDR32.DLL
[2004.01.27 19:18:25 | 000,000,486 | ---- | C] () -- C:\WINDOWS\pcvideo.ini
[2004.01.27 19:18:24 | 000,012,026 | ---- | C] () -- C:\WINDOWS\Wintvstr.ini
[2004.01.27 19:18:12 | 000,004,159 | ---- | C] () -- C:\WINDOWS\setupwtv.ini
[2004.01.27 13:33:00 | 000,000,376 | ---- | C] () -- C:\WINDOWS\videodeLuxe.INI
[2004.01.27 13:31:50 | 000,188,416 | ---- | C] () -- C:\WINDOWS\System32\MTRV32.DLL
[2004.01.27 13:31:50 | 000,110,080 | ---- | C] () -- C:\WINDOWS\System32\MTRA32.DLL
[2004.01.27 13:31:50 | 000,086,016 | ---- | C] () -- C:\WINDOWS\System32\MPEG2MUX.DLL
[2004.01.27 13:31:50 | 000,047,616 | ---- | C] () -- C:\WINDOWS\System32\MPEGDMX.DLL
[2004.01.27 13:29:40 | 000,000,172 | ---- | C] () -- C:\WINDOWS\magix.ini
[2004.01.25 19:17:20 | 000,000,044 | ---- | C] () -- C:\WINDOWS\System32\msssc.dll
[2004.01.25 19:14:33 | 000,003,289 | ---- | C] () -- C:\WINDOWS\Ascd_tmp.ini
[2004.01.25 19:14:31 | 000,005,824 | ---- | C] () -- C:\WINDOWS\System32\drivers\ASUSHWIO.SYS
[2004.01.23 17:02:16 | 000,017,920 | ---- | C] () -- C:\WINDOWS\System32\xrxscnui.dll
[2004.01.23 16:47:41 | 000,022,272 | ---- | C] () -- C:\WINDOWS\System32\drivers\PPSIO2.SYS
[2004.01.23 16:46:17 | 000,000,078 | ---- | C] () -- C:\WINDOWS\psuite.ini
[2004.01.23 16:40:03 | 000,006,656 | ---- | C] () -- C:\WINDOWS\System32\CNMVS58.DLL
[2004.01.23 16:00:23 | 000,000,400 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2003.08.14 13:17:28 | 000,073,728 | ---- | C] () -- C:\WINDOWS\System32\btsendto_ie.dll
[2003.08.14 13:16:30 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\btsendto_wab.dll
[2003.08.14 12:50:32 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\btprn2k.dll
[2003.08.14 12:37:14 | 000,022,183 | ---- | C] () -- C:\WINDOWS\System32\drivers\btserial.sys
[2003.06.03 04:31:38 | 000,090,112 | ---- | C] () -- C:\WINDOWS\System32\ati2evxx.dll
[2003.03.24 10:38:10 | 002,842,624 | ---- | C] () -- C:\WINDOWS\System32\btrez.dll
[2003.03.21 18:56:12 | 000,000,194 | ---- | C] () -- C:\WINDOWS\System32\KILL.INI
[2003.02.20 18:53:42 | 000,005,702 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI
[2002.09.15 17:20:27 | 000,026,112 | ---- | C] () -- C:\WINDOWS\System32\REGOBJ.DLL
[2002.05.15 23:29:04 | 000,000,607 | ---- | C] () -- C:\WINDOWS\System32\BTNeighborhood.dll.manifest
[2002.03.04 10:16:34 | 000,110,592 | R--- | C] () -- C:\WINDOWS\System32\Jpeg32.dll
[2001.11.23 18:18:00 | 000,000,597 | ---- | C] () -- C:\WINDOWS\System32\btcss.dll.manifest
[2001.11.14 13:56:00 | 001,802,240 | ---- | C] () -- C:\WINDOWS\System32\lcppn21.dll
[2000.11.29 10:50:40 | 000,471,040 | ---- | C] () -- C:\WINDOWS\System32\QTExporter.dll

========== LOP Check ==========

[2010.06.16 19:32:56 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\AntiVir PersonalEdition Classic
[2010.04.09 20:07:32 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\ElsterFormular
[2010.03.30 23:54:27 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\ICQ
[2010.02.05 22:06:14 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\IsolatedStorage
[2010.05.18 22:42:12 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\LGMOBILEAX
[2006.11.08 17:37:36 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\MSScanAppDataDir
[2009.09.13 17:00:50 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\PC Drivers HeadQuarters
[2010.05.25 21:57:44 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\ScanSoft
[2008.02.06 01:20:25 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\SecTaskMan
[2009.05.20 01:03:07 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Sony
[2006.11.18 18:10:30 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Teleca
[2010.06.16 20:51:51 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TEMP
[2005.03.15 23:09:52 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TuneUp Software
[2009.04.25 00:16:15 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}
[2006.04.19 00:33:12 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Kai\Anwendungsdaten\.BitTornado
[2006.04.10 11:18:41 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Kai\Anwendungsdaten\.bittorrent
[2010.02.16 00:50:02 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Kai\Anwendungsdaten\AnvSoft
[2006.04.17 13:54:42 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Kai\Anwendungsdaten\Azureus
[2010.04.10 08:20:38 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Kai\Anwendungsdaten\com.allergie.pollenflug.3050FB5128FEC1DEC54E712B37D3D876472C4367.1
[2010.04.09 20:08:21 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Kai\Anwendungsdaten\elsterformular
[2010.06.12 01:33:25 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Kai\Anwendungsdaten\Facebook
[2008.03.28 01:36:23 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Kai\Anwendungsdaten\FileZilla
[2009.02.24 00:46:14 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Kai\Anwendungsdaten\Free Audio Editor
[2005.03.01 00:39:34 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Kai\Anwendungsdaten\FRITZ!
[2010.06.15 20:01:32 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Kai\Anwendungsdaten\ICQ
[2006.09.15 19:34:51 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Kai\Anwendungsdaten\ICQ Toolbar
[2006.09.15 19:45:34 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Kai\Anwendungsdaten\ICQLite
[2006.10.17 00:48:15 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Kai\Anwendungsdaten\Leadertech
[2010.05.17 20:12:20 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Kai\Anwendungsdaten\LG Electronics
[2009.05.20 01:03:08 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Kai\Anwendungsdaten\Sony
[2009.05.21 11:04:28 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Kai\Anwendungsdaten\Teleca
[2008.04.15 21:02:21 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Kai\Anwendungsdaten\Transcend
[2005.03.15 23:10:43 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Kai\Anwendungsdaten\TuneUp Software
[2010.06.12 00:38:43 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Kai\Anwendungsdaten\vimeo.Duplo.3E2F2984357E7A95AE95C69EF2C5C14640284048.1
[2010.04.26 23:35:39 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Kai\Anwendungsdaten\WMPlayer
[2004.01.23 17:02:16 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Kai\Anwendungsdaten\Xerox
[2010.05.17 20:12:20 | 000,000,000 | -H-D | M] -- C:\Dokumente und Einstellungen\Kai\Anwendungsdaten\{D94BA408-F110-488B-A65E-3AE7945F79E6}
[2010.04.16 17:15:00 | 000,000,392 | ---- | M] () -- C:\WINDOWS\Tasks\1-Klick-Wartung.job

========== Purity Check ==========



========== Custom Scans ==========


< %ALLUSERSPROFILE%\Application Data\*. >
[2007.02.09 22:53:22 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Application Data\Microsoft

< %ALLUSERSPROFILE%\Application Data\*.exe /s >

< %APPDATA%\*. >
[2006.04.19 00:33:12 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Kai\Anwendungsdaten\.BitTornado
[2006.04.10 11:18:41 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Kai\Anwendungsdaten\.bittorrent
[2010.04.10 08:19:14 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Kai\Anwendungsdaten\Adobe
[2008.03.14 02:30:21 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Kai\Anwendungsdaten\AdobeUM
[2005.05.16 18:37:48 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Kai\Anwendungsdaten\Ahead
[2010.02.16 00:50:02 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Kai\Anwendungsdaten\AnvSoft
[2010.02.12 23:54:23 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Kai\Anwendungsdaten\Apple Computer
[2006.04.17 13:54:42 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Kai\Anwendungsdaten\Azureus
[2010.05.28 19:50:01 | 000,000,000 | R--D | M] -- C:\Dokumente und Einstellungen\Kai\Anwendungsdaten\Brother
[2010.04.10 08:20:38 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Kai\Anwendungsdaten\com.allergie.pollenflug.3050FB5128FEC1DEC54E712B37D3D876472C4367.1
[2004.03.30 19:25:35 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Kai\Anwendungsdaten\Corel
[2006.01.24 22:06:11 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Kai\Anwendungsdaten\Creative
[2004.11.05 23:12:43 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Kai\Anwendungsdaten\CyberLink
[2006.12.14 11:32:45 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Kai\Anwendungsdaten\DivX
[2010.04.09 20:08:21 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Kai\Anwendungsdaten\elsterformular
[2010.06.12 01:33:25 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Kai\Anwendungsdaten\Facebook
[2008.03.28 01:36:23 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Kai\Anwendungsdaten\FileZilla
[2009.02.24 00:46:14 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Kai\Anwendungsdaten\Free Audio Editor
[2005.03.01 00:39:34 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Kai\Anwendungsdaten\FRITZ!
[2007.01.24 02:57:54 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Kai\Anwendungsdaten\Google
[2004.01.25 19:13:09 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Kai\Anwendungsdaten\Help
[2010.06.15 20:01:32 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Kai\Anwendungsdaten\ICQ
[2006.09.15 19:34:51 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Kai\Anwendungsdaten\ICQ Toolbar
[2006.09.15 19:45:34 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Kai\Anwendungsdaten\ICQLite
[2004.01.23 15:48:30 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Kai\Anwendungsdaten\Identities
[2009.07.21 23:47:21 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Kai\Anwendungsdaten\InstallShield
[2005.01.06 15:39:23 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Kai\Anwendungsdaten\Lavasoft
[2006.10.17 00:48:15 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Kai\Anwendungsdaten\Leadertech
[2010.05.17 20:12:20 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Kai\Anwendungsdaten\LG Electronics
[2006.08.22 22:29:57 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Kai\Anwendungsdaten\Macromedia
[2008.02.10 00:00:13 | 000,000,000 | --SD | M] -- C:\Dokumente und Einstellungen\Kai\Anwendungsdaten\Microsoft
[2008.08.28 20:38:22 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Kai\Anwendungsdaten\Mozilla
[2007.02.09 22:53:21 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Kai\Anwendungsdaten\MySpace
[2010.06.16 20:05:44 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Kai\Anwendungsdaten\PC Tools
[2008.04.22 21:09:49 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Kai\Anwendungsdaten\Real
[2010.06.16 20:52:47 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Kai\Anwendungsdaten\Skype
[2010.06.16 16:09:55 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Kai\Anwendungsdaten\skypePM
[2009.05.20 01:03:08 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Kai\Anwendungsdaten\Sony
[2009.05.20 00:41:58 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Kai\Anwendungsdaten\Sony Ericsson
[2005.02.12 21:04:42 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Kai\Anwendungsdaten\Sun
[2004.03.08 19:38:28 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Kai\Anwendungsdaten\Symantec
[2009.05.21 11:04:28 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Kai\Anwendungsdaten\Teleca
[2008.04.15 21:02:21 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Kai\Anwendungsdaten\Transcend
[2005.03.15 23:10:43 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Kai\Anwendungsdaten\TuneUp Software
[2009.07.20 20:01:11 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Kai\Anwendungsdaten\U3
[2010.06.12 00:38:43 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Kai\Anwendungsdaten\vimeo.Duplo.3E2F2984357E7A95AE95C69EF2C5C14640284048.1
[2010.06.12 00:35:09 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Kai\Anwendungsdaten\vlc
[2010.04.26 23:35:39 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Kai\Anwendungsdaten\WMPlayer
[2004.01.23 17:02:16 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Kai\Anwendungsdaten\Xerox
[2010.05.17 20:12:20 | 000,000,000 | -H-D | M] -- C:\Dokumente und Einstellungen\Kai\Anwendungsdaten\{D94BA408-F110-488B-A65E-3AE7945F79E6}

< %APPDATA%\*.exe /s >
[2007.06.02 00:02:10 | 023,813,608 | ---- | M] ( ) -- C:\Dokumente und Einstellungen\Kai\Anwendungsdaten\Adobe\Acrobat\7.0\Updater\AdbeRdr709_de_DE.exe
[2010.06.12 01:33:25 | 000,050,354 | ---- | M] (Facebook, Inc.) -- C:\Dokumente und Einstellungen\Kai\Anwendungsdaten\Facebook\uninstall.exe
[2010.02.20 01:05:08 | 000,024,576 | ---- | M] ((주)테크노니아) -- C:\Dokumente und Einstellungen\Kai\Anwendungsdaten\LG Electronics\LG PC Suite III\UpdateHelper.exe
[2010.06.12 00:32:49 | 000,053,632 | ---- | M] (Adobe Systems Inc.) -- C:\Dokumente und Einstellungen\Kai\Anwendungsdaten\Macromedia\Flash Player\www.macromedia.com\bin\airappinstaller\airappinstaller.exe
[2009.05.28 00:39:32 | 000,001,078 | R--- | M] () -- C:\Dokumente und Einstellungen\Kai\Anwendungsdaten\Microsoft\Installer\{127445D6-69BE-4B19-8789-09E9C8AA94AD}\_5C9C75A4B7CEEB6E3A8FC5.exe
[2009.05.28 00:39:32 | 000,015,086 | R--- | M] () -- C:\Dokumente und Einstellungen\Kai\Anwendungsdaten\Microsoft\Installer\{127445D6-69BE-4B19-8789-09E9C8AA94AD}\_B645C968FFBF825F31113A.exe
[2009.05.28 00:39:32 | 000,015,086 | R--- | M] () -- C:\Dokumente und Einstellungen\Kai\Anwendungsdaten\Microsoft\Installer\{127445D6-69BE-4B19-8789-09E9C8AA94AD}\_D0981EFB79FE0759A23E41.exe
[2007.05.08 19:30:35 | 003,343,200 | ---- | M] (MySpace Inc.) -- C:\Dokumente und Einstellungen\Kai\Anwendungsdaten\MySpace\IM\Install\MSIMClientSetup.1.0.673.0-static.exe
[2010.06.03 22:10:32 | 000,439,816 | ---- | M] (RealNetworks, Inc.) -- C:\Dokumente und Einstellungen\Kai\Anwendungsdaten\Real\Update\setup3.10\setup.exe
[2007.06.29 15:23:32 | 000,053,248 | ---- | M] (Prolific Technology Inc.) -- C:\Dokumente und Einstellungen\Kai\Anwendungsdaten\Transcend\JFSW2\IoctlSvc.exe
[2008.04.02 13:28:20 | 000,045,056 | ---- | M] () -- C:\Dokumente und Einstellungen\Kai\Anwendungsdaten\Transcend\JFSW2\JFSW2Launch.exe
[2008.04.02 13:27:08 | 000,018,432 | ---- | M] () -- C:\Dokumente und Einstellungen\Kai\Anwendungsdaten\Transcend\JFSW2\PLIoctlInstaller.exe
[2006.05.24 14:36:46 | 000,110,592 | ---- | M] () -- C:\Dokumente und Einstellungen\Kai\Anwendungsdaten\U3\0E8079612231289A\cleanup.exe
[2006.08.22 17:38:32 | 002,600,960 | ---- | M] () -- C:\Dokumente und Einstellungen\Kai\Anwendungsdaten\U3\0E8079612231289A\Launchpad.exe
[2007.10.23 09:27:20 | 000,110,592 | ---- | M] () -- C:\Dokumente und Einstellungen\Kai\Anwendungsdaten\U3\temp\cleanup.exe
[2008.05.02 10:41:48 | 003,493,888 | -H-- | M] (SanDisk Corporation) -- C:\Dokumente und Einstellungen\Kai\Anwendungsdaten\U3\temp\Launchpad Removal.exe

< %SYSTEMDRIVE%\*.exe >


< MD5 for: AGP440.SYS >
[2004.12.27 20:18:37 | 022,286,026 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:AGP440.sys
[2004.12.27 20:18:37 | 022,286,026 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp2.cab:AGP440.sys
[2004.08.04 08:07:41 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=2C428FA0C3E3A01ED93C9B2A27D8D4BB -- C:\WINDOWS\ServicePackFiles\i386\agp440.sys
[2004.08.04 08:07:41 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=2C428FA0C3E3A01ED93C9B2A27D8D4BB -- C:\WINDOWS\system32\drivers\agp440.sys

< MD5 for: ATAPI.SYS >
[2002.08.29 03:52:58 | 010,180,476 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp1.cab:atapi.sys
[2004.12.27 20:18:37 | 022,286,026 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2004.12.27 20:18:37 | 022,286,026 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp2.cab:atapi.sys
[2002.08.29 01:27:50 | 000,086,912 | ---- | M] (Microsoft Corporation) MD5=95B858761A00E1D4F81F79A0DA019ACA -- C:\WINDOWS\$NtServicePackUninstall$\atapi.sys
[2004.08.04 07:59:42 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys
[2004.08.04 07:59:42 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\drivers\atapi.sys

< MD5 for: EVENTLOG.DLL >
[2004.08.04 09:57:18 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=B932C077D5A65B71B4512544AC404CB4 -- C:\WINDOWS\ServicePackFiles\i386\eventlog.dll
[2004.08.04 09:57:18 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=B932C077D5A65B71B4512544AC404CB4 -- C:\WINDOWS\system32\eventlog.dll
[2002.08.29 03:43:22 | 000,049,152 | ---- | M] (Microsoft Corporation) MD5=B9358A1FB66CF656328FD8B792B2CCC4 -- C:\WINDOWS\$NtServicePackUninstall$\eventlog.dll

< MD5 for: NETLOGON.DLL >
[2002.08.29 03:43:26 | 000,399,360 | ---- | M] (Microsoft Corporation) MD5=BCA549B21E651111CE7BAD0FC8C45F4B -- C:\WINDOWS\$NtServicePackUninstall$\netlogon.dll
[2004.08.04 09:57:30 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=D27395EDCD3416AFD125A9370DCB585C -- C:\WINDOWS\ServicePackFiles\i386\netlogon.dll
[2004.08.04 09:57:30 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=D27395EDCD3416AFD125A9370DCB585C -- C:\WINDOWS\system32\netlogon.dll

< MD5 for: SCECLI.DLL >
[2004.08.04 09:57:33 | 000,186,880 | ---- | M] (Microsoft Corporation) MD5=64DC26B3CF7BCCAD431CE360A4C625D5 -- C:\WINDOWS\ServicePackFiles\i386\scecli.dll
[2004.08.04 09:57:33 | 000,186,880 | ---- | M] (Microsoft Corporation) MD5=64DC26B3CF7BCCAD431CE360A4C625D5 -- C:\WINDOWS\system32\scecli.dll
[2002.08.29 03:43:30 | 000,181,248 | ---- | M] (Microsoft Corporation) MD5=ADD49C10F5DADFA81912D124FE1C9A99 -- C:\WINDOWS\$NtServicePackUninstall$\scecli.dll

< MD5 for: USERINIT.EXE >
[2002.08.29 03:43:42 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=BEBD3F08461F9A88E5ABCE0CB9707000 -- C:\WINDOWS\$NtServicePackUninstall$\userinit.exe
[2004.08.04 09:58:16 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=D1E53DC57143F2584B1DD53B036C0633 -- C:\WINDOWS\ServicePackFiles\i386\userinit.exe
[2004.08.04 09:58:16 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=D1E53DC57143F2584B1DD53B036C0633 -- C:\WINDOWS\system32\userinit.exe

< MD5 for: WS2IFSL.SYS >
[2001.08.18 14:00:00 | 000,012,032 | ---- | M] (Microsoft Corporation) MD5=6ABE6E225ADB5A751622A9CC3BC19CE8 -- C:\WINDOWS\system32\dllcache\ws2ifsl.sys
[2001.08.18 14:00:00 | 000,012,032 | ---- | M] (Microsoft Corporation) MD5=6ABE6E225ADB5A751622A9CC3BC19CE8 -- C:\WINDOWS\system32\drivers\ws2ifsl.sys

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\System32\config\*.sav >
[2004.01.23 16:03:46 | 000,094,208 | ---- | M] () -- C:\WINDOWS\system32\config\default.sav
[2004.01.23 16:03:46 | 000,606,208 | ---- | M] () -- C:\WINDOWS\system32\config\software.sav
[2004.01.23 16:03:45 | 000,393,216 | ---- | M] () -- C:\WINDOWS\system32\config\system.sav

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >
[9 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

========== Alternate Data Streams ==========

@Alternate Data Stream - 163 bytes -> C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TEMP:DFC5A2B2
@Alternate Data Stream - 122 bytes -> C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TEMP:A8ADE5D8
< End of report >

KaiGeorgiadi 17.06.2010 00:56
Malwarebytes' Anti-Malware 1.46
Malwarebytes

Datenbank Version: 4207

Windows 5.1.2600 Service Pack 2
Internet Explorer 7.0.5730.11

17.06.2010 01:50:18
mbam-log-2010-06-17 (01-50-18).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|Q:\|)
Durchsuchte Objekte: 329720
Laufzeit: 3 Stunde(n), 25 Minute(n), 39 Sekunde(n)

Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 2
Infizierte Registrierungswerte: 0
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 0
Infizierte Dateien: 3

Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{deceaaa2-370a-49bb-9362-68c3a58ddc62} (Adware.180Solutions) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{b64f4a7c-97c9-11da-8bde-f66bad1e3f3a} (Rogue.WinAntiVirus) -> No action taken.


Alle Zeitangaben in WEZ +1. Es ist jetzt 13:05 Uhr.

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19