| Trojaneroper | 16.07.2010 23:25 |
Ok, vielleicht bin ich da jetzt wirklich zu übervorsichtig.
Ich habe auch mal Malwarebytes' Anti-Malware laufen lassen, das einen infizierten Registierungsschlüssel gefunden hat: "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDORSYS (Malware.Trace)" Diesen habe ich entfernt und bis jetzt ist er auch nicht wieder aufgetaucht.
Hier nun dann doch meine OTL-Logs: (Ich habe mir lediglich erlaubt, unter den zuletzt angelegten Dateien alle Audio- und Videodateien zu entfernen, die ich in den letzten 30 Tagen angelegt hatte)
OTL Logfile: Code:
OTL logfile created on: 16.07.2010 23:46:10 - Run 2
OTL by OldTimer - Version 3.2.9.0 Folder = c:\incoming
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000407 | Country: Germany | Language: deu | Date Format: dd.MM.yyyy
768,00 Mb Total Physical Memory | 409,00 Mb Available Physical Memory | 53,00% Memory free
1,00 Gb Paging File | 1,00 Gb Available in Paging File | 74,00% Paging File free
Paging file location(s): D:\pagefile.sys 777 1200 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 9,29 Gb Total Space | 4,12 Gb Free Space | 44,33% Space Free | Partition Type: FAT32
Drive D: | 232,88 Gb Total Space | 2,56 Gb Free Space | 1,10% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
Drive I: | 931,51 Gb Total Space | 182,02 Gb Free Space | 19,54% Space Free | Partition Type: NTFS
Drive J: | 1397,26 Gb Total Space | 407,13 Gb Free Space | 29,14% Space Free | Partition Type: NTFS
Computer Name: MeinComputername
Current User Name: MeinName
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal
========== Processes (SafeList) ==========
PRC - c:\incoming\OTL.exe (OldTimer Tools)
PRC - D:\APP\Firefox\firefox.exe (Mozilla Corporation)
PRC - D:\APP\Klbezttl\klebez.exe (Hollie-Soft)
PRC - D:\APP\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
PRC - C:\WINDOWS\SYSTEM32\bgsvcgen.exe (SOURCENEXT)
PRC - D:\APP\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
PRC - D:\APP\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
PRC - D:\APP\Avira\AntiVir Desktop\avshadow.exe (Avira GmbH)
PRC - C:\Programme\Gemeinsame Dateien\LightScribe\LSSrvc.exe (Hewlett-Packard Company)
PRC - D:\APP\SgteMngr\Sync\FreeAgentService.exe (Seagate Technology LLC)
PRC - D:\APP\TT\Mmm.exe ()
PRC - D:\APP\Nero_8\Nero\Nero8\InCD\NBHGui.exe (Nero AG)
PRC - D:\APP\Nero_8\Nero\Nero8\InCD\NBHRegInCDSrv.exe (Nero AG)
PRC - D:\APP\Nero_8\Nero\Nero8\InCD\InCDsrv.exe (Nero AG)
PRC - D:\APP\Nero_8\Nero\Nero8\InCD\InCD.exe (Nero AG)
PRC - D:\APP\TotalCmd\totalcmd.exe (C. Ghisler & Co.)
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - d:\APP\xampp\apache\bin\apache.exe (Apache Software Foundation)
PRC - D:\APP\xampp\apache\bin\apache.exe (Apache Software Foundation)
PRC - D:\APP\DaemonTl\daemon.exe (DT Soft Ltd.)
PRC - C:\WINDOWS\SYSTEM32\spool\drivers\w32x86\3\hpztsb09.exe (HP)
========== Modules (SafeList) ==========
MOD - c:\incoming\OTL.exe (OldTimer Tools)
MOD - C:\WINDOWS\SYSTEM32\msscript.ocx (Microsoft Corporation)
========== Win32 Services (SafeList) ==========
SRV - (WMPNetworkSvc) -- C:\Programme\Windows Media Player\WMPNetwk.exe File not found
SRV - (HidServ) -- C:\WINDOWS\System32\hidserv.dll File not found
SRV - (AntiVirService) -- D:\APP\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
SRV - (bgsvcgen) -- C:\WINDOWS\System32\bgsvcgen.exe (SOURCENEXT)
SRV - (getPlusHelper) getPlus(R) -- C:\Programme\NOS\bin\getPlus_Helper.dll (NOS Microsystems Ltd.)
SRV - (AntiVirSchedulerService) -- D:\APP\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
SRV - (LightScribeService) -- C:\Programme\Gemeinsame Dateien\LightScribe\LSSrvc.exe (Hewlett-Packard Company)
SRV - (FreeAgentGoNext Service) -- D:\APP\SgteMngr\Sync\FreeAgentService.exe (Seagate Technology LLC)
SRV - (NeroRegInCDSrv) -- D:\APP\Nero_8\Nero\Nero8\InCD\NBHRegInCDSrv.exe (Nero AG)
SRV - (InCDsrv) -- D:\APP\Nero_8\Nero\Nero8\InCD\InCDsrv.exe (Nero AG)
SRV - (NMIndexingService) -- C:\Programme\Gemeinsame Dateien\Nero\Lib\NMIndexingService.exe (Nero AG)
SRV - (Apache2.2) -- d:\app\xampp\apache\bin\apache.exe (Apache Software Foundation)
========== Driver Services (SafeList) ==========
DRV - (nfvtmpua) -- C:\WINDOWS\System32\drivers\ungq.sys File not found
DRV - (CrystalSysInfo) -- D:\APP\MediaCdr\SysInfo.sys File not found
DRV - (cdrbsdrv) -- C:\WINDOWS\System32\drivers\CDRBSDRV.SYS (B.H.A Corporation)
DRV - (avipbb) -- C:\WINDOWS\SYSTEM32\DRIVERS\avipbb.sys (Avira GmbH)
DRV - (avgntflt) -- C:\WINDOWS\SYSTEM32\DRIVERS\avgntflt.sys (Avira GmbH)
DRV - (avgio) -- D:\APP\Avira\AntiVir Desktop\avgio.sys (Avira GmbH)
DRV - (ssmdrv) -- C:\WINDOWS\SYSTEM32\DRIVERS\ssmdrv.sys (Avira GmbH)
DRV - (incdrm) -- C:\WINDOWS\SYSTEM32\DRIVERS\InCDRm.sys (Nero AG)
DRV - (InCDPass) -- C:\WINDOWS\SYSTEM32\DRIVERS\InCDPass.sys (Nero AG)
DRV - (InCDfs) -- C:\WINDOWS\SYSTEM32\DRIVERS\InCDfs.sys (Nero AG)
DRV - (gameenum) -- C:\WINDOWS\SYSTEM32\DRIVERS\gameenum.sys (Microsoft Corporation)
DRV - (sptd) -- C:\WINDOWS\System32\Drivers\sptd.sys ()
DRV - (ElbyCDIO) -- C:\WINDOWS\SYSTEM32\DRIVERS\ElbyCDIO.sys (Elaborate Bytes AG)
DRV - (ElbyCDFL) -- C:\WINDOWS\SYSTEM32\DRIVERS\ElbyCDFL.sys (SlySoft, Inc.)
DRV - (ElbyDelay) -- C:\WINDOWS\SYSTEM32\DRIVERS\ElbyDelay.sys (Elaborate Bytes AG)
DRV - (PDNMp50) -- C:\WINDOWS\SYSTEM32\DRIVERS\PDNMp50.sys (Printing Communications Assoc., Inc. (PCAUSA))
DRV - (PDNSp50) -- C:\WINDOWS\SYSTEM32\DRIVERS\PDNSp50.sys (Printing Communications Assoc., Inc. (PCAUSA))
DRV - (nv) -- C:\WINDOWS\SYSTEM32\DRIVERS\nv4_mini.sys (NVIDIA Corporation)
DRV - (pfc) -- C:\WINDOWS\SYSTEM32\DRIVERS\pfc.sys (Padus, Inc.)
DRV - (ntgrip) -- C:\WINDOWS\SYSTEM32\DRIVERS\ntgrip.sys (Kensington Technology Group)
DRV - (es1371) Creative AudioPCI (ES1371,ES1373) (WDM) -- C:\WINDOWS\SYSTEM32\DRIVERS\es1371mp.sys (Creative Technology Ltd.)
DRV - (DM9102) DAVICOM 9102(A) -- C:\WINDOWS\SYSTEM32\DRIVERS\DM9PCI5.SYS (CNet Technology, Inc. )
DRV - (ScFBPNT3) -- C:\WINDOWS\SYSTEM32\DRIVERS\ScFBPNT3.sys ()
DRV - (Aspi32) -- C:\WINDOWS\SYSTEM32\DRIVERS\ASPI32.SYS (Adaptec)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.t-online.de/service/redir/ie_t-online.htm
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.t-online.de/service/redir/ie_t-online.htm
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.t-online.de/service/redir/ie_t-online.htm
IE - HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.t-online.de/service/redir/ie_t-online.htm
IE - HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1993962763-1682526488-1060284298-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://alice.aol.de
IE - HKU\S-1-5-21-1993962763-1682526488-1060284298-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "www.google.de"
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.2.1
FF - prefs.js..extensions.enabledItems: firebug@software.joehewitt.com:1.5.4
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: moveplayer@movenetworks.com:1.0.0.071303000004
FF - prefs.js..extensions.enabledItems: {c45c406e-ab73-11d8-be73-000a95be3b12}:1.1.8
FF - prefs.js..extensions.enabledItems: {6AC85730-7D0F-4de0-B3FA-21142DD85326}:2.0.2
FF - prefs.js..extensions.enabledItems: {c50ca3c4-5656-43c2-a061-13e717f73fc8}:3.1.1
FF - prefs.js..extensions.enabledItems: {E2883E8F-472F-4fb0-9522-AC9BF37916A7}:1.6.2.63
FF - prefs.js..extensions.enabledItems: {9c51bd27-6ed8-4000-a2bf-36cb95c0c947}:11.0.1
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.6\extensions\\Components: D:\APP\Firefox\components [2010.06.29 23:40:35 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.6\extensions\\Plugins: D:\APP\Firefox\plugins [2010.06.27 23:17:53 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Thunderbird 2.0.0.24\extensions\\Components: D:\APP\ThndrBrd\components [2010.03.18 00:23:33 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Thunderbird 2.0.0.24\extensions\\Plugins: D:\APP\ThndrBrd\plugins [2009.02.06 00:02:16 | 000,000,000 | ---D | M]
[2009.01.19 19:44:30 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\MeinName\Anwendungsdaten\Mozilla\Extensions
[2009.03.15 18:44:32 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\MeinName\Anwendungsdaten\Mozilla\Extensions\{ae2cff10-0d52-4066-8be9-4abcf119fa79}
[2007.08.01 17:12:14 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\MeinName\Anwendungsdaten\Mozilla\Firefox\Profiles\uspgxbap.default\extensions
[2010.01.23 15:08:26 | 000,000,000 | ---D | M] (ColorZilla) -- C:\Dokumente und Einstellungen\MeinName\Anwendungsdaten\Mozilla\Firefox\Profiles\uspgxbap.default\extensions\{6AC85730-7D0F-4de0-B3FA-21142DD85326}
[2010.07.13 21:11:40 | 000,000,000 | ---D | M] (Tamper Data) -- C:\Dokumente und Einstellungen\MeinName\Anwendungsdaten\Mozilla\Firefox\Profiles\uspgxbap.default\extensions\{9c51bd27-6ed8-4000-a2bf-36cb95c0c947}
[2010.01.23 15:06:28 | 000,000,000 | ---D | M] (Web Developer) -- C:\Dokumente und Einstellungen\MeinName\Anwendungsdaten\Mozilla\Firefox\Profiles\uspgxbap.default\extensions\{c45c406e-ab73-11d8-be73-000a95be3b12}
[2010.06.29 23:36:46 | 000,000,000 | ---D | M] (Fast Video Download (with SearchMenu)) -- C:\Dokumente und Einstellungen\MeinName\Anwendungsdaten\Mozilla\Firefox\Profiles\uspgxbap.default\extensions\{c50ca3c4-5656-43c2-a061-13e717f73fc8}
[2010.07.13 19:50:42 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Dokumente und Einstellungen\MeinName\Anwendungsdaten\Mozilla\Firefox\Profiles\uspgxbap.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2010.06.15 23:31:30 | 000,000,000 | ---D | M] (Adobe DLM (powered by getPlus(R))) -- C:\Dokumente und Einstellungen\MeinName\Anwendungsdaten\Mozilla\Firefox\Profiles\uspgxbap.default\extensions\{E2883E8F-472F-4fb0-9522-AC9BF37916A7}
[2010.05.06 21:36:12 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\MeinName\Anwendungsdaten\Mozilla\Firefox\Profiles\uspgxbap.default\extensions\firebug@software.joehewitt.com
[2009.06.30 23:06:20 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\MeinName\Anwendungsdaten\Mozilla\Firefox\Profiles\uspgxbap.default\extensions\moveplayer@movenetworks.com
[2008.06.04 23:04:32 | 000,001,097 | ---- | M] () -- C:\Dokumente und Einstellungen\MeinName\Anwendungsdaten\Mozilla\Firefox\Profiles\uspgxbap.default\searchplugins\leo.xml
[2007.11.05 21:59:26 | 000,001,071 | ---- | M] () -- C:\Dokumente und Einstellungen\MeinName\Anwendungsdaten\Mozilla\Firefox\Profiles\uspgxbap.default\searchplugins\wiktionary-deutsch.xml
[2009.11.26 22:25:12 | 000,002,321 | ---- | M] () -- C:\Dokumente und Einstellungen\MeinName\Anwendungsdaten\Mozilla\Firefox\Profiles\uspgxbap.default\searchplugins\forestle-de.xml
[2010.07.12 21:25:50 | 000,002,326 | ---- | M] () -- C:\Dokumente und Einstellungen\MeinName\Anwendungsdaten\Mozilla\Firefox\Profiles\uspgxbap.default\searchplugins\encyclopaedia-metallum-bands.xml
[2007.12.20 20:56:14 | 000,002,109 | ---- | M] () -- C:\Dokumente und Einstellungen\MeinName\Anwendungsdaten\Mozilla\Firefox\Profiles\uspgxbap.default\searchplugins\youtube-video-search.xml
O1 HOSTS File: ([2001.08.18 14:00:00 | 000,000,820 | ---- | M]) - C:\WINDOWS\SYSTEM32\DRIVERS\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O4 - HKLM..\Run: [avgnt] D:\APP\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\SYSTEM32\spool\drivers\w32x86\3\hpztsb09.exe (HP)
O4 - HKLM..\Run: [InCD] D:\APP\Nero_8\Nero\Nero8\InCD\InCD.exe (Nero AG)
O4 - HKLM..\Run: [NeroFilterCheck] C:\Programme\Gemeinsame Dateien\Nero\Lib\NeroCheck.exe (Nero AG)
O4 - HKLM..\Run: [SecurDisc] D:\APP\Nero_8\Nero\Nero8\InCD\NBHGui.exe (Nero AG)
O4 - HKU\.DEFAULT..\Run: [CTFMON.EXE] C:\WINDOWS\SYSTEM32\ctfmon.exe (Gerhard Schlager)
O4 - HKU\S-1-5-18..\Run: [CTFMON.EXE] C:\WINDOWS\SYSTEM32\ctfmon.exe (Gerhard Schlager)
O4 - HKU\S-1-5-19..\Run: [CTFMON.EXE] C:\WINDOWS\SYSTEM32\ctfmon.exe (Gerhard Schlager)
O4 - HKU\S-1-5-20..\Run: [CTFMON.EXE] C:\WINDOWS\SYSTEM32\ctfmon.exe (Gerhard Schlager)
O4 - HKU\S-1-5-21-1993962763-1682526488-1060284298-1003..\Run: [BioniXWallpaper] D:\APP\BioniXWP\Bionix Wallpaper 5beta.exe (CubicDesign)
O4 - HKU\S-1-5-21-1993962763-1682526488-1060284298-1003..\Run: [DAEMON Tools] d:\app\DaemonTl\daemon.exe (DT Soft Ltd.)
O4 - HKU\S-1-5-21-1993962763-1682526488-1060284298-1003..\Run: [Klebezettel NG] D:\APP\Klbezttl\klebez.exe (Hollie-Soft)
O4 - HKU\S-1-5-21-1993962763-1682526488-1060284298-1003..\Run: [Mmm] D:\app\tt\Mmm.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 181
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: CDRAutoRun = [binary data]
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: EditLevel = 0
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoClose = 0
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSaveSettings = 0
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFileMenu = 0
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 181
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: CDRAutoRun = [binary data]
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: EditLevel = 0
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoClose = 0
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSaveSettings = 0
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFileMenu = 0
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 181
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: CDRAutoRun = [binary data]
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: EditLevel = 0
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoClose = 0
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSaveSettings = 0
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFileMenu = 0
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 181
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: CDRAutoRun = [binary data]
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: EditLevel = 0
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoClose = 0
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSaveSettings = 0
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFileMenu = 0
O7 - HKU\S-1-5-21-1993962763-1682526488-1060284298-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 181
O7 - HKU\S-1-5-21-1993962763-1682526488-1060284298-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: CDRAutoRun = [binary data]
O7 - HKU\S-1-5-21-1993962763-1682526488-1060284298-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: EditLevel = 0
O7 - HKU\S-1-5-21-1993962763-1682526488-1060284298-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoClose = 0
O7 - HKU\S-1-5-21-1993962763-1682526488-1060284298-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSaveSettings = 0
O7 - HKU\S-1-5-21-1993962763-1682526488-1060284298-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFileMenu = 0
O7 - HKU\S-1-5-21-1993962763-1682526488-1060284298-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoStrCmpLogical = 1
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\WINDOWS\System32\GPhotos.scr (Google Inc.)
O9 - Extra Button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - d:\APP\ICQ6\ICQ.exe (ICQ, Inc.)
O9 - Extra 'Tools' menuitem : ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - d:\APP\ICQ6\ICQ.exe (ICQ, Inc.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab (Java Plug-in 1.6.0_15)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} hxxp://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} hxxp://v4.windowsupdate.microsoft.com/CAB/x86/ansi/iuctl.CAB?38598.2269560185 (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab (Java Plug-in 1.5.0_06)
O16 - DPF: {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab (Java Plug-in 1.6.0_15)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab (Java Plug-in 1.6.0_15)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (get_atlcom Class)
O16 - DPF: DirectAnimation Java Classes file://C:\WINDOWS\SYSTEM\dajava.cab (Reg Error: Key error.)
O16 - DPF: Internet Explorer Classes for Java file://C:\WINDOWS\SYSTEM\iejava.cab (Reg Error: Key error.)
O16 - DPF: Microsoft XML Parser for Java file://C:\WINDOWS\Java\classes\xmldso.cab (Reg Error: Key error.)
O18 - Protocol\Handler\cdo {CD00020A-8B95-11D1-82DB-00C04FB1625D} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Web Folders\PKMCDO.DLL (Microsoft Corporation)
O18 - Protocol\Handler\cetihpz {CF184AD3-CDCB-4168-A3F7-8E447D129300} - C:\Programme\HP\hpcoretech\comp\hpuiprot.dll (Hewlett-Packard Company)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\SYSTEM\ole db\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\SYSTEM\ole db\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\SYSTEM\ole db\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\SYSTEM\ole db\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\SYSTEM\ole db\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\SYSTEM\ole db\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\SYSTEM\ole db\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Web Components\10\OWC10.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O24 - Desktop Components:0 (Die derzeitige Homepage) - About:Home
O24 - Desktop WallPaper: D:\APP\BioniXWP\\BioniXWallpaper.bmp
O24 - Desktop BackupWallPaper: D:\APP\BioniXWP\\BioniXWallpaper.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2007.08.02 22:26:54 | 000,000,297 | ---- | M] () - C:\AUTOEXEC.BAT -- [ FAT32 ]
O32 - AutoRun File - [2010.04.10 03:23:54 | 000,000,000 | ---- | M] () - I:\autorun.inf -- [ NTFS ]
O32 - AutoRun File - [2010.02.17 12:55:55 | 000,000,000 | RH-D | M] - J:\autorun -- [ NTFS ]
O32 - AutoRun File - [2002.10.16 14:56:50 | 000,000,036 | RH-- | M] () - J:\autorun.inf -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
NetSvcs: 6to4 - File not found
NetSvcs: HidServ - C:\WINDOWS\System32\hidserv.dll File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found
MsConfig - Services: "WMPNetworkSvc"
MsConfig - Services: "iPod Service"
MsConfig - Services: "ImapiService"
MsConfig - StartUpReg: BitTorrent DNA - hkey= - key= - C:\Programme\DNA\btdna.exe File not found
MsConfig - StartUpReg: iTunesHelper - hkey= - key= - C:\Programme\iTunes\iTunesHelper.exe File not found
MsConfig - StartUpReg: NeroCheck - hkey= - key= - File not found
MsConfig - StartUpReg: NeroFilterCheck - hkey= - key= - File not found
MsConfig - StartUpReg: {E6B72AD5-D2E2-4288-6398-30747AABF0F7} - hkey= - key= - C:\Dokumente und Einstellungen\MeinName\Anwendungsdaten\Geut\axoq.exe File not found
MsConfig - State: "system.ini" - 0
MsConfig - State: "win.ini" - 0
MsConfig - State: "bootini" - 0
MsConfig - State: "services" - 2
MsConfig - State: "startup" - 2
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: sermouse.sys - Driver
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vds - Service
SafeBootMin: vga.sys - Driver
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: sermouse.sys - Driver
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: UploadMgr - Service
SafeBootNet: vga.sys - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Microsoft VM
ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608555} - IEJAVA
ActiveX: {09d5bfa0-7d82-11d3-a7ad-0000f804e326} - Windows 98 Second Edition Q243450 Update
ActiveX: {0fde1f56-0d59-4fd7-9624-e3df6b419d0e} - Internet Explorer ReadMe
ActiveX: {0fde1f56-0d59-4fd7-9624-e3df6b419d0f} - IEEX
ActiveX: {10072CEC-8CC1-11D1-986E-00A0C955B42F} - Vektorgrafik-Rendering (VML)
ActiveX: {10303d00-16dc-11d4-a58a-00902766e933} - Windows 98 Second Edition Q260067 Update
ActiveX: {10880D85-AAD9-4558-ABDC-2AB1552D831F} - "C:\Programme\Gemeinsame Dateien\LightScribe\LSRunOnce.exe"
ActiveX: {10e93000-e548-11d3-9741-00500483cae0} - Windows 98 Second Edition Q242975 Update
ActiveX: {14e380f0-c285-4faf-bbd9-29efec36d1af} - Windows 98 Q323172 Update
ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - Microsoft NetShow Player
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 6.4
ActiveX: {280ad020-daec-11d2-83c7-0000f8051539} - Mobile Prozessor - Update
ActiveX: {283807B5-2C60-11D0-A31D-00AA00B92C03} - DirectAnimation
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {34718640-ecfa-11d2-b5da-00a0c90833e8} - Windows 98 Zweite Ausgabe
ActiveX: {36f8ec70-c29a-11d1-b5c7-0000f8051515} - Dynamic HTML-Datenbindung für Java
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {3bf42070-b3b1-11d1-b5c5-0000f8051515} - Uniscribe
ActiveX: {3C30259F-BF13-49d0-B002-19EBFC785800} - Windows 98 Q323255 Update
ActiveX: {4278c270-a269-11d1-b5bf-0000f8051515} - Erweitertes Authoring
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C}.Restore - rundll32.exe advpack.dll,UserUnInstStubWrapper {44BBA840-CC51-11CF-AAFA-00AA00B6015C}
ActiveX: {44BBA842-CC51-11CF-AAFA-00AA00B6015B} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT
ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - DirectShow
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015C} - Microsoft DirectX
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015D} - DirectX Layer
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {47f67d00-9e55-11d1-baef-00c04fc2d130} - AOL-Unterstützungsdateien
ActiveX: {4f216970-c90c-11d1-b5c7-0000f8051515} - DirectAnimation Java Classes
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {50daafc0-e217-11d2-83c7-0000f8051539} - Fortgesetztes Ausführen von Windows
ActiveX: {5A8D6EE0-3E18-11D0-821E-444553540000} - Internet Connection Wizard
ActiveX: {5f3c70b3-ac2f-432c-8f9c-1624df61f54f} - Microsoft Data Access Components KB870669
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7131646D-CD3C-40F4-97B9-CD9E4E6262EF} - .NET Framework
ActiveX: {73FA19D0-2D75-11D2-995D-00C04F98BBC9} - Web Folders
ActiveX: {76C19B50-F0C8-11cf-87CC-0020AFEECF20} - Automatische Sprachauswahl
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install
ActiveX: {8937FCB2-2FC6-4FC3-9FB5-DE2C92DB9C38} - .NET Framework
ActiveX: {893c7200-9dd-11d2-b0d6-00c04f777f0c} - Microsoft Bibliotheken - Update
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\WINDOWS\system32\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\WINDOWS\system32\Rundll32.exe C:\WINDOWS\system32\mscories.dll,Install
ActiveX: {9309DD7E-EBFE-3C95-8B47-30D3A012F606} - .NET Framework
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {9a2e4ab0-9a7e-11d2-9da1-00c04f98bbc9} - Windows Media Player-Codecs
ActiveX: {9EF0045A-CDD9-438e-95E6-02B9AFEC8E11} - C:\WINDOWS\SYSTEM32\updcrl.exe -e -u C:\WINDOWS\SYSTEM\verisignpub1.crl
ActiveX: {B508B3F1-A24A-32C0-B310-85786919EF28} - .NET Framework
ActiveX: {b59c7da0-daea-11d2-83c7-0000f8051539} - Registrier-Assistent - Update
ActiveX: {B9A1063C-F9CC-11D1-8E01-0020AFE53FCF} - Aktive Eingabehilfe - Update
ActiveX: {C6EE82B1-BF65-4e0a-912E-A7B3BBA31F51} - Windows 98 Q811630 Update
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {CA0A4247-44BE-11d1-A005-00805F8ABE06} - RunDLL setupx.dll,InstallHinfSection PowerCfg.user 0 powercfg.inf
ActiveX: {CC2A9BA0-3BDD-11D0-821E-444553540000} - Taskplaner
ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1
ActiveX: {D27CDB6E-AE6D-11cf-96B8-444553540000} - Adobe Flash Player
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E5925FA0-73D1-11D2-BCC5-0000F83002C6} - Windows 98 Jahr-2000-Update
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: {EF289A85-8E57-408d-BE47-73B55609861A} - RootsUpdate
ActiveX: {F4AD3F2B-D0F4-4D88-AA7D-583B66E695EE} - q240308
ActiveX: {F94C2DA4-708E-11d3-AFB2-00C04F6814C4} - OLE-Automatisierung
ActiveX: <{12d0ed0d-0ee0-4f90-8827-78cefb8f4988} - C:\WINDOWS\system32\ieudinit.exe
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\WINDOWS\inf\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\WINDOWS\system32\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP
ActiveX: >{881dd1c5-3dcf-431b-b061-f3f88e8be88a} - %systemroot%\system32\shmgrate.exe OCInstallUserConfigOE
ActiveX: MmoptPreferredAudioDevices - Windows Setup - Multimedia
Drivers32: msacm.iac2 - C:\WINDOWS\SYSTEM32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\SYSTEM32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.lhacm - C:\WINDOWS\System32\LHACM.ACM (Microsoft Corporation)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: msacm.voxacm160 - C:\WINDOWS\System32\vct3216.acm (Voxware, Inc.)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.DIVX - C:\WINDOWS\System32\DivX.dll (DivX, Inc.)
Drivers32: vidc.dmb1 - C:\WINDOWS\System32\MCMJPG32.DLL (MainConcept)
Drivers32: vidc.I420 - C:\WINDOWS\System32\i420vfw.dll (www.helixcommunity.org)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
Drivers32: vidc.mjpg - C:\WINDOWS\System32\MCMJPG32.DLL (MainConcept)
Drivers32: VIDC.VDOM - vdowave.drv File not found
Drivers32: vidc.yv12 - C:\WINDOWS\System32\DivX.dll (DivX, Inc.)
CREATERESTOREPOINT
Restore point Set: OTL Restore Point (16902109354000384)
========== Files/Folders - Created Within 30 Days ==========
[2010.07.16 22:14:18 | 000,000,000 | RH-D | C] -- C:\Dokumente und Einstellungen\MeinName\Recent
[2010.07.16 19:51:29 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\MeinName\Anwendungsdaten\Malwarebytes
[2010.07.16 19:51:11 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010.07.16 19:51:02 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Malwarebytes
[2010.07.16 19:51:01 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2010.07.15 21:58:47 | 000,000,000 | ---D | C] -- C:\WINDOWS\Local Settings\Anwendungsdaten\PCHealth
[2010.07.15 21:54:28 | 000,000,000 | -HSD | C] -- C:\Dokumente und Einstellungen\MeinName\IETldCache
[2010.07.15 21:22:53 | 000,285,696 | ---- | C] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\dllcache\atmfd.dll
[2010.07.15 21:15:49 | 001,851,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\win32k.sys
[2010.07.15 21:11:26 | 000,465,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smtpsvc.dll
[2010.07.15 21:05:39 | 000,177,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wintrust.dll
[2010.07.15 20:59:11 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\csrsrv.dll
[2010.07.15 20:57:01 | 000,346,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mspaint.exe
[2010.07.15 20:53:28 | 000,150,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rastls.dll
[2010.07.15 20:53:28 | 000,079,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\raschap.dll
[2010.07.15 20:52:22 | 000,271,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\oakley.dll
[2010.07.15 20:44:03 | 000,136,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msv1_0.dll
[2010.07.15 20:42:59 | 001,441,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\query.dll
[2010.07.15 20:42:00 | 000,058,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msasn1.dll
[2010.07.15 20:41:04 | 000,126,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ftpsvc2.dll
[2010.07.15 20:33:11 | 000,132,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wkssvc.dll
[2010.07.15 20:30:24 | 000,058,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\atl.dll
[2010.07.15 20:27:39 | 000,078,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ieencode.dll
[2010.07.15 20:27:39 | 000,078,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieencode.dll
[2010.07.15 20:26:17 | 000,585,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rpcrt4.dll
[2010.07.15 20:25:16 | 000,348,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\localspl.dll
[2010.07.15 20:24:25 | 000,268,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\httpext.dll
[2010.07.15 20:23:24 | 001,063,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kernel32.dll
[2010.07.15 20:23:24 | 000,056,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\secur32.dll
[2010.07.15 20:22:27 | 000,354,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winhttp.dll
[2010.07.15 20:21:00 | 002,027,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntkrpamp.exe
[2010.07.15 20:20:59 | 002,148,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntkrnlmp.exe
[2010.07.15 20:20:59 | 000,736,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lsasrv.dll
[2010.07.15 20:19:42 | 000,428,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdtcprx.dll
[2010.07.15 20:19:42 | 000,161,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdtcuiu.dll
[2010.07.15 20:19:42 | 000,066,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mtxclu.dll
[2010.07.15 20:17:41 | 000,144,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\schannel.dll
[2010.07.15 20:15:43 | 000,286,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\gdi32.dll
[2010.07.15 20:12:43 | 000,337,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\netapi32.dll
[2010.07.15 20:10:49 | 000,104,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\win32spl.dll
[2010.07.15 20:08:30 | 000,253,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\es.dll
[2010.07.15 20:06:45 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mscms.dll
[2010.07.15 20:04:59 | 000,000,000 | -H-D | C] -- C:\WINDOWS\$hf_mig$
[2010.07.15 20:04:50 | 000,247,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mswsock.dll
[2010.07.15 20:04:49 | 000,147,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dnsapi.dll
[2010.07.15 20:00:59 | 000,000,000 | -H-D | C] -- C:\WINDOWS\ie8
[2010.07.04 19:19:19 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\NetworkService\Anwendungsdaten\Macromedia
[2010.07.04 19:19:19 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\NetworkService\Anwendungsdaten\Adobe
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2010.07.16 23:28:38 | 000,003,346 | ---- | M] () -- C:\WINDOWS\System32\notepad.ini
[2010.07.16 22:04:28 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010.07.16 21:58:34 | 004,456,448 | -H-- | M] () -- C:\Dokumente und Einstellungen\MeinName\NTUSER.DAT
[2010.07.16 21:58:34 | 000,000,190 | -HS- | M] () -- C:\Dokumente und Einstellungen\MeinName\ntuser.ini
[2010.07.15 21:58:54 | 000,933,018 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2010.07.15 21:58:54 | 000,404,368 | ---- | M] () -- C:\WINDOWS\System32\perfh007.dat
[2010.07.15 21:58:54 | 000,390,910 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010.07.15 21:58:54 | 000,069,848 | ---- | M] () -- C:\WINDOWS\System32\perfc007.dat
[2010.07.15 21:58:54 | 000,057,436 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010.07.15 21:53:50 | 000,323,520 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010.07.14 00:41:38 | 004,802,642 | -H-- | M] () -- C:\WINDOWS\Local Settings\Anwendungsdaten\IconCache.db
[2010.07.14 00:41:06 | 000,001,770 | ---- | M] () -- C:\WINDOWS\win.ini
[2010.07.14 00:41:06 | 000,000,698 | ---- | M] () -- C:\WINDOWS\system.ini
[2010.07.14 00:41:06 | 000,000,217 | RHS- | M] () -- C:\boot.ini
[2010.07.12 21:05:44 | 000,002,262 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010.07.10 00:15:34 | 000,024,327 | -H-- | M] () -- C:\treeinfo.wc
[2010.07.04 23:50:22 | 000,004,096 | RH-- | M] () -- C:\Dokumente und Einstellungen\MeinName\Recent.000
[2010.07.03 01:44:10 | 000,027,648 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Geburtstage.doc
2010.06.24 21:17:28 | 000,054,156 | -H-- | M] () -- C:\WINDOWS\QTFont.qfn
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
========== Files Created - No Company Name ==========
[2010.07.04 23:50:20 | 000,004,096 | RH-- | C] () -- C:\Dokumente und Einstellungen\MeinName\Recent.000
[2010.04.01 01:03:42 | 000,005,323 | ---- | C] () -- C:\WINDOWS\WINCMD.INI
[2010.04.01 01:03:42 | 000,000,346 | ---- | C] () -- C:\WINDOWS\wcx_ftp.ini
[2010.04.01 01:03:42 | 000,000,192 | ---- | C] () -- C:\WINDOWS\winamp.ini
[2010.04.01 01:03:42 | 000,000,107 | ---- | C] () -- C:\WINDOWS\VobEdit.INI
[2010.04.01 01:03:42 | 000,000,089 | ---- | C] () -- C:\WINDOWS\ULead32.ini
[2010.04.01 01:03:42 | 000,000,086 | ---- | C] () -- C:\WINDOWS\WinFight.ini
[2010.04.01 01:03:42 | 000,000,070 | ---- | C] () -- C:\WINDOWS\WDIRECT.INI
[2010.04.01 01:03:42 | 000,000,054 | ---- | C] () -- C:\WINDOWS\WAVEMIX.INI
[2010.04.01 01:03:26 | 000,000,225 | ---- | C] () -- C:\WINDOWS\TELEPHON.INI
[2010.04.01 01:01:09 | 000,679,936 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2010.04.01 01:01:09 | 000,344,064 | ---- | C] () -- C:\WINDOWS\System32\xvid.dll
[2010.04.01 01:01:09 | 000,069,632 | ---- | C] () -- C:\WINDOWS\System32\xmltok.dll
[2010.04.01 01:01:09 | 000,036,864 | ---- | C] () -- C:\WINDOWS\System32\xmlparse.dll
[2010.04.01 00:45:44 | 003,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll
[2010.04.01 00:45:44 | 002,255,360 | ---- | C] () -- C:\WINDOWS\System32\libavcodec.dll
[2010.04.01 00:45:44 | 000,777,728 | ---- | C] () -- C:\WINDOWS\System32\Sslsvc.dll
[2010.04.01 00:45:44 | 000,495,616 | ---- | C] () -- C:\WINDOWS\System32\lame_enc.dll
[2010.04.01 00:45:44 | 000,395,776 | ---- | C] () -- C:\WINDOWS\System32\libmplayer.dll
[2010.04.01 00:45:44 | 000,394,240 | ---- | C] () -- C:\WINDOWS\System32\Smab.dll
[2010.04.01 00:45:44 | 000,262,144 | ---- | C] () -- C:\WINDOWS\System32\TomsMoComp_ff.dll
[2010.04.01 00:45:44 | 000,210,944 | ---- | C] () -- C:\WINDOWS\System32\Msvcrt10.dll
[2010.04.01 00:45:44 | 000,188,416 | ---- | C] () -- C:\WINDOWS\System32\MEMBG.DLL
[2010.04.01 00:45:44 | 000,112,640 | ---- | C] () -- C:\WINDOWS\System32\libmpeg2_ff.dll
[2010.04.01 00:45:44 | 000,077,824 | ---- | C] () -- C:\WINDOWS\System32\MMSwitch.dll
[2010.04.01 00:45:44 | 000,057,344 | ---- | C] () -- C:\WINDOWS\System32\ICMFILTER.DLL
[2010.04.01 00:45:44 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\gpvbd.dll
[2010.04.01 00:45:44 | 000,027,136 | ---- | C] () -- C:\WINDOWS\System32\grvaware.dll
[2010.04.01 00:45:44 | 000,024,744 | ---- | C] () -- C:\WINDOWS\System32\SIntfNT.dll
[2010.04.01 00:45:44 | 000,020,016 | ---- | C] () -- C:\WINDOWS\System32\SIntf32.dll
[2010.04.01 00:45:44 | 000,004,704 | -HS- | C] () -- C:\WINDOWS\System32\KGyGaAvL.sys
[2010.04.01 00:45:44 | 000,000,416 | ---- | C] () -- C:\WINDOWS\System32\dtu100.dll.manifest
[2010.04.01 00:45:03 | 000,016,032 | ---- | C] () -- C:\WINDOWS\System32\drivers\ScFBPNT3.sys
[2010.04.01 00:44:40 | 000,090,112 | ---- | C] () -- C:\WINDOWS\System32\dprsx.dll
[2010.04.01 00:44:40 | 000,022,016 | ---- | C] () -- C:\WINDOWS\System32\DOCOBJ.DLL
[2010.04.01 00:44:40 | 000,000,416 | ---- | C] () -- C:\WINDOWS\System32\dpl100.dll.manifest
[2010.04.01 00:39:45 | 001,090,048 | ---- | C] () -- C:\WINDOWS\System32\cygxml2-2.dll
[2010.04.01 00:39:45 | 000,969,728 | ---- | C] () -- C:\WINDOWS\System32\cygiconv-2.dll
[2010.04.01 00:39:45 | 000,383,488 | ---- | C] () -- C:\WINDOWS\System32\cygfreetype-6.dll
[2010.04.01 00:39:45 | 000,235,520 | ---- | C] () -- C:\WINDOWS\System32\cygpng12.dll
[2010.04.01 00:39:45 | 000,066,048 | ---- | C] () -- C:\WINDOWS\System32\cygz.dll
[2010.04.01 00:39:45 | 000,043,520 | ---- | C] () -- C:\WINDOWS\System32\CmdLineExt03.dll
[2010.04.01 00:39:45 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\cfmsg.dll
[2010.04.01 00:39:45 | 000,031,744 | ---- | C] () -- C:\WINDOWS\System32\cygintl-3.dll
[2010.04.01 00:39:45 | 000,027,648 | ---- | C] () -- C:\WINDOWS\System32\AVSredirect.dll
[2010.04.01 00:39:45 | 000,027,136 | ---- | C] () -- C:\WINDOWS\System32\AuthDVD.DLL
[2010.04.01 00:39:45 | 000,019,968 | ---- | C] () -- C:\WINDOWS\System32\cpuinf32.dll
[2010.04.01 00:39:45 | 000,015,360 | ---- | C] () -- C:\WINDOWS\System32\BASSMOD.dll
[2010.04.01 00:39:45 | 000,012,288 | ---- | C] () -- C:\WINDOWS\System32\DivXWMPExtType.dll
[2010.04.01 00:39:45 | 000,000,008 | RHS- | C] () -- C:\WINDOWS\System32\5BAA12DBE3.sys
[2010.04.01 00:39:21 | 000,000,876 | ---- | C] () -- C:\WINDOWS\Sof.INI
[2010.04.01 00:39:21 | 000,000,660 | ---- | C] () -- C:\WINDOWS\Sof2.INI
[2010.04.01 00:39:21 | 000,000,402 | ---- | C] () -- C:\WINDOWS\sierra.ini
[2010.04.01 00:39:21 | 000,000,262 | ---- | C] () -- C:\WINDOWS\SlideShow.ini
[2010.04.01 00:39:21 | 000,000,243 | ---- | C] () -- C:\WINDOWS\sripper.ini
[2010.04.01 00:39:21 | 000,000,050 | ---- | C] () -- C:\WINDOWS\STREAMRIPPER32.INI
[2010.04.01 00:34:48 | 000,000,787 | ---- | C] () -- C:\WINDOWS\SCANREG.INI
[2010.04.01 00:34:29 | 000,002,533 | ---- | C] () -- C:\WINDOWS\PWRPLAY.INI
[2010.04.01 00:34:29 | 000,000,268 | ---- | C] () -- C:\WINDOWS\PROTOCOL.INI
[2010.04.01 00:34:29 | 000,000,060 | ---- | C] () -- C:\WINDOWS\POWERPNT.INI
[2010.04.01 00:34:29 | 000,000,028 | ---- | C] () -- C:\WINDOWS\QTW.INI
[2010.04.01 00:34:29 | 000,000,000 | ---- | C] () -- C:\WINDOWS\QLAUNCH.INI
[2010.04.01 00:34:29 | 000,000,000 | ---- | C] () -- C:\WINDOWS\progman.ini
[2010.04.01 00:33:33 | 000,007,885 | ---- | C] () -- C:\WINDOWS\NETDET.INI
[2010.04.01 00:33:33 | 000,001,300 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2010.04.01 00:33:33 | 000,000,026 | ---- | C] () -- C:\WINDOWS\MSOFFICE.INI
[2010.04.01 00:33:33 | 000,000,026 | ---- | C] () -- C:\WINDOWS\MSDOS.SYS
[2010.04.01 00:33:33 | 000,000,000 | ---- | C] () -- C:\WINDOWS\MSINFO32.INI
[2010.04.01 00:31:43 | 000,129,078 | ---- | C] () -- C:\WINDOWS\LOGOW.SYS
[2010.04.01 00:31:43 | 000,003,037 | ---- | C] () -- C:\WINDOWS\mgxoschk.ini
[2010.04.01 00:31:43 | 000,000,133 | ---- | C] () -- C:\WINDOWS\lsplugin.ini
[2010.04.01 00:30:16 | 000,012,327 | ---- | C] () -- C:\WINDOWS\IOS.INI
[2010.04.01 00:24:52 | 000,000,004 | ---- | C] () -- C:\WINDOWS\info147.sys
[2010.04.01 00:23:16 | 000,007,814 | ---- | C] () -- C:\WINDOWS\hpdj3500.ini
[2010.04.01 00:23:16 | 000,003,598 | ---- | C] () -- C:\WINDOWS\HTMLHELP.INI
[2010.04.01 00:23:16 | 000,000,000 | ---- | C] () -- C:\WINDOWS\HOMEDVD-FILME5.INI
[2010.04.01 00:19:25 | 000,000,149 | ---- | C] () -- C:\WINDOWS\Fish!.ini
[2010.04.01 00:19:25 | 000,000,094 | ---- | C] () -- C:\WINDOWS\entpack.ini
[2010.04.01 00:19:25 | 000,000,000 | ---- | C] () -- C:\WINDOWS\Editor.INI
[2010.04.01 00:18:32 | 000,005,120 | ---- | C] () -- C:\WINDOWS\DELETEFI.INI
[2010.04.01 00:18:32 | 000,000,955 | ---- | C] () -- C:\WINDOWS\CTREBOOT.INI
[2010.04.01 00:18:32 | 000,000,865 | ---- | C] () -- C:\WINDOWS\DOSREP.INI
[2010.04.01 00:18:32 | 000,000,131 | ---- | C] () -- C:\WINDOWS\chess.ini
[2010.04.01 00:18:32 | 000,000,028 | ---- | C] () -- C:\WINDOWS\boxworld.ini
[2009.01.26 21:07:06 | 000,003,346 | ---- | C] () -- C:\WINDOWS\System32\notepad.ini
[2007.08.30 17:34:42 | 000,116,224 | ---- | C] () -- C:\WINDOWS\System32\pdfcmnnt.dll
[2007.08.10 18:51:06 | 000,682,232 | ---- | C] () -- C:\WINDOWS\System32\drivers\sptd.sys
[2007.08.01 17:12:57 | 000,000,118 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
========== LOP Check ==========
[2007.08.01 17:12:00 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\PGP Corporation
[2008.07.28 19:53:58 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Elaborate Bytes
[2009.01.22 20:08:50 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Seagate
[2010.02.04 21:42:24 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\LightScribe
[2009.05.11 20:45:52 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\MeinName\Anwendungsdaten\.freeciv
[2009.06.01 19:19:10 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\MeinName\Anwendungsdaten\Amazon
[2007.08.01 17:12:14 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\MeinName\Anwendungsdaten\Thunderbird
[2007.08.01 17:12:18 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\MeinName\Anwendungsdaten\KlebezettelNG
[2007.08.01 17:12:18 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\MeinName\Anwendungsdaten\WebCompiler2
[2009.11.22 17:31:24 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\MeinName\Anwendungsdaten\Spesoft Audio Converter
[2007.08.12 15:53:56 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\MeinName\Anwendungsdaten\Audacity
[2010.06.16 22:57:26 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\MeinName\Anwendungsdaten\Foxit Software
[2010.03.01 19:36:36 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\MeinName\Anwendungsdaten\Geut
[2009.07.24 17:03:36 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\MeinName\Anwendungsdaten\Geuha
[2007.11.01 00:03:28 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\MeinName\Anwendungsdaten\Pegasys Inc
[2007.11.03 21:10:22 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\MeinName\Anwendungsdaten\LEAPS
[2008.01.28 20:05:00 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\MeinName\Anwendungsdaten\BitTorrent
[2008.07.02 21:09:18 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\MeinName\Anwendungsdaten\ICQ
[2008.07.16 22:56:56 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\MeinName\Anwendungsdaten\KC Softwares
[2008.09.22 20:27:38 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\MeinName\Anwendungsdaten\RidNacs
[2009.01.31 16:30:18 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\MeinName\Anwendungsdaten\Auslogics
[2009.02.10 22:15:28 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\MeinName\Anwendungsdaten\Vso
[2009.02.10 22:16:34 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\MeinName\Anwendungsdaten\log
[2009.02.28 18:56:46 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\MeinName\Anwendungsdaten\Canneverbe_Limited
[2009.03.15 18:42:28 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\MeinName\Anwendungsdaten\Broad Intelligence
========== Purity Check ==========
========== Custom Scans ==========
< %ALLUSERSPROFILE%\Application Data\*. >
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
< %APPDATA%\*. >
[2007.08.01 16:57:04 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\MeinName\Anwendungsdaten\Microsoft
[2009.05.11 20:45:52 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\MeinName\Anwendungsdaten\.freeciv
[2007.08.01 17:12:06 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\MeinName\Anwendungsdaten\Sun
[2007.08.01 17:12:06 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\MeinName\Anwendungsdaten\Macromedia
[2009.06.01 19:19:10 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\MeinName\Anwendungsdaten\Amazon
[2007.08.01 17:12:12 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\MeinName\Anwendungsdaten\Mozilla
[2007.08.01 17:12:14 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\MeinName\Anwendungsdaten\Thunderbird
[2009.06.30 23:07:10 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\MeinName\Anwendungsdaten\Move Networks
[2009.11.12 20:11:34 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\MeinName\Anwendungsdaten\Nero
[2007.08.01 17:12:16 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\MeinName\Anwendungsdaten\Media Player Classic
[2007.08.01 17:12:16 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\MeinName\Anwendungsdaten\Adobe
[2007.08.01 17:12:18 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\MeinName\Anwendungsdaten\Spybot - Search & Destroy
[2007.08.01 17:12:18 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\MeinName\Anwendungsdaten\KlebezettelNG
[2007.08.01 17:12:18 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\MeinName\Anwendungsdaten\DVD Shrink
[2007.08.01 17:12:18 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\MeinName\Anwendungsdaten\WebCompiler2
[2009.11.22 17:31:24 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\MeinName\Anwendungsdaten\Spesoft Audio Converter
[2007.08.02 23:39:02 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\MeinName\Anwendungsdaten\Talkback
[2010.04.10 01:16:28 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\MeinName\Anwendungsdaten\Avira
[2007.08.10 17:30:08 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\MeinName\Anwendungsdaten\Google
[2007.08.12 15:53:56 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\MeinName\Anwendungsdaten\Audacity
[2007.08.16 17:17:34 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\MeinName\Anwendungsdaten\DivX
[2007.08.19 12:01:26 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\MeinName\Anwendungsdaten\Apple Computer
[2010.06.16 22:57:26 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\MeinName\Anwendungsdaten\Foxit Software
[2010.03.01 19:36:36 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\MeinName\Anwendungsdaten\Geut
[2009.07.24 17:03:36 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\MeinName\Anwendungsdaten\Geuha
[2010.07.16 19:51:30 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\MeinName\Anwendungsdaten\Malwarebytes
[2007.10.23 20:18:22 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\MeinName\Anwendungsdaten\Help
[2007.11.01 00:03:28 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\MeinName\Anwendungsdaten\Pegasys Inc
[2007.11.03 21:10:22 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\MeinName\Anwendungsdaten\LEAPS
[2008.01.28 20:05:00 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\MeinName\Anwendungsdaten\BitTorrent
[2008.07.02 21:09:18 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\MeinName\Anwendungsdaten\ICQ
[2008.07.16 22:56:56 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\MeinName\Anwendungsdaten\KC Softwares
[2008.07.17 00:32:06 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\MeinName\Anwendungsdaten\WinRAR
[2008.09.22 20:27:38 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\MeinName\Anwendungsdaten\RidNacs
[2008.10.12 20:10:42 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\MeinName\Anwendungsdaten\dvdcss
[2009.01.31 16:30:18 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\MeinName\Anwendungsdaten\Auslogics
[2009.02.10 22:15:28 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\MeinName\Anwendungsdaten\Vso
[2009.02.10 22:16:34 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\MeinName\Anwendungsdaten\log
[2009.02.28 18:56:46 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\MeinName\Anwendungsdaten\Canneverbe_Limited
[2009.03.15 18:42:28 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\MeinName\Anwendungsdaten\Broad Intelligence
[2009.04.17 18:59:24 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\MeinName\Anwendungsdaten\Identities
[2009.04.18 02:37:52 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\MeinName\Anwendungsdaten\WinAmpPro
[2009.07.30 12:20:48 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\MeinName\Anwendungsdaten\vlc
< %APPDATA%\*.exe /s >
[2009.02.10 23:25:20 | 000,087,608 | ---- | M] () -- C:\Dokumente und Einstellungen\MeinName\Anwendungsdaten\inst.exe
[2009.10.02 21:01:38 | 002,805,308 | ---- | M] (HollieSoft ) -- C:\Dokumente und Einstellungen\MeinName\Anwendungsdaten\KlebezettelNG\LiveUpdate\klebe.exe
[2010.03.29 08:53:22 | 000,029,984 | ---- | M] (NOS Microsystems Ltd.) -- C:\Dokumente und Einstellungen\MeinName\Anwendungsdaten\Mozilla\Firefox\Profiles\uspgxbap.default\extensions\{E2883E8F-472F-4fb0-9522-AC9BF37916A7}\chrome\content\getPlusPlus_Adobe_reg.exe
< %SYSTEMDRIVE%\*.exe >
< MD5 for: AGP440.SYS >
[2004.08.04 03:10:00 | 018,782,319 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:AGP440.sys
[2008.04.14 09:03:54 | 020,108,202 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:AGP440.sys
[2004.08.04 03:10:00 | 018,782,319 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp2.cab:AGP440.sys
[2008.04.14 09:03:54 | 020,108,202 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:AGP440.sys
[2008.04.14 01:06:40 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\ServicePackFiles\i386\agp440.sys
[2008.04.14 01:06:40 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\SYSTEM32\dllcache\agp440.sys
[2008.04.14 01:06:40 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\SYSTEM32\DRIVERS\agp440.sys
< MD5 for: ATAPI.SYS >
[2002.08.29 05:52:58 | 010,180,476 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp1.cab:atapi.sys
[2004.08.04 03:10:00 | 018,782,319 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2008.04.14 09:03:54 | 020,108,202 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2002.08.29 05:52:58 | 010,180,476 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp1.cab:atapi.sys
[2004.08.04 03:10:00 | 018,782,319 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp2.cab:atapi.sys
[2008.04.14 09:03:54 | 020,108,202 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:atapi.sys
[2008.04.14 01:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys
[2008.04.14 01:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\SYSTEM32\dllcache\atapi.sys
[2008.04.14 01:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\SYSTEM32\DRIVERS\atapi.sys
< MD5 for: EVENTLOG.DLL >
[2008.04.14 08:52:12 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=04955AA695448C181B367D964AF158AA -- C:\WINDOWS\ServicePackFiles\i386\eventlog.dll
[2008.04.14 07:52:12 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=04955AA695448C181B367D964AF158AA -- C:\WINDOWS\SYSTEM32\eventlog.dll
< MD5 for: NETLOGON.DLL >
[2008.04.14 08:52:20 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=0098D35F91DEAB9C127360A877F2CF84 -- C:\WINDOWS\ServicePackFiles\i386\netlogon.dll
[2008.04.14 07:52:20 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=0098D35F91DEAB9C127360A877F2CF84 -- C:\WINDOWS\SYSTEM32\netlogon.dll
< MD5 for: SCECLI.DLL >
[2008.04.14 08:52:24 | 000,187,904 | ---- | M] (Microsoft Corporation) MD5=5132443DF6FC3771A17AB4AE55DCBC28 -- C:\WINDOWS\ServicePackFiles\i386\scecli.dll
[2008.04.14 07:52:24 | 000,187,904 | ---- | M] (Microsoft Corporation) MD5=5132443DF6FC3771A17AB4AE55DCBC28 -- C:\WINDOWS\SYSTEM32\scecli.dll
< MD5 for: USERINIT.EXE >
[2008.04.14 08:53:04 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=788F95312E26389D596C0FA55834E106 -- C:\WINDOWS\ServicePackFiles\i386\userinit.exe
[2008.04.14 08:53:04 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=788F95312E26389D596C0FA55834E106 -- C:\WINDOWS\SYSTEM32\dllcache\userinit.exe
[2008.04.14 08:53:04 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=788F95312E26389D596C0FA55834E106 -- C:\WINDOWS\SYSTEM32\userinit.exe
< MD5 for: VIAMRAID.SYS >
[2008.01.22 07:02:24 | 000,117,248 | R--- | M] (VIA Technologies inc,.ltd) MD5=3A82A61E312ADDB3BE8F1FE3481842B1 -- C:\WINDOWS\SYSTEM32\DRIVERS\viamraid.sys
< MD5 for: WS2IFSL.SYS >
[2001.08.18 14:00:00 | 000,012,032 | ---- | M] (Microsoft Corporation) MD5=6ABE6E225ADB5A751622A9CC3BC19CE8 -- C:\WINDOWS\SYSTEM32\dllcache\ws2ifsl.sys
[2001.08.18 14:00:00 | 000,012,032 | ---- | M] (Microsoft Corporation) MD5=6ABE6E225ADB5A751622A9CC3BC19CE8 -- C:\WINDOWS\SYSTEM32\DRIVERS\ws2ifsl.sys
< %systemroot%\system32\drivers\*.sys /lockedfiles >
[2007.08.10 18:51:08 | 000,682,232 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\SYSTEM32\DRIVERS\sptd.sys
< %systemroot%\System32\config\*.sav >
[2007.08.01 18:56:06 | 000,094,208 | ---- | M] () -- C:\WINDOWS\SYSTEM32\config\default.sav
[2007.08.01 18:56:04 | 000,634,880 | ---- | M] () -- C:\WINDOWS\SYSTEM32\config\software.sav
[2007.08.01 18:56:04 | 000,389,120 | ---- | M] () -- C:\WINDOWS\SYSTEM32\config\system.sav
< %systemroot%\*. /mp /s >
< %systemroot%\system32\*.dll /lockedfiles >
< End of report >
--- --- ---
OTL Logfile: Code:
OTL Extras logfile created on: 16.07.2010 23:46:10 - Run 2
OTL by OldTimer - Version 3.2.9.0 Folder = c:\incoming
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000407 | Country: Germany | Language: deu | Date Format: dd.MM.yyyy
768,00 Mb Total Physical Memory | 409,00 Mb Available Physical Memory | 53,00% Memory free
1,00 Gb Paging File | 1,00 Gb Available in Paging File | 74,00% Paging File free
Paging file location(s): D:\pagefile.sys 777 1200 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 9,29 Gb Total Space | 4,12 Gb Free Space | 44,33% Space Free | Partition Type: FAT32
Drive D: | 232,88 Gb Total Space | 2,56 Gb Free Space | 1,10% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
Drive I: | 931,51 Gb Total Space | 182,02 Gb Free Space | 19,54% Space Free | Partition Type: NTFS
Drive J: | 1397,26 Gb Total Space | 407,13 Gb Free Space | 29,14% Space Free | Partition Type: NTFS
Computer Name: MeinComputername
Current User Name: MeinName
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- D:\APP\Firefox\firefox.exe (Mozilla Corporation)
.inf [@ = inffile] -- C:\WINDOWS\System32\NOTEPAD.EXE ()
.txt [@ = txtfile] -- C:\WINDOWS\System32\notepad.exe ()
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 ()
cmdfile [open] -- "%1" %*
cmdfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 ()
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
htmlfile [edit] -- Reg Error: Key error.
http [open] -- "D:\APP\Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)
https [open] -- "D:\APP\Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)
inffile [open] -- %SystemRoot%\System32\NOTEPAD.EXE %1 ()
inffile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 ()
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
txtfile [open] -- notepad.exe %1 ()
txtfile [printto] -- %SystemRoot%\system32\notepad.exe /pt "%1" "%2" "%3" "%4" ()
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "d:\app\VLCPlayr\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "d:\app\VLCPlayr\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Directory [Winamp.Bookmark] -- "d:\APP\WinAmpPro\winamp.exe" /BOOKMARK "%1" (Nullsoft)
Directory [Winamp.Enqueue] -- "d:\APP\WinAmpPro\winamp.exe" /ADD "%1" (Nullsoft)
Directory [Winamp.Play] -- "d:\APP\WinAmpPro\winamp.exe" "%1" (Nullsoft)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"AntiVirusOverride" = 0
"FirewallOverride" = 0
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22008
"1412:TCP" = 1412:TCP:*:Enabled:Port
"1412:UDP" = 1412:UDP:*:Enabled:porr
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"D:\APP\eMule+\emule.exe" = D:\APP\eMule+\emule.exe:*:Enabled:eMule -- (hxxp://www.emule-project.net)
"D:\APP\Klbezttl\klebez.exe" = D:\APP\Klbezttl\klebez.exe:*:Enabled:klebez -- (Hollie-Soft)
"D:\APP\PwrDrctr\PowerDirector\PDR.exe" = D:\APP\PwrDrctr\PowerDirector\PDR.exe:*:Enabled:CyberLink PowerDirector -- File not found
"D:\APP\xampp\apache\bin\apache.exe" = D:\APP\xampp\apache\bin\apache.exe:*:Enabled:Apache HTTP Server -- (Apache Software Foundation)
"d:\app\BitTornt\bittorrent.exe" = d:\app\BitTornt\bittorrent.exe:*:Enabled:BitTorrent -- (BitTorrent, Inc.)
"D:\APP\Zattoo\zattood.exe" = D:\APP\Zattoo\zattood.exe:*:Enabled:zattood -- ()
"D:\APP\Zattoo\Zattoo1.exe" = D:\APP\Zattoo\Zattoo1.exe:*:Enabled: -- ()
"D:\APP\ICQ6\ICQ.exe" = D:\APP\ICQ6\ICQ.exe:*:Enabled:ICQ6 -- (ICQ, Inc.)
"D:\Gam\CallDuty\CoDMP.exe" = D:\Gam\CallDuty\CoDMP.exe:*:Enabled:CoDMP -- File not found
"D:\APP\mIRC\mirc.exe" = D:\APP\mIRC\mirc.exe:*:Enabled:mIRC -- (mIRC Co. Ltd.)
"C:\Programme\Gemeinsame Dateien\JavaRunt\launch4j-tmp\JDownloader.exe" = C:\Programme\Gemeinsame Dateien\JavaRunt\launch4j-tmp\JDownloader.exe:*:Enabled:Java(TM) 2 Platform Standard Edition binary -- (Sun Microsystems, Inc.)
"C:\WINDOWS\java.exe" = C:\WINDOWS\java.exe:*:Enabled:Java(TM) 2 Platform Standard Edition binary -- (Sun Microsystems, Inc.)
"C:\WINDOWS\System32\muzapp.exe" = C:\WINDOWS\System32\muzapp.exe:*:Enabled:MUZ AOD APP player -- File not found
"D:\Gam\FreeCiv\civserver.exe" = D:\Gam\FreeCiv\civserver.exe:*:Enabled:civserver -- ()
"C:\Programme\Java\jre6\bin\javaw.exe" = C:\Programme\Java\jre6\bin\javaw.exe:*:Enabled:Java(TM) Platform SE binary -- (Sun Microsystems, Inc.)
"D:\APP\AudioCnv\SpesoftAudioConverter.exe" = D:\APP\AudioCnv\SpesoftAudioConverter.exe:*:Disabled: -- ()
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00000407-78E1-11D2-B60F-006097C998E7}" = Microsoft Office 2000 Premium
"{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator
"{1632FD86-1BA4-4FC4-8B25-A8C655D63F68}" = Sid Meier's Pirates!
"{18D10072035C4515918F7E37EAFAACFC}" = AutoUpdate
"{1E04F83B-2AB9-4301-9EF7-E86307F79C72}" = Google Earth
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{26A24AE4-039D-4CA4-87B4-2F83216015FF}" = Java(TM) 6 Update 15
"{2F173C40-563E-11D4-89C5-0010ADDAAC33}" = EA.com Matchup
"{3248F0A8-6813-11D6-A77B-00B0D0150060}" = J2SE Runtime Environment 5.0 Update 6
"{350C97B3-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3E719879-9914-4C56-843E-96D0C3FCC3FB}" = Safari
"{3E908702-AF35-4611-9518-955DA24B7E07}" = Microsoft XML Parser und SDK
"{485C28E6-7E8C-40E4-BCFE-6E85B1F46D7A}" = TMPGEnc 4.0 XPress
"{4F81901F-3655-4340-8227-F687F69A3C79}}_is1" = Klebezettel NG (Version 2.9.7)
"{511A5609-446A-11D5-9FA6-0060087051D5}" = T-DSL Treiber
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{60DE4033-9503-48D1-A483-7846BD217CA9}" = ICQ6
"{62EA0FD8-7EDD-4D5E-A519-F96698E01031}" = Nero 8 Essentials
"{69640730-B830-4C24-BB5C-222DA1260548}" = Turbo Lister 2
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6A1DC8D4-9FA4-43C3-00B3-5993B4BBE7D4}" = FIFA 2003
"{6C5A8BA1-8114-11D5-0090-B800902724B3}" = FIFA 2002
"{71883667-71F2-48A1-AB72-28D518D8AC4A}" = Seagate Manager Installer
"{74307C3F-EBD4-11D4-A4D9-0010A4C3AFF0}" = Macromedia HomeSite 5
"{7B63B2922B174135AFC0E1377DD81EC2}" = DivX Codec
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{85C3FA3C-4832-4204-B21E-168E4920936A}" = Pro Evolution Soccer 5
"{8BA510D1-045B-4E1A-AF52-2282BBF69D5D}" = LightScribe System Software
"{8D4942F1-D5EB-40A7-9D7B-07F8ED1B71E9}" = TMPGEnc DVD Author 3 with DivX Authoring
"{90280407-6000-11D3-8CFE-0050048383C9}" = Microsoft Office XP Professional mit FrontPage
"{9309DD7E-EBFE-3C95-8B47-30D3A012F606}" = Microsoft .NET Framework 2.0 Service Pack 1 Language Pack - DEU
"{9559F7CA-5E34-4237-A2D9-D856464AD727}" = Project64 1.6
"{957F003C-25D2-4F1F-A65C-D12B572FE212}" = Google Photos Screensaver
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9AB97F52-512B-43EF-AAEC-4825C17B32ED}" = EA.com Update
"{A7894110-9C15-43EF-89E9-060363290188}" = Samsung PC Studio
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B508B3F1-A24A-32C0-B310-85786919EF28}" = Microsoft .NET Framework 2.0 Service Pack 1
"{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Web Player
"{C7340571-7773-4A8C-9EBC-4E4243B38C76}" = Microsoft XML Parser
"{D050D7362D214723AD585B541FFB6C11}" = DivX Content Uploader
"{D36DD326-7280-11D8-97C8-000129760CBE}" = PhotoNow! 1.0
"{DEC0260E-680A-4E50-AE95-F2F75D95D442}" = Movica
"{DF6A13C0-77DF-41FE-BD05-6D5201EB0CE7}_is1" = AusLogics Disk Defrag
"{DFB5612F-AF7E-4CB3-00AB-3C0CD2520B29}" = FUSSBALL MANAGER 06
"{E2883E8F-472F-4fb0-9522-AC9BF37916A7}" = Adobe Download Manager
"{E2BD7723-ACBD-482D-9ADF-7946A132D198}" = Disk Manager
"{EBA29752-DDD2-4B62-B2E3-9841F92A3E3A}" = Samsung PC Studio 3 USB Driver Installer
"AC3 Decoder v.1.2.4b" = AC3 Decoder v.1.2.4b
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Photoshop 7.0" = Adobe Photoshop 7.0
"Alice" = Alice-Installationsdateien entfernen
"Amazon MP3-Downloader" = Amazon MP3-Downloader 1.0.5
"ANSTOSS 3_is1" = ANSTOSS 3
"Audacity 1.3 Beta (Unicode)_is1" = Audacity 1.3.3 (Unicode)
"AVI MPEG RM WMV Splitter_is1" = AVI/MPEG/RM/WMV Splitter 4.28
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"CanoCraft CS-P 3.8" = Canon CanoCraft CS-P 3.8
"Canon ScanGear Toolbox CS" = Canon ScanGear Toolbox CS 2.2
"CCleaner" = CCleaner
"CloneCD" = CloneCD
"CloneDVD2" = CloneDVD2
"Cool's_Codec_pack_4.12" = Codec Pack - All In 1 6.0.2.8
"eMule.de 44b v16 webcache_is1" = eMule.de 44b v16 webcache
"EVEREST Home Edition_is1" = EVEREST Home Edition v2.20
"Foxit Reader" = Foxit Reader
"Free Video Dub_is1" = Free Video Dub version 1.6
"Free WMA to MP3 Converter_is1" = Free WMA to MP3 Converter 1.16
"Freeciv-2.1.9-gtk2" = Freeciv 2.1.9 (GTK+ client)
"HD Tune_is1" = HD Tune 2.55
"hp deskjet 3500 series_Driver" = hp deskjet 3500 series
"ie8" = Windows Internet Explorer 8
"InstallShield_{1632FD86-1BA4-4FC4-8B25-A8C655D63F68}" = Sid Meier's Pirates!
"InstallShield_{69640730-B830-4C24-BB5C-222DA1260548}" = Turbo Lister 2
"InstallShield_{71883667-71F2-48A1-AB72-28D518D8AC4A}" = Seagate Manager Installer
"InstallShield_{85C3FA3C-4832-4204-B21E-168E4920936A}" = Pro Evolution Soccer 5
"IsoBuster_is1" = IsoBuster 2.5.5
"JDownloader" = JDownloader
"KC Softwares SUMo_is1" = KC Softwares SUMo
"KeyView for Lotus" = KeyView for Lotus 97
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"mIRC" = mIRC
"Monkey's Audio_is1" = Monkey's Audio
"Mozilla Firefox (3.6.6)" = Mozilla Firefox (3.6.6)
"Mozilla Thunderbird (2.0.0.24)" = Mozilla Thunderbird (2.0.0.24)
"NVIDIA Drivers" = NVIDIA Drivers
"qt7lite_is1" = QT Lite 1.1.1
"RealAlt_is1" = Real Alternative 1.51
"Recuva" = Recuva (remove only)
"RidNacs_is1" = RidNacs 1.0.2
"SAMSUNG CDMA Modem" = SAMSUNG CDMA Modem Driver Set
"SAMSUNG Mobile USB Modem" = SAMSUNG Mobile USB Modem Software
"SAMSUNG Mobile USB Modem 1.0" = SAMSUNG Mobile USB Modem 1.0 Software
"Sierra Utilities" = Sierra Utilities
"SimCity2000CDv1" = SimCity 2000® Special Edition
"Soldier of Fortune" = Soldier of Fortune
"Spesoft Audio Converter_is1" = Spesoft Audio Converter 2.10
"Spybot - Search & Destroy_is1" = Spybot - Search & Destroy 1.5.2.20
"SyncBack_is1" = SyncBack
"Totalcmd" = Total Commander (Remove or Repair)
"Uninstall_is1" = Uninstall 1.0.0.1
"VisiPics_is1" = VisiPics V1.30
"VLC media player" = VLC media player 1.0.5
"Vodafone 804SS USB driver" = Vodafone 804SS USB driver Software
"Winamp" = Winamp
"Windows Lemmings" = Lemmings for Windows 95
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"WinRAR archiver" = WinRAR
"xampp" = XAMPP 1.6.4
"xp-AntiSpy" = xp-AntiSpy 3.96-5
"XpsEPSC" = XML Paper Specification Shared Components Pack 1.0
"Zattoo" = Zattoo 3.1.1 Beta
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-1993962763-1682526488-1060284298-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"BitTorrent" = BitTorrent
"Mmm" = Mmm
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 16.07.2010 13:23:22 | Computer Name = MeinComputername | Source = VSS | ID = 12289
Description = Volumeschattenkopie-Dienstfehler: Unerwarteter Fehler "CreateFileW(\\?\Volume{4ea464c0-11be-11df-af97-806d6172696f},0xc0000000,0x00000003,...)".
hr = 0x80070005.
Error - 16.07.2010 13:23:22 | Computer Name = MeinComputername | Source = VSS | ID = 12289
Description = Volumeschattenkopie-Dienstfehler: Unerwarteter Fehler "CreateFileW(\\?\Volume{5f038143-482c-11dc-a636-544e50303131},0xc0000000,0x00000003,...)".
hr = 0x80070005.
Error - 16.07.2010 13:24:00 | Computer Name = MeinComputername | Source = VSS | ID = 5013
Description = Volumeschattenkopie-Dienstfehler: Von Schattenkopieautor "RemovableStorageManager"
aufgerufene Routine "OpenNtmsSessionW" ist mit Status "0x80070015" (konvertiert
in 0x800423f3) fehlgeschlagen.
Error - 16.07.2010 13:26:25 | Computer Name = MeinComputername | Source = VSS | ID = 12289
Description = Volumeschattenkopie-Dienstfehler: Unerwarteter Fehler "CreateFileW(\\?\Volume{7dd744b0-15b3-11df-8964-806d6172696f},0xc0000000,0x00000003,...)".
hr = 0x80070005.
Error - 16.07.2010 13:26:25 | Computer Name = MeinComputername | Source = VSS | ID = 12289
Description = Volumeschattenkopie-Dienstfehler: Unerwarteter Fehler "CreateFileW(\\?\Volume{4ea464c0-11be-11df-af97-806d6172696f},0xc0000000,0x00000003,...)".
hr = 0x80070005.
Error - 16.07.2010 13:26:25 | Computer Name = MeinComputername | Source = VSS | ID = 12289
Description = Volumeschattenkopie-Dienstfehler: Unerwarteter Fehler "CreateFileW(\\?\Volume{5f038143-482c-11dc-a636-544e50303131},0xc0000000,0x00000003,...)".
hr = 0x80070005.
Error - 16.07.2010 13:26:49 | Computer Name = MeinComputername | Source = VSS | ID = 5013
Description = Volumeschattenkopie-Dienstfehler: Von Schattenkopieautor "RemovableStorageManager"
aufgerufene Routine "OpenNtmsSessionW" ist mit Status "0x80070015" (konvertiert
in 0x800423f3) fehlgeschlagen.
Error - 16.07.2010 16:07:06 | Computer Name = MeinComputername | Source = crypt32 | ID = 131083
Description = Die Extrahierung der Drittanbieterstammlisten aus der automatischen
Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>
ist fehlgeschlagen mit dem Fehler: Ein erforderliches Zertifikat befindet sich
nicht im Gültigkeitszeitraum gemessen an der aktuellen Systemzeit oder dem Zeitstempel
in der signierten Datei. .
Error - 16.07.2010 16:07:06 | Computer Name = MeinComputername | Source = crypt32 | ID = 131083
Description = Die Extrahierung der Drittanbieterstammlisten aus der automatischen
Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>
ist fehlgeschlagen mit dem Fehler: Ein erforderliches Zertifikat befindet sich
nicht im Gültigkeitszeitraum gemessen an der aktuellen Systemzeit oder dem Zeitstempel
in der signierten Datei. .
Error - 16.07.2010 16:07:07 | Computer Name = MeinComputername | Source = crypt32 | ID = 131080
Description = Der automatische Aktualisierungsabruf der Drittanbieterstammlisten-Sequenznummer
von <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>
ist fehlgeschlagen mit dem Fehler: The server name or address could not be resolved
.
[ System Events ]
Error - 16.07.2010 16:04:37 | Computer Name = MeinComputername | Source = sptd | ID = 262148
Description = Der Treiber hat einen internen Fehler in seinen Datenstrukturen für
festgestellt.
Error - 16.07.2010 16:04:37 | Computer Name = MeinComputername | Source = sptd | ID = 262148
Description = Der Treiber hat einen internen Fehler in seinen Datenstrukturen für
festgestellt.
Error - 16.07.2010 16:04:37 | Computer Name = MeinComputername | Source = sptd | ID = 262148
Description = Der Treiber hat einen internen Fehler in seinen Datenstrukturen für
festgestellt.
Error - 16.07.2010 16:04:37 | Computer Name = MeinComputername | Source = sptd | ID = 262148
Description = Der Treiber hat einen internen Fehler in seinen Datenstrukturen für
festgestellt.
Error - 16.07.2010 16:04:37 | Computer Name = MeinComputername | Source = sptd | ID = 262148
Description = Der Treiber hat einen internen Fehler in seinen Datenstrukturen für
festgestellt.
Error - 16.07.2010 16:04:37 | Computer Name = MeinComputername | Source = sptd | ID = 262148
Description = Der Treiber hat einen internen Fehler in seinen Datenstrukturen für
festgestellt.
Error - 16.07.2010 16:04:37 | Computer Name = MeinComputername | Source = sptd | ID = 262148
Description = Der Treiber hat einen internen Fehler in seinen Datenstrukturen für
festgestellt.
Error - 16.07.2010 16:04:37 | Computer Name = MeinComputername | Source = sptd | ID = 262148
Description = Der Treiber hat einen internen Fehler in seinen Datenstrukturen für
festgestellt.
Error - 16.07.2010 16:04:37 | Computer Name = MeinComputername | Source = sptd | ID = 262148
Description = Der Treiber hat einen internen Fehler in seinen Datenstrukturen für
festgestellt.
Error - 16.07.2010 16:08:59 | Computer Name = MeinComputername | Source = DCOM | ID = 10005
Description = Bei DCOM ist der Fehler "%1058" aufgetreten, als der Dienst "wuauserv"
mit den Argumenten "" gestartet wurde, um den folgenden Server zu verwenden: {E60687F7-01A1-40AA-86AC-DB1CBF673334}
< End of report >
--- --- --- |
