Trojaner-Board

Trojaner-Board (https://www.trojaner-board.de/)
-   Plagegeister aller Art und deren Bekämpfung (https://www.trojaner-board.de/plagegeister-aller-art-deren-bekaempfung/)
-   -   Skype Virus: "is this your pic h**p://anitapunja.net/photo_id.php" (https://www.trojaner-board.de/90476-skype-virus-is-this-your-pic-h-p-anitapunja-net-photo_id-php.html)

.Anti. 06.09.2010 23:15
Skype Virus: "is this your pic h**p://anitapunja.net/photo_id.php"
 
Hi

Ich scheine mit einen Trojaner oder sowas in der Richtung eingefangen zu haben (kenne mich da nicht so aus :confused: )

Habe mir das Teil per Skype eingefangen, und zwar bei diesem Link:
"is this your pic h**p://anitapunja.net/photo_id.php"
Und jetzt versucht der Link sich immer per Skype und MSN zu verschicken.

Einen ähnlichen Post gab es bereits hier:
http://www.trojaner-board.de/90043-v...to_id-php.html

Die Maßnahmen haben nur leider nicht geholfen :(

MfG

PS: Malewarebyte- und OTL-Berichte kommen gleich.

.Anti. 06.09.2010 23:17
Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Datenbank Version: 4557

Windows 5.1.2600 Service Pack 3
Internet Explorer 7.0.5730.11

07.09.2010 00:13:26
mbam-log-2010-09-07 (00-13-26).txt

Art des Suchlaufs: Quick-Scan
Durchsuchte Objekte: 141104
Laufzeit: 8 Minute(n), 55 Sekunde(n)

Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 0
Infizierte Registrierungswerte: 0
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 0
Infizierte Dateien: 0

Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte:
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)

Infizierte Dateien:
(Keine bösartigen Objekte gefunden)

.Anti. 06.09.2010 23:18
OTL Logfile:
Code:
OTL logfile created on: 07.09.2010 00:08:14 - Run 1
OTL by OldTimer - Version 3.2.11.0    Folder = C:\Dokumente und Einstellungen\Ich\Desktop\MFTools
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.11)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
1,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 41,00% Memory free
2,00 Gb Paging File | 2,00 Gb Available in Paging File | 66,00% Paging File free
Paging file location(s): C:\pagefile.sys 1024 1024 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 72,65 Gb Total Space | 15,11 Gb Free Space | 20,80% Space Free | Partition Type: FAT32
Drive D: | 73,45 Gb Total Space | 20,47 Gb Free Space | 27,88% Space Free | Partition Type: NTFS
Drive E: | 455,16 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
 
Computer Name: FINN
Current User Name: Ich
Logged in as Administrator.
 
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard
 
========== Processes (SafeList) ==========
 
PRC - [2010.09.06 22:15:36 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Dokumente und Einstellungen\Ich\Desktop\MFTools\OTL.exe
PRC - [2010.09.06 19:47:32 | 000,062,464 | RHS- | M] () -- C:\WINDOWS\nvsvc32.exe
PRC - [2010.09.02 20:40:31 | 001,242,448 | ---- | M] (Valve Corporation) -- D:\Programme\Steam\steam.exe
PRC - [2010.08.22 13:02:26 | 000,133,432 | ---- | M] (ICQ, LLC.) -- D:\Programme\ICQ7.0\ICQ.exe
PRC - [2010.07.31 23:37:22 | 000,908,248 | ---- | M] (Mozilla Corporation) -- D:\Programme\Mozilla Firefox\firefox.exe
PRC - [2010.06.09 01:47:48 | 001,531,904 | ---- | M] (Nokia) -- C:\Programme\Gemeinsame Dateien\Nokia\MPlatform\NokiaMServer.exe
PRC - [2010.05.14 11:44:46 | 000,248,552 | ---- | M] (Sun Microsystems, Inc.) -- C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe
PRC - [2010.04.29 15:39:32 | 001,090,952 | ---- | M] (Malwarebytes Corporation) -- D:\Programme\Malwarebytes' Anti-Malware\mbam.exe
PRC - [2010.01.03 17:07:48 | 000,246,520 | ---- | M] () -- C:\Programme\ICQ6Toolbar\ICQ Service.exe
PRC - [2009.12.07 22:32:12 | 000,053,248 | ---- | M] () -- C:\WINDOWS\system32\Macromed\Shockwave 10\PostUpdate.exe
PRC - [2009.09.26 07:35:02 | 000,819,600 | ---- | M] (Microsoft Corporation) -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
PRC - [2009.09.23 15:04:56 | 000,203,608 | ---- | M] (Microsoft Corporation) -- C:\Programme\Microsoft Application Virtualization Client\sftvsa.exe
PRC - [2009.09.23 15:04:52 | 000,447,832 | ---- | M] (Microsoft Corporation) -- C:\Programme\Microsoft Application Virtualization Client\sftlist.exe
PRC - [2009.08.28 19:42:54 | 000,144,672 | ---- | M] (Apple Inc.) -- C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
PRC - [2009.07.21 13:34:30 | 000,185,089 | ---- | M] (Avira GmbH) -- C:\Programme\Avira\AntiVir Desktop\avguard.exe
PRC - [2009.05.13 15:48:20 | 000,108,289 | ---- | M] (Avira GmbH) -- C:\Programme\Avira\AntiVir Desktop\sched.exe
PRC - [2009.03.02 12:08:44 | 000,209,153 | ---- | M] (Avira GmbH) -- C:\Programme\Avira\AntiVir Desktop\avgnt.exe
PRC - [2008.06.10 12:56:28 | 000,447,560 | ---- | M] (Microsoft Corporation) -- C:\Programme\Microsoft IntelliPoint\dpupdchk.exe
PRC - [2008.04.14 04:22:46 | 001,036,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Explorer.EXE
PRC - [2007.06.16 12:50:28 | 000,068,856 | ---- | M] (Google Inc.) -- C:\Programme\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
PRC - [2006.03.11 22:23:16 | 000,221,184 | ---- | M] (Sony DADC Austria AG.) -- C:\WINDOWS\system32\UAService7.exe
PRC - [2005.06.27 14:32:28 | 000,278,528 | ---- | M] (T-Online International AG, Marmiko IT-Solutions GmbH) -- D:\Programme\T-Online\T-Online_Software_6\Basis-Software\Basis1\ToADiMon.exe
PRC - [2004.07.12 09:54:26 | 000,015,360 | ---- | M] (Microsoft® Corporation) -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\Works Shared\WkCalRem.exe
PRC - [2004.06.03 10:51:28 | 000,172,032 | ---- | M] (Microsoft Corporation) -- C:\Programme\Microsoft IntelliType Pro\type32.exe
PRC - [2004.05.04 19:39:04 | 000,117,760 | ---- | M] (TuneUp Software GmbH) -- C:\Programme\TuneUp WinStyler\WinStylerThemeSvc.exe
PRC - [2004.01.28 09:19:52 | 000,098,304 | ---- | M] (Saitek) -- C:\Programme\Saitek\Software\SaiSmart.exe
PRC - [2004.01.28 09:19:26 | 000,159,744 | ---- | M] (Saitek) -- C:\Programme\Saitek\Software\Profiler.exe
 
 
========== Modules (SafeList) ==========
 
MOD - [2010.09.06 22:15:36 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Dokumente und Einstellungen\Ich\Desktop\MFTools\OTL.exe
MOD - [2009.08.28 09:25:28 | 000,109,072 | ---- | M] (Kaspersky Lab) -- C:\Programme\Kaspersky Lab\Kaspersky Anti-Virus 2010\mzvkbd3.dll
MOD - [2008.04.14 04:21:06 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msscript.ocx
MOD - [2004.05.04 19:39:02 | 000,075,776 | ---- | M] () -- C:\Programme\TuneUp WinStyler\WinStylerThemeHelper.dll
 
 
========== Win32 Services (SafeList) ==========
 
SRV - File not found [On_Demand | Stopped] -- C:\WINDOWS\System32\appmgmts.dll -- (AppMgmt)
SRV - [2010.06.14 15:07:14 | 000,615,936 | ---- | M] (Nokia) [On_Demand | Stopped] -- C:\Programme\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2010.01.03 17:07:48 | 000,246,520 | ---- | M] () [Auto | Running] -- C:\Programme\ICQ6Toolbar\ICQ Service.exe -- (ICQ Service)
SRV - [2009.09.26 07:35:02 | 000,819,600 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\Virtualization Handler\CVHSVC.EXE -- (cvhsvc)
SRV - [2009.09.26 04:28:22 | 004,639,136 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE -- (osppsvc)
SRV - [2009.09.26 03:31:58 | 000,149,336 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE -- (ose)
SRV - [2009.09.23 15:04:56 | 000,203,608 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Programme\Microsoft Application Virtualization Client\sftvsa.exe -- (sftvsa)
SRV - [2009.09.23 15:04:52 | 000,447,832 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Microsoft Application Virtualization Client\sftlist.exe -- (sftlist)
SRV - [2009.08.28 19:42:54 | 000,144,672 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2009.07.21 13:34:30 | 000,185,089 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Programme\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2009.05.25 05:26:40 | 000,303,376 | ---- | M] (Kaspersky Lab) [Auto | Stopped] -- C:\Programme\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe -- (AVP)
SRV - [2009.05.17 22:04:00 | 000,098,488 | ---- | M] (SiSoftware) [On_Demand | Stopped] -- D:\Programme\SiSoftware\SiSoftware Sandra Lite 2009.SP3c\RpcAgentSrv.exe -- (SandraAgentSrv)
SRV - [2009.05.13 15:48:20 | 000,108,289 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Programme\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2007.01.19 12:54:14 | 000,097,136 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\MSN Messenger\usnsvc.exe -- (usnjsvc)
SRV - [2006.03.11 22:23:16 | 000,221,184 | ---- | M] (Sony DADC Austria AG.) [Auto | Running] -- C:\WINDOWS\system32\UAService7.exe -- (UserAccess7) SecuROM User Access Service (V7)
SRV - [2005.04.04 00:41:10 | 000,069,632 | ---- | M] (Macrovision Corporation) [On_Demand | Stopped] -- C:\Programme\Gemeinsame Dateien\InstallShield\Driver\11\Intel 32\IDriverT.exe -- (IDriverT)
SRV - [2004.05.04 19:39:04 | 000,117,760 | ---- | M] (TuneUp Software GmbH) [Auto | Running] -- C:\Programme\TuneUp WinStyler\WinStylerThemeSvc.exe -- (TUWinStylerThemeSvc)
 
 
========== Driver Services (SafeList) ==========
 
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\DRIVERS\usbser_lowerflt.sys -- (upperdev)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\DRIVERS\ultradfg.sys -- (ultradfg)
DRV - File not found [Kernel | On_Demand | Stopped] -- D:\PROGRA~1\T-Online\T-ONLI~1\BASIS-~1\Basis1\MTOnlPktAlyX.SYS -- (MTOnlPktAlyX)
DRV - File not found [Kernel | Auto | Stopped] -- C:\Programme\Acer\eRecovery\int15.sys -- (int15.sys)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\DOKUME~1\Ich\LOKALE~1\Temp\DMSKSSRh.sys -- (DMSKSSRh)
DRV - [2010.04.29 15:39:38 | 000,038,224 | ---- | M] (Malwarebytes Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mbamswissarmy.sys -- (MBAMSwissArmy)
DRV - [2010.02.26 14:32:44 | 000,018,176 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ccdcmb.sys -- (nmwcd)
DRV - [2009.11.25 11:19:04 | 000,056,816 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2009.09.23 15:05:06 | 000,021,864 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Sftredirxp.sys -- (Sftredir)
DRV - [2009.09.23 15:04:56 | 000,014,680 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Programme\Microsoft Application Virtualization Client\drivers\SftVolXP.sys -- (sftvol)
DRV - [2009.09.23 15:04:54 | 000,190,312 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Programme\Microsoft Application Virtualization Client\drivers\sftplayxp.sys -- (sftplay)
DRV - [2009.09.23 15:04:52 | 000,543,064 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Programme\Microsoft Application Virtualization Client\drivers\SftFSXP.sys -- (sftfs)
DRV - [2009.07.30 17:34:10 | 000,296,976 | ---- | M] (Kaspersky Lab) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\klif.sys -- (KLIF)
DRV - [2009.07.30 17:34:10 | 000,128,016 | ---- | M] (Kaspersky Lab) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\kl1.sys -- (kl1)
DRV - [2009.06.15 22:23:50 | 000,717,296 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd)
DRV - [2009.05.16 20:59:44 | 000,019,472 | ---- | M] (Kaspersky Lab) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\klmouflt.sys -- (klmouflt)
DRV - [2009.05.13 17:46:52 | 000,031,760 | ---- | M] (Kaspersky Lab) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\klim5.sys -- (klim5)
DRV - [2009.05.11 09:12:22 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2009.05.09 01:14:20 | 000,014,736 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nuidfltr.sys -- (NuidFltr)
DRV - [2009.05.05 23:37:52 | 000,026,216 | ---- | M] (SiSoftware) [Kernel | On_Demand | Stopped] -- D:\Programme\SiSoftware\SiSoftware Sandra Lite 2009.SP3c\WNt500x86\sandra.sys -- (SANDRA)
DRV - [2009.03.30 09:33:04 | 000,096,104 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avipbb.sys -- (avipbb)
DRV - [2009.02.13 11:35:02 | 000,011,608 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Programme\Avira\AntiVir Desktop\avgio.sys -- (avgio)
DRV - [2009.02.04 09:27:20 | 003,488,768 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2008.12.15 20:41:32 | 000,033,808 | ---- | M] (Kaspersky Lab) [File_System | Boot | Running] -- C:\WINDOWS\system32\drivers\klbg.sys -- (klbg)
DRV - [2008.10.31 20:52:16 | 000,093,184 | R--- | M] (ATI Research Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AtiHdmi.sys -- (AtiHdmiService)
DRV - [2008.08.26 10:26:12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2008.04.13 20:53:10 | 000,040,320 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nmnt.sys -- (nm)
DRV - [2008.04.13 20:46:22 | 000,015,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mpe.sys -- (MPE)
DRV - [2008.04.13 20:45:12 | 000,060,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\USBAUDIO.sys -- (usbaudio) USB-Audiotreiber (WDM)
DRV - [2008.04.13 18:36:06 | 000,144,384 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Hdaudbus.sys -- (HDAudBus)
DRV - [2007.10.12 03:40:00 | 000,009,096 | R--- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\amdide.sys -- (amdide)
DRV - [2007.03.09 17:09:54 | 000,271,360 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\atksgt.sys -- (atksgt)
DRV - [2007.01.31 15:33:46 | 000,005,632 | ---- | M] (GRISOFT, s.r.o.) [Kernel | Boot | Running] -- C:\WINDOWS\System32\DRIVERS\avgarkt.sys -- (AVG Anti-Rootkit)
DRV - [2007.01.18 14:00:28 | 000,003,968 | ---- | M] (GRISOFT, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\AvgArCln.sys -- (AvgArCln)
DRV - [2006.07.01 23:30:28 | 000,043,520 | ---- | M] (Advanced Micro Devices) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\AmdK8.sys -- (AmdK8)
DRV - [2006.06.10 18:47:12 | 000,018,048 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\lirsgt.sys -- (lirsgt)
DRV - [2006.05.22 06:40:30 | 000,017,152 | ---- | M] (T-Online International AG, Marmiko IT-Solutions GmbH) [Kernel | On_Demand | Stopped] -- C:\Programme\Gemeinsame Dateien\Marmiko Shared\MInfraIS\MIINPazx.sys -- (MIINPazX)
DRV - [2006.05.05 05:53:30 | 000,985,472 | ---- | M] (AVerMedia TECHNOLOGIES, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AVerBDA3x.sys -- (AVerA700)
DRV - [2005.11.03 16:40:08 | 000,063,488 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\sfvfs02.sys -- (sfvfs02) StarForce Protection VFS Driver (version 2.x)
DRV - [2005.10.22 07:38:00 | 000,006,144 | ---- | M] (NewTech Infosystems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\NTIDrvr.sys -- (NTIDrvr)
DRV - [2005.07.01 06:30:32 | 000,230,272 | R--- | M] (Marvell) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\yk51x86.sys -- (yukonwxp)
DRV - [2005.07.01 06:29:28 | 003,134,976 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2005.06.08 08:31:30 | 002,319,680 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ALCXWDM.SYS -- (ALCXWDM) Service for Realtek AC97 Audio (WDM)
DRV - [2005.06.01 17:40:10 | 000,097,920 | ---- | M] (Silicon Image, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\SI3112r.sys -- (SI3112r)
DRV - [2005.06.01 17:40:10 | 000,010,240 | ---- | M] (Silicon Image, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\SiWinAcc.sys -- (SiFilter)
DRV - [2005.03.15 17:04:00 | 000,161,792 | ---- | M] (OmniVision Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ov530vid.sys -- (ovt530)
DRV - [2005.03.04 11:10:26 | 000,074,496 | ---- | M] (Realtek Semiconductor Corporation                          ) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Rtlnicxp.sys -- (RTL8023xp)
DRV - [2005.02.23 14:58:56 | 000,011,776 | ---- | M] (Arcsoft, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\afc.sys -- (Afc)
DRV - [2005.01.07 17:07:16 | 000,145,920 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Hdaudio.sys -- (HdAudAddService)
DRV - [2004.12.17 17:14:44 | 000,013,952 | ---- | M] () [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\UBHelper.sys -- (UBHelper)
DRV - [2004.08.03 22:31:34 | 000,020,992 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\RTL8139.sys -- (rtl8139) NT-Treiber für Realtek RTL8139(A/B/C)
DRV - [2004.01.30 15:29:38 | 000,055,808 | ---- | M] (Saitek) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\SaiH0464.sys -- (SaiH0464)
DRV - [2004.01.28 09:09:36 | 000,026,624 | ---- | M] (Saitek) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\SaiNtBus.sys -- (SaiNtBus)
DRV - [2004.01.28 09:09:34 | 000,015,232 | ---- | M] (Saitek) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\SaiMini.sys -- (SaiMini)
DRV - [2003.09.19 15:45:48 | 000,021,248 | ---- | M] (Padus, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\pfc.sys -- (pfc)
DRV - [2003.07.02 04:42:00 | 000,027,904 | ---- | M] (VIA Technologies, Inc.) [Kernel | Boot | Stopped] -- C:\WINDOWS\system32\DRIVERS\viaagp1.sys -- (viaagp1)
DRV - [2000.07.24 01:01:00 | 000,019,537 | ---- | M] (Brother Industries Ltd.) [Kernel | Auto | Running] -- C:\WINDOWS\System32\drivers\BrPar.sys -- (BrPar)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = hxxp://www.google.com/ie
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://www.google.com/ie
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP =
IE - HKCU\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - Reg Error: Key error. File not found
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
========== FireFox ==========
 
FF - prefs.js..browser.startup.homepage: "schueler.cc|travian.at|youtube.com"
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.2.2
FF - prefs.js..extensions.enabledItems: {D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}:0.9.7.1
FF - prefs.js..extensions.enabledItems: {A27F3FEF-1113-4cfb-A032-8E12D7D8EE70}:7.3.3.42
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: {35106bca-6c78-48c7-ac28-56df30b51d2a}:1.3.8
FF - prefs.js..extensions.enabledItems: {ACAA314B-EEBA-48e4-AD47-84E31C44796C}:1.0.1
 
FF - HKLM\software\mozilla\Firefox\Extensions\\{A27F3FEF-1113-4cfb-A032-8E12D7D8EE70}: C:\Programme\Nokia\Nokia Ovi Suite\Connectors\Bookmarks Connector\FirefoxExtension\ [2010.09.01 03:44:34 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.11\extensions\\Components: D:\Programme\Mozilla Firefox\components [2010.07.31 23:37:26 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.11\extensions\\Plugins: D:\Programme\Mozilla Firefox\plugins [2010.07.31 23:37:26 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Thunderbird 2.0.0.24\extensions\\Components: C:\Programme\Mozilla Thunderbird\components [2007.05.01 16:30:44 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Thunderbird 2.0.0.24\extensions\\Plugins: C:\Programme\Mozilla Thunderbird\plugins [2008.09.05 15:05:18 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Thunderbird\Extensions\\{CCB7D94B-CA92-4E3F-B79D-ADE0F07ADC74}: C:\Programme\Nokia\Nokia Ovi Suite\Connectors\Thunderbird Connector\ThunderbirdExtension\ [2010.09.01 03:44:32 | 000,000,000 | ---D | M]
 
[2010.04.13 14:06:06 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Ich\Anwendungsdaten\Mozilla\Extensions
[2010.04.13 14:06:06 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Ich\Anwendungsdaten\Mozilla\Firefox\Profiles\7wx31l7l.default\extensions
[2010.04.13 14:35:58 | 000,000,000 | ---D | M] (Linkification) -- C:\Dokumente und Einstellungen\Ich\Anwendungsdaten\Mozilla\Firefox\Profiles\7wx31l7l.default\extensions\{35106bca-6c78-48c7-ac28-56df30b51d2a}
[2010.09.06 16:07:58 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\Ich\Anwendungsdaten\Mozilla\Firefox\Profiles\7wx31l7l.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
[2010.08.19 23:50:02 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Dokumente und Einstellungen\Ich\Anwendungsdaten\Mozilla\Firefox\Profiles\7wx31l7l.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2010.09.01 04:39:28 | 000,000,000 | ---D | M] (Download Statusbar) -- C:\Dokumente und Einstellungen\Ich\Anwendungsdaten\Mozilla\Firefox\Profiles\7wx31l7l.default\extensions\{D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}
[2010.04.18 14:08:46 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Ich\Anwendungsdaten\Mozilla\Firefox\Profiles\7wx31l7l.default\extensions\youtube2mp3@mondayx.de
[2010.01.14 23:08:20 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Ich\Anwendungsdaten\Mozilla\Firefox\Profiles\cg7plwxo.default\extensions
[2010.04.11 18:03:30 | 000,000,000 | ---D | M] (Linkification) -- C:\Dokumente und Einstellungen\Ich\Anwendungsdaten\Mozilla\Firefox\Profiles\cg7plwxo.default\extensions\{35106bca-6c78-48c7-ac28-56df30b51d2a}
[2010.09.06 16:07:58 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\Ich\Anwendungsdaten\Mozilla\Firefox\Profiles\cg7plwxo.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
[2010.04.11 15:12:12 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Dokumente und Einstellungen\Ich\Anwendungsdaten\Mozilla\Firefox\Profiles\cg7plwxo.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2010.03.17 14:48:46 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Ich\Anwendungsdaten\Mozilla\Firefox\Profiles\cg7plwxo.default\extensions\Foxdie@tanjihay.com
 
O1 HOSTS File: ([2010.09.06 23:29:34 | 000,000,098 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1      localhost
O1 - Hosts: ::1      localhost
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (AskBar BHO) - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Programme\AskBarDis\bar\bin\askBar.dll (Ask.com)
O2 - BHO: (IEVkbdBHO Class) - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Programme\Kaspersky Lab\Kaspersky Anti-Virus 2010\ievkbd.dll (Kaspersky Lab)
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - No CLSID value found.
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\Programme\Google\GoogleToolbar3.dll (Google Germany GmbH)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programme\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll (Google Inc.)
O2 - BHO: (FilterBHO Class) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Programme\Kaspersky Lab\Kaspersky Anti-Virus 2010\klwtbbho.dll (Kaspersky Lab)
O3 - HKLM\..\Toolbar: (&Google) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\Programme\Google\GoogleToolbar3.dll (Google Germany GmbH)
O3 - HKLM\..\Toolbar: (Ask Toolbar) - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Programme\AskBarDis\bar\bin\askBar.dll (Ask.com)
O3 - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Programme\DAEMON Tools Toolbar\DTToolbar.dll ()
O3 - HKLM\..\Toolbar: (no name) - {855F3B16-6D32-4fe6-8A56-BBB695989046} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (&Google) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\Programme\Google\GoogleToolbar3.dll (Google Germany GmbH)
O3 - HKCU\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Programme\DAEMON Tools Toolbar\DTToolbar.dll ()
O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\Alcmtr.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [avgnt] C:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [AVP] C:\Programme\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe (Kaspersky Lab)
O4 - HKLM..\Run: [BluetoothAuthenticationAgent] C:\WINDOWS\System32\bthprops.cpl (Microsoft Corporation)
O4 - HKLM..\Run: [Free Quick Keylogger] D:\Programme\WideStep Software\Free Quick Keylogger\qpanel.exe File not found
O4 - HKLM..\Run: [High Definition Audio Property Page Shortcut] C:\WINDOWS\System32\HdAShCut.exe (Windows (R) Server 2003 DDK provider)
O4 - HKLM..\Run: [IMJPMIG8.1] C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE (Microsoft Corporation)
O4 - HKLM..\Run: [KernelFaultCheck]  File not found
O4 - HKLM..\Run: [LaunchApp] C:\WINDOWS\Alaunch.exe (Acer Inc.)
O4 - HKLM..\Run: [Malwarebytes Anti-Malware (reboot)] D:\Programme\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [MSPY2002] C:\WINDOWS\System32\IME\PINTLGNT\ImScInst.exe ()
O4 - HKLM..\Run: [NokiaMServer] C:\Programme\Gemeinsame Dateien\Nokia\MPlatform\NokiaMServer.exe (Nokia)
O4 - HKLM..\Run: [NokiaMusic FastStart] C:\Programme\Nokia\Ovi Player\NokiaOviPlayer.exe (Nokia)
O4 - HKLM..\Run: [ntiMUI] c:\Programme\NewTech Infosystems\NTI CD & DVD-Maker 7\ntiMUI.exe ()
O4 - HKLM..\Run: [NVIDIA driver monitor] C:\WINDOWS\nvsvc32.exe ()
O4 - HKLM..\Run: [PHIME2002A] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE (Microsoft Corporation)
O4 - HKLM..\Run: [PHIME2002ASync] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE (Microsoft Corporation)
O4 - HKLM..\Run: [Profiler] C:\Programme\Saitek\Software\Profiler.exe (Saitek)
O4 - HKLM..\Run: [SaiSmart] C:\Programme\Saitek\Software\SaiSmart.exe (Saitek)
O4 - HKLM..\Run: [StartCCC] C:\Programme\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [ToADiMon.exe] D:\Programme\T-Online\T-Online_Software_6\Basis-Software\Basis1\ToADiMon.exe (T-Online International AG, Marmiko IT-Solutions GmbH)
O4 - HKLM..\Run: [type32] C:\Programme\Microsoft IntelliType Pro\type32.exe (Microsoft Corporation)
O4 - HKLM..\Run: [UserFaultCheck]  File not found
O4 - HKCU..\Run: []  File not found
O4 - HKCU..\Run: [ICQ] D:\Programme\ICQ7.0\ICQ.exe (ICQ, LLC.)
O4 - HKCU..\Run: [NVIDIA driver monitor] C:\WINDOWS\nvsvc32.exe ()
O4 - HKCU..\Run: [RGSC] D:\Programme\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe File not found
O4 - HKCU..\Run: [Steam] d:\programme\steam\steam.exe (Valve Corporation)
O4 - HKCU..\Run: [swg] C:\Programme\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
O4 - HKCU..\RunOnce: [SWHelper] C:\WINDOWS\System32\Macromed\Shockwave 10\PostUpdate.exe ()
O4 - Startup: C:\Dokumente und Einstellungen\Ich\Startmenü\Programme\Zubehör\Autostart\WKCALREM.LNK = C:\Programme\Gemeinsame Dateien\Microsoft Shared\Works Shared\WkCalRem.exe (Microsoft® Corporation)
O4 - Startup: C:\Dokumente und Einstellungen\Ich\Startmenü\Programme\Zubehör\Autostart\Registration .LNK = C:\Programme\Ubisoft\Peter Jackson's King Kong - The Official Game of the Movie\RegistrationReminder.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9 - Extra Button: &Virtuelle Tastatur - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Programme\Kaspersky Lab\Kaspersky Anti-Virus 2010\klwtbbho.dll (Kaspersky Lab)
O9 - Extra Button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Programme\ICQLite\ICQLite.exe File not found
O9 - Extra 'Tools' menuitem : ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Programme\ICQLite\ICQLite.exe File not found
O9 - Extra Button: Li&nks untersuchen - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Programme\Kaspersky Lab\Kaspersky Anti-Virus 2010\klwtbbho.dll (Kaspersky Lab)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} hxxp://go.microsoft.com/fwlink/?linkid=39204 (Windows Genuine Advantage Validation Tool)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} hxxp://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1135673099383 (WUWebControl Class)
O16 - DPF: {CAFEEFAC-0015-0000-0002-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_02-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0015-0000-0009-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_09-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0015-0000-0010-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_10-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_01-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} hxxp://icq.oberon-media.com/Gameshell/GameHost/1.0/OberonGameHost.cab (Oberon Flash Game Host)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O18 - Protocol\Handler\cdo {CD00020A-8B95-11D1-82DB-00C04FB1625D} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Web Folders\PKMCDO.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\MSN Messenger\msgrapp.8.1.0178.00.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\MSN Messenger\msgrapp.8.1.0178.00.dll (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Web Components\10\OWC10.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Gemeinsame Dateien\Skype\Skype4COM.dll (Skype Technologies)
O20 - AppInit_DLLs: (C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll) - C:\Programme\Kaspersky Lab\Kaspersky Anti-Virus 2010\mzvkbd3.dll (Kaspersky Lab)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\Explorer.EXE (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O20 - Winlogon\Notify\klogon: DllName - C:\WINDOWS\system32\klogon.dll - C:\WINDOWS\system32\klogon.dll (Kaspersky Lab)
O24 - Desktop Components:0 (Die derzeitige Homepage) - About:Home
O24 - Desktop WallPaper: C:\Dokumente und Einstellungen\Ich\Lokale Einstellungen\Anwendungsdaten\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Dokumente und Einstellungen\Ich\Lokale Einstellungen\Anwendungsdaten\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 0
O32 - AutoRun File - [2005.10.22 07:38:32 | 000,000,050 | ---- | M] () - C:\AUTOEXEC.BAT -- [ FAT32 ]
O32 - AutoRun File - [2009.11.01 14:36:42 | 000,000,098 | R--- | M] () - E:\autorun.inf -- [ CDFS ]
O33 - MountPoints2\{88a678a3-9cc9-11df-ae16-000d3aa31867}\Shell\AutoRun\command - "" = F:\Menu.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
========== Files/Folders - Created Within 30 Days ==========
 
[2010.09.06 23:29:18 | 000,000,000 | ---D | C] -- C:\_OTL
[2010.09.06 22:16:47 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Ich\Anwendungsdaten\Malwarebytes
[2010.09.06 22:16:28 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010.09.06 22:16:22 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Malwarebytes
[2010.09.06 22:16:21 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2010.09.06 22:15:06 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Ich\Desktop\MFTools
[2010.09.06 16:35:22 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Ich\Anwendungsdaten\Mp3tag
[2010.09.06 16:07:54 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Ich\Anwendungsdaten\DVDVideoSoftIEHelpers
[2010.09.06 07:27:27 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Ich\Desktop\Neuer Ordner
[2010.09.01 21:27:52 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Ich\Anwendungsdaten\Nokia Ovi Suite
[2010.09.01 04:05:33 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Ich\Lokale Einstellungen\Anwendungsdaten\NokiaAccount
[2010.09.01 03:50:49 | 000,000,000 | ---D | C] -- C:\WINDOWS\Globalization
[2010.09.01 03:50:22 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\NokiaMusic
[2010.09.01 03:50:06 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Ich\Lokale Einstellungen\Anwendungsdaten\Nokia
[2010.09.01 03:44:21 | 000,018,816 | ---- | C] (Nokia) -- C:\WINDOWS\System32\drivers\pccsmcfd.sys
[2010.09.01 03:44:11 | 000,000,000 | ---D | C] -- C:\Programme\PC Connectivity Solution
[2010.09.01 03:43:22 | 001,461,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wdfcoinstaller01009.dll
[2010.09.01 03:43:22 | 000,662,016 | ---- | C] (Nokia) -- C:\WINDOWS\System32\nmwcdcocls.dll
[2010.09.01 03:43:22 | 000,018,176 | ---- | C] (Nokia) -- C:\WINDOWS\System32\drivers\ccdcmb.sys
[2010.09.01 03:40:39 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\NokiaInstallerCache
[2010.08.21 18:33:32 | 000,000,000 | -HSD | C] -- C:\FOUND.069
[2010.08.20 03:55:24 | 000,153,376 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe
[2010.08.20 03:55:24 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe
[2010.08.20 03:55:24 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe
[2010.08.11 04:42:15 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Blizzard Entertainment
[2010.08.11 04:41:24 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Blizzard
[2010.08.11 04:41:01 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Ich\Lokale Einstellungen\Anwendungsdaten\Blizzard Entertainment
[2010.08.11 04:39:16 | 000,000,000 | ---D | C] -- C:\Programme\World of Warcraft Trial
[2010.08.10 05:25:54 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Ich\Desktop\Lil Wayne - The Blue Martian [Deluxe Edition] - Mixtape Evolution
[2007.05.31 19:23:56 | 001,673,576 | ---- | C] (Microsoft Corporation) -- C:\Programme\dsetup32.dll
[2007.05.31 19:23:56 | 000,503,144 | ---- | C] (Microsoft Corporation) -- C:\Programme\DXSETUP.exe
[2007.05.31 19:23:56 | 000,077,160 | ---- | C] (Microsoft Corporation) -- C:\Programme\DSETUP.dll
[3 C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\*.tmp files -> C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2010.09.06 23:59:58 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt01.sqm
[2010.09.06 23:59:58 | 000,000,232 | -H-- | M] () -- C:\sqmdata01.sqm
[2010.09.06 23:57:06 | 000,054,016 | ---- | M] () -- C:\WINDOWS\System32\drivers\kilkv.sys
[2010.09.06 23:57:06 | 000,000,146 | ---- | M] () -- C:\WINDOWS\System32\xdpbe
[2010.09.06 23:46:34 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt00.sqm
[2010.09.06 23:46:34 | 000,000,232 | -H-- | M] () -- C:\sqmdata00.sqm
[2010.09.06 23:38:52 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt19.sqm
[2010.09.06 23:38:52 | 000,000,232 | -H-- | M] () -- C:\sqmdata19.sqm
[2010.09.06 23:38:00 | 000,121,808 | ---- | M] () -- C:\WINDOWS\System32\ativvaxx.cap
[2010.09.06 23:34:52 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010.09.06 23:34:46 | 1609,093,120 | -HS- | M] () -- C:\hiberfil.sys
[2010.09.06 23:29:50 | 000,004,661 | ---- | M] () -- C:\WINDOWS\bthservsdp.dat
[2010.09.06 23:29:46 | 015,466,496 | ---- | M] () -- C:\Dokumente und Einstellungen\Ich\ntuser.dat
[2010.09.06 23:29:46 | 000,000,190 | -HS- | M] () -- C:\Dokumente und Einstellungen\Ich\ntuser.ini
[2010.09.06 23:19:52 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt18.sqm
[2010.09.06 23:19:52 | 000,000,232 | -H-- | M] () -- C:\sqmdata18.sqm
[2010.09.06 23:15:56 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt17.sqm
[2010.09.06 23:15:56 | 000,000,232 | -H-- | M] () -- C:\sqmdata17.sqm
[2010.09.06 23:06:40 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt16.sqm
[2010.09.06 23:06:40 | 000,000,232 | -H-- | M] () -- C:\sqmdata16.sqm
[2010.09.06 22:53:10 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt15.sqm
[2010.09.06 22:53:10 | 000,000,232 | -H-- | M] () -- C:\sqmdata15.sqm
[2010.09.06 22:45:36 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt14.sqm
[2010.09.06 22:45:36 | 000,000,232 | -H-- | M] () -- C:\sqmdata14.sqm
[2010.09.06 22:41:00 | 000,012,718 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010.09.06 22:19:30 | 000,505,354 | ---- | M] () -- C:\WINDOWS\System32\perfh007.dat
[2010.09.06 22:19:30 | 000,481,534 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010.09.06 22:19:30 | 000,104,430 | ---- | M] () -- C:\WINDOWS\System32\perfc007.dat
[2010.09.06 22:19:30 | 000,087,734 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010.09.06 22:19:28 | 001,195,698 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2010.09.06 22:16:34 | 000,000,556 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2010.09.06 22:15:32 | 000,050,477 | ---- | M] () -- C:\Dokumente und Einstellungen\Ich\Desktop\defogger.exe
[2010.09.06 22:15:28 | 000,284,915 | ---- | M] () -- C:\Dokumente und Einstellungen\Ich\Desktop\Gmer.zip
[2010.09.06 22:14:50 | 000,388,197 | ---- | M] () -- C:\Dokumente und Einstellungen\Ich\Desktop\Load.exe
[2010.09.06 22:13:28 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt13.sqm
[2010.09.06 22:13:28 | 000,000,232 | -H-- | M] () -- C:\sqmdata13.sqm
[2010.09.06 21:46:26 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt12.sqm
[2010.09.06 21:46:26 | 000,000,232 | -H-- | M] () -- C:\sqmdata12.sqm
[2010.09.06 21:33:04 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt11.sqm
[2010.09.06 21:33:04 | 000,000,232 | -H-- | M] () -- C:\sqmdata11.sqm
[2010.09.06 21:19:44 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt10.sqm
[2010.09.06 21:19:44 | 000,000,232 | -H-- | M] () -- C:\sqmdata10.sqm
[2010.09.06 21:06:26 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt09.sqm
[2010.09.06 21:06:26 | 000,000,232 | -H-- | M] () -- C:\sqmdata09.sqm
[2010.09.06 20:53:02 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt08.sqm
[2010.09.06 20:53:02 | 000,000,232 | -H-- | M] () -- C:\sqmdata08.sqm
[2010.09.06 20:41:30 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt07.sqm
[2010.09.06 20:41:30 | 000,000,232 | -H-- | M] () -- C:\sqmdata07.sqm
[2010.09.06 20:26:24 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt06.sqm
[2010.09.06 20:26:24 | 000,000,232 | -H-- | M] () -- C:\sqmdata06.sqm
[2010.09.06 20:13:16 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt05.sqm
[2010.09.06 20:13:16 | 000,000,232 | -H-- | M] () -- C:\sqmdata05.sqm
[2010.09.06 19:59:52 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt04.sqm
[2010.09.06 19:59:52 | 000,000,232 | -H-- | M] () -- C:\sqmdata04.sqm
[2010.09.06 19:48:42 | 000,002,341 | ---- | M] () -- C:\WINDOWS\mdll.dl
[2010.09.06 19:48:40 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt03.sqm
[2010.09.06 19:48:40 | 000,000,232 | -H-- | M] () -- C:\sqmdata03.sqm
[2010.09.06 19:47:32 | 000,062,464 | RHS- | M] () -- C:\WINDOWS\nvsvc32.exe
[2010.09.06 16:34:58 | 000,000,542 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Mp3tag.lnk
[2010.09.06 16:07:44 | 000,000,819 | ---- | M] () -- C:\Dokumente und Einstellungen\Ich\Desktop\DVDVideoSoft Free Studio.lnk
[2010.09.02 20:40:56 | 000,071,688 | ---- | M] () -- C:\Dokumente und Einstellungen\Ich\Lokale Einstellungen\Anwendungsdaten\GDIPFONTCACHEV1.DAT
[2010.09.02 20:37:28 | 000,273,376 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010.09.02 20:29:54 | 000,000,237 | ---- | M] () -- C:\WINDOWS\Brownie.ini
[2010.09.02 17:07:56 | 000,002,261 | ---- | M] () -- C:\Dokumente und Einstellungen\Ich\Desktop\Google Chrome.lnk
[2010.09.01 04:13:04 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\Msft_User_PCCSWpdDriver_01_09_00.Wdf
[2010.09.01 04:12:58 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\MsftWdf_user_01_09_00.Wdf
[2010.09.01 04:07:14 | 000,001,355 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2010.09.01 04:07:14 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\MsftWdf_Kernel_01009_Coinstaller_Critical.Wdf
[2010.09.01 04:07:14 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\Msft_Kernel_ccdcmb_01009.Wdf
[2010.09.01 03:50:42 | 000,001,880 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Nokia Ovi Player.lnk
[2010.09.01 03:49:10 | 000,001,673 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Nokia Ovi Suite.lnk
[2010.08.22 17:30:56 | 000,031,001 | ---- | M] () -- C:\Dokumente und Einstellungen\Ich\Desktop\JAck the Ripper.odt
[3 C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\*.tmp files -> C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2010.09.06 23:57:05 | 000,054,016 | ---- | C] () -- C:\WINDOWS\System32\drivers\kilkv.sys
[2010.09.06 23:57:05 | 000,000,146 | ---- | C] () -- C:\WINDOWS\System32\xdpbe
[2010.09.06 23:38:51 | 000,000,244 | -H-- | C] () -- C:\sqmnoopt19.sqm
[2010.09.06 23:38:51 | 000,000,232 | -H-- | C] () -- C:\sqmdata19.sqm
[2010.09.06 23:19:51 | 000,000,244 | -H-- | C] () -- C:\sqmnoopt18.sqm
[2010.09.06 23:19:51 | 000,000,232 | -H-- | C] () -- C:\sqmdata18.sqm
[2010.09.06 23:15:54 | 000,000,244 | -H-- | C] () -- C:\sqmnoopt17.sqm
[2010.09.06 23:15:54 | 000,000,232 | -H-- | C] () -- C:\sqmdata17.sqm
[2010.09.06 23:06:38 | 000,000,244 | -H-- | C] () -- C:\sqmnoopt16.sqm
[2010.09.06 23:06:38 | 000,000,232 | -H-- | C] () -- C:\sqmdata16.sqm
[2010.09.06 22:53:08 | 000,000,244 | -H-- | C] () -- C:\sqmnoopt15.sqm
[2010.09.06 22:53:08 | 000,000,232 | -H-- | C] () -- C:\sqmdata15.sqm
[2010.09.06 22:45:34 | 000,000,244 | -H-- | C] () -- C:\sqmnoopt14.sqm
[2010.09.06 22:45:34 | 000,000,232 | -H-- | C] () -- C:\sqmdata14.sqm
[2010.09.06 22:16:32 | 000,000,556 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2010.09.06 22:15:31 | 000,050,477 | ---- | C] () -- C:\Dokumente und Einstellungen\Ich\Desktop\defogger.exe
[2010.09.06 22:15:26 | 000,284,915 | ---- | C] () -- C:\Dokumente und Einstellungen\Ich\Desktop\Gmer.zip
[2010.09.06 22:14:50 | 000,388,197 | ---- | C] () -- C:\Dokumente und Einstellungen\Ich\Desktop\Load.exe
[2010.09.06 22:13:26 | 000,000,244 | -H-- | C] () -- C:\sqmnoopt13.sqm
[2010.09.06 22:13:26 | 000,000,232 | -H-- | C] () -- C:\sqmdata13.sqm
[2010.09.06 21:46:25 | 000,000,244 | -H-- | C] () -- C:\sqmnoopt12.sqm
[2010.09.06 21:46:25 | 000,000,232 | -H-- | C] () -- C:\sqmdata12.sqm
[2010.09.06 21:33:02 | 000,000,244 | -H-- | C] () -- C:\sqmnoopt11.sqm
[2010.09.06 21:33:02 | 000,000,232 | -H-- | C] () -- C:\sqmdata11.sqm
[2010.09.06 21:19:43 | 000,000,244 | -H-- | C] () -- C:\sqmnoopt10.sqm
[2010.09.06 21:19:43 | 000,000,232 | -H-- | C] () -- C:\sqmdata10.sqm
[2010.09.06 21:06:24 | 000,000,244 | -H-- | C] () -- C:\sqmnoopt09.sqm
[2010.09.06 21:06:24 | 000,000,232 | -H-- | C] () -- C:\sqmdata09.sqm
[2010.09.06 20:53:01 | 000,000,244 | -H-- | C] () -- C:\sqmnoopt08.sqm
[2010.09.06 20:53:01 | 000,000,232 | -H-- | C] () -- C:\sqmdata08.sqm
[2010.09.06 20:41:28 | 000,000,244 | -H-- | C] () -- C:\sqmnoopt07.sqm
[2010.09.06 20:41:28 | 000,000,232 | -H-- | C] () -- C:\sqmdata07.sqm
[2010.09.06 20:26:22 | 000,000,244 | -H-- | C] () -- C:\sqmnoopt06.sqm
[2010.09.06 20:26:22 | 000,000,232 | -H-- | C] () -- C:\sqmdata06.sqm
[2010.09.06 20:13:15 | 000,000,244 | -H-- | C] () -- C:\sqmnoopt05.sqm
[2010.09.06 20:13:15 | 000,000,232 | -H-- | C] () -- C:\sqmdata05.sqm
[2010.09.06 19:59:50 | 000,000,244 | -H-- | C] () -- C:\sqmnoopt04.sqm
[2010.09.06 19:59:50 | 000,000,232 | -H-- | C] () -- C:\sqmdata04.sqm
[2010.09.06 19:48:40 | 000,002,341 | ---- | C] () -- C:\WINDOWS\mdll.dl
[2010.09.06 19:48:39 | 000,000,244 | -H-- | C] () -- C:\sqmnoopt03.sqm
[2010.09.06 19:48:39 | 000,000,232 | -H-- | C] () -- C:\sqmdata03.sqm
[2010.09.06 19:47:31 | 000,062,464 | RHS- | C] () -- C:\WINDOWS\nvsvc32.exe
[2010.09.06 16:34:57 | 000,000,542 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Mp3tag.lnk
[2010.09.02 20:30:40 | 000,159,072 | ---- | C] () -- C:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\Anwendungsdaten\FontCache3.0.0.0.dat
[2010.09.01 04:13:03 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\Msft_User_PCCSWpdDriver_01_09_00.Wdf
[2010.09.01 04:12:56 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\MsftWdf_user_01_09_00.Wdf
[2010.09.01 04:07:13 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\Msft_Kernel_ccdcmb_01009.Wdf
[2010.09.01 04:07:12 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\MsftWdf_Kernel_01009_Coinstaller_Critical.Wdf
[2010.09.01 03:50:40 | 000,001,880 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Nokia Ovi Player.lnk
[2010.09.01 03:49:08 | 000,001,673 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Nokia Ovi Suite.lnk
[2010.08.22 16:34:49 | 000,031,001 | ---- | C] () -- C:\Dokumente und Einstellungen\Ich\Desktop\JAck the Ripper.odt
[2009.12.30 14:27:46 | 000,000,000 | ---- | C] () -- C:\WINDOWS\brmx2001.ini
[2009.12.30 14:27:41 | 000,000,114 | ---- | C] () -- C:\WINDOWS\System32\brlmw03a.ini
[2009.12.04 15:02:54 | 000,132,608 | ---- | C] () -- C:\WINDOWS\System32\lua5.1a.dll
[2009.11.05 21:09:57 | 000,000,064 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\sandra.ldb
[2009.06.15 22:23:49 | 000,717,296 | ---- | C] () -- C:\WINDOWS\System32\drivers\sptd.sys
[2009.06.15 11:30:37 | 000,002,876 | ---- | C] () -- C:\WINDOWS\ATICIM.INI
[2009.06.10 14:27:29 | 010,448,896 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\sandra.mda
[2008.12.26 21:41:29 | 003,086,336 | ---- | C] () -- C:\WINDOWS\System32\flvvideo.dll
[2008.12.26 21:27:55 | 004,762,112 | ---- | C] () -- C:\WINDOWS\System32\NCMedia.dll
[2008.12.26 21:27:55 | 000,383,238 | ---- | C] () -- C:\WINDOWS\System32\libmp3lame-0.dll
[2008.10.22 05:29:06 | 000,173,550 | ---- | C] () -- C:\WINDOWS\System32\xlive.dll.cat
[2008.06.30 19:50:08 | 000,000,012 | ---- | C] () -- C:\WINDOWS\dirsaver.ini
[2008.01.13 16:48:55 | 000,000,110 | ---- | C] () -- C:\WINDOWS\AVerText.ini
[2007.12.24 17:27:41 | 000,363,520 | ---- | C] () -- C:\WINDOWS\System32\PsisDecd.dll
[2007.12.24 17:27:41 | 000,363,520 | ---- | C] () -- C:\WINDOWS\System32\PsisDecd(2).dll
[2007.12.24 17:27:35 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\34CoInstaller.dll
[2007.08.01 17:29:04 | 000,000,025 | ---- | C] () -- C:\WINDOWS\cdplayer.ini
[2007.05.31 19:43:44 | 000,703,258 | ---- | C] () -- C:\Programme\JUN2007_d3dx10_34_x64.cab
[2007.05.31 19:43:42 | 001,611,772 | ---- | C] () -- C:\Programme\JUN2007_d3dx9_34_x64.cab
[2007.05.31 19:43:42 | 000,701,218 | ---- | C] () -- C:\Programme\JUN2007_d3dx10_34_x86.cab
[2007.05.31 19:43:40 | 001,610,203 | ---- | C] () -- C:\Programme\JUN2007_d3dx9_34_x86.cab
[2007.05.31 19:43:40 | 000,200,646 | ---- | C] () -- C:\Programme\JUN2007_XACT_x64.cab
[2007.05.31 19:43:40 | 000,155,892 | ---- | C] () -- C:\Programme\JUN2007_XACT_x86.cab
[2007.05.31 19:43:38 | 000,044,687 | ---- | C] () -- C:\Programme\dxdllreg_x86.cab
[2007.05.31 19:23:58 | 000,086,401 | ---- | C] () -- C:\Programme\dxupdate.cab
[2007.05.31 19:23:56 | 001,413,862 | ---- | C] () -- C:\Programme\OCT2006_d3dx9_31_x64.cab
[2007.05.31 19:23:56 | 001,336,890 | ---- | C] () -- C:\Programme\Jun2005_d3dx9_26_x64.cab
[2007.05.31 19:23:56 | 001,128,177 | ---- | C] () -- C:\Programme\OCT2006_d3dx9_31_x86.cab
[2007.05.31 19:23:56 | 001,065,813 | ---- | C] () -- C:\Programme\Jun2005_d3dx9_26_x86.cab
[2007.05.31 19:23:56 | 000,183,321 | ---- | C] () -- C:\Programme\OCT2006_XACT_x64.cab
[2007.05.31 19:23:56 | 000,181,745 | ---- | C] () -- C:\Programme\JUN2006_XACT_x64.cab
[2007.05.31 19:23:56 | 000,138,977 | ---- | C] () -- C:\Programme\OCT2006_XACT_x86.cab
[2007.05.31 19:23:56 | 000,134,631 | ---- | C] () -- C:\Programme\JUN2006_XACT_x86.cab
[2007.05.31 19:23:56 | 000,086,925 | ---- | C] () -- C:\Programme\Oct2005_xinput_x64.cab
[2007.05.31 19:23:56 | 000,046,247 | ---- | C] () -- C:\Programme\Oct2005_xinput_x86.cab
[2007.05.31 19:23:54 | 001,610,958 | ---- | C] () -- C:\Programme\APR2007_d3dx9_33_x64.cab
[2007.05.31 19:23:54 | 001,609,639 | ---- | C] () -- C:\Programme\APR2007_d3dx9_33_x86.cab
[2007.05.31 19:23:54 | 001,575,336 | ---- | C] () -- C:\Programme\DEC2006_d3dx9_32_x86.cab
[2007.05.31 19:23:54 | 001,572,114 | ---- | C] () -- C:\Programme\DEC2006_d3dx9_32_x64.cab
[2007.05.31 19:23:54 | 001,363,684 | ---- | C] () -- C:\Programme\Feb2006_d3dx9_29_x64.cab
[2007.05.31 19:23:54 | 001,358,864 | ---- | C] () -- C:\Programme\Dec2005_d3dx9_28_x64.cab
[2007.05.31 19:23:54 | 001,351,430 | ---- | C] () -- C:\Programme\Aug2005_d3dx9_27_x64.cab
[2007.05.31 19:23:54 | 001,248,387 | ---- | C] () -- C:\Programme\Feb2005_d3dx9_24_x64.cab
[2007.05.31 19:23:54 | 001,085,608 | ---- | C] () -- C:\Programme\Feb2006_d3dx9_29_x86.cab
[2007.05.31 19:23:54 | 001,080,344 | ---- | C] () -- C:\Programme\Dec2005_d3dx9_28_x86.cab
[2007.05.31 19:23:54 | 001,078,532 | ---- | C] () -- C:\Programme\Aug2005_d3dx9_27_x86.cab
[2007.05.31 19:23:54 | 001,014,113 | ---- | C] () -- C:\Programme\Feb2005_d3dx9_24_x86.cab
[2007.05.31 19:23:54 | 000,699,465 | ---- | C] () -- C:\Programme\APR2007_d3dx10_33_x86.cab
[2007.05.31 19:23:54 | 000,213,767 | ---- | C] () -- C:\Programme\DEC2006_d3dx10_00_x64.cab
[2007.05.31 19:23:54 | 000,199,366 | ---- | C] () -- C:\Programme\APR2007_XACT_x64.cab
[2007.05.31 19:23:54 | 000,198,275 | ---- | C] () -- C:\Programme\FEB2007_XACT_x64.cab
[2007.05.31 19:23:54 | 000,193,435 | ---- | C] () -- C:\Programme\DEC2006_XACT_x64.cab
[2007.05.31 19:23:54 | 000,192,680 | ---- | C] () -- C:\Programme\DEC2006_d3dx10_00_x86.cab
[2007.05.31 19:23:54 | 000,183,863 | ---- | C] () -- C:\Programme\AUG2006_XACT_x64.cab
[2007.05.31 19:23:54 | 000,179,247 | ---- | C] () -- C:\Programme\Feb2006_XACT_x64.cab
[2007.05.31 19:23:54 | 000,154,825 | ---- | C] () -- C:\Programme\APR2007_XACT_x86.cab
[2007.05.31 19:23:54 | 000,151,583 | ---- | C] () -- C:\Programme\FEB2007_XACT_x86.cab
[2007.05.31 19:23:54 | 000,146,559 | ---- | C] () -- C:\Programme\DEC2006_XACT_x86.cab
[2007.05.31 19:23:54 | 000,138,195 | ---- | C] () -- C:\Programme\AUG2006_XACT_x86.cab
[2007.05.31 19:23:54 | 000,133,297 | ---- | C] () -- C:\Programme\Feb2006_XACT_x86.cab
[2007.05.31 19:23:54 | 000,100,417 | ---- | C] () -- C:\Programme\APR2007_xinput_x64.cab
[2007.05.31 19:23:54 | 000,088,102 | ---- | C] () -- C:\Programme\AUG2006_xinput_x64.cab
[2007.05.31 19:23:54 | 000,056,902 | ---- | C] () -- C:\Programme\APR2007_xinput_x86.cab
[2007.05.31 19:23:54 | 000,047,018 | ---- | C] () -- C:\Programme\AUG2006_xinput_x86.cab
[2007.05.31 19:23:52 | 013,265,040 | ---- | C] () -- C:\Programme\dxnt.cab
[2007.05.31 19:23:52 | 004,163,518 | ---- | C] () -- C:\Programme\Apr2006_MDX1_x86_Archive.cab
[2007.05.31 19:23:52 | 001,398,718 | ---- | C] () -- C:\Programme\Apr2006_d3dx9_30_x64.cab
[2007.05.31 19:23:52 | 001,348,242 | ---- | C] () -- C:\Programme\Apr2005_d3dx9_25_x64.cab
[2007.05.31 19:23:52 | 001,156,363 | ---- | C] () -- C:\Programme\BDANT.cab
[2007.05.31 19:23:52 | 001,116,109 | ---- | C] () -- C:\Programme\Apr2006_d3dx9_30_x86.cab
[2007.05.31 19:23:52 | 001,079,850 | ---- | C] () -- C:\Programme\Apr2005_d3dx9_25_x86.cab
[2007.05.31 19:23:52 | 000,976,020 | ---- | C] () -- C:\Programme\BDAXP.cab
[2007.05.31 19:23:52 | 000,917,318 | ---- | C] () -- C:\Programme\Apr2006_MDX1_x86.cab
[2007.05.31 19:23:52 | 000,702,212 | ---- | C] () -- C:\Programme\APR2007_d3dx10_33_x64.cab
[2007.05.31 19:23:52 | 000,180,021 | ---- | C] () -- C:\Programme\Apr2006_XACT_x64.cab
[2007.05.31 19:23:52 | 000,133,991 | ---- | C] () -- C:\Programme\Apr2006_XACT_x86.cab
[2007.05.31 19:23:52 | 000,087,989 | ---- | C] () -- C:\Programme\Apr2006_xinput_x64.cab
[2007.05.31 19:23:52 | 000,046,898 | ---- | C] () -- C:\Programme\Apr2006_xinput_x86.cab
[2007.03.04 21:35:48 | 000,000,084 | ---- | C] () -- C:\WINDOWS\StyleBuilder.INI
[2007.02.04 11:29:37 | 000,021,504 | ---- | C] () -- C:\WINDOWS\jestertb.dll
[2007.02.03 23:04:37 | 000,000,214 | -H-- | C] () -- C:\Dokumente und Einstellungen\Ich\Anwendungsdaten\xpy.ini
[2007.02.02 15:48:37 | 000,003,972 | ---- | C] () -- C:\WINDOWS\System32\drivers\PciBus.sys
[2007.01.29 16:48:00 | 000,229,888 | ---- | C] () -- C:\Dokumente und Einstellungen\Ich\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2007.01.26 16:50:31 | 000,025,054 | ---- | C] () -- C:\Dokumente und Einstellungen\Ich\Anwendungsdaten\wklnhst.dat
[2007.01.26 16:46:15 | 000,000,136 | ---- | C] () -- C:\Dokumente und Einstellungen\Ich\Lokale Einstellungen\Anwendungsdaten\fusioncache.dat
[2006.12.24 18:19:50 | 000,299,008 | ---- | C] () -- C:\WINDOWS\System32\LAME_MP3.dll
[2006.12.24 18:19:03 | 000,487,424 | ---- | C] () -- C:\WINDOWS\System32\CddbPlaylist2Samsung.dll
[2006.12.24 18:19:03 | 000,249,856 | ---- | C] () -- C:\WINDOWS\System32\CddbPlaylistSamsung.dll
[2006.12.24 18:18:44 | 000,921,600 | ---- | C] () -- C:\WINDOWS\System32\vorbisenc.dll
[2006.12.24 18:18:44 | 000,237,568 | ---- | C] () -- C:\WINDOWS\System32\OggDS.dll
[2006.12.24 18:18:44 | 000,188,416 | ---- | C] () -- C:\WINDOWS\System32\vorbis.dll
[2006.12.24 18:18:44 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\ogg.dll
[2006.08.29 16:59:33 | 000,000,237 | ---- | C] () -- C:\WINDOWS\Brownie.ini
[2006.08.29 16:59:33 | 000,000,141 | ---- | C] () -- C:\WINDOWS\BRVIDEO.INI
[2006.08.29 16:59:33 | 000,000,040 | ---- | C] () -- C:\WINDOWS\BRDIAG.INI
[2006.08.29 16:59:26 | 000,026,624 | ---- | C] () -- C:\WINDOWS\System32\BRGSRC32.DLL
[2006.08.29 16:59:26 | 000,009,030 | ---- | C] () -- C:\WINDOWS\HL-2030.INI
[2006.08.29 16:59:26 | 000,004,608 | ---- | C] () -- C:\WINDOWS\System32\BRGSRC16.DLL
[2006.08.29 16:59:06 | 000,000,432 | ---- | C] () -- C:\WINDOWS\BRWMARK.INI
[2006.08.24 15:50:28 | 000,069,632 | R--- | C] () -- C:\WINDOWS\System32\xmltok.dll
[2006.08.24 15:50:28 | 000,036,864 | R--- | C] () -- C:\WINDOWS\System32\xmlparse.dll
[2006.08.19 12:45:25 | 000,000,305 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\addr_file.html
[2006.08.15 21:24:23 | 000,002,927 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\QTSBandwidthCache
[2006.08.11 19:57:47 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2006.08.08 18:34:56 | 000,294,912 | ---- | C] () -- C:\WINDOWS\System32\mbr_sqlite.dll
[2006.08.04 23:58:35 | 000,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2006.07.29 16:52:06 | 000,000,122 | ---- | C] () -- C:\WINDOWS\SecurityandPrivacy2.ini
[2006.07.26 16:39:14 | 000,000,000 | ---- | C] () -- C:\WINDOWS\MSDraw.ini
[2006.06.10 18:47:10 | 000,271,360 | ---- | C] () -- C:\WINDOWS\System32\drivers\atksgt.sys
[2006.06.10 18:47:10 | 000,018,048 | ---- | C] () -- C:\WINDOWS\System32\drivers\lirsgt.sys
[2006.05.17 21:31:20 | 000,000,025 | ---- | C] () -- C:\WINDOWS\CDEC64Euro.ini
[2006.04.13 14:38:33 | 000,147,456 | ---- | C] () -- C:\WINDOWS\System32\SAICFG.dll
[2006.02.14 17:03:55 | 000,000,169 | ---- | C] () -- C:\WINDOWS\RtlRack.ini
[2006.02.12 14:27:40 | 000,000,053 | ---- | C] () -- C:\WINDOWS\Fahrenheit_Screen.ini
[2005.12.27 10:10:49 | 000,000,400 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2005.12.27 08:09:48 | 000,045,682 | ---- | C] () -- C:\WINDOWS\System32\Autorun.ini
[2005.12.27 08:05:05 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\eRLog.ini
[2005.10.28 19:32:17 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2005.10.22 07:38:52 | 000,001,024 | RH-- | C] () -- C:\WINDOWS\System32\NTIBUN4.dll
[2005.10.22 07:38:03 | 000,001,024 | RH-- | C] () -- C:\WINDOWS\System32\NTIMPEG2.dll
[2005.10.22 07:38:03 | 000,001,024 | RH-- | C] () -- C:\WINDOWS\System32\NTIMP3.dll
[2005.10.22 07:38:03 | 000,001,024 | RH-- | C] () -- C:\WINDOWS\System32\NTIFCD3.dll
[2005.10.22 07:38:03 | 000,001,024 | RH-- | C] () -- C:\WINDOWS\System32\NTICDMK7.dll
[2005.10.22 07:34:05 | 000,000,164 | ---- | C] () -- C:\WINDOWS\avrack.ini
[2005.10.22 07:34:02 | 000,156,672 | ---- | C] () -- C:\WINDOWS\System32\RtlCPAPI.dll
[2005.10.22 07:29:22 | 000,008,073 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini
[2005.10.22 07:23:00 | 000,003,776 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini
[2005.10.22 07:13:21 | 000,014,336 | ---- | C] () -- C:\WINDOWS\System32\msdmo(2).dll
[2005.04.28 05:22:34 | 000,831,488 | ---- | C] () -- C:\WINDOWS\System32\libeay32.dll
[2005.04.28 05:22:34 | 000,159,744 | ---- | C] () -- C:\WINDOWS\System32\ssleay32.dll
[2004.12.20 11:08:28 | 000,155,648 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2004.12.20 11:03:26 | 000,765,952 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2004.12.17 17:14:44 | 000,013,952 | ---- | C] () -- C:\WINDOWS\System32\drivers\UBHelper.sys
[2001.12.26 16:12:30 | 000,065,536 | R--- | C] () -- C:\WINDOWS\System32\multiplex_vcd.dll
[2001.09.03 23:46:38 | 000,110,592 | R--- | C] () -- C:\WINDOWS\System32\Hmpg12.dll
[2001.07.30 16:33:56 | 000,118,784 | R--- | C] () -- C:\WINDOWS\System32\HMPV2_ENC.dll
[2001.07.23 22:04:36 | 000,118,784 | R--- | C] () -- C:\WINDOWS\System32\HMPV2_ENC_MMX.dll
[1997.06.14 12:56:08 | 000,056,832 | ---- | C] () -- C:\WINDOWS\System32\iyvu9_32.dll
[1980.01.01 00:00:00 | 000,000,083 | ---- | C] () -- C:\WINDOWS\ALaunch.ini
< End of report >
--- --- ---

.Anti. 06.09.2010 23:19
OTL EXTRAS Logfile:
Code:
OTL Extras logfile created on: 07.09.2010 00:08:14 - Run 1
OTL by OldTimer - Version 3.2.11.0    Folder = C:\Dokumente und Einstellungen\Ich\Desktop\MFTools
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.11)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
1,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 41,00% Memory free
2,00 Gb Paging File | 2,00 Gb Available in Paging File | 66,00% Paging File free
Paging file location(s): C:\pagefile.sys 1024 1024 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 72,65 Gb Total Space | 15,11 Gb Free Space | 20,80% Space Free | Partition Type: FAT32
Drive D: | 73,45 Gb Total Space | 20,47 Gb Free Space | 27,88% Space Free | Partition Type: NTFS
Drive E: | 455,16 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
 
Computer Name: FINN
Current User Name: Ich
Logged in as Administrator.
 
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html [@ = Reg Error: Value error.] -- Reg Error: Key error. File not found
 
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- D:\Programme\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
========== Shell Spawning ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
htmlfile [edit] -- "C:\Programme\Microsoft Office\Office10\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [open] -- d:\programme\t-online\t-online_software_6\browser\browser.exe "%1" (T-Online International AG)
htmlfile [opennew] -- d:\programme\t-online\t-online_software_6\browser\browser.exe "%1" (T-Online International AG)
htmlfile [print] -- "C:\Programme\Microsoft Office\Office10\msohtmed.exe" /p %1 (Microsoft Corporation)
http [open] -- "D:\Programme\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)
https [open] -- "D:\Programme\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusOverride" = 0
"FirewallOverride" = 0
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring" = 1
"" =
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002
"58096:TCP" = 58096:TCP:*:Enabled:Pando Media Booster
"58096:UDP" = 58096:UDP:*:Enabled:Pando Media Booster
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002
"3724:TCP" = 3724:TCP:*:Enabled:Blizzard Downloader: 3724
"8394:TCP" = 8394:TCP:*:Enabled:League of Legends Launcher
"8394:UDP" = 8394:UDP:*:Enabled:League of Legends Launcher
"58096:TCP" = 58096:TCP:*:Enabled:Pando Media Booster
"58096:UDP" = 58096:UDP:*:Enabled:Pando Media Booster
"6965:TCP" = 6965:TCP:*:Enabled:League of Legends Launcher
"6965:UDP" = 6965:UDP:*:Enabled:League of Legends Launcher
 
========== Authorized Applications List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"D:\Programme\ICQ7.0\ICQ.exe" = D:\Programme\ICQ7.0\ICQ.exe:*:Enabled:ICQ7 -- (ICQ, LLC.)
"D:\Programme\ICQ7.0\aolload.exe" = D:\Programme\ICQ7.0\aolload.exe:*:Enabled:aolload.exe -- (AOL LLC)
"C:\Programme\Pando Networks\Media Booster\PMB.exe" = C:\Programme\Pando Networks\Media Booster\PMB.exe:*:Enabled:Pando Media Booster -- ()
"C:\Programme\MSN Messenger\livecall.exe" = C:\Programme\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone) -- (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"D:\Programme\LucasArts\Star Wars Battlefront II\GameData\BattlefrontII.exe" = D:\Programme\LucasArts\Star Wars Battlefront II\GameData\BattlefrontII.exe:*:Enabled:BattlefrontII -- ()
"D:\Programme\Xfire\Xfire.exe" = D:\Programme\Xfire\Xfire.exe:*:Enabled:Xfire -- File not found
"D:\Programme\BearShare\BearShare.exe" = D:\Programme\BearShare\BearShare.exe:*:Disabled:BearShare -- File not found
"D:\Programme\World of Warcraft\WoW-1.12.0-deDE-downloader.exe" = D:\Programme\World of Warcraft\WoW-1.12.0-deDE-downloader.exe:*:Enabled:Blizzard Downloader -- File not found
"D:\Programme\World of Warcraft\WoW-1.12.x-to-2.0.1-deDE-patch-downloader.exe" = D:\Programme\World of Warcraft\WoW-1.12.x-to-2.0.1-deDE-patch-downloader.exe:*:Enabled:Blizzard Downloader -- File not found
"D:\Programme\World of Warcraft\WoW-2.0.3-deDE-downloader.exe" = D:\Programme\World of Warcraft\WoW-2.0.3-deDE-downloader.exe:*:Enabled:Blizzard Downloader -- File not found
"D:\Programme\World of Warcraft\WoW-2.0.3.6299-to-2.0.10.6448-deDE-downloader.exe" = D:\Programme\World of Warcraft\WoW-2.0.3.6299-to-2.0.10.6448-deDE-downloader.exe:*:Enabled:Blizzard Downloader -- File not found
"D:\Programme\World of Warcraft\WoW-2.0.10.6448-to-2.0.12.6546-deDE-downloader.exe" = D:\Programme\World of Warcraft\WoW-2.0.10.6448-to-2.0.12.6546-deDE-downloader.exe:*:Enabled:Blizzard Downloader -- File not found
"D:\Programme\ICQ6\ICQ.exe" = D:\Programme\ICQ6\ICQ.exe:*:Enabled:ICQ6 -- File not found
"D:\Programme\World of Warcraft\BackgroundDownloader.exe" = D:\Programme\World of Warcraft\BackgroundDownloader.exe:*:Enabled:Blizzard Downloader -- File not found
"D:\Programme\World of Warcraft\WoW-2.0.12.6546-to-2.1.0.6692-deDE-downloader.exe" = D:\Programme\World of Warcraft\WoW-2.0.12.6546-to-2.1.0.6692-deDE-downloader.exe:*:Enabled:Blizzard Downloader -- File not found
"D:\Programme\World of Warcraft\WoWTest\WoW-0.2.0.7125-to-0.2.0.7153-deDE-downloader.exe" = D:\Programme\World of Warcraft\WoWTest\WoW-0.2.0.7125-to-0.2.0.7153-deDE-downloader.exe:*:Enabled:Blizzard Downloader -- File not found
"C:\Programme\Acer\Acer eConsole\MediaSync.exe" = C:\Programme\Acer\Acer eConsole\MediaSync.exe:LocalSubNet:Disabled:Media Synchoronizer -- File not found
"C:\WINDOWS\System32\dplaysvr.exe" = C:\WINDOWS\System32\dplaysvr.exe:*:Disabled:Microsoft DirectPlay Helper -- (Microsoft Corporation)
"D:\Programme\T-Online\T-Online_Software_6\Browser\browser.exe" = D:\Programme\T-Online\T-Online_Software_6\Browser\browser.exe:*:Disabled:T-Online Browser 6.0 -- (T-Online International AG)
"C:\Programme\LucasArts\Star Wars Republic Commando\GameData\System\SWRepublicCommando.exe" = C:\Programme\LucasArts\Star Wars Republic Commando\GameData\System\SWRepublicCommando.exe:*:Enabled:SWRepublicCommando -- File not found
"D:\Programme\World of Warcraft\WoW-2.2.3.7359-to-2.3.0.7561-deDE-downloader.exe" = D:\Programme\World of Warcraft\WoW-2.2.3.7359-to-2.3.0.7561-deDE-downloader.exe:*:Enabled:Blizzard Downloader -- File not found
"D:\Programme\Gamers.IRC\mirc.exe" = D:\Programme\Gamers.IRC\mirc.exe:*:Enabled:mIRC -- File not found
"D:\Programme\LimeWire\LimeWire.exe" = D:\Programme\LimeWire\LimeWire.exe:*:Enabled:LimeWire -- File not found
"D:\Programme\Atari\BOILING POINT\Xenus.exe" = D:\Programme\Atari\BOILING POINT\Xenus.exe:*:Enabled:Xenus -- File not found
"C:\Dokumente und Einstellungen\Ich\Desktop\Counter-Strike Source an DonMorten\hl2.exe" = C:\Dokumente und Einstellungen\Ich\Desktop\Counter-Strike Source an DonMorten\hl2.exe:*:Enabled:hl2 -- File not found
"C:\Dokumente und Einstellungen\Ich\Desktop\Battlefield 2\bf2_w32ded.exe" = C:\Dokumente und Einstellungen\Ich\Desktop\Battlefield 2\bf2_w32ded.exe:*:Enabled:bf2_w32ded -- File not found
"C:\Dokumente und Einstellungen\Ich\Desktop\Battlefield 2\BF2VoipServer.exe" = C:\Dokumente und Einstellungen\Ich\Desktop\Battlefield 2\BF2VoipServer.exe:*:Enabled:BF2VoipServer -- File not found
"D:\Programme\Ubisoft\Assassin's Creed\AssassinsCreed_Dx9.exe" = D:\Programme\Ubisoft\Assassin's Creed\AssassinsCreed_Dx9.exe:*:Enabled:Assassin's Creed Dx9 -- (Ubisoft)
"D:\Programme\Ubisoft\Assassin's Creed\AssassinsCreed_Dx10.exe" = D:\Programme\Ubisoft\Assassin's Creed\AssassinsCreed_Dx10.exe:*:Enabled:Assassin's Creed Dx10 -- (Ubisoft)
"D:\Programme\Ubisoft\Assassin's Creed\AssassinsCreed_Launcher.exe" = D:\Programme\Ubisoft\Assassin's Creed\AssassinsCreed_Launcher.exe:*:Enabled:Assassin's Creed Update -- (Ubisoft)
"C:\Programme\Steam\SteamApps\weithoff007\counter-strike source\hl2.exe" = C:\Programme\Steam\SteamApps\weithoff007\counter-strike source\hl2.exe:*:Enabled:hl2 -- File not found
"C:\Programme\Steam\SteamApps\weithoff007\day of defeat source\hl2.exe" = C:\Programme\Steam\SteamApps\weithoff007\day of defeat source\hl2.exe:*:Enabled:hl2 -- File not found
"C:\Programme\TeamViewer\Version4\TeamViewer.exe" = C:\Programme\TeamViewer\Version4\TeamViewer.exe:*:Enabled:TeamViewer Remote Control Application -- (TeamViewer GmbH)
"C:\Programme\Nokia\Nokia Software Updater\nsu_ui_client.exe" = C:\Programme\Nokia\Nokia Software Updater\nsu_ui_client.exe:*:Enabled:Nokia Software Updater -- (Nokia Corporation)
"C:\Programme\Java\jre6\bin\java.exe" = C:\Programme\Java\jre6\bin\java.exe:*:Enabled:Java(TM) Platform SE binary -- (Sun Microsystems, Inc.)
"D:\Programme\SiSoftware\SiSoftware Sandra Lite 2009.SP3c\RpcAgentSrv.exe" = D:\Programme\SiSoftware\SiSoftware Sandra Lite 2009.SP3c\RpcAgentSrv.exe:*:Enabled:SiSoftware Deployment Agent Service -- (SiSoftware)
"D:\Programme\Valve\hl.exe" = D:\Programme\Valve\hl.exe:*:Enabled:Half-Life Launcher -- File not found
"D:\Programme\Valve\hltv.exe" = D:\Programme\Valve\hltv.exe:*:Enabled:HLTV Launcher -- File not found
"D:\Programme\Counter-Strike 1.6\hl.exe" = D:\Programme\Counter-Strike 1.6\hl.exe:*:Enabled:Half-Life Launcher -- (Valve)
"D:\Programme\Rockstar Games\Grand Theft Auto IV\LaunchGTAIV.exe" = D:\Programme\Rockstar Games\Grand Theft Auto IV\LaunchGTAIV.exe:*:Enabled:Grand Theft Auto IV -- File not found
"C:\Programme\TravManager\TravManager-Client.exe" = C:\Programme\TravManager\TravManager-Client.exe:*:Enabled:TravManager -- File not found
"D:\Programme\Mozilla Firefox\TravManager-Client.exe" = D:\Programme\Mozilla Firefox\TravManager-Client.exe:*:Enabled:TravManager -- File not found
"D:\Programme\TravManager\TravManager.exe" = D:\Programme\TravManager\TravManager.exe:*:Enabled:TravManager -- File not found
"D:\Programme\GSC Game World\Cossacks II\Data\engine.exe" = D:\Programme\GSC Game World\Cossacks II\Data\engine.exe:*:Enabled:Cossacks 2: Napoleonic Wars -- File not found
"D:\Programme\Azureus\Azureus.exe" = D:\Programme\Azureus\Azureus.exe:*:Enabled:Azureus -- (Azureus Inc)
"D:\Programme\LucasArts\Star Wars Empire at War\GameData\sweaw.exe" = D:\Programme\LucasArts\Star Wars Empire at War\GameData\sweaw.exe:*:Enabled:Star Wars: Empire at War -- (Lucasfilm Entertainment Company, Ltd.)
"C:\Programme\Microsoft Games\Rise Of Legends\legends.exe" = C:\Programme\Microsoft Games\Rise Of Legends\legends.exe:*:Enabled:Rise Of Legends -- (Big Huge Games, Inc.)
"D:\Programme\ICQ6.5\ICQ.exe" = D:\Programme\ICQ6.5\ICQ.exe:*:Enabled:ICQ6 -- (ICQ, LLC.)
"C:\Programme\Steam\Steam.exe" = C:\Programme\Steam\Steam.exe:*:Enabled:Steam -- File not found
"D:\Programme\SiSoftware\SiSoftware Sandra Lite 2009.SP3c\WNt500x86\RpcSandraSrv.exe" = D:\Programme\SiSoftware\SiSoftware Sandra Lite 2009.SP3c\WNt500x86\RpcSandraSrv.exe:*:Enabled:SiSoftware Sandra Agent Service -- (SiSoftware)
"C:\Programme\TMbot\TM.EXE" = C:\Programme\TMbot\TM.EXE:*:Enabled:TMbot -- (TMbot.net)
"D:\Programme\Anno 1701\Anno1701.exe" = D:\Programme\Anno 1701\Anno1701.exe:*:Enabled:Anno 1701 -- (Related Designs Software GmbH)
"D:\Programme\ICQ7.0\ICQ.exe" = D:\Programme\ICQ7.0\ICQ.exe:*:Enabled:ICQ7 -- (ICQ, LLC.)
"D:\Programme\ICQ7.0\aolload.exe" = D:\Programme\ICQ7.0\aolload.exe:*:Enabled:aolload.exe -- (AOL LLC)
"D:\Programme\Steam\Steam.exe" = D:\Programme\Steam\Steam.exe:*:Enabled:Steam -- (Valve Corporation)
"C:\Dokumente und Einstellungen\Ich\Desktop\Counter-Strike Source\hl2.exe" = C:\Dokumente und Einstellungen\Ich\Desktop\Counter-Strike Source\hl2.exe:*:Disabled:hl2 -- ()
"D:\Programme\League of Legends\Air\LolClient.exe" = D:\Programme\League of Legends\Air\LolClient.exe:*:Enabled:League of Legends Lobby -- ()
"D:\Programme\League of Legends\Game\League of Legends.exe" = D:\Programme\League of Legends\Game\League of Legends.exe:*:Enabled:League of Legends Game Client -- ()
"C:\Programme\Pando Networks\Media Booster\PMB.exe" = C:\Programme\Pando Networks\Media Booster\PMB.exe:*:Enabled:Pando Media Booster -- ()
"D:\Programme\Steam\SteamApps\weithoff007\counter-strike source\hl2.exe" = D:\Programme\Steam\SteamApps\weithoff007\counter-strike source\hl2.exe:*:Enabled:Counter-Strike: Source -- ()
"C:\Dokumente und Einstellungen\Ich\Desktop\P18943431.JPG-www.facebook.exe" = C:\WINDOWS\nvsvc32.exe:*:Enabled:NVIDIA driver monitor -- ()
"C:\Programme\MSN Messenger\livecall.exe" = C:\Programme\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone) -- (Microsoft Corporation)
 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{03ADCA1C-BCF0-4B12-AFCF-8EBF2CB3AB07}" = SST Programming Software
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu
"{055EE59D-217B-43A7-ABFF-507B966405D8}" = ATI Catalyst Control Center
"{0684EECC-380C-4B97-8C51-5BDB9E4D679C}" = ArcSoft Software Suite
"{07287123-B8AC-41CE-8346-3D777245C35B}" = Bonjour
"{0863885D-E64B-9E5A-9747-03321A2D2A49}" = CCC Help Korean
"{0C40E716-2558-01E2-4797-484E4CCB2500}" = Catalyst Control Center Localization All
"{10FDD69C-2428-0FFB-12A2-2A6907D6282F}" = CCC Help Japanese
"{1373559F-6DC6-44EA-9079-6ABDCCE8CDAD}" = OviMPlatform
"{139DEC1F-D380-EB76-B0DF-88BC99B3B7BB}" = Catalyst Control Center Graphics Light
"{13F3917B56CD4C25848BDC69916971BB}" = DivX Converter
"{1451DE6B-ABE1-4F62-BE9A-B363A17588A2}" = QuickTime
"{1577A05B-EE62-4BBC-9DB7-FE748FA44EC2}" = NTI CD & DVD-Maker
"{18D10072035C4515918F7E37EAFAACFC}" = AutoUpdate
"{20140000-006D-0407-0000-0000000FF1CE}" = Microsoft Office Click-to-Run 2010 (Beta)
"{20140062-0062-0407-0000-0000000FF1CE}" = Microsoft Office Home and Business 2010 (Beta) - Deutsch
"{212748BB-0DA5-46DE-82A1-403736DC9F27}" = MSVC80_x86
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{2347E903-6299-A99F-C46C-05EB55912539}" = CCC Help Chinese Traditional
"{2638924D-DC58-4C40-BB1C-48C2B24B7B1B}" = T-Online Router Web-IF Management
"{26A24AE4-039D-4CA4-87B4-2F83216019FF}" = Java(TM) 6 Update 21
"{279DB581-239C-4E13-97F8-0F48E40BE75C}" = Windows Live Messenger
"{289CA3B4-9525-4B31-B58F-D76B2B52EA5A}" = SamsungMediaStudio
"{29F563F4-8807-4496-8463-441EAA0E96AB}" = PC Connectivity Solution
"{2B3A996D-CCBF-3D62-B0AD-EA05553D3CEE}" = CCC Help Chinese Standard
"{2BB99C64-7631-4AE9-A76F-ABAECFB723AF}" = Star Wars Battlefront II PS2 Server
"{2D10FC46-1D96-44C4-8855-85F21B9B011E}" = Ovi Desktop Sync Engine
"{2DF7B278-D3B6-40A4-B25C-0E7149F439EA}" = 3DMark05
"{300D2ECE-DA75-1623-871F-935A205FC450}" = CCC Help German
"{3248F0A8-6813-11D6-A77B-00B0D0150020}" = J2SE Runtime Environment 5.0 Update 2
"{3248F0A8-6813-11D6-A77B-00B0D0150060}" = J2SE Runtime Environment 5.0 Update 6
"{3248F0A8-6813-11D6-A77B-00B0D0150090}" = J2SE Runtime Environment 5.0 Update 9
"{3248F0A8-6813-11D6-A77B-00B0D0150100}" = J2SE Runtime Environment 5.0 Update 10
"{3248F0A8-6813-11D6-A77B-00B0D0160010}" = Java(TM) SE Runtime Environment 6 Update 1
"{3248F0A8-6813-11D6-A77B-00B0D0160050}" = Java(TM) 6 Update 5
"{3248F0A8-6813-11D6-A77B-00B0D0160070}" = Java(TM) 6 Update 7
"{33D7EA48-0E99-4C45-A4D2-27D5DB9AF50F}" = Pacz
"{350C97B3-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{36CDA33B-909B-4719-97D1-C4B99309BDC7}" = ATI Parental Control & Encoder
"{385979FE-DC4F-4140-8EAD-A59625000D72}" = NTI Backup NOW! 4
"{3EA9D975-BFDC-4E8E-B88B-0446FBC8CA66}" = ATI HYDRAVISION
"{3FA365DF-2D68-45ED-8F83-8C8A33E65143}" = Apple Application Support
"{3FC7CBBC4C1E11DCA1A752EA55D89593}" = DivX Version Checker
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4BF8A8A5-B3EA-6073-0457-669CC1E929C8}" = CCC Help Hungarian
"{501C0FDB-DCA5-E211-956C-26ADC4C54B66}" = Catalyst Control Center Core Implementation
"{50D25574-2C48-4AEC-8FFC-32AEAD2EAEFF}" = Nokia Ovi Player
"{579BA58C-F33D-4970-9953-B94B43768AC3}" = Grand Theft Auto IV
"{57F85CF9-B9EF-6C77-8095-A2CF95738099}" = CCC Help Danish
"{59E4543A-D49D-4489-B445-473D763C79AF}" = Microsoft Games for Windows - LIVE Redistributable
"{5D5B9E6A-344C-4976-95AB-ABBDC648E5DA}" = Microsoft IntelliType Pro 5.2
"{5DA6F06A-B389-407B-BF8C-1548767914D8}" = ATI Problem Report Wizard
"{5DE1B7CF-7429-40CA-987F-6BEE09B63787}" = Prime95
"{63369BBA-62FD-4AC0-8049-69F2E24B180E}" = Brother HL-2030
"{63569CE9-FA00-469C-AF5C-E5D4D93ACF91}" = Windows Genuine Advantage v1.3.0254.0
"{63A17691-ABC0-E86F-5D7A-A2F7EE36145E}" = CCC Help Dutch
"{6501E9B8-77C7-7D81-7F1A-4C2D7E36B403}" = CCC Help Italian
"{66A9D30D-1464-4C7F-B2F3-507DADAF2595}" = Microsoft IntelliPoint 6.3
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}" = MSVC80_x86_v2
"{6FE7F94E-7AF8-421F-9A19-04681A099AE3}" = TuneUp WinStyler
"{70B31335-50EE-4834-8431-27412CDE62BD}" = Nokia_Multimedia_Common_Components_2_5
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{72A5824D-08E9-9A96-2104-19E4FE86E5FA}" = CCC Help Spanish
"{767CC44C-9BBC-438D-BAD3-FD4595DD148B}" = VC80CRTRedist - 8.0.50727.762
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7907CAB0-6C4F-C554-34EA-93EAC98B42F9}" = CCC Help Turkish
"{7B63B2922B174135AFC0E1377DD81EC2}" = DivX Codec
"{7F3AD00A-1819-4B15-BB7D-08B3586336D7}" = 3DMark06
"{7F5A0E78-2B5A-4689-A91D-D60D83FC45E1}" = TM507 Webcam
"{8070452B-15D6-4169-B9B9-FCC3B54588AD}" = Nokia Ovi Suite
"{82982D26-D60E-27D8-361F-F14A8F6440E7}" = Catalyst Control Center HydraVision Full
"{87934EAD-CE6F-16C6-6004-73E092AA15A6}" = Catalyst Control Center Graphics Previews Common
"{88EB38EF-4D2C-436D-ABD3-56B232674062}" = ICQ7
"{89B80F72-CCD0-95C3-21CB-89BA03D98155}" = CCC Help Finnish
"{89DE67AD-08B8-4699-A55D-CA5C0AF82BF3}" = ATI AVIVO Codecs
"{8ADFC4160D694100B5B8A22DE9DCABD9}" = DivX Player
"{8CFA9151-6404-409A-AF22-4632D04582FD}" = Assassin's Creed
"{90120407-6000-11D3-8CFE-0050048383C9}" = Microsoft Office XP Standard
"{906D95BA-4515-59A5-F2E4-072B1E73BB75}" = CCC Help English
"{92DF2F1B-F63C-4D9A-B3E1-B2D11AE29790}" = Windows Presentation Foundation Language Pack (DEU)
"{943B6738-4801-4982-90EC-0442EF7AEB16}" = Kaspersky Anti-Virus 2010
"{95120000-00AF-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (German)
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{99AE7207-8612-4DBA-A8F8-BAE5C633390D}" = Star Wars Empire at War
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9D8BE52A-2C9A-91F2-310E-560CCE4FD247}" = CCC Help Russian
"{A0D62771-4353-8D52-44B8-0FCFF07D5FF1}" = ccc-core-preinstall
"{A0D65C73-F2C5-432F-8788-90F8A2E99B98}" = Nokia Ovi Suite Software Updater
"{A2023936-7D17-417D-8E8C-BD0062827D7B}" = Star Wars Battlefront II PC Server
"{A2433A63-5F5D-40E5-B529-9123C2B3E734}" = Anno 1701
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A3AE78AD-093F-57F1-280D-A31B0C1C1425}" = CCC Help Greek
"{A41A9C99-0029-783E-40C3-3AA0D1A6535D}" = CCC Help Polish
"{A680CE58-7B2C-9A45-D05F-5AC22DFA2F76}" = CCC Help Portuguese
"{A96E97134CA649888820BCDE5E300BBD}" = H.264 Decoder
"{A97B911E-8B1F-3B0F-F3D1-63B04084CC0F}" = Skins
"{AAC389499AEF40428987B3D30CFC76C9}" = MKV Splitter
"{AADEA55D-C834-4BCB-98A3-4B8D1C18F4EE}" = Apple Mobile Device Support
"{AC76BA86-7AD7-1033-7B44-A71000000002}" = Adobe Reader 7.1.0
"{AD3AE2EE-E0DB-7818-3F05-7E8B2FB22C49}" = CCC Help Norwegian
"{AEF9DC35ADDF4825B049ACBFD1C6EB37}" = AAC Decoder
"{AF111648-99A1-453E-81DD-80DBBF6DAD0D}" = MSVC90_x86
"{B1275E23-717A-4D52-997A-1AD1E24BC7F3}" = T-Online 6.0
"{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter
"{B26E3B0D-C2FA-4370-B068-7C476766F029}" = Microsoft Works
"{B414174C-97E4-9E8B-018E-AC77055D0107}" = CCC Help Thai
"{B6D0AACC-1F01-A901-5348-FF3599EFE70D}" = CCC Help French
"{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Web Player
"{B8A6F713-D72D-47AD-A92D-B5C0E13F98C1}" = NTI HomeVideo-Maker
"{B98604A2-5229-CBE6-98A4-A6D7C63B7458}" = ccc-utility
"{BAF78226-3200-4DB4-BE33-4D922A799840}" = Windows Presentation Foundation
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C19BE821-89B1-4A96-AC7C-873810C0CB5F}" = ContentSAFER for Wizmax
"{C2C284D2-6BD7-3B34-B0C5-B2CAED168DF7}" = Microsoft .NET Framework 3.0 Service Pack 2 Language Pack - DEU
"{C3113E55-7BCB-4de3-8EBF-60E6CE6B2196}_is1" = SiSoftware Sandra Lite 2009.SP3c
"{C314CE45-3392-3B73-B4E1-139CD41CA933}" = Microsoft .NET Framework 2.0 Service Pack 2 Language Pack - DEU
"{CADDE354-C78C-46CB-A006-E2B178EFC271}" = Rise Of Legends
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CBD1A47D-691E-56C2-AC6A-1B3F80E3EC14}" = CCC Help Swedish
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.2
"{D34313F7-B5E2-D3AF-FBB1-EF3ED1DEF5AB}" = CCC Help Czech
"{D3B1C799-CB73-42DE-BA0F-2344793A095C}" = Catalyst Control Center - Branding
"{E3A6437F-DE5B-6F3E-7BB3-39185D0BBDCE}" = ccc-core-static
"{E78BFA60-5393-4C38-82AB-E8019E464EB4}" = Microsoft .NET Framework 1.1 German Language Pack
"{EB1446FB-A3EF-D04D-C224-EEC74F11805F}" = Catalyst Control Center Graphics Full New
"{EF4F620F-F295-41D7-92C0-6B635709C850}" = Nokia Software Updater
"{EFE1AB94-5466-4B6E-BE31-FF4C115FD25D}" = Max Payne 2
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F1FDAA01-988C-423F-AC12-0D8F333943FD}" = Nokia Connectivity Cable Driver
"{F27483DD-A574-441E-AC55-69625B58D562}" = Brother HL-2035
"{F2A7F421-1679-48D5-B918-96999014ED53}" = Microsoft .NET Framework 3.0 German Language Pack
"{FB08F381-6533-4108-B7DD-039E11FBC27E}" = Realtek AC'97 Audio
"{FCE65C4E-B0E8-4FBD-AD16-EDCBE6CD591F}" = HighMAT-Erweiterung für den Microsoft Windows XP-Assistenten zum Schreiben von CDs
"{FE931AAE-B6D9-8A02-60C7-EF4862306F58}" = Catalyst Control Center Graphics Full Existing
"0C5EDC3653FED5B121F464339EAC12534D253B25" = Windows-Treiberpaket - Nokia Modem  (02/15/2007 3.1)
"3268-0050-5993-6102" = TMbot 2.3.0.0
"3B18191663CDFABAA2A93D4267E54D683153FF60" = Windows-Treiberpaket - Advanced Micro Devices (AmdK8) Processor  (05/27/2006 1.3.2.0)
"504244733D18C8F63FF584AEB290E3904E791693" = Windows-Treiberpaket - Nokia pccsmcfd  (08/22/2008 7.0.0.0)
"678B5665-C9E7-4853-91C9-05A2FD16B179_is1" = Registry CleanUP 2007 1.5
"9CD348AE9C64C4B939B624E8E24F3903EFDFC82B" = Windows-Treiberpaket - Nokia Modem  (05/22/2008 7.00.0.1)
"Adobe AIR" = Adobe AIR
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player
"AdvancedRemoteInfo_is1" = AdvancedRemoteInfo
"All ATI Software" = ATI - Dienstprogramm zur Deinstallation der Software
"Ask Toolbar_is1" = Ask Toolbar
"ATI Display Driver" = ATI Display Driver
"AVerMedia A700 (DVB-S and NTSC/PAL/SECAM/FM)" = AVerMedia A700 (DVB-S and NTSC/PAL/SECAM/FM) 3.5.0.20
"AVGantiRootkit" = AVG Anti-Rootkit Free
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"Azureus" = Azureus
"B726756F5B5A5AA9D798B399386FC6205A45F19E" = Windows-Treiberpaket - Nokia Modem  (02/15/2007 3.1)
"C5A76DC11BABDA0A881E7BE8DDEB641365A77FFD" = Windows-Treiberpaket - Nokia Modem  (05/22/2008 3.8)
"CBF192A85B624E32B8D19ADEEF2DCFC5BC3AA73A" = Windows-Treiberpaket - Nokia Modem  (03/05/2008 3.7)
"CD8424B9400BFF7D34AA18F816C71322AC4BDAA7" = Windows-Treiberpaket - Nokia Modem  (05/24/2007 6.84.0.1)
"Cossacks : Back To War" = Cossacks - Back To War
"Counter-Strike 1.6_is1" = Counter-Strike 1.6
"DAEMON Tools Toolbar" = DAEMON Tools Toolbar
"DivX Plus DirectShow Filters" = DivX Plus DirectShow Filters
"E092B2EBF2FFE83E896F8F7F829A7B5D7D1B2F9D" = Windows-Treiberpaket - Nokia Modem  (03/13/2008 6.86.0.1)
"EVEREST Home Edition_is1" = EVEREST Home Edition v2.20
"Fraps" = Fraps
"Free Audio CD Burner_is1" = Free Audio CD Burner version 1.4
"Free Quick Keylogger" = Free Quick Keylogger
"Free Studio_is1" = Free Studio version 4.2
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.8
"Freez FLV to AVI/MPEG/WMV Converter 1.5_is1" = Freez FLV to AVI/MPEG/WMV Converter
"Freez FLV to MP3 Converter V1.2_is1" = Freez FLV to MP3 Converter
"Gamers.IRC" = Gamers.IRC 5.00
"GameSpy Arcade" = GameSpy Arcade
"guelcan_und_collien_screensaver.scr" = guelcan_und_collien_screensaver
"ICQToolbar" = ICQ Toolbar
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie7" = Windows Internet Explorer 7
"InstallShield_{CADDE354-C78C-46CB-A006-E2B178EFC271}" = Rise Of Legends
"InstallWIX_{943B6738-4801-4982-90EC-0442EF7AEB16}" = Kaspersky Anti-Virus 2010
"Lame MP3 Codec (for the ACM)" = Lame ACM MP3 Codec
"League of Legends_is1" = League of Legends
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 1.1  (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.0 German Language Pack" = Microsoft .NET Framework 3.0 German Language Pack
"Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"mIRC" = mIRC
"Mozilla Firefox (3.5.11)" = Mozilla Firefox (3.5.11)
"Mozilla Thunderbird (2.0.0.24)" = Mozilla Thunderbird (2.0.0.24)
"Mp3tag" = Mp3tag v2.46a
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"MSNINST" = MSN
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"Nokia Ovi Suite" = Nokia Ovi Suite
"Office14.Click2Run" = Microsoft Office Click-to-Run 2010 (Beta)
"ShockwaveFlash" = Adobe Flash Player 9 ActiveX
"Skype_is1" = Skype (BETA)
"Source Violence Patch 1.5 BETA v2_is1" = Source Violence Patch 1.5 BETA
"ST5UNST #1" = Hear! 1.3
"Steam App 240" = Counter-Strike: Source
"SystemRequirementsLab" = System Requirements Lab
"Teamspeak 2 RC2_is1" = TeamSpeak 2 RC2
"TeamViewer 4" = TeamViewer 4
"TMbot_0" = TMbot 2.7.9
"UltraDefrag" = Ultra Defragmenter
"Uninstall_is1" = Uninstall 1.0.0.1
"VP3 Codec Version 3.2.6.1" = VP3 Codec Version 3.2.6.1
"Wdf01005" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
"Wdf01007" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.7
"Wdf01009" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.9
"WIC" = Windows Imaging Component
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinRAR archiver" = WinRAR
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01009" = Microsoft User-Mode Driver Framework Feature Pack 1.9
"Xfire" = Xfire (remove only)
"XpsEPSC" = XML Paper Specification Shared Components Pack 1.0
"XPSEPSCLP" = XML Paper Specification Shared Components Language Pack 1.0
"XviD_is1" = XviD MPEG-4 Video Codec
 
========== HKEY_CURRENT_USER Uninstall List ==========
 
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome
"World of Warcraft Trial" = Probeversion von World of Warcraft
 
========== Last 10 Event Log Errors ==========
 
[ Application Events ]
Error - 06.09.2010 14:24:13 | Computer Name = FINN | Source = OviSuite | ID = 1
Description =
 
Error - 06.09.2010 14:24:13 | Computer Name = FINN | Source = OviSuite | ID = 1
Description =
 
Error - 06.09.2010 14:24:14 | Computer Name = FINN | Source = OviSuite | ID = 1
Description =
 
Error - 06.09.2010 14:24:14 | Computer Name = FINN | Source = OviSuite | ID = 1
Description =
 
Error - 06.09.2010 14:24:14 | Computer Name = FINN | Source = OviSuite | ID = 1
Description =
 
Error - 06.09.2010 14:24:14 | Computer Name = FINN | Source = OviSuite | ID = 1
Description =
 
Error - 06.09.2010 14:28:39 | Computer Name = FINN | Source = OviSuite | ID = 1
Description =
 
Error - 06.09.2010 14:45:01 | Computer Name = FINN | Source = OviSuite | ID = 1
Description =
 
Error - 06.09.2010 14:45:03 | Computer Name = FINN | Source = OviSuite | ID = 1
Description =
 
Error - 06.09.2010 14:45:03 | Computer Name = FINN | Source = OviSuite | ID = 1
Description =
 
[ System Events ]
Error - 06.09.2010 17:29:19 | Computer Name = FINN | Source = Service Control Manager | ID = 7034
Description = Dienst "Bonjour-Dienst" wurde unerwartet beendet. Dies ist bereits
 1 Mal passiert.
 
Error - 06.09.2010 17:29:19 | Computer Name = FINN | Source = Service Control Manager | ID = 7034
Description = Dienst "ICQ Service" wurde unerwartet beendet. Dies ist bereits 1
Mal passiert.
 
Error - 06.09.2010 17:29:19 | Computer Name = FINN | Source = Service Control Manager | ID = 7034
Description = Dienst "Java Quick Starter" wurde unerwartet beendet. Dies ist bereits
 1 Mal passiert.
 
Error - 06.09.2010 17:29:19 | Computer Name = FINN | Source = Service Control Manager | ID = 7034
Description = Dienst "Application Virtualization Service Agent" wurde unerwartet
 beendet. Dies ist bereits 1 Mal passiert.
 
Error - 06.09.2010 17:29:19 | Computer Name = FINN | Source = Service Control Manager | ID = 7034
Description = Dienst "SecuROM User Access Service (V7)" wurde unerwartet beendet.
 Dies ist bereits 1 Mal passiert.
 
Error - 06.09.2010 17:29:20 | Computer Name = FINN | Source = Service Control Manager | ID = 7034
Description = Dienst "Application Virtualization Client" wurde unerwartet beendet.
 Dies ist bereits 1 Mal passiert.
 
Error - 06.09.2010 17:29:20 | Computer Name = FINN | Source = Service Control Manager | ID = 7034
Description = Dienst "Client Virtualization Handler" wurde unerwartet beendet. Dies
 ist bereits 1 Mal passiert.
 
Error - 06.09.2010 17:35:08 | Computer Name = FINN | Source = sr | ID = 1
Description = Beim Verarbeiten der Datei "" auf Volume "HarddiskVolume2" ist im
Wiederherstellungsfilter der unerwartete Fehler "0xC0000001" aufgetreten. Die Volumeüberwachung
 wurde angehalten.
 
Error - 06.09.2010 17:36:23 | Computer Name = FINN | Source = Service Control Manager | ID = 7000
Description = Der Dienst "int15.sys" wurde aufgrund folgenden Fehlers nicht gestartet:
  %%3
 
Error - 06.09.2010 17:37:37 | Computer Name = FINN | Source = Service Control Manager | ID = 7026
Description = Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
  gagp30kx  PCIIde  viaagp1  ViaIde
 
 
< End of report >
--- --- ---

john.doe 07.09.2010 17:42
Hallo .Anti. und :hallo:

Eine Bereinigung ist mitunter mit viel Arbeit für Dich verbunden.
  • Bitte arbeite alle Schritte der Reihe nach ab.
  • Lies die Anleitungen sorgfältig. Sollte es Probleme geben, bitte stoppen und hier so gut es geht beschreiben.
  • Nur Scanns durchführen zu denen Du von einem Helfer aufgefordert wirst.
  • Bitte kein Crossposting ( posten in mehreren Foren).
  • Installiere oder Deinstalliere während der Bereinigung keine Software ausser Du wurdest dazu aufgefordert.
  • Lese Dir die Anleitung zuerst vollständig durch. Sollte etwas unklar sein, frage bevor Du beginnst.

Hinweis: Ich kann Dir niemals eine Garantie geben, dass ich auch alles finde. Eine Formatierung ist meist der Schnellere und immer der sicherste Weg.

Solltest Du Dich für eine Bereinigung entscheiden, arbeite solange mit, bis dir jemand vom Team sagt, dass Du clean bist.

1.) Lade die Dateien
Zitat:
C:\WINDOWS\nvsvc32.exe
C:\WINDOWS\system32\Macromed\Shockwave 10\PostUpdate.exe
C:\WINDOWS\System32\drivers\kilkv.sys
bitte bei uns hoch. Die Dateien sind z.T. nicht sichtbar. Markiere jeweils eine Zeile in der Box, kopiere sie und füge sie im Uploadchannel ein. => http://www.trojaner-board.de/54791-a...ner-board.html

2.) Von Malwarebytes möchte ich einen vollständigen Scan. Vor dem Scan updaten.

3.) Deinstalliere alle Antivirenprogramme bis auf Eines (egal ob AVG, Avira oder Kaspersky). Setze die Removaltools der Hersteller ein.

4.) Poste beide Logs von RSIT => http://www.trojaner-board.de/74910-a...tion-tool.html

ciao, andreas

.Anti. 07.09.2010 19:25
Hi!

Danke erstmal für deine Hilfe :)

Also, ich habe

Zitat:
C:\WINDOWS\system32\Macromed\Shockwave 10\PostUpdate.exe
hochgeladen, die beiden anderen Dateien konnte ich leider nicht finden, obwohl ich versteckte Dateien, etc eingeschaltet habe.
Das könnte evtl. daran liegen, dass ich den ganzen Tag schon alle möglichen Virenscanner durchlaufen lasse, die alle die ein oder andere Datei löschen.

Werde mich jetzt an die Scans machen.


MfG Finn

PS: Wo sieht man die hochgeladene Datei? Eure Seite war down, während ich geuploaded habe... Es kam jedoch eine Bestätigung, dass der Upload erfolgreich war.

john.doe 07.09.2010 20:04
Zitat:
Wo sieht man die hochgeladene Datei?
Du gar nicht, sie ist aber angekommen und war wie erwartet sauber. Die anderen beiden waren garantiert Schädlinge.
Zitat:
die alle die ein oder andere Datei löschen.
Die dürften jetzt nicht mehr in den RSIT-Logs auftauchen. Hast du die Logs von den Löschungen noch? Wären schon wichtig.

ciao, andreas

.Anti. 07.09.2010 20:07
Ich schaue gleich mal nach den alten Logs...

Der Malwarebyte Bericht wird glaub ich noch eine Weile dauern, scannt jetzt schon 40min...

Kann ich den RSIT-Scan gleichzeitig laufen lassen?

LG

john.doe 07.09.2010 20:08
Zitat:
Kann ich den RSIT-Scan gleichzeitig laufen lassen?
Ja.

ciao, andreas

.Anti. 07.09.2010 20:15
info.txt (RSIT)

[QUOTE]info.txtRSIT Logfile:
Code:
logfile of random's system information tool 1.08 2010-09-07 21:12:56

======Uninstall list======

-->C:\Programme\DivX\DivXConverterUninstall.exe /CONVERTER
-->RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{52739387-B81C-4C55-9593-EB7A1044A657}\Setup.exe" -L0x7
-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
3DMark05-->RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{2DF7B278-D3B6-40A4-B25C-0E7149F439EA}\setup.exe" -l0x9  -removeonly
3DMark06-->RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{7F3AD00A-1819-4B15-BB7D-08B3586336D7}\setup.exe" -l0x9  -removeonly
Adobe AIR-->c:\Programme\Gemeinsame Dateien\Adobe AIR\Versions\1.0\Resources\Adobe AIR Updater.exe -arp:uninstall
Adobe AIR-->MsiExec.exe /I{A2BCA9F1-566C-4805-97D1-7FDC93386723}
Adobe Flash Player 10 Plugin-->C:\WINDOWS\system32\Macromed\Flash\FlashUtil10i_Plugin.exe -maintain plugin
Adobe Flash Player 9 ActiveX-->C:\WINDOWS\system32\Macromed\Flash\FlashUtil9b.exe -uninstallDelete
Adobe Reader 7.1.0-->MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A71000000002}
Adobe Shockwave Player 11.5-->"C:\WINDOWS\system32\Adobe\Shockwave 11\uninstaller.exe"
AdvancedRemoteInfo-->"C:\Programme\AdvancedRemoteInfo\unins000.exe"
Anno 1701-->RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{A2433A63-5F5D-40E5-B529-9123C2B3E734}\setup.exe" -l0x7  -removeonly
Apple Application Support-->MsiExec.exe /I{3FA365DF-2D68-45ED-8F83-8C8A33E65143}
Apple Mobile Device Support-->MsiExec.exe /I{AADEA55D-C834-4BCB-98A3-4B8D1C18F4EE}
Apple Software Update-->MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033}
ArcSoft Software Suite-->RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{0684EECC-380C-4B97-8C51-5BDB9E4D679C}\setup.exe" -l0x7
Ask Toolbar-->"C:\Programme\AskBarDis\unins000.exe"
Assassin's Creed-->C:\Programme\InstallShield Installation Information\{8CFA9151-6404-409A-AF22-4632D04582FD}\setup.exe -runfromtemp -l0x0007 -removeonly
ATI - Dienstprogramm zur Deinstallation der Software-->C:\Programme\ATI Technologies\UninstallAll\AtiCimUn.exe
ATI AVIVO Codecs-->MsiExec.exe /I{89DE67AD-08B8-4699-A55D-CA5C0AF82BF3}
ATI Catalyst Control Center-->RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{055EE59D-217B-43A7-ABFF-507B966405D8}\setup.exe" -l0x0
ATI Display Driver-->rundll32 C:\WINDOWS\system32\atiiiexx.dll,_InfEngUnInstallINFFile_RunDLL@16 -force_restart -flags:0x2010001 -inf_class:DISPLAY -clean
ATI HYDRAVISION-->RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{3EA9D975-BFDC-4E8E-B88B-0446FBC8CA66}\setup.exe"
ATI Parental Control & Encoder-->MsiExec.exe /I{36CDA33B-909B-4719-97D1-C4B99309BDC7}
ATI Problem Report Wizard-->MsiExec.exe /X{5DA6F06A-B389-407B-BF8C-1548767914D8}
AVerMedia A700 (DVB-S and NTSC/PAL/SECAM/FM) 3.5.0.20-->C:\Programme\AVerMedia\AVerMedia A700 (DVB-S and NTSC_PAL_SECAM_FM)\uninst.exe
AVG Anti-Rootkit Free-->D:\Programme\GRISOFT\AVG Anti-Rootkit Free\Uninstall.exe
Avira AntiVir Personal - Free Antivirus-->C:\Programme\Avira\AntiVir Desktop\setup.exe /REMOVE
Azureus-->D:\Programme\Azureus\Uninstall.exe
Bonjour-->MsiExec.exe /I{07287123-B8AC-41CE-8346-3D777245C35B}
Brother HL-2030-->RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{63369BBA-62FD-4AC0-8049-69F2E24B180E}\SETUP.exe" -l0x7  -removeonly /uninst
Brother HL-2035-->RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\PROFES~1\RunTime\10\00\Intel32\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{F27483DD-A574-441E-AC55-69625B58D562}\SETUP.exe" -l0x7  -removeonly /uninst
Catalyst Control Center - Branding-->MsiExec.exe /I{D3B1C799-CB73-42DE-BA0F-2344793A095C}
Cossacks - Back To War-->C:\WINDOWS\una2setup.exe
Counter-Strike 1.6-->"D:\Programme\Counter-Strike 1.6\unins000.exe"
Counter-Strike: Source-->"D:\Programme\Steam\steam.exe" steam://uninstall/240
DAEMON Tools Toolbar-->C:\Programme\DAEMON Tools Toolbar\uninst.exe
DivX Codec-->C:\Programme\DivX\DivXCodecUninstall.exe /CODEC
DivX Converter-->C:\Programme\DivX\DivXConverterUninstall.exe /CONVERTER
DivX Player-->C:\Programme\DivX\DivXPlayerUninstall.exe /PLAYER
DivX Plus DirectShow Filters-->C:\Programme\DivX\DivXDSFiltersUninstall.exe /DSFILTERS
DivX Web Player-->C:\Programme\DivX\DivXWebPlayerUninstall.exe /PLUGIN
EVEREST Home Edition v2.20-->"C:\Programme\Lavalys\EVEREST Home Edition\unins000.exe"
Fraps-->"D:\Programme\Fraps\uninstall.exe"
Free Audio CD Burner version 1.4-->"C:\Programme\DVDVideoSoft\Free Audio CD Burner\unins000.exe"
Free Studio version 4.2-->"C:\Programme\DVDVideoSoft\Free Studio\unins000.exe"
Free YouTube to MP3 Converter version 3.8-->"D:\Programme\DVDVideoSoft\Free YouTube to MP3 Converter\unins000.exe"
Freez FLV to AVI/MPEG/WMV Converter-->"D:\Programme\Smallvideosoft\Freez FLV to AVI MPEG WMV Converter\unins000.exe"
Freez FLV to MP3 Converter-->"D:\Programme\Smallvideosoft\Freez FLV to MP3 Converter\unins000.exe"
Gamers.IRC 5.00-->D:\Programme\Gamers.IRC\uninstall.exe
GameSpy Arcade-->C:\PROGRA~1\GAMESP~1\UNWISE.EXE C:\PROGRA~1\GAMESP~1\INSTALL.LOG
Google Toolbar for Internet Explorer-->regsvr32 /u /s "c:\programme\google\googletoolbar3.dll"
Grand Theft Auto IV-->"C:\Programme\InstallShield Installation Information\{579BA58C-F33D-4970-9953-B94B43768AC3}\setup.exe" -runfromtemp -l0x0007 -removeonly
guelcan_und_collien_screensaver-->C:\WINDOWS\guelcan_und_collien_screensaver.scr /U
Hear! 1.3-->C:\WINDOWS\ST5UNST.EXE -n "c:\Programme\Hear!1.3\ST5UNST.LOG" 
High Definition Audio Driver Package - KB888111-->"C:\WINDOWS\$NtUninstallKB888111WXPSP2$\spuninst\spuninst.exe"
HighMAT-Erweiterung für den Microsoft Windows XP-Assistenten zum Schreiben von CDs-->MsiExec.exe /X{FCE65C4E-B0E8-4FBD-AD16-EDCBE6CD591F}
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall  /qb+ REBOOTPROMPT=""
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {A7EEA2F2-BFCD-4A54-A575-7B81A786E658} /qb+ REBOOTPROMPT=""
Hotfix for Windows Media Format 11 SDK (KB929399)-->"C:\WINDOWS\$NtUninstallKB929399$\spuninst\spuninst.exe"
Hotfix für Windows Internet Explorer 7 (KB947864)-->"C:\WINDOWS\ie7updates\KB947864-IE7\spuninst\spuninst.exe"
Hotfix für Windows Media Player 11 (KB939683)-->"C:\WINDOWS\$NtUninstallKB939683$\spuninst\spuninst.exe"
Hotfix für Windows XP (KB952287)-->"C:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe"
Hotfix für Windows XP (KB961118)-->"C:\WINDOWS\$NtUninstallKB961118$\spuninst\spuninst.exe"
Hotfix für Windows XP (KB970653-v3)-->"C:\WINDOWS\$NtUninstallKB970653-v3$\spuninst\spuninst.exe"
Hotfix für Windows XP (KB976098-v2)-->"C:\WINDOWS\$NtUninstallKB976098-v2$\spuninst\spuninst.exe"
Hotfix für Windows XP (KB979306)-->"C:\WINDOWS\$NtUninstallKB979306$\spuninst\spuninst.exe"
Hotfix für Windows XP (KB981793)-->"C:\WINDOWS\$NtUninstallKB981793$\spuninst\spuninst.exe"
ICQ Toolbar-->C:\Programme\ICQ6Toolbar\ICQUnToolbar.exe
ICQ7-->"C:\Programme\InstallShield Installation Information\{88EB38EF-4D2C-436D-ABD3-56B232674062}\ICQ7.exe" -runfromtemp -l0x0009 -removeonly
J2SE Runtime Environment 5.0 Update 10-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150100}
J2SE Runtime Environment 5.0 Update 2-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150020}
J2SE Runtime Environment 5.0 Update 6-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150060}
J2SE Runtime Environment 5.0 Update 9-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150090}
Java(TM) 6 Update 21-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216019FF}
Java(TM) 6 Update 5-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160050}
Java(TM) 6 Update 7-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160070}
Java(TM) SE Runtime Environment 6 Update 1-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160010}
Lame ACM MP3 Codec-->"C:\WINDOWS\IFinst26.exe" -UD:\Programme\Lame MP3 Codec\IFU46.inf
League of Legends-->"D:\Programme\League of Legends\unins000.exe"
Malwarebytes' Anti-Malware-->"D:\Programme\Malwarebytes' Anti-Malware\unins000.exe"
Max Payne 2-->RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{EFE1AB94-5466-4B6E-BE31-FF4C115FD25D}\setup.exe" -l0x7
Microsoft .NET Framework 1.1 German Language Pack-->MsiExec.exe /X{E78BFA60-5393-4C38-82AB-E8019E464EB4}
Microsoft .NET Framework 1.1 Security Update (KB979906)-->"C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\M979906\M979906Uninstall.msp"
Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 2.0 Service Pack 2 Language Pack - DEU-->MsiExec.exe /I{C314CE45-3392-3B73-B4E1-139CD41CA933}
Microsoft .NET Framework 2.0 Service Pack 2-->MsiExec.exe /I{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}
Microsoft .NET Framework 3.0 German Language Pack-->c:\WINDOWS\Microsoft.NET\Framework\v3.0\Microsoft .NET Framework 3.0 German Language Pack\setup.exe
Microsoft .NET Framework 3.0 German Language Pack-->MsiExec.exe /X{F2A7F421-1679-48D5-B918-96999014ED53}
Microsoft .NET Framework 3.0 Service Pack 2 Language Pack - DEU-->MsiExec.exe /I{C2C284D2-6BD7-3B34-B0C5-B2CAED168DF7}
Microsoft .NET Framework 3.0 Service Pack 2-->MsiExec.exe /I{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}
Microsoft .NET Framework 3.5 Language Pack SP1 - DEU-->C:\WINDOWS\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 Language Pack SP1 - deu\setup.exe
Microsoft .NET Framework 3.5 Language Pack SP1 - deu-->MsiExec.exe /I{052FDD78-A6EA-3187-8386-C82F4CA3A929}
Microsoft .NET Framework 3.5 SP1-->C:\WINDOWS\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe
Microsoft .NET Framework 3.5 SP1-->MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}
Microsoft Compression Client Pack 1.0 for Windows XP-->"C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe"
Microsoft Games for Windows - LIVE Redistributable-->MsiExec.exe /X{59E4543A-D49D-4489-B445-473D763C79AF}
Microsoft Internationalized Domain Names Mitigation APIs-->"C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$\spuninst\spuninst.exe"
Microsoft Kernel-Mode Driver Framework Feature Pack 1.5-->"C:\WINDOWS\$NtUninstallWdf01005$\spuninst\spuninst.exe"
Microsoft Kernel-Mode Driver Framework Feature Pack 1.7-->"C:\WINDOWS\$NtUninstallWdf01007$\spuninst\spuninst.exe"
Microsoft Kernel-Mode Driver Framework Feature Pack 1.9-->"C:\WINDOWS\$NtUninstallWdf01009$\spuninst\spuninst.exe"
Microsoft National Language Support Downlevel APIs-->"C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$\spuninst\spuninst.exe"
Microsoft Office Click-to-Run 2010 (Beta)-->"C:\PROGRA~1\GEMEIN~1\MICROS~1\VIRTUA~1\CVHBS.EXE" /removeall
Microsoft Office Click-to-Run 2010 (Beta)-->MsiExec.exe /I{20140000-006D-0407-0000-0000000FF1CE}
Microsoft Office Home and Business 2010 (Beta) - Deutsch-->C:\Programme\Gemeinsame Dateien\microsoft shared\virtualization handler\cvhbs.exe /uninstall {20140062-0062-0407-0000-0000000FF1CE}
Microsoft Office PowerPoint Viewer 2007 (German)-->MsiExec.exe /X{95120000-00AF-0407-0000-0000000FF1CE}
Microsoft Office XP Standard-->MsiExec.exe /I{90120407-6000-11D3-8CFE-0050048383C9}
Microsoft User-Mode Driver Framework Feature Pack 1.9-->"C:\WINDOWS\$NtUninstallWudf01009$\spuninst\spuninst.exe"
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053-->MsiExec.exe /X{770657D0-A123-3C07-8E44-1C83EC895118}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148-->MsiExec.exe /X{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475}
Microsoft Works-->MsiExec.exe /I{B26E3B0D-C2FA-4370-B068-7C476766F029}
mIRC-->"D:\Programme\Gamers.IRC\mirc.exe" -uninstall
Mozilla Firefox (3.5.11)-->D:\Programme\Mozilla Firefox\uninstall\helper.exe
Mozilla Thunderbird (2.0.0.24)-->C:\Programme\Mozilla Thunderbird\uninstall\helper.exe
Mp3tag v2.46a-->D:\Programme\Mp3tag\Mp3tagUninstall.EXE
MSN-->C:\Programme\MSN\MsnInstaller\msninst.exe /Action:ARP
MSVC80_x86_v2-->MsiExec.exe /I{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}
MSVC80_x86-->MsiExec.exe /I{212748BB-0DA5-46DE-82A1-403736DC9F27}
MSVC90_x86-->MsiExec.exe /I{AF111648-99A1-453E-81DD-80DBBF6DAD0D}
MSXML 4.0 SP2 (KB927978)-->MsiExec.exe /I{37477865-A3F1-4772-AD43-AAFC6BCFF99F}
MSXML 4.0 SP2 (KB936181)-->MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF}
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
MSXML 4.0 SP2 (KB973688)-->MsiExec.exe /I{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}
MSXML 6 Service Pack 2 (KB954459)-->MsiExec.exe /I{1A528690-6A2D-4BC5-B143-8C4AE8D19D96}
Nokia Connectivity Cable Driver-->MsiExec.exe /I{F1FDAA01-988C-423F-AC12-0D8F333943FD}
Nokia Ovi Player-->MsiExec.exe /I{50D25574-2C48-4AEC-8FFC-32AEAD2EAEFF}
Nokia Ovi Suite Software Updater-->MsiExec.exe /X{A0D65C73-F2C5-432F-8788-90F8A2E99B98}
Nokia Ovi Suite-->C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\NokiaInstallerCache\ProductCache\{D5878294-C113-43c5-A24F-FC333C52015A}\Installer.exe
Nokia Ovi Suite-->MsiExec.exe /X{8070452B-15D6-4169-B9B9-FCC3B54588AD}
Nokia Software Updater-->MsiExec.exe /X{EF4F620F-F295-41D7-92C0-6B635709C850}
Nokia_Multimedia_Common_Components_2_5-->MsiExec.exe /I{70B31335-50EE-4834-8431-27412CDE62BD}
Norton 360-->C:\Programme\NortonInstaller\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360\A5E82D02\4.0.0.127\InstStub.exe /X
NTI HomeVideo-Maker-->RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{B8A6F713-D72D-47AD-A92D-B5C0E13F98C1}\setup.exe" -l0x7
Ovi Desktop Sync Engine-->MsiExec.exe /X{2D10FC46-1D96-44C4-8855-85F21B9B011E}
OviMPlatform-->MsiExec.exe /I{1373559F-6DC6-44EA-9079-6ABDCCE8CDAD}
Pacz-->MsiExec.exe /X{33D7EA48-0E99-4C45-A4D2-27D5DB9AF50F}
Pando Media Booster-->C:\Programme\Pando Networks\Media Booster\uninst.exe
PC Connectivity Solution-->MsiExec.exe /I{29F563F4-8807-4496-8463-441EAA0E96AB}
PowerDVD-->RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}\setup.exe"  -uninstall
Prime95-->"D:\Programme\Prime95\Uninstall.exe" "D:\Programme\Prime95\install.log"
QuickTime-->MsiExec.exe /I{1451DE6B-ABE1-4F62-BE9A-B363A17588A2}
Realtek AC'97 Audio-->RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{FB08F381-6533-4108-B7DD-039E11FBC27E}\setup.exe" -l0x7 REMOVE -removeonly
Realtek High Definition Audio Driver-->RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\setup.exe" -l0x7  -removeonly
Registry CleanUP 2007 1.5-->"D:\Programme\S.A.D\Registry CleanUP 2007\unins000.exe"
Rise Of Legends-->C:\PROGRA~1\GEMEIN~1\INSTAL~1\Driver\11\INTEL3~1\IDriver.exe /M{CADDE354-C78C-46CB-A006-E2B178EFC271}
SamsungMediaStudio-->RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{289CA3B4-9525-4B31-B58F-D76B2B52EA5A}\Setup.exe" -l0x9
Security Update for CAPICOM (KB931906)-->MsiExec.exe /I{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Security Update for CAPICOM (KB931906)-->MsiExec.exe /X{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Sicherheitsupdate für Windows Internet Explorer 7 (KB928090)-->"C:\WINDOWS\ie7updates\KB928090-IE7\spuninst\spuninst.exe"
Sicherheitsupdate für Windows Internet Explorer 7 (KB929969)-->"C:\WINDOWS\ie7updates\KB929969\spuninst\spuninst.exe"
Sicherheitsupdate für Windows Internet Explorer 7 (KB931768)-->"C:\WINDOWS\ie7updates\KB931768-IE7\spuninst\spuninst.exe"
Sicherheitsupdate für Windows Internet Explorer 7 (KB933566)-->"C:\WINDOWS\ie7updates\KB933566-IE7\spuninst\spuninst.exe"
Sicherheitsupdate für Windows Internet Explorer 7 (KB937143)-->"C:\WINDOWS\ie7updates\KB937143-IE7\spuninst\spuninst.exe"
Sicherheitsupdate für Windows Internet Explorer 7 (KB938127)-->"C:\WINDOWS\ie7updates\KB938127-IE7\spuninst\spuninst.exe"
Sicherheitsupdate für Windows Internet Explorer 7 (KB939653)-->"C:\WINDOWS\ie7updates\KB939653-IE7\spuninst\spuninst.exe"
Sicherheitsupdate für Windows Internet Explorer 7 (KB942615)-->"C:\WINDOWS\ie7updates\KB942615-IE7\spuninst\spuninst.exe"
Sicherheitsupdate für Windows Internet Explorer 7 (KB944533)-->"C:\WINDOWS\ie7updates\KB944533-IE7\spuninst\spuninst.exe"
Sicherheitsupdate für Windows Internet Explorer 7 (KB950759)-->"C:\WINDOWS\ie7updates\KB950759-IE7\spuninst\spuninst.exe"
Sicherheitsupdate für Windows Internet Explorer 7 (KB953838)-->"C:\WINDOWS\ie7updates\KB953838-IE7\spuninst\spuninst.exe"
Sicherheitsupdate für Windows Internet Explorer 7 (KB956390)-->"C:\WINDOWS\ie7updates\KB956390-IE7\spuninst\spuninst.exe"
Sicherheitsupdate für Windows Internet Explorer 7 (KB958215)-->"C:\WINDOWS\ie7updates\KB958215-IE7\spuninst\spuninst.exe"
Sicherheitsupdate für Windows Internet Explorer 7 (KB960714)-->"C:\WINDOWS\ie7updates\KB960714-IE7\spuninst\spuninst.exe"
Sicherheitsupdate für Windows Internet Explorer 7 (KB961260)-->"C:\WINDOWS\ie7updates\KB961260-IE7\spuninst\spuninst.exe"
Sicherheitsupdate für Windows Internet Explorer 7 (KB963027)-->"C:\WINDOWS\ie7updates\KB963027-IE7\spuninst\spuninst.exe"
Sicherheitsupdate für Windows Internet Explorer 7 (KB969897)-->"C:\WINDOWS\ie7updates\KB969897-IE7\spuninst\spuninst.exe"
Sicherheitsupdate für Windows Internet Explorer 7 (KB972260)-->"C:\WINDOWS\ie7updates\KB972260-IE7\spuninst\spuninst.exe"
Sicherheitsupdate für Windows Internet Explorer 7 (KB974455)-->"C:\WINDOWS\ie7updates\KB974455-IE7\spuninst\spuninst.exe"
Sicherheitsupdate für Windows Internet Explorer 7 (KB976325)-->"C:\WINDOWS\ie7updates\KB976325-IE7\spuninst\spuninst.exe"
Sicherheitsupdate für Windows Internet Explorer 7 (KB978207)-->"C:\WINDOWS\ie7updates\KB978207-IE7\spuninst\spuninst.exe"
Sicherheitsupdate für Windows Internet Explorer 7 (KB982381)-->"C:\WINDOWS\ie7updates\KB982381-IE7\spuninst\spuninst.exe"
Sicherheitsupdate für Windows Media Player (KB952069)-->"C:\WINDOWS\$NtUninstallKB952069_WM9$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows Media Player (KB954155)-->"C:\WINDOWS\$NtUninstallKB954155_WM9$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows Media Player (KB968816)-->"C:\WINDOWS\$NtUninstallKB968816_WM9$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows Media Player (KB973540)-->"C:\WINDOWS\$NtUninstallKB973540_WM9L$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows Media Player (KB978695)-->"C:\WINDOWS\$NtUninstallKB978695_WM9$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows Media Player 10 (KB917734)-->"C:\WINDOWS\$NtUninstallKB917734_WMP10$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows Media Player 11 (KB936782)-->"C:\WINDOWS\$NtUninstallKB936782_WMP11$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows Media Player 11 (KB954154)-->"C:\WINDOWS\$NtUninstallKB954154_WM11$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB923561)-->"C:\WINDOWS\$NtUninstallKB923561$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB938464)-->"C:\WINDOWS\$NtUninstallKB938464$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB941569)-->"C:\WINDOWS\$NtUninstallKB941569$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB946648)-->"C:\WINDOWS\$NtUninstallKB946648$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB950760)-->"C:\WINDOWS\$NtUninstallKB950760$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB950762)-->"C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB950974)-->"C:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB951066)-->"C:\WINDOWS\$NtUninstallKB951066$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB951376)-->"C:\WINDOWS\$NtUninstallKB951376$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB951376-v2)-->"C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB951698)-->"C:\WINDOWS\$NtUninstallKB951698$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB951748)-->"C:\WINDOWS\$NtUninstallKB951748$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB952004)-->"C:\WINDOWS\$NtUninstallKB952004$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB952954)-->"C:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB953839)-->"C:\WINDOWS\$NtUninstallKB953839$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB954211)-->"C:\WINDOWS\$NtUninstallKB954211$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB954600)-->"C:\WINDOWS\$NtUninstallKB954600$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB955069)-->"C:\WINDOWS\$NtUninstallKB955069$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB956391)-->"C:\WINDOWS\$NtUninstallKB956391$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB956572)-->"C:\WINDOWS\$NtUninstallKB956572$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB956744)-->"C:\WINDOWS\$NtUninstallKB956744$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB956802)-->"C:\WINDOWS\$NtUninstallKB956802$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB956803)-->"C:\WINDOWS\$NtUninstallKB956803$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB956841)-->"C:\WINDOWS\$NtUninstallKB956841$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB956844)-->"C:\WINDOWS\$NtUninstallKB956844$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB957095)-->"C:\WINDOWS\$NtUninstallKB957095$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB957097)-->"C:\WINDOWS\$NtUninstallKB957097$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB958644)-->"C:\WINDOWS\$NtUninstallKB958644$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB958687)-->"C:\WINDOWS\$NtUninstallKB958687$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB958690)-->"C:\WINDOWS\$NtUninstallKB958690$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB958869)-->"C:\WINDOWS\$NtUninstallKB958869$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB959426)-->"C:\WINDOWS\$NtUninstallKB959426$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB960225)-->"C:\WINDOWS\$NtUninstallKB960225$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB960715)-->"C:\WINDOWS\$NtUninstallKB960715$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB960803)-->"C:\WINDOWS\$NtUninstallKB960803$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB960859)-->"C:\WINDOWS\$NtUninstallKB960859$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB961371)-->"C:\WINDOWS\$NtUninstallKB961371$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB961373)-->"C:\WINDOWS\$NtUninstallKB961373$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB961501)-->"C:\WINDOWS\$NtUninstallKB961501$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB968537)-->"C:\WINDOWS\$NtUninstallKB968537$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB969059)-->"C:\WINDOWS\$NtUninstallKB969059$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB969898)-->"C:\WINDOWS\$NtUninstallKB969898$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB970238)-->"C:\WINDOWS\$NtUninstallKB970238$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB970430)-->"C:\WINDOWS\$NtUninstallKB970430$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB971468)-->"C:\WINDOWS\$NtUninstallKB971468$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB971486)-->"C:\WINDOWS\$NtUninstallKB971486$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB971557)-->"C:\WINDOWS\$NtUninstallKB971557$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB971633)-->"C:\WINDOWS\$NtUninstallKB971633$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB971657)-->"C:\WINDOWS\$NtUninstallKB971657$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB971961)-->"C:\WINDOWS\$NtUninstallKB971961$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB972270)-->"C:\WINDOWS\$NtUninstallKB972270$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB973346)-->"C:\WINDOWS\$NtUninstallKB973346$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB973354)-->"C:\WINDOWS\$NtUninstallKB973354$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB973507)-->"C:\WINDOWS\$NtUninstallKB973507$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB973525)-->"C:\WINDOWS\$NtUninstallKB973525$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB973869)-->"C:\WINDOWS\$NtUninstallKB973869$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB973904)-->"C:\WINDOWS\$NtUninstallKB973904$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB974112)-->"C:\WINDOWS\$NtUninstallKB974112$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB974318)-->"C:\WINDOWS\$NtUninstallKB974318$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB974392)-->"C:\WINDOWS\$NtUninstallKB974392$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB974571)-->"C:\WINDOWS\$NtUninstallKB974571$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB975467)-->"C:\WINDOWS\$NtUninstallKB975467$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB975560)-->"C:\WINDOWS\$NtUninstallKB975560$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB975561)-->"C:\WINDOWS\$NtUninstallKB975561$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB975562)-->"C:\WINDOWS\$NtUninstallKB975562$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB975713)-->"C:\WINDOWS\$NtUninstallKB975713$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB977165)-->"C:\WINDOWS\$NtUninstallKB977165$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB977816)-->"C:\WINDOWS\$NtUninstallKB977816$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB977914)-->"C:\WINDOWS\$NtUninstallKB977914$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB978037)-->"C:\WINDOWS\$NtUninstallKB978037$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB978251)-->"C:\WINDOWS\$NtUninstallKB978251$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB978262)-->"C:\WINDOWS\$NtUninstallKB978262$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB978338)-->"C:\WINDOWS\$NtUninstallKB978338$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB978542)-->"C:\WINDOWS\$NtUninstallKB978542$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB978601)-->"C:\WINDOWS\$NtUninstallKB978601$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB978706)-->"C:\WINDOWS\$NtUninstallKB978706$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB979309)-->"C:\WINDOWS\$NtUninstallKB979309$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB979482)-->"C:\WINDOWS\$NtUninstallKB979482$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB979559)-->"C:\WINDOWS\$NtUninstallKB979559$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB979683)-->"C:\WINDOWS\$NtUninstallKB979683$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB980195)-->"C:\WINDOWS\$NtUninstallKB980195$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB980218)-->"C:\WINDOWS\$NtUninstallKB980218$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB980232)-->"C:\WINDOWS\$NtUninstallKB980232$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB981349)-->"C:\WINDOWS\$NtUninstallKB981349$\spuninst\spuninst.exe"
SiSoftware Sandra Lite 2009.SP3c-->"D:\Programme\SiSoftware\SiSoftware Sandra Lite 2009.SP3c\unins000.exe"
Skype (BETA)-->"C:\Programme\Skype\Phone\unins000.exe"
Skype™ 4.2-->MsiExec.exe /X{D103C4BA-F905-437A-8049-DB24763BBE36}
Source Violence Patch 1.5 BETA-->"c:\programme\steam\Steamapps\weithoff007\unins000.exe"
SST Programming Software-->RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{03ADCA1C-BCF0-4B12-AFCF-8EBF2CB3AB07}\setup.exe" AddRem
Star Wars Battlefront II PC Server-->RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{A2023936-7D17-417D-8E8C-BD0062827D7B}\Setup.exe" -l0x9
Star Wars Battlefront II PS2 Server-->RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{2BB99C64-7631-4AE9-A76F-ABAECFB723AF}\Setup.exe" -l0x9
Star Wars Empire at War-->RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{99AE7207-8612-4DBA-A8F8-BAE5C633390D}\Setup.exe" -l0x7  -removeonly
Steam-->MsiExec.exe /X{048298C9-A4D3-490B-9FF9-AB023A9238F3}
System Requirements Lab-->C:\Programme\SystemRequirementsLab\Uninstall.exe
TeamSpeak 2 RC2-->D:\Programme\Teamspeak2_RC2\unins000.exe
TeamViewer 4-->C:\Programme\TeamViewer\Version4\uninstall.exe
TM507 Webcam-->RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{7F5A0E78-2B5A-4689-A91D-D60D83FC45E1}\Setup.exe" -l0x7
TMbot 2.3.0.0-->C:\Programme\TMbot\uninstall.exe
TMbot 2.7.9-->D:\Programme\TMbot\Uninstall.exe
T-Online 6.0-->RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{B1275E23-717A-4D52-997A-1AD1E24BC7F3}\setup.exe" CPAS
T-Online Router Web-IF Management-->RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{2638924D-DC58-4C40-BB1C-48C2B24B7B1B}\Setup.exe" -L0x7
TuneUp WinStyler-->MsiExec.exe /I{6FE7F94E-7AF8-421F-9A19-04681A099AE3}
Ultra Defragmenter-->"C:\WINDOWS\UltraDefrag\uninstall.exe"
Uninstall 1.0.0.1-->"C:\Programme\Gemeinsame Dateien\DVDVideoSoft\unins000.exe"
Update für Windows Internet Explorer 7 (KB976749)-->"C:\WINDOWS\ie7updates\KB976749-IE7\spuninst\spuninst.exe"
Update für Windows Internet Explorer 7 (KB980182)-->"C:\WINDOWS\ie7updates\KB980182-IE7\spuninst\spuninst.exe"
Update für Windows XP (KB951072-v2)-->"C:\WINDOWS\$NtUninstallKB951072-v2$\spuninst\spuninst.exe"
Update für Windows XP (KB951978)-->"C:\WINDOWS\$NtUninstallKB951978$\spuninst\spuninst.exe"
Update für Windows XP (KB955759)-->"C:\WINDOWS\$NtUninstallKB955759$\spuninst\spuninst.exe"
Update für Windows XP (KB955839)-->"C:\WINDOWS\$NtUninstallKB955839$\spuninst\spuninst.exe"
Update für Windows XP (KB967715)-->"C:\WINDOWS\$NtUninstallKB967715$\spuninst\spuninst.exe"
Update für Windows XP (KB968389)-->"C:\WINDOWS\$NtUninstallKB968389$\spuninst\spuninst.exe"
Update für Windows XP (KB971737)-->"C:\WINDOWS\$NtUninstallKB971737$\spuninst\spuninst.exe"
Update für Windows XP (KB973687)-->"C:\WINDOWS\$NtUninstallKB973687$\spuninst\spuninst.exe"
Update für Windows XP (KB973815)-->"C:\WINDOWS\$NtUninstallKB973815$\spuninst\spuninst.exe"
VC80CRTRedist - 8.0.50727.762-->MsiExec.exe /I{767CC44C-9BBC-438D-BAD3-FD4595DD148B}
VP3 Codec Version 3.2.6.1-->D:\Programme\VP3 Codec\Uninstal.exe
Wichtiges Update für Windows Media Player 11 (KB959772)-->"C:\WINDOWS\$NtUninstallKB959772_WM11$\spuninst\spuninst.exe"
Windows Genuine Advantage v1.3.0254.0-->MsiExec.exe /I{63569CE9-FA00-469C-AF5C-E5D4D93ACF91}
Windows Imaging Component-->"C:\WINDOWS\$NtUninstallWIC$\spuninst\spuninst.exe"
Windows Live Messenger-->MsiExec.exe /I{279DB581-239C-4E13-97F8-0F48E40BE75C}
Windows Media Format 11 runtime-->"C:\Programme\Windows Media Player\wmsetsdk.exe" /UninstallAll
Windows Media Format 11 runtime-->"C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe"
Windows Media Player 11-->"C:\Programme\Windows Media Player\Setup_wm.exe" /Uninstall
Windows Media Player 11-->"C:\WINDOWS\$NtUninstallwmp11$\spuninst\spuninst.exe"
Windows Media Player Firefox Plugin-->MsiExec.exe /I{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}
Windows Presentation Foundation Language Pack (DEU)-->MsiExec.exe /X{92DF2F1B-F63C-4D9A-B3E1-B2D11AE29790}
Windows Presentation Foundation-->MsiExec.exe /X{BAF78226-3200-4DB4-BE33-4D922A799840}
Windows XP Service Pack 3-->"C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe"
Windows-Treiberpaket - Advanced Micro Devices (AmdK8) Processor  (05/27/2006 1.3.2.0)-->C:\PROGRA~1\DIFX\7B44739871F4D539FA473F57A832EA4B6A59EF06\DPINST.EXE /d /u C:\WINDOWS\system32\DRVSTORE\amdk8_C710CEED791003E4D635992B02471584893356A0\amdk8.inf
Windows-Treiberpaket - Nokia Modem  (02/15/2007 3.1)-->C:\PROGRA~1\DIFX\270581355A767BF1\dpinst.exe /u C:\WINDOWS\system32\DRVSTORE\pccs_bluet_8B37DC72918CCD58A6EC20373AF6242B037A293B\pccs_bluetooth.inf
Windows-Treiberpaket - Nokia Modem  (02/15/2007 3.1)-->C:\PROGRA~1\DIFX\270581355A767BF1\dpinst.exe /u C:\WINDOWS\system32\DRVSTORE\pccs_bluet_F12A08B6F776984A95553486F64C541356F86E38\pccs_bluetooth.inf
Windows-Treiberpaket - Nokia Modem  (03/05/2008 3.7)-->C:\PROGRA~1\DIFX\270581355A767BF1\dpinst.exe /u C:\WINDOWS\system32\DRVSTORE\nokia_blue_635B28EFCFA9395123BB1C251595CB16129E2560\nokia_bluetooth.inf
Windows-Treiberpaket - Nokia Modem  (03/13/2008 6.86.0.1)-->C:\PROGRA~1\DIFX\270581355A767BF1\dpinst.exe /u C:\WINDOWS\system32\DRVSTORE\nokbtmdm_28F2EAC406838DA65AFF6C6886FE9FE96AEF5186\nokbtmdm.inf
Windows-Treiberpaket - Nokia Modem  (05/22/2008 3.8)-->C:\PROGRA~1\DIFX\270581355A767BF1\dpinst.exe /u C:\WINDOWS\system32\DRVSTORE\nokia_blue_6F90B0F4A73A2F780A1010B5D6CB5DDFB098181E\nokia_bluetooth.inf
Windows-Treiberpaket - Nokia Modem  (05/22/2008 7.00.0.1)-->C:\PROGRA~1\DIFX\270581355A767BF1\dpinst.exe /u C:\WINDOWS\system32\DRVSTORE\nokbtmdm_E68D50F7E25BFE399D47C864C3B52557346242A9\nokbtmdm.inf
Windows-Treiberpaket - Nokia Modem  (05/24/2007 6.84.0.1)-->C:\PROGRA~1\DIFX\270581355A767BF1\dpinst.exe /u C:\WINDOWS\system32\DRVSTORE\nokbtmdm_5E1541AFF1E1EA3554CE566743CCAD323ED1C108\nokbtmdm.inf
Windows-Treiberpaket - Nokia pccsmcfd  (08/22/2008 7.0.0.0)-->C:\PROGRA~1\DIFX\B4723E9A0713E5B1\dpinst.exe /u C:\WINDOWS\system32\DRVSTORE\pccsmcfd_A3B3916E5D8138F59EE218321B27B044D3B18294\pccsmcfd.inf
WinRAR-->D:\Programme\WinRAR\uninstall.exe
Xfire (remove only)-->"D:\Programme\Programme\Xfire\uninst.exe"
XML Paper Specification Shared Components Language Pack 1.0-->"C:\WINDOWS\$NtUninstallXPSEPSCLP$\spuninst\spuninst.exe"
XviD MPEG-4 Video Codec-->D:\Programme\XviD\unins000.exe

======Hosts File======

::1      localhost

======Security center information======

AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic (disabled)
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic (disabled)
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic (disabled)
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic (outdated)
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic (outdated)
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Norton 360
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: AntiVir Desktop
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic (disabled)
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic (disabled)
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Kaspersky Anti-Virus
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic (disabled)
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
FW: Norton 360

======System event log======

Computer Name: FINN
Event Code: 256
Message: Beim Senden der Benachrichtigung der Geräteschnittstellenänderung an Fenster von "Einstellungen" wurde das Zeitlimit überschritten.

Record Number: 81805
Source Name: PlugPlayManager
Time Written: 20100510064439.000000+120
Event Type: Warnung
User:

Computer Name: FINN
Event Code: 256
Message: Beim Senden der Benachrichtigung der Geräteschnittstellenänderung an Fenster von "Einstellungen" wurde das Zeitlimit überschritten.

Record Number: 81804
Source Name: PlugPlayManager
Time Written: 20100510064439.000000+120
Event Type: Warnung
User:

Computer Name: FINN
Event Code: 256
Message: Beim Senden der Benachrichtigung der Geräteschnittstellenänderung an Fenster von "Einstellungen" wurde das Zeitlimit überschritten.

Record Number: 81803
Source Name: PlugPlayManager
Time Written: 20100510064439.000000+120
Event Type: Warnung
User:

Computer Name: FINN
Event Code: 256
Message: Beim Senden der Benachrichtigung der Geräteschnittstellenänderung an Fenster von "Einstellungen" wurde das Zeitlimit überschritten.

Record Number: 81802
Source Name: PlugPlayManager
Time Written: 20100510064439.000000+120
Event Type: Warnung
User:

Computer Name: FINN
Event Code: 256
Message: Beim Senden der Benachrichtigung der Geräteschnittstellenänderung an Fenster von "Einstellungen" wurde das Zeitlimit überschritten.

Record Number: 81801
Source Name: PlugPlayManager
Time Written: 20100510064439.000000+120
Event Type: Warnung
User:

=====Application event log=====

Computer Name: FINN
Event Code: 1
Message:
Record Number: 3053
Source Name: OviSuite
Time Written: 20100901212504.000000+120
Event Type: Informationen
User:

Computer Name: FINN
Event Code: 1
Message:
Record Number: 3052
Source Name: OviSuite
Time Written: 20100901212504.000000+120
Event Type: Informationen
User:

Computer Name: FINN
Event Code: 1
Message:
Record Number: 3051
Source Name: OviSuite
Time Written: 20100901212504.000000+120
Event Type: Informationen
User:

Computer Name: FINN
Event Code: 1
Message:
Record Number: 3050
Source Name: OviSuite
Time Written: 20100901212504.000000+120
Event Type: Informationen
User:

Computer Name: FINN
Event Code: 1
Message:
Record Number: 3049
Source Name: OviSuite
Time Written: 20100901132059.000000+120
Event Type: Fehler
User:

=====Security event log=====

Computer Name: FINN
Event Code: 576
Message: Besondere Rechte bei neuer Anmeldung:

        Benutzername:       

        Domäne:               

        Anmeldekennung:                (0x0,0x2000C)

        Berechtigungen:                SeChangeNotifyPrivilege
                        SeBackupPrivilege
                        SeRestorePrivilege
                        SeDebugPrivilege

Record Number: 215461
Source Name: Security
Time Written: 20100709012336.000000+120
Event Type: Überwachung erfolgreich
User: FINN\Ich

Computer Name: FINN
Event Code: 528
Message: Erfolgreiche Anmeldung:

        Benutzername:        Ich

        Domäne:                FINN

        Anmeldekennung:                (0x0,0x2000C)

        Anmeldetyp:        2

        Anmeldevorgang:        Advapi 

        Authentifizierungspaket:        Negotiate

        Name der Arbeitsstation:        FINN

        Anmelde-GUID:        -

Record Number: 215460
Source Name: Security
Time Written: 20100709012336.000000+120
Event Type: Überwachung erfolgreich
User: FINN\Ich

Computer Name: FINN
Event Code: 680
Message: Anmeldversuch von: MICROSOFT_AUTHENTICATION_PACKAGE_V1_0

Anmeldekonto:  Ich

Arbeitsstation: FINN

Fehlercode: 0x0


Record Number: 215459
Source Name: Security
Time Written: 20100709012336.000000+120
Event Type: Überwachung erfolgreich
User: NT-AUTORITÄT\SYSTEM

Computer Name: FINN
Event Code: 806
Message: Die Benutzerrichtlinienüberwachung wurde aktualisiert.

        Anzahl der Elemente:        0

        Richtlinienkennung:        (0x0,0x1F611)


Record Number: 215458
Source Name: Security
Time Written: 20100709012336.000000+120
Event Type: Überwachung erfolgreich
User: NT-AUTORITÄT\SYSTEM

Computer Name: FINN
Event Code: 576
Message: Besondere Rechte bei neuer Anmeldung:

        Benutzername:       

        Domäne:               

        Anmeldekennung:                (0x0,0x3E5)

        Berechtigungen:                SeAuditPrivilege
                        SeAssignPrimaryTokenPrivilege
                        SeChangeNotifyPrivilege

Record Number: 215457
Source Name: Security
Time Written: 20100709012336.000000+120
Event Type: Überwachung erfolgreich
User: NT-AUTORITÄT\LOKALER DIENST

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"Path"=C:\Programme\PC Connectivity Solution\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Programme\Gemeinsame Dateien\DivX Shared\;C:\Programme\ATI Technologies\ATI.ACE\Core-Static;D:\Programme\QuickTime\QTSystem\
"windir"=%SystemRoot%
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_LEVEL"=15
"PROCESSOR_IDENTIFIER"=x86 Family 15 Model 43 Stepping 1, AuthenticAMD
"PROCESSOR_REVISION"=2b01
"NUMBER_OF_PROCESSORS"=2
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"SAN_DIR"=D:\Programme\SiSoftware\SiSoftware Sandra Lite 2009.SP3c
"CLASSPATH"=.;C:\Programme\Java\jre6\lib\ext\QTJava.zip
"QTJAVA"=C:\Programme\Java\jre6\lib\ext\QTJava.zip

-----------------EOF-----------------
--- --- ---

.Anti. 07.09.2010 20:15
log.txt (RSIT)

RSIT Logfile:
Code:
Logfile of random's system information tool 1.08 (written by random/random)
Run by Ich at 2010-09-07 21:11:23
Microsoft Windows XP Home Edition Service Pack 3
System drive C: has 14 GB (19%) free of 74 GB
Total RAM: 1534 MB (35% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 21:12:50, on 07.09.2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.17055)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Programme\TuneUp WinStyler\WinStylerThemeSvc.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Programme\Avira\AntiVir Desktop\sched.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Programme\Avira\AntiVir Desktop\avguard.exe
C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Programme\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\svchost.exe
C:\Programme\Java\jre6\bin\jqs.exe
C:\Programme\Norton 360\Engine\4.0.0.127\ccSvcHst.exe
C:\WINDOWS\system32\rundll32.exe
C:\Programme\Microsoft IntelliType Pro\type32.exe
D:\Programme\T-Online\T-Online_Software_6\Basis-Software\Basis1\ToADiMon.exe
C:\Programme\Microsoft Application Virtualization Client\sftvsa.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\UAService7.exe
C:\Programme\Microsoft Application Virtualization Client\sftlist.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Programme\Microsoft IntelliPoint\ipoint.exe
C:\Programme\Avira\AntiVir Desktop\avgnt.exe
C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe
C:\Programme\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Dokumente und Einstellungen\Ich\Lokale Einstellungen\Anwendungsdaten\Google\Update\GoogleUpdate.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programme\Gemeinsame Dateien\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
C:\Programme\Microsoft IntelliPoint\dpupdchk.exe
C:\Programme\Norton 360\Engine\4.0.0.127\ccSvcHst.exe
C:\Programme\Gemeinsame Dateien\Microsoft Shared\Works Shared\WkCalRem.exe
C:\WINDOWS\system32\Macromed\Shockwave 10\PostUpdate.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Programme\Skype\Phone\Skype.exe
D:\Programme\ICQ7.0\ICQ.exe
D:\Programme\Mozilla Firefox\firefox.exe
D:\Programme\Malwarebytes' Anti-Malware\mbam.exe
C:\Dokumente und Einstellungen\Ich\Desktop\RSIT.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\Programme\trend micro\Ich.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://fullarticles.net
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R3 - URLSearchHook: (no name) - {855F3B16-6D32-4fe6-8A56-BBB695989046} - (no file)
O1 - Hosts: ÿþ127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: AskBar BHO - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Programme\AskBarDis\bar\bin\askBar.dll
O2 - BHO: Symantec NCO BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Programme\Norton 360\Engine\4.0.0.127\coIEPlg.dll
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Programme\Norton 360\Engine\4.0.0.127\IPSBHO.DLL
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\programme\google\googletoolbar3.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programme\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Programme\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: (no name) - {855F3B16-6D32-4fe6-8A56-BBB695989046} - (no file)
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\programme\google\googletoolbar3.dll
O3 - Toolbar: Ask Toolbar - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Programme\AskBarDis\bar\bin\askBar.dll
O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Programme\DAEMON Tools Toolbar\DTToolbar.dll
O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Programme\Norton 360\Engine\4.0.0.127\coIEPlg.dll
O4 - HKLM\..\Run: [LaunchApp] Alaunch
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [type32] "C:\Programme\Microsoft IntelliType Pro\type32.exe"
O4 - HKLM\..\Run: [ToADiMon.exe] D:\Programme\T-Online\T-Online_Software_6\Basis-Software\Basis1\ToADiMon.exe -TOnlineAutodialStart
O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAShCut.exe
O4 - HKLM\..\Run: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [IntelliPoint] "C:\Programme\Microsoft IntelliPoint\ipoint.exe"
O4 - HKLM\..\Run: [StartCCC] "C:\Programme\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [QuickTime Task] "D:\Programme\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [avgnt] "C:\Programme\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto
O4 - HKCU\..\Run: [swg] "C:\Programme\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [Google Update] "C:\Dokumente und Einstellungen\Ich\Lokale Einstellungen\Anwendungsdaten\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Skype] "C:\Programme\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [Steam] "d:\programme\steam\steam.exe" -silent
O4 - HKCU\..\Run: [ICQ] "D:\Programme\ICQ7.0\ICQ.exe" silent loginmode=4
O4 - HKCU\..\RunOnce: [SWHelper] "C:\WINDOWS\system32\Macromed\Shockwave 10\PostUpdate.exe" 1014020
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOKALER DIENST')
O4 - HKUS\S-1-5-19\..\Run: [InfoCockpit] D:\Programme\T-Online\T-Online_Software_6\Info-Cockpit\INFOCOCKPIT.EXE /nosplash (User 'LOKALER DIENST')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETZWERKDIENST')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: WKCALREM.LNK = C:\Programme\Gemeinsame Dateien\Microsoft Shared\Works Shared\WkCalRem.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Programme\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Programme\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Programme\ICQLite\ICQLite.exe (file missing)
O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Programme\ICQLite\ICQLite.exe (file missing)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - hxxp://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - hxxp://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1135673099383
O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} (Oberon Flash Game Host) - hxxp://icq.oberon-media.com/Gameshell/GameHost/1.0/OberonGameHost.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\GEMEIN~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Avira AntiVir Planer (AntiVirSchedulerService) - Avira GmbH - C:\Programme\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Programme\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Bonjour-Dienst (Bonjour Service) - Apple Inc. - C:\Programme\Bonjour\mDNSResponder.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Programme\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: ICQ Service - Unknown owner - C:\Programme\ICQ6Toolbar\ICQ Service.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programme\Gemeinsame Dateien\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Programme\Java\jre6\bin\jqs.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: Norton 360 (N360) - Symantec Corporation - C:\Programme\Norton 360\Engine\4.2.0.12\ccSvcHst.exe
O23 - Service: SiSoftware Deployment Agent Service (SandraAgentSrv) - SiSoftware - D:\Programme\SiSoftware\SiSoftware Sandra Lite 2009.SP3c\RpcAgentSrv.exe
O23 - Service: ServiceLayer - Nokia - C:\Programme\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: TuneUp WinStyler Theme Service (TUWinStylerThemeSvc) - TuneUp Software GmbH - C:\Programme\TuneUp WinStyler\WinStylerThemeSvc.exe
O23 - Service: SecuROM User Access Service (V7) (UserAccess7) - Sony DADC Austria AG. - C:\WINDOWS\system32\UAService7.exe

--
End of file - 11596 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\Microsoft_Hardware_Launch_IPoint_exe.job
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-3598312876-1066895871-4027723870-1007Core1cb0cc11dcdc67c.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Adobe PDF Reader Link Helper - C:\Programme\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll [2006-12-18 59032]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{201f27d4-3704-41d6-89c1-aa35e39143ed}]
AskBar BHO - C:\Programme\AskBarDis\bar\bin\askBar.dll [2008-08-26 279944]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408}]
Symantec NCO BHO - C:\Programme\Norton 360\Engine\4.0.0.127\coIEPlg.dll [2009-12-10 394608]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6D53EC84-6AAE-4787-AEEE-F4628F01010C}]
Symantec Intrusion Prevention - C:\Programme\Norton 360\Engine\4.0.0.127\IPSBHO.DLL [2009-11-17 79224]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7E853D72-626A-48EC-A868-BA8D5E23E045}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - c:\programme\google\googletoolbar3.dll [2007-01-19 2427968]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Programme\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll [2009-12-07 764912]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Programme\Java\jre6\bin\jp2ssv.dll [2010-08-04 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Programme\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2010-08-04 79648]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{855F3B16-6D32-4fe6-8A56-BBB695989046}
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - &Google - c:\programme\google\googletoolbar3.dll [2007-01-19 2427968]
{3041d03e-fd4b-44e0-b742-2d9b88305f98} - Ask Toolbar - C:\Programme\AskBarDis\bar\bin\askBar.dll [2008-08-26 279944]
{32099AAC-C132-4136-9E9A-4E364A424E17} - DAEMON Tools Toolbar - C:\Programme\DAEMON Tools Toolbar\DTToolbar.dll [2008-07-04 683464]
{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - Norton Toolbar - C:\Programme\Norton 360\Engine\4.0.0.127\coIEPlg.dll [2009-12-10 394608]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"LaunchApp"=Alaunch []
"IMJPMIG8.1"=C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE [2004-08-04 208952]
"MSPY2002"=C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe [2004-08-04 59392]
"PHIME2002ASync"=C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE [2004-08-04 455168]
"PHIME2002A"=C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE [2004-08-04 455168]
"BluetoothAuthenticationAgent"=bthprops.cpl,,BluetoothAuthenticationAgent []
"type32"=C:\Programme\Microsoft IntelliType Pro\type32.exe [2004-06-03 172032]
"ToADiMon.exe"=D:\Programme\T-Online\T-Online_Software_6\Basis-Software\Basis1\ToADiMon.exe [2005-06-27 278528]
"High Definition Audio Property Page Shortcut"=C:\WINDOWS\system32\HDAShCut.exe [2005-01-07 61952]
"UserFaultCheck"=C:\WINDOWS\system32\dumprep 0 -u []
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2005-07-01 14477312]
"Alcmtr"=C:\WINDOWS\ALCMTR.EXE [2005-07-01 69632]
"IntelliPoint"=C:\Programme\Microsoft IntelliPoint\ipoint.exe [2008-06-10 1406024]
"StartCCC"=C:\Programme\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2009-02-03 61440]
"QuickTime Task"=D:\Programme\QuickTime\QTTask.exe [2009-11-11 417792]
"avgnt"=C:\Programme\Avira\AntiVir Desktop\avgnt.exe [2009-03-02 209153]
"KernelFaultCheck"=C:\WINDOWS\system32\dumprep 0 -k []
"SunJavaUpdateSched"=C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe [2010-05-14 248552]
"MSConfig"=C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe [2008-04-14 172544]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"swg"=C:\Programme\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2007-06-16 68856]
"Google Update"=C:\Dokumente und Einstellungen\Ich\Lokale Einstellungen\Anwendungsdaten\Google\Update\GoogleUpdate.exe [2009-01-06 133104]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"Skype"=C:\Programme\Skype\Phone\Skype.exe [2010-05-13 26192168]
"Steam"=d:\programme\steam\steam.exe [2010-09-02 1242448]
"ICQ"=D:\Programme\ICQ7.0\ICQ.exe [2010-08-22 133432]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"SWHelper"=C:\WINDOWS\system32\Macromed\Shockwave 10\PostUpdate.exe [2009-12-07 53248]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Free Quick Keylogger]
D:\Programme\WideStep Software\Free Quick Keylogger\qpanel.exe /AUTORUN []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Malwarebytes Anti-Malware (reboot)]
D:\Programme\Malwarebytes' Anti-Malware\mbam.exe [2010-04-29 1090952]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
C:\Programme\Messenger\msmsgs.exe [2008-04-14 1695232]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaMServer]
C:\Programme\Gemeinsame Dateien\Nokia\MPlatform\NokiaMServer /watchfiles startup []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaMusic FastStart]
C:\Programme\Nokia\Ovi Player\NokiaOviPlayer.exe [2010-03-04 2192672]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ntiMUI]
c:\Programme\NewTech Infosystems\NTI CD & DVD-Maker 7\ntiMUI.exe [2005-05-11 45056]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Profiler]
C:\Programme\Saitek\Software\Profiler.exe [2004-01-28 159744]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl]
C:\Programme\CyberLink\PowerDVD\PDVDServ.exe [2004-07-15 32768]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RGSC]
D:\Programme\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe /silent []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SaiSmart]
C:\Programme\Saitek\Software\SaiSmart.exe [2004-01-28 98304]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Dokumente und Einstellungen^Ich^Startmenü^Programme^Zubehör^Autostart^Registration .LNK]
C:\Programme\Ubisoft\Peter Jackson's King Kong - The Official Game of the Movie\RegistrationReminder.exe -d 803617 -l german -r 7 -g  -c us -i 2309 []

C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart
Microsoft Office.lnk - C:\Programme\Microsoft Office\Office10\OSA.EXE
Adobe Reader Speed Launch.lnk - C:\Programme\Adobe\Acrobat 7.0\Reader\reader_sl.exe

C:\Dokumente und Einstellungen\Ich\Startmenü\Programme\Zubehör\Autostart
WKCALREM.LNK - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Works Shared\WkCalRem.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2009-02-04 155648]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2007-03-15 236928]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=0
"HonorAutoRunSetting"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"D:\Programme\LucasArts\Star Wars Battlefront II\GameData\BattlefrontII.exe"="D:\Programme\LucasArts\Star Wars Battlefront II\GameData\BattlefrontII.exe:*:Enabled:BattlefrontII"
"C:\WINDOWS\System32\LEXPPS.EXE"="C:\WINDOWS\System32\LEXPPS.EXE:*:Disabled:LEXPPS"
"D:\Programme\Xfire\Xfire.exe"="D:\Programme\Xfire\Xfire.exe:*:Enabled:Xfire"
"D:\Programme\BearShare\BearShare.exe"="D:\Programme\BearShare\BearShare.exe:*:Disabled:BearShare"
"D:\Programme\World of Warcraft\WoW-1.12.0-deDE-downloader.exe"="D:\Programme\World of Warcraft\WoW-1.12.0-deDE-downloader.exe:*:Enabled:Blizzard Downloader"
"D:\Programme\World of Warcraft\WoW-1.12.x-to-2.0.1-deDE-patch-downloader.exe"="D:\Programme\World of Warcraft\WoW-1.12.x-to-2.0.1-deDE-patch-downloader.exe:*:Enabled:Blizzard Downloader"
"D:\Programme\World of Warcraft\WoW-2.0.3-deDE-downloader.exe"="D:\Programme\World of Warcraft\WoW-2.0.3-deDE-downloader.exe:*:Enabled:Blizzard Downloader"
"D:\Programme\World of Warcraft\WoW-2.0.3.6299-to-2.0.10.6448-deDE-downloader.exe"="D:\Programme\World of Warcraft\WoW-2.0.3.6299-to-2.0.10.6448-deDE-downloader.exe:*:Enabled:Blizzard Downloader"
"D:\Programme\World of Warcraft\WoW-2.0.10.6448-to-2.0.12.6546-deDE-downloader.exe"="D:\Programme\World of Warcraft\WoW-2.0.10.6448-to-2.0.12.6546-deDE-downloader.exe:*:Enabled:Blizzard Downloader"
"D:\Programme\ICQ6\ICQ.exe"="D:\Programme\ICQ6\ICQ.exe:*:Enabled:ICQ6"
"D:\Programme\World of Warcraft\BackgroundDownloader.exe"="D:\Programme\World of Warcraft\BackgroundDownloader.exe:*:Enabled:Blizzard Downloader"
"D:\Programme\World of Warcraft\WoW-2.0.12.6546-to-2.1.0.6692-deDE-downloader.exe"="D:\Programme\World of Warcraft\WoW-2.0.12.6546-to-2.1.0.6692-deDE-downloader.exe:*:Enabled:Blizzard Downloader"
"D:\Programme\World of Warcraft\WoWTest\WoW-0.2.0.7125-to-0.2.0.7153-deDE-downloader.exe"="D:\Programme\World of Warcraft\WoWTest\WoW-0.2.0.7125-to-0.2.0.7153-deDE-downloader.exe:*:Enabled:Blizzard Downloader"
"C:\Programme\Acer\Acer eConsole\MediaSync.exe"="C:\Programme\Acer\Acer eConsole\MediaSync.exe:LocalSubNet:Disabled:Media Synchoronizer"
"C:\WINDOWS\System32\dplaysvr.exe"="C:\WINDOWS\System32\dplaysvr.exe:*:Disabled:Microsoft DirectPlay Helper"
"C:\WINDOWS\Network Diagnostic\xpnetdiag.exe"="C:\WINDOWS\Network Diagnostic\xpnetdiag.exe:*:Disabled:@xpsp3res.dll,-20000"
"C:\WINDOWS\system32\sessmgr.exe"="C:\WINDOWS\system32\sessmgr.exe:*:Disabled:@xpsp2res.dll,-22019"
"D:\Programme\T-Online\T-Online_Software_6\Browser\browser.exe"="D:\Programme\T-Online\T-Online_Software_6\Browser\browser.exe:*:Disabled:T-Online Browser 6.0"
"C:\Programme\Messenger\msmsgs.exe"="C:\Programme\Messenger\msmsgs.exe:*:Disabled:Windows Messenger"
"C:\Programme\LucasArts\Star Wars Republic Commando\GameData\System\SWRepublicCommando.exe"="C:\Programme\LucasArts\Star Wars Republic Commando\GameData\System\SWRepublicCommando.exe:*:Enabled:SWRepublicCommando"
"D:\Programme\World of Warcraft\WoW-2.2.3.7359-to-2.3.0.7561-deDE-downloader.exe"="D:\Programme\World of Warcraft\WoW-2.2.3.7359-to-2.3.0.7561-deDE-downloader.exe:*:Enabled:Blizzard Downloader"
"D:\Programme\Gamers.IRC\mirc.exe"="D:\Programme\Gamers.IRC\mirc.exe:*:Enabled:mIRC"
"D:\Programme\LimeWire\LimeWire.exe"="D:\Programme\LimeWire\LimeWire.exe:*:Enabled:LimeWire"
"D:\Programme\Atari\BOILING POINT\Xenus.exe"="D:\Programme\Atari\BOILING POINT\Xenus.exe:*:Enabled:Xenus"
"C:\Dokumente und Einstellungen\Ich\Desktop\Counter-Strike Source an DonMorten\hl2.exe"="C:\Dokumente und Einstellungen\Ich\Desktop\Counter-Strike Source an DonMorten\hl2.exe:*:Enabled:hl2"
"C:\Dokumente und Einstellungen\Ich\Desktop\Battlefield 2\bf2_w32ded.exe"="C:\Dokumente und Einstellungen\Ich\Desktop\Battlefield 2\bf2_w32ded.exe:*:Enabled:bf2_w32ded"
"C:\Dokumente und Einstellungen\Ich\Desktop\Battlefield 2\BF2VoipServer.exe"="C:\Dokumente und Einstellungen\Ich\Desktop\Battlefield 2\BF2VoipServer.exe:*:Enabled:BF2VoipServer"
"D:\Programme\Ubisoft\Assassin's Creed\AssassinsCreed_Dx9.exe"="D:\Programme\Ubisoft\Assassin's Creed\AssassinsCreed_Dx9.exe:*:Enabled:Assassin's Creed Dx9"
"D:\Programme\Ubisoft\Assassin's Creed\AssassinsCreed_Dx10.exe"="D:\Programme\Ubisoft\Assassin's Creed\AssassinsCreed_Dx10.exe:*:Enabled:Assassin's Creed Dx10"
"D:\Programme\Ubisoft\Assassin's Creed\AssassinsCreed_Launcher.exe"="D:\Programme\Ubisoft\Assassin's Creed\AssassinsCreed_Launcher.exe:*:Enabled:Assassin's Creed Update"
"C:\Programme\Internet Explorer\iexplore.exe"="C:\Programme\Internet Explorer\iexplore.exe:*:Enabled:Internet Explorer"
"C:\Programme\Steam\SteamApps\weithoff007\counter-strike source\hl2.exe"="C:\Programme\Steam\SteamApps\weithoff007\counter-strike source\hl2.exe:*:Enabled:hl2"
"C:\Programme\Steam\SteamApps\weithoff007\day of defeat source\hl2.exe"="C:\Programme\Steam\SteamApps\weithoff007\day of defeat source\hl2.exe:*:Enabled:hl2"
"C:\Programme\TeamViewer\Version4\TeamViewer.exe"="C:\Programme\TeamViewer\Version4\TeamViewer.exe:*:Enabled:TeamViewer Remote Control Application"
"C:\Programme\Nokia\Nokia Software Updater\nsu_ui_client.exe"="C:\Programme\Nokia\Nokia Software Updater\nsu_ui_client.exe:*:Enabled:Nokia Software Updater"
"C:\Programme\Java\jre6\bin\java.exe"="C:\Programme\Java\jre6\bin\java.exe:*:Enabled:Java(TM) Platform SE binary"
"D:\Programme\SiSoftware\SiSoftware Sandra Lite 2009.SP3c\RpcAgentSrv.exe"="D:\Programme\SiSoftware\SiSoftware Sandra Lite 2009.SP3c\RpcAgentSrv.exe:*:Enabled:SiSoftware Deployment Agent Service"
"D:\Programme\Valve\hl.exe"="D:\Programme\Valve\hl.exe:*:Enabled:Half-Life Launcher"
"D:\Programme\Valve\hltv.exe"="D:\Programme\Valve\hltv.exe:*:Enabled:HLTV Launcher"
"D:\Programme\Counter-Strike 1.6\hl.exe"="D:\Programme\Counter-Strike 1.6\hl.exe:*:Enabled:Half-Life Launcher"
"D:\Programme\Rockstar Games\Grand Theft Auto IV\LaunchGTAIV.exe"="D:\Programme\Rockstar Games\Grand Theft Auto IV\LaunchGTAIV.exe:*:Enabled:Grand Theft Auto IV"
"C:\Programme\TravManager\TravManager-Client.exe"="C:\Programme\TravManager\TravManager-Client.exe:*:Enabled:TravManager"
"D:\Programme\Mozilla Firefox\TravManager-Client.exe"="D:\Programme\Mozilla Firefox\TravManager-Client.exe:*:Enabled:TravManager"
"D:\Programme\TravManager\TravManager.exe"="D:\Programme\TravManager\TravManager.exe:*:Enabled:TravManager"
"D:\Programme\GSC Game World\Cossacks II\Data\engine.exe"="D:\Programme\GSC Game World\Cossacks II\Data\engine.exe:*:Enabled:Cossacks 2: Napoleonic Wars"
"D:\Programme\Azureus\Azureus.exe"="D:\Programme\Azureus\Azureus.exe:*:Enabled:Azureus"
"D:\Programme\LucasArts\Star Wars Empire at War\GameData\sweaw.exe"="D:\Programme\LucasArts\Star Wars Empire at War\GameData\sweaw.exe:*:Enabled:Star Wars: Empire at War"
"C:\Programme\Microsoft Games\Rise Of Legends\legends.exe"="C:\Programme\Microsoft Games\Rise Of Legends\legends.exe:*:Enabled:Rise Of Legends"
"D:\Programme\ICQ6.5\ICQ.exe"="D:\Programme\ICQ6.5\ICQ.exe:*:Enabled:ICQ6"
"C:\Programme\Steam\Steam.exe"="C:\Programme\Steam\Steam.exe:*:Enabled:Steam"
"C:\Programme\Skype\Plugin Manager\skypePM.exe"="C:\Programme\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"D:\Programme\SiSoftware\SiSoftware Sandra Lite 2009.SP3c\WNt500x86\RpcSandraSrv.exe"="D:\Programme\SiSoftware\SiSoftware Sandra Lite 2009.SP3c\WNt500x86\RpcSandraSrv.exe:*:Enabled:SiSoftware Sandra Agent Service"
"C:\Programme\TMbot\TM.EXE"="C:\Programme\TMbot\TM.EXE:*:Enabled:TMbot"
"C:\Programme\Bonjour\mDNSResponder.exe"="C:\Programme\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
"D:\Programme\Anno 1701\Anno1701.exe"="D:\Programme\Anno 1701\Anno1701.exe:*:Enabled:Anno 1701"
"D:\Programme\ICQ7.0\ICQ.exe"="D:\Programme\ICQ7.0\ICQ.exe:*:Enabled:ICQ7"
"D:\Programme\ICQ7.0\aolload.exe"="D:\Programme\ICQ7.0\aolload.exe:*:Enabled:aolload.exe"
"D:\Programme\Steam\Steam.exe"="D:\Programme\Steam\Steam.exe:*:Enabled:Steam"
"C:\Dokumente und Einstellungen\Ich\Desktop\Counter-Strike Source\hl2.exe"="C:\Dokumente und Einstellungen\Ich\Desktop\Counter-Strike Source\hl2.exe:*:Disabled:hl2"
"D:\Programme\League of Legends\Air\LolClient.exe"="D:\Programme\League of Legends\Air\LolClient.exe:*:Enabled:League of Legends Lobby"
"D:\Programme\League of Legends\Game\League of Legends.exe"="D:\Programme\League of Legends\Game\League of Legends.exe:*:Enabled:League of Legends Game Client"
"C:\Programme\Pando Networks\Media Booster\PMB.exe"="C:\Programme\Pando Networks\Media Booster\PMB.exe:*:Enabled:Pando Media Booster"
"D:\Programme\Steam\SteamApps\weithoff007\counter-strike source\hl2.exe"="D:\Programme\Steam\SteamApps\weithoff007\counter-strike source\hl2.exe:*:Enabled:Counter-Strike: Source"
"C:\Dokumente und Einstellungen\Ich\Desktop\P18943431.JPG-www.facebook.exe"="C:\WINDOWS\nvsvc32.exe:*:Enabled:NVIDIA driver monitor"
"C:\Programme\MSN Messenger\msnmsgr.exe"="C:\Programme\MSN Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"
"C:\Programme\MSN Messenger\livecall.exe"="C:\Programme\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"
"C:\Programme\Skype\Phone\Skype.exe"="C:\Programme\Skype\Phone\Skype.exe:*:Enabled:Skype"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"D:\Programme\ICQ7.0\ICQ.exe"="D:\Programme\ICQ7.0\ICQ.exe:*:Enabled:ICQ7"
"D:\Programme\ICQ7.0\aolload.exe"="D:\Programme\ICQ7.0\aolload.exe:*:Enabled:aolload.exe"
"C:\Programme\Pando Networks\Media Booster\PMB.exe"="C:\Programme\Pando Networks\Media Booster\PMB.exe:*:Enabled:Pando Media Booster"
"C:\Programme\MSN Messenger\msnmsgr.exe"="C:\Programme\MSN Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"
"C:\Programme\MSN Messenger\livecall.exe"="C:\Programme\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"

======List of files/folders created in the last 1 months======

2010-09-07 21:12:19 ----D---- C:\Programme\trend micro
2010-09-07 21:11:23 ----D---- C:\rsit
2010-09-07 18:27:11 ----D---- C:\WINDOWS\LastGood
2010-09-07 17:06:29 ----D---- C:\WINDOWS\system32\Adobe
2010-09-07 17:00:36 ----RA---- C:\WINDOWS\system32\GEARAspi.dll
2010-09-07 17:00:36 ----RA---- C:\WINDOWS\system32\drivers\GEARAspiWDM.sys
2010-09-07 17:00:31 ----D---- C:\Programme\Symantec
2010-09-07 17:00:31 ----D---- C:\Programme\Gemeinsame Dateien\Symantec Shared
2010-09-07 17:00:31 ----A---- C:\WINDOWS\system32\S32EVNT1.DLL
2010-09-07 17:00:31 ----A---- C:\WINDOWS\system32\drivers\SYMEVENT.SYS
2010-09-07 16:59:43 ----D---- C:\WINDOWS\system32\drivers\N360
2010-09-07 16:59:37 ----D---- C:\Programme\Windows Sidebar
2010-09-07 16:59:37 ----D---- C:\Programme\Norton 360
2010-09-07 16:59:36 ----D---- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Norton
2010-09-07 16:59:12 ----D---- C:\Programme\NortonInstaller
2010-09-07 16:56:10 ----D---- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\NortonInstaller
2010-09-06 23:29:18 ----D---- C:\_OTL
2010-09-06 22:16:47 ----D---- C:\Dokumente und Einstellungen\Ich\Anwendungsdaten\Malwarebytes
2010-09-06 22:16:28 ----A---- C:\WINDOWS\system32\drivers\mbamswissarmy.sys
2010-09-06 22:16:22 ----D---- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Malwarebytes
2010-09-06 22:16:21 ----A---- C:\WINDOWS\system32\drivers\mbam.sys
2010-09-06 16:35:22 ----D---- C:\Dokumente und Einstellungen\Ich\Anwendungsdaten\Mp3tag
2010-09-06 16:07:54 ----D---- C:\Dokumente und Einstellungen\Ich\Anwendungsdaten\DVDVideoSoftIEHelpers
2010-09-02 20:38:39 ----A---- C:\WINDOWS\ModemLog_Standardmodem über Bluetooth-Verbindung.txt
2010-09-01 21:27:52 ----D---- C:\Dokumente und Einstellungen\Ich\Anwendungsdaten\Nokia Ovi Suite
2010-09-01 04:12:41 ----HD---- C:\WINDOWS\$NtUninstallWudf01009$
2010-09-01 04:06:53 ----HD---- C:\WINDOWS\$NtUninstallWdf01009$
2010-09-01 03:50:49 ----D---- C:\WINDOWS\Globalization
2010-09-01 03:50:22 ----D---- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\NokiaMusic
2010-09-01 03:44:21 ----A---- C:\WINDOWS\system32\drivers\pccsmcfd.sys
2010-09-01 03:44:11 ----D---- C:\Programme\PC Connectivity Solution
2010-09-01 03:43:22 ----A---- C:\WINDOWS\system32\wdfcoinstaller01009.dll
2010-09-01 03:43:22 ----A---- C:\WINDOWS\system32\nmwcdcocls.dll
2010-09-01 03:43:22 ----A---- C:\WINDOWS\system32\drivers\ccdcmb.sys
2010-09-01 03:40:39 ----D---- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\NokiaInstallerCache
2010-08-21 18:33:32 ----SHD---- C:\FOUND.069
2010-08-20 03:55:24 ----A---- C:\WINDOWS\system32\javaws.exe
2010-08-20 03:55:24 ----A---- C:\WINDOWS\system32\javaw.exe
2010-08-20 03:55:24 ----A---- C:\WINDOWS\system32\java.exe
2010-08-11 04:42:15 ----D---- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Blizzard Entertainment
2010-08-11 04:41:24 ----D---- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Blizzard
2010-08-11 04:39:16 ----D---- C:\Programme\World of Warcraft Trial

======List of files/folders modified in the last 1 months======

2010-09-07 17:13:46 ----RSH---- C:\boot.ini
2010-09-07 17:13:46 ----A---- C:\WINDOWS\win.ini
2010-09-07 17:13:46 ----A---- C:\WINDOWS\system.ini
2010-09-06 22:19:28 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2010-09-02 20:29:54 ----A---- C:\WINDOWS\Brownie.ini
2010-09-01 04:07:14 ----A---- C:\WINDOWS\imsins.BAK

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 amdide;amdide; C:\WINDOWS\system32\DRIVERS\amdide.sys [2007-10-12 9096]
R0 AVG Anti-Rootkit;AVG Anti-Rootkit; C:\WINDOWS\System32\DRIVERS\avgarkt.sys [2007-01-31 5632]
R0 ohci1394;VIA OHCI-konformer IEEE 1394-Hostcontroller; C:\WINDOWS\system32\DRIVERS\ohci1394.sys [2008-04-13 61696]
R0 PxHelp20;PxHelp20; C:\WINDOWS\System32\Drivers\PxHelp20.sys [2009-04-28 44944]
R0 sfvfs02;StarForce Protection VFS Driver (version 2.x); C:\WINDOWS\System32\drivers\sfvfs02.sys [2005-11-03 63488]
R0 SI3112r;ATI-437A Serial ATA Controller; C:\WINDOWS\system32\DRIVERS\SI3112r.sys [2005-06-01 97920]
R0 SiFilter;SATALink driver accelerator; C:\WINDOWS\system32\DRIVERS\SiWinAcc.sys [2005-06-01 10240]
R0 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys [2009-06-15 717296]
R0 SymDS;Symantec Data Store; C:\WINDOWS\system32\drivers\N360\0402000.00C\SYMDS.SYS [2009-10-15 328752]
R0 SymEFA;Symantec Extended File Attributes; C:\WINDOWS\system32\drivers\N360\0402000.00C\SYMEFA.SYS [2010-04-22 173104]
R0 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2009-07-13 91904]
R1 AmdK8;AMD-Prozessortreiber; C:\WINDOWS\system32\DRIVERS\AmdK8.sys [2006-07-01 43520]
R1 AvgArCln;Avg Anti-Rootkit Clean Driver; C:\WINDOWS\System32\DRIVERS\AvgArCln.sys [2007-01-18 3968]
R1 avgio;avgio; \??\C:\Programme\Avira\AntiVir Desktop\avgio.sys []
R1 avipbb;avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [2009-03-30 96104]
R1 BHDrvx86;BHDrvx86; \??\C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\Definitions\BASHDefs\20100810.004\BHDrvx86.sys []
R1 ccHP;Symantec Hash Provider; C:\WINDOWS\system32\drivers\N360\0402000.00C\ccHPx86.sys [2010-02-26 501888]
R1 eeCtrl;Symantec Eraser Control driver; \??\C:\Programme\Gemeinsame Dateien\Symantec Shared\EENGINE\eeCtrl.sys []
R1 kbdhid;Tastatur-HID-Treiber; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14720]
R1 SRTSPX;Symantec Real Time Storage Protection (PEL); C:\WINDOWS\system32\drivers\N360\0402000.00C\SRTSPX.SYS [2010-04-22 43696]
R1 SymIRON;Symantec Iron Driver; C:\WINDOWS\system32\drivers\N360\0402000.00C\Ironx86.SYS [2010-04-29 116784]
R1 UBHelper;UBHelper; C:\WINDOWS\system32\drivers\UBHelper.sys [2004-12-17 13952]
R1 WS2IFSL;Windows Socket 2.0 Non-IFS-Dienstanbieter-Unterstützungsumgebung; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2004-08-04 12032]
R2 atksgt;atksgt; C:\WINDOWS\system32\DRIVERS\atksgt.sys [2007-03-09 271360]
R2 avgntflt;avgntflt; C:\WINDOWS\system32\DRIVERS\avgntflt.sys [2009-11-25 56816]
R2 BrPar;BrPar; C:\WINDOWS\System32\drivers\BrPar.sys [2000-07-24 19537]
R2 lirsgt;lirsgt; C:\WINDOWS\system32\DRIVERS\lirsgt.sys [2006-06-10 18048]
R3 Afc;PPdus ASPI Shell; C:\WINDOWS\system32\drivers\Afc.sys [2005-02-23 11776]
R3 Arp1394;1394-ARP-Clientprotokoll; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-13 60800]
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2009-02-04 3488768]
R3 AtiHdmiService;ATI Function Driver for HDMI Service; C:\WINDOWS\system32\drivers\AtiHdmi.sys [2008-10-31 93184]
R3 AVerA700;A700 service; C:\WINDOWS\system32\DRIVERS\AVerBDA3x.sys [2006-05-05 985472]
R3 BthEnum;Bluetooth-Auflistungsdienst; C:\WINDOWS\system32\DRIVERS\BthEnum.sys [2008-04-13 17024]
R3 BTHMODEM;Bluetooth-Modemkommunikationstreiber; C:\WINDOWS\system32\DRIVERS\bthmodem.sys [2008-04-13 37888]
R3 BthPan;Bluetooth-Gerät (PAN); C:\WINDOWS\system32\DRIVERS\bthpan.sys [2008-04-13 101120]
R3 BTHUSB;USB-Treiber für Bluetooth-Funkgerät; C:\WINDOWS\System32\Drivers\BTHUSB.sys [2008-04-13 18944]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys [2009-05-19 26600]
R3 HDAudBus;Microsoft UAA-Bustreiber für High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 HidBth;Microsoft Bluetooth-HID-Miniport; C:\WINDOWS\system32\DRIVERS\hidbth.sys [2008-04-14 25856]
R3 hidusb;Microsoft HID Class-Treiber; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 IDSxpx86;IDSxpx86; \??\C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\Definitions\IPSDefs\20100906.001\IDSxpx86.sys []
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2005-07-01 3134976]
R3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\WINDOWS\system32\drivers\mbamswissarmy.sys []
R3 mouhid;Maus-HID-Treiber; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-18 12288]
R3 NAVENG;NAVENG; \??\C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\Definitions\VirusDefs\20100906.024\NAVENG.SYS []
R3 NAVEX15;NAVEX15; \??\C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\Definitions\VirusDefs\20100906.024\NAVEX15.SYS []
R3 NIC1394;1394-Netzwerktreiber; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-13 61824]
R3 NTIDrvr;Upper Class Filter Driver; C:\WINDOWS\system32\DRIVERS\NTIDrvr.sys [2005-10-22 6144]
R3 NuidFltr;NUID filter driver; C:\WINDOWS\system32\DRIVERS\NuidFltr.sys [2009-05-09 14736]
R3 pfc;Padus ASPI Shell; C:\WINDOWS\system32\drivers\pfc.sys [2003-09-19 21248]
R3 Point32;Microsoft IntelliPoint Filter Driver; C:\WINDOWS\system32\DRIVERS\point32.sys [2008-12-04 27784]
R3 RFCOMM;Bluetooth-Gerät (RFCOMM-Protokoll-TDI); C:\WINDOWS\system32\DRIVERS\rfcomm.sys [2008-04-13 59136]
R3 SaiMini;SaiMini; C:\WINDOWS\system32\DRIVERS\SaiMini.sys [2004-01-28 15232]
R3 SaiNtBus;SaiNtBus; C:\WINDOWS\system32\drivers\SaiNtBus.sys [2004-01-28 26624]
R3 sftfs;sftfs; \??\C:\Programme\Microsoft Application Virtualization Client\drivers\sftfsXP.sys []
R3 sftplay;sftplay; \??\C:\Programme\Microsoft Application Virtualization Client\drivers\sftplayXP.sys []
R3 Sftredir;Sftredir; C:\WINDOWS\system32\DRIVERS\Sftredirxp.sys [2009-09-23 21864]
R3 sftvol;sftvol; \??\C:\Programme\Microsoft Application Virtualization Client\drivers\sftvolXP.sys []
R3 SRTSP;Symantec Real Time Storage Protection; C:\WINDOWS\system32\drivers\N360\0400000.07F\SRTSP.SYS [2009-12-03 325168]
R3 SymEvent;SymEvent; \??\C:\WINDOWS\system32\Drivers\SYMEVENT.SYS []
R3 SYMTDI;Symantec Network Dispatch Driver; C:\WINDOWS\system32\drivers\N360\0400000.07F\SYMTDI.SYS [2009-11-22 362032]
R3 Wdf01000;Wdf01000; C:\WINDOWS\system32\DRIVERS\Wdf01000.sys [2009-07-14 444136]
R3 yukonwxp;NDIS5.1 Miniport Driver for Marvell Yukon Ethernet Controller; C:\WINDOWS\system32\DRIVERS\yk51x86.sys [2005-07-01 230272]
S0 gagp30kx;Microsoft Allgemeiner AGPv3.0-Filter für K8-Prozessorplattformen; C:\WINDOWS\system32\DRIVERS\gagp30kx.sys [2008-04-13 46464]
S0 viaagp1;VIA AGP Filter; C:\WINDOWS\system32\DRIVERS\viaagp1.sys [2003-07-02 27904]
S2 int15.sys;int15.sys; \??\C:\Programme\Acer\eRecovery\int15.sys []
S3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [2005-06-08 2319680]
S3 BTHPORT;Bluetooth-Porttreiber; C:\WINDOWS\System32\Drivers\BTHport.sys [2008-06-14 273024]
S3 CCDECODE;Untertiteldecoder; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 DMSKSSRh;DMSKSSRh; \??\C:\DOKUME~1\Ich\LOKALE~1\Temp\DMSKSSRh.sys []
S3 ENTECH;ENTECH; \??\C:\WINDOWS\system32\DRIVERS\ENTECH.sys []
S3 EraserUtilDrv11010;EraserUtilDrv11010; \??\C:\Programme\Gemeinsame Dateien\Symantec Shared\EENGINE\EraserUtilDrv11010.sys []
S3 HdAudAddService;Microsoft UAA Function Driver for High Definition Audio Service; C:\WINDOWS\system32\drivers\HdAudio.sys [2005-01-07 145920]
S3 MIINPazX;MIINPazX NDIS Protocol Driver; \??\C:\PROGRA~1\GEMEIN~1\MARMIK~1\MInfraIS\MIINPazX.SYS []
S3 MPE;BDA MPE-Filter; C:\WINDOWS\system32\DRIVERS\MPE.sys [2008-04-13 15232]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink-Konvertierung; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 MTOnlPktAlyX;MTOnlPktAlyX NDIS Protocol Driver; \??\D:\PROGRA~1\T-Online\T-ONLI~1\BASIS-~1\Basis1\MTOnlPktAlyX.SYS []
S3 NABTSFEC;NABTS/FEC VBI-Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Microsoft TV-/Videoverbindung; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 nm;Netzwerkmonitortreiber; C:\WINDOWS\system32\DRIVERS\NMnt.sys [2008-04-13 40320]
S3 nmwcd;Nokia USB Phone Parent; C:\WINDOWS\system32\drivers\ccdcmb.sys [2010-02-26 18176]
S3 ovt530;TM507A USB Camera; C:\WINDOWS\System32\Drivers\ov530vid.sys [2005-03-15 161792]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816]
S3 RTL8023xp;Realtek 10/100/1000 NIC Family all in one NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtlnicxp.sys [2005-03-04 74496]
S3 rtl8139;NT-Treiber für Realtek RTL8139(A/B/C)-basierten PCI-Fast Ethernet-Adapter; C:\WINDOWS\system32\DRIVERS\RTL8139.SYS [2004-08-03 20992]
S3 SaiH0464;SaiH0464; C:\WINDOWS\system32\DRIVERS\SaiH0464.sys [2004-01-30 55808]
S3 SANDRA;SANDRA; \??\D:\Programme\SiSoftware\SiSoftware Sandra Lite 2009.SP3c\WNt500x86\Sandra.sys []
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 ssmdrv;ssmdrv; C:\WINDOWS\system32\DRIVERS\ssmdrv.sys [2009-05-11 28520]
S3 streamip;BDA-IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 ultradfg;ultradfg; C:\WINDOWS\System32\DRIVERS\ultradfg.sys []
S3 upperdev;upperdev; C:\WINDOWS\system32\DRIVERS\usbser_lowerflt.sys []
S3 USBAAPL;Apple Mobile USB Driver; C:\WINDOWS\System32\Drivers\usbaapl.sys [2009-08-28 40448]
S3 usbaudio;USB-Audiotreiber (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2008-04-13 60032]
S3 usbccgp;Microsoft Standard-USB-Haupttreiber; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2004-08-04 31616]
S3 usbprint;Microsoft USB-Druckerklasse; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 usbscan;USB-Scannertreiber; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 USBSTOR;USB-Massenspeichertreiber; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 usbuhci;Miniporttreiber für universellen Microsoft USB-Hostcontroller; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
S3 usbvideo;USB-Videogerät (WDM); C:\WINDOWS\System32\Drivers\usbvideo.sys [2008-04-13 121984]
S3 WpdUsb;WpdUsb; C:\WINDOWS\System32\Drivers\wpdusb.sys [2006-10-18 38528]
S3 WSTCODEC;World Standard Teletext-Codec; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2009-07-13 132224]
S4 mchInjDrv;mchInjDrv; \??\C:\WINDOWS\TEMP\mc21.tmp []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AntiVirSchedulerService;Avira AntiVir Planer; C:\Programme\Avira\AntiVir Desktop\sched.exe [2009-05-13 108289]
R2 AntiVirService;Avira AntiVir Guard; C:\Programme\Avira\AntiVir Desktop\avguard.exe [2009-07-21 185089]
R2 Apple Mobile Device;Apple Mobile Device; C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2009-08-28 144672]
R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2009-02-04 602112]
R2 Bonjour Service;Bonjour-Dienst; C:\Programme\Bonjour\mDNSResponder.exe [2008-12-12 238888]
R2 BthServ;Bluetooth Support Service; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R2 cvhsvc;Client Virtualization Handler; C:\Programme\Gemeinsame Dateien\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2009-09-26 819600]
R2 JavaQuickStarterService;Java Quick Starter; C:\Programme\Java\jre6\bin\jqs.exe [2010-07-17 153376]
R2 LexBceS;LexBce Server; C:\WINDOWS\system32\LEXBCES.EXE [2002-02-14 299008]
R2 N360;Norton 360; C:\Programme\Norton 360\Engine\4.2.0.12\ccSvcHst.exe [2010-02-26 126392]
R2 sftlist;Application Virtualization Client; C:\Programme\Microsoft Application Virtualization Client\sftlist.exe [2009-09-23 447832]
R2 TUWinStylerThemeSvc;TuneUp WinStyler Theme Service; C:\Programme\TuneUp WinStyler\WinStylerThemeSvc.exe [2004-05-04 117760]
R2 UserAccess7;SecuROM User Access Service (V7); C:\WINDOWS\system32\UAService7.exe [2006-03-11 221184]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R3 sftvsa;Application Virtualization Service Agent; C:\Programme\Microsoft Application Virtualization Client\sftvsa.exe [2009-09-23 203608]
S2 ATI Smart;ATI Smart; C:\WINDOWS\system32\ati2sgag.exe [2009-02-03 593920]
S2 Fax;Fax; C:\WINDOWS\system32\fxssvc.exe [2008-04-14 268800]
S2 ICQ Service;ICQ Service; C:\Programme\ICQ6Toolbar\ICQ Service.exe [2010-01-03 246520]
S3 aspnet_state;ASP.NET-Zustandsdienst; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 gusvc;Google Updater Service; C:\Programme\Google\Common\Google Updater\GoogleUpdaterService.exe [2007-02-02 138168]
S3 IDriverT;InstallDriver Table Manager; C:\Programme\Gemeinsame Dateien\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 ose;Office  Source Engine; C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE [2009-09-26 149336]
S3 osppsvc;Office Software Protection Platform; C:\Programme\Gemeinsame Dateien\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2009-09-26 4639136]
S3 SandraAgentSrv;SiSoftware Deployment Agent Service; D:\Programme\SiSoftware\SiSoftware Sandra Lite 2009.SP3c\RpcAgentSrv.exe [2009-05-17 98488]
S3 ServiceLayer;ServiceLayer; C:\Programme\PC Connectivity Solution\ServiceLayer.exe [2010-06-14 615936]
S3 usnjsvc;Messenger USN Journal Reader-Service für freigegebene Ordner; C:\Programme\MSN Messenger\usnsvc.exe [2007-01-19 97136]
S3 WMPNetworkSvc;Windows Media Player-Netzwerkfreigabedienst; C:\Programme\Windows Media Player\WMPNetwk.exe [2006-11-03 920576]
S4 NetTcpPortSharing;Net.Tcp-Portfreigabedienst; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------
--- --- ---

john.doe 07.09.2010 20:26
Zitat:
D:\Programme\WideStep Software\Free Quick Keylogger
Freiwillig installiert? Du weißt, was ein Keylogger macht?

ciao, andreas

.Anti. 07.09.2010 20:38
Ja ich weiß, was ein Keylogger ist und nein, nicht freiwillig installiert... bin ja nicht blöd :kloppen:

Ist der noch drauf, oder bereits gelöscht?

john.doe 07.09.2010 20:54
Er befindet sich noch in deiner Softwareliste.
Zitat:
"Free Quick Keylogger" = Free Quick Keylogger
Und die Starteinträge sind auch noch zu sehen.
Zitat:
O4 - HKLM..\Run: [Free Quick Keylogger] D:\Programme\WideStep Software\Free Quick Keylogger\qpanel.exe
Ich habe mir gerade die Beschreibung für den Keylogger durchgelesen. :wtf:

a) Alle deine Tasteneingaben wurden protokolliert. Damit sind auch alle deine Kennwörter bekannt.
b) Alle eingehenden und ausgehenden Emails, sowie Instant Messenger wurden protokolliert.
c) Alle User, die an dem Rechner gearbeitet haben, wurden überwacht.

Möchtest du überhaupt noch weitermachen oder wählst du lieber den schnelleren Weg => http://www.trojaner-board.de/51262-a...sicherung.html

ciao, andreas

.Anti. 07.09.2010 21:02
Also im Arbeitsplatz finde ich den nicht mehr.
Norton 360 hat den glaube ich auch gelöscht, hier der Bericht:

Zitat:
Scanstatistik:
Scanzeit: 6805 Sekunden
Scanoptionen:
Scanziele: C:\, D:\, E:\
Zähler:
Gescannte Elemente insgesamt: 668.806
– Dateien und Laufwerke: 658.901
– Registrierungseinträge: 597
– Prozesse und Elemente beim Start: 4.731
– Netzwerk und Browser-Elemente: 4.570
– Sonstiges: 5
– Vertrauenswürdige Dateien: 0
– Übersprungene Dateien: 24

Erkannte Sicherheitsrisiken insgesamt: 2
Behobene Elemente insgesamt: 2
Elemente insgesamt, die Aufmerksamkeit erfordern: 0

Behobene Bedrohungen:
Spyware.QuickKeylogger
Typ: Anomalie
Risiko: Hoch (Hoch Verbergen, Hoch Entfernen, Gering Leistung, Hoch Datenschutz)
Kategorien: Spyware
Status: Vollständig behoben
-----------
3 Registrierungseinträge
HKEY_LOCAL_MACHINE\SOFTWARE\Free Quick Keylogger - Gelöscht
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Free Quick Keylogger - Gelöscht
HKEY_USERS\S-1-5-21-3598312876-1066895871-4027723870-1007\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\Free Quick Keylogger - Gelöscht


Suspicious.Lop.2
Typ: Anomalie
Risiko: Hoch (Hoch Verbergen, Hoch Entfernen, Hoch Leistung, Hoch Datenschutz)
Kategorien: Heuristikvirus
Status: Vollständig behoben
-----------
1 Datei
d:\programme\lucasarts\star wars battlefront ii pc server\swbf2sm.exe - Gelöscht
1 Browser-Cache





Nicht behobene Bedrohungen:
Keine nicht behobenen Risiken

john.doe 07.09.2010 21:11
Mag sein, aber den nicht:
Zitat:
DMSKSSRh;DMSKSSRh; \??\C:\DOKUME~1\Ich\LOKALE~1\Temp\DMSKSSRh.sys []
Und den nicht:
Zitat:
S4 mchInjDrv;mchInjDrv; \??\C:\WINDOWS\TEMP\mc21.tmp []
Es finden sich zuviele Hinweise auf Befall. Also überlege dir nochmal, ob du weiter bereinigen möchtest. Als nächstes käme ComboFix zum Einsatz.

ciao, andreas

.Anti. 07.09.2010 21:15
Also, hab mich grad über Combofix schlau gemacht...

In meinen Augen ist das kein Nachteil, es sei denn ich hatte die falsche Quelle...


Oder gibt's dabei irgendwelche Risiken? Schlimmer als neu aufsetzen kann's ja eig nicht werden...

john.doe 07.09.2010 21:26
Warte bis Malwarebytes durchgelaufen ist und poste das Log. Dann:

Solltest du noch irgendetwas mit dem Computer verbinden, wie Memorysticks, Speicherkarten, Digitalkameras, Handy, externe Laufwerke, ... dann stecke vor dem Scan alles an.

ComboFix

Ein Leitfaden und Tutorium zur Nutzung von ComboFix
  • Lade dir ComboFix hier herunter auf deinen Desktop. Benenne es beim Runterladen um in cofi.exe.
http://saved.im/mtm0nzyzmzd5/cofi.jpg
  • Schliesse alle Programme, vor allem dein Antivirenprogramm und andere Hintergrundwächter sowie deinen Internetbrowser.
  • Starte cofi.exe von deinem Desktop aus, bestätige die Warnmeldungen, führe die Updates durch (falls vorgeschlagen), installiere die Wiederherstellungskonsole (falls vorgeschlagen) und lass dein System durchsuchen.
    Vermeide es auch während Combofix läuft die Maus und Tastatur zu benutzen.
  • Im Anschluss öffnet sich automatisch eine combofix.txt, diesen Inhalt bitte kopieren ([Strg]a, [Strg]c) und in deinen Beitrag einfügen ([Strg]v). Die Datei findest du außerdem unter: C:\ComboFix.txt.
Wichtiger Hinweis:
Combofix darf ausschließlich ausgeführt werden, wenn ein Kompetenzler dies ausdrücklich empfohlen hat!
Es sollte nie auf eigene Initiative hin ausgeführt werden! Eine falsche Benutzung kann ernsthafte Computerprobleme nach sich ziehen und eine Bereinigung der Infektion noch erschweren.
ciao, andreas

Edit:
Zitat:
Schlimmer als neu aufsetzen kann's ja eig nicht werden...
Es dauert einfach länger.

.Anti. 07.09.2010 21:42
Der Scan läuft jetzt seit 2h...

Um 23Uhr werde ich abbrechen, falls er dann noch nicht fertig ist.

Lasse dann über Nacht Handy und USB-Stick angeschlossen und den Scan durchlaufen. Das Ergebnis stelle ich dann morgen früh (wenns fertig ist) hier rein.

MfG und nochmals vielen Dank für deine Hilfe :)

PS: Combofix und CCleaner kann ich schon installieren, nehme ich an?

john.doe 07.09.2010 21:48
Zitat:
Combofix und CCleaner kann ich schon installieren, nehme ich an?
Ja.
Zitat:
Lasse dann über Nacht Handy und USB-Stick angeschlossen und den Scan durchlaufen.
ComboFix ist schnell, maximal 20 Minuten.

Als nächstes werden wir deinstallieren, damit die Scanner, die noch zum Einsatz kommen, schneller durch sind. Du hast da ca. 10 verschiedene Javaversionen installiert. :heulen:

ciao, andreas

.Anti. 07.09.2010 21:52
Derzeit läuft noch der Maleware Scan, oder verzichten wir auf den?

Der läuft bei mir mittlerweile 2:50h...


Soll ich Java einfach einmal deinstallieren und neu draufmachen oder bleiben dann Reste drauf?

john.doe 07.09.2010 22:06
Zitat:
Der läuft bei mir mittlerweile 2:50h...
Ich habe hier schon Logs mit 26h gesehen. :)

Da ist soviel Müll auf dem Rechner, das mich wundert, dass er überhaupt noch läuft.
Zitat:
Soll ich Java einfach einmal deinstallieren und neu draufmachen oder bleiben dann Reste drauf?
Wenn du es sauber haben möchtest, deinstalliere alle, entferne die Reste mit JavaRa und installiere die aktuelle.

ciao, andreas

.Anti. 07.09.2010 22:15
Hmm, wenn man vom Teufel spricht:

Zitat:
Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Datenbank Version: 4557

Windows 5.1.2600 Service Pack 3
Internet Explorer 7.0.5730.11

07.09.2010 23:13:12
mbam-log-2010-09-07 (23-13-12).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|E:\|Q:\|)
Durchsuchte Objekte: 334811
Laufzeit: 2 Stunde(n), 45 Minute(n), 51 Sekunde(n)

Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 0
Infizierte Registrierungswerte: 0
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 0
Infizierte Dateien: 2

Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte:
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)

Infizierte Dateien:
C:\WINDOWS\wintybrd.png (Malware.Trace) -> Quarantined and deleted successfully.
C:\WINDOWS\wintybrdf.jpg (Malware.Trace) -> Quarantined and deleted successfully.
CCleaner ist auch schon durch, werde jetzt noch den Combofix-Scan machen.
Dann muss ich aber auch erstmal weg, muss morgen früh hoch :S

.Anti. 07.09.2010 23:33
Sry, dass es so lang gedauert hat, aber der hat fast eine Stunde für die Logs gebraucht:
[QUOTE]





Combofix Logfile:
Code:
ComboFix 10-09-07.01 - Ich 07.09.2010  23:27:27.1.2 - FAT32x86
Microsoft Windows XP Home Edition  5.1.2600.3.1252.49.1031.18.1534.1025 [GMT 2:00]
ausgeführt von:: c:\dokumente und einstellungen\Ich\Desktop\cofi.exe
AV: AntiVir Desktop *On-access scanning enabled* (Updated) {AD166499-45F9-482A-A743-FDD3350758C7}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning disabled* (Updated) {81C58DDC-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning disabled* (Updated) {81C9D65C-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning disabled* (Updated) {81CB2DDC-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning disabled* (Updated) {81CCC5C4-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning disabled* (Updated) {FF792804-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning disabled* (Updated) {FFBC2BDC-FFA4-0117-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Outdated) {00000000-0000-0000-0000-000000000000}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Outdated) {7C920732-0013-0000-180A-960000009600}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {00000246-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81BA13DC-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81BAAA1C-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81BAE65C-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81BB1BC4-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81BB4A1C-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81BB7DDC-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81BC5DDC-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81BFF054-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81C10984-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81C1752C-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81C1E5DC-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81C1FA1C-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81C20C0C-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81C35DDC-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81C37A44-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81C4A83C-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81C4BDDC-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81C4D684-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81C52054-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81C57554-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81C579AC-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81C5D984-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81C67BFC-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81C6B054-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81C6B65C-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81C6E70C-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81C7147C-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81C728BC-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81C75AC4-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81C83A1C-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81C89BFC-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81C8CBD4-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81C8DA1C-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81C8DB5C-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81C8E3E4-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81C90B64-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81C90DDC-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81C91A1C-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81C92A1C-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81C9347C-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81C95A2C-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81C974C4-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81C9783C-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81C9947C-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81C9BA1C-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81C9C27C-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81C9C394-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81C9CB64-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81C9CDDC-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81C9D7BC-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81C9E324-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81C9E34C-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81C9F83C-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CA0A94-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CA1054-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CA13F4-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CA15DC-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CA229C-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CA265C-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CA2A1C-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CA33F4-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CA3BFC-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CA4054-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CA668C-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CA7054-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CA72EC-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CA76FC-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CA7754-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CA7D0C-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CA7DDC-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CA8544-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CA9894-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CAA48C-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CAA4CC-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CAA65C-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CAA83C-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CAA844-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CAAC2C-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CAB83C-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CABDDC-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CACA3C-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CACDAC-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CAD79C-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CADC0C-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CAE3B4-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CAE92C-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CAEBF4-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CAF054-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CAF9A4-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CAFD44-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CB0ABC-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CB157C-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CB1664-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CB1BFC-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CB2254-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CB27CC-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CB2984-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CB2AE4-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CB2C14-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CB2CA4-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CB34A4-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CB34F4-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CB3DDC-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CB4BEC-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CB4BFC-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CB4C24-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CB5054-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CB580C-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CB5DDC-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CB6A1C-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CB72F4-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CB774C-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CB7BF4-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CB7DDC-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CB848C-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CB8D8C-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CB9A1C-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CB9DDC-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CBA2AC-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CBA72C-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CBADDC-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CBB83C-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CBBB64-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CBBDDC-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CBC5C4-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CBC83C-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CBCBFC-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CBCDDC-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CBD564-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CBD874-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CBDBFC-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CBDC74-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CBDDDC-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CBE67C-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CBE83C-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CBEB54-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CBF65C-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CBFA1C-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CBFDDC-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CC08E4-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CC0B14-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CC0DDC-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CC1854-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CC1A64-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CC1BFC-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CC1DDC-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CC365C-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CC3C04-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CC45C4-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CC483C-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CC485C-FFA4-0117-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CC4BFC-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CC5DDC-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CC6054-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CC64CC-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CC66EC-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CC6BFC-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CC6DDC-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CC747C-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CC783C-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CC7B64-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CC7BFC-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CC884C-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CC8DDC-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CC947C-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CC9BFC-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CC9DDC-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CCA47C-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CCA484-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CCA65C-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CCA7D4-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CCA84C-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CCBB64-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CCC47C-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CCC85C-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CCD484-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CCDDDC-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CCE7CC-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CCE83C-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CCEA1C-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CCF47C-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CCF65C-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CCFA1C-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CCFA34-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CCFBFC-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CD0574-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CD05AC-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CD0DDC-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CD240C-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CD266C-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CD2A1C-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CD2A24-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CD3664-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CD43E4-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CD447C-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CD4494-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CD4A1C-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CD4A34-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CD4AF4-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CD55D4-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CD58D4-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CD5DDC-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CD6C04-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CD6DDC-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CD7534-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CD75E4-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CD7DDC-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CD8664-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CD883C-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CD8A1C-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CD8BFC-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CD9944-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CD9A8C-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CD9DDC-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CDA3E4-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CDA49C-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CDA864-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CDABFC-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CDAC0C-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CDB47C-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CDB99C-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CDBDDC-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CDC664-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CDC87C-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CDC97C-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CDCBBC-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CDCBFC-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CDD65C-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CDD7A4-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CDDBFC-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CDEA24-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CDEDDC-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CDF404-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CDF684-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CDF7AC-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CE0DDC-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CE1784-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CE1B64-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CE1C34-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CE2344-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CE2A3C-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CE3A34-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CE4C04-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CE6494-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CE6A1C-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CE7A64-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CE7DDC-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CE8DDC-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CEA86C-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CEB5C4-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CEB864-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CECAD4-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CEEBFC-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CEEDDC-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CFAA1C-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CFB7B4-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CFBD1C-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CFC054-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81D0165C-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81D017BC-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81D047A4-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81D06844-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81D0C484-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81D0D054-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81D0DBFC-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81D0E67C-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81D11DDC-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81D12A1C-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81D14DDC-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81D17DDC-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81D1C7BC-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81D1FDDC-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81D20A1C-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81D236EC-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81D26844-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81D2A694-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81D2DB04-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81D2EB64-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81D37A9C-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81D3BDDC-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81D47DDC-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81D4BC0C-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81D4E3E4-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81D545AC-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81D619BC-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81D79A1C-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81D8ADDC-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81D9570C-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81DB96DC-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81DCFDDC-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {823A3664-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {823C63E4-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {823C7AB4-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {823C85CC-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {823D1B5C-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {82622694-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8285C43C-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8286643C-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {BADB0D00-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {FDC609D4-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {FF59096C-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {FF68F054-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {FFBC3DDC-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {FFDFF540-FFA4-0105-0D24-347CA8A3377C}
AV: Kaspersky Anti-Virus *On-access scanning enabled* (Updated) {2C4D4BC6-0793-4956-A9F9-E252435469C0}
AV: Norton 360 *On-access scanning enabled* (Updated) {E10A9785-9598-4754-B552-92431C1C35F8}
FW: Norton 360 *enabled* {7C21A4C9-F61F-4AC4-B722-A6E19C16F220}
.

((((((((((((((((((((((((((((((((((((  Weitere Löschungen  ))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\windows\jestertb.dll
c:\windows\mdll.dl
c:\windows\system32\_000006_.tmp.dll
c:\windows\system32\autorun.ini
c:\windows\system32\Ijl11.dll

.
(((((((((((((((((((((((((((((((((((((((  Treiber/Dienste  )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Service_usnjsvc


(((((((((((((((((((((((  Dateien erstellt von 2010-08-07 bis 2010-09-07  ))))))))))))))))))))))))))))))
.

2010-09-07 19:12 . 2010-09-07 19:12        --------        d-----w-        c:\programme\trend micro
2010-09-07 19:11 . 2010-09-07 19:11        --------        d-----w-        C:\rsit
2010-09-07 15:06 . 2010-09-07 15:06        --------        d-----w-        c:\windows\system32\Adobe
2010-09-07 15:00 . 2009-05-18 22:17        26600        ----a-r-        c:\windows\system32\drivers\GEARAspiWDM.sys
2010-09-07 15:00 . 2008-04-17 21:12        107368        ----a-r-        c:\windows\system32\GEARAspi.dll
2010-09-07 15:00 . 2010-09-07 15:00        60808        ----a-w-        c:\windows\system32\S32EVNT1.DLL
2010-09-07 15:00 . 2010-09-07 15:00        124976        ----a-w-        c:\windows\system32\drivers\SYMEVENT.SYS
2010-09-07 15:00 . 2010-09-07 15:00        --------        d-----w-        c:\programme\Symantec
2010-09-07 15:00 . 2010-09-07 15:00        --------        d-----w-        c:\programme\Gemeinsame Dateien\Symantec Shared
2010-09-07 14:59 . 2010-09-07 14:59        --------        d-----w-        c:\windows\system32\drivers\N360
2010-09-07 14:59 . 2010-09-07 14:59        --------        d-----w-        c:\programme\Windows Sidebar
2010-09-07 14:59 . 2010-09-07 14:59        --------        d-----w-        c:\programme\Norton 360
2010-09-07 14:59 . 2010-09-07 14:59        --------        d-----w-        c:\dokumente und einstellungen\All Users\Anwendungsdaten\Norton
2010-09-07 14:59 . 2010-09-07 14:59        --------        d-----w-        c:\programme\NortonInstaller
2010-09-07 14:56 . 2010-09-07 14:56        --------        d-----w-        c:\dokumente und einstellungen\All Users\Anwendungsdaten\NortonInstaller
2010-09-06 21:29 . 2010-09-06 21:29        --------        d-----w-        C:\_OTL
2010-09-06 20:16 . 2010-09-06 20:16        --------        d-----w-        c:\dokumente und einstellungen\Ich\Anwendungsdaten\Malwarebytes
2010-09-06 20:16 . 2010-04-29 13:39        38224        ----a-w-        c:\windows\system32\drivers\mbamswissarmy.sys
2010-09-06 20:16 . 2010-09-06 20:16        --------        d-----w-        c:\dokumente und einstellungen\All Users\Anwendungsdaten\Malwarebytes
2010-09-06 20:16 . 2010-04-29 13:39        20952        ----a-w-        c:\windows\system32\drivers\mbam.sys
2010-09-06 14:35 . 2010-09-06 14:35        --------        d-----w-        c:\dokumente und einstellungen\Ich\Anwendungsdaten\Mp3tag
2010-09-06 14:07 . 2010-09-06 14:07        --------        d-----w-        c:\dokumente und einstellungen\Ich\Anwendungsdaten\DVDVideoSoftIEHelpers
2010-09-02 18:30 . 2010-09-02 18:30        159072        ----a-w-        c:\dokumente und einstellungen\LocalService\Lokale Einstellungen\Anwendungsdaten\FontCache3.0.0.0.dat
2010-09-01 19:27 . 2010-09-01 19:27        --------        d-----w-        c:\dokumente und einstellungen\Ich\Anwendungsdaten\Nokia Ovi Suite
2010-09-01 02:05 . 2010-09-01 02:05        --------        d-----w-        c:\dokumente und einstellungen\Ich\Lokale Einstellungen\Anwendungsdaten\NokiaAccount
2010-09-01 01:50 . 2010-09-01 01:50        --------        d-----w-        c:\windows\Globalization
2010-09-01 01:50 . 2010-09-01 01:50        --------        d-----w-        c:\dokumente und einstellungen\All Users\Anwendungsdaten\NokiaMusic
2010-09-01 01:50 . 2010-09-01 01:50        --------        d-----w-        c:\dokumente und einstellungen\Ich\Lokale Einstellungen\Anwendungsdaten\Nokia
2010-09-01 01:44 . 2008-08-26 08:26        18816        ----a-w-        c:\windows\system32\drivers\pccsmcfd.sys
2010-09-01 01:44 . 2010-09-01 01:44        --------        d-----w-        c:\programme\PC Connectivity Solution
2010-09-01 01:43 . 2010-02-26 12:32        662016        ----a-w-        c:\windows\system32\nmwcdcocls.dll
2010-09-01 01:43 . 2010-02-26 12:32        18176        ----a-w-        c:\windows\system32\drivers\ccdcmb.sys
2010-09-01 01:43 . 2010-02-26 12:19        1461992        ----a-w-        c:\windows\system32\wdfcoinstaller01009.dll
2010-09-01 01:40 . 2010-09-01 01:40        --------        d-----w-        c:\dokumente und einstellungen\All Users\Anwendungsdaten\NokiaInstallerCache
2010-08-21 16:33 . 2010-08-21 16:33        --------        d-----w-        C:\FOUND.069
2010-08-11 02:42 . 2010-08-11 02:42        --------        d-----w-        c:\dokumente und einstellungen\All Users\Anwendungsdaten\Blizzard Entertainment
2010-08-11 02:41 . 2010-08-11 02:41        --------        d-----w-        c:\dokumente und einstellungen\All Users\Anwendungsdaten\Blizzard
2010-08-11 02:41 . 2010-08-11 02:41        --------        d-----w-        c:\dokumente und einstellungen\Ich\Lokale Einstellungen\Anwendungsdaten\Blizzard Entertainment
2010-08-11 02:39 . 2010-08-11 02:39        --------        d-----w-        c:\programme\World of Warcraft Trial

.
((((((((((((((((((((((((((((((((((((  Find3M Bericht  ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-09-07 21:35 . 2006-01-09 17:41        4661        ----a-w-        c:\windows\bthservsdp.dat
2010-09-07 15:00 . 2010-09-07 15:00        805        ----a-w-        c:\windows\system32\drivers\SYMEVENT.INF
2010-09-07 15:00 . 2010-09-07 15:00        7443        ----a-w-        c:\windows\system32\drivers\SYMEVENT.CAT
2010-09-06 20:19 . 2005-10-22 05:13        505354        ----a-w-        c:\windows\system32\perfh007.dat
2010-09-06 20:19 . 2005-10-22 05:13        104430        ----a-w-        c:\windows\system32\perfc007.dat
2010-09-02 18:40 . 2007-01-26 14:46        71688        ----a-w-        c:\dokumente und einstellungen\Ich\Lokale Einstellungen\Anwendungsdaten\GDIPFONTCACHEV1.DAT
2010-09-01 02:13 . 2010-09-01 02:13        0        ---ha-w-        c:\windows\system32\drivers\Msft_User_PCCSWpdDriver_01_09_00.Wdf
2010-09-01 02:12 . 2010-09-01 02:12        0        ---ha-w-        c:\windows\system32\drivers\MsftWdf_user_01_09_00.Wdf
2010-09-01 02:07 . 2010-09-01 02:07        0        ---ha-w-        c:\windows\system32\drivers\Msft_Kernel_ccdcmb_01009.Wdf
2010-09-01 02:07 . 2010-09-01 02:07        0        ---ha-w-        c:\windows\system32\drivers\MsftWdf_Kernel_01009_Coinstaller_Critical.Wdf
2010-07-31 17:49 . 2010-07-31 17:49        --------        d-----w-        c:\programme\Gemeinsame Dateien\Skype
2010-07-17 03:00 . 2010-04-25 20:54        423656        ----a-w-        c:\windows\system32\deployJava1.dll
2010-07-02 17:53 . 2010-07-02 17:53        17        ----a-w-        c:\windows\system32\shortcut_ex.dat
2007-05-31 17:43 . 2007-05-31 17:43        703258        ----a-w-        c:\programme\JUN2007_d3dx10_34_x64.cab
2007-05-31 17:43 . 2007-05-31 17:43        701218        ----a-w-        c:\programme\JUN2007_d3dx10_34_x86.cab
2007-05-31 17:43 . 2007-05-31 17:43        1611772        ----a-w-        c:\programme\JUN2007_d3dx9_34_x64.cab
2007-05-31 17:43 . 2007-05-31 17:43        200646        ----a-w-        c:\programme\JUN2007_XACT_x64.cab
2007-05-31 17:43 . 2007-05-31 17:43        1610203        ----a-w-        c:\programme\JUN2007_d3dx9_34_x86.cab
2007-05-31 17:43 . 2007-05-31 17:43        155892        ----a-w-        c:\programme\JUN2007_XACT_x86.cab
2007-05-31 17:43 . 2007-05-31 17:43        44687        ----a-w-        c:\programme\dxdllreg_x86.cab
.

((((((((((((((((((((((((((((  Autostartpunkte der Registrierung  ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{201f27d4-3704-41d6-89c1-aa35e39143ed}]
2008-08-26 08:32        279944        ----a-w-        c:\programme\AskBarDis\bar\bin\askBar.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{3041d03e-fd4b-44e0-b742-2d9b88305f98}"= "c:\programme\AskBarDis\bar\bin\askBar.dll" [2008-08-26 279944]

[HKEY_CLASSES_ROOT\clsid\{3041d03e-fd4b-44e0-b742-2d9b88305f98}]
[HKEY_CLASSES_ROOT\TypeLib\{4b1c1e16-6b34-430e-b074-5928eca4c150}]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"swg"="c:\programme\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-06-16 68856]
"Google Update"="c:\dokumente und einstellungen\Ich\Lokale Einstellungen\Anwendungsdaten\Google\Update\GoogleUpdate.exe" [2009-01-06 133104]
"Skype"="c:\programme\Skype\Phone\Skype.exe" [2010-05-13 26192168]
"Steam"="d:\programme\steam\steam.exe" [2010-09-02 1242448]
"ICQ"="d:\programme\ICQ7.0\ICQ.exe" [2010-08-22 133432]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"SWHelper"="c:\windows\system32\Macromed\Shockwave 10\PostUpdate.exe" [2009-12-07 53248]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"LaunchApp"="Alaunch" [X]
"IMJPMIG8.1"="c:\windows\IME\imjp8_1\IMJPMIG.EXE" [2004-08-04 208952]
"MSPY2002"="c:\windows\system32\IME\PINTLGNT\ImScInst.exe" [2004-08-04 59392]
"PHIME2002ASync"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2004-08-04 455168]
"PHIME2002A"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2004-08-04 455168]
"BluetoothAuthenticationAgent"="bthprops.cpl" [2008-04-14 110592]
"type32"="c:\programme\Microsoft IntelliType Pro\type32.exe" [2004-06-03 172032]
"ToADiMon.exe"="d:\programme\T-Online\T-Online_Software_6\Basis-Software\Basis1\ToADiMon.exe" [2005-06-27 278528]
"High Definition Audio Property Page Shortcut"="HDAShCut.exe" [2005-01-07 61952]
"RTHDCPL"="RTHDCPL.EXE" [2005-07-01 14477312]
"IntelliPoint"="c:\programme\Microsoft IntelliPoint\ipoint.exe" [2008-06-10 1406024]
"StartCCC"="c:\programme\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2009-02-03 61440]
"QuickTime Task"="d:\programme\QuickTime\QTTask.exe" [2009-11-10 417792]
"avgnt"="c:\programme\Avira\AntiVir Desktop\avgnt.exe" [2009-03-02 209153]
"SunJavaUpdateSched"="c:\programme\Gemeinsame Dateien\Java\Java Update\jusched.exe" [2010-05-14 248552]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
"InfoCockpit"="d:\programme\T-Online\T-Online_Software_6\Info-Cockpit\INFOCOCKPIT.EXE" [2005-11-29 847872]

c:\dokumente und einstellungen\Ich\Startmen\Programme\Zubeh”r\Autostart\
WKCALREM.LNK - c:\programme\Gemeinsame Dateien\Microsoft Shared\Works Shared\WkCalRem.exe [2004-7-12 15360]

c:\dokumente und einstellungen\All Users\Startmen\Programme\Autostart\
Microsoft Office.lnk - c:\programme\Microsoft Office\Office10\OSA.EXE [2001-2-13 83360]
Adobe Reader Speed Launch.lnk - c:\programme\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2008-4-23 29696]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
@="Service"

[HKLM\~\startupfolder\C:^Dokumente und Einstellungen^Ich^Startmenü^Programme^Zubehör^Autostart^Registration .LNK]
path=c:\dokumente und einstellungen\Ich\Startmenü\Programme\Zubehör\Autostart\Registration .LNK
backup=c:\windows\pss\Registration .LNKStartup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaMServer]
c:\programme\Gemeinsame Dateien\Nokia\MPlatform\NokiaMServer [X]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Malwarebytes Anti-Malware (reboot)]
2010-04-29 13:39        1090952        ----a-w-        d:\programme\Malwarebytes' Anti-Malware\mbam.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
2008-04-14 02:22        1695232        ------w-        c:\programme\Messenger\msmsgs.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaMusic FastStart]
2010-03-04 13:10        2192672        ----a-w-        c:\programme\Nokia\Ovi Player\NokiaOviPlayer.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ntiMUI]
2005-05-11 16:15        45056        ----a-w-        c:\programme\NewTech Infosystems\NTI CD & DVD-Maker 7\ntiMUI.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Profiler]
2004-01-28 07:19        159744        ----a-w-        c:\programme\Saitek\Software\Profiler.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl]
2004-07-14 23:07        32768        ----a-w-        c:\programme\CyberLink\PowerDVD\PDVDServ.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SaiSmart]
2004-01-28 07:19        98304        ----a-w-        c:\programme\Saitek\Software\SaiSmart.exe

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"d:\\Programme\\LucasArts\\Star Wars Battlefront II\\GameData\\BattlefrontII.exe"=
"c:\\WINDOWS\\System32\\LEXPPS.EXE"=
"c:\\WINDOWS\\System32\\dplaysvr.exe"=
"c:\\WINDOWS\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\WINDOWS\\system32\\sessmgr.exe"=
"d:\\Programme\\T-Online\\T-Online_Software_6\\Browser\\browser.exe"=
"c:\\Programme\\Messenger\\msmsgs.exe"=
"d:\\Programme\\Ubisoft\\Assassin's Creed\\AssassinsCreed_Dx9.exe"=
"d:\\Programme\\Ubisoft\\Assassin's Creed\\AssassinsCreed_Dx10.exe"=
"d:\\Programme\\Ubisoft\\Assassin's Creed\\AssassinsCreed_Launcher.exe"=
"c:\\Programme\\TeamViewer\\Version4\\TeamViewer.exe"=
"c:\\Programme\\Nokia\\Nokia Software Updater\\nsu_ui_client.exe"=
"c:\\Programme\\Java\\jre6\\bin\\java.exe"=
"d:\\Programme\\SiSoftware\\SiSoftware Sandra Lite 2009.SP3c\\RpcAgentSrv.exe"=
"d:\\Programme\\Counter-Strike 1.6\\hl.exe"=
"d:\\Programme\\Azureus\\Azureus.exe"=
"d:\\Programme\\LucasArts\\Star Wars Empire at War\\GameData\\sweaw.exe"=
"c:\\Programme\\Microsoft Games\\Rise Of Legends\\legends.exe"=
"d:\\Programme\\ICQ6.5\\ICQ.exe"=
"c:\\Programme\\Skype\\Plugin Manager\\skypePM.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"d:\\Programme\\SiSoftware\\SiSoftware Sandra Lite 2009.SP3c\\WNt500x86\\RpcSandraSrv.exe"=
"c:\\Programme\\TMbot\\TM.EXE"=
"c:\\Programme\\Bonjour\\mDNSResponder.exe"=
"d:\\Programme\\Anno 1701\\Anno1701.exe"=
"d:\\Programme\\ICQ7.0\\ICQ.exe"=
"d:\\Programme\\ICQ7.0\\aolload.exe"=
"d:\\Programme\\Steam\\Steam.exe"=
"c:\\Dokumente und Einstellungen\\Ich\\Desktop\\Counter-Strike Source\\hl2.exe"=
"d:\\Programme\\League of Legends\\Air\\LolClient.exe"=
"d:\\Programme\\League of Legends\\Game\\League of Legends.exe"=
"c:\\Programme\\Pando Networks\\Media Booster\\PMB.exe"=
"d:\\Programme\\Steam\\SteamApps\\weithoff007\\counter-strike source\\hl2.exe"=
"c:\\Programme\\MSN Messenger\\msnmsgr.exe"=
"c:\\Programme\\MSN Messenger\\livecall.exe"=
"c:\\Programme\\Skype\\Phone\\Skype.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3724:TCP"= 3724:TCP:Blizzard Downloader: 3724
"8394:TCP"= 8394:TCP:League of Legends Launcher
"8394:UDP"= 8394:UDP:League of Legends Launcher
"58096:TCP"= 58096:TCP:Pando Media Booster
"58096:UDP"= 58096:UDP:Pando Media Booster
"6965:TCP"= 6965:TCP:League of Legends Launcher
"6965:UDP"= 6965:UDP:League of Legends Launcher

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\IcmpSettings]
"AllowInboundEchoRequest"= 1 (0x1)

R3 DMSKSSRh;DMSKSSRh;c:\dokume~1\Ich\LOKALE~1\Temp\DMSKSSRh.sys [x]
R3 MIINPazX;MIINPazX NDIS Protocol Driver;c:\progra~1\GEMEIN~1\MARMIK~1\MInfraIS\MIINPazX.SYS [2006-05-22 17152]
R3 MTOnlPktAlyX;MTOnlPktAlyX NDIS Protocol Driver;d:\progra~1\T-Online\T-ONLI~1\BASIS-~1\Basis1\MTOnlPktAlyX.SYS [x]
R3 osppsvc;Office Software Protection Platform;c:\programme\Gemeinsame Dateien\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2009-09-26 4639136]
R3 ovt530;TM507A USB Camera;c:\windows\system32\Drivers\ov530vid.sys [2005-03-15 161792]
R3 SaiH0464;SaiH0464;c:\windows\system32\DRIVERS\SaiH0464.sys [2004-01-30 55808]
R3 SandraAgentSrv;SiSoftware Deployment Agent Service;d:\programme\SiSoftware\SiSoftware Sandra Lite 2009.SP3c\RpcAgentSrv.exe [2009-05-17 98488]
R3 ultradfg;ultradfg;c:\windows\system32\DRIVERS\ultradfg.sys [x]
R4 sptd;sptd;c:\windows\system32\Drivers\sptd.sys [2009-06-15 717296]
S0 SI3112r;ATI-437A Serial ATA Controller;c:\windows\system32\DRIVERS\SI3112r.sys [2005-06-01 97920]
S0 SymDS;Symantec Data Store;c:\windows\system32\drivers\N360\0402000.00C\SYMDS.SYS [2009-10-15 328752]
S0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\N360\0402000.00C\SYMEFA.SYS [2010-04-22 173104]
S1 BHDrvx86;BHDrvx86;c:\dokumente und einstellungen\All Users\Anwendungsdaten\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\Definitions\BASHDefs\20100810.004\BHDrvx86.sys [2010-08-09 692272]
S1 ccHP;Symantec Hash Provider;c:\windows\system32\drivers\N360\0402000.00C\ccHPx86.sys [2010-02-26 501888]
S1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\N360\0402000.00C\Ironx86.SYS [2010-04-29 116784]
S2 AntiVirSchedulerService;Avira AntiVir Planer;c:\programme\Avira\AntiVir Desktop\sched.exe [2009-05-13 108289]
S2 cvhsvc;Client Virtualization Handler;c:\programme\Gemeinsame Dateien\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2009-09-26 819600]
S2 ICQ Service;ICQ Service;c:\programme\ICQ6Toolbar\ICQ Service.exe [2010-01-03 246520]
S2 N360;Norton 360;c:\programme\Norton 360\Engine\4.2.0.12\ccSvcHst.exe [2010-02-26 126392]
S2 sftlist;Application Virtualization Client;c:\programme\Microsoft Application Virtualization Client\sftlist.exe [2009-09-23 447832]
S3 AVerA700;A700 service;c:\windows\system32\DRIVERS\AVerBDA3x.sys [2006-05-05 985472]
S3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\programme\Gemeinsame Dateien\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2010-09-07 102448]
S3 IDSxpx86;IDSxpx86;c:\dokumente und einstellungen\All Users\Anwendungsdaten\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\Definitions\IPSDefs\20100906.001\IDSxpx86.sys [2010-08-26 331640]
S3 sftfs;sftfs;c:\programme\Microsoft Application Virtualization Client\drivers\sftfsXP.sys [2009-09-23 543064]
S3 sftplay;sftplay;c:\programme\Microsoft Application Virtualization Client\drivers\sftplayXP.sys [2009-09-23 190312]
S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirxp.sys [2009-09-23 21864]
S3 sftvol;sftvol;c:\programme\Microsoft Application Virtualization Client\drivers\sftvolXP.sys [2009-09-23 14680]
S3 sftvsa;Application Virtualization Service Agent;c:\programme\Microsoft Application Virtualization Client\sftvsa.exe [2009-09-23 203608]


--- Andere Dienste/Treiber im Speicher ---

*Deregistered* - mchInjDrv
.
Inhalt des "geplante Tasks" Ordners

2009-04-08 c:\windows\Tasks\Microsoft_Hardware_Launch_IPoint_exe.job
- c:\programme\Microsoft IntelliPoint\ipoint.exe [2008-06-10 10:56]

2010-06-15 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3598312876-1066895871-4027723870-1007Core1cb0cc11dcdc67c.job
- c:\dokumente und einstellungen\Ich\Lokale Einstellungen\Anwendungsdaten\Google\Update\GoogleUpdate.exe [2009-01-06 12:14]
.
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = hxxp://fullarticles.net
uInternet Connection Wizard,ShellNext = iexplore
uInternet Settings,ProxyOverride = *.local
FF - ProfilePath - c:\dokumente und einstellungen\Ich\Anwendungsdaten\Mozilla\Firefox\Profiles\7wx31l7l.default\
FF - prefs.js: browser.startup.homepage - schueler.cc|travian.at|youtube.com
FF - component: c:\dokumente und einstellungen\All Users\Anwendungsdaten\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\coFFPlgn\components\coFFPlgn.dll
FF - component: c:\dokumente und einstellungen\All Users\Anwendungsdaten\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\IPSFFPlgn\components\IPSFFPl.dll
FF - component: c:\programme\Nokia\Nokia Ovi Suite\Connectors\Bookmarks Connector\FirefoxExtension\components\FirefoxExtension.dll
FF - plugin: c:\dokumente und einstellungen\Ich\Lokale Einstellungen\Anwendungsdaten\Google\Update\1.2.183.29\npGoogleOneClick8.dll
FF - plugin: c:\progra~1\MICROS~3\Office14\NPSPWRAP.DLL
FF - plugin: c:\program files\Real\RealPlayer\Netscape6\nppl3260.dll
FF - plugin: c:\program files\Real\RealPlayer\Netscape6\nprjplug.dll
FF - plugin: c:\program files\Real\RealPlayer\Netscape6\nprpjplug.dll
FF - plugin: c:\programme\Java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\programme\Pando Networks\Media Booster\npPandoWebPlugin.dll
FF - plugin: d:\programme\Mozilla Firefox\plugins\npdeployJava1.dll
FF - plugin: d:\programme\QuickTime\Plugins\npqtplugin.dll
FF - plugin: d:\programme\QuickTime\Plugins\npqtplugin2.dll
FF - plugin: d:\programme\QuickTime\Plugins\npqtplugin3.dll
FF - plugin: d:\programme\QuickTime\Plugins\npqtplugin4.dll
FF - plugin: d:\programme\QuickTime\Plugins\npqtplugin5.dll
FF - plugin: d:\programme\QuickTime\Plugins\npqtplugin6.dll
FF - plugin: d:\programme\QuickTime\Plugins\npqtplugin7.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

---- FIREFOX Richtlinien ----
d:\programme\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbaam7a8h", true);
d:\programme\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true);
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -

SafeBoot-Wdf01000.sys
SafeBoot-WudfPf
SafeBoot-WudfRd
MSConfigStartUp-Free Quick Keylogger - d:\programme\WideStep Software\Free Quick Keylogger\qpanel.exe
MSConfigStartUp-RGSC - d:\programme\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe



**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, hxxp://www.gmer.net
Rootkit scan 2010-09-07 23:43
Windows 5.1.2600 Service Pack 3 FAT NTAPI

Scanne versteckte Prozesse...

Scanne versteckte Autostarteinträge...

Scanne versteckte Dateien...

Scan erfolgreich abgeschlossen
versteckte Dateien: 0

**************************************************************************

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\N360]
"ImagePath"="\"c:\programme\Norton 360\Engine\4.2.0.12\ccSvcHst.exe\" /s \"N360\" /m \"c:\programme\Norton 360\Engine\4.2.0.12\diMaster.dll\" /prefetch:1"

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\mchInjDrv]
"ImagePath"="\??\c:\windows\TEMP\mc21.tmp"
.
--------------------- Gesperrte Registrierungsschluessel ---------------------

[HKEY_USERS\S-1-5-21-3598312876-1066895871-4027723870-1007\Software\SecuROM\License information*]
"datasecu"=hex:14,a9,b3,2e,57,83,53,50,3e,4d,f7,4d,65,e2,a6,0e,a0,97,26,59,86,
  b2,78,ae,34,bc,91,30,93,2b,a1,54,3d,20,76,99,d5,8b,cd,f3,d2,81,16,33,7a,61,\
"rkeysecu"=hex:38,0d,cf,b4,b4,16,7c,95,9c,04,ff,65,61,55,70,2b

[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Reinstall\Ü¥*º€Y]
"DisplayName"="??"
"DeviceDesc"="??"
"ProviderName"="?\11???\11\08"
"MFG"="?\08???"
"ReinstallString"=".10.1000.5"
"DeviceInstanceIds"=multi:"c:\\ati\\support\\5-7-igp_xp-2k_dd_cp_wdm_sb_gart_24085\\sbdrv\\smbus\\smbusati.inf\00"

[HKEY_LOCAL_MACHINE\software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
"??"=hex:5f,09,a0,6d,3a,b3,05,61,38,ea,47,b9,62,61,0b,7f,ab,c5,9e,c3,08,14,e7,
  1a,52,8e,51,0d,8b,d9,db,e6,8e,de,37,68,00,62,56,83,e0,a1,39,51,2b,08,58,6f,\
"??"=hex:64,25,87,22,fe,95,be,27,30,77,e7,7a,0a,b3,1c,5e
.
--------------------- Durch laufende Prozesse gestartete DLLs ---------------------

- - - - - - - > 'winlogon.exe'(848)
c:\programme\TuneUp WinStyler\WinStylerThemeHelper.dll
c:\windows\system32\Ati2evxx.dll

- - - - - - - > 'lsass.exe'(908)
c:\programme\TuneUp WinStyler\WinStylerThemeHelper.dll

- - - - - - - > 'explorer.exe'(504)
c:\programme\TuneUp WinStyler\WinStylerThemeHelper.dll
c:\progra~1\WINDOW~2\wmpband.dll
c:\windows\system32\WPDShServiceObj.dll
c:\programme\ArcSoft\Software Suite\PhotoImpression\share\pihook.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\windows\system32\Ati2evxx.exe
c:\programme\TuneUp WinStyler\WinStylerThemeSvc.exe
c:\windows\system32\Ati2evxx.exe
c:\windows\system32\LEXBCES.EXE
c:\windows\system32\LEXPPS.EXE
c:\programme\Avira\AntiVir Desktop\avguard.exe
c:\programme\Gemeinsame Dateien\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
c:\programme\Bonjour\mDNSResponder.exe
c:\programme\Java\jre6\bin\jqs.exe
c:\windows\system32\UAService7.exe
c:\windows\system32\wbem\wmiapsrv.exe
c:\windows\system32\rundll32.exe
c:\windows\RTHDCPL.EXE
c:\programme\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
c:\programme\Microsoft IntelliPoint\dpupdchk.exe
c:\programme\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2010-09-07  23:51:28 - PC wurde neu gestartet
ComboFix-quarantined-files.txt  2010-09-07 21:51

Vor Suchlauf: 20 Verzeichnis(se), 15.310.290.944 Bytes frei
Nach Suchlauf: 92 Verzeichnis(se), 15.194.652.672 Bytes frei

WindowsXP-KB310994-SP2-Home-BootDisk-DEU.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(2)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(2)\WINDOWS="Microsoft Windows XP Home Edition" /noexecute=optin /fastdetect /usepmtimer

- - End Of File - - 0236787CB6691F35BA9B2EE3988C9752
--- --- ---

john.doe 08.09.2010 16:57
Zitat:
Sry, dass es so lang gedauert hat
Bei dem Log wundert mich das nicht wirklich. Aber ich habe dich gewarnt. ;)

1.) Deinstalliere:
  • Adobe Flash Player 9 ActiveX (veraltet)
  • Adobe Reader 7.1.0 (gnadenlos veraltet)
  • Apple Software Update (unnütz)
  • Avira AntiVir Personal - Free Antivirus (vermurkst dir die Registry, wird im Anschluss wieder installiert)
  • Ask Toolbar (Adware)
  • AVG Anti-Rootkit Free (hat es dir geholfen?)
  • Azureus (Haupteinfallstor für Schädlinge)
  • DAEMON Tools Toolbar (schädlich, ok, meine Meinung)
  • Google Toolbar for Internet Explorer (schädlich, ok, meine Meinung)
  • ICQ Toolbar (schädlich, ok, meine Meinung)
  • Mozilla Firefox (3.5.11) (veraltet)
  • Mozilla Thunderbird (2.0.0.24) (veraltet)
  • Norton 360 (Müll, ok, meine Meinung, auch wenn du damit einen partiellen Erfolg erzielt hast)
  • Registry CleanUP 2007 1.5 (potentiell gefährlich)

2.) Download und Ausführung des Norton-Entfernungsprogramms

3.) http://dlpro.antivir.com/down/window...cleaner_de.zip

4.) Poste aktuelle Logs von OTL und RSIT.

ciao, andreas

.Anti. 08.09.2010 17:16
Ok, wird erledigt.

Aber wenn ich alle Virenprogramme deinstalliere, ist mein PC dann nicht ganz ohne Schutz?

LG

PS: AVG Rootkit war Müll^^

john.doe 08.09.2010 17:24
Klicke auf die letzten beiden Links in meiner Signatur. Und dann schau zusätzlich, was ich noch in diesem Thread posten werde => http://www.trojaner-board.de/90434-n...-fast-tot.html

(Gemeint ist der Absatz mit Zynismus).

ciao, andreas

.Anti. 08.09.2010 17:30
Ah ok, habe ich wieder was gelernt ;)

Wirst du nur noch in dem anderen Thread posten? Oder soll ich dort nur zusätzlich gucken?

LG

john.doe 08.09.2010 17:44
Zitat:
Oder soll ich dort nur zusätzlich gucken?
Ja. Dort werde ich ein Scan von VT posten, der beweist, dass AVPs grundsätzlich sinnlos sind und nichts mit Sicherheit zu tun haben. Sie dienen lediglich als Unterstützung. BTW: Ich benutze keines von diesen, mich schützt ausschließlich brain.exe.

Falls du wissen möchtest, was brain.exe ist (dem hat kein AVP gemeldet, dass dort ein Schädling ist, nur sein brain.exe hat angeschlagen) => http://www.trojaner-board.de/76270-t...ser-datei.html

ciao, andreas

.Anti. 08.09.2010 18:00
Hehee :rofl:

RSIT Logfile:
Code:
Logfile of random's system information tool 1.08 (written by random/random)
Run by Ich at 2010-09-08 18:59:49
Microsoft Windows XP Home Edition Service Pack 3
System drive C: has 20 GB (26%) free of 74 GB
Total RAM: 1534 MB (64% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 18:59:54, on 08.09.2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.17080)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Programme\Java\jre6\bin\jqs.exe
C:\Programme\Microsoft Application Virtualization Client\sftvsa.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\UAService7.exe
C:\Programme\Microsoft Application Virtualization Client\sftlist.exe
C:\WINDOWS\system32\rundll32.exe
D:\Programme\T-Online\T-Online_Software_6\Basis-Software\Basis1\ToADiMon.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Programme\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Programme\Java\jre6\bin\jusched.exe
C:\Programme\Microsoft IntelliType Pro\itype.exe
C:\Programme\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Dokumente und Einstellungen\Ich\Lokale Einstellungen\Anwendungsdaten\Google\Update\GoogleUpdate.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programme\Microsoft IntelliType Pro\dpupdchk.exe
C:\Programme\Gemeinsame Dateien\Microsoft Shared\Works Shared\WkCalRem.exe
C:\WINDOWS\system32\Macromed\Shockwave 10\PostUpdate.exe
C:\Programme\Gemeinsame Dateien\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
C:\Programme\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\wuauclt.exe
D:\Programme\Mozilla Firefox\firefox.exe
C:\Programme\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\Dokumente und Einstellungen\Ich\Desktop\RSIT.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\Programme\trend micro\Ich.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://fullarticles.net
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkId=69157
R3 - URLSearchHook: (no name) -  - (no file)
O2 - BHO: AskBar BHO - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Programme\AskBarDis\bar\bin\askBar.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre6\bin\ssv.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programme\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Programme\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Ask Toolbar - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Programme\AskBarDis\bar\bin\askBar.dll
O4 - HKLM\..\Run: [LaunchApp] Alaunch
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [ToADiMon.exe] D:\Programme\T-Online\T-Online_Software_6\Basis-Software\Basis1\ToADiMon.exe -TOnlineAutodialStart
O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAShCut.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [StartCCC] "C:\Programme\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [QuickTime Task] "D:\Programme\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Programme\Java\jre6\bin\jusched.exe
O4 - HKLM\..\Run: [itype] "C:\Programme\Microsoft IntelliType Pro\itype.exe"
O4 - HKCU\..\Run: [swg] "C:\Programme\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [Google Update] "C:\Dokumente und Einstellungen\Ich\Lokale Einstellungen\Anwendungsdaten\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [Steam] "d:\programme\steam\steam.exe" -silent
O4 - HKCU\..\Run: [ICQ] "D:\Programme\ICQ7.0\ICQ.exe" silent loginmode=4
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Skype] "C:\Programme\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\RunOnce: [SWHelper] "C:\WINDOWS\system32\Macromed\Shockwave 10\PostUpdate.exe" 1014020
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\Run: [InfoCockpit] D:\Programme\T-Online\T-Online_Software_6\Info-Cockpit\INFOCOCKPIT.EXE /nosplash (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: WKCALREM.LNK = C:\Programme\Gemeinsame Dateien\Microsoft Shared\Works Shared\WkCalRem.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Programme\Microsoft Office\Office10\OSA.EXE
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre6\bin\npjpi160_21.dll
O9 - Extra 'Tools' menuitem: Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre6\bin\npjpi160_21.dll
O9 - Extra button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Programme\ICQLite\ICQLite.exe (file missing)
O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Programme\ICQLite\ICQLite.exe (file missing)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - hxxp://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - hxxp://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1135673099383
O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} (Oberon Flash Game Host) - hxxp://icq.oberon-media.com/Gameshell/GameHost/1.0/OberonGameHost.cab
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\GEMEIN~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Programme\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programme\Gemeinsame Dateien\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Programme\Java\jre6\bin\jqs.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: ServiceLayer - Nokia - C:\Programme\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: TuneUp WinStyler Theme Service (TUWinStylerThemeSvc) - TuneUp Software GmbH - C:\Programme\TuneUp WinStyler\WinStylerThemeSvc.exe
O23 - Service: SecuROM User Access Service (V7) (UserAccess7) - Sony DADC Austria AG. - C:\WINDOWS\system32\UAService7.exe

--
End of file - 9142 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\Microsoft_Hardware_Launch_IPoint_exe.job
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-3598312876-1066895871-4027723870-1007Core1cb0cc11dcdc67c.job
C:\WINDOWS\tasks\Microsoft_Hardware_Launch_IType_exe.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{201f27d4-3704-41d6-89c1-aa35e39143ed}]
AskBar BHO - C:\Programme\AskBarDis\bar\bin\askBar.dll [2008-08-26 279944]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
SSVHelper Class - C:\Programme\Java\jre6\bin\ssv.dll [2010-08-04 325408]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Plug-In - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2010-08-19 1294336]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Programme\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll [2009-12-07 764912]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Programme\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2010-08-04 79648]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{3041d03e-fd4b-44e0-b742-2d9b88305f98} - Ask Toolbar - C:\Programme\AskBarDis\bar\bin\askBar.dll [2008-08-26 279944]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"LaunchApp"=Alaunch []
"IMJPMIG8.1"=C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE [2004-08-04 208952]
"MSPY2002"=C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe [2004-08-04 59392]
"PHIME2002ASync"=C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE [2004-08-04 455168]
"PHIME2002A"=C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE [2004-08-04 455168]
"BluetoothAuthenticationAgent"=bthprops.cpl,,BluetoothAuthenticationAgent []
"ToADiMon.exe"=D:\Programme\T-Online\T-Online_Software_6\Basis-Software\Basis1\ToADiMon.exe [2005-06-27 278528]
"High Definition Audio Property Page Shortcut"=C:\WINDOWS\system32\HDAShCut.exe [2005-01-07 61952]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2005-07-01 14477312]
"StartCCC"=C:\Programme\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2009-02-03 61440]
"QuickTime Task"=D:\Programme\QuickTime\QTTask.exe [2009-11-11 417792]
"SunJavaUpdateSched"=C:\Programme\Java\jre6\bin\jusched.exe [2009-10-11 149280]
"itype"=C:\Programme\Microsoft IntelliType Pro\itype.exe [2010-07-21 1778064]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"swg"=C:\Programme\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2007-06-16 68856]
"Google Update"=C:\Dokumente und Einstellungen\Ich\Lokale Einstellungen\Anwendungsdaten\Google\Update\GoogleUpdate.exe [2009-01-06 133104]
"Steam"=d:\programme\steam\steam.exe [2010-09-02 1242448]
"ICQ"=D:\Programme\ICQ7.0\ICQ.exe [2010-08-22 133432]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"Skype"=C:\Programme\Skype\Phone\Skype.exe [2010-09-01 16700808]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"SWHelper"=C:\WINDOWS\system32\Macromed\Shockwave 10\PostUpdate.exe [2009-12-07 53248]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Malwarebytes Anti-Malware (reboot)]
D:\Programme\Malwarebytes' Anti-Malware\mbam.exe [2010-04-29 1090952]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
C:\Programme\Messenger\msmsgs.exe [2008-04-14 1695232]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaMServer]
C:\Programme\Gemeinsame Dateien\Nokia\MPlatform\NokiaMServer /watchfiles startup []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaMusic FastStart]
C:\Programme\Nokia\Ovi Player\NokiaOviPlayer.exe [2010-03-04 2192672]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ntiMUI]
c:\Programme\NewTech Infosystems\NTI CD & DVD-Maker 7\ntiMUI.exe [2005-05-11 45056]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Profiler]
C:\Programme\Saitek\Software\Profiler.exe [2004-01-28 159744]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl]
C:\Programme\CyberLink\PowerDVD\PDVDServ.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SaiSmart]
C:\Programme\Saitek\Software\SaiSmart.exe [2004-01-28 98304]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Dokumente und Einstellungen^Ich^Startmenü^Programme^Zubehör^Autostart^Registration .LNK]
C:\Programme\Ubisoft\Peter Jackson's King Kong - The Official Game of the Movie\RegistrationReminder.exe -d 803617 -l german -r 7 -g  -c us -i 2309 []

C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart
Microsoft Office.lnk - C:\Programme\Microsoft Office\Office10\OSA.EXE

C:\Dokumente und Einstellungen\Ich\Startmenü\Programme\Zubehör\Autostart
WKCALREM.LNK - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Works Shared\WkCalRem.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2009-02-04 155648]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2007-03-15 236928]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"HonorAutoRunSetting"=1
"NoDriveAutoRun"=67108863
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"D:\Programme\LucasArts\Star Wars Battlefront II\GameData\BattlefrontII.exe"="D:\Programme\LucasArts\Star Wars Battlefront II\GameData\BattlefrontII.exe:*:Enabled:BattlefrontII"
"C:\WINDOWS\System32\LEXPPS.EXE"="C:\WINDOWS\System32\LEXPPS.EXE:*:Disabled:LEXPPS"
"C:\WINDOWS\System32\dplaysvr.exe"="C:\WINDOWS\System32\dplaysvr.exe:*:Disabled:Microsoft DirectPlay Helper"
"C:\WINDOWS\Network Diagnostic\xpnetdiag.exe"="C:\WINDOWS\Network Diagnostic\xpnetdiag.exe:*:Disabled:@xpsp3res.dll,-20000"
"C:\WINDOWS\system32\sessmgr.exe"="C:\WINDOWS\system32\sessmgr.exe:*:Disabled:@xpsp2res.dll,-22019"
"D:\Programme\T-Online\T-Online_Software_6\Browser\browser.exe"="D:\Programme\T-Online\T-Online_Software_6\Browser\browser.exe:*:Disabled:T-Online Browser 6.0"
"C:\Programme\Messenger\msmsgs.exe"="C:\Programme\Messenger\msmsgs.exe:*:Disabled:Windows Messenger"
"C:\Programme\TeamViewer\Version4\TeamViewer.exe"="C:\Programme\TeamViewer\Version4\TeamViewer.exe:*:Enabled:TeamViewer Remote Control Application"
"C:\Programme\Nokia\Nokia Software Updater\nsu_ui_client.exe"="C:\Programme\Nokia\Nokia Software Updater\nsu_ui_client.exe:*:Enabled:Nokia Software Updater"
"C:\Programme\Java\jre6\bin\java.exe"="C:\Programme\Java\jre6\bin\java.exe:*:Enabled:Java(TM) Platform SE binary"
"D:\Programme\Counter-Strike 1.6\hl.exe"="D:\Programme\Counter-Strike 1.6\hl.exe:*:Enabled:Half-Life Launcher"
"D:\Programme\Azureus\Azureus.exe"="D:\Programme\Azureus\Azureus.exe:*:Enabled:Azureus"
"C:\Programme\Microsoft Games\Rise Of Legends\legends.exe"="C:\Programme\Microsoft Games\Rise Of Legends\legends.exe:*:Enabled:Rise Of Legends"
"D:\Programme\ICQ6.5\ICQ.exe"="D:\Programme\ICQ6.5\ICQ.exe:*:Enabled:ICQ6"
"C:\Programme\Skype\Plugin Manager\skypePM.exe"="C:\Programme\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"D:\Programme\SiSoftware\SiSoftware Sandra Lite 2009.SP3c\WNt500x86\RpcSandraSrv.exe"="D:\Programme\SiSoftware\SiSoftware Sandra Lite 2009.SP3c\WNt500x86\RpcSandraSrv.exe:*:Enabled:SiSoftware Sandra Agent Service"
"C:\Programme\TMbot\TM.EXE"="C:\Programme\TMbot\TM.EXE:*:Enabled:TMbot"
"D:\Programme\Anno 1701\Anno1701.exe"="D:\Programme\Anno 1701\Anno1701.exe:*:Enabled:Anno 1701"
"D:\Programme\ICQ7.0\ICQ.exe"="D:\Programme\ICQ7.0\ICQ.exe:*:Enabled:ICQ7"
"D:\Programme\ICQ7.0\aolload.exe"="D:\Programme\ICQ7.0\aolload.exe:*:Enabled:aolload.exe"
"D:\Programme\Steam\Steam.exe"="D:\Programme\Steam\Steam.exe:*:Enabled:Steam"
"C:\Dokumente und Einstellungen\Ich\Desktop\Counter-Strike Source\hl2.exe"="C:\Dokumente und Einstellungen\Ich\Desktop\Counter-Strike Source\hl2.exe:*:Disabled:hl2"
"D:\Programme\League of Legends\Air\LolClient.exe"="D:\Programme\League of Legends\Air\LolClient.exe:*:Enabled:League of Legends Lobby"
"D:\Programme\League of Legends\Game\League of Legends.exe"="D:\Programme\League of Legends\Game\League of Legends.exe:*:Enabled:League of Legends Game Client"
"C:\Programme\Pando Networks\Media Booster\PMB.exe"="C:\Programme\Pando Networks\Media Booster\PMB.exe:*:Enabled:Pando Media Booster"
"D:\Programme\Steam\SteamApps\weithoff007\counter-strike source\hl2.exe"="D:\Programme\Steam\SteamApps\weithoff007\counter-strike source\hl2.exe:*:Enabled:Counter-Strike: Source"
"C:\Programme\MSN Messenger\msnmsgr.exe"="C:\Programme\MSN Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"
"C:\Programme\MSN Messenger\livecall.exe"="C:\Programme\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"
"C:\Programme\Skype\Phone\Skype.exe"="C:\Programme\Skype\Phone\Skype.exe:*:Enabled:Skype"
"C:\Dokumente und Einstellungen\Ich\Lokale Einstellungen\Temp\7zS1B3.tmp\SymNRT.exe"="C:\Dokumente und Einstellungen\Ich\Lokale Einstellungen\Temp\7zS1B3.tmp\SymNRT.exe:*:Enabled:Norton Removal Tool"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"D:\Programme\ICQ7.0\ICQ.exe"="D:\Programme\ICQ7.0\ICQ.exe:*:Enabled:ICQ7"
"D:\Programme\ICQ7.0\aolload.exe"="D:\Programme\ICQ7.0\aolload.exe:*:Enabled:aolload.exe"
"C:\Programme\Pando Networks\Media Booster\PMB.exe"="C:\Programme\Pando Networks\Media Booster\PMB.exe:*:Enabled:Pando Media Booster"
"C:\Programme\MSN Messenger\msnmsgr.exe"="C:\Programme\MSN Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"
"C:\Programme\MSN Messenger\livecall.exe"="C:\Programme\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"

======List of files/folders created in the last 1 months======

2010-09-08 16:32:15 ----D---- C:\Programme\Microsoft IntelliType Pro
2010-09-08 06:46:17 ----D---- C:\Dokumente und Einstellungen\Ich\Anwendungsdaten\Skype
2010-09-08 06:46:12 ----D---- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Skype
2010-09-08 03:34:26 ----HD---- C:\WINDOWS\$NtUninstallKB982214$
2010-09-08 03:34:20 ----HD---- C:\WINDOWS\$NtUninstallKB2115168$
2010-09-08 03:34:14 ----HD---- C:\WINDOWS\$NtUninstallKB2229593$
2010-09-08 03:33:23 ----HD---- C:\WINDOWS\$NtUninstallKB981852$
2010-09-08 03:32:21 ----HD---- C:\WINDOWS\$NtUninstallKB2079403$
2010-09-08 03:18:13 ----HD---- C:\WINDOWS\$NtUninstallKB2160329$
2010-09-08 03:17:48 ----HD---- C:\WINDOWS\$NtUninstallKB980436$
2010-09-08 03:03:52 ----HD---- C:\WINDOWS\$NtUninstallKB2286198$
2010-09-08 03:03:23 ----HD---- C:\WINDOWS\$NtUninstallKB981997$
2010-09-08 03:02:59 ----A---- C:\WINDOWS\imsins.BAK
2010-09-08 03:02:24 ----HD---- C:\WINDOWS\$NtUninstallKB982665$
2010-09-08 01:05:55 ----D---- C:\Dokumente und Einstellungen\Ich\Anwendungsdaten\InstallShield
2010-09-08 00:54:39 ----SHD---- C:\Recycled
2010-09-07 23:51:29 ----A---- C:\ComboFix.txt
2010-09-07 23:25:36 ----A---- C:\Boot.bak
2010-09-07 23:25:31 ----RASHD---- C:\cmdcons
2010-09-07 23:21:19 ----A---- C:\WINDOWS\zip.exe
2010-09-07 23:21:19 ----A---- C:\WINDOWS\SWXCACLS.exe
2010-09-07 23:21:19 ----A---- C:\WINDOWS\SWSC.exe
2010-09-07 23:21:19 ----A---- C:\WINDOWS\SWREG.exe
2010-09-07 23:21:19 ----A---- C:\WINDOWS\sed.exe
2010-09-07 23:21:19 ----A---- C:\WINDOWS\PEV.exe
2010-09-07 23:21:19 ----A---- C:\WINDOWS\NIRCMD.exe
2010-09-07 23:21:19 ----A---- C:\WINDOWS\MBR.exe
2010-09-07 23:21:19 ----A---- C:\WINDOWS\grep.exe
2010-09-07 23:20:37 ----D---- C:\WINDOWS\ERDNT
2010-09-07 23:16:35 ----D---- C:\Qoobox
2010-09-07 21:12:19 ----D---- C:\Programme\trend micro
2010-09-07 21:11:23 ----D---- C:\rsit
2010-09-07 17:06:29 ----D---- C:\WINDOWS\system32\Adobe
2010-09-07 16:59:37 ----D---- C:\Programme\Windows Sidebar
2010-09-07 16:59:36 ----D---- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Norton
2010-09-07 16:56:10 ----D---- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\NortonInstaller
2010-09-06 23:29:18 ----D---- C:\_OTL
2010-09-06 22:16:47 ----D---- C:\Dokumente und Einstellungen\Ich\Anwendungsdaten\Malwarebytes
2010-09-06 22:16:28 ----A---- C:\WINDOWS\system32\drivers\mbamswissarmy.sys
2010-09-06 22:16:22 ----D---- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Malwarebytes
2010-09-06 22:16:21 ----A---- C:\WINDOWS\system32\drivers\mbam.sys
2010-09-06 16:35:22 ----D---- C:\Dokumente und Einstellungen\Ich\Anwendungsdaten\Mp3tag
2010-09-06 16:07:54 ----D---- C:\Dokumente und Einstellungen\Ich\Anwendungsdaten\DVDVideoSoftIEHelpers
2010-09-02 20:38:39 ----A---- C:\WINDOWS\ModemLog_Standardmodem über Bluetooth-Verbindung.txt
2010-09-01 21:27:52 ----D---- C:\Dokumente und Einstellungen\Ich\Anwendungsdaten\Nokia Ovi Suite
2010-09-01 04:12:41 ----HD---- C:\WINDOWS\$NtUninstallWudf01009$
2010-09-01 04:06:53 ----HD---- C:\WINDOWS\$NtUninstallWdf01009$
2010-09-01 03:50:49 ----D---- C:\WINDOWS\Globalization
2010-09-01 03:50:22 ----D---- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\NokiaMusic
2010-09-01 03:44:21 ----A---- C:\WINDOWS\system32\drivers\pccsmcfd.sys
2010-09-01 03:44:11 ----D---- C:\Programme\PC Connectivity Solution
2010-09-01 03:43:22 ----A---- C:\WINDOWS\system32\wdfcoinstaller01009.dll
2010-09-01 03:43:22 ----A---- C:\WINDOWS\system32\nmwcdcocls.dll
2010-09-01 03:43:22 ----A---- C:\WINDOWS\system32\drivers\ccdcmb.sys
2010-09-01 03:40:39 ----D---- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\NokiaInstallerCache
2010-08-21 18:33:32 ----D---- C:\FOUND.069
2010-08-20 03:55:24 ----A---- C:\WINDOWS\system32\javaws.exe
2010-08-20 03:55:24 ----A---- C:\WINDOWS\system32\javaw.exe
2010-08-20 03:55:24 ----A---- C:\WINDOWS\system32\java.exe
2010-08-11 04:42:15 ----D---- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Blizzard Entertainment
2010-08-11 04:41:24 ----D---- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Blizzard

======List of files/folders modified in the last 1 months======

2010-09-08 03:30:16 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2010-09-08 01:05:16 ----A---- C:\WINDOWS\BRVIDEO.INI
2010-09-08 01:05:16 ----A---- C:\WINDOWS\Brownie.ini
2010-09-08 01:05:16 ----A---- C:\WINDOWS\BRDIAG.INI
2010-09-07 23:40:32 ----A---- C:\WINDOWS\system.ini
2010-09-07 23:25:38 ----RASH---- C:\boot.ini
2010-09-07 17:13:46 ----A---- C:\WINDOWS\win.ini

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 amdide;amdide; C:\WINDOWS\system32\DRIVERS\amdide.sys [2007-10-12 9096]
R0 gagp30kx;Microsoft Allgemeiner AGPv3.0-Filter für K8-Prozessorplattformen; C:\WINDOWS\system32\DRIVERS\gagp30kx.sys [2008-04-13 46464]
R0 ohci1394;VIA OHCI-konformer IEEE 1394-Hostcontroller; C:\WINDOWS\system32\DRIVERS\ohci1394.sys [2008-04-13 61696]
R0 PxHelp20;PxHelp20; C:\WINDOWS\System32\Drivers\PxHelp20.sys [2009-04-28 44944]
R0 sfvfs02;StarForce Protection VFS Driver (version 2.x); C:\WINDOWS\System32\drivers\sfvfs02.sys [2005-11-03 63488]
R0 SI3112r;ATI-437A Serial ATA Controller; C:\WINDOWS\system32\DRIVERS\SI3112r.sys [2005-06-01 97920]
R0 SiFilter;SATALink driver accelerator; C:\WINDOWS\system32\DRIVERS\SiWinAcc.sys [2005-06-01 10240]
R0 viaagp1;VIA AGP Filter; C:\WINDOWS\system32\DRIVERS\viaagp1.sys [2003-07-02 27904]
R0 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2009-07-13 91904]
R1 AmdK8;AMD-Prozessortreiber; C:\WINDOWS\system32\DRIVERS\AmdK8.sys [2006-07-01 43520]
R1 kbdhid;Tastatur-HID-Treiber; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2004-08-04 14848]
R1 UBHelper;UBHelper; C:\WINDOWS\system32\drivers\UBHelper.sys [2004-12-17 13952]
R1 WS2IFSL;Windows Socket 2.0 Non-IFS-Dienstanbieter-Unterstützungsumgebung; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2004-08-04 12032]
R2 BrPar;BrPar; C:\WINDOWS\System32\drivers\BrPar.sys [2000-07-24 19537]
R3 Afc;PPdus ASPI Shell; C:\WINDOWS\system32\drivers\Afc.sys [2005-02-23 11776]
R3 Arp1394;1394-ARP-Clientprotokoll; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-13 60800]
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2009-02-04 3488768]
R3 AtiHdmiService;ATI Function Driver for HDMI Service; C:\WINDOWS\system32\drivers\AtiHdmi.sys [2008-10-31 93184]
R3 BthEnum;Bluetooth-Auflistungsdienst; C:\WINDOWS\system32\DRIVERS\BthEnum.sys [2008-04-13 17024]
R3 BTHMODEM;Bluetooth-Modemkommunikationstreiber; C:\WINDOWS\system32\DRIVERS\bthmodem.sys [2008-04-13 37888]
R3 BthPan;Bluetooth-Gerät (PAN); C:\WINDOWS\system32\DRIVERS\bthpan.sys [2008-04-13 101120]
R3 BTHUSB;USB-Treiber für Bluetooth-Funkgerät; C:\WINDOWS\System32\Drivers\BTHUSB.sys [2008-04-13 18944]
R3 HDAudBus;Microsoft UAA-Bustreiber für High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 HidBth;Microsoft Bluetooth-HID-Miniport; C:\WINDOWS\system32\DRIVERS\hidbth.sys [2008-04-14 25856]
R3 hidusb;Microsoft HID Class-Treiber; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2005-07-01 3134976]
R3 mouhid;Maus-HID-Treiber; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-18 12288]
R3 NIC1394;1394-Netzwerktreiber; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-13 61824]
R3 NTIDrvr;Upper Class Filter Driver; C:\WINDOWS\system32\DRIVERS\NTIDrvr.sys [2005-10-22 6144]
R3 NuidFltr;NUID filter driver; C:\WINDOWS\system32\DRIVERS\NuidFltr.sys [2010-07-21 21520]
R3 pfc;Padus ASPI Shell; C:\WINDOWS\system32\drivers\pfc.sys [2003-09-19 21248]
R3 RFCOMM;Bluetooth-Gerät (RFCOMM-Protokoll-TDI); C:\WINDOWS\system32\DRIVERS\rfcomm.sys [2008-04-13 59136]
R3 SaiMini;SaiMini; C:\WINDOWS\system32\DRIVERS\SaiMini.sys [2004-01-28 15232]
R3 SaiNtBus;SaiNtBus; C:\WINDOWS\system32\drivers\SaiNtBus.sys [2004-01-28 26624]
R3 sftfs;sftfs; \??\C:\Programme\Microsoft Application Virtualization Client\drivers\sftfsXP.sys []
R3 sftplay;sftplay; \??\C:\Programme\Microsoft Application Virtualization Client\drivers\sftplayXP.sys []
R3 Sftredir;Sftredir; C:\WINDOWS\system32\DRIVERS\Sftredirxp.sys [2009-09-23 21864]
R3 sftvol;sftvol; \??\C:\Programme\Microsoft Application Virtualization Client\drivers\sftvolXP.sys []
R3 Wdf01000;Wdf01000; C:\WINDOWS\system32\DRIVERS\Wdf01000.sys [2009-07-14 444136]
R3 yukonwxp;NDIS5.1 Miniport Driver for Marvell Yukon Ethernet Controller; C:\WINDOWS\system32\DRIVERS\yk51x86.sys [2005-07-01 230272]
S2 int15.sys;int15.sys; \??\C:\Programme\Acer\eRecovery\int15.sys []
S3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [2005-06-08 2319680]
S3 AVerA700;A700 service; C:\WINDOWS\system32\DRIVERS\AVerBDA3x.sys [2006-05-05 985472]
S3 BTHPORT;Bluetooth-Porttreiber; C:\WINDOWS\System32\Drivers\BTHport.sys [2008-06-14 273024]
S3 catchme;catchme; \??\C:\cofi\catchme.sys []
S3 CCDECODE;Untertiteldecoder; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 DMSKSSRh;DMSKSSRh; \??\C:\DOKUME~1\Ich\LOKALE~1\Temp\DMSKSSRh.sys []
S3 ENTECH;ENTECH; \??\C:\WINDOWS\system32\DRIVERS\ENTECH.sys []
S3 HdAudAddService;Microsoft UAA Function Driver for High Definition Audio Service; C:\WINDOWS\system32\drivers\HdAudio.sys [2005-01-07 145920]
S3 MIINPazX;MIINPazX NDIS Protocol Driver; \??\C:\PROGRA~1\GEMEIN~1\MARMIK~1\MInfraIS\MIINPazX.SYS []
S3 MPE;BDA MPE-Filter; C:\WINDOWS\system32\DRIVERS\MPE.sys [2008-04-13 15232]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink-Konvertierung; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 MTOnlPktAlyX;MTOnlPktAlyX NDIS Protocol Driver; \??\D:\PROGRA~1\T-Online\T-ONLI~1\BASIS-~1\Basis1\MTOnlPktAlyX.SYS []
S3 NABTSFEC;NABTS/FEC VBI-Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Microsoft TV-/Videoverbindung; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 nm;Netzwerkmonitortreiber; C:\WINDOWS\system32\DRIVERS\NMnt.sys [2008-04-13 40320]
S3 nmwcd;Nokia USB Phone Parent; C:\WINDOWS\system32\drivers\ccdcmb.sys [2010-02-26 18176]
S3 ovt530;TM507A USB Camera; C:\WINDOWS\System32\Drivers\ov530vid.sys []
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816]
S3 Point32;Microsoft IntelliPoint Filter Driver; C:\WINDOWS\system32\DRIVERS\point32.sys []
S3 RTL8023xp;Realtek 10/100/1000 NIC Family all in one NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtlnicxp.sys [2005-03-04 74496]
S3 rtl8139;NT-Treiber für Realtek RTL8139(A/B/C)-basierten PCI-Fast Ethernet-Adapter; C:\WINDOWS\system32\DRIVERS\RTL8139.SYS [2004-08-03 20992]
S3 SaiH0464;SaiH0464; C:\WINDOWS\system32\DRIVERS\SaiH0464.sys [2004-01-30 55808]
S3 SANDRA;SANDRA; \??\D:\Programme\SiSoftware\SiSoftware Sandra Lite 2009.SP3c\WNt500x86\Sandra.sys []
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 streamip;BDA-IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 upperdev;upperdev; C:\WINDOWS\system32\DRIVERS\usbser_lowerflt.sys []
S3 USBAAPL;Apple Mobile USB Driver; C:\WINDOWS\System32\Drivers\usbaapl.sys []
S3 usbaudio;USB-Audiotreiber (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2008-04-13 60032]
S3 usbccgp;Microsoft Standard-USB-Haupttreiber; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2004-08-04 31616]
S3 usbprint;Microsoft USB-Druckerklasse; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 usbscan;USB-Scannertreiber; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 USBSTOR;USB-Massenspeichertreiber; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 usbuhci;Miniporttreiber für universellen Microsoft USB-Hostcontroller; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
S3 usbvideo;USB-Videogerät (WDM); C:\WINDOWS\System32\Drivers\usbvideo.sys [2008-04-13 121984]
S3 WpdUsb;WpdUsb; C:\WINDOWS\System32\Drivers\wpdusb.sys [2006-10-18 38528]
S3 WSTCODEC;World Standard Teletext-Codec; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S4 mchInjDrv;mchInjDrv; \??\C:\WINDOWS\TEMP\mc21.tmp []
S4 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys [2009-06-15 717296]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2009-02-04 602112]
R2 BthServ;Bluetooth Support Service; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R2 cvhsvc;Client Virtualization Handler; C:\Programme\Gemeinsame Dateien\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2009-09-26 819600]
R2 JavaQuickStarterService;Java Quick Starter; C:\Programme\Java\jre6\bin\jqs.exe [2010-07-17 153376]
R2 LexBceS;LexBce Server; C:\WINDOWS\system32\LEXBCES.EXE [2002-02-14 299008]
R2 sftlist;Application Virtualization Client; C:\Programme\Microsoft Application Virtualization Client\sftlist.exe [2009-09-23 447832]
R2 UserAccess7;SecuROM User Access Service (V7); C:\WINDOWS\system32\UAService7.exe [2006-03-11 221184]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R3 gusvc;Google Updater Service; C:\Programme\Google\Common\Google Updater\GoogleUpdaterService.exe [2007-02-02 138168]
R3 sftvsa;Application Virtualization Service Agent; C:\Programme\Microsoft Application Virtualization Client\sftvsa.exe [2009-09-23 203608]
S2 ATI Smart;ATI Smart; C:\WINDOWS\system32\ati2sgag.exe [2009-02-03 593920]
S2 Fax;Fax; C:\WINDOWS\system32\fxssvc.exe [2008-04-14 268800]
S2 TUWinStylerThemeSvc;TuneUp WinStyler Theme Service; C:\Programme\TuneUp WinStyler\WinStylerThemeSvc.exe [2004-05-04 117760]
S3 aspnet_state;ASP.NET-Zustandsdienst; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 IDriverT;InstallDriver Table Manager; C:\Programme\Gemeinsame Dateien\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 ose;Office  Source Engine; C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE [2009-09-26 149336]
S3 osppsvc;Office Software Protection Platform; C:\Programme\Gemeinsame Dateien\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2009-09-26 4639136]
S3 ServiceLayer;ServiceLayer; C:\Programme\PC Connectivity Solution\ServiceLayer.exe [2010-06-14 615936]
S3 WMPNetworkSvc;Windows Media Player-Netzwerkfreigabedienst; C:\Programme\Windows Media Player\WMPNetwk.exe [2006-11-03 920576]
S4 NetTcpPortSharing;Net.Tcp-Portfreigabedienst; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------
--- --- ---

.Anti. 08.09.2010 18:07
Bitte schön!
Firefox und Thunderbird habe ich aktualisiert statt sie zu deinstallieren.
Geht ok, oder?

Code:
OTL logfile created on: 08.09.2010 19:04:55 - Run 2
OTL by OldTimer - Version 3.2.11.0    Folder = C:\Dokumente und Einstellungen\Ich\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.11)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
1,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 65,00% Memory free
2,00 Gb Paging File | 2,00 Gb Available in Paging File | 83,00% Paging File free
Paging file location(s): C:\pagefile.sys 1024 1024 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 72,65 Gb Total Space | 19,08 Gb Free Space | 26,26% Space Free | Partition Type: FAT32
Drive D: | 73,45 Gb Total Space | 50,81 Gb Free Space | 69,17% Space Free | Partition Type: NTFS
Drive E: | 455,16 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
 
Computer Name: FINN
Current User Name: Ich
Logged in as Administrator.
 
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard
 
========== Processes (SafeList) ==========
 
PRC - [2010.09.08 19:04:20 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Dokumente und Einstellungen\Ich\Desktop\OTL.exe
PRC - [2010.09.08 18:33:53 | 000,908,248 | ---- | M] (Mozilla Corporation) -- D:\Programme\Mozilla Firefox\firefox.exe
PRC - [2010.07.21 17:07:04 | 001,778,064 | ---- | M] (Microsoft Corporation) -- C:\Programme\Microsoft IntelliType Pro\itype.exe
PRC - [2010.07.21 17:07:04 | 000,493,456 | ---- | M] (Microsoft Corporation) -- C:\Programme\Microsoft IntelliType Pro\dpupdchk.exe
PRC - [2009.12.07 22:32:12 | 000,053,248 | ---- | M] () -- C:\WINDOWS\system32\Macromed\Shockwave 10\PostUpdate.exe
PRC - [2009.09.26 07:35:02 | 000,819,600 | ---- | M] (Microsoft Corporation) -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
PRC - [2009.09.23 15:04:56 | 000,203,608 | ---- | M] (Microsoft Corporation) -- C:\Programme\Microsoft Application Virtualization Client\sftvsa.exe
PRC - [2009.09.23 15:04:52 | 000,447,832 | ---- | M] (Microsoft Corporation) -- C:\Programme\Microsoft Application Virtualization Client\sftlist.exe
PRC - [2008.04.14 04:22:46 | 001,036,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Explorer.EXE
PRC - [2007.06.16 12:50:28 | 000,068,856 | ---- | M] (Google Inc.) -- C:\Programme\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
PRC - [2006.03.11 22:23:16 | 000,221,184 | ---- | M] (Sony DADC Austria AG.) -- C:\WINDOWS\system32\UAService7.exe
PRC - [2005.06.27 14:32:28 | 000,278,528 | ---- | M] (T-Online International AG, Marmiko IT-Solutions GmbH) -- D:\Programme\T-Online\T-Online_Software_6\Basis-Software\Basis1\ToADiMon.exe
PRC - [2004.07.12 09:54:26 | 000,015,360 | ---- | M] (Microsoft® Corporation) -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\Works Shared\WkCalRem.exe
 
 
========== Modules (SafeList) ==========
 
MOD - [2010.09.08 19:04:20 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Dokumente und Einstellungen\Ich\Desktop\OTL.exe
MOD - [2008.04.14 04:21:06 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msscript.ocx
MOD - [2004.05.04 19:39:02 | 000,075,776 | ---- | M] () -- C:\Programme\TuneUp WinStyler\WinStylerThemeHelper.dll
 
 
========== Win32 Services (SafeList) ==========
 
SRV - File not found [On_Demand | Stopped] -- C:\WINDOWS\System32\appmgmts.dll -- (AppMgmt)
SRV - [2010.06.14 15:07:14 | 000,615,936 | ---- | M] (Nokia) [On_Demand | Stopped] -- C:\Programme\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2009.09.26 07:35:02 | 000,819,600 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\Virtualization Handler\CVHSVC.EXE -- (cvhsvc)
SRV - [2009.09.26 04:28:22 | 004,639,136 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE -- (osppsvc)
SRV - [2009.09.26 03:31:58 | 000,149,336 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE -- (ose)
SRV - [2009.09.23 15:04:56 | 000,203,608 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Programme\Microsoft Application Virtualization Client\sftvsa.exe -- (sftvsa)
SRV - [2009.09.23 15:04:52 | 000,447,832 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Microsoft Application Virtualization Client\sftlist.exe -- (sftlist)
SRV - [2006.03.11 22:23:16 | 000,221,184 | ---- | M] (Sony DADC Austria AG.) [Auto | Running] -- C:\WINDOWS\system32\UAService7.exe -- (UserAccess7) SecuROM User Access Service (V7)
SRV - [2005.04.04 00:41:10 | 000,069,632 | ---- | M] (Macrovision Corporation) [On_Demand | Stopped] -- C:\Programme\Gemeinsame Dateien\InstallShield\Driver\11\Intel 32\IDriverT.exe -- (IDriverT)
SRV - [2004.05.04 19:39:04 | 000,117,760 | ---- | M] (TuneUp Software GmbH) [Auto | Stopped] -- C:\Programme\TuneUp WinStyler\WinStylerThemeSvc.exe -- (TUWinStylerThemeSvc)
 
 
========== Driver Services (SafeList) ==========
 
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\Drivers\usbaapl.sys -- (USBAAPL)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\DRIVERS\usbser_lowerflt.sys -- (upperdev)
DRV - File not found [Kernel | On_Demand | Stopped] -- D:\Programme\SiSoftware\SiSoftware Sandra Lite 2009.SP3c\WNt500x86\Sandra.sys -- (SANDRA)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\DRIVERS\point32.sys -- (Point32)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\Drivers\ov530vid.sys -- (ovt530)
DRV - File not found [Kernel | On_Demand | Stopped] -- D:\PROGRA~1\T-Online\T-ONLI~1\BASIS-~1\Basis1\MTOnlPktAlyX.SYS -- (MTOnlPktAlyX)
DRV - File not found [Kernel | Auto | Stopped] -- C:\Programme\Acer\eRecovery\int15.sys -- (int15.sys)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\DOKUME~1\Ich\LOKALE~1\Temp\DMSKSSRh.sys -- (DMSKSSRh)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\cofi\catchme.sys -- (catchme)
DRV - [2010.07.21 17:07:04 | 000,021,520 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nuidfltr.sys -- (NuidFltr)
DRV - [2010.02.26 14:32:44 | 000,018,176 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ccdcmb.sys -- (nmwcd)
DRV - [2009.09.23 15:05:06 | 000,021,864 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Sftredirxp.sys -- (Sftredir)
DRV - [2009.09.23 15:04:56 | 000,014,680 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Programme\Microsoft Application Virtualization Client\drivers\SftVolXP.sys -- (sftvol)
DRV - [2009.09.23 15:04:54 | 000,190,312 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Programme\Microsoft Application Virtualization Client\drivers\sftplayxp.sys -- (sftplay)
DRV - [2009.09.23 15:04:52 | 000,543,064 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Programme\Microsoft Application Virtualization Client\drivers\SftFSXP.sys -- (sftfs)
DRV - [2009.06.15 22:23:50 | 000,717,296 | ---- | M] (Duplex Secure Ltd.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\drivers\sptd.sys -- (sptd)
DRV - [2009.05.11 09:12:22 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | Unknown | Stopped] -- C:\WINDOWS\System32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2009.02.04 09:27:20 | 003,488,768 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2008.10.31 20:52:16 | 000,093,184 | R--- | M] (ATI Research Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AtiHdmi.sys -- (AtiHdmiService)
DRV - [2008.08.26 10:26:12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2008.04.13 20:53:10 | 000,040,320 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nmnt.sys -- (nm)
DRV - [2008.04.13 20:46:22 | 000,015,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mpe.sys -- (MPE)
DRV - [2008.04.13 20:45:12 | 000,060,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\USBAUDIO.sys -- (usbaudio) USB-Audiotreiber (WDM)
DRV - [2008.04.13 18:36:06 | 000,144,384 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Hdaudbus.sys -- (HDAudBus)
DRV - [2007.10.12 03:40:00 | 000,009,096 | R--- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\amdide.sys -- (amdide)
DRV - [2006.07.01 23:30:28 | 000,043,520 | ---- | M] (Advanced Micro Devices) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\AmdK8.sys -- (AmdK8)
DRV - [2006.05.22 06:40:30 | 000,017,152 | ---- | M] (T-Online International AG, Marmiko IT-Solutions GmbH) [Kernel | On_Demand | Stopped] -- C:\Programme\Gemeinsame Dateien\Marmiko Shared\MInfraIS\MIINPazx.sys -- (MIINPazX)
DRV - [2006.05.05 05:53:30 | 000,985,472 | ---- | M] (AVerMedia TECHNOLOGIES, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\AVerBDA3x.sys -- (AVerA700)
DRV - [2005.11.03 16:40:08 | 000,063,488 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\sfvfs02.sys -- (sfvfs02) StarForce Protection VFS Driver (version 2.x)
DRV - [2005.10.22 07:38:00 | 000,006,144 | ---- | M] (NewTech Infosystems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\NTIDrvr.sys -- (NTIDrvr)
DRV - [2005.07.01 06:30:32 | 000,230,272 | R--- | M] (Marvell) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\yk51x86.sys -- (yukonwxp)
DRV - [2005.07.01 06:29:28 | 003,134,976 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2005.06.08 08:31:30 | 002,319,680 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ALCXWDM.SYS -- (ALCXWDM) Service for Realtek AC97 Audio (WDM)
DRV - [2005.06.01 17:40:10 | 000,097,920 | ---- | M] (Silicon Image, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\SI3112r.sys -- (SI3112r)
DRV - [2005.06.01 17:40:10 | 000,010,240 | ---- | M] (Silicon Image, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\SiWinAcc.sys -- (SiFilter)
DRV - [2005.03.04 11:10:26 | 000,074,496 | ---- | M] (Realtek Semiconductor Corporation                          ) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Rtlnicxp.sys -- (RTL8023xp)
DRV - [2005.02.23 14:58:56 | 000,011,776 | ---- | M] (Arcsoft, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\afc.sys -- (Afc)
DRV - [2005.01.07 17:07:16 | 000,145,920 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Hdaudio.sys -- (HdAudAddService)
DRV - [2004.12.17 17:14:44 | 000,013,952 | ---- | M] () [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\UBHelper.sys -- (UBHelper)
DRV - [2004.08.03 22:31:34 | 000,020,992 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\RTL8139.sys -- (rtl8139) NT-Treiber für Realtek RTL8139(A/B/C)
DRV - [2004.01.30 15:29:38 | 000,055,808 | ---- | M] (Saitek) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\SaiH0464.sys -- (SaiH0464)
DRV - [2004.01.28 09:09:36 | 000,026,624 | ---- | M] (Saitek) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\SaiNtBus.sys -- (SaiNtBus)
DRV - [2004.01.28 09:09:34 | 000,015,232 | ---- | M] (Saitek) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\SaiMini.sys -- (SaiMini)
DRV - [2003.09.19 15:45:48 | 000,021,248 | ---- | M] (Padus, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\pfc.sys -- (pfc)
DRV - [2003.07.02 04:42:00 | 000,027,904 | ---- | M] (VIA Technologies, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\viaagp1.sys -- (viaagp1)
DRV - [2000.07.24 01:01:00 | 000,019,537 | ---- | M] (Brother Industries Ltd.) [Kernel | Auto | Running] -- C:\WINDOWS\System32\drivers\BrPar.sys -- (BrPar)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = hxxp://www.google.com/ie
IE - HKLM\..\URLSearchHook:  - Reg Error: Key error. File not found
IE - HKLM\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - Reg Error: Key error. File not found
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://fullarticles.net
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP =
IE - HKCU\..\URLSearchHook:  - Reg Error: Key error. File not found
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..browser.startup.homepage: "schueler.cc|travian.at|youtube.com"
FF - prefs.js..extensions.enabledItems: {D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}:0.9.7.1
FF - prefs.js..extensions.enabledItems: {A27F3FEF-1113-4cfb-A032-8E12D7D8EE70}:7.3.3.42
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: {35106bca-6c78-48c7-ac28-56df30b51d2a}:1.3.8
 
FF - HKLM\software\mozilla\Firefox\Extensions\\{A27F3FEF-1113-4cfb-A032-8E12D7D8EE70}: C:\Programme\Nokia\Nokia Ovi Suite\Connectors\Bookmarks Connector\FirefoxExtension\ [2010.09.01 03:44:34 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.12\extensions\\Components: D:\Programme\Mozilla Firefox\components [2010.09.08 18:34:04 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.12\extensions\\Plugins: D:\Programme\Mozilla Firefox\plugins [2010.09.08 18:34:04 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Thunderbird 3.1.2\extensions\\Components: C:\Programme\Mozilla Thunderbird\components [2007.05.01 16:30:44 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Thunderbird 3.1.2\extensions\\Plugins: C:\Programme\Mozilla Thunderbird\plugins [2008.09.05 15:05:18 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Thunderbird\Extensions\\{CCB7D94B-CA92-4E3F-B79D-ADE0F07ADC74}: C:\Programme\Nokia\Nokia Ovi Suite\Connectors\Thunderbird Connector\ThunderbirdExtension\ [2010.09.01 03:44:32 | 000,000,000 | ---D | M]
 
[2010.04.13 14:06:06 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Ich\Anwendungsdaten\Mozilla\Extensions
[2010.09.08 18:35:44 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\Ich\Anwendungsdaten\Mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}
[2010.04.13 14:06:06 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Ich\Anwendungsdaten\Mozilla\Firefox\Profiles\7wx31l7l.default\extensions
[2010.04.13 14:35:58 | 000,000,000 | ---D | M] (Linkification) -- C:\Dokumente und Einstellungen\Ich\Anwendungsdaten\Mozilla\Firefox\Profiles\7wx31l7l.default\extensions\{35106bca-6c78-48c7-ac28-56df30b51d2a}
[2010.09.06 16:07:58 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\Ich\Anwendungsdaten\Mozilla\Firefox\Profiles\7wx31l7l.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
[2010.08.19 23:50:02 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Dokumente und Einstellungen\Ich\Anwendungsdaten\Mozilla\Firefox\Profiles\7wx31l7l.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2010.09.01 04:39:28 | 000,000,000 | ---D | M] (Download Statusbar) -- C:\Dokumente und Einstellungen\Ich\Anwendungsdaten\Mozilla\Firefox\Profiles\7wx31l7l.default\extensions\{D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}
[2010.04.18 14:08:46 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Ich\Anwendungsdaten\Mozilla\Firefox\Profiles\7wx31l7l.default\extensions\youtube2mp3@mondayx.de
[2010.09.08 16:16:36 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Ich\Anwendungsdaten\Mozilla\Firefox\Profiles\9ochijs3.001\extensions
[2010.01.14 23:08:20 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Ich\Anwendungsdaten\Mozilla\Firefox\Profiles\cg7plwxo.default\extensions
[2010.04.11 18:03:30 | 000,000,000 | ---D | M] (Linkification) -- C:\Dokumente und Einstellungen\Ich\Anwendungsdaten\Mozilla\Firefox\Profiles\cg7plwxo.default\extensions\{35106bca-6c78-48c7-ac28-56df30b51d2a}
[2010.09.06 16:07:58 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\Ich\Anwendungsdaten\Mozilla\Firefox\Profiles\cg7plwxo.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
[2010.04.11 15:12:12 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Dokumente und Einstellungen\Ich\Anwendungsdaten\Mozilla\Firefox\Profiles\cg7plwxo.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2010.03.17 14:48:46 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Ich\Anwendungsdaten\Mozilla\Firefox\Profiles\cg7plwxo.default\extensions\Foxdie@tanjihay.com
 
O1 HOSTS File: ([2010.09.07 23:38:22 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1      localhost
O2 - BHO: (AskBar BHO) - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Programme\AskBarDis\bar\bin\askBar.dll (Ask.com)
O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Skype Plug-In) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Programme\Skype\toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programme\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Ask Toolbar) - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Programme\AskBarDis\bar\bin\askBar.dll (Ask.com)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {32099AAC-C132-4136-9E9A-4E364A424E17} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {855F3B16-6D32-4FE6-8A56-BBB695989046} - No CLSID value found.
O4 - HKLM..\Run: [BluetoothAuthenticationAgent] C:\WINDOWS\System32\bthprops.cpl (Microsoft Corporation)
O4 - HKLM..\Run: [High Definition Audio Property Page Shortcut] C:\WINDOWS\System32\HdAShCut.exe (Windows (R) Server 2003 DDK provider)
O4 - HKLM..\Run: [IMJPMIG8.1] C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE (Microsoft Corporation)
O4 - HKLM..\Run: [itype] C:\Programme\Microsoft IntelliType Pro\itype.exe (Microsoft Corporation)
O4 - HKLM..\Run: [LaunchApp] C:\WINDOWS\Alaunch.exe (Acer Inc.)
O4 - HKLM..\Run: [MSPY2002] C:\WINDOWS\System32\IME\PINTLGNT\ImScInst.exe ()
O4 - HKLM..\Run: [PHIME2002A] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE (Microsoft Corporation)
O4 - HKLM..\Run: [PHIME2002ASync] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE (Microsoft Corporation)
O4 - HKLM..\Run: [StartCCC] C:\Programme\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [ToADiMon.exe] D:\Programme\T-Online\T-Online_Software_6\Basis-Software\Basis1\ToADiMon.exe (T-Online International AG, Marmiko IT-Solutions GmbH)
O4 - HKCU..\Run: [ICQ] D:\Programme\ICQ7.0\ICQ.exe (ICQ, LLC.)
O4 - HKCU..\Run: [Steam] d:\programme\steam\steam.exe (Valve Corporation)
O4 - HKCU..\Run: [swg] C:\Programme\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
O4 - HKCU..\RunOnce: [SWHelper] C:\WINDOWS\System32\Macromed\Shockwave 10\PostUpdate.exe ()
O4 - Startup: C:\Dokumente und Einstellungen\Ich\Startmenü\Programme\Zubehör\Autostart\WKCALREM.LNK = C:\Programme\Gemeinsame Dateien\Microsoft Shared\Works Shared\WkCalRem.exe (Microsoft® Corporation)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O9 - Extra 'Tools' menuitem : Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre6\bin\npjpi160_21.dll (Sun Microsystems, Inc.)
O9 - Extra Button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programme\Skype\toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programme\Skype\toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Programme\ICQLite\ICQLite.exe File not found
O9 - Extra 'Tools' menuitem : ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Programme\ICQLite\ICQLite.exe File not found
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} hxxp://go.microsoft.com/fwlink/?linkid=39204 (Windows Genuine Advantage Validation Tool)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} hxxp://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1135673099383 (WUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {CAFEEFAC-0015-0000-0010-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_10-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} hxxp://icq.oberon-media.com/Gameshell/GameHost/1.0/OberonGameHost.cab (Oberon Flash Game Host)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O18 - Protocol\Handler\cdo {CD00020A-8B95-11D1-82DB-00C04FB1625D} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Web Folders\PKMCDO.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Web Components\10\OWC10.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Gemeinsame Dateien\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Programme\Skype\toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\Explorer.EXE (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O24 - Desktop Components:0 (Die derzeitige Homepage) - About:Home
O24 - Desktop WallPaper: C:\Dokumente und Einstellungen\Ich\Lokale Einstellungen\Anwendungsdaten\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Dokumente und Einstellungen\Ich\Lokale Einstellungen\Anwendungsdaten\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2005.10.22 07:38:32 | 000,000,050 | ---- | M] () - C:\AUTOEXEC.BAT -- [ FAT32 ]
O32 - AutoRun File - [2009.11.01 14:36:42 | 000,000,098 | R--- | M] () - E:\autorun.inf -- [ CDFS ]
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
========== Files/Folders - Created Within 30 Days ==========
 
[2010.09.08 19:04:19 | 000,574,976 | ---- | C] (OldTimer Tools) -- C:\Dokumente und Einstellungen\Ich\Desktop\OTL.exe
[2010.09.08 18:15:05 | 000,926,032 | ---- | C] (Symantec Corporation) -- C:\Dokumente und Einstellungen\Ich\Desktop\Norton_Removal_Tool.exe
[2010.09.08 17:14:52 | 014,668,664 | ---- | C] (Microsoft Corporation) -- C:\Dokumente und Einstellungen\Ich\Desktop\IPx86_1031_8.0.225.0.exe
[2010.09.08 16:34:39 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Desktop\Microsoft IntelliPoint
[2010.09.08 16:32:15 | 000,000,000 | ---D | C] -- C:\Programme\Microsoft IntelliType Pro
[2010.09.08 16:29:34 | 014,880,640 | ---- | C] (Microsoft Corporation) -- C:\Dokumente und Einstellungen\Ich\Desktop\ITPx86_1031_8.0.225.0.exe
[2010.09.08 06:46:17 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Ich\Anwendungsdaten\Skype
[2010.09.08 06:46:12 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Skype
[2010.09.08 06:45:30 | 000,958,856 | ---- | C] (Skype Technologies S.A.) -- C:\Dokumente und Einstellungen\Ich\Desktop\SkypeSetup-Beta.exe
[2010.09.08 01:05:55 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Ich\Anwendungsdaten\InstallShield
[2010.09.08 00:54:39 | 000,000,000 | -HSD | C] -- C:\Recycled
[2010.09.07 23:25:31 | 000,000,000 | RHSD | C] -- C:\cmdcons
[2010.09.07 23:21:19 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
[2010.09.07 23:21:19 | 000,161,792 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
[2010.09.07 23:21:19 | 000,136,704 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
[2010.09.07 23:21:19 | 000,031,232 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2010.09.07 23:20:37 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2010.09.07 23:16:35 | 000,000,000 | ---D | C] -- C:\Qoobox
[2010.09.07 23:04:36 | 000,000,000 | RH-D | C] -- C:\Dokumente und Einstellungen\Ich\Recent
[2010.09.07 22:57:09 | 003,427,248 | ---- | C] (Piriform Ltd) -- C:\Dokumente und Einstellungen\Ich\Desktop\ccsetup235.exe
[2010.09.07 21:12:19 | 000,000,000 | ---D | C] -- C:\Programme\trend micro
[2010.09.07 21:11:23 | 000,000,000 | ---D | C] -- C:\rsit
[2010.09.07 18:28:14 | 000,744,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\helpsvc.exe
[2010.09.07 17:06:29 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Adobe
[2010.09.07 17:06:22 | 004,747,136 | ---- | C] (Adobe Systems Inc.) -- C:\Dokumente und Einstellungen\Ich\Desktop\Shockwave_Installer_Slim.exe
[2010.09.07 16:59:37 | 000,000,000 | ---D | C] -- C:\Programme\Windows Sidebar
[2010.09.07 16:59:36 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Norton
[2010.09.07 16:56:10 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\NortonInstaller
[2010.09.07 16:54:13 | 132,049,776 | ---- | C] (Symantec Corporation) -- C:\Dokumente und Einstellungen\Ich\Desktop\TT_159_SYMTB_TMD.exe
[2010.09.06 23:29:18 | 000,000,000 | ---D | C] -- C:\_OTL
[2010.09.06 22:16:47 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Ich\Anwendungsdaten\Malwarebytes
[2010.09.06 22:16:28 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010.09.06 22:16:22 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Malwarebytes
[2010.09.06 22:16:21 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2010.09.06 22:15:06 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Ich\Desktop\MFTools
[2010.09.06 16:35:22 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Ich\Anwendungsdaten\Mp3tag
[2010.09.06 16:07:54 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Ich\Anwendungsdaten\DVDVideoSoftIEHelpers
[2010.09.06 07:27:27 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Ich\Desktop\Neuer Ordner
[2010.09.01 21:27:52 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Ich\Anwendungsdaten\Nokia Ovi Suite
[2010.09.01 04:05:33 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Ich\Lokale Einstellungen\Anwendungsdaten\NokiaAccount
[2010.09.01 03:50:49 | 000,000,000 | ---D | C] -- C:\WINDOWS\Globalization
[2010.09.01 03:50:22 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\NokiaMusic
[2010.09.01 03:50:06 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Ich\Lokale Einstellungen\Anwendungsdaten\Nokia
[2010.09.01 03:44:21 | 000,018,816 | ---- | C] (Nokia) -- C:\WINDOWS\System32\drivers\pccsmcfd.sys
[2010.09.01 03:44:11 | 000,000,000 | ---D | C] -- C:\Programme\PC Connectivity Solution
[2010.09.01 03:43:22 | 001,461,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wdfcoinstaller01009.dll
[2010.09.01 03:43:22 | 000,662,016 | ---- | C] (Nokia) -- C:\WINDOWS\System32\nmwcdcocls.dll
[2010.09.01 03:43:22 | 000,018,176 | ---- | C] (Nokia) -- C:\WINDOWS\System32\drivers\ccdcmb.sys
[2010.09.01 03:40:39 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\NokiaInstallerCache
[2010.08.21 18:33:32 | 000,000,000 | ---D | C] -- C:\FOUND.069
[2010.08.20 03:55:24 | 000,153,376 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe
[2010.08.20 03:55:24 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe
[2010.08.20 03:55:24 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe
[2010.08.11 04:42:15 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Blizzard Entertainment
[2010.08.11 04:41:24 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Blizzard
[2010.08.11 04:41:01 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Ich\Lokale Einstellungen\Anwendungsdaten\Blizzard Entertainment
[2010.08.10 05:25:54 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Ich\Desktop\Lil Wayne - The Blue Martian [Deluxe Edition] - Mixtape Evolution
[2007.05.31 19:23:56 | 001,673,576 | ---- | C] (Microsoft Corporation) -- C:\Programme\dsetup32.dll
[2007.05.31 19:23:56 | 000,503,144 | ---- | C] (Microsoft Corporation) -- C:\Programme\DXSETUP.exe
[2007.05.31 19:23:56 | 000,077,160 | ---- | C] (Microsoft Corporation) -- C:\Programme\DSETUP.dll
[3 C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\*.tmp files -> C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2010.09.08 19:04:20 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Dokumente und Einstellungen\Ich\Desktop\OTL.exe
[2010.09.08 18:50:22 | 000,012,718 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010.09.08 18:50:16 | 000,121,808 | ---- | M] () -- C:\WINDOWS\System32\ativvaxx.cap
[2010.09.08 18:47:56 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010.09.08 18:47:46 | 1609,093,120 | -HS- | M] () -- C:\hiberfil.sys
[2010.09.08 18:47:46 | 000,274,168 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010.09.08 18:46:32 | 000,004,661 | ---- | M] () -- C:\WINDOWS\bthservsdp.dat
[2010.09.08 18:46:28 | 015,466,496 | ---- | M] () -- C:\Dokumente und Einstellungen\Ich\ntuser.dat
[2010.09.08 18:46:28 | 000,000,190 | -HS- | M] () -- C:\Dokumente und Einstellungen\Ich\ntuser.ini
[2010.09.08 18:22:10 | 000,071,688 | ---- | M] () -- C:\Dokumente und Einstellungen\Ich\Lokale Einstellungen\Anwendungsdaten\GDIPFONTCACHEV1.DAT
[2010.09.08 18:15:06 | 000,926,032 | ---- | M] (Symantec Corporation) -- C:\Dokumente und Einstellungen\Ich\Desktop\Norton_Removal_Tool.exe
[2010.09.08 18:14:12 | 000,897,643 | ---- | M] () -- C:\Dokumente und Einstellungen\Ich\Desktop\registrycleaner_de.zip
[2010.09.08 17:15:04 | 014,668,664 | ---- | M] (Microsoft Corporation) -- C:\Dokumente und Einstellungen\Ich\Desktop\IPx86_1031_8.0.225.0.exe
[2010.09.08 16:33:44 | 000,000,280 | ---- | M] () -- C:\WINDOWS\tasks\Microsoft_Hardware_Launch_IType_exe.job
[2010.09.08 16:32:54 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\Msft_Kernel_NuidFltr_01009.Wdf
[2010.09.08 16:29:46 | 014,880,640 | ---- | M] (Microsoft Corporation) -- C:\Dokumente und Einstellungen\Ich\Desktop\ITPx86_1031_8.0.225.0.exe
[2010.09.08 06:46:20 | 000,001,872 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Skype.lnk
[2010.09.08 06:45:32 | 000,958,856 | ---- | M] (Skype Technologies S.A.) -- C:\Dokumente und Einstellungen\Ich\Desktop\SkypeSetup-Beta.exe
[2010.09.08 03:34:32 | 000,001,355 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2010.09.08 03:30:18 | 000,505,776 | ---- | M] () -- C:\WINDOWS\System32\perfh007.dat
[2010.09.08 03:30:18 | 000,481,956 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010.09.08 03:30:18 | 000,088,156 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010.09.08 03:30:16 | 001,151,674 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2010.09.08 03:30:16 | 000,104,852 | ---- | M] () -- C:\WINDOWS\System32\perfc007.dat
[2010.09.08 02:35:12 | 000,002,261 | ---- | M] () -- C:\Dokumente und Einstellungen\Ich\Desktop\Google Chrome.lnk
[2010.09.08 01:11:14 | 000,000,844 | ---- | M] () -- C:\Dokumente und Einstellungen\Ich\Eigene Dateien\Meine freigegebenen Ordner.lnk
[2010.09.08 01:05:16 | 000,000,226 | ---- | M] () -- C:\WINDOWS\Brownie.ini
[2010.09.08 01:05:16 | 000,000,023 | ---- | M] () -- C:\WINDOWS\BRDIAG.INI
[2010.09.08 01:05:16 | 000,000,011 | ---- | M] () -- C:\WINDOWS\BRVIDEO.INI
[2010.09.07 23:40:32 | 000,000,827 | ---- | M] () -- C:\WINDOWS\system.ini
[2010.09.07 23:25:38 | 000,000,339 | RHS- | M] () -- C:\boot.ini
[2010.09.07 22:58:46 | 000,000,562 | ---- | M] () -- C:\Dokumente und Einstellungen\Ich\Desktop\CCleaner.lnk
[2010.09.07 22:57:14 | 003,427,248 | ---- | M] (Piriform Ltd) -- C:\Dokumente und Einstellungen\Ich\Desktop\ccsetup235.exe
[2010.09.07 22:55:06 | 003,840,033 | R--- | M] () -- C:\Dokumente und Einstellungen\Ich\Desktop\cofi.exe
[2010.09.07 21:10:56 | 000,339,991 | ---- | M] () -- C:\Dokumente und Einstellungen\Ich\Desktop\RSIT.exe
[2010.09.07 18:02:34 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt10.sqm
[2010.09.07 18:02:34 | 000,000,232 | -H-- | M] () -- C:\sqmdata10.sqm
[2010.09.07 17:48:54 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt09.sqm
[2010.09.07 17:48:54 | 000,000,232 | -H-- | M] () -- C:\sqmdata09.sqm
[2010.09.07 17:35:32 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt08.sqm
[2010.09.07 17:35:32 | 000,000,232 | -H-- | M] () -- C:\sqmdata08.sqm
[2010.09.07 17:22:12 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt07.sqm
[2010.09.07 17:22:12 | 000,000,232 | -H-- | M] () -- C:\sqmdata07.sqm
[2010.09.07 17:13:46 | 000,000,692 | ---- | M] () -- C:\WINDOWS\win.ini
[2010.09.07 17:13:46 | 000,000,222 | ---- | M] () -- C:\Boot.bak
[2010.09.07 17:08:46 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt06.sqm
[2010.09.07 17:08:46 | 000,000,232 | -H-- | M] () -- C:\sqmdata06.sqm
[2010.09.07 17:06:26 | 004,747,136 | ---- | M] (Adobe Systems Inc.) -- C:\Dokumente und Einstellungen\Ich\Desktop\Shockwave_Installer_Slim.exe
[2010.09.07 17:06:00 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt05.sqm
[2010.09.07 17:06:00 | 000,000,232 | -H-- | M] () -- C:\sqmdata05.sqm
[2010.09.07 17:00:38 | 000,000,232 | -H-- | M] () -- C:\sqmdata04.sqm
[2010.09.07 17:00:36 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt04.sqm
[2010.09.07 16:56:08 | 132,049,776 | ---- | M] (Symantec Corporation) -- C:\Dokumente und Einstellungen\Ich\Desktop\TT_159_SYMTB_TMD.exe
[2010.09.07 16:55:40 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt03.sqm
[2010.09.07 16:55:40 | 000,000,232 | -H-- | M] () -- C:\sqmdata03.sqm
[2010.09.07 16:42:10 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt02.sqm
[2010.09.07 16:42:10 | 000,000,232 | -H-- | M] () -- C:\sqmdata02.sqm
[2010.09.07 16:28:42 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt01.sqm
[2010.09.07 16:28:42 | 000,000,232 | -H-- | M] () -- C:\sqmdata01.sqm
[2010.09.07 16:28:18 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt00.sqm
[2010.09.07 16:28:18 | 000,000,232 | -H-- | M] () -- C:\sqmdata00.sqm
[2010.09.07 08:27:10 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt19.sqm
[2010.09.07 08:27:10 | 000,000,232 | -H-- | M] () -- C:\sqmdata19.sqm
[2010.09.07 08:13:50 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt18.sqm
[2010.09.07 08:13:50 | 000,000,232 | -H-- | M] () -- C:\sqmdata18.sqm
[2010.09.07 08:00:30 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt17.sqm
[2010.09.07 08:00:30 | 000,000,232 | -H-- | M] () -- C:\sqmdata17.sqm
[2010.09.07 07:47:12 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt16.sqm
[2010.09.07 07:47:12 | 000,000,232 | -H-- | M] () -- C:\sqmdata16.sqm
[2010.09.07 07:33:58 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt15.sqm
[2010.09.07 07:33:58 | 000,000,232 | -H-- | M] () -- C:\sqmdata15.sqm
[2010.09.07 07:20:40 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt14.sqm
[2010.09.07 07:20:40 | 000,000,232 | -H-- | M] () -- C:\sqmdata14.sqm
[2010.09.07 07:07:06 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt13.sqm
[2010.09.07 07:07:06 | 000,000,232 | -H-- | M] () -- C:\sqmdata13.sqm
[2010.09.07 07:06:54 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt12.sqm
[2010.09.07 07:06:54 | 000,000,232 | -H-- | M] () -- C:\sqmdata12.sqm
[2010.09.07 02:13:26 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt11.sqm
[2010.09.07 02:13:26 | 000,000,232 | -H-- | M] () -- C:\sqmdata11.sqm
[2010.09.06 22:16:34 | 000,000,556 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2010.09.06 22:15:32 | 000,050,477 | ---- | M] () -- C:\Dokumente und Einstellungen\Ich\Desktop\defogger.exe
[2010.09.06 22:15:28 | 000,284,915 | ---- | M] () -- C:\Dokumente und Einstellungen\Ich\Desktop\Gmer.zip
[2010.09.06 22:14:50 | 000,388,197 | ---- | M] () -- C:\Dokumente und Einstellungen\Ich\Desktop\Load.exe
[2010.09.06 16:34:58 | 000,000,542 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Mp3tag.lnk
[2010.09.06 16:07:44 | 000,000,819 | ---- | M] () -- C:\Dokumente und Einstellungen\Ich\Desktop\DVDVideoSoft Free Studio.lnk
[2010.09.01 04:13:04 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\Msft_User_PCCSWpdDriver_01_09_00.Wdf
[2010.09.01 04:12:58 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\MsftWdf_user_01_09_00.Wdf
[2010.09.01 04:07:14 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\MsftWdf_Kernel_01009_Coinstaller_Critical.Wdf
[2010.09.01 04:07:14 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\Msft_Kernel_ccdcmb_01009.Wdf
[2010.09.01 03:50:42 | 000,001,880 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Nokia Ovi Player.lnk
[2010.09.01 03:49:10 | 000,001,673 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Nokia Ovi Suite.lnk
[2010.08.22 17:30:56 | 000,031,001 | ---- | M] () -- C:\Dokumente und Einstellungen\Ich\Desktop\JAck the Ripper.odt
[3 C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\*.tmp files -> C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2010.09.08 18:14:15 | 000,897,643 | ---- | C] () -- C:\Dokumente und Einstellungen\Ich\Desktop\registrycleaner_de.zip
[2010.09.08 16:33:42 | 000,000,280 | ---- | C] () -- C:\WINDOWS\tasks\Microsoft_Hardware_Launch_IType_exe.job
[2010.09.08 16:32:53 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\Msft_Kernel_NuidFltr_01009.Wdf
[2010.09.08 06:46:19 | 000,001,872 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Skype.lnk
[2010.09.08 03:02:59 | 000,001,355 | ---- | C] () -- C:\WINDOWS\imsins.BAK
[2010.09.08 01:11:13 | 000,000,844 | ---- | C] () -- C:\Dokumente und Einstellungen\Ich\Eigene Dateien\Meine freigegebenen Ordner.lnk
[2010.09.07 23:25:36 | 000,000,222 | ---- | C] () -- C:\Boot.bak
[2010.09.07 23:25:34 | 000,262,448 | RHS- | C] () -- C:\cmldr
[2010.09.07 23:21:19 | 000,256,512 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2010.09.07 23:21:19 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2010.09.07 23:21:19 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2010.09.07 23:21:19 | 000,077,312 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2010.09.07 23:21:19 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2010.09.07 22:58:45 | 000,000,562 | ---- | C] () -- C:\Dokumente und Einstellungen\Ich\Desktop\CCleaner.lnk
[2010.09.07 22:55:05 | 003,840,033 | R--- | C] () -- C:\Dokumente und Einstellungen\Ich\Desktop\cofi.exe
[2010.09.07 21:11:00 | 000,339,991 | ---- | C] () -- C:\Dokumente und Einstellungen\Ich\Desktop\RSIT.exe
[2010.09.06 23:38:51 | 000,000,244 | -H-- | C] () -- C:\sqmnoopt19.sqm
[2010.09.06 23:38:51 | 000,000,232 | -H-- | C] () -- C:\sqmdata19.sqm
[2010.09.06 23:19:51 | 000,000,244 | -H-- | C] () -- C:\sqmnoopt18.sqm
[2010.09.06 23:19:51 | 000,000,232 | -H-- | C] () -- C:\sqmdata18.sqm
[2010.09.06 23:15:54 | 000,000,244 | -H-- | C] () -- C:\sqmnoopt17.sqm
[2010.09.06 23:15:54 | 000,000,232 | -H-- | C] () -- C:\sqmdata17.sqm
[2010.09.06 23:06:38 | 000,000,244 | -H-- | C] () -- C:\sqmnoopt16.sqm
[2010.09.06 23:06:38 | 000,000,232 | -H-- | C] () -- C:\sqmdata16.sqm
[2010.09.06 22:53:08 | 000,000,244 | -H-- | C] () -- C:\sqmnoopt15.sqm
[2010.09.06 22:53:08 | 000,000,232 | -H-- | C] () -- C:\sqmdata15.sqm
[2010.09.06 22:45:34 | 000,000,244 | -H-- | C] () -- C:\sqmnoopt14.sqm
[2010.09.06 22:45:34 | 000,000,232 | -H-- | C] () -- C:\sqmdata14.sqm
[2010.09.06 22:16:32 | 000,000,556 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2010.09.06 22:15:31 | 000,050,477 | ---- | C] () -- C:\Dokumente und Einstellungen\Ich\Desktop\defogger.exe
[2010.09.06 22:15:26 | 000,284,915 | ---- | C] () -- C:\Dokumente und Einstellungen\Ich\Desktop\Gmer.zip
[2010.09.06 22:14:50 | 000,388,197 | ---- | C] () -- C:\Dokumente und Einstellungen\Ich\Desktop\Load.exe
[2010.09.06 22:13:26 | 000,000,244 | -H-- | C] () -- C:\sqmnoopt13.sqm
[2010.09.06 22:13:26 | 000,000,232 | -H-- | C] () -- C:\sqmdata13.sqm
[2010.09.06 21:46:25 | 000,000,244 | -H-- | C] () -- C:\sqmnoopt12.sqm
[2010.09.06 21:46:25 | 000,000,232 | -H-- | C] () -- C:\sqmdata12.sqm
[2010.09.06 21:33:02 | 000,000,244 | -H-- | C] () -- C:\sqmnoopt11.sqm
[2010.09.06 21:33:02 | 000,000,232 | -H-- | C] () -- C:\sqmdata11.sqm
[2010.09.06 21:19:43 | 000,000,244 | -H-- | C] () -- C:\sqmnoopt10.sqm
[2010.09.06 21:19:43 | 000,000,232 | -H-- | C] () -- C:\sqmdata10.sqm
[2010.09.06 21:06:24 | 000,000,244 | -H-- | C] () -- C:\sqmnoopt09.sqm
[2010.09.06 21:06:24 | 000,000,232 | -H-- | C] () -- C:\sqmdata09.sqm
[2010.09.06 20:53:01 | 000,000,244 | -H-- | C] () -- C:\sqmnoopt08.sqm
[2010.09.06 20:53:01 | 000,000,232 | -H-- | C] () -- C:\sqmdata08.sqm
[2010.09.06 20:41:28 | 000,000,244 | -H-- | C] () -- C:\sqmnoopt07.sqm
[2010.09.06 20:41:28 | 000,000,232 | -H-- | C] () -- C:\sqmdata07.sqm
[2010.09.06 20:26:22 | 000,000,244 | -H-- | C] () -- C:\sqmnoopt06.sqm
[2010.09.06 20:26:22 | 000,000,232 | -H-- | C] () -- C:\sqmdata06.sqm
[2010.09.06 20:13:15 | 000,000,244 | -H-- | C] () -- C:\sqmnoopt05.sqm
[2010.09.06 20:13:15 | 000,000,232 | -H-- | C] () -- C:\sqmdata05.sqm
[2010.09.06 19:59:50 | 000,000,244 | -H-- | C] () -- C:\sqmnoopt04.sqm
[2010.09.06 19:59:50 | 000,000,232 | -H-- | C] () -- C:\sqmdata04.sqm
[2010.09.06 19:48:39 | 000,000,244 | -H-- | C] () -- C:\sqmnoopt03.sqm
[2010.09.06 19:48:39 | 000,000,232 | -H-- | C] () -- C:\sqmdata03.sqm
[2010.09.06 16:34:57 | 000,000,542 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Mp3tag.lnk
[2010.09.02 20:30:40 | 000,159,072 | ---- | C] () -- C:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\Anwendungsdaten\FontCache3.0.0.0.dat
[2010.09.01 04:13:03 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\Msft_User_PCCSWpdDriver_01_09_00.Wdf
[2010.09.01 04:12:56 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\MsftWdf_user_01_09_00.Wdf
[2010.09.01 04:07:13 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\Msft_Kernel_ccdcmb_01009.Wdf
[2010.09.01 04:07:12 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\MsftWdf_Kernel_01009_Coinstaller_Critical.Wdf
[2010.09.01 03:50:40 | 000,001,880 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Nokia Ovi Player.lnk
[2010.09.01 03:49:08 | 000,001,673 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Nokia Ovi Suite.lnk
[2010.08.22 16:34:49 | 000,031,001 | ---- | C] () -- C:\Dokumente und Einstellungen\Ich\Desktop\JAck the Ripper.odt
[2009.12.30 14:27:46 | 000,000,000 | ---- | C] () -- C:\WINDOWS\brmx2001.ini
[2009.12.30 14:27:41 | 000,000,114 | ---- | C] () -- C:\WINDOWS\System32\brlmw03a.ini
[2009.11.05 21:09:57 | 000,000,064 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\sandra.ldb
[2009.06.15 11:30:37 | 000,002,876 | ---- | C] () -- C:\WINDOWS\ATICIM.INI
[2008.12.26 21:27:55 | 000,383,238 | ---- | C] () -- C:\WINDOWS\System32\libmp3lame-0.dll
[2008.06.30 19:50:08 | 000,000,012 | ---- | C] () -- C:\WINDOWS\dirsaver.ini
[2008.01.13 16:48:55 | 000,000,110 | ---- | C] () -- C:\WINDOWS\AVerText.ini
[2007.12.24 17:27:41 | 000,363,520 | ---- | C] () -- C:\WINDOWS\System32\PsisDecd.dll
[2007.12.24 17:27:41 | 000,363,520 | ---- | C] () -- C:\WINDOWS\System32\PsisDecd(2).dll
[2007.12.24 17:27:35 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\34CoInstaller.dll
[2007.08.01 17:29:04 | 000,000,025 | ---- | C] () -- C:\WINDOWS\cdplayer.ini
[2007.05.31 19:43:44 | 000,703,258 | ---- | C] () -- C:\Programme\JUN2007_d3dx10_34_x64.cab
[2007.05.31 19:43:42 | 001,611,772 | ---- | C] () -- C:\Programme\JUN2007_d3dx9_34_x64.cab
[2007.05.31 19:43:42 | 000,701,218 | ---- | C] () -- C:\Programme\JUN2007_d3dx10_34_x86.cab
[2007.05.31 19:43:40 | 001,610,203 | ---- | C] () -- C:\Programme\JUN2007_d3dx9_34_x86.cab
[2007.05.31 19:43:40 | 000,200,646 | ---- | C] () -- C:\Programme\JUN2007_XACT_x64.cab
[2007.05.31 19:43:40 | 000,155,892 | ---- | C] () -- C:\Programme\JUN2007_XACT_x86.cab
[2007.05.31 19:43:38 | 000,044,687 | ---- | C] () -- C:\Programme\dxdllreg_x86.cab
[2007.05.31 19:23:58 | 000,086,401 | ---- | C] () -- C:\Programme\dxupdate.cab
[2007.05.31 19:23:56 | 001,413,862 | ---- | C] () -- C:\Programme\OCT2006_d3dx9_31_x64.cab
[2007.05.31 19:23:56 | 001,336,890 | ---- | C] () -- C:\Programme\Jun2005_d3dx9_26_x64.cab
[2007.05.31 19:23:56 | 001,128,177 | ---- | C] () -- C:\Programme\OCT2006_d3dx9_31_x86.cab
[2007.05.31 19:23:56 | 001,065,813 | ---- | C] () -- C:\Programme\Jun2005_d3dx9_26_x86.cab
[2007.05.31 19:23:56 | 000,183,321 | ---- | C] () -- C:\Programme\OCT2006_XACT_x64.cab
[2007.05.31 19:23:56 | 000,181,745 | ---- | C] () -- C:\Programme\JUN2006_XACT_x64.cab
[2007.05.31 19:23:56 | 000,138,977 | ---- | C] () -- C:\Programme\OCT2006_XACT_x86.cab
[2007.05.31 19:23:56 | 000,134,631 | ---- | C] () -- C:\Programme\JUN2006_XACT_x86.cab
[2007.05.31 19:23:56 | 000,086,925 | ---- | C] () -- C:\Programme\Oct2005_xinput_x64.cab
[2007.05.31 19:23:56 | 000,046,247 | ---- | C] () -- C:\Programme\Oct2005_xinput_x86.cab
[2007.05.31 19:23:54 | 001,610,958 | ---- | C] () -- C:\Programme\APR2007_d3dx9_33_x64.cab
[2007.05.31 19:23:54 | 001,609,639 | ---- | C] () -- C:\Programme\APR2007_d3dx9_33_x86.cab
[2007.05.31 19:23:54 | 001,575,336 | ---- | C] () -- C:\Programme\DEC2006_d3dx9_32_x86.cab
[2007.05.31 19:23:54 | 001,572,114 | ---- | C] () -- C:\Programme\DEC2006_d3dx9_32_x64.cab
[2007.05.31 19:23:54 | 001,363,684 | ---- | C] () -- C:\Programme\Feb2006_d3dx9_29_x64.cab
[2007.05.31 19:23:54 | 001,358,864 | ---- | C] () -- C:\Programme\Dec2005_d3dx9_28_x64.cab
[2007.05.31 19:23:54 | 001,351,430 | ---- | C] () -- C:\Programme\Aug2005_d3dx9_27_x64.cab
[2007.05.31 19:23:54 | 001,248,387 | ---- | C] () -- C:\Programme\Feb2005_d3dx9_24_x64.cab
[2007.05.31 19:23:54 | 001,085,608 | ---- | C] () -- C:\Programme\Feb2006_d3dx9_29_x86.cab
[2007.05.31 19:23:54 | 001,080,344 | ---- | C] () -- C:\Programme\Dec2005_d3dx9_28_x86.cab
[2007.05.31 19:23:54 | 001,078,532 | ---- | C] () -- C:\Programme\Aug2005_d3dx9_27_x86.cab
[2007.05.31 19:23:54 | 001,014,113 | ---- | C] () -- C:\Programme\Feb2005_d3dx9_24_x86.cab
[2007.05.31 19:23:54 | 000,699,465 | ---- | C] () -- C:\Programme\APR2007_d3dx10_33_x86.cab
[2007.05.31 19:23:54 | 000,213,767 | ---- | C] () -- C:\Programme\DEC2006_d3dx10_00_x64.cab
[2007.05.31 19:23:54 | 000,199,366 | ---- | C] () -- C:\Programme\APR2007_XACT_x64.cab
[2007.05.31 19:23:54 | 000,198,275 | ---- | C] () -- C:\Programme\FEB2007_XACT_x64.cab
[2007.05.31 19:23:54 | 000,193,435 | ---- | C] () -- C:\Programme\DEC2006_XACT_x64.cab
[2007.05.31 19:23:54 | 000,192,680 | ---- | C] () -- C:\Programme\DEC2006_d3dx10_00_x86.cab
[2007.05.31 19:23:54 | 000,183,863 | ---- | C] () -- C:\Programme\AUG2006_XACT_x64.cab
[2007.05.31 19:23:54 | 000,179,247 | ---- | C] () -- C:\Programme\Feb2006_XACT_x64.cab
[2007.05.31 19:23:54 | 000,154,825 | ---- | C] () -- C:\Programme\APR2007_XACT_x86.cab
[2007.05.31 19:23:54 | 000,151,583 | ---- | C] () -- C:\Programme\FEB2007_XACT_x86.cab
[2007.05.31 19:23:54 | 000,146,559 | ---- | C] () -- C:\Programme\DEC2006_XACT_x86.cab
[2007.05.31 19:23:54 | 000,138,195 | ---- | C] () -- C:\Programme\AUG2006_XACT_x86.cab
[2007.05.31 19:23:54 | 000,133,297 | ---- | C] () -- C:\Programme\Feb2006_XACT_x86.cab
[2007.05.31 19:23:54 | 000,100,417 | ---- | C] () -- C:\Programme\APR2007_xinput_x64.cab
[2007.05.31 19:23:54 | 000,088,102 | ---- | C] () -- C:\Programme\AUG2006_xinput_x64.cab
[2007.05.31 19:23:54 | 000,056,902 | ---- | C] () -- C:\Programme\APR2007_xinput_x86.cab
[2007.05.31 19:23:54 | 000,047,018 | ---- | C] () -- C:\Programme\AUG2006_xinput_x86.cab
[2007.05.31 19:23:52 | 013,265,040 | ---- | C] () -- C:\Programme\dxnt.cab
[2007.05.31 19:23:52 | 004,163,518 | ---- | C] () -- C:\Programme\Apr2006_MDX1_x86_Archive.cab
[2007.05.31 19:23:52 | 001,398,718 | ---- | C] () -- C:\Programme\Apr2006_d3dx9_30_x64.cab
[2007.05.31 19:23:52 | 001,348,242 | ---- | C] () -- C:\Programme\Apr2005_d3dx9_25_x64.cab
[2007.05.31 19:23:52 | 001,156,363 | ---- | C] () -- C:\Programme\BDANT.cab
[2007.05.31 19:23:52 | 001,116,109 | ---- | C] () -- C:\Programme\Apr2006_d3dx9_30_x86.cab
[2007.05.31 19:23:52 | 001,079,850 | ---- | C] () -- C:\Programme\Apr2005_d3dx9_25_x86.cab
[2007.05.31 19:23:52 | 000,976,020 | ---- | C] () -- C:\Programme\BDAXP.cab
[2007.05.31 19:23:52 | 000,917,318 | ---- | C] () -- C:\Programme\Apr2006_MDX1_x86.cab
[2007.05.31 19:23:52 | 000,702,212 | ---- | C] () -- C:\Programme\APR2007_d3dx10_33_x64.cab
[2007.05.31 19:23:52 | 000,180,021 | ---- | C] () -- C:\Programme\Apr2006_XACT_x64.cab
[2007.05.31 19:23:52 | 000,133,991 | ---- | C] () -- C:\Programme\Apr2006_XACT_x86.cab
[2007.05.31 19:23:52 | 000,087,989 | ---- | C] () -- C:\Programme\Apr2006_xinput_x64.cab
[2007.05.31 19:23:52 | 000,046,898 | ---- | C] () -- C:\Programme\Apr2006_xinput_x86.cab
[2007.03.04 21:35:48 | 000,000,084 | ---- | C] () -- C:\WINDOWS\StyleBuilder.INI
[2007.02.03 23:04:37 | 000,000,214 | -H-- | C] () -- C:\Dokumente und Einstellungen\Ich\Anwendungsdaten\xpy.ini
[2007.02.02 15:48:37 | 000,003,972 | ---- | C] () -- C:\WINDOWS\System32\drivers\PciBus.sys
[2007.01.29 16:48:00 | 000,229,888 | ---- | C] () -- C:\Dokumente und Einstellungen\Ich\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2007.01.26 16:50:31 | 000,025,054 | ---- | C] () -- C:\Dokumente und Einstellungen\Ich\Anwendungsdaten\wklnhst.dat
[2007.01.26 16:46:15 | 000,000,136 | ---- | C] () -- C:\Dokumente und Einstellungen\Ich\Lokale Einstellungen\Anwendungsdaten\fusioncache.dat
[2006.12.24 18:19:50 | 000,299,008 | ---- | C] () -- C:\WINDOWS\System32\LAME_MP3.dll
[2006.12.24 18:18:44 | 000,921,600 | ---- | C] () -- C:\WINDOWS\System32\vorbisenc.dll
[2006.12.24 18:18:44 | 000,237,568 | ---- | C] () -- C:\WINDOWS\System32\OggDS.dll
[2006.12.24 18:18:44 | 000,188,416 | ---- | C] () -- C:\WINDOWS\System32\vorbis.dll
[2006.12.24 18:18:44 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\ogg.dll
[2006.08.29 16:59:33 | 000,000,226 | ---- | C] () -- C:\WINDOWS\Brownie.ini
[2006.08.29 16:59:33 | 000,000,023 | ---- | C] () -- C:\WINDOWS\BRDIAG.INI
[2006.08.29 16:59:33 | 000,000,011 | ---- | C] () -- C:\WINDOWS\BRVIDEO.INI
[2006.08.29 16:59:06 | 000,000,432 | ---- | C] () -- C:\WINDOWS\BRWMARK.INI
[2006.08.24 15:50:28 | 000,069,632 | R--- | C] () -- C:\WINDOWS\System32\xmltok.dll
[2006.08.24 15:50:28 | 000,036,864 | R--- | C] () -- C:\WINDOWS\System32\xmlparse.dll
[2006.08.19 12:45:25 | 000,000,305 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\addr_file.html
[2006.08.15 21:24:23 | 000,002,927 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\QTSBandwidthCache
[2006.08.11 19:57:47 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2006.08.08 18:34:56 | 000,294,912 | ---- | C] () -- C:\WINDOWS\System32\mbr_sqlite.dll
[2006.08.04 23:58:35 | 000,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2006.07.29 16:52:06 | 000,000,122 | ---- | C] () -- C:\WINDOWS\SecurityandPrivacy2.ini
[2006.07.26 16:39:14 | 000,000,000 | ---- | C] () -- C:\WINDOWS\MSDraw.ini
[2006.05.17 21:31:20 | 000,000,025 | ---- | C] () -- C:\WINDOWS\CDEC64Euro.ini
[2006.04.13 14:38:33 | 000,147,456 | ---- | C] () -- C:\WINDOWS\System32\SAICFG.dll
[2006.02.14 17:03:55 | 000,000,169 | ---- | C] () -- C:\WINDOWS\RtlRack.ini
[2006.02.12 14:27:40 | 000,000,053 | ---- | C] () -- C:\WINDOWS\Fahrenheit_Screen.ini
[2005.12.27 10:10:49 | 000,000,400 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2005.12.27 08:05:05 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\eRLog.ini
[2005.10.28 19:32:17 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2005.10.22 07:38:52 | 000,001,024 | RH-- | C] () -- C:\WINDOWS\System32\NTIBUN4.dll
[2005.10.22 07:38:03 | 000,001,024 | RH-- | C] () -- C:\WINDOWS\System32\NTIMPEG2.dll
[2005.10.22 07:38:03 | 000,001,024 | RH-- | C] () -- C:\WINDOWS\System32\NTIMP3.dll
[2005.10.22 07:38:03 | 000,001,024 | RH-- | C] () -- C:\WINDOWS\System32\NTIFCD3.dll
[2005.10.22 07:38:03 | 000,001,024 | RH-- | C] () -- C:\WINDOWS\System32\NTICDMK7.dll
[2005.10.22 07:34:05 | 000,000,164 | ---- | C] () -- C:\WINDOWS\avrack.ini
[2005.10.22 07:34:02 | 000,156,672 | ---- | C] () -- C:\WINDOWS\System32\RtlCPAPI.dll
[2005.10.22 07:29:22 | 000,008,073 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini
[2005.10.22 07:23:00 | 000,003,776 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini
[2005.10.22 07:13:21 | 000,014,336 | ---- | C] () -- C:\WINDOWS\System32\msdmo(2).dll
[2005.04.28 05:22:34 | 000,831,488 | ---- | C] () -- C:\WINDOWS\System32\libeay32.dll
[2005.04.28 05:22:34 | 000,159,744 | ---- | C] () -- C:\WINDOWS\System32\ssleay32.dll
[2004.12.20 11:08:28 | 000,155,648 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2004.12.20 11:03:26 | 000,765,952 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2004.12.17 17:14:44 | 000,013,952 | ---- | C] () -- C:\WINDOWS\System32\drivers\UBHelper.sys
[2001.12.26 16:12:30 | 000,065,536 | R--- | C] () -- C:\WINDOWS\System32\multiplex_vcd.dll
[2001.09.03 23:46:38 | 000,110,592 | R--- | C] () -- C:\WINDOWS\System32\Hmpg12.dll
[2001.07.30 16:33:56 | 000,118,784 | R--- | C] () -- C:\WINDOWS\System32\HMPV2_ENC.dll
[2001.07.23 22:04:36 | 000,118,784 | R--- | C] () -- C:\WINDOWS\System32\HMPV2_ENC_MMX.dll
[1997.06.14 12:56:08 | 000,056,832 | ---- | C] () -- C:\WINDOWS\System32\iyvu9_32.dll
[1980.01.01 00:00:00 | 000,000,083 | ---- | C] () -- C:\WINDOWS\ALaunch.ini
< End of report >
--- --- ---

.Anti. 08.09.2010 20:46
Upps, iwie habe ich ja den Extra-Log vergessen :headbang:

Hier nochmal ein ganz aktueller Bericht, den oberen bitte nicht beachten ;)

OTL Logfile:
Code:
OTL logfile created on: 08.09.2010 21:43:38 - Run 3
OTL by OldTimer - Version 3.2.11.0    Folder = C:\Dokumente und Einstellungen\Ich\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.11)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
1,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 49,00% Memory free
2,00 Gb Paging File | 2,00 Gb Available in Paging File | 72,00% Paging File free
Paging file location(s): C:\pagefile.sys 1024 1024 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 72,65 Gb Total Space | 19,03 Gb Free Space | 26,19% Space Free | Partition Type: FAT32
Drive D: | 73,45 Gb Total Space | 50,81 Gb Free Space | 69,17% Space Free | Partition Type: NTFS
Drive E: | 455,16 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
 
Computer Name: FINN
Current User Name: Ich
Logged in as Administrator.
 
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal
 
========== Processes (SafeList) ==========
 
PRC - C:\Dokumente und Einstellungen\Ich\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Programme\Mozilla Thunderbird\thunderbird.exe (Mozilla Messaging)
PRC - D:\Programme\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - D:\Programme\ICQ7.0\ICQ.exe (ICQ, LLC.)
PRC - C:\Programme\Microsoft IntelliType Pro\itype.exe (Microsoft Corporation)
PRC - C:\Programme\Microsoft IntelliType Pro\dpupdchk.exe (Microsoft Corporation)
PRC - C:\WINDOWS\system32\Macromed\Shockwave 10\PostUpdate.exe ()
PRC - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Virtualization Handler\CVHSVC.EXE (Microsoft Corporation)
PRC - C:\Programme\Microsoft Application Virtualization Client\sftvsa.exe (Microsoft Corporation)
PRC - C:\Programme\Microsoft Application Virtualization Client\sftlist.exe (Microsoft Corporation)
PRC - C:\WINDOWS\system32\mmc.exe (Microsoft Corporation)
PRC - C:\WINDOWS\Explorer.EXE (Microsoft Corporation)
PRC - C:\WINDOWS\system32\dfrgfat.exe (Microsoft Corporation und Executive Software International, Inc.)
PRC - C:\Programme\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
PRC - C:\WINDOWS\system32\UAService7.exe (Sony DADC Austria AG.)
PRC - D:\Programme\T-Online\T-Online_Software_6\Basis-Software\Basis1\ToADiMon.exe (T-Online International AG, Marmiko IT-Solutions GmbH)
PRC - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Works Shared\WkCalRem.exe (Microsoft® Corporation)
 
 
========== Modules (SafeList) ==========
 
MOD - C:\Dokumente und Einstellungen\Ich\Desktop\OTL.exe (OldTimer Tools)
MOD - C:\WINDOWS\system32\msscript.ocx (Microsoft Corporation)
MOD - C:\Programme\TuneUp WinStyler\WinStylerThemeHelper.dll ()
 
 
========== Win32 Services (SafeList) ==========
 
SRV - (AppMgmt) -- C:\WINDOWS\System32\appmgmts.dll File not found
SRV - (ServiceLayer) -- C:\Programme\PC Connectivity Solution\ServiceLayer.exe (Nokia)
SRV - (cvhsvc) -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\Virtualization Handler\CVHSVC.EXE (Microsoft Corporation)
SRV - (osppsvc) -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE (Microsoft Corporation)
SRV - (ose) -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE (Microsoft Corporation)
SRV - (sftvsa) -- C:\Programme\Microsoft Application Virtualization Client\sftvsa.exe (Microsoft Corporation)
SRV - (sftlist) -- C:\Programme\Microsoft Application Virtualization Client\sftlist.exe (Microsoft Corporation)
SRV - (UserAccess7) SecuROM User Access Service (V7) -- C:\WINDOWS\system32\UAService7.exe (Sony DADC Austria AG.)
SRV - (IDriverT) -- C:\Programme\Gemeinsame Dateien\InstallShield\Driver\11\Intel 32\IDriverT.exe (Macrovision Corporation)
SRV - (TUWinStylerThemeSvc) -- C:\Programme\TuneUp WinStyler\WinStylerThemeSvc.exe (TuneUp Software GmbH)
 
 
========== Driver Services (SafeList) ==========
 
DRV - (USBAAPL) -- C:\WINDOWS\System32\Drivers\usbaapl.sys File not found
DRV - (upperdev) -- C:\WINDOWS\System32\DRIVERS\usbser_lowerflt.sys File not found
DRV - (SANDRA) -- D:\Programme\SiSoftware\SiSoftware Sandra Lite 2009.SP3c\WNt500x86\Sandra.sys File not found
DRV - (Point32) -- C:\WINDOWS\System32\DRIVERS\point32.sys File not found
DRV - (ovt530) -- C:\WINDOWS\System32\Drivers\ov530vid.sys File not found
DRV - (MTOnlPktAlyX) -- D:\PROGRA~1\T-Online\T-ONLI~1\BASIS-~1\Basis1\MTOnlPktAlyX.SYS File not found
DRV - (int15.sys) -- C:\Programme\Acer\eRecovery\int15.sys File not found
DRV - (DMSKSSRh) -- C:\DOKUME~1\Ich\LOKALE~1\Temp\DMSKSSRh.sys File not found
DRV - (catchme) -- C:\cofi\catchme.sys File not found
DRV - (NuidFltr) -- C:\WINDOWS\system32\drivers\nuidfltr.sys (Microsoft Corporation)
DRV - (nmwcd) -- C:\WINDOWS\system32\drivers\ccdcmb.sys (Nokia)
DRV - (Sftredir) -- C:\WINDOWS\system32\drivers\Sftredirxp.sys (Microsoft Corporation)
DRV - (sftvol) -- C:\Programme\Microsoft Application Virtualization Client\drivers\SftVolXP.sys (Microsoft Corporation)
DRV - (sftplay) -- C:\Programme\Microsoft Application Virtualization Client\drivers\sftplayxp.sys (Microsoft Corporation)
DRV - (sftfs) -- C:\Programme\Microsoft Application Virtualization Client\drivers\SftFSXP.sys (Microsoft Corporation)
DRV - (sptd) -- C:\WINDOWS\system32\drivers\sptd.sys (Duplex Secure Ltd.)
DRV - (ssmdrv) -- C:\WINDOWS\System32\drivers\ssmdrv.sys (Avira GmbH)
DRV - (ati2mtag) -- C:\WINDOWS\system32\drivers\ati2mtag.sys (ATI Technologies Inc.)
DRV - (AtiHdmiService) -- C:\WINDOWS\system32\drivers\AtiHdmi.sys (ATI Research Inc.)
DRV - (pccsmcfd) -- C:\WINDOWS\system32\drivers\pccsmcfd.sys (Nokia)
DRV - (nm) -- C:\WINDOWS\system32\drivers\nmnt.sys (Microsoft Corporation)
DRV - (MPE) -- C:\WINDOWS\system32\drivers\mpe.sys (Microsoft Corporation)
DRV - (usbaudio) USB-Audiotreiber (WDM) -- C:\WINDOWS\system32\drivers\USBAUDIO.sys (Microsoft Corporation)
DRV - (HDAudBus) -- C:\WINDOWS\system32\drivers\Hdaudbus.sys (Windows (R) Server 2003 DDK provider)
DRV - (amdide) -- C:\WINDOWS\system32\DRIVERS\amdide.sys (Advanced Micro Devices)
DRV - (AmdK8) -- C:\WINDOWS\system32\drivers\AmdK8.sys (Advanced Micro Devices)
DRV - (MIINPazX) -- C:\Programme\Gemeinsame Dateien\Marmiko Shared\MInfraIS\MIINPazx.sys (T-Online International AG, Marmiko IT-Solutions GmbH)
DRV - (AVerA700) -- C:\WINDOWS\system32\drivers\AVerBDA3x.sys (AVerMedia TECHNOLOGIES, Inc.)
DRV - (sfvfs02) StarForce Protection VFS Driver (version 2.x) -- C:\WINDOWS\System32\drivers\sfvfs02.sys (Protection Technology)
DRV - (NTIDrvr) -- C:\WINDOWS\system32\drivers\NTIDrvr.sys (NewTech Infosystems, Inc.)
DRV - (yukonwxp) -- C:\WINDOWS\system32\drivers\yk51x86.sys (Marvell)
DRV - (IntcAzAudAddService) Service for Realtek HD Audio (WDM) -- C:\WINDOWS\system32\drivers\RtkHDAud.sys (Realtek Semiconductor Corp.)
DRV - (ALCXWDM) Service for Realtek AC97 Audio (WDM) -- C:\WINDOWS\system32\drivers\ALCXWDM.SYS (Realtek Semiconductor Corp.)
DRV - (SI3112r) -- C:\WINDOWS\system32\DRIVERS\SI3112r.sys (Silicon Image, Inc.)
DRV - (SiFilter) -- C:\WINDOWS\system32\DRIVERS\SiWinAcc.sys (Silicon Image, Inc.)
DRV - (RTL8023xp) -- C:\WINDOWS\system32\drivers\Rtlnicxp.sys (Realtek Semiconductor Corporation                          )
DRV - (Afc) -- C:\WINDOWS\system32\drivers\afc.sys (Arcsoft, Inc.)
DRV - (HdAudAddService) -- C:\WINDOWS\system32\drivers\Hdaudio.sys (Windows (R) Server 2003 DDK provider)
DRV - (UBHelper) -- C:\WINDOWS\System32\drivers\UBHelper.sys ()
DRV - (rtl8139) NT-Treiber für Realtek RTL8139(A/B/C) -- C:\WINDOWS\system32\drivers\RTL8139.sys (Realtek Semiconductor Corporation)
DRV - (SaiH0464) -- C:\WINDOWS\system32\drivers\SaiH0464.sys (Saitek)
DRV - (SaiNtBus) -- C:\WINDOWS\system32\drivers\SaiNtBus.sys (Saitek)
DRV - (SaiMini) -- C:\WINDOWS\system32\drivers\SaiMini.sys (Saitek)
DRV - (pfc) -- C:\WINDOWS\system32\drivers\pfc.sys (Padus, Inc.)
DRV - (viaagp1) -- C:\WINDOWS\system32\DRIVERS\viaagp1.sys (VIA Technologies, Inc.)
DRV - (BrPar) -- C:\WINDOWS\System32\drivers\BrPar.sys (Brother Industries Ltd.)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = hxxp://www.google.com/ie
IE - HKLM\..\URLSearchHook:  - Reg Error: Key error. File not found
IE - HKLM\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - Reg Error: Key error. File not found
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://fullarticles.net
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP =
IE - HKCU\..\URLSearchHook:  - Reg Error: Key error. File not found
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..browser.startup.homepage: "schueler.cc|travian.at|youtube.com"
FF - prefs.js..extensions.enabledItems: {D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}:0.9.7.1
FF - prefs.js..extensions.enabledItems: {A27F3FEF-1113-4cfb-A032-8E12D7D8EE70}:7.3.3.42
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: {35106bca-6c78-48c7-ac28-56df30b51d2a}:1.3.8
 
FF - HKLM\software\mozilla\Firefox\Extensions\\{A27F3FEF-1113-4cfb-A032-8E12D7D8EE70}: C:\Programme\Nokia\Nokia Ovi Suite\Connectors\Bookmarks Connector\FirefoxExtension\ [2010.09.01 03:44:34 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.12\extensions\\Components: D:\Programme\Mozilla Firefox\components [2010.09.08 18:34:04 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.12\extensions\\Plugins: D:\Programme\Mozilla Firefox\plugins [2010.09.08 18:34:04 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Thunderbird 3.1.2\extensions\\Components: C:\Programme\Mozilla Thunderbird\components [2007.05.01 16:30:44 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Thunderbird 3.1.2\extensions\\Plugins: C:\Programme\Mozilla Thunderbird\plugins [2008.09.05 15:05:18 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Thunderbird\Extensions\\{CCB7D94B-CA92-4E3F-B79D-ADE0F07ADC74}: C:\Programme\Nokia\Nokia Ovi Suite\Connectors\Thunderbird Connector\ThunderbirdExtension\ [2010.09.01 03:44:32 | 000,000,000 | ---D | M]
 
[2010.04.13 14:06:06 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Ich\Anwendungsdaten\Mozilla\Extensions
[2010.09.08 18:35:44 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\Ich\Anwendungsdaten\Mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}
[2010.04.13 14:06:06 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Ich\Anwendungsdaten\Mozilla\Firefox\Profiles\7wx31l7l.default\extensions
[2010.04.13 14:35:58 | 000,000,000 | ---D | M] (Linkification) -- C:\Dokumente und Einstellungen\Ich\Anwendungsdaten\Mozilla\Firefox\Profiles\7wx31l7l.default\extensions\{35106bca-6c78-48c7-ac28-56df30b51d2a}
[2010.09.06 16:07:58 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\Ich\Anwendungsdaten\Mozilla\Firefox\Profiles\7wx31l7l.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
[2010.08.19 23:50:02 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Dokumente und Einstellungen\Ich\Anwendungsdaten\Mozilla\Firefox\Profiles\7wx31l7l.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2010.09.01 04:39:28 | 000,000,000 | ---D | M] (Download Statusbar) -- C:\Dokumente und Einstellungen\Ich\Anwendungsdaten\Mozilla\Firefox\Profiles\7wx31l7l.default\extensions\{D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}
[2010.04.18 14:08:46 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Ich\Anwendungsdaten\Mozilla\Firefox\Profiles\7wx31l7l.default\extensions\youtube2mp3@mondayx.de
[2010.09.08 16:16:36 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Ich\Anwendungsdaten\Mozilla\Firefox\Profiles\9ochijs3.001\extensions
[2010.01.14 23:08:20 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Ich\Anwendungsdaten\Mozilla\Firefox\Profiles\cg7plwxo.default\extensions
[2010.04.11 18:03:30 | 000,000,000 | ---D | M] (Linkification) -- C:\Dokumente und Einstellungen\Ich\Anwendungsdaten\Mozilla\Firefox\Profiles\cg7plwxo.default\extensions\{35106bca-6c78-48c7-ac28-56df30b51d2a}
[2010.09.06 16:07:58 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\Ich\Anwendungsdaten\Mozilla\Firefox\Profiles\cg7plwxo.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
[2010.04.11 15:12:12 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Dokumente und Einstellungen\Ich\Anwendungsdaten\Mozilla\Firefox\Profiles\cg7plwxo.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2010.03.17 14:48:46 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Ich\Anwendungsdaten\Mozilla\Firefox\Profiles\cg7plwxo.default\extensions\Foxdie@tanjihay.com
 
O1 HOSTS File: ([2010.09.07 23:38:22 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1      localhost
O2 - BHO: (AskBar BHO) - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Programme\AskBarDis\bar\bin\askBar.dll (Ask.com)
O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Skype Plug-In) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Programme\Skype\toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programme\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Ask Toolbar) - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Programme\AskBarDis\bar\bin\askBar.dll (Ask.com)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {32099AAC-C132-4136-9E9A-4E364A424E17} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {855F3B16-6D32-4FE6-8A56-BBB695989046} - No CLSID value found.
O4 - HKLM..\Run: [BluetoothAuthenticationAgent] C:\WINDOWS\System32\bthprops.cpl (Microsoft Corporation)
O4 - HKLM..\Run: [High Definition Audio Property Page Shortcut] C:\WINDOWS\System32\HdAShCut.exe (Windows (R) Server 2003 DDK provider)
O4 - HKLM..\Run: [IMJPMIG8.1] C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE (Microsoft Corporation)
O4 - HKLM..\Run: [itype] C:\Programme\Microsoft IntelliType Pro\itype.exe (Microsoft Corporation)
O4 - HKLM..\Run: [LaunchApp] C:\WINDOWS\Alaunch.exe (Acer Inc.)
O4 - HKLM..\Run: [MSPY2002] C:\WINDOWS\System32\IME\PINTLGNT\ImScInst.exe ()
O4 - HKLM..\Run: [PHIME2002A] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE (Microsoft Corporation)
O4 - HKLM..\Run: [PHIME2002ASync] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE (Microsoft Corporation)
O4 - HKLM..\Run: [StartCCC] C:\Programme\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [ToADiMon.exe] D:\Programme\T-Online\T-Online_Software_6\Basis-Software\Basis1\ToADiMon.exe (T-Online International AG, Marmiko IT-Solutions GmbH)
O4 - HKCU..\Run: [ICQ] D:\Programme\ICQ7.0\ICQ.exe (ICQ, LLC.)
O4 - HKCU..\Run: [Steam] d:\programme\steam\steam.exe (Valve Corporation)
O4 - HKCU..\Run: [swg] C:\Programme\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
O4 - HKCU..\RunOnce: [SWHelper] C:\WINDOWS\System32\Macromed\Shockwave 10\PostUpdate.exe ()
O4 - Startup: C:\Dokumente und Einstellungen\Ich\Startmenü\Programme\Zubehör\Autostart\WKCALREM.LNK = C:\Programme\Gemeinsame Dateien\Microsoft Shared\Works Shared\WkCalRem.exe (Microsoft® Corporation)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O9 - Extra 'Tools' menuitem : Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre6\bin\npjpi160_21.dll (Sun Microsystems, Inc.)
O9 - Extra Button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programme\Skype\toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programme\Skype\toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Programme\ICQLite\ICQLite.exe File not found
O9 - Extra 'Tools' menuitem : ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Programme\ICQLite\ICQLite.exe File not found
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} hxxp://go.microsoft.com/fwlink/?linkid=39204 (Windows Genuine Advantage Validation Tool)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} hxxp://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1135673099383 (WUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {CAFEEFAC-0015-0000-0010-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_10-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} hxxp://icq.oberon-media.com/Gameshell/GameHost/1.0/OberonGameHost.cab (Oberon Flash Game Host)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O18 - Protocol\Handler\cdo {CD00020A-8B95-11D1-82DB-00C04FB1625D} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Web Folders\PKMCDO.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Web Components\10\OWC10.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Gemeinsame Dateien\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Programme\Skype\toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\Explorer.EXE (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O24 - Desktop Components:0 (Die derzeitige Homepage) - About:Home
O24 - Desktop WallPaper: C:\Dokumente und Einstellungen\Ich\Lokale Einstellungen\Anwendungsdaten\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Dokumente und Einstellungen\Ich\Lokale Einstellungen\Anwendungsdaten\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2005.10.22 07:38:32 | 000,000,050 | ---- | M] () - C:\AUTOEXEC.BAT -- [ FAT32 ]
O32 - AutoRun File - [2009.11.01 14:36:42 | 000,000,098 | R--- | M] () - E:\autorun.inf -- [ CDFS ]
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
========== Files/Folders - Created Within 30 Days ==========
 
[2010.09.08 19:04:19 | 000,574,976 | ---- | C] (OldTimer Tools) -- C:\Dokumente und Einstellungen\Ich\Desktop\OTL.exe
[2010.09.08 18:15:05 | 000,926,032 | ---- | C] (Symantec Corporation) -- C:\Dokumente und Einstellungen\Ich\Desktop\Norton_Removal_Tool.exe
[2010.09.08 17:14:52 | 014,668,664 | ---- | C] (Microsoft Corporation) -- C:\Dokumente und Einstellungen\Ich\Desktop\IPx86_1031_8.0.225.0.exe
[2010.09.08 16:34:39 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Desktop\Microsoft IntelliPoint
[2010.09.08 16:32:15 | 000,000,000 | ---D | C] -- C:\Programme\Microsoft IntelliType Pro
[2010.09.08 16:29:34 | 014,880,640 | ---- | C] (Microsoft Corporation) -- C:\Dokumente und Einstellungen\Ich\Desktop\ITPx86_1031_8.0.225.0.exe
[2010.09.08 06:46:17 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Ich\Anwendungsdaten\Skype
[2010.09.08 06:46:12 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Skype
[2010.09.08 06:45:30 | 000,958,856 | ---- | C] (Skype Technologies S.A.) -- C:\Dokumente und Einstellungen\Ich\Desktop\SkypeSetup-Beta.exe
[2010.09.08 01:05:55 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Ich\Anwendungsdaten\InstallShield
[2010.09.08 00:54:39 | 000,000,000 | -HSD | C] -- C:\Recycled
[2010.09.07 23:25:31 | 000,000,000 | RHSD | C] -- C:\cmdcons
[2010.09.07 23:21:19 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
[2010.09.07 23:21:19 | 000,161,792 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
[2010.09.07 23:21:19 | 000,136,704 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
[2010.09.07 23:21:19 | 000,031,232 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2010.09.07 23:20:37 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2010.09.07 23:16:35 | 000,000,000 | ---D | C] -- C:\Qoobox
[2010.09.07 23:04:36 | 000,000,000 | RH-D | C] -- C:\Dokumente und Einstellungen\Ich\Recent
[2010.09.07 22:57:09 | 003,427,248 | ---- | C] (Piriform Ltd) -- C:\Dokumente und Einstellungen\Ich\Desktop\ccsetup235.exe
[2010.09.07 21:12:19 | 000,000,000 | ---D | C] -- C:\Programme\trend micro
[2010.09.07 21:11:23 | 000,000,000 | ---D | C] -- C:\rsit
[2010.09.07 18:28:14 | 000,744,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\helpsvc.exe
[2010.09.07 17:06:29 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Adobe
[2010.09.07 17:06:22 | 004,747,136 | ---- | C] (Adobe Systems Inc.) -- C:\Dokumente und Einstellungen\Ich\Desktop\Shockwave_Installer_Slim.exe
[2010.09.07 16:59:37 | 000,000,000 | ---D | C] -- C:\Programme\Windows Sidebar
[2010.09.07 16:59:36 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Norton
[2010.09.07 16:56:10 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\NortonInstaller
[2010.09.07 16:54:13 | 132,049,776 | ---- | C] (Symantec Corporation) -- C:\Dokumente und Einstellungen\Ich\Desktop\TT_159_SYMTB_TMD.exe
[2010.09.06 23:29:18 | 000,000,000 | ---D | C] -- C:\_OTL
[2010.09.06 22:16:47 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Ich\Anwendungsdaten\Malwarebytes
[2010.09.06 22:16:28 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010.09.06 22:16:22 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Malwarebytes
[2010.09.06 22:16:21 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2010.09.06 22:15:06 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Ich\Desktop\MFTools
[2010.09.06 16:35:22 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Ich\Anwendungsdaten\Mp3tag
[2010.09.06 16:07:54 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Ich\Anwendungsdaten\DVDVideoSoftIEHelpers
[2010.09.06 07:27:27 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Ich\Desktop\Neuer Ordner
[2010.09.01 21:27:52 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Ich\Anwendungsdaten\Nokia Ovi Suite
[2010.09.01 04:05:33 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Ich\Lokale Einstellungen\Anwendungsdaten\NokiaAccount
[2010.09.01 03:50:49 | 000,000,000 | ---D | C] -- C:\WINDOWS\Globalization
[2010.09.01 03:50:22 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\NokiaMusic
[2010.09.01 03:50:06 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Ich\Lokale Einstellungen\Anwendungsdaten\Nokia
[2010.09.01 03:44:21 | 000,018,816 | ---- | C] (Nokia) -- C:\WINDOWS\System32\drivers\pccsmcfd.sys
[2010.09.01 03:44:11 | 000,000,000 | ---D | C] -- C:\Programme\PC Connectivity Solution
[2010.09.01 03:43:22 | 001,461,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wdfcoinstaller01009.dll
[2010.09.01 03:43:22 | 000,662,016 | ---- | C] (Nokia) -- C:\WINDOWS\System32\nmwcdcocls.dll
[2010.09.01 03:43:22 | 000,018,176 | ---- | C] (Nokia) -- C:\WINDOWS\System32\drivers\ccdcmb.sys
[2010.09.01 03:40:39 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\NokiaInstallerCache
[2010.08.21 18:33:32 | 000,000,000 | ---D | C] -- C:\FOUND.069
[2010.08.20 03:55:24 | 000,153,376 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe
[2010.08.20 03:55:24 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe
[2010.08.20 03:55:24 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe
[2010.08.11 04:42:15 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Blizzard Entertainment
[2010.08.11 04:41:24 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Blizzard
[2010.08.11 04:41:01 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Ich\Lokale Einstellungen\Anwendungsdaten\Blizzard Entertainment
[2010.08.10 05:25:54 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Ich\Desktop\Lil Wayne - The Blue Martian [Deluxe Edition] - Mixtape Evolution
[2007.05.31 19:23:56 | 001,673,576 | ---- | C] (Microsoft Corporation) -- C:\Programme\dsetup32.dll
[2007.05.31 19:23:56 | 000,503,144 | ---- | C] (Microsoft Corporation) -- C:\Programme\DXSETUP.exe
[2007.05.31 19:23:56 | 000,077,160 | ---- | C] (Microsoft Corporation) -- C:\Programme\DSETUP.dll
[3 C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\*.tmp files -> C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2010.09.08 19:04:20 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Dokumente und Einstellungen\Ich\Desktop\OTL.exe
[2010.09.08 18:50:22 | 000,012,718 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010.09.08 18:50:16 | 000,121,808 | ---- | M] () -- C:\WINDOWS\System32\ativvaxx.cap
[2010.09.08 18:47:56 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010.09.08 18:47:46 | 1609,093,120 | -HS- | M] () -- C:\hiberfil.sys
[2010.09.08 18:47:46 | 000,274,168 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010.09.08 18:46:32 | 000,004,661 | ---- | M] () -- C:\WINDOWS\bthservsdp.dat
[2010.09.08 18:46:28 | 015,466,496 | ---- | M] () -- C:\Dokumente und Einstellungen\Ich\ntuser.dat
[2010.09.08 18:46:28 | 000,000,190 | -HS- | M] () -- C:\Dokumente und Einstellungen\Ich\ntuser.ini
[2010.09.08 18:22:10 | 000,071,688 | ---- | M] () -- C:\Dokumente und Einstellungen\Ich\Lokale Einstellungen\Anwendungsdaten\GDIPFONTCACHEV1.DAT
[2010.09.08 18:15:06 | 000,926,032 | ---- | M] (Symantec Corporation) -- C:\Dokumente und Einstellungen\Ich\Desktop\Norton_Removal_Tool.exe
[2010.09.08 18:14:12 | 000,897,643 | ---- | M] () -- C:\Dokumente und Einstellungen\Ich\Desktop\registrycleaner_de.zip
[2010.09.08 17:15:04 | 014,668,664 | ---- | M] (Microsoft Corporation) -- C:\Dokumente und Einstellungen\Ich\Desktop\IPx86_1031_8.0.225.0.exe
[2010.09.08 16:33:44 | 000,000,280 | ---- | M] () -- C:\WINDOWS\tasks\Microsoft_Hardware_Launch_IType_exe.job
[2010.09.08 16:32:54 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\Msft_Kernel_NuidFltr_01009.Wdf
[2010.09.08 16:29:46 | 014,880,640 | ---- | M] (Microsoft Corporation) -- C:\Dokumente und Einstellungen\Ich\Desktop\ITPx86_1031_8.0.225.0.exe
[2010.09.08 06:46:20 | 000,001,872 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Skype.lnk
[2010.09.08 06:45:32 | 000,958,856 | ---- | M] (Skype Technologies S.A.) -- C:\Dokumente und Einstellungen\Ich\Desktop\SkypeSetup-Beta.exe
[2010.09.08 03:34:32 | 000,001,355 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2010.09.08 03:30:18 | 000,505,776 | ---- | M] () -- C:\WINDOWS\System32\perfh007.dat
[2010.09.08 03:30:18 | 000,481,956 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010.09.08 03:30:18 | 000,088,156 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010.09.08 03:30:16 | 001,151,674 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2010.09.08 03:30:16 | 000,104,852 | ---- | M] () -- C:\WINDOWS\System32\perfc007.dat
[2010.09.08 02:35:12 | 000,002,261 | ---- | M] () -- C:\Dokumente und Einstellungen\Ich\Desktop\Google Chrome.lnk
[2010.09.08 01:11:14 | 000,000,844 | ---- | M] () -- C:\Dokumente und Einstellungen\Ich\Eigene Dateien\Meine freigegebenen Ordner.lnk
[2010.09.08 01:05:16 | 000,000,226 | ---- | M] () -- C:\WINDOWS\Brownie.ini
[2010.09.08 01:05:16 | 000,000,023 | ---- | M] () -- C:\WINDOWS\BRDIAG.INI
[2010.09.08 01:05:16 | 000,000,011 | ---- | M] () -- C:\WINDOWS\BRVIDEO.INI
[2010.09.07 23:40:32 | 000,000,827 | ---- | M] () -- C:\WINDOWS\system.ini
[2010.09.07 23:25:38 | 000,000,339 | RHS- | M] () -- C:\boot.ini
[2010.09.07 22:58:46 | 000,000,562 | ---- | M] () -- C:\Dokumente und Einstellungen\Ich\Desktop\CCleaner.lnk
[2010.09.07 22:57:14 | 003,427,248 | ---- | M] (Piriform Ltd) -- C:\Dokumente und Einstellungen\Ich\Desktop\ccsetup235.exe
[2010.09.07 22:55:06 | 003,840,033 | R--- | M] () -- C:\Dokumente und Einstellungen\Ich\Desktop\cofi.exe
[2010.09.07 21:10:56 | 000,339,991 | ---- | M] () -- C:\Dokumente und Einstellungen\Ich\Desktop\RSIT.exe
[2010.09.07 18:02:34 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt10.sqm
[2010.09.07 18:02:34 | 000,000,232 | -H-- | M] () -- C:\sqmdata10.sqm
[2010.09.07 17:48:54 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt09.sqm
[2010.09.07 17:48:54 | 000,000,232 | -H-- | M] () -- C:\sqmdata09.sqm
[2010.09.07 17:35:32 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt08.sqm
[2010.09.07 17:35:32 | 000,000,232 | -H-- | M] () -- C:\sqmdata08.sqm
[2010.09.07 17:22:12 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt07.sqm
[2010.09.07 17:22:12 | 000,000,232 | -H-- | M] () -- C:\sqmdata07.sqm
[2010.09.07 17:13:46 | 000,000,692 | ---- | M] () -- C:\WINDOWS\win.ini
[2010.09.07 17:13:46 | 000,000,222 | ---- | M] () -- C:\Boot.bak
[2010.09.07 17:08:46 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt06.sqm
[2010.09.07 17:08:46 | 000,000,232 | -H-- | M] () -- C:\sqmdata06.sqm
[2010.09.07 17:06:26 | 004,747,136 | ---- | M] (Adobe Systems Inc.) -- C:\Dokumente und Einstellungen\Ich\Desktop\Shockwave_Installer_Slim.exe
[2010.09.07 17:06:00 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt05.sqm
[2010.09.07 17:06:00 | 000,000,232 | -H-- | M] () -- C:\sqmdata05.sqm
[2010.09.07 17:00:38 | 000,000,232 | -H-- | M] () -- C:\sqmdata04.sqm
[2010.09.07 17:00:36 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt04.sqm
[2010.09.07 16:56:08 | 132,049,776 | ---- | M] (Symantec Corporation) -- C:\Dokumente und Einstellungen\Ich\Desktop\TT_159_SYMTB_TMD.exe
[2010.09.07 16:55:40 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt03.sqm
[2010.09.07 16:55:40 | 000,000,232 | -H-- | M] () -- C:\sqmdata03.sqm
[2010.09.07 16:42:10 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt02.sqm
[2010.09.07 16:42:10 | 000,000,232 | -H-- | M] () -- C:\sqmdata02.sqm
[2010.09.07 16:28:42 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt01.sqm
[2010.09.07 16:28:42 | 000,000,232 | -H-- | M] () -- C:\sqmdata01.sqm
[2010.09.07 16:28:18 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt00.sqm
[2010.09.07 16:28:18 | 000,000,232 | -H-- | M] () -- C:\sqmdata00.sqm
[2010.09.07 08:27:10 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt19.sqm
[2010.09.07 08:27:10 | 000,000,232 | -H-- | M] () -- C:\sqmdata19.sqm
[2010.09.07 08:13:50 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt18.sqm
[2010.09.07 08:13:50 | 000,000,232 | -H-- | M] () -- C:\sqmdata18.sqm
[2010.09.07 08:00:30 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt17.sqm
[2010.09.07 08:00:30 | 000,000,232 | -H-- | M] () -- C:\sqmdata17.sqm
[2010.09.07 07:47:12 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt16.sqm
[2010.09.07 07:47:12 | 000,000,232 | -H-- | M] () -- C:\sqmdata16.sqm
[2010.09.07 07:33:58 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt15.sqm
[2010.09.07 07:33:58 | 000,000,232 | -H-- | M] () -- C:\sqmdata15.sqm
[2010.09.07 07:20:40 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt14.sqm
[2010.09.07 07:20:40 | 000,000,232 | -H-- | M] () -- C:\sqmdata14.sqm
[2010.09.07 07:07:06 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt13.sqm
[2010.09.07 07:07:06 | 000,000,232 | -H-- | M] () -- C:\sqmdata13.sqm
[2010.09.07 07:06:54 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt12.sqm
[2010.09.07 07:06:54 | 000,000,232 | -H-- | M] () -- C:\sqmdata12.sqm
[2010.09.07 02:13:26 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt11.sqm
[2010.09.07 02:13:26 | 000,000,232 | -H-- | M] () -- C:\sqmdata11.sqm
[2010.09.06 22:16:34 | 000,000,556 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2010.09.06 22:15:32 | 000,050,477 | ---- | M] () -- C:\Dokumente und Einstellungen\Ich\Desktop\defogger.exe
[2010.09.06 22:15:28 | 000,284,915 | ---- | M] () -- C:\Dokumente und Einstellungen\Ich\Desktop\Gmer.zip
[2010.09.06 22:14:50 | 000,388,197 | ---- | M] () -- C:\Dokumente und Einstellungen\Ich\Desktop\Load.exe
[2010.09.06 16:34:58 | 000,000,542 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Mp3tag.lnk
[2010.09.06 16:07:44 | 000,000,819 | ---- | M] () -- C:\Dokumente und Einstellungen\Ich\Desktop\DVDVideoSoft Free Studio.lnk
[2010.09.01 04:13:04 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\Msft_User_PCCSWpdDriver_01_09_00.Wdf
[2010.09.01 04:12:58 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\MsftWdf_user_01_09_00.Wdf
[2010.09.01 04:07:14 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\MsftWdf_Kernel_01009_Coinstaller_Critical.Wdf
[2010.09.01 04:07:14 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\Msft_Kernel_ccdcmb_01009.Wdf
[2010.09.01 03:50:42 | 000,001,880 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Nokia Ovi Player.lnk
[2010.09.01 03:49:10 | 000,001,673 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Nokia Ovi Suite.lnk
[2010.08.22 17:30:56 | 000,031,001 | ---- | M] () -- C:\Dokumente und Einstellungen\Ich\Desktop\JAck the Ripper.odt
[3 C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\*.tmp files -> C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2010.09.08 18:14:15 | 000,897,643 | ---- | C] () -- C:\Dokumente und Einstellungen\Ich\Desktop\registrycleaner_de.zip
[2010.09.08 16:33:42 | 000,000,280 | ---- | C] () -- C:\WINDOWS\tasks\Microsoft_Hardware_Launch_IType_exe.job
[2010.09.08 16:32:53 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\Msft_Kernel_NuidFltr_01009.Wdf
[2010.09.08 06:46:19 | 000,001,872 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Skype.lnk
[2010.09.08 03:02:59 | 000,001,355 | ---- | C] () -- C:\WINDOWS\imsins.BAK
[2010.09.08 01:11:13 | 000,000,844 | ---- | C] () -- C:\Dokumente und Einstellungen\Ich\Eigene Dateien\Meine freigegebenen Ordner.lnk
[2010.09.07 23:25:36 | 000,000,222 | ---- | C] () -- C:\Boot.bak
[2010.09.07 23:25:34 | 000,262,448 | RHS- | C] () -- C:\cmldr
[2010.09.07 23:21:19 | 000,256,512 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2010.09.07 23:21:19 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2010.09.07 23:21:19 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2010.09.07 23:21:19 | 000,077,312 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2010.09.07 23:21:19 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2010.09.07 22:58:45 | 000,000,562 | ---- | C] () -- C:\Dokumente und Einstellungen\Ich\Desktop\CCleaner.lnk
[2010.09.07 22:55:05 | 003,840,033 | R--- | C] () -- C:\Dokumente und Einstellungen\Ich\Desktop\cofi.exe
[2010.09.07 21:11:00 | 000,339,991 | ---- | C] () -- C:\Dokumente und Einstellungen\Ich\Desktop\RSIT.exe
[2010.09.06 23:38:51 | 000,000,244 | -H-- | C] () -- C:\sqmnoopt19.sqm
[2010.09.06 23:38:51 | 000,000,232 | -H-- | C] () -- C:\sqmdata19.sqm
[2010.09.06 23:19:51 | 000,000,244 | -H-- | C] () -- C:\sqmnoopt18.sqm
[2010.09.06 23:19:51 | 000,000,232 | -H-- | C] () -- C:\sqmdata18.sqm
[2010.09.06 23:15:54 | 000,000,244 | -H-- | C] () -- C:\sqmnoopt17.sqm
[2010.09.06 23:15:54 | 000,000,232 | -H-- | C] () -- C:\sqmdata17.sqm
[2010.09.06 23:06:38 | 000,000,244 | -H-- | C] () -- C:\sqmnoopt16.sqm
[2010.09.06 23:06:38 | 000,000,232 | -H-- | C] () -- C:\sqmdata16.sqm
[2010.09.06 22:53:08 | 000,000,244 | -H-- | C] () -- C:\sqmnoopt15.sqm
[2010.09.06 22:53:08 | 000,000,232 | -H-- | C] () -- C:\sqmdata15.sqm
[2010.09.06 22:45:34 | 000,000,244 | -H-- | C] () -- C:\sqmnoopt14.sqm
[2010.09.06 22:45:34 | 000,000,232 | -H-- | C] () -- C:\sqmdata14.sqm
[2010.09.06 22:16:32 | 000,000,556 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2010.09.06 22:15:31 | 000,050,477 | ---- | C] () -- C:\Dokumente und Einstellungen\Ich\Desktop\defogger.exe
[2010.09.06 22:15:26 | 000,284,915 | ---- | C] () -- C:\Dokumente und Einstellungen\Ich\Desktop\Gmer.zip
[2010.09.06 22:14:50 | 000,388,197 | ---- | C] () -- C:\Dokumente und Einstellungen\Ich\Desktop\Load.exe
[2010.09.06 22:13:26 | 000,000,244 | -H-- | C] () -- C:\sqmnoopt13.sqm
[2010.09.06 22:13:26 | 000,000,232 | -H-- | C] () -- C:\sqmdata13.sqm
[2010.09.06 21:46:25 | 000,000,244 | -H-- | C] () -- C:\sqmnoopt12.sqm
[2010.09.06 21:46:25 | 000,000,232 | -H-- | C] () -- C:\sqmdata12.sqm
[2010.09.06 21:33:02 | 000,000,244 | -H-- | C] () -- C:\sqmnoopt11.sqm
[2010.09.06 21:33:02 | 000,000,232 | -H-- | C] () -- C:\sqmdata11.sqm
[2010.09.06 21:19:43 | 000,000,244 | -H-- | C] () -- C:\sqmnoopt10.sqm
[2010.09.06 21:19:43 | 000,000,232 | -H-- | C] () -- C:\sqmdata10.sqm
[2010.09.06 21:06:24 | 000,000,244 | -H-- | C] () -- C:\sqmnoopt09.sqm
[2010.09.06 21:06:24 | 000,000,232 | -H-- | C] () -- C:\sqmdata09.sqm
[2010.09.06 20:53:01 | 000,000,244 | -H-- | C] () -- C:\sqmnoopt08.sqm
[2010.09.06 20:53:01 | 000,000,232 | -H-- | C] () -- C:\sqmdata08.sqm
[2010.09.06 20:41:28 | 000,000,244 | -H-- | C] () -- C:\sqmnoopt07.sqm
[2010.09.06 20:41:28 | 000,000,232 | -H-- | C] () -- C:\sqmdata07.sqm
[2010.09.06 20:26:22 | 000,000,244 | -H-- | C] () -- C:\sqmnoopt06.sqm
[2010.09.06 20:26:22 | 000,000,232 | -H-- | C] () -- C:\sqmdata06.sqm
[2010.09.06 20:13:15 | 000,000,244 | -H-- | C] () -- C:\sqmnoopt05.sqm
[2010.09.06 20:13:15 | 000,000,232 | -H-- | C] () -- C:\sqmdata05.sqm
[2010.09.06 19:59:50 | 000,000,244 | -H-- | C] () -- C:\sqmnoopt04.sqm
[2010.09.06 19:59:50 | 000,000,232 | -H-- | C] () -- C:\sqmdata04.sqm
[2010.09.06 19:48:39 | 000,000,244 | -H-- | C] () -- C:\sqmnoopt03.sqm
[2010.09.06 19:48:39 | 000,000,232 | -H-- | C] () -- C:\sqmdata03.sqm
[2010.09.06 16:34:57 | 000,000,542 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Mp3tag.lnk
[2010.09.02 20:30:40 | 000,159,072 | ---- | C] () -- C:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\Anwendungsdaten\FontCache3.0.0.0.dat
[2010.09.01 04:13:03 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\Msft_User_PCCSWpdDriver_01_09_00.Wdf
[2010.09.01 04:12:56 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\MsftWdf_user_01_09_00.Wdf
[2010.09.01 04:07:13 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\Msft_Kernel_ccdcmb_01009.Wdf
[2010.09.01 04:07:12 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\MsftWdf_Kernel_01009_Coinstaller_Critical.Wdf
[2010.09.01 03:50:40 | 000,001,880 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Nokia Ovi Player.lnk
[2010.09.01 03:49:08 | 000,001,673 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Nokia Ovi Suite.lnk
[2010.08.22 16:34:49 | 000,031,001 | ---- | C] () -- C:\Dokumente und Einstellungen\Ich\Desktop\JAck the Ripper.odt
[2009.12.30 14:27:46 | 000,000,000 | ---- | C] () -- C:\WINDOWS\brmx2001.ini
[2009.12.30 14:27:41 | 000,000,114 | ---- | C] () -- C:\WINDOWS\System32\brlmw03a.ini
[2009.11.05 21:09:57 | 000,000,064 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\sandra.ldb
[2009.06.15 11:30:37 | 000,002,876 | ---- | C] () -- C:\WINDOWS\ATICIM.INI
[2008.12.26 21:27:55 | 000,383,238 | ---- | C] () -- C:\WINDOWS\System32\libmp3lame-0.dll
[2008.06.30 19:50:08 | 000,000,012 | ---- | C] () -- C:\WINDOWS\dirsaver.ini
[2008.01.13 16:48:55 | 000,000,110 | ---- | C] () -- C:\WINDOWS\AVerText.ini
[2007.12.24 17:27:41 | 000,363,520 | ---- | C] () -- C:\WINDOWS\System32\PsisDecd.dll
[2007.12.24 17:27:41 | 000,363,520 | ---- | C] () -- C:\WINDOWS\System32\PsisDecd(2).dll
[2007.12.24 17:27:35 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\34CoInstaller.dll
[2007.08.01 17:29:04 | 000,000,025 | ---- | C] () -- C:\WINDOWS\cdplayer.ini
[2007.05.31 19:43:44 | 000,703,258 | ---- | C] () -- C:\Programme\JUN2007_d3dx10_34_x64.cab
[2007.05.31 19:43:42 | 001,611,772 | ---- | C] () -- C:\Programme\JUN2007_d3dx9_34_x64.cab
[2007.05.31 19:43:42 | 000,701,218 | ---- | C] () -- C:\Programme\JUN2007_d3dx10_34_x86.cab
[2007.05.31 19:43:40 | 001,610,203 | ---- | C] () -- C:\Programme\JUN2007_d3dx9_34_x86.cab
[2007.05.31 19:43:40 | 000,200,646 | ---- | C] () -- C:\Programme\JUN2007_XACT_x64.cab
[2007.05.31 19:43:40 | 000,155,892 | ---- | C] () -- C:\Programme\JUN2007_XACT_x86.cab
[2007.05.31 19:43:38 | 000,044,687 | ---- | C] () -- C:\Programme\dxdllreg_x86.cab
[2007.05.31 19:23:58 | 000,086,401 | ---- | C] () -- C:\Programme\dxupdate.cab
[2007.05.31 19:23:56 | 001,413,862 | ---- | C] () -- C:\Programme\OCT2006_d3dx9_31_x64.cab
[2007.05.31 19:23:56 | 001,336,890 | ---- | C] () -- C:\Programme\Jun2005_d3dx9_26_x64.cab
[2007.05.31 19:23:56 | 001,128,177 | ---- | C] () -- C:\Programme\OCT2006_d3dx9_31_x86.cab
[2007.05.31 19:23:56 | 001,065,813 | ---- | C] () -- C:\Programme\Jun2005_d3dx9_26_x86.cab
[2007.05.31 19:23:56 | 000,183,321 | ---- | C] () -- C:\Programme\OCT2006_XACT_x64.cab
[2007.05.31 19:23:56 | 000,181,745 | ---- | C] () -- C:\Programme\JUN2006_XACT_x64.cab
[2007.05.31 19:23:56 | 000,138,977 | ---- | C] () -- C:\Programme\OCT2006_XACT_x86.cab
[2007.05.31 19:23:56 | 000,134,631 | ---- | C] () -- C:\Programme\JUN2006_XACT_x86.cab
[2007.05.31 19:23:56 | 000,086,925 | ---- | C] () -- C:\Programme\Oct2005_xinput_x64.cab
[2007.05.31 19:23:56 | 000,046,247 | ---- | C] () -- C:\Programme\Oct2005_xinput_x86.cab
[2007.05.31 19:23:54 | 001,610,958 | ---- | C] () -- C:\Programme\APR2007_d3dx9_33_x64.cab
[2007.05.31 19:23:54 | 001,609,639 | ---- | C] () -- C:\Programme\APR2007_d3dx9_33_x86.cab
[2007.05.31 19:23:54 | 001,575,336 | ---- | C] () -- C:\Programme\DEC2006_d3dx9_32_x86.cab
[2007.05.31 19:23:54 | 001,572,114 | ---- | C] () -- C:\Programme\DEC2006_d3dx9_32_x64.cab
[2007.05.31 19:23:54 | 001,363,684 | ---- | C] () -- C:\Programme\Feb2006_d3dx9_29_x64.cab
[2007.05.31 19:23:54 | 001,358,864 | ---- | C] () -- C:\Programme\Dec2005_d3dx9_28_x64.cab
[2007.05.31 19:23:54 | 001,351,430 | ---- | C] () -- C:\Programme\Aug2005_d3dx9_27_x64.cab
[2007.05.31 19:23:54 | 001,248,387 | ---- | C] () -- C:\Programme\Feb2005_d3dx9_24_x64.cab
[2007.05.31 19:23:54 | 001,085,608 | ---- | C] () -- C:\Programme\Feb2006_d3dx9_29_x86.cab
[2007.05.31 19:23:54 | 001,080,344 | ---- | C] () -- C:\Programme\Dec2005_d3dx9_28_x86.cab
[2007.05.31 19:23:54 | 001,078,532 | ---- | C] () -- C:\Programme\Aug2005_d3dx9_27_x86.cab
[2007.05.31 19:23:54 | 001,014,113 | ---- | C] () -- C:\Programme\Feb2005_d3dx9_24_x86.cab
[2007.05.31 19:23:54 | 000,699,465 | ---- | C] () -- C:\Programme\APR2007_d3dx10_33_x86.cab
[2007.05.31 19:23:54 | 000,213,767 | ---- | C] () -- C:\Programme\DEC2006_d3dx10_00_x64.cab
[2007.05.31 19:23:54 | 000,199,366 | ---- | C] () -- C:\Programme\APR2007_XACT_x64.cab
[2007.05.31 19:23:54 | 000,198,275 | ---- | C] () -- C:\Programme\FEB2007_XACT_x64.cab
[2007.05.31 19:23:54 | 000,193,435 | ---- | C] () -- C:\Programme\DEC2006_XACT_x64.cab
[2007.05.31 19:23:54 | 000,192,680 | ---- | C] () -- C:\Programme\DEC2006_d3dx10_00_x86.cab
[2007.05.31 19:23:54 | 000,183,863 | ---- | C] () -- C:\Programme\AUG2006_XACT_x64.cab
[2007.05.31 19:23:54 | 000,179,247 | ---- | C] () -- C:\Programme\Feb2006_XACT_x64.cab
[2007.05.31 19:23:54 | 000,154,825 | ---- | C] () -- C:\Programme\APR2007_XACT_x86.cab
[2007.05.31 19:23:54 | 000,151,583 | ---- | C] () -- C:\Programme\FEB2007_XACT_x86.cab
[2007.05.31 19:23:54 | 000,146,559 | ---- | C] () -- C:\Programme\DEC2006_XACT_x86.cab
[2007.05.31 19:23:54 | 000,138,195 | ---- | C] () -- C:\Programme\AUG2006_XACT_x86.cab
[2007.05.31 19:23:54 | 000,133,297 | ---- | C] () -- C:\Programme\Feb2006_XACT_x86.cab
[2007.05.31 19:23:54 | 000,100,417 | ---- | C] () -- C:\Programme\APR2007_xinput_x64.cab
[2007.05.31 19:23:54 | 000,088,102 | ---- | C] () -- C:\Programme\AUG2006_xinput_x64.cab
[2007.05.31 19:23:54 | 000,056,902 | ---- | C] () -- C:\Programme\APR2007_xinput_x86.cab
[2007.05.31 19:23:54 | 000,047,018 | ---- | C] () -- C:\Programme\AUG2006_xinput_x86.cab
[2007.05.31 19:23:52 | 013,265,040 | ---- | C] () -- C:\Programme\dxnt.cab
[2007.05.31 19:23:52 | 004,163,518 | ---- | C] () -- C:\Programme\Apr2006_MDX1_x86_Archive.cab
[2007.05.31 19:23:52 | 001,398,718 | ---- | C] () -- C:\Programme\Apr2006_d3dx9_30_x64.cab
[2007.05.31 19:23:52 | 001,348,242 | ---- | C] () -- C:\Programme\Apr2005_d3dx9_25_x64.cab
[2007.05.31 19:23:52 | 001,156,363 | ---- | C] () -- C:\Programme\BDANT.cab
[2007.05.31 19:23:52 | 001,116,109 | ---- | C] () -- C:\Programme\Apr2006_d3dx9_30_x86.cab
[2007.05.31 19:23:52 | 001,079,850 | ---- | C] () -- C:\Programme\Apr2005_d3dx9_25_x86.cab
[2007.05.31 19:23:52 | 000,976,020 | ---- | C] () -- C:\Programme\BDAXP.cab
[2007.05.31 19:23:52 | 000,917,318 | ---- | C] () -- C:\Programme\Apr2006_MDX1_x86.cab
[2007.05.31 19:23:52 | 000,702,212 | ---- | C] () -- C:\Programme\APR2007_d3dx10_33_x64.cab
[2007.05.31 19:23:52 | 000,180,021 | ---- | C] () -- C:\Programme\Apr2006_XACT_x64.cab
[2007.05.31 19:23:52 | 000,133,991 | ---- | C] () -- C:\Programme\Apr2006_XACT_x86.cab
[2007.05.31 19:23:52 | 000,087,989 | ---- | C] () -- C:\Programme\Apr2006_xinput_x64.cab
[2007.05.31 19:23:52 | 000,046,898 | ---- | C] () -- C:\Programme\Apr2006_xinput_x86.cab
[2007.03.04 21:35:48 | 000,000,084 | ---- | C] () -- C:\WINDOWS\StyleBuilder.INI
[2007.02.03 23:04:37 | 000,000,214 | -H-- | C] () -- C:\Dokumente und Einstellungen\Ich\Anwendungsdaten\xpy.ini
[2007.02.02 15:48:37 | 000,003,972 | ---- | C] () -- C:\WINDOWS\System32\drivers\PciBus.sys
[2007.01.29 16:48:00 | 000,229,888 | ---- | C] () -- C:\Dokumente und Einstellungen\Ich\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2007.01.26 16:50:31 | 000,025,054 | ---- | C] () -- C:\Dokumente und Einstellungen\Ich\Anwendungsdaten\wklnhst.dat
[2007.01.26 16:46:15 | 000,000,136 | ---- | C] () -- C:\Dokumente und Einstellungen\Ich\Lokale Einstellungen\Anwendungsdaten\fusioncache.dat
[2006.12.24 18:19:50 | 000,299,008 | ---- | C] () -- C:\WINDOWS\System32\LAME_MP3.dll
[2006.12.24 18:18:44 | 000,921,600 | ---- | C] () -- C:\WINDOWS\System32\vorbisenc.dll
[2006.12.24 18:18:44 | 000,237,568 | ---- | C] () -- C:\WINDOWS\System32\OggDS.dll
[2006.12.24 18:18:44 | 000,188,416 | ---- | C] () -- C:\WINDOWS\System32\vorbis.dll
[2006.12.24 18:18:44 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\ogg.dll
[2006.08.29 16:59:33 | 000,000,226 | ---- | C] () -- C:\WINDOWS\Brownie.ini
[2006.08.29 16:59:33 | 000,000,023 | ---- | C] () -- C:\WINDOWS\BRDIAG.INI
[2006.08.29 16:59:33 | 000,000,011 | ---- | C] () -- C:\WINDOWS\BRVIDEO.INI
[2006.08.29 16:59:06 | 000,000,432 | ---- | C] () -- C:\WINDOWS\BRWMARK.INI
[2006.08.24 15:50:28 | 000,069,632 | R--- | C] () -- C:\WINDOWS\System32\xmltok.dll
[2006.08.24 15:50:28 | 000,036,864 | R--- | C] () -- C:\WINDOWS\System32\xmlparse.dll
[2006.08.19 12:45:25 | 000,000,305 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\addr_file.html
[2006.08.15 21:24:23 | 000,002,927 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\QTSBandwidthCache
[2006.08.11 19:57:47 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2006.08.08 18:34:56 | 000,294,912 | ---- | C] () -- C:\WINDOWS\System32\mbr_sqlite.dll
[2006.08.04 23:58:35 | 000,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2006.07.29 16:52:06 | 000,000,122 | ---- | C] () -- C:\WINDOWS\SecurityandPrivacy2.ini
[2006.07.26 16:39:14 | 000,000,000 | ---- | C] () -- C:\WINDOWS\MSDraw.ini
[2006.05.17 21:31:20 | 000,000,025 | ---- | C] () -- C:\WINDOWS\CDEC64Euro.ini
[2006.04.13 14:38:33 | 000,147,456 | ---- | C] () -- C:\WINDOWS\System32\SAICFG.dll
[2006.02.14 17:03:55 | 000,000,169 | ---- | C] () -- C:\WINDOWS\RtlRack.ini
[2006.02.12 14:27:40 | 000,000,053 | ---- | C] () -- C:\WINDOWS\Fahrenheit_Screen.ini
[2005.12.27 10:10:49 | 000,000,400 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2005.12.27 08:05:05 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\eRLog.ini
[2005.10.28 19:32:17 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2005.10.22 07:38:52 | 000,001,024 | RH-- | C] () -- C:\WINDOWS\System32\NTIBUN4.dll
[2005.10.22 07:38:03 | 000,001,024 | RH-- | C] () -- C:\WINDOWS\System32\NTIMPEG2.dll
[2005.10.22 07:38:03 | 000,001,024 | RH-- | C] () -- C:\WINDOWS\System32\NTIMP3.dll
[2005.10.22 07:38:03 | 000,001,024 | RH-- | C] () -- C:\WINDOWS\System32\NTIFCD3.dll
[2005.10.22 07:38:03 | 000,001,024 | RH-- | C] () -- C:\WINDOWS\System32\NTICDMK7.dll
[2005.10.22 07:34:05 | 000,000,164 | ---- | C] () -- C:\WINDOWS\avrack.ini
[2005.10.22 07:34:02 | 000,156,672 | ---- | C] () -- C:\WINDOWS\System32\RtlCPAPI.dll
[2005.10.22 07:29:22 | 000,008,073 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini
[2005.10.22 07:23:00 | 000,003,776 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini
[2005.10.22 07:13:21 | 000,014,336 | ---- | C] () -- C:\WINDOWS\System32\msdmo(2).dll
[2005.04.28 05:22:34 | 000,831,488 | ---- | C] () -- C:\WINDOWS\System32\libeay32.dll
[2005.04.28 05:22:34 | 000,159,744 | ---- | C] () -- C:\WINDOWS\System32\ssleay32.dll
[2004.12.20 11:08:28 | 000,155,648 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2004.12.20 11:03:26 | 000,765,952 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2004.12.17 17:14:44 | 000,013,952 | ---- | C] () -- C:\WINDOWS\System32\drivers\UBHelper.sys
[2001.12.26 16:12:30 | 000,065,536 | R--- | C] () -- C:\WINDOWS\System32\multiplex_vcd.dll
[2001.09.03 23:46:38 | 000,110,592 | R--- | C] () -- C:\WINDOWS\System32\Hmpg12.dll
[2001.07.30 16:33:56 | 000,118,784 | R--- | C] () -- C:\WINDOWS\System32\HMPV2_ENC.dll
[2001.07.23 22:04:36 | 000,118,784 | R--- | C] () -- C:\WINDOWS\System32\HMPV2_ENC_MMX.dll
[1997.06.14 12:56:08 | 000,056,832 | ---- | C] () -- C:\WINDOWS\System32\iyvu9_32.dll
[1980.01.01 00:00:00 | 000,000,083 | ---- | C] () -- C:\WINDOWS\ALaunch.ini
 
========== LOP Check ==========
 
[2006.02.14 17:02:44 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\eConsole
[2006.06.15 18:10:48 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TuneUp Software
[2006.07.31 14:33:36 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\T-Online
[2006.07.31 14:36:18 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\T-Online DSL-Manager
[2008.04.17 14:58:14 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Software4u
[2008.08.12 13:45:44 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Installations
[2008.08.12 13:49:36 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\PC Suite
[2009.01.11 02:56:34 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Nokia
[2009.07.28 15:06:02 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Azureus
[2009.12.24 19:54:56 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\{755AC846-7372-4AC8-8550-C52491DAA8BD}
[2010.02.22 21:03:10 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\ICQ
[2010.03.17 00:58:04 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\VirtualizedApplications
[2010.05.25 21:05:54 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\PMB Files
[2010.09.01 03:40:40 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\NokiaInstallerCache
[2010.09.01 03:50:24 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\NokiaMusic
[2007.01.26 16:46:44 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Ich\Anwendungsdaten\ICQLite
[2007.01.26 16:50:40 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Ich\Anwendungsdaten\Template
[2007.01.26 16:51:08 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Ich\Anwendungsdaten\MSNInstaller
[2007.02.02 16:02:26 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Ich\Anwendungsdaten\ICQ Toolbar
[2007.02.06 21:38:54 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Ich\Anwendungsdaten\T-Online
[2007.02.13 15:41:28 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Ich\Anwendungsdaten\Petroglyph
[2007.05.01 16:30:54 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Ich\Anwendungsdaten\Thunderbird
[2007.10.03 20:10:00 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Ich\Anwendungsdaten\LimeWire
[2008.03.20 20:42:20 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Ich\Anwendungsdaten\FileZilla
[2008.04.17 14:58:10 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Ich\Anwendungsdaten\Software4u
[2008.08.12 13:48:06 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Ich\Anwendungsdaten\PC Suite
[2008.08.12 13:48:40 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Ich\Anwendungsdaten\Nokia
[2008.11.18 16:03:00 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Ich\Anwendungsdaten\SendSpace Wizard
[2009.03.25 14:57:58 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Ich\Anwendungsdaten\TeamViewer
[2009.06.15 22:23:48 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Ich\Anwendungsdaten\DAEMON Tools
[2009.06.17 20:29:12 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Ich\Anwendungsdaten\NewsLeecher
[2009.07.28 14:59:46 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Ich\Anwendungsdaten\Azureus
[2009.09.27 14:50:24 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Ich\Anwendungsdaten\Radmin
[2009.10.14 20:13:04 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Ich\Anwendungsdaten\TweakNow RegCleaner
[2009.10.14 20:22:22 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Ich\Anwendungsdaten\ICQ(2)
[2009.10.17 21:49:36 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Ich\Anwendungsdaten\ICQ(3)
[2009.10.17 23:01:30 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Ich\Anwendungsdaten\ICQ
[2010.03.16 22:44:08 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Ich\Anwendungsdaten\TP
[2010.03.16 22:47:10 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Ich\Anwendungsdaten\SoftGrid Client
[2010.03.16 22:47:44 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Ich\Anwendungsdaten\NVD
[2010.05.25 15:25:56 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Ich\Anwendungsdaten\LolClient
[2010.09.01 21:27:54 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Ich\Anwendungsdaten\Nokia Ovi Suite
[2010.09.06 16:07:56 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Ich\Anwendungsdaten\DVDVideoSoftIEHelpers
[2010.09.06 16:35:24 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Ich\Anwendungsdaten\Mp3tag
 
========== Purity Check ==========
 
 
< End of report >
--- --- ---


OTL Logfile:
Code:
OTL Extras logfile created on: 08.09.2010 21:43:38 - Run 3
OTL by OldTimer - Version 3.2.11.0    Folder = C:\Dokumente und Einstellungen\Ich\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.11)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
1,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 49,00% Memory free
2,00 Gb Paging File | 2,00 Gb Available in Paging File | 72,00% Paging File free
Paging file location(s): C:\pagefile.sys 1024 1024 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 72,65 Gb Total Space | 19,03 Gb Free Space | 26,19% Space Free | Partition Type: FAT32
Drive D: | 73,45 Gb Total Space | 50,81 Gb Free Space | 69,17% Space Free | Partition Type: NTFS
Drive E: | 455,16 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
 
Computer Name: FINN
Current User Name: Ich
Logged in as Administrator.
 
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html [@ = Reg Error: Value error.] -- Reg Error: Key error. File not found
 
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- D:\Programme\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
========== Shell Spawning ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
htmlfile [edit] -- "C:\Programme\Microsoft Office\Office10\msohtmed.exe" %1 (Microsoft Corporation)
https [open] -- "D:\Programme\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusOverride" = 0
"FirewallOverride" = 0
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002
"58096:TCP" = 58096:TCP:*:Enabled:Pando Media Booster
"58096:UDP" = 58096:UDP:*:Enabled:Pando Media Booster
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002
"3724:TCP" = 3724:TCP:*:Enabled:Blizzard Downloader: 3724
"8394:TCP" = 8394:TCP:*:Enabled:League of Legends Launcher
"8394:UDP" = 8394:UDP:*:Enabled:League of Legends Launcher
"58096:TCP" = 58096:TCP:*:Enabled:Pando Media Booster
"58096:UDP" = 58096:UDP:*:Enabled:Pando Media Booster
"6965:TCP" = 6965:TCP:*:Enabled:League of Legends Launcher
"6965:UDP" = 6965:UDP:*:Enabled:League of Legends Launcher
 
========== Authorized Applications List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"D:\Programme\ICQ7.0\ICQ.exe" = D:\Programme\ICQ7.0\ICQ.exe:*:Enabled:ICQ7 -- (ICQ, LLC.)
"D:\Programme\ICQ7.0\aolload.exe" = D:\Programme\ICQ7.0\aolload.exe:*:Enabled:aolload.exe -- (AOL LLC)
"C:\Programme\Pando Networks\Media Booster\PMB.exe" = C:\Programme\Pando Networks\Media Booster\PMB.exe:*:Enabled:Pando Media Booster -- ()
"C:\Programme\MSN Messenger\msnmsgr.exe" = C:\Programme\MSN Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1 -- File not found
"C:\Programme\MSN Messenger\livecall.exe" = C:\Programme\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone) -- File not found
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"D:\Programme\LucasArts\Star Wars Battlefront II\GameData\BattlefrontII.exe" = D:\Programme\LucasArts\Star Wars Battlefront II\GameData\BattlefrontII.exe:*:Enabled:BattlefrontII -- ()
"C:\WINDOWS\System32\dplaysvr.exe" = C:\WINDOWS\System32\dplaysvr.exe:*:Disabled:Microsoft DirectPlay Helper -- (Microsoft Corporation)
"D:\Programme\T-Online\T-Online_Software_6\Browser\browser.exe" = D:\Programme\T-Online\T-Online_Software_6\Browser\browser.exe:*:Disabled:T-Online Browser 6.0 -- (T-Online International AG)
"C:\Programme\TeamViewer\Version4\TeamViewer.exe" = C:\Programme\TeamViewer\Version4\TeamViewer.exe:*:Enabled:TeamViewer Remote Control Application -- (TeamViewer GmbH)
"C:\Programme\Nokia\Nokia Software Updater\nsu_ui_client.exe" = C:\Programme\Nokia\Nokia Software Updater\nsu_ui_client.exe:*:Enabled:Nokia Software Updater -- (Nokia Corporation)
"C:\Programme\Java\jre6\bin\java.exe" = C:\Programme\Java\jre6\bin\java.exe:*:Enabled:Java(TM) Platform SE binary -- (Sun Microsystems, Inc.)
"D:\Programme\Counter-Strike 1.6\hl.exe" = D:\Programme\Counter-Strike 1.6\hl.exe:*:Enabled:Half-Life Launcher -- File not found
"D:\Programme\Azureus\Azureus.exe" = D:\Programme\Azureus\Azureus.exe:*:Enabled:Azureus -- File not found
"C:\Programme\Microsoft Games\Rise Of Legends\legends.exe" = C:\Programme\Microsoft Games\Rise Of Legends\legends.exe:*:Enabled:Rise Of Legends -- (Big Huge Games, Inc.)
"D:\Programme\ICQ6.5\ICQ.exe" = D:\Programme\ICQ6.5\ICQ.exe:*:Enabled:ICQ6 -- (ICQ, LLC.)
"D:\Programme\SiSoftware\SiSoftware Sandra Lite 2009.SP3c\WNt500x86\RpcSandraSrv.exe" = D:\Programme\SiSoftware\SiSoftware Sandra Lite 2009.SP3c\WNt500x86\RpcSandraSrv.exe:*:Enabled:SiSoftware Sandra Agent Service -- File not found
"C:\Programme\TMbot\TM.EXE" = C:\Programme\TMbot\TM.EXE:*:Enabled:TMbot -- File not found
"D:\Programme\Anno 1701\Anno1701.exe" = D:\Programme\Anno 1701\Anno1701.exe:*:Enabled:Anno 1701 -- File not found
"D:\Programme\ICQ7.0\ICQ.exe" = D:\Programme\ICQ7.0\ICQ.exe:*:Enabled:ICQ7 -- (ICQ, LLC.)
"D:\Programme\ICQ7.0\aolload.exe" = D:\Programme\ICQ7.0\aolload.exe:*:Enabled:aolload.exe -- (AOL LLC)
"D:\Programme\Steam\Steam.exe" = D:\Programme\Steam\Steam.exe:*:Enabled:Steam -- (Valve Corporation)
"C:\Dokumente und Einstellungen\Ich\Desktop\Counter-Strike Source\hl2.exe" = C:\Dokumente und Einstellungen\Ich\Desktop\Counter-Strike Source\hl2.exe:*:Disabled:hl2 -- ()
"D:\Programme\League of Legends\Air\LolClient.exe" = D:\Programme\League of Legends\Air\LolClient.exe:*:Enabled:League of Legends Lobby -- File not found
"D:\Programme\League of Legends\Game\League of Legends.exe" = D:\Programme\League of Legends\Game\League of Legends.exe:*:Enabled:League of Legends Game Client -- File not found
"C:\Programme\Pando Networks\Media Booster\PMB.exe" = C:\Programme\Pando Networks\Media Booster\PMB.exe:*:Enabled:Pando Media Booster -- ()
"D:\Programme\Steam\SteamApps\weithoff007\counter-strike source\hl2.exe" = D:\Programme\Steam\SteamApps\weithoff007\counter-strike source\hl2.exe:*:Enabled:Counter-Strike: Source -- ()
"C:\Programme\MSN Messenger\msnmsgr.exe" = C:\Programme\MSN Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1 -- File not found
"C:\Programme\MSN Messenger\livecall.exe" = C:\Programme\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone) -- File not found
"C:\Dokumente und Einstellungen\Ich\Lokale Einstellungen\Temp\7zS1B3.tmp\SymNRT.exe" = C:\Dokumente und Einstellungen\Ich\Lokale Einstellungen\Temp\7zS1B3.tmp\SymNRT.exe:*:Enabled:Norton Removal Tool -- File not found
 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{03ADCA1C-BCF0-4B12-AFCF-8EBF2CB3AB07}" = SST Programming Software
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu
"{055EE59D-217B-43A7-ABFF-507B966405D8}" = ATI Catalyst Control Center
"{0863885D-E64B-9E5A-9747-03321A2D2A49}" = CCC Help Korean
"{0C40E716-2558-01E2-4797-484E4CCB2500}" = Catalyst Control Center Localization All
"{10FDD69C-2428-0FFB-12A2-2A6907D6282F}" = CCC Help Japanese
"{1373559F-6DC6-44EA-9079-6ABDCCE8CDAD}" = OviMPlatform
"{139DEC1F-D380-EB76-B0DF-88BC99B3B7BB}" = Catalyst Control Center Graphics Light
"{1451DE6B-ABE1-4F62-BE9A-B363A17588A2}" = QuickTime
"{1577A05B-EE62-4BBC-9DB7-FE748FA44EC2}" = NTI CD & DVD-Maker
"{20140000-006D-0407-0000-0000000FF1CE}" = Microsoft Office Click-to-Run 2010 (Beta)
"{20140062-0062-0407-0000-0000000FF1CE}" = Microsoft Office Home and Business 2010 (Beta) - Deutsch
"{212748BB-0DA5-46DE-82A1-403736DC9F27}" = MSVC80_x86
"{2347E903-6299-A99F-C46C-05EB55912539}" = CCC Help Chinese Traditional
"{2638924D-DC58-4C40-BB1C-48C2B24B7B1B}" = T-Online Router Web-IF Management
"{26A24AE4-039D-4CA4-87B4-2F83216019FF}" = Java(TM) 6 Update 21
"{29F563F4-8807-4496-8463-441EAA0E96AB}" = PC Connectivity Solution
"{2B3A996D-CCBF-3D62-B0AD-EA05553D3CEE}" = CCC Help Chinese Standard
"{2D10FC46-1D96-44C4-8855-85F21B9B011E}" = Ovi Desktop Sync Engine
"{300D2ECE-DA75-1623-871F-935A205FC450}" = CCC Help German
"{3248F0A8-6813-11D6-A77B-00B0D0150100}" = J2SE Runtime Environment 5.0 Update 10
"{33D7EA48-0E99-4C45-A4D2-27D5DB9AF50F}" = Pacz
"{350C97B3-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{36CDA33B-909B-4719-97D1-C4B99309BDC7}" = ATI Parental Control & Encoder
"{385979FE-DC4F-4140-8EAD-A59625000D72}" = NTI Backup NOW! 4
"{3EA9D975-BFDC-4E8E-B88B-0446FBC8CA66}" = ATI HYDRAVISION
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4BF8A8A5-B3EA-6073-0457-669CC1E929C8}" = CCC Help Hungarian
"{501C0FDB-DCA5-E211-956C-26ADC4C54B66}" = Catalyst Control Center Core Implementation
"{50D25574-2C48-4AEC-8FFC-32AEAD2EAEFF}" = Nokia Ovi Player
"{57F85CF9-B9EF-6C77-8095-A2CF95738099}" = CCC Help Danish
"{5DA6F06A-B389-407B-BF8C-1548767914D8}" = ATI Problem Report Wizard
"{5DE1B7CF-7429-40CA-987F-6BEE09B63787}" = Prime95
"{63569CE9-FA00-469C-AF5C-E5D4D93ACF91}" = Windows Genuine Advantage v1.3.0254.0
"{63A17691-ABC0-E86F-5D7A-A2F7EE36145E}" = CCC Help Dutch
"{6501E9B8-77C7-7D81-7F1A-4C2D7E36B403}" = CCC Help Italian
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}" = MSVC80_x86_v2
"{6FE7F94E-7AF8-421F-9A19-04681A099AE3}" = TuneUp WinStyler
"{70B31335-50EE-4834-8431-27412CDE62BD}" = Nokia_Multimedia_Common_Components_2_5
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{72A5824D-08E9-9A96-2104-19E4FE86E5FA}" = CCC Help Spanish
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7907CAB0-6C4F-C554-34EA-93EAC98B42F9}" = CCC Help Turkish
"{8070452B-15D6-4169-B9B9-FCC3B54588AD}" = Nokia Ovi Suite
"{82982D26-D60E-27D8-361F-F14A8F6440E7}" = Catalyst Control Center HydraVision Full
"{87934EAD-CE6F-16C6-6004-73E092AA15A6}" = Catalyst Control Center Graphics Previews Common
"{88EB38EF-4D2C-436D-ABD3-56B232674062}" = ICQ7
"{89B80F72-CCD0-95C3-21CB-89BA03D98155}" = CCC Help Finnish
"{89DE67AD-08B8-4699-A55D-CA5C0AF82BF3}" = ATI AVIVO Codecs
"{90120407-6000-11D3-8CFE-0050048383C9}" = Microsoft Office XP Standard
"{906D95BA-4515-59A5-F2E4-072B1E73BB75}" = CCC Help English
"{92DF2F1B-F63C-4D9A-B3E1-B2D11AE29790}" = Windows Presentation Foundation Language Pack (DEU)
"{95120000-00AF-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (German)
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9D8BE52A-2C9A-91F2-310E-560CCE4FD247}" = CCC Help Russian
"{A0D62771-4353-8D52-44B8-0FCFF07D5FF1}" = ccc-core-preinstall
"{A0D65C73-F2C5-432F-8788-90F8A2E99B98}" = Nokia Ovi Suite Software Updater
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A3AE78AD-093F-57F1-280D-A31B0C1C1425}" = CCC Help Greek
"{A41A9C99-0029-783E-40C3-3AA0D1A6535D}" = CCC Help Polish
"{A680CE58-7B2C-9A45-D05F-5AC22DFA2F76}" = CCC Help Portuguese
"{A97B911E-8B1F-3B0F-F3D1-63B04084CC0F}" = Skins
"{AD3AE2EE-E0DB-7818-3F05-7E8B2FB22C49}" = CCC Help Norwegian
"{AF111648-99A1-453E-81DD-80DBBF6DAD0D}" = MSVC90_x86
"{B1275E23-717A-4D52-997A-1AD1E24BC7F3}" = T-Online 6.0
"{B26E3B0D-C2FA-4370-B068-7C476766F029}" = Microsoft Works
"{B414174C-97E4-9E8B-018E-AC77055D0107}" = CCC Help Thai
"{B6D0AACC-1F01-A901-5348-FF3599EFE70D}" = CCC Help French
"{B98604A2-5229-CBE6-98A4-A6D7C63B7458}" = ccc-utility
"{BAF78226-3200-4DB4-BE33-4D922A799840}" = Windows Presentation Foundation
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C19BE821-89B1-4A96-AC7C-873810C0CB5F}" = ContentSAFER for Wizmax
"{C2C284D2-6BD7-3B34-B0C5-B2CAED168DF7}" = Microsoft .NET Framework 3.0 Service Pack 2 Language Pack - DEU
"{C314CE45-3392-3B73-B4E1-139CD41CA933}" = Microsoft .NET Framework 2.0 Service Pack 2 Language Pack - DEU
"{CADDE354-C78C-46CB-A006-E2B178EFC271}" = Rise Of Legends
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CBD1A47D-691E-56C2-AC6A-1B3F80E3EC14}" = CCC Help Swedish
"{CD95D125-2992-4858-B3EF-5F6FB52FBAD6}" = Skype Toolbars
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D34313F7-B5E2-D3AF-FBB1-EF3ED1DEF5AB}" = CCC Help Czech
"{D3B1C799-CB73-42DE-BA0F-2344793A095C}" = Catalyst Control Center - Branding
"{D4CFC5F3-481C-40AA-9944-E7E4E732136C}" = Microsoft IntelliType Pro 8.0
"{E3A6437F-DE5B-6F3E-7BB3-39185D0BBDCE}" = ccc-core-static
"{E633D396-5188-4E9D-8F6B-BFB8BF3467E8}" = Skype™ 5.0
"{E78BFA60-5393-4C38-82AB-E8019E464EB4}" = Microsoft .NET Framework 1.1 German Language Pack
"{EB1446FB-A3EF-D04D-C224-EEC74F11805F}" = Catalyst Control Center Graphics Full New
"{EF4F620F-F295-41D7-92C0-6B635709C850}" = Nokia Software Updater
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F1FDAA01-988C-423F-AC12-0D8F333943FD}" = Nokia Connectivity Cable Driver
"{F27483DD-A574-441E-AC55-69625B58D562}" = Brother HL-2035
"{F2A7F421-1679-48D5-B918-96999014ED53}" = Microsoft .NET Framework 3.0 German Language Pack
"{FB08F381-6533-4108-B7DD-039E11FBC27E}" = Realtek AC'97 Audio
"{FCE65C4E-B0E8-4FBD-AD16-EDCBE6CD591F}" = HighMAT-Erweiterung für den Microsoft Windows XP-Assistenten zum Schreiben von CDs
"{FE931AAE-B6D9-8A02-60C7-EF4862306F58}" = Catalyst Control Center Graphics Full Existing
"0C5EDC3653FED5B121F464339EAC12534D253B25" = Windows-Treiberpaket - Nokia Modem  (02/15/2007 3.1)
"3B18191663CDFABAA2A93D4267E54D683153FF60" = Windows-Treiberpaket - Advanced Micro Devices (AmdK8) Processor  (05/27/2006 1.3.2.0)
"504244733D18C8F63FF584AEB290E3904E791693" = Windows-Treiberpaket - Nokia pccsmcfd  (08/22/2008 7.0.0.0)
"9CD348AE9C64C4B939B624E8E24F3903EFDFC82B" = Windows-Treiberpaket - Nokia Modem  (05/22/2008 7.00.0.1)
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"All ATI Software" = ATI - Dienstprogramm zur Deinstallation der Software
"Ask Toolbar_is1" = Ask Toolbar
"ATI Display Driver" = ATI Display Driver
"B726756F5B5A5AA9D798B399386FC6205A45F19E" = Windows-Treiberpaket - Nokia Modem  (02/15/2007 3.1)
"C5A76DC11BABDA0A881E7BE8DDEB641365A77FFD" = Windows-Treiberpaket - Nokia Modem  (05/22/2008 3.8)
"CBF192A85B624E32B8D19ADEEF2DCFC5BC3AA73A" = Windows-Treiberpaket - Nokia Modem  (03/05/2008 3.7)
"CCleaner" = CCleaner
"CD8424B9400BFF7D34AA18F816C71322AC4BDAA7" = Windows-Treiberpaket - Nokia Modem  (05/24/2007 6.84.0.1)
"Cossacks : Back To War" = Cossacks - Back To War
"E092B2EBF2FFE83E896F8F7F829A7B5D7D1B2F9D" = Windows-Treiberpaket - Nokia Modem  (03/13/2008 6.86.0.1)
"Fraps" = Fraps
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.8
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie7" = Windows Internet Explorer 7
"InstallShield_{CADDE354-C78C-46CB-A006-E2B178EFC271}" = Rise Of Legends
"Lame MP3 Codec (for the ACM)" = Lame ACM MP3 Codec
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 1.1  (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.0 German Language Pack" = Microsoft .NET Framework 3.0 German Language Pack
"Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mozilla Firefox (3.5.12)" = Mozilla Firefox (3.5.12)
"Mozilla Thunderbird (3.1.2)" = Mozilla Thunderbird (3.1.2)
"Mp3tag" = Mp3tag v2.46a
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"Nokia Ovi Suite" = Nokia Ovi Suite
"Office14.Click2Run" = Microsoft Office Click-to-Run 2010 (Beta)
"Steam App 240" = Counter-Strike: Source
"SystemRequirementsLab" = System Requirements Lab
"TeamViewer 4" = TeamViewer 4
"Uninstall_is1" = Uninstall 1.0.0.1
"VP3 Codec Version 3.2.6.1" = VP3 Codec Version 3.2.6.1
"Wdf01005" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
"Wdf01007" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.7
"Wdf01009" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.9
"WIC" = Windows Imaging Component
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinRAR archiver" = WinRAR
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01009" = Microsoft User-Mode Driver Framework Feature Pack 1.9
"XpsEPSC" = XML Paper Specification Shared Components Pack 1.0
"XPSEPSCLP" = XML Paper Specification Shared Components Language Pack 1.0
"XviD_is1" = XviD MPEG-4 Video Codec
 
========== HKEY_CURRENT_USER Uninstall List ==========
 
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome
 
========== Last 10 Event Log Errors ==========
 
[ Application Events ]
Error - 06.09.2010 14:28:39 | Computer Name = FINN | Source = OviSuite | ID = 1
Description =
 
Error - 06.09.2010 14:45:01 | Computer Name = FINN | Source = OviSuite | ID = 1
Description =
 
Error - 06.09.2010 14:45:03 | Computer Name = FINN | Source = OviSuite | ID = 1
Description =
 
Error - 06.09.2010 14:45:03 | Computer Name = FINN | Source = OviSuite | ID = 1
Description =
 
Error - 07.09.2010 14:41:07 | Computer Name = FINN | Source = crypt32 | ID = 131083
Description = Die Extrahierung der Drittanbieterstammlisten aus der automatischen
 Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>
 ist fehlgeschlagen mit dem Fehler: Ein erforderliches Zertifikat befindet sich
nicht im Gültigkeitszeitraum gemessen an der aktuellen Systemzeit oder dem Zeitstempel
 in der signierten Datei.  .
 
Error - 07.09.2010 14:41:07 | Computer Name = FINN | Source = crypt32 | ID = 131083
Description = Die Extrahierung der Drittanbieterstammlisten aus der automatischen
 Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>
 ist fehlgeschlagen mit dem Fehler: Ein erforderliches Zertifikat befindet sich
nicht im Gültigkeitszeitraum gemessen an der aktuellen Systemzeit oder dem Zeitstempel
 in der signierten Datei.  .
 
Error - 07.09.2010 17:31:29 | Computer Name = FINN | Source = CVHSVC | ID = 100
Description = Nur zur Information.  (Patch task for {20140062-0062-0407-0000-0000000FF1CE}):
 DownloadLatest Failed:
 
Error - 07.09.2010 18:50:42 | Computer Name = FINN | Source = Application Error | ID = 1000
Description = Fehlgeschlagene Anwendung javara.exe, Version 1.16.1.1763, fehlgeschlagenes
 Modul ntdll.dll, Version 5.1.2600.5755, Fehleradresse 0x0000100b.
 
Error - 08.09.2010 10:48:11 | Computer Name = FINN | Source = MsiInstaller | ID = 11706
Description = Produkt: Microsoft Office XP Standard -- Fehler 1706. Setup kann die
 benötigten Dateien nicht finden. Überprüfen Sie Ihre Verbindung mit dem Netzwerk
 oder dem CD-ROM-Laufwerk. Um mehr über mögliche Lösungen für dieses Problem zu
erfahren, sehen sie bitte nach in C:\Programme\Microsoft Office\Office10\1031\SETUP.HLP.
 
Error - 08.09.2010 10:48:12 | Computer Name = FINN | Source = MsiInstaller | ID = 1024
Description = Produkt: Microsoft Office XP Standard - Update "{4757E865-0292-4E04-940D-9C51052A5DD6}"
 konnte nicht installiert werden. Fehlercode 1603. Windows Installer kann Protokolle
 erstellen, um bei der Problembehandlung betreffend der Installation von Softwarepaketen
 behilflich zu sein. Verwenden Sie folgenden Link, um Anweisungen zur Aktivierung
 der Protokollierungsunterstützung zu erhalten: hxxp://go.microsoft.com/fwlink/?LinkId=23127
 
[ System Events ]
Error - 08.09.2010 12:25:10 | Computer Name = FINN | Source = Service Control Manager | ID = 7023
Description = Der Dienst "Anwendungsverwaltung" wurde mit folgendem Fehler beendet:
  %%126
 
Error - 08.09.2010 12:25:10 | Computer Name = FINN | Source = Service Control Manager | ID = 7023
Description = Der Dienst "Anwendungsverwaltung" wurde mit folgendem Fehler beendet:
  %%126
 
Error - 08.09.2010 12:25:10 | Computer Name = FINN | Source = Service Control Manager | ID = 7023
Description = Der Dienst "Anwendungsverwaltung" wurde mit folgendem Fehler beendet:
  %%126
 
Error - 08.09.2010 12:25:10 | Computer Name = FINN | Source = Service Control Manager | ID = 7023
Description = Der Dienst "Anwendungsverwaltung" wurde mit folgendem Fehler beendet:
  %%126
 
Error - 08.09.2010 12:25:10 | Computer Name = FINN | Source = Service Control Manager | ID = 7023
Description = Der Dienst "Anwendungsverwaltung" wurde mit folgendem Fehler beendet:
  %%126
 
Error - 08.09.2010 12:25:10 | Computer Name = FINN | Source = Service Control Manager | ID = 7023
Description = Der Dienst "Anwendungsverwaltung" wurde mit folgendem Fehler beendet:
  %%126
 
Error - 08.09.2010 12:25:11 | Computer Name = FINN | Source = Service Control Manager | ID = 7023
Description = Der Dienst "Anwendungsverwaltung" wurde mit folgendem Fehler beendet:
  %%126
 
Error - 08.09.2010 12:49:02 | Computer Name = FINN | Source = Service Control Manager | ID = 7000
Description = Der Dienst "int15.sys" wurde aufgrund folgenden Fehlers nicht gestartet:
  %%3
 
Error - 08.09.2010 12:49:02 | Computer Name = FINN | Source = Service Control Manager | ID = 7023
Description = Der Dienst "HID Input Service" wurde mit folgendem Fehler beendet:
  %%126
 
Error - 08.09.2010 12:49:24 | Computer Name = FINN | Source = Service Control Manager | ID = 7034
Description = Dienst "TuneUp WinStyler Theme Service" wurde unerwartet beendet.
Dies ist bereits 1 Mal passiert.
 
 
< End of report >
--- --- ---

.Anti. 09.09.2010 14:27
Hmm, mir ist aufgefallen, dass die Lautstärkesteuerung meiner Tastatur nicht mehr funktioniert... habe Treiber und den Krams schon neuinstalliert.

Kann das hiermit zu tun haben oder ist das eher ein Hardwareproblem?

Lg Finn

john.doe 09.09.2010 17:24
Zitat:
Geht ok, oder?
Auch wenn es zu funktionieren scheint, vetrau meiner Erfahrung und die heißt: Deinstallieren, Neuinstallieren.

Hast du dich wirklich an meine Anweisungen gehalten? Dort ist noch immer die Askbar zu sehen! (nicht wirklich schädlich, aber Adware, deshalb weg damit!)

OK, dann auf den traditionellen Weg:

1.) Starte HJT => Do a system scan only => Markiere
Code:
Alle R0, R1, R3, O2, O3, O9 und O16-Einträge
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [QuickTime Task] "D:\Programme\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Programme\Java\jre6\bin\jusched.exe
O4 - HKCU\..\Run: [Google Update] "C:\Dokumente und Einstellungen\Ich\Lokale Einstellungen\Anwendungsdaten\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [Steam] "d:\programme\steam\steam.exe" -silent
O4 - HKCU\..\Run: [ICQ] "D:\Programme\ICQ7.0\ICQ.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Skype] "C:\Programme\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\RunOnce: [SWHelper] "C:\WINDOWS\system32\Macromed\Shockwave 10\PostUpdate.exe" 1014020
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: WKCALREM.LNK = C:\Programme\Gemeinsame Dateien\Microsoft Shared\Works Shared\WkCalRem.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Programme\Microsoft Office\Office10\OSA.EXE
=> Fix checked => Neustart

2.) Nach dieser Löschorgie brauche ich neue Logs von RSIT und OTL.

3.)
Zitat:
Hmm, mir ist aufgefallen, dass die Lautstärkesteuerung meiner Tastatur nicht mehr funktioniert...
ComboFix ist recht brutal und setzt viele Standardeinstellungen zurück. Ich benutze es wirklich nur im Notfall. CF zerschießt gerne Treiber, aber immer noch besser als Schädlinge auf dem Rechner. Um solche "Kleinigkeiten" kümmern wir uns zum Schluss.

ciao, andreas

.Anti. 09.09.2010 19:28
Den Askbar konnte ich leider nicht entfernen...
Weder über Programme noch per Suche... kA wie ich den wegbekommen soll...

Werde dann vor dem Fix noch Firefox und Thunderbird entfernen.

Ich melde mich, wenn ich fertig bin :)

Edit:

Soll ich eigentlich stattdessen Internet Explorer installieren? Oder mir schon das Firefox Setup downloaden? Ich komme ja sonst gar nicht mehr ins Internet ohne Browser, oder?

.Anti. 09.09.2010 20:01
RSIT Logfile:
RSIT Logfile:
Code:
Logfile of random's system information tool 1.08 (written by random/random)
Run by Ich at 2010-09-09 21:00:23
Microsoft Windows XP Home Edition Service Pack 3
System drive C: has 20 GB (26%) free of 74 GB
Total RAM: 1534 MB (62% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 21:00:27, on 09.09.2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.17080)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Programme\TuneUp WinStyler\WinStylerThemeSvc.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Programme\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\rundll32.exe
D:\Programme\T-Online\T-Online_Software_6\Basis-Software\Basis1\ToADiMon.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Programme\Microsoft IntelliType Pro\itype.exe
C:\Programme\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Programme\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Programme\Microsoft Application Virtualization Client\sftvsa.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\UAService7.exe
C:\Programme\Microsoft IntelliType Pro\dpupdchk.exe
C:\Programme\Microsoft Application Virtualization Client\sftlist.exe
C:\Programme\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
C:\Programme\Gemeinsame Dateien\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\system32\wuauclt.exe
D:\Programme\ICQ7.0\ICQ.exe
D:\Programme\Mozilla Firefox\firefox.exe
C:\Dokumente und Einstellungen\Ich\Desktop\RSIT.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\Programme\trend micro\Ich.exe

O4 - HKLM\..\Run: [LaunchApp] Alaunch
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [ToADiMon.exe] D:\Programme\T-Online\T-Online_Software_6\Basis-Software\Basis1\ToADiMon.exe -TOnlineAutodialStart
O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAShCut.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [StartCCC] "C:\Programme\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [itype] "C:\Programme\Microsoft IntelliType Pro\itype.exe"
O4 - HKCU\..\Run: [swg] "C:\Programme\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKUS\S-1-5-18\..\Run: [InfoCockpit] D:\Programme\T-Online\T-Online_Software_6\Info-Cockpit\INFOCOCKPIT.EXE /nosplash (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [InfoCockpit] D:\Programme\T-Online\T-Online_Software_6\Info-Cockpit\INFOCOCKPIT.EXE /nosplash (User 'Default user')
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (file missing)
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\GEMEIN~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Programme\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programme\Gemeinsame Dateien\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Programme\Java\jre6\bin\jqs.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: ServiceLayer - Nokia - C:\Programme\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: TuneUp WinStyler Theme Service (TUWinStylerThemeSvc) - TuneUp Software GmbH - C:\Programme\TuneUp WinStyler\WinStylerThemeSvc.exe
O23 - Service: SecuROM User Access Service (V7) (UserAccess7) - Sony DADC Austria AG. - C:\WINDOWS\system32\UAService7.exe

--
End of file - 4622 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\Microsoft_Hardware_Launch_IPoint_exe.job
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-3598312876-1066895871-4027723870-1007Core1cb0cc11dcdc67c.job
C:\WINDOWS\tasks\Microsoft_Hardware_Launch_IType_exe.job

======Registry dump======

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"LaunchApp"=Alaunch []
"MSPY2002"=C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe [2004-08-04 59392]
"BluetoothAuthenticationAgent"=bthprops.cpl,,BluetoothAuthenticationAgent []
"ToADiMon.exe"=D:\Programme\T-Online\T-Online_Software_6\Basis-Software\Basis1\ToADiMon.exe [2005-06-27 278528]
"High Definition Audio Property Page Shortcut"=C:\WINDOWS\system32\HDAShCut.exe [2005-01-07 61952]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2005-07-01 14477312]
"StartCCC"=C:\Programme\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2009-02-03 61440]
"itype"=C:\Programme\Microsoft IntelliType Pro\itype.exe [2010-07-21 1778064]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"swg"=C:\Programme\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2007-06-16 68856]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Malwarebytes Anti-Malware (reboot)]
D:\Programme\Malwarebytes' Anti-Malware\mbam.exe [2010-04-29 1090952]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
C:\Programme\Messenger\msmsgs.exe [2008-04-14 1695232]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaMServer]
C:\Programme\Gemeinsame Dateien\Nokia\MPlatform\NokiaMServer /watchfiles startup []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaMusic FastStart]
C:\Programme\Nokia\Ovi Player\NokiaOviPlayer.exe [2010-03-04 2192672]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ntiMUI]
c:\Programme\NewTech Infosystems\NTI CD & DVD-Maker 7\ntiMUI.exe [2005-05-11 45056]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Profiler]
C:\Programme\Saitek\Software\Profiler.exe [2004-01-28 159744]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl]
C:\Programme\CyberLink\PowerDVD\PDVDServ.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SaiSmart]
C:\Programme\Saitek\Software\SaiSmart.exe [2004-01-28 98304]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Dokumente und Einstellungen^Ich^Startmenü^Programme^Zubehör^Autostart^Registration .LNK]
C:\Programme\Ubisoft\Peter Jackson's King Kong - The Official Game of the Movie\RegistrationReminder.exe -d 803617 -l german -r 7 -g  -c us -i 2309 []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2009-02-04 155648]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2007-03-15 236928]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"HonorAutoRunSetting"=1
"NoDriveAutoRun"=67108863
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"D:\Programme\LucasArts\Star Wars Battlefront II\GameData\BattlefrontII.exe"="D:\Programme\LucasArts\Star Wars Battlefront II\GameData\BattlefrontII.exe:*:Enabled:BattlefrontII"
"C:\WINDOWS\System32\LEXPPS.EXE"="C:\WINDOWS\System32\LEXPPS.EXE:*:Disabled:LEXPPS"
"C:\WINDOWS\System32\dplaysvr.exe"="C:\WINDOWS\System32\dplaysvr.exe:*:Disabled:Microsoft DirectPlay Helper"
"C:\WINDOWS\Network Diagnostic\xpnetdiag.exe"="C:\WINDOWS\Network Diagnostic\xpnetdiag.exe:*:Disabled:@xpsp3res.dll,-20000"
"C:\WINDOWS\system32\sessmgr.exe"="C:\WINDOWS\system32\sessmgr.exe:*:Disabled:@xpsp2res.dll,-22019"
"D:\Programme\T-Online\T-Online_Software_6\Browser\browser.exe"="D:\Programme\T-Online\T-Online_Software_6\Browser\browser.exe:*:Disabled:T-Online Browser 6.0"
"C:\Programme\Messenger\msmsgs.exe"="C:\Programme\Messenger\msmsgs.exe:*:Disabled:Windows Messenger"
"C:\Programme\TeamViewer\Version4\TeamViewer.exe"="C:\Programme\TeamViewer\Version4\TeamViewer.exe:*:Enabled:TeamViewer Remote Control Application"
"C:\Programme\Nokia\Nokia Software Updater\nsu_ui_client.exe"="C:\Programme\Nokia\Nokia Software Updater\nsu_ui_client.exe:*:Enabled:Nokia Software Updater"
"C:\Programme\Java\jre6\bin\java.exe"="C:\Programme\Java\jre6\bin\java.exe:*:Enabled:Java(TM) Platform SE binary"
"D:\Programme\Counter-Strike 1.6\hl.exe"="D:\Programme\Counter-Strike 1.6\hl.exe:*:Enabled:Half-Life Launcher"
"D:\Programme\Azureus\Azureus.exe"="D:\Programme\Azureus\Azureus.exe:*:Enabled:Azureus"
"C:\Programme\Microsoft Games\Rise Of Legends\legends.exe"="C:\Programme\Microsoft Games\Rise Of Legends\legends.exe:*:Enabled:Rise Of Legends"
"D:\Programme\ICQ6.5\ICQ.exe"="D:\Programme\ICQ6.5\ICQ.exe:*:Enabled:ICQ6"
"C:\Programme\Skype\Plugin Manager\skypePM.exe"="C:\Programme\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"D:\Programme\SiSoftware\SiSoftware Sandra Lite 2009.SP3c\WNt500x86\RpcSandraSrv.exe"="D:\Programme\SiSoftware\SiSoftware Sandra Lite 2009.SP3c\WNt500x86\RpcSandraSrv.exe:*:Enabled:SiSoftware Sandra Agent Service"
"C:\Programme\TMbot\TM.EXE"="C:\Programme\TMbot\TM.EXE:*:Enabled:TMbot"
"D:\Programme\Anno 1701\Anno1701.exe"="D:\Programme\Anno 1701\Anno1701.exe:*:Enabled:Anno 1701"
"D:\Programme\ICQ7.0\ICQ.exe"="D:\Programme\ICQ7.0\ICQ.exe:*:Enabled:ICQ7"
"D:\Programme\ICQ7.0\aolload.exe"="D:\Programme\ICQ7.0\aolload.exe:*:Enabled:aolload.exe"
"D:\Programme\Steam\Steam.exe"="D:\Programme\Steam\Steam.exe:*:Enabled:Steam"
"C:\Dokumente und Einstellungen\Ich\Desktop\Counter-Strike Source\hl2.exe"="C:\Dokumente und Einstellungen\Ich\Desktop\Counter-Strike Source\hl2.exe:*:Disabled:hl2"
"D:\Programme\League of Legends\Air\LolClient.exe"="D:\Programme\League of Legends\Air\LolClient.exe:*:Enabled:League of Legends Lobby"
"D:\Programme\League of Legends\Game\League of Legends.exe"="D:\Programme\League of Legends\Game\League of Legends.exe:*:Enabled:League of Legends Game Client"
"C:\Programme\Pando Networks\Media Booster\PMB.exe"="C:\Programme\Pando Networks\Media Booster\PMB.exe:*:Enabled:Pando Media Booster"
"D:\Programme\Steam\SteamApps\weithoff007\counter-strike source\hl2.exe"="D:\Programme\Steam\SteamApps\weithoff007\counter-strike source\hl2.exe:*:Enabled:Counter-Strike: Source"
"C:\Programme\MSN Messenger\msnmsgr.exe"="C:\Programme\MSN Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"
"C:\Programme\MSN Messenger\livecall.exe"="C:\Programme\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"
"C:\Dokumente und Einstellungen\Ich\Lokale Einstellungen\Temp\7zS1B3.tmp\SymNRT.exe"="C:\Dokumente und Einstellungen\Ich\Lokale Einstellungen\Temp\7zS1B3.tmp\SymNRT.exe:*:Enabled:Norton Removal Tool"
"C:\Dokumente und Einstellungen\Ich\Desktop\Warcraft3\Warcraft III.exe"="C:\Dokumente und Einstellungen\Ich\Desktop\Warcraft3\Warcraft III.exe:*:Disabled:Warcraft III"
"C:\Programme\Skype\Phone\Skype.exe"="C:\Programme\Skype\Phone\Skype.exe:*:Enabled:Skype"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"D:\Programme\ICQ7.0\ICQ.exe"="D:\Programme\ICQ7.0\ICQ.exe:*:Enabled:ICQ7"
"D:\Programme\ICQ7.0\aolload.exe"="D:\Programme\ICQ7.0\aolload.exe:*:Enabled:aolload.exe"
"C:\Programme\Pando Networks\Media Booster\PMB.exe"="C:\Programme\Pando Networks\Media Booster\PMB.exe:*:Enabled:Pando Media Booster"
"C:\Programme\MSN Messenger\msnmsgr.exe"="C:\Programme\MSN Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"
"C:\Programme\MSN Messenger\livecall.exe"="C:\Programme\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"

======List of files/folders created in the last 1 months======

2010-09-08 16:32:15 ----D---- C:\Programme\Microsoft IntelliType Pro
2010-09-08 06:46:17 ----D---- C:\Dokumente und Einstellungen\Ich\Anwendungsdaten\Skype
2010-09-08 06:46:12 ----D---- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Skype
2010-09-08 03:34:26 ----HD---- C:\WINDOWS\$NtUninstallKB982214$
2010-09-08 03:34:20 ----HD---- C:\WINDOWS\$NtUninstallKB2115168$
2010-09-08 03:34:14 ----HD---- C:\WINDOWS\$NtUninstallKB2229593$
2010-09-08 03:33:23 ----HD---- C:\WINDOWS\$NtUninstallKB981852$
2010-09-08 03:32:21 ----HD---- C:\WINDOWS\$NtUninstallKB2079403$
2010-09-08 03:18:13 ----HD---- C:\WINDOWS\$NtUninstallKB2160329$
2010-09-08 03:17:48 ----HD---- C:\WINDOWS\$NtUninstallKB980436$
2010-09-08 03:03:52 ----HD---- C:\WINDOWS\$NtUninstallKB2286198$
2010-09-08 03:03:23 ----HD---- C:\WINDOWS\$NtUninstallKB981997$
2010-09-08 03:02:59 ----A---- C:\WINDOWS\imsins.BAK
2010-09-08 03:02:24 ----HD---- C:\WINDOWS\$NtUninstallKB982665$
2010-09-08 01:05:55 ----D---- C:\Dokumente und Einstellungen\Ich\Anwendungsdaten\InstallShield
2010-09-08 00:54:39 ----SHD---- C:\Recycled
2010-09-07 23:51:29 ----A---- C:\ComboFix.txt
2010-09-07 23:25:36 ----A---- C:\Boot.bak
2010-09-07 23:25:31 ----RASHD---- C:\cmdcons
2010-09-07 23:21:19 ----A---- C:\WINDOWS\zip.exe
2010-09-07 23:21:19 ----A---- C:\WINDOWS\SWXCACLS.exe
2010-09-07 23:21:19 ----A---- C:\WINDOWS\SWSC.exe
2010-09-07 23:21:19 ----A---- C:\WINDOWS\SWREG.exe
2010-09-07 23:21:19 ----A---- C:\WINDOWS\sed.exe
2010-09-07 23:21:19 ----A---- C:\WINDOWS\PEV.exe
2010-09-07 23:21:19 ----A---- C:\WINDOWS\NIRCMD.exe
2010-09-07 23:21:19 ----A---- C:\WINDOWS\MBR.exe
2010-09-07 23:21:19 ----A---- C:\WINDOWS\grep.exe
2010-09-07 23:20:37 ----D---- C:\WINDOWS\ERDNT
2010-09-07 23:16:35 ----D---- C:\Qoobox
2010-09-07 21:12:19 ----D---- C:\Programme\trend micro
2010-09-07 21:11:23 ----D---- C:\rsit
2010-09-07 17:06:29 ----D---- C:\WINDOWS\system32\Adobe
2010-09-07 16:59:37 ----D---- C:\Programme\Windows Sidebar
2010-09-07 16:59:36 ----D---- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Norton
2010-09-07 16:56:10 ----D---- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\NortonInstaller
2010-09-06 23:29:18 ----D---- C:\_OTL
2010-09-06 22:16:47 ----D---- C:\Dokumente und Einstellungen\Ich\Anwendungsdaten\Malwarebytes
2010-09-06 22:16:28 ----A---- C:\WINDOWS\system32\drivers\mbamswissarmy.sys
2010-09-06 22:16:22 ----D---- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Malwarebytes
2010-09-06 22:16:21 ----A---- C:\WINDOWS\system32\drivers\mbam.sys
2010-09-06 16:35:22 ----D---- C:\Dokumente und Einstellungen\Ich\Anwendungsdaten\Mp3tag
2010-09-06 16:07:54 ----D---- C:\Dokumente und Einstellungen\Ich\Anwendungsdaten\DVDVideoSoftIEHelpers
2010-09-02 20:38:39 ----A---- C:\WINDOWS\ModemLog_Standardmodem über Bluetooth-Verbindung.txt
2010-09-01 21:27:52 ----D---- C:\Dokumente und Einstellungen\Ich\Anwendungsdaten\Nokia Ovi Suite
2010-09-01 04:12:41 ----HD---- C:\WINDOWS\$NtUninstallWudf01009$
2010-09-01 04:06:53 ----HD---- C:\WINDOWS\$NtUninstallWdf01009$
2010-09-01 03:50:49 ----D---- C:\WINDOWS\Globalization
2010-09-01 03:50:22 ----D---- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\NokiaMusic
2010-09-01 03:44:21 ----A---- C:\WINDOWS\system32\drivers\pccsmcfd.sys
2010-09-01 03:44:11 ----D---- C:\Programme\PC Connectivity Solution
2010-09-01 03:43:22 ----A---- C:\WINDOWS\system32\wdfcoinstaller01009.dll
2010-09-01 03:43:22 ----A---- C:\WINDOWS\system32\nmwcdcocls.dll
2010-09-01 03:43:22 ----A---- C:\WINDOWS\system32\drivers\ccdcmb.sys
2010-09-01 03:40:39 ----D---- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\NokiaInstallerCache
2010-08-21 18:33:32 ----D---- C:\FOUND.069
2010-08-20 03:55:24 ----A---- C:\WINDOWS\system32\javaws.exe
2010-08-20 03:55:24 ----A---- C:\WINDOWS\system32\javaw.exe
2010-08-20 03:55:24 ----A---- C:\WINDOWS\system32\java.exe
2010-08-11 04:42:15 ----D---- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Blizzard Entertainment
2010-08-11 04:41:24 ----D---- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Blizzard

======List of files/folders modified in the last 1 months======

2010-09-08 03:30:16 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2010-09-08 01:05:16 ----A---- C:\WINDOWS\BRVIDEO.INI
2010-09-08 01:05:16 ----A---- C:\WINDOWS\Brownie.ini
2010-09-08 01:05:16 ----A---- C:\WINDOWS\BRDIAG.INI
2010-09-07 23:40:32 ----A---- C:\WINDOWS\system.ini
2010-09-07 23:25:38 ----RASH---- C:\boot.ini
2010-09-07 17:13:46 ----A---- C:\WINDOWS\win.ini

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 amdide;amdide; C:\WINDOWS\system32\DRIVERS\amdide.sys [2007-10-12 9096]
R0 gagp30kx;Microsoft Allgemeiner AGPv3.0-Filter für K8-Prozessorplattformen; C:\WINDOWS\system32\DRIVERS\gagp30kx.sys [2008-04-13 46464]
R0 ohci1394;VIA OHCI-konformer IEEE 1394-Hostcontroller; C:\WINDOWS\system32\DRIVERS\ohci1394.sys [2008-04-13 61696]
R0 PxHelp20;PxHelp20; C:\WINDOWS\System32\Drivers\PxHelp20.sys [2009-04-28 44944]
R0 sfvfs02;StarForce Protection VFS Driver (version 2.x); C:\WINDOWS\System32\drivers\sfvfs02.sys [2005-11-03 63488]
R0 SI3112r;ATI-437A Serial ATA Controller; C:\WINDOWS\system32\DRIVERS\SI3112r.sys [2005-06-01 97920]
R0 SiFilter;SATALink driver accelerator; C:\WINDOWS\system32\DRIVERS\SiWinAcc.sys [2005-06-01 10240]
R0 viaagp1;VIA AGP Filter; C:\WINDOWS\system32\DRIVERS\viaagp1.sys [2003-07-02 27904]
R0 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2009-07-13 91904]
R1 AmdK8;AMD-Prozessortreiber; C:\WINDOWS\system32\DRIVERS\AmdK8.sys [2006-07-01 43520]
R1 kbdhid;Tastatur-HID-Treiber; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2004-08-04 14848]
R1 UBHelper;UBHelper; C:\WINDOWS\system32\drivers\UBHelper.sys [2004-12-17 13952]
R1 WS2IFSL;Windows Socket 2.0 Non-IFS-Dienstanbieter-Unterstützungsumgebung; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2004-08-04 12032]
R2 BrPar;BrPar; C:\WINDOWS\System32\drivers\BrPar.sys [2000-07-24 19537]
R3 Afc;PPdus ASPI Shell; C:\WINDOWS\system32\drivers\Afc.sys [2005-02-23 11776]
R3 Arp1394;1394-ARP-Clientprotokoll; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-13 60800]
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2009-02-04 3488768]
R3 AtiHdmiService;ATI Function Driver for HDMI Service; C:\WINDOWS\system32\drivers\AtiHdmi.sys [2008-10-31 93184]
R3 BthEnum;Bluetooth-Auflistungsdienst; C:\WINDOWS\system32\DRIVERS\BthEnum.sys [2008-04-13 17024]
R3 BTHMODEM;Bluetooth-Modemkommunikationstreiber; C:\WINDOWS\system32\DRIVERS\bthmodem.sys [2008-04-13 37888]
R3 BthPan;Bluetooth-Gerät (PAN); C:\WINDOWS\system32\DRIVERS\bthpan.sys [2008-04-13 101120]
R3 BTHUSB;USB-Treiber für Bluetooth-Funkgerät; C:\WINDOWS\System32\Drivers\BTHUSB.sys [2008-04-13 18944]
R3 HDAudBus;Microsoft UAA-Bustreiber für High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 HidBth;Microsoft Bluetooth-HID-Miniport; C:\WINDOWS\system32\DRIVERS\hidbth.sys [2008-04-14 25856]
R3 hidusb;Microsoft HID Class-Treiber; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2005-07-01 3134976]
R3 mouhid;Maus-HID-Treiber; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-18 12288]
R3 NIC1394;1394-Netzwerktreiber; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-13 61824]
R3 NTIDrvr;Upper Class Filter Driver; C:\WINDOWS\system32\DRIVERS\NTIDrvr.sys [2005-10-22 6144]
R3 NuidFltr;NUID filter driver; C:\WINDOWS\system32\DRIVERS\NuidFltr.sys [2010-07-21 21520]
R3 pfc;Padus ASPI Shell; C:\WINDOWS\system32\drivers\pfc.sys [2003-09-19 21248]
R3 RFCOMM;Bluetooth-Gerät (RFCOMM-Protokoll-TDI); C:\WINDOWS\system32\DRIVERS\rfcomm.sys [2008-04-13 59136]
R3 SaiMini;SaiMini; C:\WINDOWS\system32\DRIVERS\SaiMini.sys [2004-01-28 15232]
R3 SaiNtBus;SaiNtBus; C:\WINDOWS\system32\drivers\SaiNtBus.sys [2004-01-28 26624]
R3 sftfs;sftfs; \??\C:\Programme\Microsoft Application Virtualization Client\drivers\sftfsXP.sys []
R3 sftplay;sftplay; \??\C:\Programme\Microsoft Application Virtualization Client\drivers\sftplayXP.sys []
R3 Sftredir;Sftredir; C:\WINDOWS\system32\DRIVERS\Sftredirxp.sys [2009-09-23 21864]
R3 sftvol;sftvol; \??\C:\Programme\Microsoft Application Virtualization Client\drivers\sftvolXP.sys []
R3 Wdf01000;Wdf01000; C:\WINDOWS\system32\DRIVERS\Wdf01000.sys [2009-07-14 444136]
R3 yukonwxp;NDIS5.1 Miniport Driver for Marvell Yukon Ethernet Controller; C:\WINDOWS\system32\DRIVERS\yk51x86.sys [2005-07-01 230272]
S2 int15.sys;int15.sys; \??\C:\Programme\Acer\eRecovery\int15.sys []
S3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [2005-06-08 2319680]
S3 AVerA700;A700 service; C:\WINDOWS\system32\DRIVERS\AVerBDA3x.sys [2006-05-05 985472]
S3 BTHPORT;Bluetooth-Porttreiber; C:\WINDOWS\System32\Drivers\BTHport.sys [2008-06-14 273024]
S3 catchme;catchme; \??\C:\cofi\catchme.sys []
S3 CCDECODE;Untertiteldecoder; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 DMSKSSRh;DMSKSSRh; \??\C:\DOKUME~1\Ich\LOKALE~1\Temp\DMSKSSRh.sys []
S3 ENTECH;ENTECH; \??\C:\WINDOWS\system32\DRIVERS\ENTECH.sys []
S3 HdAudAddService;Microsoft UAA Function Driver for High Definition Audio Service; C:\WINDOWS\system32\drivers\HdAudio.sys [2005-01-07 145920]
S3 MIINPazX;MIINPazX NDIS Protocol Driver; \??\C:\PROGRA~1\GEMEIN~1\MARMIK~1\MInfraIS\MIINPazX.SYS []
S3 MPE;BDA MPE-Filter; C:\WINDOWS\system32\DRIVERS\MPE.sys [2008-04-13 15232]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink-Konvertierung; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 MTOnlPktAlyX;MTOnlPktAlyX NDIS Protocol Driver; \??\D:\PROGRA~1\T-Online\T-ONLI~1\BASIS-~1\Basis1\MTOnlPktAlyX.SYS []
S3 NABTSFEC;NABTS/FEC VBI-Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Microsoft TV-/Videoverbindung; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 nm;Netzwerkmonitortreiber; C:\WINDOWS\system32\DRIVERS\NMnt.sys [2008-04-13 40320]
S3 nmwcd;Nokia USB Phone Parent; C:\WINDOWS\system32\drivers\ccdcmb.sys [2010-02-26 18176]
S3 ovt530;TM507A USB Camera; C:\WINDOWS\System32\Drivers\ov530vid.sys []
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816]
S3 Point32;Microsoft IntelliPoint Filter Driver; C:\WINDOWS\system32\DRIVERS\point32.sys []
S3 RTL8023xp;Realtek 10/100/1000 NIC Family all in one NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtlnicxp.sys [2005-03-04 74496]
S3 rtl8139;NT-Treiber für Realtek RTL8139(A/B/C)-basierten PCI-Fast Ethernet-Adapter; C:\WINDOWS\system32\DRIVERS\RTL8139.SYS [2004-08-03 20992]
S3 SaiH0464;SaiH0464; C:\WINDOWS\system32\DRIVERS\SaiH0464.sys [2004-01-30 55808]
S3 SANDRA;SANDRA; \??\D:\Programme\SiSoftware\SiSoftware Sandra Lite 2009.SP3c\WNt500x86\Sandra.sys []
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 streamip;BDA-IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 upperdev;upperdev; C:\WINDOWS\system32\DRIVERS\usbser_lowerflt.sys []
S3 USBAAPL;Apple Mobile USB Driver; C:\WINDOWS\System32\Drivers\usbaapl.sys []
S3 usbaudio;USB-Audiotreiber (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2008-04-13 60032]
S3 usbccgp;Microsoft Standard-USB-Haupttreiber; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2004-08-04 31616]
S3 usbprint;Microsoft USB-Druckerklasse; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 usbscan;USB-Scannertreiber; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 USBSTOR;USB-Massenspeichertreiber; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 usbuhci;Miniporttreiber für universellen Microsoft USB-Hostcontroller; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
S3 usbvideo;USB-Videogerät (WDM); C:\WINDOWS\System32\Drivers\usbvideo.sys [2008-04-13 121984]
S3 WpdUsb;WpdUsb; C:\WINDOWS\System32\Drivers\wpdusb.sys [2006-10-18 38528]
S3 WSTCODEC;World Standard Teletext-Codec; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S4 mchInjDrv;mchInjDrv; \??\C:\WINDOWS\TEMP\mc21.tmp []
S4 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys [2009-06-15 717296]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2009-02-04 602112]
R2 BthServ;Bluetooth Support Service; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R2 cvhsvc;Client Virtualization Handler; C:\Programme\Gemeinsame Dateien\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2009-09-26 819600]
R2 JavaQuickStarterService;Java Quick Starter; C:\Programme\Java\jre6\bin\jqs.exe [2010-07-17 153376]
R2 LexBceS;LexBce Server; C:\WINDOWS\system32\LEXBCES.EXE [2002-02-14 299008]
R2 sftlist;Application Virtualization Client; C:\Programme\Microsoft Application Virtualization Client\sftlist.exe [2009-09-23 447832]
R2 TUWinStylerThemeSvc;TuneUp WinStyler Theme Service; C:\Programme\TuneUp WinStyler\WinStylerThemeSvc.exe [2004-05-04 117760]
R2 UserAccess7;SecuROM User Access Service (V7); C:\WINDOWS\system32\UAService7.exe [2006-03-11 221184]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R3 sftvsa;Application Virtualization Service Agent; C:\Programme\Microsoft Application Virtualization Client\sftvsa.exe [2009-09-23 203608]
S2 ATI Smart;ATI Smart; C:\WINDOWS\system32\ati2sgag.exe [2009-02-03 593920]
S2 Fax;Fax; C:\WINDOWS\system32\fxssvc.exe [2008-04-14 268800]
S3 aspnet_state;ASP.NET-Zustandsdienst; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 gusvc;Google Updater Service; C:\Programme\Google\Common\Google Updater\GoogleUpdaterService.exe [2007-02-02 138168]
S3 IDriverT;InstallDriver Table Manager; C:\Programme\Gemeinsame Dateien\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 ose;Office  Source Engine; C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE [2009-09-26 149336]
S3 osppsvc;Office Software Protection Platform; C:\Programme\Gemeinsame Dateien\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2009-09-26 4639136]
S3 ServiceLayer;ServiceLayer; C:\Programme\PC Connectivity Solution\ServiceLayer.exe [2010-06-14 615936]
S3 WMPNetworkSvc;Windows Media Player-Netzwerkfreigabedienst; C:\Programme\Windows Media Player\WMPNetwk.exe [2006-11-03 920576]
S4 NetTcpPortSharing;Net.Tcp-Portfreigabedienst; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------
--- --- ---

.Anti. 09.09.2010 20:09
Und hier die OTL Logs:

OTL Logfile:
Code:
OTL logfile created on: 09.09.2010 21:06:46 - Run 4
OTL by OldTimer - Version 3.2.11.0    Folder = C:\Dokumente und Einstellungen\Ich\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.11)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
1,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 61,00% Memory free
2,00 Gb Paging File | 2,00 Gb Available in Paging File | 81,00% Paging File free
Paging file location(s): C:\pagefile.sys 1024 1024 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 72,65 Gb Total Space | 19,05 Gb Free Space | 26,22% Space Free | Partition Type: FAT32
Drive D: | 73,45 Gb Total Space | 50,81 Gb Free Space | 69,17% Space Free | Partition Type: NTFS
Drive E: | 455,16 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
 
Computer Name: FINN
Current User Name: Ich
Logged in as Administrator.
 
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal
 
========== Processes (SafeList) ==========
 
PRC - C:\Dokumente und Einstellungen\Ich\Desktop\OTL.exe (OldTimer Tools)
PRC - D:\Programme\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - D:\Programme\ICQ7.0\ICQ.exe (ICQ, LLC.)
PRC - C:\Programme\Microsoft IntelliType Pro\itype.exe (Microsoft Corporation)
PRC - C:\Programme\Microsoft IntelliType Pro\dpupdchk.exe (Microsoft Corporation)
PRC - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Virtualization Handler\CVHSVC.EXE (Microsoft Corporation)
PRC - C:\Programme\Microsoft Application Virtualization Client\sftvsa.exe (Microsoft Corporation)
PRC - C:\Programme\Microsoft Application Virtualization Client\sftlist.exe (Microsoft Corporation)
PRC - C:\WINDOWS\Explorer.EXE (Microsoft Corporation)
PRC - C:\Programme\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
PRC - C:\WINDOWS\system32\UAService7.exe (Sony DADC Austria AG.)
PRC - D:\Programme\T-Online\T-Online_Software_6\Basis-Software\Basis1\ToADiMon.exe (T-Online International AG, Marmiko IT-Solutions GmbH)
PRC - C:\Programme\TuneUp WinStyler\WinStylerThemeSvc.exe (TuneUp Software GmbH)
 
 
========== Modules (SafeList) ==========
 
MOD - C:\Dokumente und Einstellungen\Ich\Desktop\OTL.exe (OldTimer Tools)
MOD - C:\WINDOWS\system32\msscript.ocx (Microsoft Corporation)
MOD - C:\Programme\TuneUp WinStyler\WinStylerThemeHelper.dll ()
 
 
========== Win32 Services (SafeList) ==========
 
SRV - (AppMgmt) -- C:\WINDOWS\System32\appmgmts.dll File not found
SRV - (ServiceLayer) -- C:\Programme\PC Connectivity Solution\ServiceLayer.exe (Nokia)
SRV - (cvhsvc) -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\Virtualization Handler\CVHSVC.EXE (Microsoft Corporation)
SRV - (osppsvc) -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE (Microsoft Corporation)
SRV - (ose) -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE (Microsoft Corporation)
SRV - (sftvsa) -- C:\Programme\Microsoft Application Virtualization Client\sftvsa.exe (Microsoft Corporation)
SRV - (sftlist) -- C:\Programme\Microsoft Application Virtualization Client\sftlist.exe (Microsoft Corporation)
SRV - (UserAccess7) SecuROM User Access Service (V7) -- C:\WINDOWS\system32\UAService7.exe (Sony DADC Austria AG.)
SRV - (IDriverT) -- C:\Programme\Gemeinsame Dateien\InstallShield\Driver\11\Intel 32\IDriverT.exe (Macrovision Corporation)
SRV - (TUWinStylerThemeSvc) -- C:\Programme\TuneUp WinStyler\WinStylerThemeSvc.exe (TuneUp Software GmbH)
 
 
========== Driver Services (SafeList) ==========
 
DRV - (USBAAPL) -- C:\WINDOWS\System32\Drivers\usbaapl.sys File not found
DRV - (upperdev) -- C:\WINDOWS\System32\DRIVERS\usbser_lowerflt.sys File not found
DRV - (SANDRA) -- D:\Programme\SiSoftware\SiSoftware Sandra Lite 2009.SP3c\WNt500x86\Sandra.sys File not found
DRV - (Point32) -- C:\WINDOWS\System32\DRIVERS\point32.sys File not found
DRV - (ovt530) -- C:\WINDOWS\System32\Drivers\ov530vid.sys File not found
DRV - (MTOnlPktAlyX) -- D:\PROGRA~1\T-Online\T-ONLI~1\BASIS-~1\Basis1\MTOnlPktAlyX.SYS File not found
DRV - (int15.sys) -- C:\Programme\Acer\eRecovery\int15.sys File not found
DRV - (DMSKSSRh) -- C:\DOKUME~1\Ich\LOKALE~1\Temp\DMSKSSRh.sys File not found
DRV - (catchme) -- C:\cofi\catchme.sys File not found
DRV - (NuidFltr) -- C:\WINDOWS\system32\drivers\nuidfltr.sys (Microsoft Corporation)
DRV - (nmwcd) -- C:\WINDOWS\system32\drivers\ccdcmb.sys (Nokia)
DRV - (Sftredir) -- C:\WINDOWS\system32\drivers\Sftredirxp.sys (Microsoft Corporation)
DRV - (sftvol) -- C:\Programme\Microsoft Application Virtualization Client\drivers\SftVolXP.sys (Microsoft Corporation)
DRV - (sftplay) -- C:\Programme\Microsoft Application Virtualization Client\drivers\sftplayxp.sys (Microsoft Corporation)
DRV - (sftfs) -- C:\Programme\Microsoft Application Virtualization Client\drivers\SftFSXP.sys (Microsoft Corporation)
DRV - (sptd) -- C:\WINDOWS\system32\drivers\sptd.sys (Duplex Secure Ltd.)
DRV - (ati2mtag) -- C:\WINDOWS\system32\drivers\ati2mtag.sys (ATI Technologies Inc.)
DRV - (AtiHdmiService) -- C:\WINDOWS\system32\drivers\AtiHdmi.sys (ATI Research Inc.)
DRV - (pccsmcfd) -- C:\WINDOWS\system32\drivers\pccsmcfd.sys (Nokia)
DRV - (nm) -- C:\WINDOWS\system32\drivers\nmnt.sys (Microsoft Corporation)
DRV - (MPE) -- C:\WINDOWS\system32\drivers\mpe.sys (Microsoft Corporation)
DRV - (usbaudio) USB-Audiotreiber (WDM) -- C:\WINDOWS\system32\drivers\USBAUDIO.sys (Microsoft Corporation)
DRV - (HDAudBus) -- C:\WINDOWS\system32\drivers\Hdaudbus.sys (Windows (R) Server 2003 DDK provider)
DRV - (amdide) -- C:\WINDOWS\system32\DRIVERS\amdide.sys (Advanced Micro Devices)
DRV - (AmdK8) -- C:\WINDOWS\system32\drivers\AmdK8.sys (Advanced Micro Devices)
DRV - (MIINPazX) -- C:\Programme\Gemeinsame Dateien\Marmiko Shared\MInfraIS\MIINPazx.sys (T-Online International AG, Marmiko IT-Solutions GmbH)
DRV - (AVerA700) -- C:\WINDOWS\system32\drivers\AVerBDA3x.sys (AVerMedia TECHNOLOGIES, Inc.)
DRV - (sfvfs02) StarForce Protection VFS Driver (version 2.x) -- C:\WINDOWS\System32\drivers\sfvfs02.sys (Protection Technology)
DRV - (NTIDrvr) -- C:\WINDOWS\system32\drivers\NTIDrvr.sys (NewTech Infosystems, Inc.)
DRV - (yukonwxp) -- C:\WINDOWS\system32\drivers\yk51x86.sys (Marvell)
DRV - (IntcAzAudAddService) Service for Realtek HD Audio (WDM) -- C:\WINDOWS\system32\drivers\RtkHDAud.sys (Realtek Semiconductor Corp.)
DRV - (ALCXWDM) Service for Realtek AC97 Audio (WDM) -- C:\WINDOWS\system32\drivers\ALCXWDM.SYS (Realtek Semiconductor Corp.)
DRV - (SI3112r) -- C:\WINDOWS\system32\DRIVERS\SI3112r.sys (Silicon Image, Inc.)
DRV - (SiFilter) -- C:\WINDOWS\system32\DRIVERS\SiWinAcc.sys (Silicon Image, Inc.)
DRV - (RTL8023xp) -- C:\WINDOWS\system32\drivers\Rtlnicxp.sys (Realtek Semiconductor Corporation                          )
DRV - (Afc) -- C:\WINDOWS\system32\drivers\afc.sys (Arcsoft, Inc.)
DRV - (HdAudAddService) -- C:\WINDOWS\system32\drivers\Hdaudio.sys (Windows (R) Server 2003 DDK provider)
DRV - (UBHelper) -- C:\WINDOWS\System32\drivers\UBHelper.sys ()
DRV - (rtl8139) NT-Treiber für Realtek RTL8139(A/B/C) -- C:\WINDOWS\system32\drivers\RTL8139.sys (Realtek Semiconductor Corporation)
DRV - (SaiH0464) -- C:\WINDOWS\system32\drivers\SaiH0464.sys (Saitek)
DRV - (SaiNtBus) -- C:\WINDOWS\system32\drivers\SaiNtBus.sys (Saitek)
DRV - (SaiMini) -- C:\WINDOWS\system32\drivers\SaiMini.sys (Saitek)
DRV - (pfc) -- C:\WINDOWS\system32\drivers\pfc.sys (Padus, Inc.)
DRV - (viaagp1) -- C:\WINDOWS\system32\DRIVERS\viaagp1.sys (VIA Technologies, Inc.)
DRV - (BrPar) -- C:\WINDOWS\System32\drivers\BrPar.sys (Brother Industries Ltd.)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = hxxp://www.google.com/ie
IE - HKLM\..\URLSearchHook:  - Reg Error: Key error. File not found
IE - HKLM\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - Reg Error: Key error. File not found
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP =
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..browser.startup.homepage: "schueler.cc|travian.at|youtube.com"
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.2.2
FF - prefs.js..extensions.enabledItems: {D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}:0.9.7.1
FF - prefs.js..extensions.enabledItems: {A27F3FEF-1113-4cfb-A032-8E12D7D8EE70}:7.3.3.42
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: {35106bca-6c78-48c7-ac28-56df30b51d2a}:1.3.8
 
FF - HKLM\software\mozilla\Firefox\Extensions\\{A27F3FEF-1113-4cfb-A032-8E12D7D8EE70}: C:\Programme\Nokia\Nokia Ovi Suite\Connectors\Bookmarks Connector\FirefoxExtension\ [2010.09.01 03:44:34 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.12\extensions\\Components: D:\Programme\Mozilla Firefox\components [2010.09.08 18:34:04 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.12\extensions\\Plugins: D:\Programme\Mozilla Firefox\plugins [2010.09.08 18:34:04 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Thunderbird\Extensions\\{CCB7D94B-CA92-4E3F-B79D-ADE0F07ADC74}: C:\Programme\Nokia\Nokia Ovi Suite\Connectors\Thunderbird Connector\ThunderbirdExtension\ [2010.09.01 03:44:32 | 000,000,000 | ---D | M]
 
[2010.04.13 14:06:06 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Ich\Anwendungsdaten\Mozilla\Extensions
[2010.09.08 18:35:44 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\Ich\Anwendungsdaten\Mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}
[2010.04.13 14:06:06 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Ich\Anwendungsdaten\Mozilla\Firefox\Profiles\7wx31l7l.default\extensions
[2010.04.13 14:35:58 | 000,000,000 | ---D | M] (Linkification) -- C:\Dokumente und Einstellungen\Ich\Anwendungsdaten\Mozilla\Firefox\Profiles\7wx31l7l.default\extensions\{35106bca-6c78-48c7-ac28-56df30b51d2a}
[2010.09.06 16:07:58 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\Ich\Anwendungsdaten\Mozilla\Firefox\Profiles\7wx31l7l.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
[2010.08.19 23:50:02 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Dokumente und Einstellungen\Ich\Anwendungsdaten\Mozilla\Firefox\Profiles\7wx31l7l.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2010.09.01 04:39:28 | 000,000,000 | ---D | M] (Download Statusbar) -- C:\Dokumente und Einstellungen\Ich\Anwendungsdaten\Mozilla\Firefox\Profiles\7wx31l7l.default\extensions\{D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}
[2010.04.18 14:08:46 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Ich\Anwendungsdaten\Mozilla\Firefox\Profiles\7wx31l7l.default\extensions\youtube2mp3@mondayx.de
[2010.09.08 16:16:36 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Ich\Anwendungsdaten\Mozilla\Firefox\Profiles\9ochijs3.001\extensions
[2010.01.14 23:08:20 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Ich\Anwendungsdaten\Mozilla\Firefox\Profiles\cg7plwxo.default\extensions
[2010.04.11 18:03:30 | 000,000,000 | ---D | M] (Linkification) -- C:\Dokumente und Einstellungen\Ich\Anwendungsdaten\Mozilla\Firefox\Profiles\cg7plwxo.default\extensions\{35106bca-6c78-48c7-ac28-56df30b51d2a}
[2010.09.06 16:07:58 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\Ich\Anwendungsdaten\Mozilla\Firefox\Profiles\cg7plwxo.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
[2010.04.11 15:12:12 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Dokumente und Einstellungen\Ich\Anwendungsdaten\Mozilla\Firefox\Profiles\cg7plwxo.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2010.03.17 14:48:46 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Ich\Anwendungsdaten\Mozilla\Firefox\Profiles\cg7plwxo.default\extensions\Foxdie@tanjihay.com
 
O1 HOSTS File: ([2010.09.07 23:38:22 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1      localhost
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {32099AAC-C132-4136-9E9A-4E364A424E17} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {855F3B16-6D32-4FE6-8A56-BBB695989046} - No CLSID value found.
O4 - HKLM..\Run: [BluetoothAuthenticationAgent] C:\WINDOWS\System32\bthprops.cpl (Microsoft Corporation)
O4 - HKLM..\Run: [High Definition Audio Property Page Shortcut] C:\WINDOWS\System32\HdAShCut.exe (Windows (R) Server 2003 DDK provider)
O4 - HKLM..\Run: [itype] C:\Programme\Microsoft IntelliType Pro\itype.exe (Microsoft Corporation)
O4 - HKLM..\Run: [LaunchApp] C:\WINDOWS\Alaunch.exe (Acer Inc.)
O4 - HKLM..\Run: [MSPY2002] C:\WINDOWS\System32\IME\PINTLGNT\ImScInst.exe ()
O4 - HKLM..\Run: [StartCCC] C:\Programme\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [ToADiMon.exe] D:\Programme\T-Online\T-Online_Software_6\Basis-Software\Basis1\ToADiMon.exe (T-Online International AG, Marmiko IT-Solutions GmbH)
O4 - HKCU..\Run: [swg] C:\Programme\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {CAFEEFAC-0015-0000-0010-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_10-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O18 - Protocol\Handler\cdo {CD00020A-8B95-11D1-82DB-00C04FB1625D} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Web Folders\PKMCDO.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Web Components\10\OWC10.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Gemeinsame Dateien\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll File not found
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\Explorer.EXE (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O24 - Desktop Components:0 (Die derzeitige Homepage) - About:Home
O24 - Desktop WallPaper: C:\Dokumente und Einstellungen\Ich\Lokale Einstellungen\Anwendungsdaten\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Dokumente und Einstellungen\Ich\Lokale Einstellungen\Anwendungsdaten\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2005.10.22 07:38:32 | 000,000,050 | ---- | M] () - C:\AUTOEXEC.BAT -- [ FAT32 ]
O32 - AutoRun File - [2009.11.01 14:36:42 | 000,000,098 | R--- | M] () - E:\autorun.inf -- [ CDFS ]
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
========== Files/Folders - Created Within 30 Days ==========
 
[2010.09.09 20:44:21 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Ich\Eigene Dateien\Oberon Media
[2010.09.09 20:42:40 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Ich\Desktop\backups
[2010.09.09 20:38:00 | 000,388,608 | ---- | C] (Trend Micro Inc.) -- C:\Dokumente und Einstellungen\Ich\Desktop\HiJackThis204.exe
[2010.09.08 19:04:19 | 000,574,976 | ---- | C] (OldTimer Tools) -- C:\Dokumente und Einstellungen\Ich\Desktop\OTL.exe
[2010.09.08 16:34:39 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Desktop\Microsoft IntelliPoint
[2010.09.08 16:32:15 | 000,000,000 | ---D | C] -- C:\Programme\Microsoft IntelliType Pro
[2010.09.08 06:46:17 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Ich\Anwendungsdaten\Skype
[2010.09.08 06:46:12 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Skype
[2010.09.08 01:05:55 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Ich\Anwendungsdaten\InstallShield
[2010.09.08 00:54:39 | 000,000,000 | -HSD | C] -- C:\Recycled
[2010.09.07 23:25:31 | 000,000,000 | RHSD | C] -- C:\cmdcons
[2010.09.07 23:21:19 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
[2010.09.07 23:21:19 | 000,161,792 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
[2010.09.07 23:21:19 | 000,136,704 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
[2010.09.07 23:21:19 | 000,031,232 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2010.09.07 23:20:37 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2010.09.07 23:16:35 | 000,000,000 | ---D | C] -- C:\Qoobox
[2010.09.07 23:04:36 | 000,000,000 | RH-D | C] -- C:\Dokumente und Einstellungen\Ich\Recent
[2010.09.07 21:12:19 | 000,000,000 | ---D | C] -- C:\Programme\trend micro
[2010.09.07 21:11:23 | 000,000,000 | ---D | C] -- C:\rsit
[2010.09.07 18:28:14 | 000,744,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\helpsvc.exe
[2010.09.07 17:06:29 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Adobe
[2010.09.07 16:59:37 | 000,000,000 | ---D | C] -- C:\Programme\Windows Sidebar
[2010.09.07 16:59:36 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Norton
[2010.09.07 16:56:10 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\NortonInstaller
[2010.09.07 16:54:13 | 132,049,776 | ---- | C] (Symantec Corporation) -- C:\Dokumente und Einstellungen\Ich\Desktop\TT_159_SYMTB_TMD.exe
[2010.09.06 23:29:18 | 000,000,000 | ---D | C] -- C:\_OTL
[2010.09.06 22:16:47 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Ich\Anwendungsdaten\Malwarebytes
[2010.09.06 22:16:28 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010.09.06 22:16:22 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Malwarebytes
[2010.09.06 22:16:21 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2010.09.06 22:15:06 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Ich\Desktop\MFTools
[2010.09.06 16:35:22 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Ich\Anwendungsdaten\Mp3tag
[2010.09.06 16:07:54 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Ich\Anwendungsdaten\DVDVideoSoftIEHelpers
[2010.09.06 07:27:27 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Ich\Desktop\Neuer Ordner
[2010.09.01 21:27:52 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Ich\Anwendungsdaten\Nokia Ovi Suite
[2010.09.01 04:05:33 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Ich\Lokale Einstellungen\Anwendungsdaten\NokiaAccount
[2010.09.01 03:50:49 | 000,000,000 | ---D | C] -- C:\WINDOWS\Globalization
[2010.09.01 03:50:22 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\NokiaMusic
[2010.09.01 03:50:06 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Ich\Lokale Einstellungen\Anwendungsdaten\Nokia
[2010.09.01 03:44:21 | 000,018,816 | ---- | C] (Nokia) -- C:\WINDOWS\System32\drivers\pccsmcfd.sys
[2010.09.01 03:44:11 | 000,000,000 | ---D | C] -- C:\Programme\PC Connectivity Solution
[2010.09.01 03:43:22 | 001,461,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wdfcoinstaller01009.dll
[2010.09.01 03:43:22 | 000,662,016 | ---- | C] (Nokia) -- C:\WINDOWS\System32\nmwcdcocls.dll
[2010.09.01 03:43:22 | 000,018,176 | ---- | C] (Nokia) -- C:\WINDOWS\System32\drivers\ccdcmb.sys
[2010.09.01 03:40:39 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\NokiaInstallerCache
[2010.08.21 18:33:32 | 000,000,000 | ---D | C] -- C:\FOUND.069
[2010.08.20 03:55:24 | 000,153,376 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe
[2010.08.20 03:55:24 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe
[2010.08.20 03:55:24 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe
[2010.08.11 04:42:15 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Blizzard Entertainment
[2010.08.11 04:41:24 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Blizzard
[2010.08.11 04:41:01 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Ich\Lokale Einstellungen\Anwendungsdaten\Blizzard Entertainment
[2007.05.31 19:23:56 | 001,673,576 | ---- | C] (Microsoft Corporation) -- C:\Programme\dsetup32.dll
[2007.05.31 19:23:56 | 000,503,144 | ---- | C] (Microsoft Corporation) -- C:\Programme\DXSETUP.exe
[2007.05.31 19:23:56 | 000,077,160 | ---- | C] (Microsoft Corporation) -- C:\Programme\DSETUP.dll
[3 C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\*.tmp files -> C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2010.09.09 20:51:34 | 000,121,808 | ---- | M] () -- C:\WINDOWS\System32\ativvaxx.cap
[2010.09.09 20:50:24 | 000,012,718 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010.09.09 20:50:18 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010.09.09 20:50:12 | 1609,093,120 | -HS- | M] () -- C:\hiberfil.sys
[2010.09.09 20:48:56 | 000,004,661 | ---- | M] () -- C:\WINDOWS\bthservsdp.dat
[2010.09.09 20:48:52 | 015,466,496 | ---- | M] () -- C:\Dokumente und Einstellungen\Ich\ntuser.dat
[2010.09.09 20:48:52 | 000,000,190 | -HS- | M] () -- C:\Dokumente und Einstellungen\Ich\ntuser.ini
[2010.09.09 20:37:54 | 000,388,608 | ---- | M] (Trend Micro Inc.) -- C:\Dokumente und Einstellungen\Ich\Desktop\HiJackThis204.exe
[2010.09.08 19:04:20 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Dokumente und Einstellungen\Ich\Desktop\OTL.exe
[2010.09.08 18:47:46 | 000,274,168 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010.09.08 18:22:10 | 000,071,688 | ---- | M] () -- C:\Dokumente und Einstellungen\Ich\Lokale Einstellungen\Anwendungsdaten\GDIPFONTCACHEV1.DAT
[2010.09.08 16:33:44 | 000,000,280 | ---- | M] () -- C:\WINDOWS\tasks\Microsoft_Hardware_Launch_IType_exe.job
[2010.09.08 16:32:54 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\Msft_Kernel_NuidFltr_01009.Wdf
[2010.09.08 06:46:20 | 000,001,872 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Skype.lnk
[2010.09.08 03:34:32 | 000,001,355 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2010.09.08 03:30:18 | 000,505,776 | ---- | M] () -- C:\WINDOWS\System32\perfh007.dat
[2010.09.08 03:30:18 | 000,481,956 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010.09.08 03:30:18 | 000,088,156 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010.09.08 03:30:16 | 001,151,674 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2010.09.08 03:30:16 | 000,104,852 | ---- | M] () -- C:\WINDOWS\System32\perfc007.dat
[2010.09.08 02:35:12 | 000,002,261 | ---- | M] () -- C:\Dokumente und Einstellungen\Ich\Desktop\Google Chrome.lnk
[2010.09.08 01:11:14 | 000,000,844 | ---- | M] () -- C:\Dokumente und Einstellungen\Ich\Eigene Dateien\Meine freigegebenen Ordner.lnk
[2010.09.08 01:05:16 | 000,000,226 | ---- | M] () -- C:\WINDOWS\Brownie.ini
[2010.09.08 01:05:16 | 000,000,023 | ---- | M] () -- C:\WINDOWS\BRDIAG.INI
[2010.09.08 01:05:16 | 000,000,011 | ---- | M] () -- C:\WINDOWS\BRVIDEO.INI
[2010.09.07 23:40:32 | 000,000,827 | ---- | M] () -- C:\WINDOWS\system.ini
[2010.09.07 23:25:38 | 000,000,339 | RHS- | M] () -- C:\boot.ini
[2010.09.07 22:58:46 | 000,000,562 | ---- | M] () -- C:\Dokumente und Einstellungen\Ich\Desktop\CCleaner.lnk
[2010.09.07 22:55:06 | 003,840,033 | R--- | M] () -- C:\Dokumente und Einstellungen\Ich\Desktop\cofi.exe
[2010.09.07 21:10:56 | 000,339,991 | ---- | M] () -- C:\Dokumente und Einstellungen\Ich\Desktop\RSIT.exe
[2010.09.07 18:02:34 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt10.sqm
[2010.09.07 18:02:34 | 000,000,232 | -H-- | M] () -- C:\sqmdata10.sqm
[2010.09.07 17:48:54 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt09.sqm
[2010.09.07 17:48:54 | 000,000,232 | -H-- | M] () -- C:\sqmdata09.sqm
[2010.09.07 17:35:32 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt08.sqm
[2010.09.07 17:35:32 | 000,000,232 | -H-- | M] () -- C:\sqmdata08.sqm
[2010.09.07 17:22:12 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt07.sqm
[2010.09.07 17:22:12 | 000,000,232 | -H-- | M] () -- C:\sqmdata07.sqm
[2010.09.07 17:13:46 | 000,000,692 | ---- | M] () -- C:\WINDOWS\win.ini
[2010.09.07 17:13:46 | 000,000,222 | ---- | M] () -- C:\Boot.bak
[2010.09.07 17:08:46 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt06.sqm
[2010.09.07 17:08:46 | 000,000,232 | -H-- | M] () -- C:\sqmdata06.sqm
[2010.09.07 17:06:00 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt05.sqm
[2010.09.07 17:06:00 | 000,000,232 | -H-- | M] () -- C:\sqmdata05.sqm
[2010.09.07 17:00:38 | 000,000,232 | -H-- | M] () -- C:\sqmdata04.sqm
[2010.09.07 17:00:36 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt04.sqm
[2010.09.07 16:56:08 | 132,049,776 | ---- | M] (Symantec Corporation) -- C:\Dokumente und Einstellungen\Ich\Desktop\TT_159_SYMTB_TMD.exe
[2010.09.07 16:55:40 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt03.sqm
[2010.09.07 16:55:40 | 000,000,232 | -H-- | M] () -- C:\sqmdata03.sqm
[2010.09.07 16:42:10 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt02.sqm
[2010.09.07 16:42:10 | 000,000,232 | -H-- | M] () -- C:\sqmdata02.sqm
[2010.09.07 16:28:42 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt01.sqm
[2010.09.07 16:28:42 | 000,000,232 | -H-- | M] () -- C:\sqmdata01.sqm
[2010.09.07 16:28:18 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt00.sqm
[2010.09.07 16:28:18 | 000,000,232 | -H-- | M] () -- C:\sqmdata00.sqm
[2010.09.07 08:27:10 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt19.sqm
[2010.09.07 08:27:10 | 000,000,232 | -H-- | M] () -- C:\sqmdata19.sqm
[2010.09.07 08:13:50 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt18.sqm
[2010.09.07 08:13:50 | 000,000,232 | -H-- | M] () -- C:\sqmdata18.sqm
[2010.09.07 08:00:30 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt17.sqm
[2010.09.07 08:00:30 | 000,000,232 | -H-- | M] () -- C:\sqmdata17.sqm
[2010.09.07 07:47:12 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt16.sqm
[2010.09.07 07:47:12 | 000,000,232 | -H-- | M] () -- C:\sqmdata16.sqm
[2010.09.07 07:33:58 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt15.sqm
[2010.09.07 07:33:58 | 000,000,232 | -H-- | M] () -- C:\sqmdata15.sqm
[2010.09.07 07:20:40 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt14.sqm
[2010.09.07 07:20:40 | 000,000,232 | -H-- | M] () -- C:\sqmdata14.sqm
[2010.09.07 07:07:06 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt13.sqm
[2010.09.07 07:07:06 | 000,000,232 | -H-- | M] () -- C:\sqmdata13.sqm
[2010.09.07 07:06:54 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt12.sqm
[2010.09.07 07:06:54 | 000,000,232 | -H-- | M] () -- C:\sqmdata12.sqm
[2010.09.07 02:13:26 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt11.sqm
[2010.09.07 02:13:26 | 000,000,232 | -H-- | M] () -- C:\sqmdata11.sqm
[2010.09.06 22:16:34 | 000,000,556 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2010.09.06 22:15:32 | 000,050,477 | ---- | M] () -- C:\Dokumente und Einstellungen\Ich\Desktop\defogger.exe
[2010.09.06 22:15:28 | 000,284,915 | ---- | M] () -- C:\Dokumente und Einstellungen\Ich\Desktop\Gmer.zip
[2010.09.06 22:14:50 | 000,388,197 | ---- | M] () -- C:\Dokumente und Einstellungen\Ich\Desktop\Load.exe
[2010.09.06 16:34:58 | 000,000,542 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Mp3tag.lnk
[2010.09.06 16:07:44 | 000,000,819 | ---- | M] () -- C:\Dokumente und Einstellungen\Ich\Desktop\DVDVideoSoft Free Studio.lnk
[2010.09.01 04:13:04 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\Msft_User_PCCSWpdDriver_01_09_00.Wdf
[2010.09.01 04:12:58 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\MsftWdf_user_01_09_00.Wdf
[2010.09.01 04:07:14 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\MsftWdf_Kernel_01009_Coinstaller_Critical.Wdf
[2010.09.01 04:07:14 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\Msft_Kernel_ccdcmb_01009.Wdf
[2010.09.01 03:50:42 | 000,001,880 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Nokia Ovi Player.lnk
[2010.09.01 03:49:10 | 000,001,673 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Nokia Ovi Suite.lnk
[2010.08.22 17:30:56 | 000,031,001 | ---- | M] () -- C:\Dokumente und Einstellungen\Ich\Desktop\JAck the Ripper.odt
[3 C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\*.tmp files -> C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2010.09.08 16:33:42 | 000,000,280 | ---- | C] () -- C:\WINDOWS\tasks\Microsoft_Hardware_Launch_IType_exe.job
[2010.09.08 16:32:53 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\Msft_Kernel_NuidFltr_01009.Wdf
[2010.09.08 06:46:19 | 000,001,872 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Skype.lnk
[2010.09.08 03:02:59 | 000,001,355 | ---- | C] () -- C:\WINDOWS\imsins.BAK
[2010.09.08 01:11:13 | 000,000,844 | ---- | C] () -- C:\Dokumente und Einstellungen\Ich\Eigene Dateien\Meine freigegebenen Ordner.lnk
[2010.09.07 23:25:36 | 000,000,222 | ---- | C] () -- C:\Boot.bak
[2010.09.07 23:25:34 | 000,262,448 | RHS- | C] () -- C:\cmldr
[2010.09.07 23:21:19 | 000,256,512 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2010.09.07 23:21:19 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2010.09.07 23:21:19 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2010.09.07 23:21:19 | 000,077,312 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2010.09.07 23:21:19 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2010.09.07 22:58:45 | 000,000,562 | ---- | C] () -- C:\Dokumente und Einstellungen\Ich\Desktop\CCleaner.lnk
[2010.09.07 22:55:05 | 003,840,033 | R--- | C] () -- C:\Dokumente und Einstellungen\Ich\Desktop\cofi.exe
[2010.09.07 21:11:00 | 000,339,991 | ---- | C] () -- C:\Dokumente und Einstellungen\Ich\Desktop\RSIT.exe
[2010.09.06 23:38:51 | 000,000,244 | -H-- | C] () -- C:\sqmnoopt19.sqm
[2010.09.06 23:38:51 | 000,000,232 | -H-- | C] () -- C:\sqmdata19.sqm
[2010.09.06 23:19:51 | 000,000,244 | -H-- | C] () -- C:\sqmnoopt18.sqm
[2010.09.06 23:19:51 | 000,000,232 | -H-- | C] () -- C:\sqmdata18.sqm
[2010.09.06 23:15:54 | 000,000,244 | -H-- | C] () -- C:\sqmnoopt17.sqm
[2010.09.06 23:15:54 | 000,000,232 | -H-- | C] () -- C:\sqmdata17.sqm
[2010.09.06 23:06:38 | 000,000,244 | -H-- | C] () -- C:\sqmnoopt16.sqm
[2010.09.06 23:06:38 | 000,000,232 | -H-- | C] () -- C:\sqmdata16.sqm
[2010.09.06 22:53:08 | 000,000,244 | -H-- | C] () -- C:\sqmnoopt15.sqm
[2010.09.06 22:53:08 | 000,000,232 | -H-- | C] () -- C:\sqmdata15.sqm
[2010.09.06 22:45:34 | 000,000,244 | -H-- | C] () -- C:\sqmnoopt14.sqm
[2010.09.06 22:45:34 | 000,000,232 | -H-- | C] () -- C:\sqmdata14.sqm
[2010.09.06 22:16:32 | 000,000,556 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2010.09.06 22:15:31 | 000,050,477 | ---- | C] () -- C:\Dokumente und Einstellungen\Ich\Desktop\defogger.exe
[2010.09.06 22:15:26 | 000,284,915 | ---- | C] () -- C:\Dokumente und Einstellungen\Ich\Desktop\Gmer.zip
[2010.09.06 22:14:50 | 000,388,197 | ---- | C] () -- C:\Dokumente und Einstellungen\Ich\Desktop\Load.exe
[2010.09.06 22:13:26 | 000,000,244 | -H-- | C] () -- C:\sqmnoopt13.sqm
[2010.09.06 22:13:26 | 000,000,232 | -H-- | C] () -- C:\sqmdata13.sqm
[2010.09.06 21:46:25 | 000,000,244 | -H-- | C] () -- C:\sqmnoopt12.sqm
[2010.09.06 21:46:25 | 000,000,232 | -H-- | C] () -- C:\sqmdata12.sqm
[2010.09.06 21:33:02 | 000,000,244 | -H-- | C] () -- C:\sqmnoopt11.sqm
[2010.09.06 21:33:02 | 000,000,232 | -H-- | C] () -- C:\sqmdata11.sqm
[2010.09.06 21:19:43 | 000,000,244 | -H-- | C] () -- C:\sqmnoopt10.sqm
[2010.09.06 21:19:43 | 000,000,232 | -H-- | C] () -- C:\sqmdata10.sqm
[2010.09.06 21:06:24 | 000,000,244 | -H-- | C] () -- C:\sqmnoopt09.sqm
[2010.09.06 21:06:24 | 000,000,232 | -H-- | C] () -- C:\sqmdata09.sqm
[2010.09.06 20:53:01 | 000,000,244 | -H-- | C] () -- C:\sqmnoopt08.sqm
[2010.09.06 20:53:01 | 000,000,232 | -H-- | C] () -- C:\sqmdata08.sqm
[2010.09.06 20:41:28 | 000,000,244 | -H-- | C] () -- C:\sqmnoopt07.sqm
[2010.09.06 20:41:28 | 000,000,232 | -H-- | C] () -- C:\sqmdata07.sqm
[2010.09.06 20:26:22 | 000,000,244 | -H-- | C] () -- C:\sqmnoopt06.sqm
[2010.09.06 20:26:22 | 000,000,232 | -H-- | C] () -- C:\sqmdata06.sqm
[2010.09.06 20:13:15 | 000,000,244 | -H-- | C] () -- C:\sqmnoopt05.sqm
[2010.09.06 20:13:15 | 000,000,232 | -H-- | C] () -- C:\sqmdata05.sqm
[2010.09.06 19:59:50 | 000,000,244 | -H-- | C] () -- C:\sqmnoopt04.sqm
[2010.09.06 19:59:50 | 000,000,232 | -H-- | C] () -- C:\sqmdata04.sqm
[2010.09.06 19:48:39 | 000,000,244 | -H-- | C] () -- C:\sqmnoopt03.sqm
[2010.09.06 19:48:39 | 000,000,232 | -H-- | C] () -- C:\sqmdata03.sqm
[2010.09.06 16:34:57 | 000,000,542 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Mp3tag.lnk
[2010.09.02 20:30:40 | 000,159,072 | ---- | C] () -- C:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\Anwendungsdaten\FontCache3.0.0.0.dat
[2010.09.01 04:13:03 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\Msft_User_PCCSWpdDriver_01_09_00.Wdf
[2010.09.01 04:12:56 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\MsftWdf_user_01_09_00.Wdf
[2010.09.01 04:07:13 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\Msft_Kernel_ccdcmb_01009.Wdf
[2010.09.01 04:07:12 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\MsftWdf_Kernel_01009_Coinstaller_Critical.Wdf
[2010.09.01 03:50:40 | 000,001,880 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Nokia Ovi Player.lnk
[2010.09.01 03:49:08 | 000,001,673 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Nokia Ovi Suite.lnk
[2010.08.22 16:34:49 | 000,031,001 | ---- | C] () -- C:\Dokumente und Einstellungen\Ich\Desktop\JAck the Ripper.odt
[2009.12.30 14:27:46 | 000,000,000 | ---- | C] () -- C:\WINDOWS\brmx2001.ini
[2009.12.30 14:27:41 | 000,000,114 | ---- | C] () -- C:\WINDOWS\System32\brlmw03a.ini
[2009.11.05 21:09:57 | 000,000,064 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\sandra.ldb
[2009.06.15 11:30:37 | 000,002,876 | ---- | C] () -- C:\WINDOWS\ATICIM.INI
[2008.12.26 21:27:55 | 000,383,238 | ---- | C] () -- C:\WINDOWS\System32\libmp3lame-0.dll
[2008.06.30 19:50:08 | 000,000,012 | ---- | C] () -- C:\WINDOWS\dirsaver.ini
[2008.01.13 16:48:55 | 000,000,110 | ---- | C] () -- C:\WINDOWS\AVerText.ini
[2007.12.24 17:27:41 | 000,363,520 | ---- | C] () -- C:\WINDOWS\System32\PsisDecd.dll
[2007.12.24 17:27:41 | 000,363,520 | ---- | C] () -- C:\WINDOWS\System32\PsisDecd(2).dll
[2007.12.24 17:27:35 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\34CoInstaller.dll
[2007.08.01 17:29:04 | 000,000,025 | ---- | C] () -- C:\WINDOWS\cdplayer.ini
[2007.05.31 19:43:44 | 000,703,258 | ---- | C] () -- C:\Programme\JUN2007_d3dx10_34_x64.cab
[2007.05.31 19:43:42 | 001,611,772 | ---- | C] () -- C:\Programme\JUN2007_d3dx9_34_x64.cab
[2007.05.31 19:43:42 | 000,701,218 | ---- | C] () -- C:\Programme\JUN2007_d3dx10_34_x86.cab
[2007.05.31 19:43:40 | 001,610,203 | ---- | C] () -- C:\Programme\JUN2007_d3dx9_34_x86.cab
[2007.05.31 19:43:40 | 000,200,646 | ---- | C] () -- C:\Programme\JUN2007_XACT_x64.cab
[2007.05.31 19:43:40 | 000,155,892 | ---- | C] () -- C:\Programme\JUN2007_XACT_x86.cab
[2007.05.31 19:43:38 | 000,044,687 | ---- | C] () -- C:\Programme\dxdllreg_x86.cab
[2007.05.31 19:23:58 | 000,086,401 | ---- | C] () -- C:\Programme\dxupdate.cab
[2007.05.31 19:23:56 | 001,413,862 | ---- | C] () -- C:\Programme\OCT2006_d3dx9_31_x64.cab
[2007.05.31 19:23:56 | 001,336,890 | ---- | C] () -- C:\Programme\Jun2005_d3dx9_26_x64.cab
[2007.05.31 19:23:56 | 001,128,177 | ---- | C] () -- C:\Programme\OCT2006_d3dx9_31_x86.cab
[2007.05.31 19:23:56 | 001,065,813 | ---- | C] () -- C:\Programme\Jun2005_d3dx9_26_x86.cab
[2007.05.31 19:23:56 | 000,183,321 | ---- | C] () -- C:\Programme\OCT2006_XACT_x64.cab
[2007.05.31 19:23:56 | 000,181,745 | ---- | C] () -- C:\Programme\JUN2006_XACT_x64.cab
[2007.05.31 19:23:56 | 000,138,977 | ---- | C] () -- C:\Programme\OCT2006_XACT_x86.cab
[2007.05.31 19:23:56 | 000,134,631 | ---- | C] () -- C:\Programme\JUN2006_XACT_x86.cab
[2007.05.31 19:23:56 | 000,086,925 | ---- | C] () -- C:\Programme\Oct2005_xinput_x64.cab
[2007.05.31 19:23:56 | 000,046,247 | ---- | C] () -- C:\Programme\Oct2005_xinput_x86.cab
[2007.05.31 19:23:54 | 001,610,958 | ---- | C] () -- C:\Programme\APR2007_d3dx9_33_x64.cab
[2007.05.31 19:23:54 | 001,609,639 | ---- | C] () -- C:\Programme\APR2007_d3dx9_33_x86.cab
[2007.05.31 19:23:54 | 001,575,336 | ---- | C] () -- C:\Programme\DEC2006_d3dx9_32_x86.cab
[2007.05.31 19:23:54 | 001,572,114 | ---- | C] () -- C:\Programme\DEC2006_d3dx9_32_x64.cab
[2007.05.31 19:23:54 | 001,363,684 | ---- | C] () -- C:\Programme\Feb2006_d3dx9_29_x64.cab
[2007.05.31 19:23:54 | 001,358,864 | ---- | C] () -- C:\Programme\Dec2005_d3dx9_28_x64.cab
[2007.05.31 19:23:54 | 001,351,430 | ---- | C] () -- C:\Programme\Aug2005_d3dx9_27_x64.cab
[2007.05.31 19:23:54 | 001,248,387 | ---- | C] () -- C:\Programme\Feb2005_d3dx9_24_x64.cab
[2007.05.31 19:23:54 | 001,085,608 | ---- | C] () -- C:\Programme\Feb2006_d3dx9_29_x86.cab
[2007.05.31 19:23:54 | 001,080,344 | ---- | C] () -- C:\Programme\Dec2005_d3dx9_28_x86.cab
[2007.05.31 19:23:54 | 001,078,532 | ---- | C] () -- C:\Programme\Aug2005_d3dx9_27_x86.cab
[2007.05.31 19:23:54 | 001,014,113 | ---- | C] () -- C:\Programme\Feb2005_d3dx9_24_x86.cab
[2007.05.31 19:23:54 | 000,699,465 | ---- | C] () -- C:\Programme\APR2007_d3dx10_33_x86.cab
[2007.05.31 19:23:54 | 000,213,767 | ---- | C] () -- C:\Programme\DEC2006_d3dx10_00_x64.cab
[2007.05.31 19:23:54 | 000,199,366 | ---- | C] () -- C:\Programme\APR2007_XACT_x64.cab
[2007.05.31 19:23:54 | 000,198,275 | ---- | C] () -- C:\Programme\FEB2007_XACT_x64.cab
[2007.05.31 19:23:54 | 000,193,435 | ---- | C] () -- C:\Programme\DEC2006_XACT_x64.cab
[2007.05.31 19:23:54 | 000,192,680 | ---- | C] () -- C:\Programme\DEC2006_d3dx10_00_x86.cab
[2007.05.31 19:23:54 | 000,183,863 | ---- | C] () -- C:\Programme\AUG2006_XACT_x64.cab
[2007.05.31 19:23:54 | 000,179,247 | ---- | C] () -- C:\Programme\Feb2006_XACT_x64.cab
[2007.05.31 19:23:54 | 000,154,825 | ---- | C] () -- C:\Programme\APR2007_XACT_x86.cab
[2007.05.31 19:23:54 | 000,151,583 | ---- | C] () -- C:\Programme\FEB2007_XACT_x86.cab
[2007.05.31 19:23:54 | 000,146,559 | ---- | C] () -- C:\Programme\DEC2006_XACT_x86.cab
[2007.05.31 19:23:54 | 000,138,195 | ---- | C] () -- C:\Programme\AUG2006_XACT_x86.cab
[2007.05.31 19:23:54 | 000,133,297 | ---- | C] () -- C:\Programme\Feb2006_XACT_x86.cab
[2007.05.31 19:23:54 | 000,100,417 | ---- | C] () -- C:\Programme\APR2007_xinput_x64.cab
[2007.05.31 19:23:54 | 000,088,102 | ---- | C] () -- C:\Programme\AUG2006_xinput_x64.cab
[2007.05.31 19:23:54 | 000,056,902 | ---- | C] () -- C:\Programme\APR2007_xinput_x86.cab
[2007.05.31 19:23:54 | 000,047,018 | ---- | C] () -- C:\Programme\AUG2006_xinput_x86.cab
[2007.05.31 19:23:52 | 013,265,040 | ---- | C] () -- C:\Programme\dxnt.cab
[2007.05.31 19:23:52 | 004,163,518 | ---- | C] () -- C:\Programme\Apr2006_MDX1_x86_Archive.cab
[2007.05.31 19:23:52 | 001,398,718 | ---- | C] () -- C:\Programme\Apr2006_d3dx9_30_x64.cab
[2007.05.31 19:23:52 | 001,348,242 | ---- | C] () -- C:\Programme\Apr2005_d3dx9_25_x64.cab
[2007.05.31 19:23:52 | 001,156,363 | ---- | C] () -- C:\Programme\BDANT.cab
[2007.05.31 19:23:52 | 001,116,109 | ---- | C] () -- C:\Programme\Apr2006_d3dx9_30_x86.cab
[2007.05.31 19:23:52 | 001,079,850 | ---- | C] () -- C:\Programme\Apr2005_d3dx9_25_x86.cab
[2007.05.31 19:23:52 | 000,976,020 | ---- | C] () -- C:\Programme\BDAXP.cab
[2007.05.31 19:23:52 | 000,917,318 | ---- | C] () -- C:\Programme\Apr2006_MDX1_x86.cab
[2007.05.31 19:23:52 | 000,702,212 | ---- | C] () -- C:\Programme\APR2007_d3dx10_33_x64.cab
[2007.05.31 19:23:52 | 000,180,021 | ---- | C] () -- C:\Programme\Apr2006_XACT_x64.cab
[2007.05.31 19:23:52 | 000,133,991 | ---- | C] () -- C:\Programme\Apr2006_XACT_x86.cab
[2007.05.31 19:23:52 | 000,087,989 | ---- | C] () -- C:\Programme\Apr2006_xinput_x64.cab
[2007.05.31 19:23:52 | 000,046,898 | ---- | C] () -- C:\Programme\Apr2006_xinput_x86.cab
[2007.03.04 21:35:48 | 000,000,084 | ---- | C] () -- C:\WINDOWS\StyleBuilder.INI
[2007.02.03 23:04:37 | 000,000,214 | -H-- | C] () -- C:\Dokumente und Einstellungen\Ich\Anwendungsdaten\xpy.ini
[2007.02.02 15:48:37 | 000,003,972 | ---- | C] () -- C:\WINDOWS\System32\drivers\PciBus.sys
[2007.01.29 16:48:00 | 000,229,888 | ---- | C] () -- C:\Dokumente und Einstellungen\Ich\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2007.01.26 16:50:31 | 000,025,054 | ---- | C] () -- C:\Dokumente und Einstellungen\Ich\Anwendungsdaten\wklnhst.dat
[2007.01.26 16:46:15 | 000,000,136 | ---- | C] () -- C:\Dokumente und Einstellungen\Ich\Lokale Einstellungen\Anwendungsdaten\fusioncache.dat
[2006.12.24 18:19:50 | 000,299,008 | ---- | C] () -- C:\WINDOWS\System32\LAME_MP3.dll
[2006.12.24 18:18:44 | 000,921,600 | ---- | C] () -- C:\WINDOWS\System32\vorbisenc.dll
[2006.12.24 18:18:44 | 000,237,568 | ---- | C] () -- C:\WINDOWS\System32\OggDS.dll
[2006.12.24 18:18:44 | 000,188,416 | ---- | C] () -- C:\WINDOWS\System32\vorbis.dll
[2006.12.24 18:18:44 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\ogg.dll
[2006.08.29 16:59:33 | 000,000,226 | ---- | C] () -- C:\WINDOWS\Brownie.ini
[2006.08.29 16:59:33 | 000,000,023 | ---- | C] () -- C:\WINDOWS\BRDIAG.INI
[2006.08.29 16:59:33 | 000,000,011 | ---- | C] () -- C:\WINDOWS\BRVIDEO.INI
[2006.08.29 16:59:06 | 000,000,432 | ---- | C] () -- C:\WINDOWS\BRWMARK.INI
[2006.08.24 15:50:28 | 000,069,632 | R--- | C] () -- C:\WINDOWS\System32\xmltok.dll
[2006.08.24 15:50:28 | 000,036,864 | R--- | C] () -- C:\WINDOWS\System32\xmlparse.dll
[2006.08.19 12:45:25 | 000,000,305 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\addr_file.html
[2006.08.15 21:24:23 | 000,002,927 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\QTSBandwidthCache
[2006.08.11 19:57:47 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2006.08.08 18:34:56 | 000,294,912 | ---- | C] () -- C:\WINDOWS\System32\mbr_sqlite.dll
[2006.08.04 23:58:35 | 000,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2006.07.29 16:52:06 | 000,000,122 | ---- | C] () -- C:\WINDOWS\SecurityandPrivacy2.ini
[2006.07.26 16:39:14 | 000,000,000 | ---- | C] () -- C:\WINDOWS\MSDraw.ini
[2006.05.17 21:31:20 | 000,000,025 | ---- | C] () -- C:\WINDOWS\CDEC64Euro.ini
[2006.04.13 14:38:33 | 000,147,456 | ---- | C] () -- C:\WINDOWS\System32\SAICFG.dll
[2006.02.14 17:03:55 | 000,000,169 | ---- | C] () -- C:\WINDOWS\RtlRack.ini
[2006.02.12 14:27:40 | 000,000,053 | ---- | C] () -- C:\WINDOWS\Fahrenheit_Screen.ini
[2005.12.27 10:10:49 | 000,000,400 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2005.12.27 08:05:05 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\eRLog.ini
[2005.10.28 19:32:17 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2005.10.22 07:38:52 | 000,001,024 | RH-- | C] () -- C:\WINDOWS\System32\NTIBUN4.dll
[2005.10.22 07:38:03 | 000,001,024 | RH-- | C] () -- C:\WINDOWS\System32\NTIMPEG2.dll
[2005.10.22 07:38:03 | 000,001,024 | RH-- | C] () -- C:\WINDOWS\System32\NTIMP3.dll
[2005.10.22 07:38:03 | 000,001,024 | RH-- | C] () -- C:\WINDOWS\System32\NTIFCD3.dll
[2005.10.22 07:38:03 | 000,001,024 | RH-- | C] () -- C:\WINDOWS\System32\NTICDMK7.dll
[2005.10.22 07:34:05 | 000,000,164 | ---- | C] () -- C:\WINDOWS\avrack.ini
[2005.10.22 07:34:02 | 000,156,672 | ---- | C] () -- C:\WINDOWS\System32\RtlCPAPI.dll
[2005.10.22 07:29:22 | 000,008,073 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini
[2005.10.22 07:23:00 | 000,003,776 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini
[2005.10.22 07:13:21 | 000,014,336 | ---- | C] () -- C:\WINDOWS\System32\msdmo(2).dll
[2005.04.28 05:22:34 | 000,831,488 | ---- | C] () -- C:\WINDOWS\System32\libeay32.dll
[2005.04.28 05:22:34 | 000,159,744 | ---- | C] () -- C:\WINDOWS\System32\ssleay32.dll
[2004.12.20 11:08:28 | 000,155,648 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2004.12.20 11:03:26 | 000,765,952 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2004.12.17 17:14:44 | 000,013,952 | ---- | C] () -- C:\WINDOWS\System32\drivers\UBHelper.sys
[2001.12.26 16:12:30 | 000,065,536 | R--- | C] () -- C:\WINDOWS\System32\multiplex_vcd.dll
[2001.09.03 23:46:38 | 000,110,592 | R--- | C] () -- C:\WINDOWS\System32\Hmpg12.dll
[2001.07.30 16:33:56 | 000,118,784 | R--- | C] () -- C:\WINDOWS\System32\HMPV2_ENC.dll
[2001.07.23 22:04:36 | 000,118,784 | R--- | C] () -- C:\WINDOWS\System32\HMPV2_ENC_MMX.dll
[1997.06.14 12:56:08 | 000,056,832 | ---- | C] () -- C:\WINDOWS\System32\iyvu9_32.dll
[1980.01.01 00:00:00 | 000,000,083 | ---- | C] () -- C:\WINDOWS\ALaunch.ini
 
========== LOP Check ==========
 
[2006.02.14 17:02:44 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\eConsole
[2006.06.15 18:10:48 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TuneUp Software
[2006.07.31 14:33:36 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\T-Online
[2006.07.31 14:36:18 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\T-Online DSL-Manager
[2008.04.17 14:58:14 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Software4u
[2008.08.12 13:45:44 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Installations
[2008.08.12 13:49:36 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\PC Suite
[2009.01.11 02:56:34 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Nokia
[2009.07.28 15:06:02 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Azureus
[2009.12.24 19:54:56 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\{755AC846-7372-4AC8-8550-C52491DAA8BD}
[2010.02.22 21:03:10 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\ICQ
[2010.03.17 00:58:04 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\VirtualizedApplications
[2010.05.25 21:05:54 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\PMB Files
[2010.09.01 03:40:40 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\NokiaInstallerCache
[2010.09.01 03:50:24 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\NokiaMusic
[2007.01.26 16:46:44 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Ich\Anwendungsdaten\ICQLite
[2007.01.26 16:50:40 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Ich\Anwendungsdaten\Template
[2007.01.26 16:51:08 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Ich\Anwendungsdaten\MSNInstaller
[2007.02.02 16:02:26 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Ich\Anwendungsdaten\ICQ Toolbar
[2007.02.06 21:38:54 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Ich\Anwendungsdaten\T-Online
[2007.02.13 15:41:28 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Ich\Anwendungsdaten\Petroglyph
[2007.05.01 16:30:54 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Ich\Anwendungsdaten\Thunderbird
[2007.10.03 20:10:00 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Ich\Anwendungsdaten\LimeWire
[2008.03.20 20:42:20 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Ich\Anwendungsdaten\FileZilla
[2008.04.17 14:58:10 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Ich\Anwendungsdaten\Software4u
[2008.08.12 13:48:06 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Ich\Anwendungsdaten\PC Suite
[2008.08.12 13:48:40 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Ich\Anwendungsdaten\Nokia
[2008.11.18 16:03:00 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Ich\Anwendungsdaten\SendSpace Wizard
[2009.03.25 14:57:58 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Ich\Anwendungsdaten\TeamViewer
[2009.06.15 22:23:48 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Ich\Anwendungsdaten\DAEMON Tools
[2009.06.17 20:29:12 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Ich\Anwendungsdaten\NewsLeecher
[2009.07.28 14:59:46 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Ich\Anwendungsdaten\Azureus
[2009.09.27 14:50:24 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Ich\Anwendungsdaten\Radmin
[2009.10.14 20:13:04 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Ich\Anwendungsdaten\TweakNow RegCleaner
[2009.10.14 20:22:22 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Ich\Anwendungsdaten\ICQ(2)
[2009.10.17 21:49:36 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Ich\Anwendungsdaten\ICQ(3)
[2009.10.17 23:01:30 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Ich\Anwendungsdaten\ICQ
[2010.03.16 22:44:08 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Ich\Anwendungsdaten\TP
[2010.03.16 22:47:10 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Ich\Anwendungsdaten\SoftGrid Client
[2010.03.16 22:47:44 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Ich\Anwendungsdaten\NVD
[2010.05.25 15:25:56 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Ich\Anwendungsdaten\LolClient
[2010.09.01 21:27:54 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Ich\Anwendungsdaten\Nokia Ovi Suite
[2010.09.06 16:07:56 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Ich\Anwendungsdaten\DVDVideoSoftIEHelpers
[2010.09.06 16:35:24 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Ich\Anwendungsdaten\Mp3tag
 
========== Purity Check ==========
 
 
< End of report >
--- --- ---


OTL Logfile:
Code:
OTL Extras logfile created on: 09.09.2010 21:06:46 - Run 4
OTL by OldTimer - Version 3.2.11.0    Folder = C:\Dokumente und Einstellungen\Ich\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.11)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
1,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 61,00% Memory free
2,00 Gb Paging File | 2,00 Gb Available in Paging File | 81,00% Paging File free
Paging file location(s): C:\pagefile.sys 1024 1024 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 72,65 Gb Total Space | 19,05 Gb Free Space | 26,22% Space Free | Partition Type: FAT32
Drive D: | 73,45 Gb Total Space | 50,81 Gb Free Space | 69,17% Space Free | Partition Type: NTFS
Drive E: | 455,16 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
 
Computer Name: FINN
Current User Name: Ich
Logged in as Administrator.
 
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html [@ = Reg Error: Value error.] -- Reg Error: Key error. File not found
 
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- D:\Programme\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
========== Shell Spawning ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
htmlfile [edit] -- "C:\Programme\Microsoft Office\Office10\msohtmed.exe" %1 (Microsoft Corporation)
https [open] -- "D:\Programme\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusOverride" = 0
"FirewallOverride" = 0
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002
"58096:TCP" = 58096:TCP:*:Enabled:Pando Media Booster
"58096:UDP" = 58096:UDP:*:Enabled:Pando Media Booster
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002
"3724:TCP" = 3724:TCP:*:Enabled:Blizzard Downloader: 3724
"8394:TCP" = 8394:TCP:*:Enabled:League of Legends Launcher
"8394:UDP" = 8394:UDP:*:Enabled:League of Legends Launcher
"58096:TCP" = 58096:TCP:*:Enabled:Pando Media Booster
"58096:UDP" = 58096:UDP:*:Enabled:Pando Media Booster
"6965:TCP" = 6965:TCP:*:Enabled:League of Legends Launcher
"6965:UDP" = 6965:UDP:*:Enabled:League of Legends Launcher
 
========== Authorized Applications List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"D:\Programme\ICQ7.0\ICQ.exe" = D:\Programme\ICQ7.0\ICQ.exe:*:Enabled:ICQ7 -- (ICQ, LLC.)
"D:\Programme\ICQ7.0\aolload.exe" = D:\Programme\ICQ7.0\aolload.exe:*:Enabled:aolload.exe -- (AOL LLC)
"C:\Programme\Pando Networks\Media Booster\PMB.exe" = C:\Programme\Pando Networks\Media Booster\PMB.exe:*:Enabled:Pando Media Booster -- ()
"C:\Programme\MSN Messenger\msnmsgr.exe" = C:\Programme\MSN Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1 -- File not found
"C:\Programme\MSN Messenger\livecall.exe" = C:\Programme\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone) -- File not found
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"D:\Programme\LucasArts\Star Wars Battlefront II\GameData\BattlefrontII.exe" = D:\Programme\LucasArts\Star Wars Battlefront II\GameData\BattlefrontII.exe:*:Enabled:BattlefrontII -- ()
"C:\WINDOWS\System32\dplaysvr.exe" = C:\WINDOWS\System32\dplaysvr.exe:*:Disabled:Microsoft DirectPlay Helper -- (Microsoft Corporation)
"D:\Programme\T-Online\T-Online_Software_6\Browser\browser.exe" = D:\Programme\T-Online\T-Online_Software_6\Browser\browser.exe:*:Disabled:T-Online Browser 6.0 -- (T-Online International AG)
"C:\Programme\TeamViewer\Version4\TeamViewer.exe" = C:\Programme\TeamViewer\Version4\TeamViewer.exe:*:Enabled:TeamViewer Remote Control Application -- (TeamViewer GmbH)
"C:\Programme\Nokia\Nokia Software Updater\nsu_ui_client.exe" = C:\Programme\Nokia\Nokia Software Updater\nsu_ui_client.exe:*:Enabled:Nokia Software Updater -- (Nokia Corporation)
"C:\Programme\Java\jre6\bin\java.exe" = C:\Programme\Java\jre6\bin\java.exe:*:Enabled:Java(TM) Platform SE binary -- (Sun Microsystems, Inc.)
"D:\Programme\Counter-Strike 1.6\hl.exe" = D:\Programme\Counter-Strike 1.6\hl.exe:*:Enabled:Half-Life Launcher -- File not found
"D:\Programme\Azureus\Azureus.exe" = D:\Programme\Azureus\Azureus.exe:*:Enabled:Azureus -- File not found
"C:\Programme\Microsoft Games\Rise Of Legends\legends.exe" = C:\Programme\Microsoft Games\Rise Of Legends\legends.exe:*:Enabled:Rise Of Legends -- (Big Huge Games, Inc.)
"D:\Programme\ICQ6.5\ICQ.exe" = D:\Programme\ICQ6.5\ICQ.exe:*:Enabled:ICQ6 -- (ICQ, LLC.)
"D:\Programme\SiSoftware\SiSoftware Sandra Lite 2009.SP3c\WNt500x86\RpcSandraSrv.exe" = D:\Programme\SiSoftware\SiSoftware Sandra Lite 2009.SP3c\WNt500x86\RpcSandraSrv.exe:*:Enabled:SiSoftware Sandra Agent Service -- File not found
"C:\Programme\TMbot\TM.EXE" = C:\Programme\TMbot\TM.EXE:*:Enabled:TMbot -- File not found
"D:\Programme\Anno 1701\Anno1701.exe" = D:\Programme\Anno 1701\Anno1701.exe:*:Enabled:Anno 1701 -- File not found
"D:\Programme\ICQ7.0\ICQ.exe" = D:\Programme\ICQ7.0\ICQ.exe:*:Enabled:ICQ7 -- (ICQ, LLC.)
"D:\Programme\ICQ7.0\aolload.exe" = D:\Programme\ICQ7.0\aolload.exe:*:Enabled:aolload.exe -- (AOL LLC)
"D:\Programme\Steam\Steam.exe" = D:\Programme\Steam\Steam.exe:*:Enabled:Steam -- (Valve Corporation)
"C:\Dokumente und Einstellungen\Ich\Desktop\Counter-Strike Source\hl2.exe" = C:\Dokumente und Einstellungen\Ich\Desktop\Counter-Strike Source\hl2.exe:*:Disabled:hl2 -- ()
"D:\Programme\League of Legends\Air\LolClient.exe" = D:\Programme\League of Legends\Air\LolClient.exe:*:Enabled:League of Legends Lobby -- File not found
"D:\Programme\League of Legends\Game\League of Legends.exe" = D:\Programme\League of Legends\Game\League of Legends.exe:*:Enabled:League of Legends Game Client -- File not found
"C:\Programme\Pando Networks\Media Booster\PMB.exe" = C:\Programme\Pando Networks\Media Booster\PMB.exe:*:Enabled:Pando Media Booster -- ()
"D:\Programme\Steam\SteamApps\weithoff007\counter-strike source\hl2.exe" = D:\Programme\Steam\SteamApps\weithoff007\counter-strike source\hl2.exe:*:Enabled:Counter-Strike: Source -- ()
"C:\Programme\MSN Messenger\msnmsgr.exe" = C:\Programme\MSN Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1 -- File not found
"C:\Programme\MSN Messenger\livecall.exe" = C:\Programme\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone) -- File not found
"C:\Dokumente und Einstellungen\Ich\Lokale Einstellungen\Temp\7zS1B3.tmp\SymNRT.exe" = C:\Dokumente und Einstellungen\Ich\Lokale Einstellungen\Temp\7zS1B3.tmp\SymNRT.exe:*:Enabled:Norton Removal Tool -- File not found
"C:\Dokumente und Einstellungen\Ich\Desktop\Warcraft3\Warcraft III.exe" = C:\Dokumente und Einstellungen\Ich\Desktop\Warcraft3\Warcraft III.exe:*:Disabled:Warcraft III -- (Blizzard Entertainment)
 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{03ADCA1C-BCF0-4B12-AFCF-8EBF2CB3AB07}" = SST Programming Software
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu
"{055EE59D-217B-43A7-ABFF-507B966405D8}" = ATI Catalyst Control Center
"{0863885D-E64B-9E5A-9747-03321A2D2A49}" = CCC Help Korean
"{0C40E716-2558-01E2-4797-484E4CCB2500}" = Catalyst Control Center Localization All
"{10FDD69C-2428-0FFB-12A2-2A6907D6282F}" = CCC Help Japanese
"{1373559F-6DC6-44EA-9079-6ABDCCE8CDAD}" = OviMPlatform
"{139DEC1F-D380-EB76-B0DF-88BC99B3B7BB}" = Catalyst Control Center Graphics Light
"{1451DE6B-ABE1-4F62-BE9A-B363A17588A2}" = QuickTime
"{1577A05B-EE62-4BBC-9DB7-FE748FA44EC2}" = NTI CD & DVD-Maker
"{20140000-006D-0407-0000-0000000FF1CE}" = Microsoft Office Click-to-Run 2010 (Beta)
"{20140062-0062-0407-0000-0000000FF1CE}" = Microsoft Office Home and Business 2010 (Beta) - Deutsch
"{212748BB-0DA5-46DE-82A1-403736DC9F27}" = MSVC80_x86
"{2347E903-6299-A99F-C46C-05EB55912539}" = CCC Help Chinese Traditional
"{2638924D-DC58-4C40-BB1C-48C2B24B7B1B}" = T-Online Router Web-IF Management
"{26A24AE4-039D-4CA4-87B4-2F83216019FF}" = Java(TM) 6 Update 21
"{29F563F4-8807-4496-8463-441EAA0E96AB}" = PC Connectivity Solution
"{2B3A996D-CCBF-3D62-B0AD-EA05553D3CEE}" = CCC Help Chinese Standard
"{2D10FC46-1D96-44C4-8855-85F21B9B011E}" = Ovi Desktop Sync Engine
"{300D2ECE-DA75-1623-871F-935A205FC450}" = CCC Help German
"{3248F0A8-6813-11D6-A77B-00B0D0150100}" = J2SE Runtime Environment 5.0 Update 10
"{33D7EA48-0E99-4C45-A4D2-27D5DB9AF50F}" = Pacz
"{350C97B3-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{36CDA33B-909B-4719-97D1-C4B99309BDC7}" = ATI Parental Control & Encoder
"{385979FE-DC4F-4140-8EAD-A59625000D72}" = NTI Backup NOW! 4
"{3EA9D975-BFDC-4E8E-B88B-0446FBC8CA66}" = ATI HYDRAVISION
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4BF8A8A5-B3EA-6073-0457-669CC1E929C8}" = CCC Help Hungarian
"{501C0FDB-DCA5-E211-956C-26ADC4C54B66}" = Catalyst Control Center Core Implementation
"{50D25574-2C48-4AEC-8FFC-32AEAD2EAEFF}" = Nokia Ovi Player
"{57F85CF9-B9EF-6C77-8095-A2CF95738099}" = CCC Help Danish
"{5DA6F06A-B389-407B-BF8C-1548767914D8}" = ATI Problem Report Wizard
"{5DE1B7CF-7429-40CA-987F-6BEE09B63787}" = Prime95
"{63569CE9-FA00-469C-AF5C-E5D4D93ACF91}" = Windows Genuine Advantage v1.3.0254.0
"{63A17691-ABC0-E86F-5D7A-A2F7EE36145E}" = CCC Help Dutch
"{6501E9B8-77C7-7D81-7F1A-4C2D7E36B403}" = CCC Help Italian
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}" = MSVC80_x86_v2
"{6FE7F94E-7AF8-421F-9A19-04681A099AE3}" = TuneUp WinStyler
"{70B31335-50EE-4834-8431-27412CDE62BD}" = Nokia_Multimedia_Common_Components_2_5
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{72A5824D-08E9-9A96-2104-19E4FE86E5FA}" = CCC Help Spanish
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7907CAB0-6C4F-C554-34EA-93EAC98B42F9}" = CCC Help Turkish
"{8070452B-15D6-4169-B9B9-FCC3B54588AD}" = Nokia Ovi Suite
"{82982D26-D60E-27D8-361F-F14A8F6440E7}" = Catalyst Control Center HydraVision Full
"{87934EAD-CE6F-16C6-6004-73E092AA15A6}" = Catalyst Control Center Graphics Previews Common
"{88EB38EF-4D2C-436D-ABD3-56B232674062}" = ICQ7
"{89B80F72-CCD0-95C3-21CB-89BA03D98155}" = CCC Help Finnish
"{89DE67AD-08B8-4699-A55D-CA5C0AF82BF3}" = ATI AVIVO Codecs
"{90120407-6000-11D3-8CFE-0050048383C9}" = Microsoft Office XP Standard
"{906D95BA-4515-59A5-F2E4-072B1E73BB75}" = CCC Help English
"{92DF2F1B-F63C-4D9A-B3E1-B2D11AE29790}" = Windows Presentation Foundation Language Pack (DEU)
"{95120000-00AF-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (German)
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9D8BE52A-2C9A-91F2-310E-560CCE4FD247}" = CCC Help Russian
"{A0D62771-4353-8D52-44B8-0FCFF07D5FF1}" = ccc-core-preinstall
"{A0D65C73-F2C5-432F-8788-90F8A2E99B98}" = Nokia Ovi Suite Software Updater
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A3AE78AD-093F-57F1-280D-A31B0C1C1425}" = CCC Help Greek
"{A41A9C99-0029-783E-40C3-3AA0D1A6535D}" = CCC Help Polish
"{A680CE58-7B2C-9A45-D05F-5AC22DFA2F76}" = CCC Help Portuguese
"{A97B911E-8B1F-3B0F-F3D1-63B04084CC0F}" = Skins
"{AD3AE2EE-E0DB-7818-3F05-7E8B2FB22C49}" = CCC Help Norwegian
"{AF111648-99A1-453E-81DD-80DBBF6DAD0D}" = MSVC90_x86
"{B1275E23-717A-4D52-997A-1AD1E24BC7F3}" = T-Online 6.0
"{B26E3B0D-C2FA-4370-B068-7C476766F029}" = Microsoft Works
"{B414174C-97E4-9E8B-018E-AC77055D0107}" = CCC Help Thai
"{B6D0AACC-1F01-A901-5348-FF3599EFE70D}" = CCC Help French
"{B98604A2-5229-CBE6-98A4-A6D7C63B7458}" = ccc-utility
"{BAF78226-3200-4DB4-BE33-4D922A799840}" = Windows Presentation Foundation
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C19BE821-89B1-4A96-AC7C-873810C0CB5F}" = ContentSAFER for Wizmax
"{C2C284D2-6BD7-3B34-B0C5-B2CAED168DF7}" = Microsoft .NET Framework 3.0 Service Pack 2 Language Pack - DEU
"{C314CE45-3392-3B73-B4E1-139CD41CA933}" = Microsoft .NET Framework 2.0 Service Pack 2 Language Pack - DEU
"{CADDE354-C78C-46CB-A006-E2B178EFC271}" = Rise Of Legends
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CBD1A47D-691E-56C2-AC6A-1B3F80E3EC14}" = CCC Help Swedish
"{CD95D125-2992-4858-B3EF-5F6FB52FBAD6}" = Skype Toolbars
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D34313F7-B5E2-D3AF-FBB1-EF3ED1DEF5AB}" = CCC Help Czech
"{D3B1C799-CB73-42DE-BA0F-2344793A095C}" = Catalyst Control Center - Branding
"{D4CFC5F3-481C-40AA-9944-E7E4E732136C}" = Microsoft IntelliType Pro 8.0
"{E3A6437F-DE5B-6F3E-7BB3-39185D0BBDCE}" = ccc-core-static
"{E633D396-5188-4E9D-8F6B-BFB8BF3467E8}" = Skype™ 5.0
"{E78BFA60-5393-4C38-82AB-E8019E464EB4}" = Microsoft .NET Framework 1.1 German Language Pack
"{EB1446FB-A3EF-D04D-C224-EEC74F11805F}" = Catalyst Control Center Graphics Full New
"{EF4F620F-F295-41D7-92C0-6B635709C850}" = Nokia Software Updater
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F1FDAA01-988C-423F-AC12-0D8F333943FD}" = Nokia Connectivity Cable Driver
"{F27483DD-A574-441E-AC55-69625B58D562}" = Brother HL-2035
"{F2A7F421-1679-48D5-B918-96999014ED53}" = Microsoft .NET Framework 3.0 German Language Pack
"{FB08F381-6533-4108-B7DD-039E11FBC27E}" = Realtek AC'97 Audio
"{FCE65C4E-B0E8-4FBD-AD16-EDCBE6CD591F}" = HighMAT-Erweiterung für den Microsoft Windows XP-Assistenten zum Schreiben von CDs
"{FE931AAE-B6D9-8A02-60C7-EF4862306F58}" = Catalyst Control Center Graphics Full Existing
"0C5EDC3653FED5B121F464339EAC12534D253B25" = Windows-Treiberpaket - Nokia Modem  (02/15/2007 3.1)
"3B18191663CDFABAA2A93D4267E54D683153FF60" = Windows-Treiberpaket - Advanced Micro Devices (AmdK8) Processor  (05/27/2006 1.3.2.0)
"504244733D18C8F63FF584AEB290E3904E791693" = Windows-Treiberpaket - Nokia pccsmcfd  (08/22/2008 7.0.0.0)
"9CD348AE9C64C4B939B624E8E24F3903EFDFC82B" = Windows-Treiberpaket - Nokia Modem  (05/22/2008 7.00.0.1)
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"All ATI Software" = ATI - Dienstprogramm zur Deinstallation der Software
"Ask Toolbar_is1" = Ask Toolbar
"ATI Display Driver" = ATI Display Driver
"B726756F5B5A5AA9D798B399386FC6205A45F19E" = Windows-Treiberpaket - Nokia Modem  (02/15/2007 3.1)
"C5A76DC11BABDA0A881E7BE8DDEB641365A77FFD" = Windows-Treiberpaket - Nokia Modem  (05/22/2008 3.8)
"CBF192A85B624E32B8D19ADEEF2DCFC5BC3AA73A" = Windows-Treiberpaket - Nokia Modem  (03/05/2008 3.7)
"CCleaner" = CCleaner
"CD8424B9400BFF7D34AA18F816C71322AC4BDAA7" = Windows-Treiberpaket - Nokia Modem  (05/24/2007 6.84.0.1)
"Cossacks : Back To War" = Cossacks - Back To War
"E092B2EBF2FFE83E896F8F7F829A7B5D7D1B2F9D" = Windows-Treiberpaket - Nokia Modem  (03/13/2008 6.86.0.1)
"Fraps" = Fraps
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.8
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie7" = Windows Internet Explorer 7
"InstallShield_{CADDE354-C78C-46CB-A006-E2B178EFC271}" = Rise Of Legends
"Lame MP3 Codec (for the ACM)" = Lame ACM MP3 Codec
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 1.1  (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.0 German Language Pack" = Microsoft .NET Framework 3.0 German Language Pack
"Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mozilla Firefox (3.5.12)" = Mozilla Firefox (3.5.12)
"Mp3tag" = Mp3tag v2.46a
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"Nokia Ovi Suite" = Nokia Ovi Suite
"Office14.Click2Run" = Microsoft Office Click-to-Run 2010 (Beta)
"Steam App 240" = Counter-Strike: Source
"SystemRequirementsLab" = System Requirements Lab
"TeamViewer 4" = TeamViewer 4
"Uninstall_is1" = Uninstall 1.0.0.1
"VP3 Codec Version 3.2.6.1" = VP3 Codec Version 3.2.6.1
"Wdf01005" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
"Wdf01007" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.7
"Wdf01009" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.9
"WIC" = Windows Imaging Component
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinRAR archiver" = WinRAR
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01009" = Microsoft User-Mode Driver Framework Feature Pack 1.9
"XpsEPSC" = XML Paper Specification Shared Components Pack 1.0
"XPSEPSCLP" = XML Paper Specification Shared Components Language Pack 1.0
"XviD_is1" = XviD MPEG-4 Video Codec
 
========== HKEY_CURRENT_USER Uninstall List ==========
 
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome
 
========== Last 10 Event Log Errors ==========
 
[ Application Events ]
Error - 06.09.2010 14:28:39 | Computer Name = FINN | Source = OviSuite | ID = 1
Description =
 
Error - 06.09.2010 14:45:01 | Computer Name = FINN | Source = OviSuite | ID = 1
Description =
 
Error - 06.09.2010 14:45:03 | Computer Name = FINN | Source = OviSuite | ID = 1
Description =
 
Error - 06.09.2010 14:45:03 | Computer Name = FINN | Source = OviSuite | ID = 1
Description =
 
Error - 07.09.2010 14:41:07 | Computer Name = FINN | Source = crypt32 | ID = 131083
Description = Die Extrahierung der Drittanbieterstammlisten aus der automatischen
 Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>
 ist fehlgeschlagen mit dem Fehler: Ein erforderliches Zertifikat befindet sich
nicht im Gültigkeitszeitraum gemessen an der aktuellen Systemzeit oder dem Zeitstempel
 in der signierten Datei.  .
 
Error - 07.09.2010 14:41:07 | Computer Name = FINN | Source = crypt32 | ID = 131083
Description = Die Extrahierung der Drittanbieterstammlisten aus der automatischen
 Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>
 ist fehlgeschlagen mit dem Fehler: Ein erforderliches Zertifikat befindet sich
nicht im Gültigkeitszeitraum gemessen an der aktuellen Systemzeit oder dem Zeitstempel
 in der signierten Datei.  .
 
Error - 07.09.2010 17:31:29 | Computer Name = FINN | Source = CVHSVC | ID = 100
Description = Nur zur Information.  (Patch task for {20140062-0062-0407-0000-0000000FF1CE}):
 DownloadLatest Failed:
 
Error - 07.09.2010 18:50:42 | Computer Name = FINN | Source = Application Error | ID = 1000
Description = Fehlgeschlagene Anwendung javara.exe, Version 1.16.1.1763, fehlgeschlagenes
 Modul ntdll.dll, Version 5.1.2600.5755, Fehleradresse 0x0000100b.
 
Error - 08.09.2010 10:48:11 | Computer Name = FINN | Source = MsiInstaller | ID = 11706
Description = Produkt: Microsoft Office XP Standard -- Fehler 1706. Setup kann die
 benötigten Dateien nicht finden. Überprüfen Sie Ihre Verbindung mit dem Netzwerk
 oder dem CD-ROM-Laufwerk. Um mehr über mögliche Lösungen für dieses Problem zu
erfahren, sehen sie bitte nach in C:\Programme\Microsoft Office\Office10\1031\SETUP.HLP.
 
Error - 08.09.2010 10:48:12 | Computer Name = FINN | Source = MsiInstaller | ID = 1024
Description = Produkt: Microsoft Office XP Standard - Update "{4757E865-0292-4E04-940D-9C51052A5DD6}"
 konnte nicht installiert werden. Fehlercode 1603. Windows Installer kann Protokolle
 erstellen, um bei der Problembehandlung betreffend der Installation von Softwarepaketen
 behilflich zu sein. Verwenden Sie folgenden Link, um Anweisungen zur Aktivierung
 der Protokollierungsunterstützung zu erhalten: hxxp://go.microsoft.com/fwlink/?LinkId=23127
 
[ System Events ]
Error - 08.09.2010 12:25:10 | Computer Name = FINN | Source = Service Control Manager | ID = 7023
Description = Der Dienst "Anwendungsverwaltung" wurde mit folgendem Fehler beendet:
  %%126
 
Error - 08.09.2010 12:25:10 | Computer Name = FINN | Source = Service Control Manager | ID = 7023
Description = Der Dienst "Anwendungsverwaltung" wurde mit folgendem Fehler beendet:
  %%126
 
Error - 08.09.2010 12:25:10 | Computer Name = FINN | Source = Service Control Manager | ID = 7023
Description = Der Dienst "Anwendungsverwaltung" wurde mit folgendem Fehler beendet:
  %%126
 
Error - 08.09.2010 12:25:10 | Computer Name = FINN | Source = Service Control Manager | ID = 7023
Description = Der Dienst "Anwendungsverwaltung" wurde mit folgendem Fehler beendet:
  %%126
 
Error - 08.09.2010 12:25:11 | Computer Name = FINN | Source = Service Control Manager | ID = 7023
Description = Der Dienst "Anwendungsverwaltung" wurde mit folgendem Fehler beendet:
  %%126
 
Error - 08.09.2010 12:49:02 | Computer Name = FINN | Source = Service Control Manager | ID = 7000
Description = Der Dienst "int15.sys" wurde aufgrund folgenden Fehlers nicht gestartet:
  %%3
 
Error - 08.09.2010 12:49:02 | Computer Name = FINN | Source = Service Control Manager | ID = 7023
Description = Der Dienst "HID Input Service" wurde mit folgendem Fehler beendet:
  %%126
 
Error - 08.09.2010 12:49:24 | Computer Name = FINN | Source = Service Control Manager | ID = 7034
Description = Dienst "TuneUp WinStyler Theme Service" wurde unerwartet beendet.
Dies ist bereits 1 Mal passiert.
 
Error - 09.09.2010 14:51:12 | Computer Name = FINN | Source = Service Control Manager | ID = 7000
Description = Der Dienst "int15.sys" wurde aufgrund folgenden Fehlers nicht gestartet:
  %%3
 
Error - 09.09.2010 14:51:12 | Computer Name = FINN | Source = Service Control Manager | ID = 7023
Description = Der Dienst "HID Input Service" wurde mit folgendem Fehler beendet:
  %%126
 
 
< End of report >
--- --- ---



PS: Firefox ist immernoch drauf, weil ich keinen Internetexplorer installiert habe. Soll ich mir den draufladen oder lieber das Setup von Firefox? Denn ohne Browser wäre ja iwie blöd...

john.doe 09.09.2010 21:52
Zitat:
Firefox ist immernoch drauf, weil ich keinen Internetexplorer installiert habe. Soll ich mir den draufladen oder lieber das Setup von Firefox? Denn ohne Browser wäre ja iwie blöd...
Ja. Ich weiß. Dilemma. Solange noch Schädlinge auf deinem Rechner sind, bleibt keine andere Möglichkeit als
=> Internet Explorer 8 Windows 7 Security Features Malware Privacy

Sei sicher, ich liefere dir nur Links, die selbst mit dem MSIE (würg) sicher sind.

ciao, andreas

.Anti. 09.09.2010 21:56
Ok dann verabschiede ich mich mal von Firefox ;(

Kann ich Bookmarks, etc extern speichern oder soll alles weg?


Und brauchst du noch neue Scans?

LG Finn

john.doe 09.09.2010 22:59
Zitat:
Ok dann verabschiede ich mich mal von Firefox ;(
Das ist kein Abschied für immer, auch wenn ich mittlerweile Bauchschmerzen bekomme, wenn ich Firefox lese. Es ist ein guter Browser (jeder Browser ist besser als MSIE), aber er gerät immer mehr ins Blickfeld der Internetkriminellen und deshalb tue ich mich immer schwerer, den zu empfehlen. Meine persönliche Empfehlung geht zu Opera (nutze ich selbst) oder Iron (ist Chrome ohne Nachhausetelefonieren). Du kannst nach Bereinigung trotzdem wieder FireFox installieren und benutzen.
Zitat:
Kann ich Bookmarks, etc extern speichern oder soll alles weg?
Du kannst entweder ein Programm wie MozBackup - Backup-Tool für Firefox und Thunderbird benutzen oder deine Einstellungen exportieren.
Zitat:
Und brauchst du noch neue Scans?
Um sicher zu gehen (du bist definitiv befallen, deshalb notwendig):
Für die Skripte brauche ich einige Zeit, du kannst weitermachen mit:

1.) Mit Online-Scans kann man den kompletten Rechner auf Schädlinge prüfen lassen. Nimm am besten gleich den Internet Explorer.

Vorbereitung
  • Schließe evtl. vorhandene externe Festplatten und/oder sonstigen Wechselmedien (z. B. evtl. vorhandene USB-Sticks) an den Rechner an.
  • Bitte während der Online-Scans deaktivieren:
    Anti-Virus-Programm und Firewall.
  • Internet Explorer starten => im Menü unter Extras => Internetoption => Datenschutz => den Haken bei "Popupblocker einschalten" entfernen und
  • unter dem Reiter "Sicherheit" => die Sicherheitsstufe ggfs. auf "Mittelhoch" herabsetzen.
    Nicht vergessen, sie hinterher wieder einzuschalten bzw. die Internetoptionen wie zuvor einzustellen..
  • Während der Online-Scans auf andere Online-Aktivitäten verzichten.
  • Du musst das Herunterladen und Installieren von ActiveX-Steuerelementen (Controls) zulassen.

  • http://image.hijackthis.eu/upload/activex1.jpg
    .

ESET Online Scanner
Bitte während der Online-Scans evtl. vorhandene externe Festplatten einschalten! Bitte während der Scans alle Hintergrundwächter (Anti-Virus-Programm, Firewall, Skriptblocking und ähnliches) abstellen und nicht vergessen, alles hinterher wieder einzuschalten.
  • Anmerkung für Vista und Win7 User: Bitte den Browser unbedingt als Administrator starten.
  • Dein Anti-Virus-Programm während des Scans deaktivieren.
  • Button http://img695.imageshack.us/img695/1599/eset1l.jpg drücken.
    • Firefox-User: Bitte esetsmartinstaller_enu.exe downloaden.Das Firefox-Addon auf dem Desktop speichern und dann installieren.
    • IE-User: müssen das Installieren eines ActiveX Elements erlauben.
  • Setze den einen Hacken bei Yes, i accept the Terms of Use.
  • Drücke den http://img707.imageshack.us/img707/687/starteg.jpg Button.
  • Warte bis die Komponenten herunter geladen wurden.
  • Setze einen Haken bei "Remove found threads" und "Scan archives".
  • http://img707.imageshack.us/img707/687/starteg.jpg drücken.
  • Die Signaturen werden herunter geladen.Der Scan beginnt automatisch.
Wenn der Scan beendet wurde
  • Klicke Finish.
  • Browser schließen.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt suchen und mit Deinem Editor öffnen.
  • Logfile hier posten.

2.) Kaspersky - Onlinescanner

Dieser Scanner entfernt die Funde nicht, gibt aber einen guten Überblick über die vorhandene Malware.

---> hier herunterladen => Kaspersky Online Scanner
=> Hinweise zu älteren Versionen beachten!
=> Voraussetzung: Internet Explorer 6.0 oder höher
=> die nötigen ActiveX-Steuerelemente installieren => Update der Signaturen => Weiter
=> Scan-Einstellungen => Standard wählen => OK => Link "Arbeitsplatz" anklicken
=> Scan beginnt automatisch => Untersuchung wurde abgeschlossen => Protokoll speichern als
=> Dateityp auf .txt umstellen => auf dem Desktop als Kaspersky.txt speichern => Log hier posten
=> Deinstallation => Systemsteuerung => Software => Kaspersky Online Scanner entfernen

3.) Überprüfe den Rechner mit PrevXCSI. Poste ein Screenshot falls etwas gefunden werden sollte oder poste Namen und Pfade.

ciao, andreas

.Anti. 10.09.2010 00:00
Zitat:
Kaspersky
Online Scanner
Tut uns leid! Der Kaspersky Online Scanner wird gerade überarbeitet und ist deshalb nicht verfügbar. In Kürze wird er mit vielen Detail-Verbesserungen wieder online gehen.

Um Ihren PC zuverlässig auf Viren und andere Malware zu überprüfen, können Sie sich in der Zwischenzeit eine kostenlose Testversion von Kaspersky Internet Security 2011 oder Kaspersky Anti-Virus 2011 herunterladen.
Die anderen Scans werde ich morgen früh (wenn möglich) hier reinposten.

IE suckt :D

.Anti. 10.09.2010 06:00
ESET hat nichts gefunden
Zitat:
ESETSmartInstaller@High as CAB hook log:
OnlineScanner.ocx - registred OK
# version=7
# iexplore.exe=8.00.6001.18702 (longhorn_ie8_rtm(wmbla).090308-0339)
# OnlineScanner.ocx=1.0.0.6211
# api_version=3.0.2
# EOSSerial=c0c36e7d55379540ad5db39f569e75fb
# end=finished
# remove_checked=true
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2010-09-10 12:41:14
# local_time=2010-09-10 02:41:14 (+0100, Westeuropäische Sommerzeit)
# country="Germany"
# lang=1033
# osver=5.1.2600 NT Service Pack 3
# compatibility_mode=512 16777215 100 0 186274 186274 0 0
# compatibility_mode=8192 67108863 100 0 72 72 0 0
# scanned=172187
# found=0
# cleaned=0
# scan_time=6265

.Anti. 10.09.2010 06:08
Prevx:

Anzahl der Prüfungen: 2
Gesamtanzahl bereinigte Bedrohungen: 0
Aktive Bedrohungen: 0

john.doe 10.09.2010 22:54
Zitat:
IE suckt
Musst du mir nicht sagen, ich weiß das. :)

Eset und Prevx wieder deinstallieren.

Zwischenfrage: Wie geht es dem Rechner?

ciao, andreas

.Anti. 11.09.2010 11:58
ESET und Prevx sind wieder runter.

Rechner läuft immernoch und abgesehen von der Tastatur läuft auch noch alles einwandfrei, zumindest ist mir sonst noch nichts aufgefallen.

Ich werd's dir aber hier reinschreiben, falls ich noch etwas bemerken sollte :blabla:

LG Finn

/edit: Vllt ist das Scrollen der Maus ein bisschen sensitiver geworden... aber das kann man ja iwo auch noch wieder einstellen.

john.doe 11.09.2010 13:51
Es finden sich zu viele Einträge, dir mir schädlich erscheinen, wie z.B.
Zitat:
C:\Programme\Microsoft Application Virtualization Client\sftvsa.exe
Was ist das? Brauchst du das wirklich? Scheint mir einer der völlig unnützen Desktopveränderer zu sein, die nur unnütz Ressourcen verbrauchen.
Zitat:
und abgesehen von der Tastatur läuft auch noch alles einwandfrei
Da wir mittlerweile weitergekommen sind (Schädlinge sehe ich nicht mehr, nur haufenweise sinnlose Software), gehen wir das als nächstes an.

1.) Wie ist die genaue Bezeichnung deines Rechners und deines Keyboards?

2.) Installiere (Toolbars immer abwählen, Haken weg):3.) Sobald die Meldung von ComboFix kommt, dass der 10. Schritt erreicht ist, bitte die Verbindung zum Internet kappen. Ansonsten bekommt sUBs alle Dateien und der wird sich bedanken. :)

Scripten mit Combofix
  • Öffne den Editor (Start => Zubehör => Editor ) kopiere nun folgenden Text in das weiße Feld:
Code:
KILLALL::

Driver::
DMSKSSRh
N360
EraserUtilRebootDrv
IDSxpx86
mchInjDrv
JavaQuickStarterService
gusvc
catchme

Registry::
[-HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{201f27d4-3704-41d6-89c1-aa35e39143ed}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
[-HKEY_CLASSES_ROOT\clsid\{3041d03e-fd4b-44e0-b742-2d9b88305f98}]
[-HKEY_CLASSES_ROOT\TypeLib\{4b1c1e16-6b34-430e-b074-5928eca4c150}]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"swg"=-
"Google Update"=-
"Steam"=-
"ICQ"=-
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"SWHelper"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"LaunchApp"=-
"IMJPMIG8.1"=-
"PHIME2002ASync"=-
"PHIME2002A"=-
"QuickTime Task"=-
"SunJavaUpdateSched"=-
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=-
[-HKLM\~\startupfolder\C:^Dokumente und Einstellungen^Ich^Startmenü^Programme^Zubehör^Autostart^Registration .LNK]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Malwarebytes Anti-Malware  (reboot)]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
[-HKEY_LOCAL_MACHINE\System\ControlSet001\Services\N360]
[-HKEY_LOCAL_MACHINE\System\ControlSet001\Services\mchInjDrv]

Folder::
C:\rsit
c:\programme\Symantec
c:\programme\Gemeinsame Dateien\Symantec Shared
c:\windows\system32\drivers\N360
c:\programme\Norton 360
c:\dokumente und einstellungen\All Users\Anwendungsdaten\Norton
c:\programme\NortonInstaller
c:\dokumente und einstellungen\All Users\Anwendungsdaten\NortonInstaller
C:\FOUND.069

File::
c:\windows\system32\drivers\SYMEVENT.SYS
c:\windows\system32\drivers\SYMEVENT.INF
c:\windows\system32\drivers\SYMEVENT.CAT
c:\windows\system32\perfh007.dat
c:\windows\system32\perfc007.dat
c:\dokumente und einstellungen\Ich\Startmen�\Programme\Zubeh”r\Autostart\WKCALREM.LNK
c:\dokumente und einstellungen\All Users\Startmen�\Programme\Autostart\Microsoft Office.lnk
c:\dokumente und einstellungen\All Users\Startmen�\Programme\Autostart\Adobe Reader Speed Launch.lnk
c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3598312876-1066895871-4027723870-1007Core1cb0cc11dcdc67c.job
Speichere diese Datei nun auf dem Desktop unter -> cfscript.txt
  • Nun die Datei cfscript.txt auf das Symbol von Combofix ziehen!
http://users.pandora.be/bluepatchy/m...s/CFScript.gif
  • Danach das Log von Combofix posten.


Hinweis: Das obige Script ist nur für diesen einen User in dieser Situtation erstellt worden. Es ist auf keinen anderen Rechner portierbar und darf nicht anderweitig verwandt werden, da es das System nachhaltig schädigen kann.

ciao, andreas

.Anti. 11.09.2010 16:58
1.)
Genaue Bezeichnung meines Rechners: Habe ich selbst zusammengebaut (Brauchst du die Systemkonfiguration?)
Genaue Bezeichnung meiner Tastatur: "Microsoft Keyboard Elite for Bluetooth"

2.)
Erledigt. Kann der Internetexplorer wieder runter?

3.)
Zitat:
c:\dokumente und einstellungen\Ich\Startmen�\Programme\Zubeh”r\Autostart\WKCALREM.LNK
c:\dokumente und einstellungen\All Users\Startmen�\Programme\Autostart\Microsoft Office.lnk
c:\dokumente und einstellungen\All Users\Startmen�\Programme\Autostart\Adobe Reader Speed Launch.lnk
c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3598312876-1066895871-4027723870-1007Core1cb0cc11dcdc67c.job
Das "ü" bei "Startmenü" wurde durch ein Fragezeichen ersetzt.

Ich werde es beim CF Fix wieder in ein "ü" ändern, macht ja anders keinen Sinn, da dadurch ja die Pfade verfälscht werden.


Die "ü"s kommen dann ebenfalls auf die Liste der Dinge, die wir hinterher wieder reparieren müssen :wtf:

LG Finn

PS: Log kommt auch gleich.

.Anti. 11.09.2010 17:23
So, Combofix Log:

Combofix Logfile:
Code:
ComboFix 10-09-09.04 - Ich 11.09.2010  18:06:46.2.2 - FAT32x86
Microsoft Windows XP Home Edition  5.1.2600.3.1252.49.1031.18.1534.715 [GMT 2:00]
ausgeführt von:: c:\dokumente und einstellungen\Ich\Desktop\cofi.exe
Benutzte Befehlsschalter :: c:\dokumente und einstellungen\Ich\Desktop\cfscript.txt
AV: AntiVir Desktop *On-access scanning enabled* (Updated) {AD166499-45F9-482A-A743-FDD3350758C7}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning disabled* (Updated) {81C58DDC-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning disabled* (Updated) {81C9D65C-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning disabled* (Updated) {81CB2DDC-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning disabled* (Updated) {81CCC5C4-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning disabled* (Updated) {FF792804-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning disabled* (Updated) {FFBC2BDC-FFA4-0117-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Outdated) {00000000-0000-0000-0000-000000000000}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Outdated) {7C920732-0013-0000-180A-960000009600}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {00000246-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81BA13DC-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81BAAA1C-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81BAE65C-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81BB1BC4-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81BB4A1C-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81BB7DDC-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81BC5DDC-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81BFF054-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81C10984-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81C1752C-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81C1E5DC-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81C1FA1C-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81C20C0C-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81C35DDC-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81C37A44-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81C4A83C-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81C4BDDC-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81C4D684-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81C52054-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81C57554-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81C579AC-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81C5D984-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81C67BFC-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81C6B054-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81C6B65C-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81C6E70C-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81C7147C-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81C728BC-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81C75AC4-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81C83A1C-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81C89BFC-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81C8CBD4-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81C8DA1C-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81C8DB5C-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81C8E3E4-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81C90B64-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81C90DDC-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81C91A1C-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81C92A1C-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81C9347C-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81C95A2C-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81C974C4-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81C9783C-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81C9947C-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81C9BA1C-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81C9C27C-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81C9C394-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81C9CB64-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81C9CDDC-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81C9D7BC-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81C9E324-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81C9E34C-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81C9F83C-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CA0A94-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CA1054-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CA13F4-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CA15DC-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CA229C-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CA265C-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CA2A1C-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CA33F4-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CA3BFC-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CA4054-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CA668C-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CA7054-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CA72EC-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CA76FC-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CA7754-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CA7D0C-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CA7DDC-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CA8544-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CA9894-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CAA48C-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CAA4CC-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CAA65C-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CAA83C-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CAA844-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CAAC2C-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CAB83C-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CABDDC-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CACA3C-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CACDAC-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CAD79C-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CADC0C-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CAE3B4-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CAE92C-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CAEBF4-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CAF054-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CAF9A4-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CAFD44-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CB0ABC-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CB157C-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CB1664-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CB1BFC-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CB2254-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CB27CC-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CB2984-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CB2AE4-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CB2C14-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CB2CA4-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CB34A4-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CB34F4-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CB3DDC-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CB4BEC-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CB4BFC-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CB4C24-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CB5054-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CB580C-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CB5DDC-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CB6A1C-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CB72F4-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CB774C-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CB7BF4-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CB7DDC-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CB848C-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CB8D8C-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CB9A1C-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CB9DDC-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CBA2AC-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CBA72C-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CBADDC-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CBB83C-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CBBB64-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CBBDDC-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CBC5C4-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CBC83C-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CBCBFC-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CBCDDC-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CBD564-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CBD874-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CBDBFC-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CBDC74-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CBDDDC-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CBE67C-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CBE83C-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CBEB54-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CBF65C-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CBFA1C-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CBFDDC-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CC08E4-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CC0B14-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CC0DDC-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CC1854-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CC1A64-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CC1BFC-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CC1DDC-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CC365C-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CC3C04-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CC45C4-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CC483C-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CC485C-FFA4-0117-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CC4BFC-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CC5DDC-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CC6054-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CC64CC-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CC66EC-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CC6BFC-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CC6DDC-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CC747C-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CC783C-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CC7B64-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CC7BFC-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CC884C-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CC8DDC-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CC947C-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CC9BFC-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CC9DDC-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CCA47C-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CCA484-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CCA65C-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CCA7D4-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CCA84C-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CCBB64-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CCC47C-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CCC85C-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CCD484-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CCDDDC-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CCE7CC-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CCE83C-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CCEA1C-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CCF47C-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CCF65C-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CCFA1C-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CCFA34-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CCFBFC-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CD0574-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CD05AC-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CD0DDC-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CD240C-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CD266C-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CD2A1C-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CD2A24-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CD3664-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CD43E4-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CD447C-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CD4494-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CD4A1C-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CD4A34-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CD4AF4-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CD55D4-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CD58D4-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CD5DDC-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CD6C04-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CD6DDC-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CD7534-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CD75E4-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CD7DDC-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CD8664-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CD883C-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CD8A1C-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CD8BFC-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CD9944-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CD9A8C-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CD9DDC-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CDA3E4-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CDA49C-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CDA864-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CDABFC-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CDAC0C-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CDB47C-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CDB99C-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CDBDDC-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CDC664-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CDC87C-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CDC97C-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CDCBBC-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CDCBFC-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CDD65C-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CDD7A4-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CDDBFC-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CDEA24-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CDEDDC-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CDF404-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CDF684-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CDF7AC-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CE0DDC-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CE1784-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CE1B64-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CE1C34-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CE2344-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CE2A3C-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CE3A34-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CE4C04-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CE6494-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CE6A1C-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CE7A64-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CE7DDC-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CE8DDC-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CEA86C-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CEB5C4-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CEB864-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CECAD4-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CEEBFC-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CEEDDC-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CFAA1C-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CFB7B4-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CFBD1C-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CFC054-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81D0165C-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81D017BC-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81D047A4-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81D06844-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81D0C484-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81D0D054-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81D0DBFC-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81D0E67C-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81D11DDC-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81D12A1C-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81D14DDC-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81D17DDC-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81D1C7BC-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81D1FDDC-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81D20A1C-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81D236EC-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81D26844-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81D2A694-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81D2DB04-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81D2EB64-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81D37A9C-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81D3BDDC-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81D47DDC-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81D4BC0C-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81D4E3E4-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81D545AC-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81D619BC-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81D79A1C-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81D8ADDC-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81D9570C-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81DB96DC-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81DCFDDC-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {823A3664-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {823C63E4-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {823C7AB4-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {823C85CC-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {823D1B5C-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {82622694-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8285C43C-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8286643C-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {BADB0D00-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {FDC609D4-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {FF59096C-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {FF68F054-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {FFBC3DDC-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {FFDFF540-FFA4-0105-0D24-347CA8A3377C}
AV: Kaspersky Anti-Virus *On-access scanning enabled* (Updated) {2C4D4BC6-0793-4956-A9F9-E252435469C0}

FILE ::
"c:\dokumente und einstellungen\All Users\Startmenü\Programme\Autostart\Adobe Reader Speed Launch.lnk"
"c:\dokumente und einstellungen\All Users\Startmenü\Programme\Autostart\Microsoft Office.lnk"
"c:\dokumente und einstellungen\Ich\Startmenü\Programme\Zubehör\Autostart\WKCALREM.LNK"
"c:\windows\system32\drivers\SYMEVENT.CAT"
"c:\windows\system32\drivers\SYMEVENT.INF"
"c:\windows\system32\drivers\SYMEVENT.SYS"
"c:\windows\system32\perfc007.dat"
"c:\windows\system32\perfh007.dat"
"c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3598312876-1066895871-4027723870-1007Core1cb0cc11dcdc67c.job"
.

((((((((((((((((((((((((((((((((((((  Weitere Löschungen  ))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\dokumente und einstellungen\All Users\Anwendungsdaten\Norton
c:\dokumente und einstellungen\All Users\Anwendungsdaten\Norton\{086A63F0-6B13-4F29-9695-134E7A01E963}\LC.INI
c:\dokumente und einstellungen\All Users\Anwendungsdaten\Norton\00000082\0000010f\000004b6\cltLMS1.dat
c:\dokumente und einstellungen\All Users\Anwendungsdaten\Norton\00000082\0000010f\000004b6\cltLMS2.dat
c:\dokumente und einstellungen\All Users\Anwendungsdaten\NortonInstaller
c:\dokumente und einstellungen\All Users\Anwendungsdaten\NortonInstaller\Logs\2010-09-07-16h56m10s.7z
c:\dokumente und einstellungen\All Users\Anwendungsdaten\NortonInstaller\Logs\2010-09-07-16h56m26s.7z
c:\dokumente und einstellungen\All Users\Anwendungsdaten\NortonInstaller\Logs\2010-09-07-16h59m09s.7z
c:\dokumente und einstellungen\All Users\Anwendungsdaten\NortonInstaller\Logs\2010-09-07-16h59m12s.7z
c:\dokumente und einstellungen\All Users\Anwendungsdaten\NortonInstaller\Logs\2010-09-07-16h59m18s.7z
c:\dokumente und einstellungen\All Users\Anwendungsdaten\NortonInstaller\Logs\2010-09-07-17h09m09s.7z
c:\dokumente und einstellungen\All Users\Anwendungsdaten\NortonInstaller\Logs\2010-09-07-17h09m14s.7z
c:\dokumente und einstellungen\All Users\Anwendungsdaten\NortonInstaller\Logs\2010-09-07-17h09m16s.7z
c:\dokumente und einstellungen\All Users\Anwendungsdaten\NortonInstaller\Logs\2010-09-07-17h09m18s.7z
c:\dokumente und einstellungen\All Users\Anwendungsdaten\NortonInstaller\Logs\2010-09-07-17h09m21s.7z
c:\dokumente und einstellungen\All Users\Anwendungsdaten\NortonInstaller\Logs\2010-09-07-17h09m23s.7z
c:\dokumente und einstellungen\All Users\Anwendungsdaten\NortonInstaller\Logs\2010-09-07-17h09m26s.7z
c:\dokumente und einstellungen\All Users\Anwendungsdaten\NortonInstaller\Logs\2010-09-07-17h09m28s.7z
c:\dokumente und einstellungen\All Users\Anwendungsdaten\NortonInstaller\Logs\2010-09-07-17h09m30s.7z
c:\dokumente und einstellungen\All Users\Anwendungsdaten\NortonInstaller\Logs\2010-09-07-17h09m34s.7z
c:\dokumente und einstellungen\All Users\Anwendungsdaten\NortonInstaller\Logs\2010-09-07-17h09m38s.7z
c:\dokumente und einstellungen\All Users\Anwendungsdaten\NortonInstaller\Logs\2010-09-07-17h09m46s.7z
c:\dokumente und einstellungen\All Users\Anwendungsdaten\NortonInstaller\Logs\2010-09-07-17h09m48s.7z
c:\dokumente und einstellungen\All Users\Anwendungsdaten\NortonInstaller\Logs\2010-09-07-17h09m50s.7z
c:\dokumente und einstellungen\All Users\Anwendungsdaten\NortonInstaller\Logs\2010-09-07-17h09m53s.7z
c:\dokumente und einstellungen\All Users\Anwendungsdaten\NortonInstaller\Logs\2010-09-07-17h09m55s.7z
c:\dokumente und einstellungen\All Users\Anwendungsdaten\NortonInstaller\Logs\2010-09-07-17h09m57s.7z
c:\dokumente und einstellungen\All Users\Anwendungsdaten\NortonInstaller\Logs\2010-09-07-17h10m00s.7z
c:\dokumente und einstellungen\All Users\Anwendungsdaten\NortonInstaller\Logs\2010-09-07-17h10m02s.7z
c:\dokumente und einstellungen\All Users\Anwendungsdaten\NortonInstaller\Logs\2010-09-07-17h10m04s.7z
c:\dokumente und einstellungen\All Users\Anwendungsdaten\NortonInstaller\Logs\2010-09-07-17h10m07s.7z
c:\dokumente und einstellungen\All Users\Anwendungsdaten\NortonInstaller\Logs\2010-09-07-17h10m09s.7z
c:\dokumente und einstellungen\All Users\Anwendungsdaten\NortonInstaller\Logs\2010-09-07-18h23m35s.7z
c:\dokumente und einstellungen\All Users\Anwendungsdaten\NortonInstaller\Logs\2010-09-07-23h20m53s.7z
c:\dokumente und einstellungen\All Users\Anwendungsdaten\NortonInstaller\Logs\2010-09-08-18h43m09s\BHCA-0x12E8.log
c:\dokumente und einstellungen\All Users\Anwendungsdaten\NortonInstaller\Logs\2010-09-08-18h43m09s\Install.1.mft
c:\dokumente und einstellungen\All Users\Anwendungsdaten\NortonInstaller\Logs\2010-09-08-18h43m09s\NortonInstall-2010-09-08-18h43m09s.log
c:\dokumente und einstellungen\All Users\Anwendungsdaten\NortonInstaller\Logs\2010-09-08-18h43m09s\SymIMexe-0x14EC.log
c:\dokumente und einstellungen\All Users\Anwendungsdaten\NortonInstaller\Logs\Url.txt
C:\FOUND.069
c:\found.069\FILE0000.CHK
C:\rsit
c:\rsit\info.txt
c:\rsit\log.txt
c:\windows\system32\perfc007.dat
c:\windows\system32\perfh007.dat
c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3598312876-1066895871-4027723870-1007Core1cb0cc11dcdc67c.job

.
(((((((((((((((((((((((((((((((((((((((  Treiber/Dienste  )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Legacy_CATCHME
-------\Legacy_DMSKSSRH
-------\Legacy_ERASERUTILREBOOTDRV
-------\Legacy_GUSVC
-------\Legacy_IDSXPX86
-------\Legacy_JAVAQUICKSTARTERSERVICE
-------\Legacy_MCHINJDRV
-------\Service_catchme
-------\Service_DMSKSSRh
-------\Service_gusvc
-------\Service_JavaQuickStarterService


(((((((((((((((((((((((  Dateien erstellt von 2010-08-11 bis 2010-09-11  ))))))))))))))))))))))))))))))
.

2010-09-11 15:35 . 2010-09-11 15:35    --------    d-----w-    c:\dokumente und einstellungen\Ich\Anwendungsdaten\Avira
2010-09-11 15:30 . 2010-09-11 15:30    --------    d-----w-    c:\programme\Avira
2010-09-11 15:30 . 2010-09-11 15:30    --------    d-----w-    c:\dokumente und einstellungen\All Users\Anwendungsdaten\Avira
2010-09-11 15:30 . 2010-03-01 08:05    124784    ----a-w-    c:\windows\system32\drivers\avipbb.sys
2010-09-11 15:30 . 2009-05-11 10:49    45416    ----a-w-    c:\windows\system32\drivers\avgntdd.sys
2010-09-11 15:30 . 2009-05-11 10:49    22360    ----a-w-    c:\windows\system32\drivers\avgntmgr.sys
2010-09-11 15:19 . 2010-09-11 15:19    --------    d-----w-    c:\programme\Gemeinsame Dateien\Adobe
2010-09-11 10:55 . 2010-09-11 10:55    --------    d-sh--w-    c:\dokumente und einstellungen\LocalService\IETldCache
2010-09-11 10:38 . 2010-09-11 10:38    --------    d-----w-    c:\windows\LastGood.Tmp
2010-09-10 19:16 . 2008-10-22 22:00    111928    ------w-    c:\windows\system32\BRRBTOOL.EXE
2010-09-10 19:16 . 2006-12-21 09:23    176128    ------w-    c:\windows\system32\BROSNMP.DLL
2010-09-10 19:15 . 2010-09-10 19:19    54    ----a-w-    c:\windows\system32\bd2030.dat
2010-09-09 22:51 . 2010-09-09 22:51    --------    d-sh--w-    c:\dokumente und einstellungen\Ich\PrivacIE
2010-09-09 22:38 . 2010-09-09 22:38    --------    d-----w-    c:\dokumente und einstellungen\Ich\Lokale Einstellungen\Anwendungsdaten\IsolatedStorage
2010-09-09 21:12 . 2010-09-09 21:12    --------    d-sh--w-    c:\dokumente und einstellungen\Ich\IETldCache
2010-09-09 21:03 . 2010-09-09 21:03    --------    d-----w-    c:\windows\ie8updates
2010-09-09 21:01 . 2010-09-09 21:01    --------    d--h--w-    c:\windows\ie8
2010-09-09 20:55 . 2010-06-18 11:39    16896    ------w-    c:\windows\system32\dllcache\iecompat.dll
2010-09-09 20:55 . 2010-06-24 12:22    12800    ------w-    c:\windows\system32\dllcache\xpshims.dll
2010-09-09 20:55 . 2010-06-24 12:21    247808    ------w-    c:\windows\system32\dllcache\ieproxy.dll
2010-09-09 20:55 . 2010-06-24 12:21    743424    ------w-    c:\windows\system32\dllcache\iedvtool.dll
2010-09-08 14:32 . 2010-09-08 14:32    --------    d-----w-    c:\programme\Microsoft IntelliType Pro
2010-09-08 04:46 . 2010-09-08 04:46    --------    d-----w-    c:\dokumente und einstellungen\Ich\Anwendungsdaten\Skype
2010-09-08 04:46 . 2010-09-08 04:46    --------    d-----w-    c:\dokumente und einstellungen\All Users\Anwendungsdaten\Skype
2010-09-07 23:05 . 2010-09-07 23:05    --------    d-----w-    c:\dokumente und einstellungen\Ich\Anwendungsdaten\InstallShield
2010-09-07 19:12 . 2010-09-07 19:12    --------    d-----w-    c:\programme\trend micro
2010-09-07 16:28 . 2010-06-14 14:31    744448    ------w-    c:\windows\system32\dllcache\helpsvc.exe
2010-09-07 15:06 . 2010-09-07 15:06    --------    d-----w-    c:\windows\system32\Adobe
2010-09-07 14:59 . 2010-09-07 14:59    --------    d-----w-    c:\programme\Windows Sidebar
2010-09-06 21:29 . 2010-09-06 21:29    --------    d-----w-    C:\_OTL
2010-09-06 20:16 . 2010-09-06 20:16    --------    d-----w-    c:\dokumente und einstellungen\Ich\Anwendungsdaten\Malwarebytes
2010-09-06 20:16 . 2010-04-29 13:39    38224    ----a-w-    c:\windows\system32\drivers\mbamswissarmy.sys
2010-09-06 20:16 . 2010-09-06 20:16    --------    d-----w-    c:\dokumente und einstellungen\All Users\Anwendungsdaten\Malwarebytes
2010-09-06 20:16 . 2010-04-29 13:39    20952    ----a-w-    c:\windows\system32\drivers\mbam.sys
2010-09-06 14:35 . 2010-09-06 14:35    --------    d-----w-    c:\dokumente und einstellungen\Ich\Anwendungsdaten\Mp3tag
2010-09-06 14:07 . 2010-09-06 14:07    --------    d-----w-    c:\dokumente und einstellungen\Ich\Anwendungsdaten\DVDVideoSoftIEHelpers
2010-09-02 18:30 . 2010-09-02 18:30    159072    ----a-w-    c:\dokumente und einstellungen\LocalService\Lokale Einstellungen\Anwendungsdaten\FontCache3.0.0.0.dat
2010-09-01 19:27 . 2010-09-01 19:27    --------    d-----w-    c:\dokumente und einstellungen\Ich\Anwendungsdaten\Nokia Ovi Suite
2010-09-01 02:05 . 2010-09-01 02:05    --------    d-----w-    c:\dokumente und einstellungen\Ich\Lokale Einstellungen\Anwendungsdaten\NokiaAccount
2010-09-01 01:50 . 2010-09-01 01:50    --------    d-----w-    c:\windows\Globalization
2010-09-01 01:50 . 2010-09-01 01:50    --------    d-----w-    c:\dokumente und einstellungen\All Users\Anwendungsdaten\NokiaMusic
2010-09-01 01:50 . 2010-09-01 01:50    --------    d-----w-    c:\dokumente und einstellungen\Ich\Lokale Einstellungen\Anwendungsdaten\Nokia
2010-09-01 01:44 . 2008-08-26 08:26    18816    ----a-w-    c:\windows\system32\drivers\pccsmcfd.sys
2010-09-01 01:44 . 2010-09-01 01:44    --------    d-----w-    c:\programme\PC Connectivity Solution
2010-09-01 01:43 . 2010-07-21 15:07    1461992    ----a-w-    c:\windows\system32\wdfcoinstaller01009.dll
2010-09-01 01:43 . 2010-02-26 12:32    662016    ----a-w-    c:\windows\system32\nmwcdcocls.dll
2010-09-01 01:43 . 2010-02-26 12:32    18176    ----a-w-    c:\windows\system32\drivers\ccdcmb.sys
2010-09-01 01:41 . 2010-09-01 01:41    12212040    ----a-w-    c:\dokumente und einstellungen\All Users\Anwendungsdaten\NokiaInstallerCache\ProductCache\{D5878294-C113-43c5-A24F-FC333C52015A}\Installer\CommonCustomActions\WMFDist11-WindowsXP-X86-ENU.exe
2010-09-01 01:41 . 2010-09-01 01:41    13930312    ----a-w-    c:\dokumente und einstellungen\All Users\Anwendungsdaten\NokiaInstallerCache\ProductCache\{D5878294-C113-43c5-A24F-FC333C52015A}\Installer\CommonCustomActions\WMFDist11-WindowsXP-X64-ENU.exe
2010-09-01 01:41 . 2010-09-01 01:41    77824    ----a-w-    c:\dokumente und einstellungen\All Users\Anwendungsdaten\NokiaInstallerCache\ProductCache\{D5878294-C113-43c5-A24F-FC333C52015A}\Installer\CommonCustomActions\Run_XML6_SP1.exe
2010-09-01 01:41 . 2010-09-01 01:41    50000    ----a-w-    c:\dokumente und einstellungen\All Users\Anwendungsdaten\NokiaInstallerCache\ProductCache\{D5878294-C113-43c5-A24F-FC333C52015A}\Installer\CommonCustomActions\pcswpc.exe
2010-09-01 01:41 . 2010-09-01 01:41    38912    ----a-w-    c:\dokumente und einstellungen\All Users\Anwendungsdaten\NokiaInstallerCache\ProductCache\{D5878294-C113-43c5-A24F-FC333C52015A}\Installer\CommonCustomActions\WMF11Runx86.exe
2010-09-01 01:41 . 2010-09-01 01:41    38912    ----a-w-    c:\dokumente und einstellungen\All Users\Anwendungsdaten\NokiaInstallerCache\ProductCache\{D5878294-C113-43c5-A24F-FC333C52015A}\Installer\CommonCustomActions\WMF11Runx64.exe
2010-09-01 01:40 . 2010-09-01 01:40    103412296    ----a-w-    c:\dokumente und einstellungen\All Users\Anwendungsdaten\NokiaInstallerCache\ProductCache\{D5878294-C113-43c5-A24F-FC333C52015A}\Installer.exe
2010-09-01 01:40 . 2010-09-01 01:40    --------    d-----w-    c:\dokumente und einstellungen\All Users\Anwendungsdaten\NokiaInstallerCache

.
((((((((((((((((((((((((((((((((((((  Find3M Bericht  ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-09-11 16:12 . 2006-01-09 17:41    4661    ----a-w-    c:\windows\bthservsdp.dat
2010-09-08 16:22 . 2007-01-26 14:46    71688    ----a-w-    c:\dokumente und einstellungen\Ich\Lokale Einstellungen\Anwendungsdaten\GDIPFONTCACHEV1.DAT
2010-09-08 14:32 . 2010-09-08 14:32    0    ---ha-w-    c:\windows\system32\drivers\Msft_Kernel_NuidFltr_01009.Wdf
2010-09-01 02:13 . 2010-09-01 02:13    0    ---ha-w-    c:\windows\system32\drivers\Msft_User_PCCSWpdDriver_01_09_00.Wdf
2010-09-01 02:12 . 2010-09-01 02:12    0    ---ha-w-    c:\windows\system32\drivers\MsftWdf_user_01_09_00.Wdf
2010-09-01 02:07 . 2010-09-01 02:07    0    ---ha-w-    c:\windows\system32\drivers\Msft_Kernel_ccdcmb_01009.Wdf
2010-09-01 02:07 . 2010-09-01 02:07    0    ---ha-w-    c:\windows\system32\drivers\MsftWdf_Kernel_01009_Coinstaller_Critical.Wdf
2010-08-11 02:42 . 2010-08-11 02:42    --------    d-----w-    c:\dokumente und einstellungen\All Users\Anwendungsdaten\Blizzard Entertainment
2010-08-11 02:41 . 2010-08-11 02:41    --------    d-----w-    c:\dokumente und einstellungen\All Users\Anwendungsdaten\Blizzard
2010-08-09 15:06 . 2010-08-09 15:06    503808    ----a-w-    c:\dokumente und einstellungen\Ich\Anwendungsdaten\Sun\Java\Deployment\SystemCache\6.0\4\7ec4bf04-3bdcbca5-n\msvcp71.dll
2010-08-09 15:06 . 2010-08-09 15:06    499712    ----a-w-    c:\dokumente und einstellungen\Ich\Anwendungsdaten\Sun\Java\Deployment\SystemCache\6.0\4\7ec4bf04-3bdcbca5-n\jmc.dll
2010-08-09 15:06 . 2010-08-09 15:06    348160    ----a-w-    c:\dokumente und einstellungen\Ich\Anwendungsdaten\Sun\Java\Deployment\SystemCache\6.0\4\7ec4bf04-3bdcbca5-n\msvcr71.dll
2010-08-09 15:06 . 2010-08-09 15:06    61440    ----a-w-    c:\dokumente und einstellungen\Ich\Anwendungsdaten\Sun\Java\Deployment\SystemCache\6.0\42\4488892a-25dee2c2-n\decora-sse.dll
2010-08-09 15:06 . 2010-08-09 15:06    12800    ----a-w-    c:\dokumente und einstellungen\Ich\Anwendungsdaten\Sun\Java\Deployment\SystemCache\6.0\42\4488892a-25dee2c2-n\decora-d3d.dll
2010-07-31 17:49 . 2010-07-31 17:49    --------    d-----w-    c:\programme\Gemeinsame Dateien\Skype
2010-07-21 15:07 . 2009-04-08 14:54    21520    ----a-w-    c:\windows\system32\drivers\nuidfltr.sys
2010-07-17 03:00 . 2010-04-25 20:54    423656    ----a-w-    c:\windows\system32\deployJava1.dll
2010-07-02 17:53 . 2010-07-02 17:53    17    ----a-w-    c:\windows\system32\shortcut_ex.dat
2010-06-30 12:28 . 2005-10-22 05:13    149504    ----a-w-    c:\windows\system32\schannel.dll
2010-06-24 12:22 . 2005-10-22 05:13    916480    ----a-w-    c:\windows\system32\wininet.dll
2010-06-24 09:02 . 2005-10-22 05:13    1852032    ----a-w-    c:\windows\system32\win32k.sys
2010-06-21 15:27 . 2005-10-22 05:13    354304    ----a-w-    c:\windows\system32\drivers\srv.sys
2010-06-17 14:03 . 2005-10-22 05:13    80384    ----a-w-    c:\windows\system32\iccvid.dll
2010-06-14 15:06 . 2010-06-14 15:06    61440    ----a-w-    c:\dokumente und einstellungen\Ich\Anwendungsdaten\Sun\Java\Deployment\SystemCache\6.0\50\5535ab32-2a686978-n\decora-sse.dll
2010-06-14 15:06 . 2010-06-14 15:06    12800    ----a-w-    c:\dokumente und einstellungen\Ich\Anwendungsdaten\Sun\Java\Deployment\SystemCache\6.0\50\5535ab32-2a686978-n\decora-d3d.dll
2010-06-14 15:06 . 2010-06-14 15:06    503808    ----a-w-    c:\dokumente und einstellungen\Ich\Anwendungsdaten\Sun\Java\Deployment\SystemCache\6.0\46\f84c6ae-3c6f0084-n\msvcp71.dll
2010-06-14 15:06 . 2010-06-14 15:06    499712    ----a-w-    c:\dokumente und einstellungen\Ich\Anwendungsdaten\Sun\Java\Deployment\SystemCache\6.0\46\f84c6ae-3c6f0084-n\jmc.dll
2010-06-14 15:06 . 2010-06-14 15:06    348160    ----a-w-    c:\dokumente und einstellungen\Ich\Anwendungsdaten\Sun\Java\Deployment\SystemCache\6.0\46\f84c6ae-3c6f0084-n\msvcr71.dll
2010-06-14 14:31 . 2005-10-22 05:24    744448    ----a-w-    c:\windows\pchealth\helpctr\binaries\HelpSvc.exe
2010-06-14 07:41 . 2005-10-22 05:13    1172480    ----a-w-    c:\windows\system32\msxml3.dll
2007-05-31 17:43 . 2007-05-31 17:43    703258    ----a-w-    c:\programme\JUN2007_d3dx10_34_x64.cab
2007-05-31 17:43 . 2007-05-31 17:43    701218    ----a-w-    c:\programme\JUN2007_d3dx10_34_x86.cab
2007-05-31 17:43 . 2007-05-31 17:43    1611772    ----a-w-    c:\programme\JUN2007_d3dx9_34_x64.cab
2007-05-31 17:43 . 2007-05-31 17:43    200646    ----a-w-    c:\programme\JUN2007_XACT_x64.cab
2007-05-31 17:43 . 2007-05-31 17:43    1610203    ----a-w-    c:\programme\JUN2007_d3dx9_34_x86.cab
2007-05-31 17:43 . 2007-05-31 17:43    155892    ----a-w-    c:\programme\JUN2007_XACT_x86.cab
2007-05-31 17:43 . 2007-05-31 17:43    44687    ----a-w-    c:\programme\dxdllreg_x86.cab
.

((((((((((((((((((((((((((((  Autostartpunkte der Registrierung  ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MSPY2002"="c:\windows\system32\IME\PINTLGNT\ImScInst.exe" [2004-08-04 59392]
"BluetoothAuthenticationAgent"="bthprops.cpl" [2008-04-14 110592]
"ToADiMon.exe"="d:\programme\T-Online\T-Online_Software_6\Basis-Software\Basis1\ToADiMon.exe" [2005-06-27 278528]
"High Definition Audio Property Page Shortcut"="HDAShCut.exe" [2005-01-07 61952]
"RTHDCPL"="RTHDCPL.EXE" [2005-07-01 14477312]
"StartCCC"="c:\programme\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2009-02-03 61440]
"itype"="c:\programme\Microsoft IntelliType Pro\itype.exe" [2010-07-21 1778064]
"Adobe Reader Speed Launcher"="c:\programme\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2010-06-20 35760]
"Adobe ARM"="c:\programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe" [2010-06-09 976832]
"avgnt"="c:\programme\Avira\AntiVir Desktop\avgnt.exe" [2010-03-02 282792]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"InfoCockpit"="d:\programme\T-Online\T-Online_Software_6\Info-Cockpit\INFOCOCKPIT.EXE" [2005-11-29 847872]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
@="Service"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaMServer]
c:\programme\Gemeinsame Dateien\Nokia\MPlatform\NokiaMServer [X]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Malwarebytes Anti-Malware (reboot)]
2010-04-29 13:39    1090952    ----a-w-    d:\programme\Malwarebytes' Anti-Malware\mbam.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaMusic FastStart]
2010-03-04 13:10    2192672    ----a-w-    c:\programme\Nokia\Ovi Player\NokiaOviPlayer.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ntiMUI]
2005-05-11 16:15    45056    ----a-w-    c:\programme\NewTech Infosystems\NTI CD & DVD-Maker 7\ntiMUI.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Profiler]
2004-01-28 07:19    159744    ----a-w-    c:\programme\Saitek\Software\Profiler.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SaiSmart]
2004-01-28 07:19    98304    ----a-w-    c:\programme\Saitek\Software\SaiSmart.exe

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"d:\\Programme\\LucasArts\\Star Wars Battlefront II\\GameData\\BattlefrontII.exe"=
"c:\\WINDOWS\\System32\\LEXPPS.EXE"=
"c:\\WINDOWS\\System32\\dplaysvr.exe"=
"c:\\WINDOWS\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\WINDOWS\\system32\\sessmgr.exe"=
"d:\\Programme\\T-Online\\T-Online_Software_6\\Browser\\browser.exe"=
"c:\\Programme\\Messenger\\msmsgs.exe"=
"c:\\Programme\\TeamViewer\\Version4\\TeamViewer.exe"=
"c:\\Programme\\Nokia\\Nokia Software Updater\\nsu_ui_client.exe"=
"c:\\Programme\\Java\\jre6\\bin\\java.exe"=
"c:\\Programme\\Microsoft Games\\Rise Of Legends\\legends.exe"=
"d:\\Programme\\ICQ6.5\\ICQ.exe"=
"c:\\Programme\\Skype\\Plugin Manager\\skypePM.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"d:\\Programme\\ICQ7.0\\ICQ.exe"=
"d:\\Programme\\ICQ7.0\\aolload.exe"=
"d:\\Programme\\Steam\\Steam.exe"=
"c:\\Dokumente und Einstellungen\\Ich\\Desktop\\Counter-Strike Source\\hl2.exe"=
"c:\\Programme\\Pando Networks\\Media Booster\\PMB.exe"=
"d:\\Programme\\Steam\\SteamApps\\weithoff007\\counter-strike source\\hl2.exe"=
"c:\\Dokumente und Einstellungen\\Ich\\Desktop\\Warcraft3\\Warcraft III.exe"=
"c:\\Programme\\Skype\\Phone\\Skype.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3724:TCP"= 3724:TCP:Blizzard Downloader: 3724
"8394:TCP"= 8394:TCP:League of Legends Launcher
"8394:UDP"= 8394:UDP:League of Legends Launcher
"58096:TCP"= 58096:TCP:Pando Media Booster
"58096:UDP"= 58096:UDP:Pando Media Booster
"6965:TCP"= 6965:TCP:League of Legends Launcher
"6965:UDP"= 6965:UDP:League of Legends Launcher

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\IcmpSettings]
"AllowInboundEchoRequest"= 1 (0x1)

R0 SI3112r;ATI-437A Serial ATA Controller;c:\windows\system32\drivers\SI3112r.sys [18.10.2006 03:56 97920]
R2 AntiVirSchedulerService;Avira AntiVir Planer;c:\programme\Avira\AntiVir Desktop\sched.exe [11.09.2010 17:30 135336]
R2 cvhsvc;Client Virtualization Handler;c:\programme\Gemeinsame Dateien\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [26.09.2009 07:35 819600]
R2 sftlist;Application Virtualization Client;c:\programme\Microsoft Application Virtualization Client\sftlist.exe [23.09.2009 15:04 447832]
R3 sftfs;sftfs;c:\programme\Microsoft Application Virtualization Client\drivers\SftFSXP.sys [23.09.2009 15:04 543064]
R3 sftplay;sftplay;c:\programme\Microsoft Application Virtualization Client\drivers\sftplayxp.sys [23.09.2009 15:04 190312]
R3 Sftredir;Sftredir;c:\windows\system32\drivers\Sftredirxp.sys [23.09.2009 15:05 21864]
R3 sftvol;sftvol;c:\programme\Microsoft Application Virtualization Client\drivers\SftVolXP.sys [23.09.2009 15:04 14680]
R3 sftvsa;Application Virtualization Service Agent;c:\programme\Microsoft Application Virtualization Client\sftvsa.exe [23.09.2009 15:04 203608]
S3 AVerA700;A700 service;c:\windows\system32\drivers\AVerBDA3x.sys [24.12.2007 17:27 985472]
S3 MIINPazX;MIINPazX NDIS Protocol Driver;c:\progra~1\GEMEIN~1\MARMIK~1\MInfraIS\MIINPazX.SYS [01.09.2006 17:49 17152]
S3 MTOnlPktAlyX;MTOnlPktAlyX NDIS Protocol Driver;\??\d:\progra~1\T-Online\T-ONLI~1\BASIS-~1\Basis1\MTOnlPktAlyX.SYS --> d:\progra~1\T-Online\T-ONLI~1\BASIS-~1\Basis1\MTOnlPktAlyX.SYS [?]
S3 osppsvc;Office Software Protection Platform;c:\programme\Gemeinsame Dateien\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [26.09.2009 04:28 4639136]
S3 ovt530;TM507A USB Camera;c:\windows\system32\Drivers\ov530vid.sys --> c:\windows\system32\Drivers\ov530vid.sys [?]
S3 SaiH0464;SaiH0464;c:\windows\system32\drivers\SaiH0464.sys [15.01.2006 11:48 55808]
S4 sptd;sptd;c:\windows\system32\drivers\sptd.sys [15.06.2009 22:23 717296]

--- Andere Dienste/Treiber im Speicher ---

*NewlyCreated* - MCHINJDRV
*Deregistered* - mchInjDrv
.
Inhalt des "geplante Tasks" Ordners

2010-09-08 c:\windows\Tasks\Microsoft_Hardware_Launch_IType_exe.job
- c:\programme\Microsoft IntelliType Pro\itype.exe [2010-07-21 15:07]
.
.
------- Zusätzlicher Suchlauf -------
.
uInternet Connection Wizard,ShellNext = iexplore
FF - ProfilePath - c:\dokumente und einstellungen\Ich\Anwendungsdaten\Mozilla\Firefox\Profiles\qsoxuf7j.default\
FF - prefs.js: browser.startup.homepage - schueler.cc|travian.at|youtube.com
FF - plugin: c:\dokumente und einstellungen\Ich\Lokale Einstellungen\Anwendungsdaten\Google\Update\1.2.183.29\npGoogleOneClick8.dll
FF - plugin: c:\progra~1\MICROS~3\Office14\NPSPWRAP.DLL
FF - plugin: c:\program files\Real\RealPlayer\Netscape6\nppl3260.dll
FF - plugin: c:\program files\Real\RealPlayer\Netscape6\nprjplug.dll
FF - plugin: c:\program files\Real\RealPlayer\Netscape6\nprpjplug.dll
FF - plugin: c:\programme\Java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\programme\Pando Networks\Media Booster\npPandoWebPlugin.dll
FF - plugin: d:\programme\QuickTime\Plugins\npqtplugin.dll
FF - plugin: d:\programme\QuickTime\Plugins\npqtplugin2.dll
FF - plugin: d:\programme\QuickTime\Plugins\npqtplugin3.dll
FF - plugin: d:\programme\QuickTime\Plugins\npqtplugin4.dll
FF - plugin: d:\programme\QuickTime\Plugins\npqtplugin5.dll
FF - plugin: d:\programme\QuickTime\Plugins\npqtplugin6.dll
FF - plugin: d:\programme\QuickTime\Plugins\npqtplugin7.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

---- FIREFOX Richtlinien ----
c:\programme\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbaam7a8h", true);
c:\programme\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true);
c:\programme\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled", false);
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -

MSConfigStartUp-RemoteControl - c:\programme\CyberLink\PowerDVD\PDVDServ.exe



**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, hxxp://www.gmer.net
Rootkit scan 2010-09-11 18:14
Windows 5.1.2600 Service Pack 3 FAT NTAPI

Scanne versteckte Prozesse...

Scanne versteckte Autostarteinträge...

Scanne versteckte Dateien...

Scan erfolgreich abgeschlossen
versteckte Dateien: 0

**************************************************************************
.
--------------------- Gesperrte Registrierungsschluessel ---------------------

[HKEY_USERS\S-1-5-21-3598312876-1066895871-4027723870-1007\Software\SecuROM\License information*]
"datasecu"=hex:14,a9,b3,2e,57,83,53,50,3e,4d,f7,4d,65,e2,a6,0e,a0,97,26,59,86,
  b2,78,ae,34,bc,91,30,93,2b,a1,54,3d,20,76,99,d5,8b,cd,f3,d2,81,16,33,7a,61,\
"rkeysecu"=hex:38,0d,cf,b4,b4,16,7c,95,9c,04,ff,65,61,55,70,2b

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10i_ActiveX.exe,-101"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10i_ActiveX.exe"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"

[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Reinstall\Ü¥*º€Y]
"DisplayName"="??"
"DeviceDesc"="??"
"ProviderName"="?\11???\11\08"
"MFG"="?\08???"
"ReinstallString"=".10.1000.5"
"DeviceInstanceIds"=multi:"c:\\ati\\support\\5-7-igp_xp-2k_dd_cp_wdm_sb_gart_24085\\sbdrv\\smbus\\smbusati.inf\00"

[HKEY_LOCAL_MACHINE\software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
"??"=hex:5f,09,a0,6d,3a,b3,05,61,38,ea,47,b9,62,61,0b,7f,ab,c5,9e,c3,08,14,e7,
  1a,52,8e,51,0d,8b,d9,db,e6,8e,de,37,68,00,62,56,83,e0,a1,39,51,2b,08,58,6f,\
"??"=hex:64,25,87,22,fe,95,be,27,30,77,e7,7a,0a,b3,1c,5e
.
--------------------- Durch laufende Prozesse gestartete DLLs ---------------------

- - - - - - - > 'winlogon.exe'(804)
c:\windows\system32\Ati2evxx.dll
c:\programme\TuneUp WinStyler\WinStylerThemeHelper.dll

- - - - - - - > 'lsass.exe'(860)
c:\programme\TuneUp WinStyler\WinStylerThemeHelper.dll

- - - - - - - > 'explorer.exe'(1124)
c:\programme\TuneUp WinStyler\WinStylerThemeHelper.dll
c:\progra~1\WINDOW~2\wmpband.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\programme\Avira\AntiVir Desktop\avguard.exe
c:\programme\Avira\AntiVir Desktop\avshadow.exe
c:\windows\system32\Ati2evxx.exe
c:\programme\TuneUp WinStyler\WinStylerThemeSvc.exe
c:\windows\system32\Ati2evxx.exe
c:\windows\System32\wudfhost.exe
c:\windows\system32\LEXBCES.EXE
c:\windows\system32\LEXPPS.EXE
c:\windows\system32\UAService7.exe
c:\windows\system32\rundll32.exe
c:\windows\RTHDCPL.EXE
c:\programme\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
c:\programme\Microsoft IntelliType Pro\dpupdchk.exe
c:\programme\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2010-09-11  18:17:47 - PC wurde neu gestartet
ComboFix-quarantined-files.txt  2010-09-11 16:17
ComboFix2.txt  2010-09-07 21:51

Vor Suchlauf: 90 Verzeichnis(se), 18.672.091.136 Bytes frei
Nach Suchlauf: 90 Verzeichnis(se), 18.866.208.768 Bytes frei

WindowsXP-KB310994-SP2-Home-BootDisk-DEU.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(2)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(2)\WINDOWS="Microsoft Windows XP Home Edition" /noexecute=optin /fastdetect /usepmtimer

- - End Of File - - 486C0632C0648F8E6AC1E1D951C599E8
--- --- ---

john.doe 11.09.2010 20:03
Hast du den Regcleaner von Avira nicht laufen lassen?
Zitat:
Genaue Bezeichnung meiner Tastatur: "Microsoft Keyboard Elite for Bluetooth"
Finde ich nicht. :( Solltest du einen Treiber dafür greifbar haben, installiere den neu.
Zitat:
Kann der Internetexplorer wieder runter?
Theoretisch ja, praktisch nein. Nutze ihn nur für manuelle Windowsupdates und Onlinescanner.

Scripten mit Combofix
  • Öffne den Editor (Start => Zubehör => Editor ) kopiere nun folgenden Text in das weiße Feld:
Code:
KILLALL::

Driver::
mchInjDrv

RegLock::
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]

Registry::
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MSPY2002"=-
"Adobe Reader Speed Launcher"=-
Speichere diese Datei nun auf dem Desktop unter -> cfscript.txt
  • Nun die Datei cfscript.txt auf das Symbol von Combofix ziehen!
http://users.pandora.be/bluepatchy/m...s/CFScript.gif
  • Danach das Log von Combofix posten.


Hinweis: Das obige Script ist nur für diesen einen User in dieser Situtation erstellt worden. Es ist auf keinen anderen Rechner portierbar und darf nicht anderweitig verwandt werden, da es das System nachhaltig schädigen kann.

ciao, andreas

.Anti. 12.09.2010 14:11
Avira hatte ich deinstalliert, einschließlich Regcleaner durchlaufen lassen...
Ein Key blieb über, und zwar dieser:
Zitat:
HKEY_LOCAL_MACHINE\system\controlset002\services\ssmdrv
Hab's zweimal probiert (Neuinstallation - Deinstallation - Regcleaner), blieb jedoch bestehend...


Für die Tastatur habe ich "Intellitype Pro" schon von Microsoft neuinstalliert, Tasten funzen trotzdem noch nicht... Hardwareproblem?


Und jetzt kommt der CF-Fix, Log kommt gleich.

LG Finn

.Anti. 12.09.2010 14:30
Da sind immernoch so viele Avira-Einträge... muss ich bei dem Registery-Cleaner irgendwas zusätzlich einstellen?

Derzeit werden nur diese durchsucht:
Zitat:
HKEY_CURRENT_USER
HKEY_LOCAL_MACHINE
Combofix Logfile:
Code:
ComboFix 10-09-11.03 - Ich 12.09.2010  15:18:25.3.2 - FAT32x86
Microsoft Windows XP Home Edition  5.1.2600.3.1252.49.1031.18.1534.1008 [GMT 2:00]
ausgeführt von:: c:\dokumente und einstellungen\Ich\Desktop\cofi.exe
Benutzte Befehlsschalter :: c:\dokumente und einstellungen\Ich\Desktop\CFScript.txt
AV: Avira AntiVir PersonalEdition Classic *On-access scanning disabled* (Updated) {81C58DDC-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning disabled* (Updated) {81C9D65C-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning disabled* (Updated) {81CB2DDC-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning disabled* (Updated) {81CCC5C4-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning disabled* (Updated) {FF792804-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning disabled* (Updated) {FFBC2BDC-FFA4-0117-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Outdated) {00000000-0000-0000-0000-000000000000}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Outdated) {7C920732-0013-0000-180A-960000009600}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {00000246-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81BA13DC-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81BAAA1C-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81BAE65C-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81BB1BC4-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81BB4A1C-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81BB7DDC-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81BC5DDC-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81BFF054-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81C10984-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81C1752C-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81C1E5DC-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81C1FA1C-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81C20C0C-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81C35DDC-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81C37A44-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81C4A83C-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81C4BDDC-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81C4D684-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81C52054-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81C57554-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81C579AC-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81C5D984-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81C67BFC-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81C6B054-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81C6B65C-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81C6E70C-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81C7147C-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81C728BC-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81C75AC4-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81C83A1C-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81C89BFC-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81C8CBD4-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81C8DA1C-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81C8DB5C-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81C8E3E4-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81C90B64-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81C90DDC-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81C91A1C-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81C92A1C-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81C9347C-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81C95A2C-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81C974C4-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81C9783C-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81C9947C-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81C9BA1C-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81C9C27C-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81C9C394-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81C9CB64-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81C9CDDC-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81C9D7BC-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81C9E324-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81C9E34C-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81C9F83C-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CA0A94-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CA1054-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CA13F4-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CA15DC-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CA229C-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CA265C-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CA2A1C-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CA33F4-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CA3BFC-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CA4054-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CA668C-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CA7054-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CA72EC-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CA76FC-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CA7754-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CA7D0C-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CA7DDC-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CA8544-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CA9894-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CAA48C-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CAA4CC-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CAA65C-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CAA83C-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CAA844-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CAAC2C-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CAB83C-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CABDDC-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CACA3C-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CACDAC-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CAD79C-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CADC0C-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CAE3B4-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CAE92C-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CAEBF4-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CAF054-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CAF9A4-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CAFD44-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CB0ABC-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CB157C-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CB1664-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CB1BFC-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CB2254-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CB27CC-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CB2984-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CB2AE4-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CB2C14-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CB2CA4-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CB34A4-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CB34F4-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CB3DDC-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CB4BEC-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CB4BFC-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CB4C24-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CB5054-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CB580C-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CB5DDC-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CB6A1C-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CB72F4-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CB774C-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CB7BF4-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CB7DDC-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CB848C-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CB8D8C-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CB9A1C-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CB9DDC-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CBA2AC-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CBA72C-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CBADDC-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CBB83C-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CBBB64-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CBBDDC-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CBC5C4-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CBC83C-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CBCBFC-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CBCDDC-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CBD564-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CBD874-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CBDBFC-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CBDC74-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CBDDDC-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CBE67C-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CBE83C-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CBEB54-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CBF65C-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CBFA1C-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CBFDDC-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CC08E4-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CC0B14-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CC0DDC-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CC1854-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CC1A64-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CC1BFC-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CC1DDC-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CC365C-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CC3C04-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CC45C4-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CC483C-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CC485C-FFA4-0117-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CC4BFC-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CC5DDC-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CC6054-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CC64CC-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CC66EC-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CC6BFC-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CC6DDC-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CC747C-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CC783C-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CC7B64-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CC7BFC-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CC884C-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CC8DDC-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CC947C-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CC9BFC-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CC9DDC-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CCA47C-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CCA484-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CCA65C-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CCA7D4-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CCA84C-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CCBB64-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CCC47C-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CCC85C-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CCD484-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CCDDDC-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CCE7CC-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CCE83C-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CCEA1C-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CCF47C-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CCF65C-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CCFA1C-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CCFA34-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CCFBFC-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CD0574-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CD05AC-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CD0DDC-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CD240C-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CD266C-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CD2A1C-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CD2A24-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CD3664-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CD43E4-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CD447C-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CD4494-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CD4A1C-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CD4A34-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CD4AF4-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CD55D4-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CD58D4-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CD5DDC-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CD6C04-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CD6DDC-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CD7534-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CD75E4-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CD7DDC-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CD8664-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CD883C-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CD8A1C-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CD8BFC-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CD9944-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CD9A8C-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CD9DDC-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CDA3E4-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CDA49C-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CDA864-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CDABFC-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CDAC0C-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CDB47C-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CDB99C-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CDBDDC-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CDC664-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CDC87C-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CDC97C-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CDCBBC-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CDCBFC-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CDD65C-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CDD7A4-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CDDBFC-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CDEA24-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CDEDDC-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CDF404-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CDF684-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CDF7AC-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CE0DDC-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CE1784-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CE1B64-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CE1C34-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CE2344-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CE2A3C-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CE3A34-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CE4C04-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CE6494-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CE6A1C-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CE7A64-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CE7DDC-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CE8DDC-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CEA86C-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CEB5C4-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CEB864-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CECAD4-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CEEBFC-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CEEDDC-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CFAA1C-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CFB7B4-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CFBD1C-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CFC054-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81D0165C-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81D017BC-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81D047A4-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81D06844-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81D0C484-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81D0D054-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81D0DBFC-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81D0E67C-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81D11DDC-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81D12A1C-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81D14DDC-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81D17DDC-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81D1C7BC-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81D1FDDC-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81D20A1C-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81D236EC-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81D26844-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81D2A694-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81D2DB04-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81D2EB64-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81D37A9C-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81D3BDDC-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81D47DDC-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81D4BC0C-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81D4E3E4-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81D545AC-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81D619BC-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81D79A1C-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81D8ADDC-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81D9570C-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81DB96DC-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81DCFDDC-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {823A3664-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {823C63E4-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {823C7AB4-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {823C85CC-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {823D1B5C-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {82622694-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8285C43C-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8286643C-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {BADB0D00-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {FDC609D4-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {FF59096C-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {FF68F054-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {FFBC3DDC-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {FFDFF540-FFA4-0105-0D24-347CA8A3377C}
AV: Kaspersky Anti-Virus *On-access scanning enabled* (Updated) {2C4D4BC6-0793-4956-A9F9-E252435469C0}
.

((((((((((((((((((((((((((((((((((((  Weitere Löschungen  ))))))))))))))))))))))))))))))))))))))))))))))))
.

.
(((((((((((((((((((((((((((((((((((((((  Treiber/Dienste  )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Legacy_MCHINJDRV
-------\Service_mchInjDrv


(((((((((((((((((((((((  Dateien erstellt von 2010-08-12 bis 2010-09-12  ))))))))))))))))))))))))))))))
.

2010-09-11 15:19 . 2010-09-11 15:19    --------    d-----w-    c:\programme\Gemeinsame Dateien\Adobe
2010-09-11 10:55 . 2010-09-11 10:55    --------    d-sh--w-    c:\dokumente und einstellungen\LocalService\IETldCache
2010-09-10 19:16 . 2008-10-22 22:00    111928    ------w-    c:\windows\system32\BRRBTOOL.EXE
2010-09-10 19:16 . 2006-12-21 09:23    176128    ------w-    c:\windows\system32\BROSNMP.DLL
2010-09-10 19:15 . 2010-09-10 19:19    54    ----a-w-    c:\windows\system32\bd2030.dat
2010-09-09 22:51 . 2010-09-09 22:51    --------    d-sh--w-    c:\dokumente und einstellungen\Ich\PrivacIE
2010-09-09 22:38 . 2010-09-09 22:38    --------    d-----w-    c:\dokumente und einstellungen\Ich\Lokale Einstellungen\Anwendungsdaten\IsolatedStorage
2010-09-09 21:12 . 2010-09-09 21:12    --------    d-sh--w-    c:\dokumente und einstellungen\Ich\IETldCache
2010-09-09 21:03 . 2010-09-09 21:03    --------    d-----w-    c:\windows\ie8updates
2010-09-09 21:01 . 2010-09-09 21:01    --------    d--h--w-    c:\windows\ie8
2010-09-09 20:55 . 2010-06-18 11:39    16896    ------w-    c:\windows\system32\dllcache\iecompat.dll
2010-09-09 20:55 . 2010-06-24 12:22    12800    ------w-    c:\windows\system32\dllcache\xpshims.dll
2010-09-09 20:55 . 2010-06-24 12:21    247808    ------w-    c:\windows\system32\dllcache\ieproxy.dll
2010-09-09 20:55 . 2010-06-24 12:21    743424    ------w-    c:\windows\system32\dllcache\iedvtool.dll
2010-09-08 14:32 . 2010-09-08 14:32    --------    d-----w-    c:\programme\Microsoft IntelliType Pro
2010-09-08 04:46 . 2010-09-08 04:46    --------    d-----w-    c:\dokumente und einstellungen\Ich\Anwendungsdaten\Skype
2010-09-08 04:46 . 2010-09-08 04:46    --------    d-----w-    c:\dokumente und einstellungen\All Users\Anwendungsdaten\Skype
2010-09-07 23:05 . 2010-09-07 23:05    --------    d-----w-    c:\dokumente und einstellungen\Ich\Anwendungsdaten\InstallShield
2010-09-07 19:12 . 2010-09-07 19:12    --------    d-----w-    c:\programme\trend micro
2010-09-07 16:28 . 2010-06-14 14:31    744448    ------w-    c:\windows\system32\dllcache\helpsvc.exe
2010-09-07 15:06 . 2010-09-07 15:06    --------    d-----w-    c:\windows\system32\Adobe
2010-09-07 14:59 . 2010-09-07 14:59    --------    d-----w-    c:\programme\Windows Sidebar
2010-09-06 21:29 . 2010-09-06 21:29    --------    d-----w-    C:\_OTL
2010-09-06 20:16 . 2010-09-06 20:16    --------    d-----w-    c:\dokumente und einstellungen\Ich\Anwendungsdaten\Malwarebytes
2010-09-06 20:16 . 2010-04-29 13:39    38224    ----a-w-    c:\windows\system32\drivers\mbamswissarmy.sys
2010-09-06 20:16 . 2010-09-06 20:16    --------    d-----w-    c:\dokumente und einstellungen\All Users\Anwendungsdaten\Malwarebytes
2010-09-06 20:16 . 2010-04-29 13:39    20952    ----a-w-    c:\windows\system32\drivers\mbam.sys
2010-09-06 14:35 . 2010-09-06 14:35    --------    d-----w-    c:\dokumente und einstellungen\Ich\Anwendungsdaten\Mp3tag
2010-09-06 14:07 . 2010-09-06 14:07    --------    d-----w-    c:\dokumente und einstellungen\Ich\Anwendungsdaten\DVDVideoSoftIEHelpers
2010-09-02 18:30 . 2010-09-02 18:30    159072    ----a-w-    c:\dokumente und einstellungen\LocalService\Lokale Einstellungen\Anwendungsdaten\FontCache3.0.0.0.dat
2010-09-01 19:27 . 2010-09-01 19:27    --------    d-----w-    c:\dokumente und einstellungen\Ich\Anwendungsdaten\Nokia Ovi Suite
2010-09-01 02:05 . 2010-09-01 02:05    --------    d-----w-    c:\dokumente und einstellungen\Ich\Lokale Einstellungen\Anwendungsdaten\NokiaAccount
2010-09-01 01:50 . 2010-09-01 01:50    --------    d-----w-    c:\windows\Globalization
2010-09-01 01:50 . 2010-09-01 01:50    --------    d-----w-    c:\dokumente und einstellungen\All Users\Anwendungsdaten\NokiaMusic
2010-09-01 01:50 . 2010-09-01 01:50    --------    d-----w-    c:\dokumente und einstellungen\Ich\Lokale Einstellungen\Anwendungsdaten\Nokia
2010-09-01 01:44 . 2008-08-26 08:26    18816    ----a-w-    c:\windows\system32\drivers\pccsmcfd.sys
2010-09-01 01:44 . 2010-09-01 01:44    --------    d-----w-    c:\programme\PC Connectivity Solution
2010-09-01 01:43 . 2010-07-21 15:07    1461992    ----a-w-    c:\windows\system32\wdfcoinstaller01009.dll
2010-09-01 01:43 . 2010-02-26 12:32    662016    ----a-w-    c:\windows\system32\nmwcdcocls.dll
2010-09-01 01:43 . 2010-02-26 12:32    18176    ----a-w-    c:\windows\system32\drivers\ccdcmb.sys
2010-09-01 01:41 . 2010-09-01 01:41    12212040    ----a-w-    c:\dokumente und einstellungen\All Users\Anwendungsdaten\NokiaInstallerCache\ProductCache\{D5878294-C113-43c5-A24F-FC333C52015A}\Installer\CommonCustomActions\WMFDist11-WindowsXP-X86-ENU.exe
2010-09-01 01:41 . 2010-09-01 01:41    13930312    ----a-w-    c:\dokumente und einstellungen\All Users\Anwendungsdaten\NokiaInstallerCache\ProductCache\{D5878294-C113-43c5-A24F-FC333C52015A}\Installer\CommonCustomActions\WMFDist11-WindowsXP-X64-ENU.exe
2010-09-01 01:41 . 2010-09-01 01:41    77824    ----a-w-    c:\dokumente und einstellungen\All Users\Anwendungsdaten\NokiaInstallerCache\ProductCache\{D5878294-C113-43c5-A24F-FC333C52015A}\Installer\CommonCustomActions\Run_XML6_SP1.exe
2010-09-01 01:41 . 2010-09-01 01:41    50000    ----a-w-    c:\dokumente und einstellungen\All Users\Anwendungsdaten\NokiaInstallerCache\ProductCache\{D5878294-C113-43c5-A24F-FC333C52015A}\Installer\CommonCustomActions\pcswpc.exe
2010-09-01 01:41 . 2010-09-01 01:41    38912    ----a-w-    c:\dokumente und einstellungen\All Users\Anwendungsdaten\NokiaInstallerCache\ProductCache\{D5878294-C113-43c5-A24F-FC333C52015A}\Installer\CommonCustomActions\WMF11Runx86.exe
2010-09-01 01:41 . 2010-09-01 01:41    38912    ----a-w-    c:\dokumente und einstellungen\All Users\Anwendungsdaten\NokiaInstallerCache\ProductCache\{D5878294-C113-43c5-A24F-FC333C52015A}\Installer\CommonCustomActions\WMF11Runx64.exe
2010-09-01 01:40 . 2010-09-01 01:40    103412296    ----a-w-    c:\dokumente und einstellungen\All Users\Anwendungsdaten\NokiaInstallerCache\ProductCache\{D5878294-C113-43c5-A24F-FC333C52015A}\Installer.exe
2010-09-01 01:40 . 2010-09-01 01:40    --------    d-----w-    c:\dokumente und einstellungen\All Users\Anwendungsdaten\NokiaInstallerCache

.
((((((((((((((((((((((((((((((((((((  Find3M Bericht  ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-09-12 13:22 . 2006-01-09 17:41    4661    ----a-w-    c:\windows\bthservsdp.dat
2010-09-08 16:22 . 2007-01-26 14:46    71688    ----a-w-    c:\dokumente und einstellungen\Ich\Lokale Einstellungen\Anwendungsdaten\GDIPFONTCACHEV1.DAT
2010-09-08 14:32 . 2010-09-08 14:32    0    ---ha-w-    c:\windows\system32\drivers\Msft_Kernel_NuidFltr_01009.Wdf
2010-09-01 02:13 . 2010-09-01 02:13    0    ---ha-w-    c:\windows\system32\drivers\Msft_User_PCCSWpdDriver_01_09_00.Wdf
2010-09-01 02:12 . 2010-09-01 02:12    0    ---ha-w-    c:\windows\system32\drivers\MsftWdf_user_01_09_00.Wdf
2010-09-01 02:07 . 2010-09-01 02:07    0    ---ha-w-    c:\windows\system32\drivers\Msft_Kernel_ccdcmb_01009.Wdf
2010-09-01 02:07 . 2010-09-01 02:07    0    ---ha-w-    c:\windows\system32\drivers\MsftWdf_Kernel_01009_Coinstaller_Critical.Wdf
2010-08-11 02:42 . 2010-08-11 02:42    --------    d-----w-    c:\dokumente und einstellungen\All Users\Anwendungsdaten\Blizzard Entertainment
2010-08-11 02:41 . 2010-08-11 02:41    --------    d-----w-    c:\dokumente und einstellungen\All Users\Anwendungsdaten\Blizzard
2010-08-09 15:06 . 2010-08-09 15:06    503808    ----a-w-    c:\dokumente und einstellungen\Ich\Anwendungsdaten\Sun\Java\Deployment\SystemCache\6.0\4\7ec4bf04-3bdcbca5-n\msvcp71.dll
2010-08-09 15:06 . 2010-08-09 15:06    499712    ----a-w-    c:\dokumente und einstellungen\Ich\Anwendungsdaten\Sun\Java\Deployment\SystemCache\6.0\4\7ec4bf04-3bdcbca5-n\jmc.dll
2010-08-09 15:06 . 2010-08-09 15:06    348160    ----a-w-    c:\dokumente und einstellungen\Ich\Anwendungsdaten\Sun\Java\Deployment\SystemCache\6.0\4\7ec4bf04-3bdcbca5-n\msvcr71.dll
2010-08-09 15:06 . 2010-08-09 15:06    61440    ----a-w-    c:\dokumente und einstellungen\Ich\Anwendungsdaten\Sun\Java\Deployment\SystemCache\6.0\42\4488892a-25dee2c2-n\decora-sse.dll
2010-08-09 15:06 . 2010-08-09 15:06    12800    ----a-w-    c:\dokumente und einstellungen\Ich\Anwendungsdaten\Sun\Java\Deployment\SystemCache\6.0\42\4488892a-25dee2c2-n\decora-d3d.dll
2010-07-31 17:49 . 2010-07-31 17:49    --------    d-----w-    c:\programme\Gemeinsame Dateien\Skype
2010-07-21 15:07 . 2009-04-08 14:54    21520    ----a-w-    c:\windows\system32\drivers\nuidfltr.sys
2010-07-17 03:00 . 2010-04-25 20:54    423656    ----a-w-    c:\windows\system32\deployJava1.dll
2010-07-02 17:53 . 2010-07-02 17:53    17    ----a-w-    c:\windows\system32\shortcut_ex.dat
2010-06-30 12:28 . 2005-10-22 05:13    149504    ----a-w-    c:\windows\system32\schannel.dll
2010-06-24 12:22 . 2005-10-22 05:13    916480    ----a-w-    c:\windows\system32\wininet.dll
2010-06-24 09:02 . 2005-10-22 05:13    1852032    ----a-w-    c:\windows\system32\win32k.sys
2010-06-21 15:27 . 2005-10-22 05:13    354304    ----a-w-    c:\windows\system32\drivers\srv.sys
2010-06-17 14:03 . 2005-10-22 05:13    80384    ----a-w-    c:\windows\system32\iccvid.dll
2010-06-14 15:06 . 2010-06-14 15:06    61440    ----a-w-    c:\dokumente und einstellungen\Ich\Anwendungsdaten\Sun\Java\Deployment\SystemCache\6.0\50\5535ab32-2a686978-n\decora-sse.dll
2010-06-14 15:06 . 2010-06-14 15:06    12800    ----a-w-    c:\dokumente und einstellungen\Ich\Anwendungsdaten\Sun\Java\Deployment\SystemCache\6.0\50\5535ab32-2a686978-n\decora-d3d.dll
2010-06-14 15:06 . 2010-06-14 15:06    503808    ----a-w-    c:\dokumente und einstellungen\Ich\Anwendungsdaten\Sun\Java\Deployment\SystemCache\6.0\46\f84c6ae-3c6f0084-n\msvcp71.dll
2010-06-14 15:06 . 2010-06-14 15:06    499712    ----a-w-    c:\dokumente und einstellungen\Ich\Anwendungsdaten\Sun\Java\Deployment\SystemCache\6.0\46\f84c6ae-3c6f0084-n\jmc.dll
2010-06-14 15:06 . 2010-06-14 15:06    348160    ----a-w-    c:\dokumente und einstellungen\Ich\Anwendungsdaten\Sun\Java\Deployment\SystemCache\6.0\46\f84c6ae-3c6f0084-n\msvcr71.dll
2010-06-14 14:31 . 2005-10-22 05:24    744448    ----a-w-    c:\windows\pchealth\helpctr\binaries\HelpSvc.exe
2007-05-31 17:43 . 2007-05-31 17:43    703258    ----a-w-    c:\programme\JUN2007_d3dx10_34_x64.cab
2007-05-31 17:43 . 2007-05-31 17:43    701218    ----a-w-    c:\programme\JUN2007_d3dx10_34_x86.cab
2007-05-31 17:43 . 2007-05-31 17:43    1611772    ----a-w-    c:\programme\JUN2007_d3dx9_34_x64.cab
2007-05-31 17:43 . 2007-05-31 17:43    200646    ----a-w-    c:\programme\JUN2007_XACT_x64.cab
2007-05-31 17:43 . 2007-05-31 17:43    1610203    ----a-w-    c:\programme\JUN2007_d3dx9_34_x86.cab
2007-05-31 17:43 . 2007-05-31 17:43    155892    ----a-w-    c:\programme\JUN2007_XACT_x86.cab
2007-05-31 17:43 . 2007-05-31 17:43    44687    ----a-w-    c:\programme\dxdllreg_x86.cab
.

((((((((((((((((((((((((((((  Autostartpunkte der Registrierung  ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BluetoothAuthenticationAgent"="bthprops.cpl" [2008-04-14 110592]
"ToADiMon.exe"="d:\programme\T-Online\T-Online_Software_6\Basis-Software\Basis1\ToADiMon.exe" [2005-06-27 278528]
"High Definition Audio Property Page Shortcut"="HDAShCut.exe" [2005-01-07 61952]
"RTHDCPL"="RTHDCPL.EXE" [2005-07-01 14477312]
"StartCCC"="c:\programme\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2009-02-03 61440]
"itype"="c:\programme\Microsoft IntelliType Pro\itype.exe" [2010-07-21 1778064]
"Adobe ARM"="c:\programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe" [2010-06-09 976832]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"InfoCockpit"="d:\programme\T-Online\T-Online_Software_6\Info-Cockpit\INFOCOCKPIT.EXE" [2005-11-29 847872]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
@="Service"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaMServer]
c:\programme\Gemeinsame Dateien\Nokia\MPlatform\NokiaMServer [X]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Malwarebytes Anti-Malware (reboot)]
2010-04-29 13:39    1090952    ----a-w-    d:\programme\Malwarebytes' Anti-Malware\mbam.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaMusic FastStart]
2010-03-04 13:10    2192672    ----a-w-    c:\programme\Nokia\Ovi Player\NokiaOviPlayer.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ntiMUI]
2005-05-11 16:15    45056    ----a-w-    c:\programme\NewTech Infosystems\NTI CD & DVD-Maker 7\ntiMUI.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Profiler]
2004-01-28 07:19    159744    ----a-w-    c:\programme\Saitek\Software\Profiler.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SaiSmart]
2004-01-28 07:19    98304    ----a-w-    c:\programme\Saitek\Software\SaiSmart.exe

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"d:\\Programme\\LucasArts\\Star Wars Battlefront II\\GameData\\BattlefrontII.exe"=
"c:\\WINDOWS\\System32\\LEXPPS.EXE"=
"c:\\WINDOWS\\System32\\dplaysvr.exe"=
"c:\\WINDOWS\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\WINDOWS\\system32\\sessmgr.exe"=
"d:\\Programme\\T-Online\\T-Online_Software_6\\Browser\\browser.exe"=
"c:\\Programme\\Messenger\\msmsgs.exe"=
"c:\\Programme\\TeamViewer\\Version4\\TeamViewer.exe"=
"c:\\Programme\\Nokia\\Nokia Software Updater\\nsu_ui_client.exe"=
"c:\\Programme\\Java\\jre6\\bin\\java.exe"=
"c:\\Programme\\Microsoft Games\\Rise Of Legends\\legends.exe"=
"d:\\Programme\\ICQ6.5\\ICQ.exe"=
"c:\\Programme\\Skype\\Plugin Manager\\skypePM.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"d:\\Programme\\ICQ7.0\\ICQ.exe"=
"d:\\Programme\\ICQ7.0\\aolload.exe"=
"d:\\Programme\\Steam\\Steam.exe"=
"c:\\Dokumente und Einstellungen\\Ich\\Desktop\\Counter-Strike Source\\hl2.exe"=
"c:\\Programme\\Pando Networks\\Media Booster\\PMB.exe"=
"d:\\Programme\\Steam\\SteamApps\\weithoff007\\counter-strike source\\hl2.exe"=
"c:\\Dokumente und Einstellungen\\Ich\\Desktop\\Warcraft3\\Warcraft III.exe"=
"c:\\Programme\\Skype\\Phone\\Skype.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3724:TCP"= 3724:TCP:Blizzard Downloader: 3724
"8394:TCP"= 8394:TCP:League of Legends Launcher
"8394:UDP"= 8394:UDP:League of Legends Launcher
"58096:TCP"= 58096:TCP:Pando Media Booster
"58096:UDP"= 58096:UDP:Pando Media Booster
"6965:TCP"= 6965:TCP:League of Legends Launcher
"6965:UDP"= 6965:UDP:League of Legends Launcher

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\IcmpSettings]
"AllowInboundEchoRequest"= 1 (0x1)

R0 SI3112r;ATI-437A Serial ATA Controller;c:\windows\system32\drivers\SI3112r.sys [18.10.2006 03:56 97920]
R2 cvhsvc;Client Virtualization Handler;c:\programme\Gemeinsame Dateien\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [26.09.2009 07:35 819600]
R2 sftlist;Application Virtualization Client;c:\programme\Microsoft Application Virtualization Client\sftlist.exe [23.09.2009 15:04 447832]
R3 sftfs;sftfs;c:\programme\Microsoft Application Virtualization Client\drivers\SftFSXP.sys [23.09.2009 15:04 543064]
R3 sftplay;sftplay;c:\programme\Microsoft Application Virtualization Client\drivers\sftplayxp.sys [23.09.2009 15:04 190312]
R3 Sftredir;Sftredir;c:\windows\system32\drivers\Sftredirxp.sys [23.09.2009 15:05 21864]
R3 sftvol;sftvol;c:\programme\Microsoft Application Virtualization Client\drivers\SftVolXP.sys [23.09.2009 15:04 14680]
R3 sftvsa;Application Virtualization Service Agent;c:\programme\Microsoft Application Virtualization Client\sftvsa.exe [23.09.2009 15:04 203608]
S3 AVerA700;A700 service;c:\windows\system32\drivers\AVerBDA3x.sys [24.12.2007 17:27 985472]
S3 MIINPazX;MIINPazX NDIS Protocol Driver;c:\progra~1\GEMEIN~1\MARMIK~1\MInfraIS\MIINPazX.SYS [01.09.2006 17:49 17152]
S3 MTOnlPktAlyX;MTOnlPktAlyX NDIS Protocol Driver;\??\d:\progra~1\T-Online\T-ONLI~1\BASIS-~1\Basis1\MTOnlPktAlyX.SYS --> d:\progra~1\T-Online\T-ONLI~1\BASIS-~1\Basis1\MTOnlPktAlyX.SYS [?]
S3 osppsvc;Office Software Protection Platform;c:\programme\Gemeinsame Dateien\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [26.09.2009 04:28 4639136]
S3 ovt530;TM507A USB Camera;c:\windows\system32\Drivers\ov530vid.sys --> c:\windows\system32\Drivers\ov530vid.sys [?]
S3 SaiH0464;SaiH0464;c:\windows\system32\drivers\SaiH0464.sys [15.01.2006 11:48 55808]
S4 sptd;sptd;c:\windows\system32\drivers\sptd.sys [15.06.2009 22:23 717296]

--- Andere Dienste/Treiber im Speicher ---

*NewlyCreated* - MCHINJDRV
*Deregistered* - mchInjDrv
.
Inhalt des "geplante Tasks" Ordners

2010-09-08 c:\windows\Tasks\Microsoft_Hardware_Launch_IType_exe.job
- c:\programme\Microsoft IntelliType Pro\itype.exe [2010-07-21 15:07]
.
.
------- Zusätzlicher Suchlauf -------
.
uInternet Connection Wizard,ShellNext = iexplore
FF - ProfilePath - c:\dokumente und einstellungen\Ich\Anwendungsdaten\Mozilla\Firefox\Profiles\qsoxuf7j.default\
FF - prefs.js: browser.startup.homepage - schueler.cc|travian.at|youtube.com
FF - plugin: c:\dokumente und einstellungen\Ich\Lokale Einstellungen\Anwendungsdaten\Google\Update\1.2.183.29\npGoogleOneClick8.dll
FF - plugin: c:\progra~1\MICROS~3\Office14\NPSPWRAP.DLL
FF - plugin: c:\program files\Real\RealPlayer\Netscape6\nppl3260.dll
FF - plugin: c:\program files\Real\RealPlayer\Netscape6\nprjplug.dll
FF - plugin: c:\program files\Real\RealPlayer\Netscape6\nprpjplug.dll
FF - plugin: c:\programme\Java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\programme\Pando Networks\Media Booster\npPandoWebPlugin.dll
FF - plugin: d:\programme\QuickTime\Plugins\npqtplugin.dll
FF - plugin: d:\programme\QuickTime\Plugins\npqtplugin2.dll
FF - plugin: d:\programme\QuickTime\Plugins\npqtplugin3.dll
FF - plugin: d:\programme\QuickTime\Plugins\npqtplugin4.dll
FF - plugin: d:\programme\QuickTime\Plugins\npqtplugin5.dll
FF - plugin: d:\programme\QuickTime\Plugins\npqtplugin6.dll
FF - plugin: d:\programme\QuickTime\Plugins\npqtplugin7.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

---- FIREFOX Richtlinien ----
c:\programme\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbaam7a8h", true);
c:\programme\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true);
c:\programme\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled", false);
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, hxxp://www.gmer.net
Rootkit scan 2010-09-12 15:24
Windows 5.1.2600 Service Pack 3 FAT NTAPI

Scanne versteckte Prozesse...

Scanne versteckte Autostarteinträge...

Scanne versteckte Dateien...

Scan erfolgreich abgeschlossen
versteckte Dateien: 0

**************************************************************************
.
--------------------- Gesperrte Registrierungsschluessel ---------------------

[HKEY_USERS\S-1-5-21-3598312876-1066895871-4027723870-1007\Software\SecuROM\License information*]
"datasecu"=hex:14,a9,b3,2e,57,83,53,50,3e,4d,f7,4d,65,e2,a6,0e,a0,97,26,59,86,
  b2,78,ae,34,bc,91,30,93,2b,a1,54,3d,20,76,99,d5,8b,cd,f3,d2,81,16,33,7a,61,\
"rkeysecu"=hex:38,0d,cf,b4,b4,16,7c,95,9c,04,ff,65,61,55,70,2b

[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Reinstall\Ü¥*º€Y]
"DisplayName"="??"
"DeviceDesc"="??"
"ProviderName"="?\11???\11\08"
"MFG"="?\08???"
"ReinstallString"=".10.1000.5"
"DeviceInstanceIds"=multi:"c:\\ati\\support\\5-7-igp_xp-2k_dd_cp_wdm_sb_gart_24085\\sbdrv\\smbus\\smbusati.inf\00"

[HKEY_LOCAL_MACHINE\software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
"??"=hex:5f,09,a0,6d,3a,b3,05,61,38,ea,47,b9,62,61,0b,7f,ab,c5,9e,c3,08,14,e7,
  1a,52,8e,51,0d,8b,d9,db,e6,8e,de,37,68,00,62,56,83,e0,a1,39,51,2b,08,58,6f,\
"??"=hex:64,25,87,22,fe,95,be,27,30,77,e7,7a,0a,b3,1c,5e
.
--------------------- Durch laufende Prozesse gestartete DLLs ---------------------

- - - - - - - > 'winlogon.exe'(804)
c:\programme\TuneUp WinStyler\WinStylerThemeHelper.dll
c:\windows\system32\Ati2evxx.dll

- - - - - - - > 'lsass.exe'(860)
c:\programme\TuneUp WinStyler\WinStylerThemeHelper.dll

- - - - - - - > 'explorer.exe'(3720)
c:\programme\TuneUp WinStyler\WinStylerThemeHelper.dll
c:\progra~1\WINDOW~2\wmpband.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\windows\system32\Ati2evxx.exe
c:\programme\TuneUp WinStyler\WinStylerThemeSvc.exe
c:\windows\system32\Ati2evxx.exe
c:\windows\system32\LEXBCES.EXE
c:\windows\system32\LEXPPS.EXE
c:\windows\system32\UAService7.exe
c:\windows\system32\rundll32.exe
c:\windows\RTHDCPL.EXE
c:\programme\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
c:\programme\Microsoft IntelliType Pro\dpupdchk.exe
c:\programme\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2010-09-12  15:26:49 - PC wurde neu gestartet
ComboFix-quarantined-files.txt  2010-09-12 13:26
ComboFix2.txt  2010-09-11 16:17
ComboFix3.txt  2010-09-07 21:51

Vor Suchlauf: 89 Verzeichnis(se), 18.905.300.992 Bytes frei
Nach Suchlauf: 90 Verzeichnis(se), 18.890.752.000 Bytes frei

WindowsXP-KB310994-SP2-Home-BootDisk-DEU.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(2)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(2)\WINDOWS="Microsoft Windows XP Home Edition" /noexecute=optin /fastdetect /usepmtimer

- - End Of File - - 24760DEE2F664EEE2F75905CEB53BCD8
--- --- ---

.Anti. 14.09.2010 19:37
Sind wir fertig soweit? Oder hattest du bloß noch keine Zeit?


Alle Zeitangaben in WEZ +1. Es ist jetzt 04:45 Uhr.

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131