Trojaner-Board

Trojaner-Board (https://www.trojaner-board.de/)
-   Plagegeister aller Art und deren Bekämpfung (https://www.trojaner-board.de/plagegeister-aller-art-deren-bekaempfung/)
-   -   C:\WINDOWS\system32\krnln.fnr (Trojan.Agent) ua mit mwbam gefunden... (https://www.trojaner-board.de/92868-c-windows-system32-krnln-fnr-trojan-agent-ua-mwbam-gefunden.html)

pauls-mami 15.11.2010 11:23
C:\WINDOWS\system32\krnln.fnr (Trojan.Agent) ua mit mwbam gefunden...
 
Hallo Leute, bin grad am rechner von meinem lebensgefährten um den zu prüfen und finde natürlich auch gleich n paar sachen, die mir zu denken geben.

hab ich die nun erfolgreich entfernt oder sind die schädlinge noch drauf?
Danke schonmal, daß ihr euch meiner annehmt :dankeschoen:

Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Datenbank Version: 5118

Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702

15.11.2010 10:54:13
mbam-log-2010-11-15 (10-54-13).txt

Art des Suchlaufs: Vollständiger Suchlauf (A:\|C:\|D:\|F:\|)
Durchsuchte Objekte: 220371
Laufzeit: 1 Stunde(n), 40 Minute(n), 43 Sekunde(n)

Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 0
Infizierte Registrierungswerte: 0
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 0
Infizierte Dateien: 5

Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte:
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)

Infizierte Dateien:
C:\DelUS.bat (Malware.Trace) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\krnln.fnr (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\og.dll (Worm.AutoRun) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\og.EDT (Worm.AutoRun) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ul.dll (Worm.AutoRun) -> Quarantined and deleted successfully.



OTL logfile created on: 15.11.2010 11:15:08 - Run 1
OTL by OldTimer - Version 3.2.17.3 Folder = C:\Dokumente und Einstellungen\Enrico\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

2,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 77,00% Memory free
3,00 Gb Paging File | 3,00 Gb Available in Paging File | 90,00% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 76,68 Gb Total Space | 26,57 Gb Free Space | 34,65% Space Free | Partition Type: NTFS

Computer Name: ENNO | User Name: Enrico | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - C:\Dokumente und Einstellungen\Enrico\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Dokumente und Einstellungen\Enrico\Lokale Einstellungen\Apps\2.0\0PGGTNK5.VGG\3CVVLDAY.Z99\curs..tion_eee711038731a406_0004.0000_1829574f2226d088\CurseClient.exe (Curse)
PRC - C:\Programme\DivX\DivX Update\DivXUpdate.exe ()
PRC - C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)
PRC - C:\Programme\Logitech\SetPoint\SetPoint.exe (Logitech, Inc.)
PRC - C:\Programme\Gemeinsame Dateien\Logishrd\KHAL2\KHALMNPR.exe (Logitech, Inc.)
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\Programme\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe (Rocket Division Software)
PRC - C:\WINDOWS\system32\BRSVC01A.EXE (brother Industries Ltd)
PRC - C:\WINDOWS\system32\brss01a.exe (brother Industries Ltd)


========== Modules (SafeList) ==========

MOD - C:\Dokumente und Einstellungen\Enrico\Desktop\OTL.exe (OldTimer Tools)
MOD - C:\Programme\Logitech\SetPoint\lgscroll.dll (Logitech, Inc.)
MOD - C:\Programme\Logitech\SetPoint\GameHook.dll (Logitech, Inc.)
MOD - C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_e6967989\msvcr80.dll (Microsoft Corporation)
MOD - C:\WINDOWS\system32\framedyn.dll (Microsoft Corporation)


========== Win32 Services (SafeList) ==========

SRV - (Prime95 Service) -- C:\Programme\Prime95\prime95.exe File not found
SRV - (HotSpotFSvc) -- C:\Programme\Gemeinsame Dateien\T-COM\HotspotMgr\HotSpotFSvc.exe File not found
SRV - (AppMgmt) -- C:\WINDOWS\System32\appmgmts.dll File not found
SRV - (AVP) -- C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe (Kaspersky Lab ZAO)
SRV - (TomTomHOMEService) -- C:\Programme\TomTom HOME 2\TomTomHOMEService.exe (TomTom)
SRV - (LBTServ) -- C:\Programme\Gemeinsame Dateien\Logitech\Bluetooth\LBTServ.exe (Logitech, Inc.)
SRV - (StarWindServiceAE) -- C:\Programme\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe (Rocket Division Software)
SRV - (btwdins) -- C:\Programme\ASUS\Bluetooth Software\bin\btwdins.exe (Broadcom Corporation.)
SRV - (IDriverT) -- C:\Programme\Gemeinsame Dateien\InstallShield\Driver\11\Intel 32\IDriverT.exe (Macrovision Corporation)
SRV - (Brother XP spl Service) -- C:\WINDOWS\system32\BRSVC01A.EXE (brother Industries Ltd)


========== Driver Services (SafeList) ==========

DRV - (TSMPacket) -- C:\WINDOWS\System32\DRIVERS\tsmpkt.sys File not found
DRV - (sptd) -- C:\WINDOWS\System32\Drivers\sptd.sys File not found
DRV - (MEMSWEEP2) -- C:\WINDOWS\System32\4E.tmp File not found
DRV - (dsltestSp5) -- C:\WINDOWS\System32\Drivers\dsltestSp5.sys File not found
DRV - (nv) -- C:\WINDOWS\system32\drivers\nv4_mini.sys (NVIDIA Corporation)
DRV - (KLIF) -- C:\WINDOWS\system32\drivers\klif.sys (Kaspersky Lab)
DRV - (kl2) -- C:\WINDOWS\system32\drivers\kl2.sys (Kaspersky Lab ZAO)
DRV - (kl1) -- C:\WINDOWS\system32\drivers\kl1.sys (Kaspersky Lab ZAO)
DRV - (klim5) -- C:\WINDOWS\system32\drivers\klim5.sys (Kaspersky Lab ZAO)
DRV - (klmouflt) -- C:\WINDOWS\system32\drivers\klmouflt.sys (Kaspersky Lab)
DRV - (LMouFilt) -- C:\WINDOWS\system32\drivers\LMouFilt.Sys (Logitech, Inc.)
DRV - (LHidFilt) -- C:\WINDOWS\system32\drivers\LHidFilt.Sys (Logitech, Inc.)
DRV - (L8042Kbd) -- C:\WINDOWS\system32\drivers\L8042Kbd.sys (Logitech, Inc.)
DRV - (SVKP) -- C:\WINDOWS\system32\SVKP.sys (AntiCracking)
DRV - (ssmdrv) -- C:\WINDOWS\system32\drivers\ssmdrv.sys (AVIRA GmbH)
DRV - (gameenum) -- C:\WINDOWS\system32\drivers\gameenum.sys (Microsoft Corporation)
DRV - (HDAudBus) -- C:\WINDOWS\system32\drivers\hdaudbus.sys (Windows (R) Server 2003 DDK provider)
DRV - (IntcAzAudAddService) Service for Realtek HD Audio (WDM) -- C:\WINDOWS\system32\drivers\RtkHDAud.sys (Realtek Semiconductor Corp.)
DRV - (RTLE8023xp) -- C:\WINDOWS\system32\drivers\Rtenicxp.sys (Realtek Semiconductor Corporation )
DRV - (BTKRNL) -- C:\WINDOWS\system32\drivers\btkrnl.sys (Broadcom Corporation.)
DRV - (btwhid) -- C:\WINDOWS\system32\drivers\btwhid.sys (Broadcom Corporation.)
DRV - (BTWUSB) -- C:\WINDOWS\system32\drivers\btwusb.sys (Broadcom Corporation.)
DRV - (BTWDNDIS) -- C:\WINDOWS\system32\drivers\btwdndis.sys (Broadcom Corporation.)
DRV - (BTDriver) -- C:\WINDOWS\system32\drivers\btport.sys (Broadcom Corporation.)
DRV - (btaudio) -- C:\WINDOWS\system32\drivers\btaudio.sys (Broadcom Corporation.)
DRV - (StarOpen) -- C:\WINDOWS\System32\drivers\StarOpen.sys ()
DRV - (krait03) -- C:\WINDOWS\system32\drivers\krait.sys (Razer (Asia-Pacific) Pte Ltd)
DRV - (EIO) -- C:\WINDOWS\system32\drivers\EIO.sys (ASUSTeK Computer Inc.)
DRV - (nvnetbus) -- C:\WINDOWS\system32\drivers\nvnetbus.sys (NVIDIA Corporation)
DRV - (NVENETFD) -- C:\WINDOWS\system32\drivers\NVENETFD.sys (NVIDIA Corporation)
DRV - (Razerlow) -- C:\WINDOWS\system32\drivers\Razerlow.sys (Razer (Asia-Pacific) Pte Ltd)
DRV - (ULI5261XP) -- C:\WINDOWS\system32\drivers\ULILAN51.SYS (ULi Electronics Inc.)
DRV - (BrScnUsb) -- C:\WINDOWS\system32\drivers\BrScnUsb.sys (Brother Industries Ltd.)
DRV - (ALCXWDM) Service for Realtek AC97 Audio (WDM) -- C:\WINDOWS\system32\drivers\ALCXWDM.SYS (Realtek Semiconductor Corp.)
DRV - (ALCXSENS) -- C:\WINDOWS\system32\drivers\ALCXSENS.SYS (Sensaura)
DRV - (irsir) -- C:\WINDOWS\system32\drivers\irsir.sys (Microsoft Corporation)
DRV - (AliIde) -- C:\WINDOWS\system32\DRIVERS\aliide.sys (Acer Laboratories Inc.)
DRV - (PQNTDrv) -- C:\WINDOWS\System32\drivers\PQNTDRV.SYS ()


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========



IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

IE - HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-1801674531-527237240-839522115-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Prev Search Page = hxxp://google.icq.com
IE - HKU\S-1-5-21-1801674531-527237240-839522115-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://start.icq.com/
IE - HKU\S-1-5-21-1801674531-527237240-839522115-1004\..\URLSearchHook: - Reg Error: Key error. File not found
IE - HKU\S-1-5-21-1801674531-527237240-839522115-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "ICQ Search"
FF - prefs.js..browser.search.defaulturl: "hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q="
FF - prefs.js..browser.search.selectedEngine: "ICQ Search"
FF - prefs.js..browser.startup.homepage: "hxxp://start.icq.com/"
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0

FF - HKLM\software\mozilla\Thunderbird\Extensions\\{eea12ec4-729d-4703-bc37-106ce9879ce2}: C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2011\THBExt [2010.11.15 08:55:06 | 000,000,000 | ---D | M]

[2010.01.24 11:46:01 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Enrico\Anwendungsdaten\Mozilla\Extensions
[2009.08.26 19:21:24 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Enrico\Anwendungsdaten\Mozilla\Extensions\home2@tomtom.com
[2010.01.24 11:46:03 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Enrico\Anwendungsdaten\Mozilla\Firefox\Profiles\dvvmiu0u.default\extensions
[2010.01.24 11:46:07 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\Enrico\Anwendungsdaten\Mozilla\Firefox\Profiles\dvvmiu0u.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010.01.24 11:46:03 | 000,000,000 | ---D | M] (Google Toolbar for Firefox) -- C:\Dokumente und Einstellungen\Enrico\Anwendungsdaten\Mozilla\Firefox\Profiles\dvvmiu0u.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}
[2010.01.24 11:46:07 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Enrico\Anwendungsdaten\Mozilla\Firefox\Profiles\dvvmiu0u.default\extensions\staged-xpis
[2008.02.19 18:16:46 | 000,000,951 | ---- | M] () -- C:\Dokumente und Einstellungen\Enrico\Anwendungsdaten\Mozilla\Firefox\Profiles\dvvmiu0u.default\searchplugins\icqplugin.xml
[2010.02.18 23:19:02 | 000,000,000 | ---D | M] -- C:\Programme\Mozilla Firefox\extensions
[2010.01.24 17:06:44 | 000,000,000 | ---D | M] -- C:\Programme\Mozilla Firefox\extensions\linkfilter@kaspersky.ru

O1 HOSTS File: ([2009.09.11 16:06:32 | 000,329,945 | R--- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 www.008k.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 www.00hq.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 www.032439.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 www.0scan.com
O1 - Hosts: 127.0.0.1 0scan.com
O1 - Hosts: 127.0.0.1 1000gratisproben.com
O1 - Hosts: 127.0.0.1 www.1000gratisproben.com
O1 - Hosts: 127.0.0.1 1001namen.com
O1 - Hosts: 127.0.0.1 www.1001namen.com
O1 - Hosts: 127.0.0.1 www.100888290cs.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 www.100sexlinks.com
O1 - Hosts: 127.0.0.1 www.10sek.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 www.1-2005-search.com
O1 - Hosts: 11301 more lines...
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (IEVkbdBHO Class) - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2011\ievkbd.dll (Kaspersky Lab ZAO)
O2 - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (FilterBHO Class) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2011\klwtbbho.dll (Kaspersky Lab ZAO)
O3 - HKU\S-1-5-21-1801674531-527237240-839522115-1004\..\Toolbar\WebBrowser: (no name) - {32099AAC-C132-4136-9E9A-4E364A424E17} - No CLSID value found.
O3 - HKU\S-1-5-21-1801674531-527237240-839522115-1004\..\Toolbar\WebBrowser: (no name) - {855F3B16-6D32-4FE6-8A56-BBB695989046} - No CLSID value found.
O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\Alcmtr.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [AVP] C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe (Kaspersky Lab ZAO)
O4 - HKLM..\Run: [DivXUpdate] C:\Programme\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [Kernel and Hardware Abstraction Layer] C:\WINDOWS\KHALMNPR.Exe (Logitech, Inc.)
O4 - HKLM..\Run: [KernelFaultCheck] File not found
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\Programme\NVIDIA Corporation\nView\nwiz.exe ()
O4 - HKLM..\Run: [PPort11reminder] C:\Programme\ScanSoft\PaperPort\Ereg\Ereg.exe (Nuance Communications, Inc.)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)
O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\Logitech SetPoint.lnk = C:\Programme\Logitech\SetPoint\SetPoint.exe (Logitech, Inc.)
O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\Status Monitor.lnk = C:\Programme\Brother\Brmfcmon\BrMfcWnd.exe (Brother Industries, Ltd.)
O4 - Startup: C:\Dokumente und Einstellungen\Default User\Startmenü\Programme\Autostart\DSL-Manager.lnk = C:\Programme\DSL-Manager\DslMgr.exe File not found
O4 - Startup: C:\Dokumente und Einstellungen\Enrico\Startmenü\Programme\Autostart\CurseClientStartup.ccip ()
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Infodelivery present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1801674531-527237240-839522115-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1801674531-527237240-839522115-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 0
O8 - Extra context menu item: &ICQ Toolbar Search - C:\Programme\ICQToolbar\toolbaru.dll (ICQ Inc.)
O8 - Extra context menu item: Senden an &Bluetooth-Gerät... - C:\Programme\ASUS\Bluetooth Software\btsendto_ie_ctx.htm ()
O9 - Extra Button: &Virtuelle Tastatur - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2011\klwtbbho.dll (Kaspersky Lab ZAO)
O9 - Extra Button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Programme\ICQLite\ICQLite.exe File not found
O9 - Extra 'Tools' menuitem : ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Programme\ICQLite\ICQLite.exe File not found
O9 - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\ASUS\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\ASUS\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: Li&nks untersuchen - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2011\klwtbbho.dll (Kaspersky Lab ZAO)
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} hxxp://www.kaspersky.com/kos/german/partner/de/kavwebscan_unicode.cab (CKAVWebScan Object)
O16 - DPF: {215B8138-A3CF-44C5-803F-8226143CFC0A} hxxp://housecall65.trendmicro.com/housecall/applet/html/native/x86/win32/activex/hcImpl.cab (Trend Micro ActiveX Scan Agent 6.6)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} hxxp://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1230139466250 (WUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O16 - DPF: DirectAnimation Java Classes file://C:\WINDOWS\Java\classes\dajava.cab (Reg Error: Key error.)
O16 - DPF: Microsoft XML Parser for Java file://C:\WINDOWS\Java\classes\xmldso.cab (Reg Error: Key error.)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Gemeinsame Dateien\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18 - Protocol\Filter\text/x-mrml {C51721BE-858B-4A66-A8BF-D2882FF49820} - C:\Programme\Gemeinsame Dateien\A&W\MidRadio.ocx (YAMAHA CORPORATION)
O20 - AppInit_DLLs: (C:\DOKUME~1\ALLUSE~1\AVP11\mzvkbd3.dll) - C:\Dokumente und Einstellungen\All Users\AVP11\mzvkbd3.dll (Kaspersky Lab ZAO)
O20 - AppInit_DLLs: (C:\DOKUME~1\ALLUSE~1\AVP11\kloehk.dll) - C:\Dokumente und Einstellungen\All Users\AVP11\kloehk.dll (Kaspersky Lab ZAO)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\klogon: DllName - C:\WINDOWS\system32\klogon.dll - C:\WINDOWS\system32\klogon.dll (Kaspersky Lab ZAO)
O20 - Winlogon\Notify\LBTWlgn: DllName - c:\programme\gemeinsame dateien\logitech\bluetooth\LBTWlgn.dll - c:\Programme\Gemeinsame Dateien\Logitech\Bluetooth\LBTWLgn.dll (Logitech, Inc.)
O24 - Desktop Components:0 (Die derzeitige Homepage) - About:Home
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.07.12 17:14:26 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{da5f7c3d-926c-11de-88f0-00138f9375f1}\Shell\AutoRun\command - "" = G:\InstallTomTomHOME.exe -- File not found
O33 - MountPoints2\{e9493ff6-d0e1-11dd-87c2-00138f9375f1}\Shell - "" = AutoRun
O33 - MountPoints2\{e9493ff6-d0e1-11dd-87c2-00138f9375f1}\Shell\1\Command - "" = G:\Recycled.exe -- File not found
O33 - MountPoints2\{e9493ff6-d0e1-11dd-87c2-00138f9375f1}\Shell\2\Command - "" = G:\Recycled.exe -- File not found
O33 - MountPoints2\{e9493ff6-d0e1-11dd-87c2-00138f9375f1}\Shell\AutoRun - "" = Auto&Play
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2010.11.15 11:14:41 | 000,000,000 | RH-D | C] -- C:\Dokumente und Einstellungen\Enrico\Recent
[2010.11.15 11:13:36 | 002,811,584 | ---- | C] (Piriform Ltd) -- C:\Dokumente und Einstellungen\Enrico\Desktop\ccsetup300.exe
[2010.11.15 11:08:34 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2010.11.15 11:06:48 | 000,000,000 | -HSD | C] -- C:\Dokumente und Einstellungen\Enrico\IECompatCache
[2010.11.15 10:51:45 | 000,575,488 | ---- | C] (OldTimer Tools) -- C:\Dokumente und Einstellungen\Enrico\Desktop\OTL.exe
[2010.11.15 09:06:50 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Enrico\Anwendungsdaten\Malwarebytes
[2010.11.15 09:06:43 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010.11.15 09:06:42 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Malwarebytes
[2010.11.15 09:06:39 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2010.11.15 09:06:39 | 000,000,000 | ---D | C] -- C:\Programme\Malwarebytes' Anti-Malware
[2010.11.15 08:57:39 | 000,000,000 | -H-D | C] -- C:\Dokumente und Einstellungen\All Users\AVP11
[2010.11.15 08:47:21 | 111,361,648 | ---- | C] (Kaspersky Lab) -- C:\Dokumente und Einstellungen\Enrico\Desktop\kis11.0.1.400de.exe
[2010.10.24 19:31:02 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Enrico\Anwendungsdaten\DivX
[2010.10.24 19:30:31 | 000,009,072 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\drivers\cdr4_xp.sys
[2010.10.24 19:30:30 | 002,120,176 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\pxsfs.dll
[2010.10.24 19:30:30 | 000,698,864 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\px.dll
[2010.10.24 19:30:30 | 000,567,792 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\pxdrv.dll
[2010.10.24 19:30:30 | 000,440,816 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\pxwave.dll
[2010.10.24 19:30:30 | 000,219,632 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\pxmas.dll
[2010.10.24 19:30:30 | 000,133,616 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\pxafs.dll
[2010.10.24 19:30:30 | 000,126,448 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\pxinsi64.exe
[2010.10.24 19:30:30 | 000,123,888 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\pxcpyi64.exe
[2010.10.24 19:30:30 | 000,100,848 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\vxblock.dll
[2010.10.24 19:30:30 | 000,072,176 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\pxhpinst.exe
[2010.10.24 19:30:30 | 000,068,592 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\pxinsa64.exe
[2010.10.24 19:30:30 | 000,068,080 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\pxcpya64.exe
[2010.10.24 19:30:30 | 000,009,200 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\drivers\cdralw2k.sys
[2010.10.24 19:29:45 | 000,000,000 | ---D | C] -- C:\Programme\Gemeinsame Dateien\DivX Shared
[2010.10.24 19:25:47 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\DivX
[2009.05.03 12:33:23 | 002,938,128 | ---- | C] (ParetoLogic Inc.) -- C:\Programme\ParetoLogic DriverCure.exe
[2009.03.31 20:23:47 | 000,607,640 | ---- | C] (Sun Microsystems, Inc.) -- C:\Programme\jre-6u13-windows-i586-p-iftw.exe
[2006.06.01 16:22:00 | 000,208,896 | ---- | C] (NVIDIA Corporation) -- C:\Programme\nvudisp.exe
[2006.06.01 16:22:00 | 000,116,880 | ---- | C] (InstallShield Software Corporation) -- C:\Programme\setup.exe
[8 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2010.11.15 11:14:09 | 000,000,654 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\CCleaner.lnk
[2010.11.15 11:13:41 | 002,811,584 | ---- | M] (Piriform Ltd) -- C:\Dokumente und Einstellungen\Enrico\Desktop\ccsetup300.exe
[2010.11.15 11:06:10 | 000,000,820 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\Status Monitor.lnk
[2010.11.15 11:03:41 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010.11.15 10:51:46 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Dokumente und Einstellungen\Enrico\Desktop\OTL.exe
[2010.11.15 10:51:13 | 000,471,642 | ---- | M] () -- C:\Dokumente und Einstellungen\Enrico\Desktop\Load.exe
[2010.11.15 09:06:45 | 000,000,694 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2010.11.15 08:52:47 | 111,361,648 | ---- | M] (Kaspersky Lab) -- C:\Dokumente und Einstellungen\Enrico\Desktop\kis11.0.1.400de.exe
[2010.11.14 19:06:05 | 000,000,452 | ---- | M] () -- C:\WINDOWS\tasks\ParetoLogic Registration.job
[2010.11.14 12:46:10 | 000,000,643 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\World of Warcraft.lnk
[2010.11.13 00:33:00 | 000,000,426 | ---- | M] () -- C:\WINDOWS\tasks\ParetoLogic Update Version2.job
[2010.11.10 19:06:32 | 000,012,676 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010.10.31 07:39:15 | 000,432,356 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010.10.31 07:39:15 | 000,067,312 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010.10.31 07:39:14 | 000,448,470 | ---- | M] () -- C:\WINDOWS\System32\perfh007.dat
[2010.10.31 07:39:14 | 000,080,104 | ---- | M] () -- C:\WINDOWS\System32\perfc007.dat
[2010.10.30 18:29:07 | 000,000,276 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2010.10.24 19:31:25 | 000,001,489 | ---- | M] () -- C:\Dokumente und Einstellungen\Enrico\Desktop\DivX Movies.lnk
[2010.10.24 19:30:51 | 000,000,773 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\DivX Plus Player.lnk
[2010.10.24 19:30:19 | 000,000,819 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\DivX Plus Converter.lnk
[2010.10.24 00:46:36 | 000,002,243 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Skype.lnk
[2010.10.17 02:52:21 | 000,025,088 | ---- | M] () -- C:\Dokumente und Einstellungen\Enrico\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[8 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files Created - No Company Name ==========

[2010.11.15 11:14:09 | 000,000,654 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\CCleaner.lnk
[2010.11.15 10:51:13 | 000,471,642 | ---- | C] () -- C:\Dokumente und Einstellungen\Enrico\Desktop\Load.exe
[2010.11.15 09:06:45 | 000,000,694 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2010.10.24 19:31:25 | 000,001,489 | ---- | C] () -- C:\Dokumente und Einstellungen\Enrico\Desktop\DivX Movies.lnk
[2010.10.24 19:30:51 | 000,000,773 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\DivX Plus Player.lnk
[2010.10.24 19:30:19 | 000,000,819 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\DivX Plus Converter.lnk
[2010.01.24 00:11:15 | 000,582,376 | ---- | C] () -- C:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\Anwendungsdaten\FontCache3.0.0.0.dat
[2009.10.16 17:24:54 | 000,000,179 | ---- | C] () -- C:\Dokumente und Einstellungen\Enrico\Anwendungsdaten\setup.log
[2009.10.16 17:24:51 | 000,000,760 | ---- | C] () -- C:\Dokumente und Einstellungen\Enrico\Anwendungsdaten\setup_ldm.iss
[2009.08.20 12:48:12 | 000,031,664 | ---- | C] () -- C:\WINDOWS\maxlink.ini
[2009.08.14 14:06:06 | 000,000,040 | ---- | C] () -- C:\WINDOWS\BO6050D.INI
[2009.08.14 14:05:54 | 000,000,053 | ---- | C] () -- C:\WINDOWS\BRPP2KA.INI
[2009.03.29 20:49:03 | 000,000,030 | ---- | C] () -- C:\WINDOWS\System32\brss01a.ini
[2008.07.12 13:56:00 | 000,000,170 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2007.12.18 18:30:12 | 000,003,333 | ---- | C] () -- C:\WINDOWS\cdplayer.ini
[2007.11.15 22:16:42 | 000,000,305 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\addr_file.html
[2007.10.20 19:10:05 | 000,000,000 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\LauncherAccess.dt
[2007.10.20 19:05:29 | 000,005,632 | ---- | C] () -- C:\WINDOWS\System32\drivers\StarOpen.sys
[2007.06.25 09:03:19 | 003,655,608 | ---- | C] () -- C:\Programme\FLV PlayerRCATSetup.exe
[2007.06.25 08:59:51 | 025,990,432 | ---- | C] () -- C:\Programme\FLV PlayerRCSetup.exe
[2007.05.30 15:25:18 | 000,003,038 | ---- | C] () -- C:\WINDOWS\tm.ini
[2007.05.09 17:59:16 | 000,000,097 | ---- | C] () -- C:\WINDOWS\System32\PICSDK.ini
[2007.04.01 08:00:28 | 002,842,624 | ---- | C] () -- C:\WINDOWS\System32\btwicons.dll
[2007.04.01 07:41:52 | 000,090,112 | ---- | C] () -- C:\WINDOWS\System32\btprn2k.dll
[2007.03.03 14:53:52 | 000,000,855 | ---- | C] () -- C:\WINDOWS\brwmark.ini
[2007.03.03 14:53:52 | 000,000,550 | ---- | C] () -- C:\WINDOWS\brqikmon.ini
[2006.08.11 14:34:25 | 000,003,252 | ---- | C] () -- C:\WINDOWS\System32\drivers\PQNTDRV.SYS
[2006.07.16 10:23:02 | 000,000,403 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2006.07.13 00:00:15 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2006.07.12 20:28:35 | 000,025,088 | ---- | C] () -- C:\Dokumente und Einstellungen\Enrico\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2006.07.12 17:42:22 | 000,004,110 | ---- | C] () -- C:\WINDOWS\Ascd_tmp.ini
[2006.07.12 17:42:21 | 000,005,824 | ---- | C] () -- C:\WINDOWS\System32\drivers\ASUSHWIO.SYS
[2006.06.08 03:12:18 | 000,029,771 | ---- | C] () -- C:\Programme\nv4_disp.cat
[2006.06.01 16:22:00 | 005,089,167 | ---- | C] () -- C:\Programme\NvCpl.dl_
[2006.06.01 16:22:00 | 004,885,833 | ---- | C] () -- C:\Programme\data1.cab
[2006.06.01 16:22:00 | 004,871,770 | ---- | C] () -- C:\Programme\nvDispS.dl_
[2006.06.01 16:22:00 | 003,154,410 | ---- | C] () -- C:\Programme\nvDispSR.dl_
[2006.06.01 16:22:00 | 002,854,132 | ---- | C] () -- C:\Programme\nvoglnt.dl_
[2006.06.01 16:22:00 | 002,552,660 | ---- | C] () -- C:\Programme\nvViTvS.dl_
[2006.06.01 16:22:00 | 002,482,864 | ---- | C] () -- C:\Programme\nv4_disp.dl_
[2006.06.01 16:22:00 | 002,223,867 | ---- | C] () -- C:\Programme\nvViTvSR.dl_
[2006.06.01 16:22:00 | 002,130,330 | ---- | C] () -- C:\Programme\nv4_mini.sy_
[2006.06.01 16:22:00 | 002,077,420 | ---- | C] () -- C:\Programme\nvGameS.dl_
[2006.06.01 16:22:00 | 001,621,793 | ---- | C] () -- C:\Programme\nvMoblSR.dl_
[2006.06.01 16:22:00 | 001,007,854 | ---- | C] () -- C:\Programme\nvGameSR.dl_
[2006.06.01 16:22:00 | 000,909,469 | ---- | C] () -- C:\Programme\nvwss.dl_
[2006.06.01 16:22:00 | 000,862,548 | ---- | C] () -- C:\Programme\nvwdmcpl.dl_
[2006.06.01 16:22:00 | 000,775,950 | ---- | C] () -- C:\Programme\nvwssr.dl_
[2006.06.01 16:22:00 | 000,651,818 | ---- | C] () -- C:\Programme\nview.dl_
[2006.06.01 16:22:00 | 000,643,821 | ---- | C] () -- C:\Programme\nwiz.ex_
[2006.06.01 16:22:00 | 000,574,412 | ---- | C] () -- C:\Programme\nvMoblS.dl_
[2006.06.01 16:22:00 | 000,540,672 | ---- | C] () -- C:\WINDOWS\System32\nvhwvid.dll
[2006.06.01 16:22:00 | 000,468,523 | ---- | C] () -- C:\Programme\nvdspsch.ex_
[2006.06.01 16:22:00 | 000,459,544 | ---- | C] () -- C:\Programme\engine32.cab
[2006.06.01 16:22:00 | 000,435,969 | ---- | C] () -- C:\Programme\setup.ibt
[2006.06.01 16:22:00 | 000,430,506 | ---- | C] () -- C:\Programme\nvcplui.ex_
[2006.06.01 16:22:00 | 000,336,369 | ---- | C] () -- C:\Programme\nvwimg.dl_
[2006.06.01 16:22:00 | 000,320,874 | ---- | C] () -- C:\Programme\nvcpluir.dl_
[2006.06.01 16:22:00 | 000,286,720 | ---- | C] () -- C:\WINDOWS\System32\nvnt4cpl.dll
[2006.06.01 16:22:00 | 000,237,685 | ---- | C] () -- C:\Programme\nvdspJPN.chm
[2006.06.01 16:22:00 | 000,236,552 | ---- | C] () -- C:\Programme\setup.inx
[2006.06.01 16:22:00 | 000,223,301 | ---- | C] () -- C:\Programme\nvdspKOR.chm
[2006.06.01 16:22:00 | 000,222,683 | ---- | C] () -- C:\Programme\nvdspTHA.chm
[2006.06.01 16:22:00 | 000,218,823 | ---- | C] () -- C:\Programme\nvdspELL.chm
[2006.06.01 16:22:00 | 000,218,813 | ---- | C] () -- C:\Programme\nvdspCHT.chm
[2006.06.01 16:22:00 | 000,216,226 | ---- | C] () -- C:\Programme\keystone.ex_
[2006.06.01 16:22:00 | 000,213,815 | ---- | C] () -- C:\Programme\nvdspCHS.chm
[2006.06.01 16:22:00 | 000,210,619 | ---- | C] () -- C:\Programme\nvdspSKY.chm
[2006.06.01 16:22:00 | 000,209,645 | ---- | C] () -- C:\Programme\nvdspRUS.chm
[2006.06.01 16:22:00 | 000,207,771 | ---- | C] () -- C:\Programme\nvdspSLV.chm
[2006.06.01 16:22:00 | 000,207,223 | ---- | C] () -- C:\Programme\nvdspHUN.chm
[2006.06.01 16:22:00 | 000,206,647 | ---- | C] () -- C:\Programme\nvdspPLK.chm
[2006.06.01 16:22:00 | 000,206,549 | ---- | C] () -- C:\Programme\nvdspHEB.chm
[2006.06.01 16:22:00 | 000,204,597 | ---- | C] () -- C:\Programme\nvdspTRK.chm
[2006.06.01 16:22:00 | 000,204,593 | ---- | C] () -- C:\Programme\nvappbar.ex_
[2006.06.01 16:22:00 | 000,204,403 | ---- | C] () -- C:\Programme\nvdspCSY.chm
[2006.06.01 16:22:00 | 000,201,575 | ---- | C] () -- C:\Programme\nvdspARA.chm
[2006.06.01 16:22:00 | 000,200,469 | ---- | C] () -- C:\Programme\nvdspDEU.chm
[2006.06.01 16:22:00 | 000,199,911 | ---- | C] () -- C:\Programme\nvshell.dl_
[2006.06.01 16:22:00 | 000,199,129 | ---- | C] () -- C:\Programme\nvdspFIN.chm
[2006.06.01 16:22:00 | 000,198,663 | ---- | C] () -- C:\Programme\nvdspITA.chm
[2006.06.01 16:22:00 | 000,196,205 | ---- | C] () -- C:\Programme\nvdspNLD.chm
[2006.06.01 16:22:00 | 000,195,673 | ---- | C] () -- C:\Programme\nvdspPTG.chm
[2006.06.01 16:22:00 | 000,195,361 | ---- | C] () -- C:\Programme\nvdspPTB.chm
[2006.06.01 16:22:00 | 000,193,581 | ---- | C] () -- C:\Programme\nvdspESN.chm
[2006.06.01 16:22:00 | 000,193,463 | ---- | C] () -- C:\Programme\nvdspESM.chm
[2006.06.01 16:22:00 | 000,189,993 | ---- | C] () -- C:\Programme\nvdspFRA.chm
[2006.06.01 16:22:00 | 000,188,933 | ---- | C] () -- C:\Programme\nvdspDAN.chm
[2006.06.01 16:22:00 | 000,187,809 | ---- | C] () -- C:\Programme\NVCPHU.HL_
[2006.06.01 16:22:00 | 000,187,583 | ---- | C] () -- C:\Programme\nvdspSVE.chm
[2006.06.01 16:22:00 | 000,187,317 | ---- | C] () -- C:\Programme\nvdspNOR.chm
[2006.06.01 16:22:00 | 000,182,237 | ---- | C] () -- C:\Programme\nvdsp.chm
[2006.06.01 16:22:00 | 000,178,432 | ---- | C] () -- C:\Programme\NVCPTR.HL_
[2006.06.01 16:22:00 | 000,176,760 | ---- | C] () -- C:\Programme\setup.bmp
[2006.06.01 16:22:00 | 000,170,522 | ---- | C] () -- C:\Programme\NVCPDE.HL_
[2006.06.01 16:22:00 | 000,170,440 | ---- | C] () -- C:\Programme\NVCPPL.HL_
[2006.06.01 16:22:00 | 000,170,358 | ---- | C] () -- C:\Programme\nvMccsSR.dl_
[2006.06.01 16:22:00 | 000,167,948 | ---- | C] () -- C:\Programme\NVCPHE.HL_
[2006.06.01 16:22:00 | 000,166,046 | ---- | C] () -- C:\Programme\NVCPSL.HL_
[2006.06.01 16:22:00 | 000,165,790 | ---- | C] () -- C:\Programme\NVCPFI.HL_
[2006.06.01 16:22:00 | 000,164,855 | ---- | C] () -- C:\Programme\NVCPPT.HL_
[2006.06.01 16:22:00 | 000,164,431 | ---- | C] () -- C:\Programme\NVCPSV.HL_
[2006.06.01 16:22:00 | 000,164,091 | ---- | C] () -- C:\Programme\nvmccs.dl_
[2006.06.01 16:22:00 | 000,163,556 | ---- | C] () -- C:\Programme\NVCPPTB.HL_
[2006.06.01 16:22:00 | 000,163,306 | ---- | C] () -- C:\Programme\NVCPFR.HL_
[2006.06.01 16:22:00 | 000,162,460 | ---- | C] () -- C:\Programme\NVCPES.HL_
[2006.06.01 16:22:00 | 000,161,942 | ---- | C] () -- C:\Programme\NVCPESM.HL_
[2006.06.01 16:22:00 | 000,161,823 | ---- | C] () -- C:\Programme\NVCPDA.HL_
[2006.06.01 16:22:00 | 000,157,650 | ---- | C] () -- C:\Programme\NVCPRU.HL_
[2006.06.01 16:22:00 | 000,157,341 | ---- | C] () -- C:\Programme\NVCPJA.HL_
[2006.06.01 16:22:00 | 000,157,304 | ---- | C] () -- C:\Programme\NVCPNL.HL_
[2006.06.01 16:22:00 | 000,155,845 | ---- | C] () -- C:\Programme\nvnt4cpl.dl_
[2006.06.01 16:22:00 | 000,155,762 | ---- | C] () -- C:\Programme\NVCPNO.HL_
[2006.06.01 16:22:00 | 000,154,236 | ---- | C] () -- C:\Programme\NVCPIT.HL_
[2006.06.01 16:22:00 | 000,153,963 | ---- | C] () -- C:\Programme\nvhwvid.dl_
[2006.06.01 16:22:00 | 000,153,650 | ---- | C] () -- C:\Programme\nvexpbar.dl_
[2006.06.01 16:22:00 | 000,152,109 | ---- | C] () -- C:\Programme\NVCPTH.HL_
[2006.06.01 16:22:00 | 000,149,608 | ---- | C] () -- C:\Programme\NVCPZHT.HL_
[2006.06.01 16:22:00 | 000,149,486 | ---- | C] () -- C:\Programme\NVCPZHC.HL_
[2006.06.01 16:22:00 | 000,149,357 | ---- | C] () -- C:\Programme\NVCPL.HL_
[2006.06.01 16:22:00 | 000,148,645 | ---- | C] () -- C:\Programme\NVCPENG.HL_
[2006.06.01 16:22:00 | 000,147,387 | ---- | C] () -- C:\Programme\NVCPEL.HL_
[2006.06.01 16:22:00 | 000,143,674 | ---- | C] () -- C:\Programme\NVCPAR.HL_
[2006.06.01 16:22:00 | 000,141,079 | ---- | C] () -- C:\Programme\NVCPSK.HL_
[2006.06.01 16:22:00 | 000,140,903 | ---- | C] () -- C:\Programme\NVCPKO.HL_
[2006.06.01 16:22:00 | 000,139,615 | ---- | C] () -- C:\Programme\NVCPCS.HL_
[2006.06.01 16:22:00 | 000,116,333 | ---- | C] () -- C:\Programme\nv3dJPN.chm
[2006.06.01 16:22:00 | 000,112,329 | ---- | C] () -- C:\Programme\nvcpljpn.chm
[2006.06.01 16:22:00 | 000,111,149 | ---- | C] () -- C:\Programme\nvcpltha.chm
[2006.06.01 16:22:00 | 000,110,927 | ---- | C] () -- C:\Programme\nv3dTHA.chm
[2006.06.01 16:22:00 | 000,110,495 | ---- | C] () -- C:\Programme\nvcplell.chm
[2006.06.01 16:22:00 | 000,109,653 | ---- | C] () -- C:\Programme\nvcplplk.chm
[2006.06.01 16:22:00 | 000,109,511 | ---- | C] () -- C:\Programme\nvcpltrk.chm
[2006.06.01 16:22:00 | 000,109,375 | ---- | C] () -- C:\Programme\nvcplslv.chm
[2006.06.01 16:22:00 | 000,109,143 | ---- | C] () -- C:\Programme\nvcplsky.chm
[2006.06.01 16:22:00 | 000,108,949 | ---- | C] () -- C:\Programme\nvcplheb.chm
[2006.06.01 16:22:00 | 000,108,949 | ---- | C] () -- C:\Programme\nvcplfin.chm
[2006.06.01 16:22:00 | 000,108,793 | ---- | C] () -- C:\Programme\nvcplhun.chm
[2006.06.01 16:22:00 | 000,108,587 | ---- | C] () -- C:\Programme\nvcplkor.chm
[2006.06.01 16:22:00 | 000,108,497 | ---- | C] () -- C:\Programme\nvcplcsy.chm
[2006.06.01 16:22:00 | 000,108,491 | ---- | C] () -- C:\Programme\nvcplrus.chm
[2006.06.01 16:22:00 | 000,108,159 | ---- | C] () -- C:\Programme\nvcplcht.chm
[2006.06.01 16:22:00 | 000,108,110 | ---- | C] () -- C:\Programme\NVRSHE.dl_
[2006.06.01 16:22:00 | 000,107,787 | ---- | C] () -- C:\Programme\nvcplara.chm
[2006.06.01 16:22:00 | 000,107,715 | ---- | C] () -- C:\Programme\nvcplesn.chm
[2006.06.01 16:22:00 | 000,107,619 | ---- | C] () -- C:\Programme\NVRSAR.dl_
[2006.06.01 16:22:00 | 000,107,557 | ---- | C] () -- C:\Programme\nv3dHEB.chm
[2006.06.01 16:22:00 | 000,107,365 | ---- | C] () -- C:\Programme\nvcplita.chm
[2006.06.01 16:22:00 | 000,106,941 | ---- | C] () -- C:\Programme\nvcplchs.chm
[2006.06.01 16:22:00 | 000,106,767 | ---- | C] () -- C:\Programme\nv3dELL.chm
[2006.06.01 16:22:00 | 000,106,693 | ---- | C] () -- C:\Programme\nv3dKOR.chm
[2006.06.01 16:22:00 | 000,106,659 | ---- | C] () -- C:\Programme\nvcplptg.chm
[2006.06.01 16:22:00 | 000,106,571 | ---- | C] () -- C:\Programme\nvcplptb.chm
[2006.06.01 16:22:00 | 000,106,513 | ---- | C] () -- C:\Programme\nvcpldeu.chm
[2006.06.01 16:22:00 | 000,106,413 | ---- | C] () -- C:\Programme\nv3dPLK.chm
[2006.06.01 16:22:00 | 000,106,413 | ---- | C] () -- C:\Programme\nv3dARA.chm
[2006.06.01 16:22:00 | 000,106,245 | ---- | C] () -- C:\Programme\nvcplesm.chm
[2006.06.01 16:22:00 | 000,105,997 | ---- | C] () -- C:\Programme\nv3dSKY.chm
[2006.06.01 16:22:00 | 000,105,933 | ---- | C] () -- C:\Programme\nv3dCHT.chm
[2006.06.01 16:22:00 | 000,105,689 | ---- | C] () -- C:\Programme\nv3dRUS.chm
[2006.06.01 16:22:00 | 000,105,603 | ---- | C] () -- C:\Programme\nv3dTRK.chm
[2006.06.01 16:22:00 | 000,105,249 | ---- | C] () -- C:\Programme\nvcplsve.chm
[2006.06.01 16:22:00 | 000,105,211 | ---- | C] () -- C:\Programme\nvcplnld.chm
[2006.06.01 16:22:00 | 000,105,121 | ---- | C] () -- C:\Programme\nvcplfra.chm
[2006.06.01 16:22:00 | 000,105,025 | ---- | C] () -- C:\Programme\nvcplnor.chm
[2006.06.01 16:22:00 | 000,104,809 | ---- | C] () -- C:\Programme\nvcpldan.chm
[2006.06.01 16:22:00 | 000,104,248 | ---- | C] () -- C:\Programme\nvcpl.chm
[2006.06.01 16:22:00 | 000,104,183 | ---- | C] () -- C:\Programme\nvcpleng.chm
[2006.06.01 16:22:00 | 000,103,867 | ---- | C] () -- C:\Programme\nv3dSLV.chm
[2006.06.01 16:22:00 | 000,103,723 | ---- | C] () -- C:\Programme\nv3dDEU.chm
[2006.06.01 16:22:00 | 000,103,591 | ---- | C] () -- C:\Programme\nv3dCHS.chm
[2006.06.01 16:22:00 | 000,103,238 | ---- | C] () -- C:\Programme\nvMccsS.dl_
[2006.06.01 16:22:00 | 000,103,225 | ---- | C] () -- C:\Programme\nv3dCSY.chm
[2006.06.01 16:22:00 | 000,102,949 | ---- | C] () -- C:\Programme\nv3dESM.chm
[2006.06.01 16:22:00 | 000,102,737 | ---- | C] () -- C:\Programme\nv3dHUN.chm
[2006.06.01 16:22:00 | 000,102,605 | ---- | C] () -- C:\Programme\nv3dFIN.chm
[2006.06.01 16:22:00 | 000,102,543 | ---- | C] () -- C:\Programme\nv3dESN.chm
[2006.06.01 16:22:00 | 000,100,466 | ---- | C] () -- C:\Programme\NVRSJA.dl_
[2006.06.01 16:22:00 | 000,100,227 | ---- | C] () -- C:\Programme\nv3dITA.chm
[2006.06.01 16:22:00 | 000,099,455 | ---- | C] () -- C:\Programme\nv3dPTG.chm
[2006.06.01 16:22:00 | 000,099,438 | ---- | C] () -- C:\Programme\nv3d.chm
[2006.06.01 16:22:00 | 000,099,405 | ---- | C] () -- C:\Programme\nv3dPTB.chm
[2006.06.01 16:22:00 | 000,099,389 | ---- | C] () -- C:\Programme\nvwrsel.dl_
[2006.06.01 16:22:00 | 000,099,189 | ---- | C] () -- C:\Programme\NVRSKO.dl_
[2006.06.01 16:22:00 | 000,099,181 | ---- | C] () -- C:\Programme\nv3dDAN.chm
[2006.06.01 16:22:00 | 000,098,529 | ---- | C] () -- C:\Programme\nv3dSVE.chm
[2006.06.01 16:22:00 | 000,098,529 | ---- | C] () -- C:\Programme\nv3dNLD.chm
[2006.06.01 16:22:00 | 000,097,581 | ---- | C] () -- C:\Programme\nv3dNOR.chm
[2006.06.01 16:22:00 | 000,097,459 | ---- | C] () -- C:\Programme\nv3dFRA.chm
[2006.06.01 16:22:00 | 000,096,145 | ---- | C] () -- C:\Programme\nv3dENG.chm
[2006.06.01 16:22:00 | 000,095,226 | ---- | C] () -- C:\Programme\nvwrsru.dl_
[2006.06.01 16:22:00 | 000,093,693 | ---- | C] () -- C:\Programme\nvwrshu.dl_
[2006.06.01 16:22:00 | 000,093,302 | ---- | C] () -- C:\Programme\NVRSZHC.dl_
[2006.06.01 16:22:00 | 000,092,516 | ---- | C] () -- C:\Programme\nvwrses.dl_
[2006.06.01 16:22:00 | 000,090,968 | ---- | C] () -- C:\Programme\nvwrsfr.dl_
[2006.06.01 16:22:00 | 000,090,925 | ---- | C] () -- C:\Programme\nvwrspt.dl_
[2006.06.01 16:22:00 | 000,090,406 | ---- | C] () -- C:\Programme\nvwrsesm.dl_
[2006.06.01 16:22:00 | 000,090,361 | ---- | C] () -- C:\Programme\nvwrsnl.dl_
[2006.06.01 16:22:00 | 000,090,357 | ---- | C] () -- C:\Programme\nvapi.dl_
[2006.06.01 16:22:00 | 000,090,104 | ---- | C] () -- C:\Programme\nvwrsde.dl_
[2006.06.01 16:22:00 | 000,090,002 | ---- | C] () -- C:\Programme\nvwrssk.dl_
[2006.06.01 16:22:00 | 000,089,669 | ---- | C] () -- C:\Programme\nvwrspl.dl_
[2006.06.01 16:22:00 | 000,089,560 | ---- | C] () -- C:\Programme\nvwrsit.dl_
[2006.06.01 16:22:00 | 000,089,507 | ---- | C] () -- C:\Programme\nvwrsptb.dl_
[2006.06.01 16:22:00 | 000,088,830 | ---- | C] () -- C:\Programme\nvwrstr.dl_
[2006.06.01 16:22:00 | 000,088,232 | ---- | C] () -- C:\Programme\nvwrssl.dl_
[2006.06.01 16:22:00 | 000,088,197 | ---- | C] () -- C:\Programme\NVRSEL.dl_
[2006.06.01 16:22:00 | 000,087,448 | ---- | C] () -- C:\Programme\nvwrsfi.dl_
[2006.06.01 16:22:00 | 000,087,214 | ---- | C] () -- C:\Programme\nvwrscs.dl_
[2006.06.01 16:22:00 | 000,087,042 | ---- | C] () -- C:\Programme\nvsvc32.ex_
[2006.06.01 16:22:00 | 000,086,200 | ---- | C] () -- C:\Programme\NvColor.ex_
[2006.06.01 16:22:00 | 000,085,244 | ---- | C] () -- C:\Programme\nvwrsda.dl_
[2006.06.01 16:22:00 | 000,085,082 | ---- | C] () -- C:\Programme\nvwrsno.dl_
[2006.06.01 16:22:00 | 000,085,066 | ---- | C] () -- C:\Programme\nvwrssv.dl_
[2006.06.01 16:22:00 | 000,085,028 | ---- | C] () -- C:\Programme\NVRSRU.dl_
[2006.06.01 16:22:00 | 000,084,018 | ---- | C] () -- C:\Programme\nvwrshe.dl_
[2006.06.01 16:22:00 | 000,083,744 | ---- | C] () -- C:\Programme\nvwrsar.dl_
[2006.06.01 16:22:00 | 000,083,305 | ---- | C] () -- C:\Programme\NVRSDE.dl_
[2006.06.01 16:22:00 | 000,081,945 | ---- | C] () -- C:\Programme\NVRSSK.dl_
[2006.06.01 16:22:00 | 000,081,709 | ---- | C] () -- C:\Programme\NVRSFR.dl_
[2006.06.01 16:22:00 | 000,081,603 | ---- | C] () -- C:\Programme\nvwrseng.dl_
[2006.06.01 16:22:00 | 000,081,370 | ---- | C] () -- C:\Programme\NVRSES.dl_
[2006.06.01 16:22:00 | 000,080,831 | ---- | C] () -- C:\Programme\NVRSHU.dl_
[2006.06.01 16:22:00 | 000,080,695 | ---- | C] () -- C:\Programme\NVEPClnt.ex_
[2006.06.01 16:22:00 | 000,080,624 | ---- | C] () -- C:\Programme\NVRSNL.dl_
[2006.06.01 16:22:00 | 000,080,607 | ---- | C] () -- C:\Programme\NVRSIT.dl_
[2006.06.01 16:22:00 | 000,080,383 | ---- | C] () -- C:\Programme\NVRSPL.dl_
[2006.06.01 16:22:00 | 000,079,977 | ---- | C] () -- C:\Programme\NVRSTH.dl_
[2006.06.01 16:22:00 | 000,079,945 | ---- | C] () -- C:\Programme\NVRSPT.dl_
[2006.06.01 16:22:00 | 000,079,309 | ---- | C] () -- C:\Programme\NVRSCS.dl_
[2006.06.01 16:22:00 | 000,079,235 | ---- | C] () -- C:\Programme\NVRSTR.dl_
[2006.06.01 16:22:00 | 000,079,092 | ---- | C] () -- C:\Programme\NVRSESM.dl_
[2006.06.01 16:22:00 | 000,078,597 | ---- | C] () -- C:\Programme\NVRSPTB.dl_
[2006.06.01 16:22:00 | 000,078,369 | ---- | C] () -- C:\Programme\NVRSSL.dl_
[2006.06.01 16:22:00 | 000,076,320 | ---- | C] () -- C:\Programme\NVRSDA.dl_
[2006.06.01 16:22:00 | 000,075,822 | ---- | C] () -- C:\Programme\NVRSSV.dl_
[2006.06.01 16:22:00 | 000,075,584 | ---- | C] () -- C:\Programme\NVRSFI.dl_
[2006.06.01 16:22:00 | 000,075,541 | ---- | C] () -- C:\Programme\NVRSNO.dl_
[2006.06.01 16:22:00 | 000,073,899 | ---- | C] () -- C:\Programme\NVRSENG.dl_
[2006.06.01 16:22:00 | 000,073,248 | ---- | C] () -- C:\Programme\nvwrsja.dl_
[2006.06.01 16:22:00 | 000,069,681 | ---- | C] () -- C:\Programme\nvwrsko.dl_
[2006.06.01 16:22:00 | 000,068,593 | ---- | C] () -- C:\Programme\setup.skin
[2006.06.01 16:22:00 | 000,066,670 | ---- | C] () -- C:\Programme\modes.txt
[2006.06.01 16:22:00 | 000,066,220 | ---- | C] () -- C:\Programme\nvwrszht.dl_
[2006.06.01 16:22:00 | 000,065,203 | ---- | C] () -- C:\Programme\nvwrszhc.dl_
[2006.06.01 16:22:00 | 000,060,169 | ---- | C] () -- C:\Programme\nvmobJPN.chm
[2006.06.01 16:22:00 | 000,058,989 | ---- | C] () -- C:\Programme\nvmobKOR.chm
[2006.06.01 16:22:00 | 000,058,989 | ---- | C] () -- C:\Programme\nvmobCHT.chm
[2006.06.01 16:22:00 | 000,058,975 | ---- | C] () -- C:\Programme\nvmobTHA.chm
[2006.06.01 16:22:00 | 000,058,433 | ---- | C] () -- C:\Programme\nvmobELL.chm
[2006.06.01 16:22:00 | 000,058,265 | ---- | C] () -- C:\Programme\nvmobHEB.chm
[2006.06.01 16:22:00 | 000,058,009 | ---- | C] () -- C:\Programme\nvmobCHS.chm
[2006.06.01 16:22:00 | 000,057,505 | ---- | C] () -- C:\Programme\nvmobPLK.chm
[2006.06.01 16:22:00 | 000,057,271 | ---- | C] () -- C:\Programme\nvmobARA.chm
[2006.06.01 16:22:00 | 000,057,135 | ---- | C] () -- C:\Programme\nvmobHUN.chm
[2006.06.01 16:22:00 | 000,057,085 | ---- | C] () -- C:\Programme\nvmobTRK.chm
[2006.06.01 16:22:00 | 000,057,065 | ---- | C] () -- C:\Programme\NVRSZHT.dl_
[2006.06.01 16:22:00 | 000,057,065 | ---- | C] () -- C:\Programme\nvmobRUS.chm
[2006.06.01 16:22:00 | 000,057,003 | ---- | C] () -- C:\Programme\nvmobSKY.chm
[2006.06.01 16:22:00 | 000,056,769 | ---- | C] () -- C:\Programme\nvmobSLV.chm
[2006.06.01 16:22:00 | 000,056,641 | ---- | C] () -- C:\Programme\nvmobFIN.chm
[2006.06.01 16:22:00 | 000,056,411 | ---- | C] () -- C:\Programme\nvmobCSY.chm
[2006.06.01 16:22:00 | 000,055,905 | ---- | C] () -- C:\Programme\nvmobITA.chm
[2006.06.01 16:22:00 | 000,055,873 | ---- | C] () -- C:\Programme\nvmobDEU.chm
[2006.06.01 16:22:00 | 000,055,639 | ---- | C] () -- C:\Programme\nvmobPTG.chm
[2006.06.01 16:22:00 | 000,055,539 | ---- | C] () -- C:\Programme\nvmobESM.chm
[2006.06.01 16:22:00 | 000,055,527 | ---- | C] () -- C:\Programme\nvmobESN.chm
[2006.06.01 16:22:00 | 000,055,457 | ---- | C] () -- C:\Programme\nvmobNLD.chm
[2006.06.01 16:22:00 | 000,055,387 | ---- | C] () -- C:\Programme\nvmobSVE.chm
[2006.06.01 16:22:00 | 000,055,351 | ---- | C] () -- C:\Programme\nvmobPTB.chm
[2006.06.01 16:22:00 | 000,055,343 | ---- | C] () -- C:\Programme\nvmobFRA.chm
[2006.06.01 16:22:00 | 000,055,235 | ---- | C] () -- C:\Programme\nvmobNOR.chm
[2006.06.01 16:22:00 | 000,055,183 | ---- | C] () -- C:\Programme\nvmobDAN.chm
[2006.06.01 16:22:00 | 000,054,878 | ---- | C] () -- C:\Programme\nvmob.chm
[2006.06.01 16:22:00 | 000,050,711 | ---- | C] () -- C:\Programme\nv4_disp.inf
[2006.06.01 16:22:00 | 000,048,486 | ---- | C] () -- C:\Programme\nvwddi.dl_
[2006.06.01 16:22:00 | 000,048,187 | ---- | C] () -- C:\Programme\nvwcphu.hl_
[2006.06.01 16:22:00 | 000,047,242 | ---- | C] () -- C:\Programme\nvwcptr.hl_
[2006.06.01 16:22:00 | 000,046,147 | ---- | C] () -- C:\Programme\nvwcppl.hl_
[2006.06.01 16:22:00 | 000,044,545 | ---- | C] () -- C:\Programme\nvwcpsk.hl_
[2006.06.01 16:22:00 | 000,044,070 | ---- | C] () -- C:\Programme\NvMCTray.dl_
[2006.06.01 16:22:00 | 000,043,453 | ---- | C] () -- C:\Programme\nvwcpde.hl_
[2006.06.01 16:22:00 | 000,042,442 | ---- | C] () -- C:\Programme\nvwcpfi.hl_
[2006.06.01 16:22:00 | 000,042,172 | ---- | C] () -- C:\Programme\nvwcpsv.hl_
[2006.06.01 16:22:00 | 000,042,138 | ---- | C] () -- C:\Programme\nvwcpfr.hl_
[2006.06.01 16:22:00 | 000,042,133 | ---- | C] () -- C:\Programme\nvwcpsl.hl_
[2006.06.01 16:22:00 | 000,041,746 | ---- | C] () -- C:\Programme\nvwcppt.hl_
[2006.06.01 16:22:00 | 000,041,475 | ---- | C] () -- C:\Programme\nvwcpru.hl_
[2006.06.01 16:22:00 | 000,041,415 | ---- | C] () -- C:\Programme\nvwcpptb.hl_
[2006.06.01 16:22:00 | 000,041,254 | ---- | C] () -- C:\Programme\nvwcpel.hl_
[2006.06.01 16:22:00 | 000,041,106 | ---- | C] () -- C:\Programme\nvwcphe.hl_
[2006.06.01 16:22:00 | 000,040,980 | ---- | C] () -- C:\Programme\nvwcpko.hl_
[2006.06.01 16:22:00 | 000,040,978 | ---- | C] () -- C:\Programme\nvwcpda.hl_
[2006.06.01 16:22:00 | 000,040,703 | ---- | C] () -- C:\Programme\nvwcpnl.hl_
[2006.06.01 16:22:00 | 000,039,750 | ---- | C] () -- C:\Programme\nvwcpit.hl_
[2006.06.01 16:22:00 | 000,039,708 | ---- | C] () -- C:\Programme\nvwcpno.hl_
[2006.06.01 16:22:00 | 000,039,572 | ---- | C] () -- C:\Programme\nvwcpja.hl_
[2006.06.01 16:22:00 | 000,039,558 | ---- | C] () -- C:\Programme\nvwcpes.hl_
[2006.06.01 16:22:00 | 000,039,524 | ---- | C] () -- C:\Programme\nvwcpcs.hl_
[2006.06.01 16:22:00 | 000,039,144 | ---- | C] () -- C:\Programme\nvwcpesm.hl_
[2006.06.01 16:22:00 | 000,039,039 | ---- | C] () -- C:\Programme\nvwcpar.hl_
[2006.06.01 16:22:00 | 000,037,652 | ---- | C] () -- C:\Programme\nvcpl.cp_
[2006.06.01 16:22:00 | 000,037,514 | ---- | C] () -- C:\Programme\nvwcpeng.hl_
[2006.06.01 16:22:00 | 000,037,359 | ---- | C] () -- C:\Programme\nvwcplen.hl_
[2006.06.01 16:22:00 | 000,036,005 | ---- | C] () -- C:\Programme\nvwcpth.hl_
[2006.06.01 16:22:00 | 000,035,237 | ---- | C] () -- C:\Programme\nvtuicpl.cp_
[2006.06.01 16:22:00 | 000,033,585 | ---- | C] () -- C:\Programme\nvwcpzhc.hl_
[2006.06.01 16:22:00 | 000,032,242 | ---- | C] () -- C:\Programme\nvwcpzht.hl_
[2006.06.01 16:22:00 | 000,029,080 | ---- | C] () -- C:\Programme\data1.hdr
[2006.06.01 16:22:00 | 000,023,556 | ---- | C] () -- C:\Programme\nvcod.dl_
[2006.06.01 16:22:00 | 000,016,960 | ---- | C] () -- C:\Programme\NVDisp.nvu
[2006.06.01 16:22:00 | 000,014,730 | ---- | C] () -- C:\Programme\NvApps.xm_
[2006.06.01 16:22:00 | 000,010,222 | ---- | C] () -- C:\Programme\default.tv_
[2006.06.01 16:22:00 | 000,009,972 | ---- | C] () -- C:\Programme\NvwsApps.xm_
[2006.06.01 16:22:00 | 000,009,110 | ---- | C] () -- C:\Programme\nvmccsrs.dl_
[2006.06.01 16:22:00 | 000,006,144 | ---- | C] () -- C:\Programme\Finance.tv_
[2006.06.01 16:22:00 | 000,006,101 | ---- | C] () -- C:\Programme\Advanced.tv_
[2006.06.01 16:22:00 | 000,005,857 | ---- | C] () -- C:\Programme\DCC.tv_
[2006.06.01 16:22:00 | 000,005,661 | ---- | C] () -- C:\Programme\CAD.tv_
[2006.06.01 16:22:00 | 000,000,862 | ---- | C] () -- C:\Programme\setup.ini
[2006.06.01 16:22:00 | 000,000,512 | ---- | C] () -- C:\Programme\data2.cab
[2006.06.01 16:22:00 | 000,000,510 | ---- | C] () -- C:\Programme\layout.bin
[2006.06.01 16:22:00 | 000,000,431 | ---- | C] () -- C:\Programme\setup.iss
[2004.08.04 01:57:34 | 000,363,520 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2001.11.14 12:56:00 | 001,802,240 | ---- | C] () -- C:\WINDOWS\System32\lcppn21.dll
[1999.01.23 02:46:58 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\MSRTEDIT.DLL

========== LOP Check ==========

[2009.05.06 15:41:04 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\DriverCure
[2008.05.26 18:49:51 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\ElsterFormular
[2008.12.23 16:17:47 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\ESET
[2008.05.23 09:56:26 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Funcom
[2008.07.17 13:59:59 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\ICQ
[2009.05.03 12:36:59 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\ParetoLogic
[2009.08.22 12:13:26 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\ScanSoft
[2009.02.06 17:42:29 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\T-DSL Manager
[2009.02.06 17:42:32 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\T-Online
[2009.08.26 19:21:41 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TomTom
[2009.12.05 20:07:12 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\{755AC846-7372-4AC8-8550-C52491DAA8BD}
[2008.09.18 16:54:34 | 000,000,000 | -HSD | M] -- C:\Dokumente und Einstellungen\Enrico\Anwendungsdaten\.#
[2008.11.23 12:16:00 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Enrico\Anwendungsdaten\Acreon
[2007.10.20 19:15:34 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Enrico\Anwendungsdaten\ConvertTemp
[2008.08.07 19:42:06 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Enrico\Anwendungsdaten\DAEMON Tools
[2009.05.06 15:38:16 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Enrico\Anwendungsdaten\DriverCure
[2008.07.17 14:00:52 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Enrico\Anwendungsdaten\ICQ
[2006.07.20 20:59:32 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Enrico\Anwendungsdaten\ICQLite
[2006.07.17 15:18:35 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Enrico\Anwendungsdaten\Opera
[2007.05.09 18:00:03 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Enrico\Anwendungsdaten\Panasonic
[2007.10.20 19:15:34 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Enrico\Anwendungsdaten\Samsung
[2007.07.02 08:11:59 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Enrico\Anwendungsdaten\T-DSL Manager
[2007.06.01 14:09:28 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Enrico\Anwendungsdaten\T-DSL SpeedManager
[2007.10.20 19:15:34 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Enrico\Anwendungsdaten\Temporary
[2009.08.26 19:21:20 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Enrico\Anwendungsdaten\TomTom
[2007.10.20 19:15:34 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Enrico\Anwendungsdaten\TransRender
[2010.03.19 19:51:39 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Enrico\Anwendungsdaten\TS3Client
[2008.11.03 18:47:55 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Enrico\Anwendungsdaten\WEB.DE
[2008.10.09 22:33:57 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Enrico\Anwendungsdaten\XnView
[2009.02.17 21:32:15 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\LocalService\Anwendungsdaten\SACore
[2010.11.14 19:06:05 | 000,000,452 | ---- | M] () -- C:\WINDOWS\Tasks\ParetoLogic Registration.job
[2010.11.13 00:33:00 | 000,000,426 | ---- | M] () -- C:\WINDOWS\Tasks\ParetoLogic Update Version2.job

========== Purity Check ==========



< End of report >

OTL Extras logfile created on: 15.11.2010 11:15:08 - Run 1
OTL by OldTimer - Version 3.2.17.3 Folder = C:\Dokumente und Einstellungen\Enrico\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

2,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 77,00% Memory free
3,00 Gb Paging File | 3,00 Gb Available in Paging File | 90,00% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 76,68 Gb Total Space | 26,57 Gb Free Space | 34,65% Space Free | Partition Type: NTFS

Computer Name: ENNO | User Name: Enrico | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html [@ = Opera.HTML] -- C:\Programme\Opera\Opera.exe (Opera Software)

[HKEY_USERS\S-1-5-21-1801674531-527237240-839522115-1004\SOFTWARE\Classes\<extension>]
.html [@ = Opera.HTML] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
htmlfile [edit] -- "C:\Programme\Microsoft Office\Office\msohtmed.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Programme\Opera\Opera.exe" (Opera Software)
https [open] -- "C:\Programme\Opera\Opera.exe" (Opera Software)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [Betrachten mit XnView] -- "C:\Programme\XnView\xnview.exe" "%1" (XnView, hxxp://www.xnview.com)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 4

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"3724:TCP" = 3724:TCP:*:Enabled:Blizzard Downloader
"6112:TCP" = 6112:TCP:*:Enabled:Blizzard Downloader
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Programme\ICQLite\ICQLite.exe" = C:\Programme\ICQLite\ICQLite.exe:*:Disabled:ICQ Lite -- File not found
"C:\Programme\ICQ6\ICQ.exe" = C:\Programme\ICQ6\ICQ.exe:*:Enabled:ICQ6 -- File not found
"C:\Dokumente und Einstellungen\Enrico\Lokale Einstellungen\Temp\Blizzard Launcher Temporary - 03d8e4d0\Launcher.exe" = C:\Dokumente und Einstellungen\Enrico\Lokale Einstellungen\Temp\Blizzard Launcher Temporary - 03d8e4d0\Launcher.exe:*:Enabled:Blizzard Launcher -- File not found
"C:\Programme\Bonjour\mDNSResponder.exe" = C:\Programme\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour -- File not found
"C:\wow\BackgroundDownloader.exe" = C:\wow\BackgroundDownloader.exe:*:Enabled:Blizzard Downloader -- File not found
"C:\wow\WoW-3.2.0.10192-to-3.2.0.10314-deDE-downloader.exe" = C:\wow\WoW-3.2.0.10192-to-3.2.0.10314-deDE-downloader.exe:*:Enabled:Blizzard Downloader -- (Blizzard Entertainment)
"C:\wow\Launcher.exe" = C:\wow\Launcher.exe:*:Enabled:Blizzard Launcher -- (Blizzard Entertainment)
"C:\wow\WoW-3.2.0.10314-to-3.2.2.10482-deDE-downloader.exe" = C:\wow\WoW-3.2.0.10314-to-3.2.2.10482-deDE-downloader.exe:*:Enabled:Blizzard Downloader -- (Blizzard Entertainment)
"C:\wow\WoW-3.2.2.10482-to-3.2.2.10505-deDE-downloader.exe" = C:\wow\WoW-3.2.2.10482-to-3.2.2.10505-deDE-downloader.exe:*:Enabled:Blizzard Downloader -- (Blizzard Entertainment)
"C:\WINDOWS\system32\dpvsetup.exe" = C:\WINDOWS\system32\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test -- (Microsoft Corporation)
"C:\Programme\iTunes\iTunes.exe" = C:\Programme\iTunes\iTunes.exe:*:Enabled:iTunes -- File not found
"C:\Dokumente und Einstellungen\Enrico\Lokale Einstellungen\Apps\2.0\0PGGTNK5.VGG\3CVVLDAY.Z99\curs..tion_eee711038731a406_0004.0000_172b37d8269e5e48\CurseClient.exe" = C:\Dokumente und Einstellungen\Enrico\Lokale Einstellungen\Apps\2.0\0PGGTNK5.VGG\3CVVLDAY.Z99\curs..tion_eee711038731a406_0004.0000_172b37d8269e5e48\CurseClient.exe:*:Enabled:Curse Client 4.0 -- File not found


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00000407-78E1-11D2-B60F-006097C998E7}" = Microsoft Office 2000 Premium
"{04830D0F-F980-4EC0-89F1-594F2FD2A1B5}" = ElsterFormular 2008/2009
"{0C826C5B-B131-423A-A229-C71B3CACCD6A}" = CDDRV_Installer
"{143BE018-D8F8-4014-8CB6-AF63F5799D21}" = ULi LAN Driver
"{1451DE6B-ABE1-4F62-BE9A-B363A17588A2}" = QuickTime
"{1545207E-C6F3-31D7-9918-BDBB65075FBF}" = Microsoft .NET Framework 3.5 Language Pack - deu
"{1E5007FA-DA5E-4EDD-BDE5-14D128D66887}" = PowerQuest PartitionMagic 7.0 Demo
"{20F0F67B-CB0F-4C85-B6F2-133D9CB70614}" = Samsung PC Studio
"{26A24AE4-039D-4CA4-87B4-2F83216016FF}" = Java(TM) 6 Update 21
"{2BC2781A-F7F6-452E-95EB-018A522F1B2C}" = PaperPort Image Printer
"{2CDCCE7E-55D5-40CC-AEA0-ABA54713501F}" = LUMIX Simple Viewer
"{3101CB58-3482-4D21-AF1A-7057FC935355}" = KhalInstallWrapper
"{350C97B3-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3A08B59E-A9F0-4F4D-B7E5-6875D7F13327}" = Brother MFL-Pro Suite DCP-185C
"{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}" = Logitech Registration
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{66F1F013-008F-4875-B283-5A814B820347}" = Kaspersky Internet Security 2011
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{7A8FF745-BBC5-482B-88E4-18D3178249A9}" = ScanSoft PaperPort 11
"{84814E6B-2581-46EC-926A-823BD1C670F6}" = ASUS Bluetooth Software
"{87CC8013-56D1-43E1-A0A5-AD406B4EBA95}" = Opera 10.63
"{8A809006-C25A-4A3A-9DAB-94659BCDB107}" = NVIDIA PhysX
"{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}" = TomTom HOME Visual Studio Merge Modules
"{9309DD7E-EBFE-3C95-8B47-30D3A012F606}" = Microsoft .NET Framework 2.0 Service Pack 1 Language Pack - DEU
"{981029E0-7FC9-4CF3-AB39-6F133621921A}" = Skype Toolbars
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{A047546B-1FC0-42AB-972E-EC689D9CF08D}" = CAMagic Mobile for Bluetooth
"{A1071AEB-B0EF-3F5F-BC84-83A270EBE496}" = Microsoft .NET Framework 3.0 Service Pack 1 Language Pack - DEU
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{AC76BA86-7AD7-1033-7B44-A70900000002}" = Adobe Reader 7.0.9
"{B480BD2A-F1BA-4FE6-8C8E-34C6111B72C9}" = ElsterFormular 2007/2008
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C4A4722E-79F9-417C-BD72-8D359A090C97}" = Samsung PC Studio
"{C9BED750-1211-4480-B1A5-718A3BE15525}" = REALTEK GbE & FE Ethernet PCI-E NIC Driver
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.2
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F29B21BD-CAA6-445F-8EF7-A7E2B9D8B14E}" = Logitech SetPoint
"{FB08F381-6533-4108-B7DD-039E11FBC27E}" = Realtek AC'97 Audio
"AC3Filter" = AC3Filter (remove only)
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Audiograbber" = Audiograbber 1.83 SE
"CCleaner" = CCleaner
"DivX Setup.divx.com" = DivX-Setup
"ie8" = Windows Internet Explorer 8
"InstallShield_{3C3B2C97-0DAB-482F-9C95-6610827210E3}" = ASUS nVIDIA Driver
"InstallWIX_{66F1F013-008F-4875-B283-5A814B820347}" = Kaspersky Internet Security 2011
"IrfanView" = IrfanView (remove only)
"Kaspersky Online Scanner" = Kaspersky Online Scanner
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 3.5 Language Pack - deu" = Microsoft .NET Framework 3.5 Language Pack - DEU
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"NVIDIA Drivers" = NVIDIA Drivers
"NVIDIA nView Desktop Manager" = NVIDIA nView Desktop Manager
"SAMSUNG CDMA Modem" = SAMSUNG CDMA Modem Driver Set
"Samsung Mobile phone USB driver" = Samsung Mobile phone USB driver Software
"SAMSUNG Mobile USB Modem" = SAMSUNG Mobile USB Modem Software
"SAMSUNG Mobile USB Modem 1.0" = SAMSUNG Mobile USB Modem 1.0 Software
"ShockwaveFlash" = Adobe Flash Player 9 ActiveX
"ST6UNST #1" = BEWERBUNGS-MASTER
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"TeamSpeakOverlay" = TeamSpeak Overlay BETA 2 (#63)
"TomTom HOME" = TomTom HOME 2.7.4.1962
"VLC media player" = VideoLAN VLC media player 0.8.6i
"Wdf01005" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
"WIC" = Windows Imaging Component
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinRAR archiver" = WinRAR
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"World of Warcraft" = World of Warcraft
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"XnView_is1" = XnView 1.94.1
"XpsEPSC" = XML Paper Specification Shared Components Pack 1.0
"XPSEPSCLP" = XML Paper Specification Shared Components Language Pack 1.0

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-1801674531-527237240-839522115-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"090215de958f1060" = Curse Client

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 20.05.2010 18:09:34 | Computer Name = ENNO | Source = nview_info | ID = 11141121
Description =

Error - 21.05.2010 12:37:34 | Computer Name = ENNO | Source = nview_info | ID = 11141121
Description =

Error - 29.05.2010 20:43:08 | Computer Name = ENNO | Source = nview_info | ID = 11141121
Description =

Error - 30.05.2010 17:13:16 | Computer Name = ENNO | Source = nview_info | ID = 11141121
Description =

Error - 03.06.2010 07:13:37 | Computer Name = ENNO | Source = TomTomHOMEService | ID = 10000
Description =

Error - 11.07.2010 03:10:20 | Computer Name = ENNO | Source = crypt32 | ID = 131083
Description = Die Extrahierung der Drittanbieterstammlisten aus der automatischen
Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>
ist fehlgeschlagen mit dem Fehler: Ein erforderliches Zertifikat befindet sich
nicht im Gültigkeitszeitraum gemessen an der aktuellen Systemzeit oder dem Zeitstempel
in der signierten Datei. .

Error - 11.07.2010 03:10:20 | Computer Name = ENNO | Source = crypt32 | ID = 131083
Description = Die Extrahierung der Drittanbieterstammlisten aus der automatischen
Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>
ist fehlgeschlagen mit dem Fehler: Ein erforderliches Zertifikat befindet sich
nicht im Gültigkeitszeitraum gemessen an der aktuellen Systemzeit oder dem Zeitstempel
in der signierten Datei. .

Error - 14.10.2010 12:53:54 | Computer Name = ENNO | Source = crypt32 | ID = 131083
Description = Die Extrahierung der Drittanbieterstammlisten aus der automatischen
Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>
ist fehlgeschlagen mit dem Fehler: Ein erforderliches Zertifikat befindet sich
nicht im Gültigkeitszeitraum gemessen an der aktuellen Systemzeit oder dem Zeitstempel
in der signierten Datei. .

Error - 14.10.2010 12:53:54 | Computer Name = ENNO | Source = crypt32 | ID = 131083
Description = Die Extrahierung der Drittanbieterstammlisten aus der automatischen
Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>
ist fehlgeschlagen mit dem Fehler: Ein erforderliches Zertifikat befindet sich
nicht im Gültigkeitszeitraum gemessen an der aktuellen Systemzeit oder dem Zeitstempel
in der signierten Datei. .

Error - 14.11.2010 16:49:44 | Computer Name = ENNO | Source = MsiInstaller | ID = 1013
Description = Programm: Kaspersky PURE -- Auf Ihrem Computer ist bereits eine Kaspersky-Lab-Anwendung
installiert. Bitte entfernen Sie diese Anwendung vor der Installation von Kaspersky
PURE.

[ System Events ]
Error - 14.11.2010 17:55:55 | Computer Name = ENNO | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Infrarotüberwachung" ist vom Dienst "Terminaldienste"
abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: %%1058

Error - 14.11.2010 17:55:55 | Computer Name = ENNO | Source = Service Control Manager | ID = 7026
Description = Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
sptd

Error - 15.11.2010 03:39:07 | Computer Name = ENNO | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Infrarotüberwachung" ist vom Dienst "Terminaldienste"
abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: %%1058

Error - 15.11.2010 03:39:07 | Computer Name = ENNO | Source = Service Control Manager | ID = 7026
Description = Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
sptd

Error - 15.11.2010 04:00:50 | Computer Name = ENNO | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Infrarotüberwachung" ist vom Dienst "Terminaldienste"
abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: %%1058

Error - 15.11.2010 04:00:50 | Computer Name = ENNO | Source = Service Control Manager | ID = 7026
Description = Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
sptd

Error - 15.11.2010 05:57:52 | Computer Name = ENNO | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Infrarotüberwachung" ist vom Dienst "Terminaldienste"
abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: %%1058

Error - 15.11.2010 05:57:52 | Computer Name = ENNO | Source = Service Control Manager | ID = 7026
Description = Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
AliIde sptd

Error - 15.11.2010 06:05:26 | Computer Name = ENNO | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Infrarotüberwachung" ist vom Dienst "Terminaldienste"
abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: %%1058

Error - 15.11.2010 06:05:26 | Computer Name = ENNO | Source = Service Control Manager | ID = 7026
Description = Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
sptd


< End of report >

cosinus 15.11.2010 22:43
Beende alle Programme, starte OTL und kopiere folgenden Text in die "Custom Scan/Fixes" Box (unten in OTL): (das ":OTL" muss mitkopiert werden!!!)


Code:
:OTL
DRV - (TSMPacket) -- C:\WINDOWS\System32\DRIVERS\tsmpkt.sys File not found
DRV - (MEMSWEEP2) -- C:\WINDOWS\System32\4E.tmp File not found
DRV - (dsltestSp5) -- C:\WINDOWS\System32\Drivers\dsltestSp5.sys File not found
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.07.12 17:14:26 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{da5f7c3d-926c-11de-88f0-00138f9375f1}\Shell\AutoRun\command - "" = G:\InstallTomTomHOME.exe -- File not found
O33 - MountPoints2\{e9493ff6-d0e1-11dd-87c2-00138f9375f1}\Shell - "" = AutoRun
O33 - MountPoints2\{e9493ff6-d0e1-11dd-87c2-00138f9375f1}\Shell\1\Command - "" = G:\Recycled.exe -- File not found
O33 - MountPoints2\{e9493ff6-d0e1-11dd-87c2-00138f9375f1}\Shell\2\Command - "" = G:\Recycled.exe -- File not found
O33 - MountPoints2\{e9493ff6-d0e1-11dd-87c2-00138f9375f1}\Shell\AutoRun - "" = Auto&Play
[2008.09.18 16:54:34 | 000,000,000 | -HSD | M] -- C:\Dokumente und Einstellungen\Enrico\Anwendungsdaten\.#
:Commands
[purity]
[resethosts]
[emptytemp]
Klick dann oben links auf den Button Fix!
Das Logfile müsste geöffnet werden, wenn Du nach dem Fixen auf ok klickst, poste das bitte. Evtl. wird der Rechner neu gestartet.


Alle Zeitangaben in WEZ +1. Es ist jetzt 16:17 Uhr.

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131