So, einmal Logfile von Malware.
Soll ich die infizierten Objekte löschen? Bin echt erstaunt, es sind immerhin 17 Dateien...
Malwarebytes' Anti-Malware 1.50
Malwarebytes
Datenbank Version: 5365
Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702
21.12.2010 18:38:20
mbam-log-2010-12-21 (18-38-13).txt
Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|E:\|I:\|)
Durchsuchte Objekte: 539617
Laufzeit: 3 Stunde(n), 40 Minute(n), 16 Sekunde(n)
Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 4
Infizierte Registrierungswerte: 0
Infizierte Dateiobjekte der Registrierung: 1
Infizierte Verzeichnisse: 1
Infizierte Dateien: 11
Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)
Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)
Infizierte Registrierungsschlüssel:
HKEY_CLASSES_ROOT\WUSN.1 (Adware.WhenU) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\MRSoft (Trojan.Agent) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\prh (Trojan.Banker) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\tst (Trojan.Banker) -> No action taken.
Infizierte Registrierungswerte:
(Keine bösartigen Objekte gefunden)
Infizierte Dateiobjekte der Registrierung:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Userinit (Hijack.UserInit) -> Bad: (C:\WINDOWS\system32\userinit.exe,,C:\Programme\kUZGTcxF\ipbdbthb.exeC:\WINDOWS\system32\appconf32.exe,C:\WINDOWS\system32\appconf32.exe,) Good: (userinit.exe) -> No action taken.
Infizierte Verzeichnisse:
c:\WINDOWS\system32\xmldm (Stolen.Data) -> No action taken.
Infizierte Dateien:
c:\system volume information\_restore{dda8f792-c2b0-4847-9b0a-bbb3d54ec7bc}\RP3\A0002379.exe (Spyware.Passwords.XGen) -> No action taken.
d:\xilisoft dvd ripper ultimate 5.0.63.-0303-multi-inkl.serail\Z-keygen.exe (Trojan.Agent.CK) -> No action taken.
c:\dokumente und einstellungen\compi\anwendungsdaten\avdrn.dat (Malware.Trace) -> No action taken.
c:\WINDOWS\system32\acroiehelpe.dll (Trojan.Banker) -> No action taken.
c:\WINDOWS\system32\alog.txt (Stolen.data) -> No action taken.
c:\WINDOWS\system32\cmds.txt (Malware.Trace) -> No action taken.
c:\WINDOWS\system32\conf.dat (Malware.Trace) -> No action taken.
c:\WINDOWS\system32\ps1.dat (Trojan.Agent) -> No action taken.
c:\WINDOWS\system32\rc.dat (Trojan.Agent) -> No action taken.
c:\dokumente und einstellungen\networkservice\anwendungsdaten\abpzlw.dat (Malware.Trace) -> No action taken.
c:\WINDOWS\system32\config\systemprofile\anwendungsdaten\abpzlw.dat (Malware.Trace) -> No action taken. So, und hier die Extras.txtOTL Logfile: Code:
OTL Extras logfile created on: 21.12.2010 18:39:06 - Run 1
OTL by OldTimer - Version 3.2.18.0 Folder = C:\Dokumente und Einstellungen\compi\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 51,00% Memory free
4,00 Gb Paging File | 3,00 Gb Available in Paging File | 77,00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 24,41 Gb Total Space | 3,66 Gb Free Space | 14,99% Space Free | Partition Type: NTFS
Drive D: | 146,48 Gb Total Space | 14,52 Gb Free Space | 9,91% Space Free | Partition Type: NTFS
Drive E: | 61,98 Gb Total Space | 41,36 Gb Free Space | 66,72% Space Free | Partition Type: NTFS
Unable to calculate disk information.
Drive I: | 298,09 Gb Total Space | 27,63 Gb Free Space | 9,27% Space Free | Partition Type: NTFS
Computer Name: PC | User Name: compi | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Programme\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
http [open] -- "C:\Programme\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)
https [open] -- "C:\Programme\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- C:\Programme\VideoLAN\VLC\vlc.exe --started-from-file --playlist-enqueue "%1" ()
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OnlineFotoservice] -- "C:\Programme\OnlineFotoservice\OnlineFotoservice\OnlineFotoservice.exe" "%1" File not found
Directory [PlayWithVLC] -- C:\Programme\VideoLAN\VLC\vlc.exe --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 1
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"139:TCP" = 139:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22002
"5739:UDP" = 5739:UDP:*:Enabled:PES
"5740:UDP" = 5740:UDP:*:Enabled:PES
"5730:UDP" = 5730:UDP:*:Enabled:PES
"5731:UDP" = 5731:UDP:*:Enabled:PES
"80:TCP" = 80:TCP:*:Enabled:PES
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\Programme\FlashFXP\FlashFXP.exe" = C:\Programme\FlashFXP\FlashFXP.exe:*:Enabled:FlashFXP v3 -- File not found
"I:\FlashFxp\FlashFXP.exe" = I:\FlashFxp\FlashFXP.exe:*:Enabled:FlashFXP v3 -- (IniCom Networks, Inc.)
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Programme\DVBViewerTE\ts_winlirc.exe" = C:\Programme\DVBViewerTE\ts_winlirc.exe:*:Enabled:ts_winlirc -- File not found
"C:\WINDOWS\system32\ZoneLabs\avsys\ScanningProcess.exe" = C:\WINDOWS\system32\ZoneLabs\avsys\ScanningProcess.exe:*:Enabled:Kaspersky AV Scanner -- File not found
"C:\Programme\FlashFXP\FlashFXP.exe" = C:\Programme\FlashFXP\FlashFXP.exe:*:Enabled:FlashFXP v3 -- File not found
"C:\Programme\ICQ6\ICQ.exe" = C:\Programme\ICQ6\ICQ.exe:*:Enabled:ICQ6 -- (ICQ, Inc.)
"D:\Spiele\Pro Evolution Soccer 2008\PES2008.exe" = D:\Spiele\Pro Evolution Soccer 2008\PES2008.exe:*:Enabled:Pro Evolution Soccer 2008 -- File not found
"C:\Programme\PPMate\ppmate.exe" = C:\Programme\PPMate\ppmate.exe:*:Enabled:PPMate -- File not found
"C:\Programme\PPMate\ppmnet.exe" = C:\Programme\PPMate\ppmnet.exe:*:Enabled:PPMate -- File not found
"I:\Tobit ClipInc\Player\ClipInc-Player.exe" = I:\Tobit ClipInc\Player\ClipInc-Player.exe:*:Enabled:ClipInc. Player -- File not found
"D:\Spiele\Call of Duty 4 - Modern Warfare\iw3mp.exe" = D:\Spiele\Call of Duty 4 - Modern Warfare\iw3mp.exe:*:Disabled:Call of Duty(R) 4 - Modern Warfare(TM) -- ()
"D:\Spiele\World in Conflict\wic.exe" = D:\Spiele\World in Conflict\wic.exe:*:Disabled:WORLD IN CONFLICT -- (Massive Entertainment AB)
"D:\Spiele\World in Conflict\wic_ds.exe" = D:\Spiele\World in Conflict\wic_ds.exe:*:Disabled:WORLD IN CONFLICT - Dedizierter Server -- ()
"D:\Spiele\World in Conflict\wic_online.exe" = D:\Spiele\World in Conflict\wic_online.exe:*:Disabled:WORLD IN CONFLICT - Nur Online -- (Massive Entertainment AB)
"D:\Spiele\Splinter Cell Double Agent\SCDA-Offline\System\SplinterCell4.exe" = D:\Spiele\Splinter Cell Double Agent\SCDA-Offline\System\SplinterCell4.exe:*:Disabled:SplinterCell4 -- ()
"I:\Tobit ClipInc\Server\ClipInc-Server.exe" = I:\Tobit ClipInc\Server\ClipInc-Server.exe:*:Enabled:ClipInc Server -- File not found
"I:\FlashFxp\FlashFXP.exe" = I:\FlashFxp\FlashFXP.exe:*:Enabled:FlashFXP v3 -- (IniCom Networks, Inc.)
"C:\Programme\uusee\UUSeePlayer.exe" = C:\Programme\uusee\UUSeePlayer.exe:*:Enabled:UUPlayer -- File not found
"D:\Spiele\Pro Evolution Soccer 2008\PES2008 evolution.exe" = D:\Spiele\Pro Evolution Soccer 2008\PES2008 evolution.exe:*:Enabled:Pro Evolution Soccer 2008 -- File not found
"D:\Spiele\Pro Evolution Soccer 2008\PES2008\PES2008.exe" = D:\Spiele\Pro Evolution Soccer 2008\PES2008\PES2008.exe:*:Enabled:Pro Evolution Soccer 2008 -- File not found
"D:\Spiele\Pro Evolution Soccer 2008\EURO.exe" = D:\Spiele\Pro Evolution Soccer 2008\EURO.exe:*:Enabled:Pro Evolution Soccer 2008 -- File not found
"D:\Spiele\Crysis\Bin32\CrysisDedicatedServer.exe" = D:\Spiele\Crysis\Bin32\CrysisDedicatedServer.exe:*:Enabled:CrysisDedicatedServer_32 -- (Crytek GmbH)
"D:\Spiele\PES 2009\pes2009.exe" = D:\Spiele\PES 2009\pes2009.exe:*:Enabled:Pro Evolution Soccer 2009 -- File not found
"D:\Spiele\Crysis\Bin32\Crysis.exe" = D:\Spiele\Crysis\Bin32\Crysis.exe:*:Disabled:Crysis_32 -- (Crytek GmbH)
"D:\Spiele\GTA IV\Grand Theft Auto IV\LaunchGTAIV.exe" = D:\Spiele\GTA IV\Grand Theft Auto IV\LaunchGTAIV.exe:*:Disabled:Grand Theft Auto IV -- (Sony DADC Austria AG)
"D:\Spiele\Kane und Lynch\kaneandlynch.exe" = D:\Spiele\Kane und Lynch\kaneandlynch.exe:*:Disabled:Kane & Lynch: Dead Men -- (Io Interactive A/S)
"D:\Spiele\GTA IV\Rockstar Games Social Club\RGSCLauncher.exe" = D:\Spiele\GTA IV\Rockstar Games Social Club\RGSCLauncher.exe:*:Disabled:Rockstar Games Social Club -- (Take-Two Interactive Software, Inc.)
"I:\Spiele 2\Pro Evolution Soccer 2009\pes2009.exe" = I:\Spiele 2\Pro Evolution Soccer 2009\pes2009.exe:*:Enabled:Pro Evolution Soccer 2009 -- (Konami Digital Entertainment Co., Ltd.)
"D:\Spiele\GTA IV\Grand Theft Auto IV\GTAIV.exe" = D:\Spiele\GTA IV\Grand Theft Auto IV\GTAIV.exe:*:Disabled:Grand Theft Auto IV -- (Take-Two Interactive Software, Inc.)
"I:\Metin2_Germany\metin2.bin" = I:\Metin2_Germany\metin2.bin:*:Enabled:metin2 -- ()
"D:\RSD_0.59\RSD 0.59\RSD.exe" = D:\RSD_0.59\RSD 0.59\RSD.exe:*:Enabled:RSD.exe -- (by Schneewiesel)
"D:\Spiele\PES 2009 - Die Matrix\pes2009.exe" = D:\Spiele\PES 2009 - Die Matrix\pes2009.exe:*:Enabled:Pro Evolution Soccer 2009 -- File not found
"D:\Spiele\PES 10\pes2010.exe" = D:\Spiele\PES 10\pes2010.exe:*:Enabled:Pro Evolution Soccer 2010 -- File not found
"D:\PES 10\pes2010.exe" = D:\PES 10\pes2010.exe:*:Enabled:Pro Evolution Soccer 2010 -- File not found
"C:\Programme\1&1\1&1 HomeNet-Client\1&1 HomeNet-Client.exe" = C:\Programme\1&1\1&1 HomeNet-Client\1&1 HomeNet-Client.exe:*:Enabled:1&1 HomeNet-Client -- (1&1 Internet AG)
"I:\Tobit Radio.fx\Server\rfx-server.exe" = I:\Tobit Radio.fx\Server\rfx-server.exe:*:Enabled:Radio.fx Server -- ()
"I:\Tobit Radio.fx\Client\rfx-client.exe" = I:\Tobit Radio.fx\Client\rfx-client.exe:*:Enabled:Radio.fx Client -- (Tobit.Software)
"D:\Spiele\PES 10\Fifa World Cup\pes2010.exe" = D:\Spiele\PES 10\Fifa World Cup\pes2010.exe:*:Enabled:Pro Evolution Soccer 2010 -- (Konami Digital Entertainment Co., Ltd.)
"D:\Spiele\FIFA 11 Demo\Game\fifa.exe" = D:\Spiele\FIFA 11 Demo\Game\fifa.exe:*:Disabled:FIFA 11 -- File not found
"D:\Spiele\PES 2011\pes2011.exe" = D:\Spiele\PES 2011\pes2011.exe:*:Enabled:Pro Evolution Soccer 2011 -- (Konami Digital Entertainment Co., Ltd.)
"C:\Programme\SopCast\adv\SopAdver.exe" = C:\Programme\SopCast\adv\SopAdver.exe:*:Enabled:SopCast Adver -- (www.sopcast.com)
"D:\Spiele\PES 2011\pesgalaxy.tk Patch 2011\PES2011.exe" = D:\Spiele\PES 2011\pesgalaxy.tk Patch 2011\PES2011.exe:*:Enabled:Pro Evolution Soccer 2011 -- (Konami Digital Entertainment Co., Ltd.)
"D:\Spiele\Fifa 11\Game\fifa.exe" = D:\Spiele\Fifa 11\Game\fifa.exe:*:Disabled:FIFA 11 -- (Electronic Arts)
"C:\Programme\iTunes\iTunes.exe" = C:\Programme\iTunes\iTunes.exe:*:Enabled:iTunes -- (Apple Inc.)
"C:\WINDOWS\explorer.exe" = C:\WINDOWS\explorer.exe:*:Disabled:Windows Explorer -- (Microsoft Corporation)
"C:\Programme\Mozilla Firefox\firefox.exe" = C:\Programme\Mozilla Firefox\firefox.exe:*:Disabled:Firefox -- (Mozilla Corporation)
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{000E79B7-E725-4F01-870A-C12942B7F8E4}" = Crysis(R)
"{04830D0F-F980-4EC0-89F1-594F2FD2A1B5}" = ElsterFormular 2008/2009
"{08B3869E-D282-424C-9AFC-870E04A4BA14}" = Rockstar Games Social Club
"{09298F26-A95C-31E2-9D95-2C60F586F075}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"{1148E85C-E1AF-48E0-A29C-68DACE07E054}" = Pro Evolution Soccer 2011
"{13F3917B56CD4C25848BDC69916971BB}" = DivX Converter
"{18D10072035C4515918F7E37EAFAACFC}" = AutoUpdate
"{1E04F83B-2AB9-4301-9EF7-E86307F79C72}" = Google Earth
"{212748BB-0DA5-46DE-82A1-403736DC9F27}" = MSVC80_x86
"{26A24AE4-039D-4CA4-87B4-2F83216010FF}" = Java(TM) 6 Update 13
"{2A981294-F14C-4F0F-9627-D793270922F8}" = Bonjour
"{2FFE93F0-BB72-4E52-8761-354D1AAA9387}" = Sony Ericsson PC Suite 6.009.00
"{308B6AEA-DE50-4666-996D-0FA461719D6B}" = Apple Mobile Device Support
"{3248F0A8-6813-11D6-A77B-00B0D0160020}" = Java(TM) 6 Update 2
"{3248F0A8-6813-11D6-A77B-00B0D0160030}" = Java(TM) 6 Update 3
"{3248F0A8-6813-11D6-A77B-00B0D0160050}" = Java(TM) 6 Update 5
"{3248F0A8-6813-11D6-A77B-00B0D0160070}" = Java(TM) 6 Update 7
"{34EB6245-C8D0-4D8A-B8D8-EEBFF7A91485}" = Firebird SQL Server - MAGIX Edition
"{350C97B3-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3BDB8AA5-EDDD-441A-877A-FC6D8664869F}" = 5000 Series
"{3D39E775-DDDA-4327-B747-0BDC5F191331}" = Nokia PC Suite
"{3FC7CBBC4C1E11DCA1A752EA55D89593}" = DivX Version Checker
"{3FEA6CD1-EA13-4CE7-A74E-A74A4A0A7B5C}" = FIFA 11
"{410F24C4-ACD8-411B-9F9A-991E0AAE760A}" = Carbide.ui Theme Edition 3.2.1.0
"{498A4E3D-562E-4129-8722-6DCAB12384AE}" = Windows Communication Foundation Language Pack - DEU
"{4E1CD3D5-D4EE-4246-AE24-F0FD5A60390D}" = OviMPlatform
"{4FFD1AB4-54F0-4069-88D9-3A55B38F874B}" = Nokia Ovi Suite Software Updater
"{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime
"{579BA58C-F33D-4970-9953-B94B43768AC3}" = Grand Theft Auto IV
"{59E4543A-D49D-4489-B445-473D763C79AF}" = Microsoft Games for Windows - LIVE Redistributable
"{60DE4033-9503-48D1-A483-7846BD217CA9}" = ICQ6
"{60DED9C2-22BF-47A3-B6C8-6B141BA31DFD}" = Ovi Desktop Sync Engine
"{6AFCA4E1-9B78-3640-8F72-A7BF33448200}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{6B9B0C6F-E5FA-4633-A640-AB98A272ECCA}" = Safari
"{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}" = MSVC80_x86_v2
"{7228FD8C-3B9E-4204-AE36-8A466107685B}" = Windows Workflow Foundation DE Language Pack
"{7397EDED-F38A-4654-B669-BF61065803D0}" = PC Connectivity Solution
"{767CC44C-9BBC-438D-BAD3-FD4595DD148B}" = VC80CRTRedist - 8.0.50727.762
"{76E41F43-59D2-4F30-BA42-9A762EE1E8DE}" = Avanquest update
"{7B63B2922B174135AFC0E1377DD81EC2}" = DivX Codec
"{7F3AD00A-1819-4B15-BB7D-08B3586336D7}" = 3DMark06
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{8937FCB2-2FC6-4FC3-9FB5-DE2C92DB9C38}" = Microsoft .NET Framework 2.0 Language Pack - DEU
"{89661B04-C646-4412-B6D3-5E19F02F1F37}" = EAX4 Unified Redist
"{8ADFC4160D694100B5B8A22DE9DCABD9}" = DivX Player
"{8AEA4BE2-2B52-41C0-BB7D-9F2D17AF1031}" = Nero 8
"{8C2690CF-5B74-4F93-8139-7B5644CD6A3B}" = MobileMe Control Panel
"{90110407-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{90120000-0020-0407-0000-0000000FF1CE}" = Compatibility Pack für 2007 Office System
"{92DF2F1B-F63C-4D9A-B3E1-B2D11AE29790}" = Windows Presentation Foundation Language Pack (DEU)
"{93EC14D5-7AAA-4EAD-BB75-013817A96598}" = Logitech Gaming Software
"{96E3AED5-3D0B-4BB0-84C2-1EDADB204487}" = FlashFXP v3
"{986A654F-F1E4-11DD-9FCA-005056C00008}" = Paragon Partition Manager™ 10.0 Personal
"{98736A65-3C79-49EC-B7E9-A3C77774B0E6}" = Google SketchUp 6
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A66C4716-7E10-4A53-8101-00C3C11D6A9C}" = Kane and Lynch: Dead Men
"{A96E97134CA649888820BCDE5E300BBD}" = H.264 Decoder
"{A9E5EDA7-2E6C-49E7-924B-A32B89C24A04}" = Join Air
"{AAC389499AEF40428987B3D30CFC76C9}" = MKV Splitter
"{AC76BA86-7AD7-1031-7B44-A90000000001}" = Adobe Reader 9 - Deutsch
"{AC76BA86-7AD7-5464-3428-800000000003}" = Spelling Dictionaries Support For Adobe Reader 8
"{AEF9DC35ADDF4825B049ACBFD1C6EB37}" = AAC Decoder
"{AF111648-99A1-453E-81DD-80DBBF6DAD0D}" = MSVC90_x86
"{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter
"{B2FE1952-0186-46c3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Systemsteuerung 260.89
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Grafiktreiber 260.89
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NView" = NVIDIA nView 135.36
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX-Systemsoftware 9.10.0514
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B3D8B2F8-3C2C-45BC-933E-8B60E78F6684}" = Google SketchUp 6
"{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Web Player
"{B9242864-2841-4ADE-86E0-8F90F91B04DD}" = Logitech Gaming Software
"{B9C9DB4C-6D77-4AE9-AD1C-C708C23239A0}" = Nokia Connectivity Cable Driver
"{B9DB4C76-01A4-46D5-8910-F7AA6376DBAF}" = NVIDIA PhysX
"{BAF78226-3200-4DB4-BE33-4D922A799840}" = Windows Presentation Foundation
"{BFEDA49F-2E91-4B54-A366-F5A198FE1173}" = DVB-PC TV Star
"{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}" = Die Sims™ 3
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C41300B9-185D-475E-BFEC-39EF732F19B1}" = Apple Software Update
"{C920EFB6-59DB-472D-B445-21821477AD17}" = True Crime® New York City
"{C9BED750-1211-4480-B1A5-718A3BE15525}" = REALTEK GbE & FE Ethernet PCI-E NIC Driver
"{CAD1691A-FA24-4B95-9009-3257B8440ECC}" = Tom Clancy's Splinter Cell Double Agent
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D032A7F0-8B5C-4603-8B46-235025D5F9C1}" = TechniSat DVB-PC TV Star
"{D8E1DFEE-622B-46BA-AEFF-AB7E541C0B21}" = Steuer-Spar-Erklärung 2010
"{DEE1E2E5-B553-4F88-9DE7-23CBEA5D739C}" = Nokia Ovi Suite
"{DF6FE172-006A-4324-AF7F-ACFE4BA290FE}" = AAVUpdateManager
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{E48469CC-635E-4FD5-A122-1497C286D217}" = Call of Duty(R) 4 - Modern Warfare(TM)
"{E5141379-B2D9-4BBC-BB2A-5805541571DD}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.2 Patch
"{E6D22FE1-AB5F-42CA-9480-6F70B96DDD88}" = Need for Speed™ Undercover
"{E990C0BD-E3BC-47F1-B124-4F33D81B0BC3}" = Ultima2000 e+
"{EBB794ED-D282-4334-92FB-254481EFF514}" = Pro Evolution Soccer 6
"{EE6097DD-05F4-4178-9719-D3170BF098E8}" = Apple Application Support
"{F11ADC64-C89E-47F4-A0B3-3665FF859397}" = WORLD IN CONFLICT
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F1F41847-C72D-42EB-B12E-BD107839EBB7}" = Matrix
"{F2A7F421-1679-48D5-B918-96999014ED53}" = Microsoft .NET Framework 3.0 German Language Pack
"{F3BD8CF2-4AC5-44DC-BB8D-04FA1E225751}" = soft Xpansion PDF Quick Reader
"{FAE36873-1941-4076-A9A5-48812B5EA0B7}" = iTunes
"1&1 HomeNet-Client" = 1&1 HomeNet-Client
"504244733D18C8F63FF584AEB290E3904E791693" = Windows-Treiberpaket - Nokia pccsmcfd (08/22/2008 7.0.0.0)
"7-Zip" = 7-Zip 4.65
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player
"ALDI Süd Foto Manager Free D" = ALDI Süd Foto Manager Free
"ALDI Süd Foto Service D" = ALDI Süd Foto Service
"Aldi Süd Fotoservice_is1" = Aldi Süd Fotoservice
"ALDI Süd Online Druck Service" = ALDI Süd Online Druck Service 4.6
"ALDI Sued Foto Service D" = ALDI Sued Foto Service
"AllDup_is1" = AllDup 2.1.6
"Apollox Realistic Gameplay v1.5.5" = Apollox Realistic Gameplay v1.5.5
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"Bundesliga-Patch 2009 v1.70" = Bundesliga-Patch 2009 v1.70
"CCleaner" = CCleaner
"CDex" = CDex - Open Source Digital Audio CD Extractor
"ÐÂÀËÖ±²¥" = ÐÂÀËÖ±²¥
"DivX Plus DirectShow Filters" = DivX Plus DirectShow Filters
"DVD Shrink_is1" = DVD Shrink 3.2
"E8A6D621B6D3FC5D43C68C549D959DE76EEF5D84" = Windows-Treiberpaket - Nokia Modem (06/01/2009 4.1)
"EPSON Printer and Utilities" = EPSON-Drucker-Software
"EURO 2008 Mod 1.00" = EURO 2008 Mod 1.00
"EVEREST Home Edition_is1" = EVEREST Home Edition v2.20
"F779F5541ABD99C95C03B0FD5E3C058B22DA0FF7" = Windows-Treiberpaket - Nokia Modem (06/01/2009 7.01.0.3)
"Free Audio CD Burner_is1" = Free Audio CD Burner version 1.4.7
"Free YouTube to iPod Converter_is1" = Free YouTube to iPod Converter version 2.8
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.9.30
"FUSSBALL MANAGER 09" = FUSSBALL MANAGER 09
"ie8" = Windows Internet Explorer 8
"InstallShield_{3BDB8AA5-EDDD-441A-877A-FC6D8664869F}" = 5000 Series
"InstallShield_{E48469CC-635E-4FD5-A122-1497C286D217}" = Call of Duty(R) 4 - Modern Warfare(TM)
"InstallShield_{E5141379-B2D9-4BBC-BB2A-5805541571DD}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.2 Patch
"InstallShield_{EBB794ED-D282-4334-92FB-254481EFF514}" = Pro Evolution Soccer 6
"Internet-Radio Player_is1" = Internet-Radio Player Version 2.01.5
"IrfanView" = IrfanView (remove only)
"Just Cause_is1" = Just Cause
"Mafia II_is1" = Mafia II
"MAGIX 3D Maker D" = MAGIX 3D Maker (embeded)
"MAGIX Fotos auf CD & DVD 8 Download-Version D" = MAGIX Fotos auf CD & DVD 8 Download-Version 8.0.2.2 (D)
"MAGIX Screenshare D" = MAGIX Screenshare 4.3.6.1987 (D)
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 2.0 Language Pack - DEU" = Microsoft .NET Framework 2.0 Language Pack - DEU
"Microsoft .NET Framework 3.0 German Language Pack" = Microsoft .NET Framework 3.0 German Language Pack
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mozilla Firefox (3.6.13)" = Mozilla Firefox (3.6.13)
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"MSNINST" = MSN
"Nokia Ovi Suite" = Nokia Ovi Suite
"Nokia PC Suite" = Nokia PC Suite
"NVIDIA nView Desktop Manager" = NVIDIA nView Desktop Manager
"OnlineFotoservice" = OnlineFotoservice
"OpenAL" = OpenAL
"SISWare4.6 Beta" = SISWare4.6 Beta3
"SopCast" = SopCast 3.0.3
"SystemRequirementsLab" = System Requirements Lab
"Tobit Radio.fx Server" = Radio.fx
"TVUPlayer" = TVUPlayer 2.4.1.0
"UltraISO_is1" = UltraISO Premium V9.35
"Uninstall_is1" = Uninstall 1.0.0.1
"Update Service" = Update Service
"USB Scanner" = USB Scanner
"Veetle TV" = Veetle TV 0.9.18
"Vision-Patch 2009 Chants_is1" = Vision-Patch 2009 v2.0 Chants
"VLC media player" = VLC media player 0.9.2
"vShare" = vShare Plugin
"Wdf01007" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.7
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinGimp-2.0_is1" = Gimp 2.6.1
"WinRAR archiver" = WinRAR
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01007" = Microsoft User-Mode Driver Framework Feature Pack 1.7
"Xilisoft DVD Ripper Ultimate 5" = Xilisoft DVD Ripper Ultimate
"XpsEPSC" = XML Paper Specification Shared Components Pack 1.0
"XPSEPSCLP" = XML Paper Specification Shared Components Language Pack 1.0
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"ShoreLooser´s Gameplay Pro Series X" = ShoreLooser´s Gameplay Pro Series X
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 20.12.2010 14:24:22 | Computer Name = PC | Source = Application Error | ID = 1000
Description = Fehlgeschlagene Anwendung explorer.exe, Version 6.0.2900.5512, fehlgeschlagenes
Modul explorer.exe, Version 6.0.2900.5512, Fehleradresse 0x0000258a.
Error - 21.12.2010 03:16:45 | Computer Name = PC | Source = Application Error | ID = 1000
Description = Fehlgeschlagene Anwendung explorer.exe, Version 6.0.2900.5512, fehlgeschlagenes
Modul explorer.exe, Version 6.0.2900.5512, Fehleradresse 0x0000258a.
[ System Events ]
Error - 14.11.2010 07:24:49 | Computer Name = PC | Source = Service Control Manager | ID = 7031
Description = Der Dienst "Radio.fx Server" wurde unerwartet beendet. Dies ist bereits
1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 1000 Millisekunden durchgeführt:
Starten Sie den Dienst neu..
Error - 14.11.2010 11:45:52 | Computer Name = PC | Source = Service Control Manager | ID = 7009
Description = Zeitüberschreitung (30000 ms) beim Verbindungsversuch mit Dienst Radio.fx
Server.
Error - 14.11.2010 11:45:52 | Computer Name = PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "Radio.fx Server" wurde aufgrund folgenden Fehlers nicht
gestartet: %%1053
Error - 14.11.2010 12:34:33 | Computer Name = PC | Source = Service Control Manager | ID = 7031
Description = Der Dienst "Radio.fx Server" wurde unerwartet beendet. Dies ist bereits
1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 1000 Millisekunden durchgeführt:
Starten Sie den Dienst neu..
Error - 20.11.2010 06:30:43 | Computer Name = PC | Source = Service Control Manager | ID = 7031
Description = Der Dienst "Radio.fx Server" wurde unerwartet beendet. Dies ist bereits
1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 1000 Millisekunden durchgeführt:
Starten Sie den Dienst neu..
Error - 20.11.2010 06:33:49 | Computer Name = PC | Source = Service Control Manager | ID = 7031
Description = Der Dienst "Radio.fx Server" wurde unerwartet beendet. Dies ist bereits
2 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 1000 Millisekunden durchgeführt:
Starten Sie den Dienst neu..
Error - 20.11.2010 06:36:29 | Computer Name = PC | Source = Service Control Manager | ID = 7031
Description = Der Dienst "Radio.fx Server" wurde unerwartet beendet. Dies ist bereits
3 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 60000 Millisekunden durchgeführt:
Starten Sie den Dienst neu..
Error - 21.11.2010 13:09:55 | Computer Name = PC | Source = Service Control Manager | ID = 7031
Description = Der Dienst "Radio.fx Server" wurde unerwartet beendet. Dies ist bereits
1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 1000 Millisekunden durchgeführt:
Starten Sie den Dienst neu..
Error - 29.11.2010 08:19:21 | Computer Name = PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "Radio.fx Server" wurde aufgrund folgenden Fehlers nicht
gestartet: %%3
Error - 03.12.2010 12:51:07 | Computer Name = PC | Source = Service Control Manager | ID = 7031
Description = Der Dienst "Radio.fx Server" wurde unerwartet beendet. Dies ist bereits
1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 1000 Millisekunden durchgeführt:
Starten Sie den Dienst neu..
< End of report >
--- --- --- So, und hier die OTL.txtOTL Logfile: Code:
OTL logfile created on: 21.12.2010 18:39:06 - Run 1
OTL by OldTimer - Version 3.2.18.0 Folder = C:\Dokumente und Einstellungen\compi\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 51,00% Memory free
4,00 Gb Paging File | 3,00 Gb Available in Paging File | 77,00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 24,41 Gb Total Space | 3,66 Gb Free Space | 14,99% Space Free | Partition Type: NTFS
Drive D: | 146,48 Gb Total Space | 14,52 Gb Free Space | 9,91% Space Free | Partition Type: NTFS
Drive E: | 61,98 Gb Total Space | 41,36 Gb Free Space | 66,72% Space Free | Partition Type: NTFS
Unable to calculate disk information.
Drive I: | 298,09 Gb Total Space | 27,63 Gb Free Space | 9,27% Space Free | Partition Type: NTFS
Computer Name: PC | User Name: compi | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - C:\Programme\Mozilla Firefox\plugin-container.exe (Mozilla Corporation)
PRC - C:\Programme\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Dokumente und Einstellungen\compi\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Programme\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
PRC - C:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
PRC - C:\Programme\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
PRC - C:\Programme\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
PRC - C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.)
PRC - I:\Tobit Radio.fx\Server\rfx-server.exe ()
PRC - C:\Programme\Avira\AntiVir Desktop\avshadow.exe (Avira GmbH)
PRC - I:\Tobit Radio.fx\Client\rfx-tray.exe (Tobit.Software)
PRC - C:\Programme\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe (Sony Ericsson Mobile Communications AB)
PRC - C:\Programme\Join Air\AssistantServices.exe ()
PRC - C:\Programme\Join Air\UIExec.exe ()
PRC - C:\Programme\Gemeinsame Dateien\MAGIX Services\Database\bin\FABS.exe (MAGIX AG)
PRC - C:\Programme\Internetradio Player\ps_agent.exe (phonostar)
PRC - C:\Programme\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe ()
PRC - C:\Programme\Java\jre6\bin\jucheck.exe (Sun Microsystems, Inc.)
PRC - C:\Programme\Steuererklaerung\AAVUpdateManager\aavus.exe ()
PRC - C:\WINDOWS\system32\regsvr32.exe (Microsoft Corporation)
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\Programme\DAEMON Tools\daemon.exe (DT Soft Ltd)
PRC - C:\Programme\Nero 8\Nero BackItUp\NBService.exe (Nero AG)
PRC - C:\Programme\Gemeinsame Dateien\Nero\Lib\NMIndexStoreSvr.exe (Nero AG)
PRC - C:\Programme\Gemeinsame Dateien\Nero\Lib\NMIndexingService.exe (Nero AG)
PRC - C:\Programme\Gemeinsame Dateien\Nero\Lib\NMBgMonitor.exe (Nero AG)
PRC - C:\WINDOWS\twain_32\FlatBed\HotKey.Exe (Pmx. Electronics Ltd.)
PRC - C:\WINDOWS\MXOaldr.exe (Cypress Semiconductor)
========== Modules (SafeList) ==========
MOD - C:\Dokumente und Einstellungen\compi\Desktop\OTL.exe (OldTimer Tools)
MOD - C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll (Microsoft Corporation)
MOD - I:\Tobit Radio.fx\Client\rfx-helper.dll (Tobit.Software)
========== Win32 Services (SafeList) ==========
SRV - (AntiVirSchedulerService) -- C:\Programme\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
SRV - (AntiVirService) -- C:\Programme\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
SRV - (Apple Mobile Device) -- C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.)
SRV - (Radio.fx) -- I:\Tobit Radio.fx\Server\rfx-server.exe ()
SRV - (ServiceLayer) -- C:\Programme\PC Connectivity Solution\ServiceLayer.exe (Nokia)
SRV - (UI Assistant Service) -- C:\Programme\Join Air\AssistantServices.exe ()
SRV - (Fabs) -- C:\Programme\Gemeinsame Dateien\MAGIX Services\Database\bin\FABS.exe (MAGIX AG)
SRV - (OMSI download service) -- C:\Programme\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe ()
SRV - (AAV UpdateService) -- C:\Programme\Steuererklaerung\AAVUpdateManager\aavus.exe ()
SRV - (FirebirdServerMAGIXInstance) -- C:\Programme\Gemeinsame Dateien\MAGIX Services\Database\bin\fbserver.exe (MAGIX®)
SRV - (Nero BackItUp Scheduler 3) -- C:\Programme\Nero 8\Nero BackItUp\NBService.exe (Nero AG)
SRV - (NMIndexingService) -- C:\Programme\Gemeinsame Dateien\Nero\Lib\NMIndexingService.exe (Nero AG)
SRV - (ose) -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE (Microsoft Corporation)
========== Driver Services (SafeList) ==========
DRV - (zlportio) -- I:\UltraStar 1.0\zlportio.sys File not found
DRV - (upperdev) -- C:\WINDOWS\System32\DRIVERS\usbser_lowerflt.sys File not found
DRV - (SetupNTGLM7X) -- F:\NTGLM7X.sys File not found
DRV - (NTACCESS) -- F:\NTACCESS.sys File not found
DRV - (GMSIPCI) -- F:\INSTALL\GMSIPCI.SYS File not found
DRV - (avipbb) -- C:\WINDOWS\system32\drivers\avipbb.sys (Avira GmbH)
DRV - (avgntflt) -- C:\WINDOWS\system32\drivers\avgntflt.sys (Avira GmbH)
DRV - (sptd) -- C:\WINDOWS\System32\Drivers\sptd.sys ()
DRV - (nv) -- C:\WINDOWS\system32\drivers\nv4_mini.sys (NVIDIA Corporation)
DRV - (pwdrvio) -- C:\WINDOWS\system32\pwdrvio.sys ()
DRV - (pwdspio) -- C:\WINDOWS\system32\pwdspio.sys ()
DRV - (Tcpip6) -- C:\WINDOWS\system32\drivers\tcpip6.sys (Microsoft Corporation)
DRV - (VClone) -- C:\WINDOWS\system32\drivers\VClone.sys (Elaborate Bytes AG)
DRV - (ssmdrv) -- C:\WINDOWS\system32\drivers\ssmdrv.sys (Avira GmbH)
DRV - (massfilter) -- C:\WINDOWS\system32\drivers\massfilter.sys (ZTE Incorporated)
DRV - (hotcore3) -- C:\WINDOWS\system32\DRIVERS\hotcore3.sys (Paragon Software Group)
DRV - (avgio) -- C:\Programme\Avira\AntiVir Desktop\avgio.sys (Avira GmbH)
DRV - (ISODrive) -- C:\Programme\UltraISO\drivers\ISODrive.sys (EZB Systems, Inc.)
DRV - (ZTEusbnmea) -- C:\WINDOWS\system32\drivers\ZTEusbnmea.sys (ZTE Incorporated)
DRV - (ZTEusbser6k) -- C:\WINDOWS\system32\drivers\ZTEusbser6k.sys (ZTE Incorporated)
DRV - (ZTEusbmdm6k) -- C:\WINDOWS\system32\drivers\ZTEusbmdm6k.sys (ZTE Incorporated)
DRV - (s0017mdm) -- C:\WINDOWS\system32\drivers\s0017mdm.sys (MCCI Corporation)
DRV - (s0017unic) Sony Ericsson Device 0017 USB Ethernet Emulation SEMC0017 (WDM) -- C:\WINDOWS\system32\drivers\s0017unic.sys (MCCI Corporation)
DRV - (s0017mgmt) Sony Ericsson Device 0017 USB WMC Device Management Drivers (WDM) -- C:\WINDOWS\system32\drivers\s0017mgmt.sys (MCCI Corporation)
DRV - (s0017obex) -- C:\WINDOWS\system32\drivers\s0017obex.sys (MCCI Corporation)
DRV - (s0017bus) Sony Ericsson Device 0017 driver (WDM) -- C:\WINDOWS\system32\drivers\s0017bus.sys (MCCI Corporation)
DRV - (s0017nd5) Sony Ericsson Device 0017 USB Ethernet Emulation SEMC0017 (NDIS) -- C:\WINDOWS\system32\drivers\s0017nd5.sys (MCCI Corporation)
DRV - (s0017mdfl) -- C:\WINDOWS\system32\drivers\s0017mdfl.sys (MCCI Corporation)
DRV - (pccsmcfd) -- C:\WINDOWS\system32\drivers\pccsmcfd.sys (Nokia)
DRV - (Aspi32) -- C:\WINDOWS\system32\drivers\ASPI32.SYS (Adaptec)
DRV - (nm) -- C:\WINDOWS\system32\drivers\nmnt.sys (Microsoft Corporation)
DRV - (HDAudBus) -- C:\WINDOWS\system32\drivers\hdaudbus.sys (Windows (R) Server 2003 DDK provider)
DRV - (seehcri) -- C:\WINDOWS\system32\drivers\seehcri.sys (Sony Ericsson Mobile Communications)
DRV - (IntcAzAudAddService) Service for Realtek HD Audio (WDM) -- C:\WINDOWS\system32\drivers\RtkHDAud.Sys (Realtek Semiconductor Corp.)
DRV - (RTLE8023xp) -- C:\WINDOWS\system32\drivers\Rtenicxp.sys (Realtek Semiconductor Corporation )
DRV - (SKYNET) -- C:\WINDOWS\system32\drivers\SkyNET.sys (B2C2, Inc.)
DRV - (WmXlCore) -- C:\WINDOWS\system32\drivers\WmXlCore.sys (Logitech Inc.)
DRV - (WmFilter) -- C:\WINDOWS\system32\drivers\WmFilter.sys (Logitech Inc.)
DRV - (WmBEnum) -- C:\WINDOWS\system32\drivers\WmBEnum.sys (Logitech Inc.)
DRV - (WmVirHid) -- C:\WINDOWS\system32\drivers\WmVirHid.sys (Logitech Inc.)
DRV - (Cinemsup) -- C:\WINDOWS\System32\drivers\cinemsup.sys (Sonic Solutions)
DRV - (EPUSBSTOR) -- C:\WINDOWS\system32\drivers\epusbsto.sys (SEIKO EPSON CORPORATION)
DRV - (irsir) -- C:\WINDOWS\system32\drivers\irsir.sys (Microsoft Corporation)
DRV - (STIrUsb) -- C:\WINDOWS\system32\drivers\irstusb.sys (SigmaTel, Inc.)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.de/
IE - HKCU\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - Reg Error: Key error. File not found
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
========== FireFox ==========
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: firefox@tvunetworks.com:2
FF - prefs.js..extensions.enabledItems: 4
FF - prefs.js..extensions.enabledItems: 9
FF - prefs.js..extensions.enabledItems: 1
FF - prefs.js..extensions.enabledItems: {A27F3FEF-1113-4cfb-A032-8E12D7D8EE70}:7.3.2.26
FF - prefs.js..extensions.enabledItems: {ACAA314B-EEBA-48e4-AD47-84E31C44796C}:1.0.1
FF - prefs.js..extensions.enabledItems: {ED0CF0C8-62F1-4865-A3FD-2E2A2B50FAFA}:1.0
FF - HKLM\software\mozilla\Firefox\extensions\\bkmrksync@nokia.com: C:\Programme\Nokia\Nokia PC Suite 7\bkmrksync\ [2009.09.23 22:30:11 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\extensions\\{A27F3FEF-1113-4cfb-A032-8E12D7D8EE70}: C:\Programme\Nokia\Nokia Ovi Suite\Connectors\Bookmarks Connector\FirefoxExtension\ [2010.05.19 17:43:46 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\extensions\\{ED0CF0C8-62F1-4865-A3FD-2E2A2B50FAFA}: C:\WINDOWS\system32\5008 [2010.12.21 08:29:46 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Components: C:\Programme\Mozilla Firefox\components [2010.12.21 11:55:41 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Plugins: C:\Programme\Mozilla Firefox\plugins [2010.12.21 11:55:41 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Thunderbird\Extensions\\{CCB7D94B-CA92-4E3F-B79D-ADE0F07ADC74}: C:\Programme\Nokia\Nokia Ovi Suite\Connectors\Thunderbird Connector\ThunderbirdExtension\ [2010.05.19 17:43:47 | 000,000,000 | ---D | M]
[2008.08.29 18:20:59 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\compi\Anwendungsdaten\Mozilla\Extensions
[2010.12.21 08:40:02 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\compi\Anwendungsdaten\Mozilla\Firefox\Profiles\t1jtqkza.default\extensions
[2010.04.29 19:54:10 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Dokumente und Einstellungen\compi\Anwendungsdaten\Mozilla\Firefox\Profiles\t1jtqkza.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010.12.09 22:34:24 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\compi\Anwendungsdaten\Mozilla\Firefox\Profiles\t1jtqkza.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
[2009.12.20 17:46:55 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\compi\Anwendungsdaten\Mozilla\Firefox\Profiles\t1jtqkza.default\extensions\firefox@tvunetworks.com
[2010.12.21 08:40:02 | 000,000,000 | ---D | M] -- C:\Programme\Mozilla Firefox\extensions
[2010.09.27 20:47:11 | 000,001,392 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\amazondotcom-de.xml
[2010.09.27 20:47:11 | 000,002,344 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\eBay-de.xml
[2010.09.27 20:47:11 | 000,006,805 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\leo_ende_de.xml
[2010.09.27 20:47:11 | 000,001,178 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\wikipedia-de.xml
[2010.09.27 20:47:11 | 000,001,105 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\yahoo-de.xml
O1 HOSTS File: ([2008.04.06 16:47:31 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (vShare Plugin) - {043C5167-00BB-4324-AF7E-62013FAEDACF} - C:\Programme\vShare\vshare_toolbar.dll ()
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (Flash Module) - {669CFA6D-450B-4d88-A9D7-D2371E845370} - File not found
O2 - BHO: (FlashFXP Helper for Internet Explorer) - {E5A1691B-D188-4419-AD02-90002030B8EE} - I:\FlashFxp\IEFlash.dll (IniCom Networks, Inc.)
O3 - HKLM\..\Toolbar: (vShare Plugin) - {043C5167-00BB-4324-AF7E-62013FAEDACF} - C:\Programme\vShare\vshare_toolbar.dll ()
O3 - HKCU\..\Toolbar\ShellBrowser: (no name) - {55FAF0F2-44D4-425F-B5F5-6B275B621EAB} - No CLSID value found.
O3 - HKCU\..\Toolbar\ShellBrowser: (no name) - {855F3B16-6D32-4FE6-8A56-BBB695989046} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (vShare Plugin) - {043C5167-00BB-4324-AF7E-62013FAEDACF} - C:\Programme\vShare\vshare_toolbar.dll ()
O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\Alcmtr.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [AppleSyncNotifier] C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\AppleSyncNotifier.exe (Apple Inc.)
O4 - HKLM..\Run: [avgnt] C:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [HotKey] C:\WINDOWS\twain_32\FlatBed\HotKey.Exe (Pmx. Electronics Ltd.)
O4 - HKLM..\Run: [MXO Auto Loader] C:\WINDOWS\MXOaldr.exe (Cypress Semiconductor)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\Programme\NVIDIA Corporation\nView\nwiz.exe ()
O4 - HKLM..\Run: [SW20] C:\WINDOWS\system32\sw20.exe ()
O4 - HKLM..\Run: [SW24] C:\WINDOWS\system32\sw24.exe ()
O4 - HKLM..\Run: [UIExec] C:\Programme\Join Air\UIExec.exe ()
O4 - HKLM..\Run: [WinSys2] C:\WINDOWS\System32\winsys2.exe File not found
O4 - HKCU..\Run: [1und1Agent] C:\Programme\Internetradio Player\ps_agent.exe (phonostar)
O4 - HKCU..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] C:\Programme\Gemeinsame Dateien\Nero\Lib\NMBgMonitor.exe (Nero AG)
O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Programme\DAEMON Tools\daemon.exe (DT Soft Ltd)
O4 - HKCU..\Run: [rfxsrvtray] I:\Tobit Radio.fx\Client\rfx-tray.exe (Tobit.Software)
O4 - HKCU..\Run: [Sony Ericsson PC Suite] C:\Programme\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe (Sony Ericsson Mobile Communications AB)
O4 - HKLM..\RunOnce: [Malwarebytes' Anti-Malware] C:\Programme\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\Radio.fx.LNK = I:\Tobit Radio.fx\Client\rfx-client.exe (Tobit.Software)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Dokumente und Einstellungen\compi\Anwendungsdaten\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O9 - Extra Button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Programme\ICQ6\ICQ.exe (ICQ, Inc.)
O9 - Extra 'Tools' menuitem : ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Programme\ICQ6\ICQ.exe (ICQ, Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {070CA17A-4BD2-4612-83B4-32B1B9159B47} hxxp://uc.sina.com.cn/download/live/weblive2.4.0.0.cab (ULiveCtrl Control)
O16 - DPF: {3EA4FA88-E0BE-419A-A732-9B79B87A6ED0} hxxp://dl.tvunetworks.com/TVUAx.cab (CTVUAxCtrl Object)
O16 - DPF: {67A5F8DC-1A4B-4D66-9F24-A704AD929EEE} hxxp://www.nvidia.com/content/DriverDownload/srl/2.0.0.1/sysreqlab2.cab (Reg Error: Key error.)
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} hxxp://go.divx.com/plugin/DivXBrowserPlugin.cab (DivXBrowserPlugin Object)
O16 - DPF: {6E5E167B-1566-4316-B27F-0DDAB3484CF7} hxxp://static.pe.studivz.net/photouploader/ImageUploader4.cab?nocache=1202753735 (Image Uploader Control)
O16 - DPF: {6E718D87-6909-4FCE-92D4-EDCB2F725727} hxxp://www.navigram.com/engine/v911/Navigram.cab (Navigram Control)
O16 - DPF: {74DBCB52-F298-4110-951D-AD2FF67BC8AB} hxxp://www.nvidia.com/content/DriverDownload/nforce/NvidiaSmartScan.cab (NVIDIA Smart Scan)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {98474E4F-5229-4CAC-9E28-6D52D992268D} hxxp://kpscdhaendler.ar-live.de/afc-frontend/main/Setup_AFC_ONLINE_2_7_0_3_STANDARD.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_02-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Web Components\10\OWC10.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Web Components\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Handler\vsharechrome {3F3A4B8A-86FC-43A4-BB00-6D7EBE9D4484} - C:\Programme\vShare\vshare_toolbar.dll ()
O18 - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Programme\kUZGTcxF\ipbdbthb.exeC:\WINDOWS\system32\appconf32.exe) - C:\Programme\kUZGTcxF\ipbdbthb.exeC File not found
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\appconf32.exe) - C:\WINDOWS\system32\appconf32.exe ()
O24 - Desktop Components:0 (Die derzeitige Homepage) - About:Home
O24 - Desktop WallPaper: C:\Dokumente und Einstellungen\compi\Anwendungsdaten\Microsoft\Internet Explorer\Internet Explorer Wallpaper.bmp
O24 - Desktop BackupWallPaper: C:\Dokumente und Einstellungen\compi\Anwendungsdaten\Microsoft\Internet Explorer\Internet Explorer Wallpaper.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2007.09.25 20:49:53 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{c26674c9-e4d7-11df-81ce-00d0d71430d9}\Shell - "" = AutoRun
O33 - MountPoints2\{c26674c9-e4d7-11df-81ce-00d0d71430d9}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{c26674c9-e4d7-11df-81ce-00d0d71430d9}\Shell\AutoRun\command - "" = J:\Autorun.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 30 Days ==========
[2010.12.21 11:59:38 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\compi\Anwendungsdaten\Malwarebytes
[2010.12.21 11:59:33 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010.12.21 11:59:32 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Malwarebytes
[2010.12.21 11:59:29 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2010.12.21 11:59:29 | 000,000,000 | ---D | C] -- C:\Programme\Malwarebytes' Anti-Malware
[2010.12.21 08:30:36 | 000,602,624 | ---- | C] (OldTimer Tools) -- C:\Dokumente und Einstellungen\compi\Desktop\OTL.exe
[2010.12.21 08:29:46 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\5008
[2010.12.21 08:29:37 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\xmldm
[2010.12.21 08:29:36 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\cock
[2010.12.21 08:22:16 | 000,000,000 | RH-D | C] -- C:\Dokumente und Einstellungen\compi\Recent
[2010.12.20 19:29:14 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\compi\Anwendungsdaten\Avira
[2010.12.20 18:51:24 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ndproxy.sys
[2010.12.20 18:50:52 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wab.exe
[2010.12.09 22:34:24 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\compi\Anwendungsdaten\DVDVideoSoftIEHelpers
[2010.12.09 22:05:33 | 000,000,000 | ---D | C] -- C:\Programme\Safari
[2010.12.09 21:57:00 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\NetworkService\Lokale Einstellungen\Anwendungsdaten\Apple
[2010.12.09 20:07:01 | 000,000,000 | ---D | C] -- C:\Programme\windows
[2010.12.09 13:06:36 | 000,000,000 | ---D | C] -- C:\Programme\tmp
[2010.12.08 20:44:33 | 000,000,000 | ---D | C] -- C:\Programme\win
[2010.12.07 21:32:26 | 000,000,000 | ---D | C] -- C:\Programme\CD to mp3
[2010.12.04 11:14:59 | 000,000,000 | ---D | C] -- C:\Programme\kUZGTcxF
[2010.11.29 17:38:30 | 000,094,208 | ---- | C] (Apple Inc.) -- C:\WINDOWS\System32\QuickTimeVR.qtx
[2010.11.29 17:38:30 | 000,069,632 | ---- | C] (Apple Inc.) -- C:\WINDOWS\System32\QuickTime.qts
[2010.11.22 20:49:10 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\compi\Eigene Dateien\Steuerfälle
[2010.11.22 20:49:10 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\compi\Lokale Einstellungen\Anwendungsdaten\AAV
[2010.11.22 20:26:06 | 000,000,000 | ---D | C] -- C:\Programme\Steuererklaerung
[2010.11.22 20:25:24 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\AAV
[2009.11.13 16:45:23 | 000,148,736 | ---- | C] (Avanquest Software) -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\hpeE.dll
[2009.09.23 21:44:54 | 000,148,736 | ---- | C] (Avanquest Software) -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\hpe2E.dll
[2008.12.23 14:03:57 | 000,018,120 | ---- | C] ( ) -- C:\WINDOWS\System32\drivers\ArtecGT.sys
[6 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[15 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2010.12.21 11:59:33 | 000,000,756 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2010.12.21 11:54:47 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010.12.21 11:54:46 | 000,000,053 | ---- | M] () -- C:\biosinfo
[2010.12.21 11:54:10 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010.12.21 08:30:37 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Dokumente und Einstellungen\compi\Desktop\OTL.exe
[2010.12.21 08:29:47 | 000,216,400 | ---- | M] () -- C:\WINDOWS\System32\AcroIEHelpe.dll
[2010.12.21 08:29:35 | 000,000,069 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2010.12.21 03:16:47 | 000,312,376 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010.12.20 23:31:38 | 000,003,584 | ---- | M] () -- C:\WINDOWS\System32\kb.dll
[2010.12.20 18:50:54 | 000,135,096 | ---- | M] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avipbb.sys
[2010.12.20 18:50:54 | 000,061,960 | ---- | M] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avgntflt.sys
[2010.12.09 22:34:26 | 000,000,906 | ---- | M] () -- C:\Dokumente und Einstellungen\compi\Desktop\DVDVideoSoft Free Studio.lnk
[2010.12.09 22:34:16 | 000,000,886 | ---- | M] () -- C:\Dokumente und Einstellungen\compi\Desktop\Free YouTube to MP3 Converter.lnk
[2010.12.09 22:05:39 | 000,001,846 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Safari.lnk
[2010.12.09 22:04:54 | 000,001,584 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\QuickTime Player.lnk
[2010.12.09 21:57:00 | 000,000,276 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2010.12.07 22:20:00 | 000,062,328 | -H-- | M] () -- C:\WINDOWS\System32\mlfcache.dat
[2010.12.07 13:40:36 | 000,000,211 | -HS- | M] () -- C:\boot.ini
[2010.12.01 20:10:55 | 000,000,004 | ---- | M] () -- C:\Dokumente und Einstellungen\compi\Anwendungsdaten\avdrn.dat
[2010.11.29 17:42:18 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010.11.29 17:42:06 | 000,020,952 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2010.11.29 17:38:30 | 000,094,208 | ---- | M] (Apple Inc.) -- C:\WINDOWS\System32\QuickTimeVR.qtx
[2010.11.29 17:38:30 | 000,069,632 | ---- | M] (Apple Inc.) -- C:\WINDOWS\System32\QuickTime.qts
[2010.11.22 22:59:56 | 000,015,360 | ---- | M] () -- C:\Dokumente und Einstellungen\compi\Eigene Dateien\Steuern 2009.xls
[2010.11.22 20:37:47 | 000,001,859 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Steuer-Spar-Erklärung 2010.lnk
[6 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[15 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
========== Files Created - No Company Name ==========
[2010.12.21 11:59:33 | 000,000,756 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2010.12.21 08:29:47 | 000,216,400 | ---- | C] () -- C:\WINDOWS\System32\AcroIEHelpe.dll
[2010.12.09 22:34:16 | 000,000,886 | ---- | C] () -- C:\Dokumente und Einstellungen\compi\Desktop\Free YouTube to MP3 Converter.lnk
[2010.12.09 22:05:39 | 000,001,846 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Safari.lnk
[2010.12.09 22:04:54 | 000,001,584 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\QuickTime Player.lnk
[2010.12.07 22:20:00 | 000,062,328 | -H-- | C] () -- C:\WINDOWS\System32\mlfcache.dat
[2010.12.02 07:52:34 | 000,000,008 | ---- | C] () -- C:\Dokumente und Einstellungen\NetworkService\Anwendungsdaten\abpzlw.dat
[2010.12.01 20:10:55 | 000,000,004 | ---- | C] () -- C:\Dokumente und Einstellungen\compi\Anwendungsdaten\avdrn.dat
[2010.11.22 22:59:56 | 000,015,360 | ---- | C] () -- C:\Dokumente und Einstellungen\compi\Eigene Dateien\Steuern 2009.xls
[2010.11.22 20:30:08 | 000,001,859 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Steuer-Spar-Erklärung 2010.lnk
[2010.08.04 19:07:33 | 000,016,472 | ---- | C] () -- C:\WINDOWS\System32\pwdrvio.sys
[2010.08.04 19:07:32 | 000,011,104 | ---- | C] () -- C:\WINDOWS\System32\pwdspio.sys
[2009.05.03 11:46:53 | 000,057,400 | ---- | C] () -- C:\WINDOWS\System32\trs.dll
[2009.05.03 11:46:52 | 000,208,896 | ---- | C] () -- C:\WINDOWS\System32\OptCVw7.dll
[2009.05.03 11:46:52 | 000,200,704 | ---- | C] () -- C:\WINDOWS\System32\OptCVa6.dll
[2009.05.03 11:46:52 | 000,172,032 | ---- | C] () -- C:\WINDOWS\System32\OptCVm6.dll
[2009.05.03 11:46:52 | 000,114,749 | ---- | C] () -- C:\WINDOWS\System32\cxts001.dll
[2009.01.04 13:51:03 | 000,000,040 | -HS- | C] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\.zreglib
[2008.12.23 14:03:58 | 000,011,464 | ---- | C] () -- C:\WINDOWS\Dusb3ar.ini
[2008.12.23 14:03:58 | 000,002,654 | ---- | C] () -- C:\WINDOWS\Ausba3.INI
[2008.12.23 14:03:58 | 000,000,860 | ---- | C] () -- C:\WINDOWS\ScnPanel.ini
[2008.12.23 14:03:57 | 000,200,704 | ---- | C] () -- C:\WINDOWS\Ausba3.dll
[2008.12.23 14:03:55 | 000,001,656 | ---- | C] () -- C:\WINDOWS\ArtecePlus.ini
[2008.12.19 11:25:07 | 000,003,972 | ---- | C] () -- C:\WINDOWS\System32\drivers\PciBus.sys
[2008.10.31 23:46:07 | 000,372,483 | ---- | C] () -- C:\Dokumente und Einstellungen\compi\Anwendungsdaten\mdbu.bin
[2008.10.31 21:20:59 | 000,120,200 | ---- | C] () -- C:\WINDOWS\System32\DLLDEV32i.dll
[2008.10.31 21:20:51 | 000,007,119 | ---- | C] () -- C:\WINDOWS\mgxoschk.ini
[2008.10.22 05:29:06 | 000,173,550 | ---- | C] () -- C:\WINDOWS\System32\xlive.dll.cat
[2008.10.12 20:44:24 | 000,000,130 | ---- | C] () -- C:\WINDOWS\EurekaLog.ini
[2008.08.02 05:20:00 | 000,286,720 | ---- | C] () -- C:\WINDOWS\System32\nvnt4cpl.dll
[2008.07.26 13:33:52 | 000,004,929 | ---- | C] () -- C:\WINDOWS\cdplayer.ini
[2008.06.29 19:48:48 | 000,311,128 | ---- | C] () -- C:\WINDOWS\System32\libssl32.dll
[2008.06.29 19:48:46 | 001,526,468 | ---- | C] () -- C:\WINDOWS\System32\libeay32.dll
[2008.06.05 21:31:33 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\zlib.dll
[2008.04.06 15:45:09 | 000,000,382 | ---- | C] () -- C:\WINDOWS\psnetwork.ini
[2008.03.04 17:52:34 | 000,286,720 | ---- | C] () -- C:\WINDOWS\System32\libcurl.dll
[2008.02.19 22:10:17 | 000,000,057 | ---- | C] () -- C:\WINDOWS\System32\peer.ini
[2008.01.23 19:02:35 | 000,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2008.01.19 14:14:54 | 000,765,952 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2008.01.19 14:14:54 | 000,383,238 | ---- | C] () -- C:\WINDOWS\System32\libmp3lame-0.dll
[2007.12.24 23:19:20 | 000,022,328 | ---- | C] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys
[2007.11.11 19:53:40 | 000,000,297 | ---- | C] () -- C:\WINDOWS\game.ini
[2007.10.19 19:41:55 | 000,554,496 | ---- | C] () -- C:\WINDOWS\System32\dvmsg.dll
[2007.09.28 16:20:11 | 000,436,792 | ---- | C] () -- C:\WINDOWS\System32\drivers\sptd.sys
[2007.09.27 20:09:12 | 000,097,792 | ---- | C] () -- C:\Dokumente und Einstellungen\compi\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2007.09.27 18:19:51 | 000,000,305 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\addr_file.html
[2007.09.25 21:41:37 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2007.09.25 21:19:27 | 000,000,000 | ---- | C] () -- C:\WINDOWS\msicpl.ini
[2007.09.25 21:07:06 | 000,131,072 | R--- | C] () -- C:\WINDOWS\System32\smdll.dll
[2007.09.25 21:07:04 | 000,262,144 | R--- | C] () -- C:\WINDOWS\System32\HookShield.dll
[2007.09.25 21:07:04 | 000,253,952 | R--- | C] () -- C:\WINDOWS\System32\HookMAp.dll
[2007.09.25 21:07:04 | 000,032,768 | R--- | C] () -- C:\WINDOWS\System32\Auxiliary.dll
[2007.09.25 21:07:04 | 000,009,728 | R--- | C] () -- C:\WINDOWS\System32\sysinfoX64.sys
[2007.09.25 21:07:03 | 000,008,192 | R--- | C] () -- C:\WINDOWS\System32\sysinfo.sys
[2007.09.25 20:59:56 | 000,000,400 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2007.05.17 12:58:10 | 000,143,360 | ---- | C] () -- C:\WINDOWS\System32\libexpatw.dll
[2004.08.03 23:57:38 | 000,003,584 | ---- | C] () -- C:\WINDOWS\System32\kb.dll
[2003.02.20 18:53:42 | 000,005,702 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI
[2000.08.29 14:40:10 | 000,006,137 | ---- | C] () -- C:\WINDOWS\System32\E1.ini
[1999.09.20 09:05:32 | 000,013,387 | ---- | C] () -- C:\WINDOWS\System32\CinemSup.sys
========== Alternate Data Streams ==========
@Alternate Data Stream - 24 bytes -> C:\WINDOWS:BDC3F18A5693AD4E
@Alternate Data Stream - 141 bytes -> C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TEMP:319E7F0B
@Alternate Data Stream - 117 bytes -> C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TEMP:C8B8CEBD
< End of report >
--- --- --- Vielen Dank schon mal! |
