| michhatserw | 22.12.2010 18:40 |
Hallo rea,
ich habe den Malwarebytes-Scan durchgeführt und die Löschung vorgenommen.
Zusätzlich habe ich anschließend den OTL-Scan gemacht.
Hier sind die Ergebnisse:
Malwarebytes-Scan Code:
Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org
Datenbank Version: 5376
Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702
22.12.2010 17:56:29
mbam-log-2010-12-22 (17-56-29).txt
Art des Suchlaufs: Vollständiger Suchlauf (C:\|U:\|)
Durchsuchte Objekte: 387815
Laufzeit: 2 Stunde(n), 11 Minute(n), 38 Sekunde(n)
Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 1
Infizierte Registrierungswerte: 0
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 1
Infizierte Dateien: 3
Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)
Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)
Infizierte Registrierungsschlüssel:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{0140DF95-9128-4053-AE72-F43F0CFCA062} (Trojan.Agent) -> Quarantined and deleted successfully.
Infizierte Registrierungswerte:
(Keine bösartigen Objekte gefunden)
Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)
Infizierte Verzeichnisse:
c:\malacuxatx.exe (Trojan.SpyEyes) -> Quarantined and deleted successfully.
Infizierte Dateien:
c:\malacuxatx.exe\malacuxatx.exe (Spyware.Passwords.XGen) -> Quarantined and deleted successfully.
c:\system volume information\_restore{35a9c472-2e95-4062-8c9a-05d1f03d2b4c}\RP397\A0104769.exe (Rogue.SecurityCentral) -> Quarantined and deleted successfully.
c:\malacuxatx.exe\config.bin (Trojan.SpyEyes) -> Quarantined and deleted successfully.
OTL Extras.txt
OTL Logfile: Code:
OTL Extras logfile created on: 22.12.2010 18:10:07 - Run 3
OTL by OldTimer - Version 3.2.18.0 Folder = C:\Dokumente und Einstellungen\Matthias\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
1.023,00 Mb Total Physical Memory | 513,00 Mb Available Physical Memory | 50,00% Memory free
2,00 Gb Paging File | 2,00 Gb Available in Paging File | 84,00% Paging File free
Paging file location(s): C:\pagefile.sys 2048 3072 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 149,04 Gb Total Space | 77,52 Gb Free Space | 52,01% Space Free | Partition Type: NTFS
Drive H: | 5,10 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: CDFS
Drive M: | 541,11 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
Drive U: | 465,76 Gb Total Space | 25,98 Gb Free Space | 5,58% Space Free | Partition Type: NTFS
Computer Name: NUMMER1 | User Name: Matthias | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Programme\Mozilla Firefox\firefox.exe (Mozilla Corporation)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Programme\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
htmlfile [edit] -- Reg Error: Key error.
http [open] -- "C:\Programme\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)
https [open] -- "C:\Programme\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [ACDBrowse] -- "C:\Programme\ACD Systems\ACDSee\6.0\ACDSee6.exe" "%1" (ACD Systems Ltd.)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 1
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
"DisableMonitoring" = 1
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22008
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Programme\Ubisoft\DIE SIEDLER - Aufstieg eines Königreichs\base\bin\Settlers6.exe" = C:\Programme\Ubisoft\DIE SIEDLER - Aufstieg eines Königreichs\base\bin\Settlers6.exe:*:Enabled:DIE SIEDLER - Aufstieg eines Königreichs -- (Blue Byte GmbH)
"C:\Programme\Ubisoft\DIE SIEDLER - Aufstieg eines Königreichs\extra1\bin\Settlers6.exe" = C:\Programme\Ubisoft\DIE SIEDLER - Aufstieg eines Königreichs\extra1\bin\Settlers6.exe:*:Enabled:DIE SIEDLER - Aufstieg eines Königreichs - Reich des Ostens -- (Blue Byte GmbH)
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator
"{02C47AB7-0EFA-4804-BCFC-63DD27698B89}" = Stunt GP Demo
"{089B1349-BA53-43B1-A2C9-DBF9A7F8FD30}" = MOTORRAD Tourenplaner 2008/2009
"{1D2D4B49-1822-47DA-8D52-F144661FB650}" = ServicePack 2 MOTORRAD Tourenplaner 2008/2009
"{262DA23B-4BAB-463F-B1DC-9B5287CAB5CA}_is1" = Deinstallation der Arcor Online Software
"{262DA23B-4BAB-463F-B1DC-9B5287CAB5CA}}_is1" = Deinstallation der Arcor Online Software
"{26A24AE4-039D-4CA4-87B4-2F83216016FF}" = Java(TM) 6 Update 16
"{3248F0A8-6813-11D6-A77B-00B0D0150010}" = J2SE Runtime Environment 5.0 Update 1
"{3248F0A8-6813-11D6-A77B-00B0D0160070}" = Java(TM) 6 Update 7
"{350C97B3-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{43ABB87C-618B-4DC2-B44A-903365EF5DD0}" = Race Driver
"{45A66726-69BC-466B-A7A4-12FCBA4883D7}" = HiJackThis
"{45E7C481-3EF4-4FCB-AF0B-19F70D618F0C}" = Worms 4 Mayhem
"{4EB03485-2894-4640-A0F1-A100256859B8}" = Green Line NEW E2 Band 1 Sprachtrainer Kommunikation
"{544FB392-069D-4BA5-9DC7-FFD47230AEE5}" = Photohands 1.0G
"{5AB1BFD2-819E-11D3-80D9-00C04F559BE6}" = TextBridge Pro Millennium
"{5B23E5AD-23E2-45C8-A24C-97D3A23FB6EE}" = Carcassonne
"{626B7EA2-B7C2-4277-AE30-A8B452A92B6C}" = Phonetik
"{70B45586-B51E-4947-A258-A895596C5CED}" = Photo Loader 2.3G
"{7148F0A8-6813-11D6-A77B-00B0D0142040}" = Java 2 Runtime Environment, SE v1.4.2_04
"{76E41F43-59D2-4F30-BA42-9A762EE1E8DE}" = LiveUpdate BVRP Software
"{7CFC17CE-0A66-46B0-BA57-BF8AB674BF5C}" = Loewenzahn 6
"{8920EF0D-633E-46D1-9561-90E713E3145A}" = AutoBackup
"{89E7A6D8-2AC6-4C22-951E-9C7B31900A52}" = Architektur Designer 2003
"{8E4CF4E6-062E-11D8-BCF1-005004748D87}" = 3114 SATARAID5
"{91810AFC-A4F8-4EBA-A5AA-B198BBC81144}" = InterVideo WinDVD
"{99E862CC-6F69-4D39-99AA-DBF71BF3B585}" = OpenOffice.org 3.1
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A460B835-CF65-4753-A506-227A6E12C0E3}" = ACDSee 6.0 Standard
"{A8808DE0-7441-4873-8711-A7E65DBD693C}" = Tux Racer Demo
"{A9CCF5C3-4E30-42E6-992F-3D257B01E292}" = Loewenzahn 3
"{AC76BA86-7AD7-1031-7B44-AA0000000001}" = Adobe Reader X - Deutsch
"{AE9E39ED-A41A-40D4-B4CD-858A6E41D881}" = Loewenzahn 4
"{B2548EBD-F025-4B49-BBCF-DCA862F94500}" = Brother HL-2150N
"{BB394D95-C049-4EA4-00B3-F866A3357CCD}" = F1 2002 WORK IN PROGRESS DEMO
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C19BE821-89B1-4A96-AC7C-873810C0CB5F}" = ContentSAFER for Wizmax
"{C20CE592-B0F8-4D20-BF31-0151CA6331A6}" = EmoDio
"{C2FE0127-0F86-43C7-824E-AA78E6B5F4F3}" = Total Immersion Racing
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D3F80A98-05AB-4D8C-9272-766CCFA6A48D}" = DIE SIEDLER - Aufstieg eines Königreichs (Alle Produkte)
"{D581AD66-BF22-45AF-B7A4-4FE7E85B18CB}" = MOTORRAD Tourenplaner 2007/2008
"{DB75941E-30C4-4D97-B000-D17C764B998C}" = Brother BRAdmin Light 1.11
"{DE470016-1C64-11D5-982A-0050DA602C65}" = Löwenzahn 5
"{E78BFA60-5393-4C38-82AB-E8019E464EB4}" = Microsoft .NET Framework 1.1 German Language Pack
"{E9F81423-211E-46B6-9AE0-38568BC5CF6F}" =
"{F18E8A0F-BE99-4305-96A5-6C0FD9D7D999}" = mobile PhoneTools
"{F396B654-D467-41A2-B154-D2146ADA85E7}" = logo! TV-Maker
"{F5A83924-6A0A-40A2-9A9C-00D876B62E7F}" = FreeAgent Pro Tools
"{F68A7F48-9F26-4FB1-A7C2-DF3C0F2D849C}" = Crazy Taxi
"{FACE9D51-E374-4DDB-857C-816FCB1D6B40}" = Eumex 800 V1.30
"{FB08F381-6533-4108-B7DD-039E11FBC27E}" = Realtek AC'97 Audio
"3Dfx InteractiveDeinstKey" = 3Dfx Interactive
"7-Zip" = 7-Zip 3.13
"Adobe Flash Player ActiveX" = Adobe Flash Player ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Age of Empires" = Microsoft Age of Empires
"Age of Empires 2.0" = Microsoft Age of Empires II
"Age of Empires Expansion 1.0" = Microsoft Age of Empires Expansion
"Age of Empires II: The Conquerors Expansion 1.0" = Microsoft Age of Empires II: The Conquerors Expansion
"AnyDVD" = AnyDVD
"Arasan_is1" = Arasan 10.0
"Ashampoo UnInstaller Suite" = Ashampoo UnInstaller Suite
"CloneCD" = CloneCD
"CloneDVD2" = CloneDVD2
"Clonk Endeavour" = Clonk Endeavour 4.95.5
"Clonk Planet" = Clonk Planet
"Clonk Rage" = Clonk Rage
"Diercke Globus" = Diercke Globus
"Erde" = Erde
"F1 Pro DEMO" = F1 Pro DEMO
"Familien-Internet" = Familien-Internet
"Formel1Planer" = Formel1Planer
"Golden Wipf Edition 4" = Golden Wipf Edition 4 (remove only)
"Großer Reiseplaner" = Großer Reiseplaner
"HeliBob XL" = HeliBob XL
"Hot Wheels Gold" = Hot Wheels Gold
"hp officejet g series 1113308269" = hp officejet g series
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie7" = Windows Internet Explorer 7
"ie8" = Windows Internet Explorer 8
"InstallShield_{43ABB87C-618B-4DC2-B44A-903365EF5DD0}" = Race Driver
"InstallShield_{A8808DE0-7441-4873-8711-A7E65DBD693C}" = Tux Racer Demo
"InstallShield_{C20CE592-B0F8-4D20-BF31-0151CA6331A6}" = EmoDio
"InstallShield_{F5A83924-6A0A-40A2-9A9C-00D876B62E7F}" = FreeAgent Pro Tools
"InstallShield_{FACE9D51-E374-4DDB-857C-816FCB1D6B40}" = Eumex 800 V1.30
"Kosmos" = Kosmos
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Mensch" = Mensch
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mozilla Firefox (3.6.13)" = Mozilla Firefox (3.6.13)
"Mozilla Thunderbird (3.0.3)" = Mozilla Thunderbird (3.0.3)
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"Nero BurnRights!UninstallKey" = Nero BurnRights
"NeroMultiInstaller!UninstallKey" = Nero Suite
"New LEGO Digital Designer" = LEGO Digital Designer
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"NVIDIA Drivers" = NVIDIA Drivers
"PDFCreator Toolbar" = PDFCreator Toolbar
"phase5" = phase5
"QuickTime" = QuickTime
"ROBOProFischertechnik" = ROBOPro (fischertechnik) Programm
"S4Uninst" = Die Siedler IV
"Ski-Doo X-Team Racing NUTELLA" = Ski-Doo X-Team Racing NUTELLA
"Technik" = Technik
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinGimp-2.0_is1" = GIMP 2.6.8
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"ZoneAlarm Anti-virus" = ZoneAlarm Anti-virus
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"InstallShield_{8920EF0D-633E-46D1-9561-90E713E3145A}" = AutoBackup
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 18.07.2008 08:30:43 | Computer Name = EC7E0840EDD6437 | Source = Application Error | ID = 1000
Description = Fehlgeschlagene Anwendung racingnutella.exe, Version 1.0.0.1, fehlgeschlagenes
Modul ntdll.dll, Version 5.1.2600.2180, Fehleradresse 0x00001010.
Error - 16.08.2008 14:03:05 | Computer Name = EC7E0840EDD6437 | Source = Application Error | ID = 1000
Description = Fehlgeschlagene Anwendung devdetect.exe, Version 2.0.1.6, fehlgeschlagenes
Modul mfc70.dll, Version 7.0.9466.0, Fehleradresse 0x0000f442.
Error - 21.08.2008 15:31:12 | Computer Name = EC7E0840EDD6437 | Source = EventSystem | ID = 4609
Description = Das COM+-Ereignissystem hat einen ungültigen Rückgabecode während
der internen Verarbeitung erkannt. HRESULT war 80070005 von Zeile 44 von d:\comxp_sp2\com\com1x\src\events\tier1\eventsystemobj.cpp.
Wenden Sie sich an den Microsoft-Produktsuppor
Error - 30.09.2008 10:29:59 | Computer Name = EC7E0840EDD6437 | Source = Application Error | ID = 1000
Description = Fehlgeschlagene Anwendung f1_2002_demo.exe, Version 0.5.1.8, fehlgeschlagenes
Modul ntdll.dll, Version 5.1.2600.5512, Fehleradresse 0x0000100b.
Error - 06.10.2008 04:37:19 | Computer Name = EC7E0840EDD6437 | Source = Application Error | ID = 1000
Description = Fehlgeschlagene Anwendung f1_2002_demo.exe, Version 0.5.1.8, fehlgeschlagenes
Modul f1_2002_demo.exe, Version 0.5.1.8, Fehleradresse 0x00118175.
Error - 29.03.2009 09:16:38 | Computer Name = EC7E0840EDD6437 | Source = Application Error | ID = 1000
Description = Fehlgeschlagene Anwendung age2_x1.exe, Version 0.7.26.809, fehlgeschlagenes
Modul , Version 0.0.0.0, Fehleradresse 0x00000000.
Error - 29.03.2009 10:05:10 | Computer Name = EC7E0840EDD6437 | Source = Application Error | ID = 1000
Description = Fehlgeschlagene Anwendung age2_x1.exe, Version 0.7.26.809, fehlgeschlagenes
Modul unknown, Version 0.0.0.0, Fehleradresse 0x7a74616c.
Error - 16.04.2009 04:48:04 | Computer Name = EC7E0840EDD6437 | Source = Application Error | ID = 1000
Description = Fehlgeschlagene Anwendung age2_x1.exe, Version 0.7.26.809, fehlgeschlagenes
Modul unknown, Version 0.0.0.0, Fehleradresse 0x73696542.
Error - 21.04.2009 12:16:11 | Computer Name = EC7E0840EDD6437 | Source = Application Error | ID = 1000
Description = Fehlgeschlagene Anwendung empiresx.exe, Version 0.1.6.1115, fehlgeschlagenes
Modul empiresx.exe, Version 0.1.6.1115, Fehleradresse 0x00120c7d.
Error - 15.11.2009 11:57:07 | Computer Name = NUMMER1 | Source = Application Error | ID = 1000
Description = Fehlgeschlagene Anwendung freeagent.exe, Version 1.0.1.14, fehlgeschlagenes
Modul unknown, Version 0.0.0.0, Fehleradresse 0x01590480.
[ System Events ]
Error - 22.12.2010 08:30:43 | Computer Name = NUMMER1 | Source = Service Control Manager | ID = 7023
Description = Der Dienst "Anwendungsverwaltung" wurde mit folgendem Fehler beendet:
%%126
Error - 22.12.2010 08:30:43 | Computer Name = NUMMER1 | Source = Service Control Manager | ID = 7023
Description = Der Dienst "Anwendungsverwaltung" wurde mit folgendem Fehler beendet:
%%126
Error - 22.12.2010 08:30:43 | Computer Name = NUMMER1 | Source = Service Control Manager | ID = 7023
Description = Der Dienst "Anwendungsverwaltung" wurde mit folgendem Fehler beendet:
%%126
Error - 22.12.2010 08:30:43 | Computer Name = NUMMER1 | Source = Service Control Manager | ID = 7023
Description = Der Dienst "Anwendungsverwaltung" wurde mit folgendem Fehler beendet:
%%126
Error - 22.12.2010 08:30:43 | Computer Name = NUMMER1 | Source = Service Control Manager | ID = 7023
Description = Der Dienst "Anwendungsverwaltung" wurde mit folgendem Fehler beendet:
%%126
Error - 22.12.2010 08:30:44 | Computer Name = NUMMER1 | Source = Service Control Manager | ID = 7023
Description = Der Dienst "Anwendungsverwaltung" wurde mit folgendem Fehler beendet:
%%126
Error - 22.12.2010 08:30:44 | Computer Name = NUMMER1 | Source = Service Control Manager | ID = 7023
Description = Der Dienst "Anwendungsverwaltung" wurde mit folgendem Fehler beendet:
%%126
Error - 22.12.2010 08:30:44 | Computer Name = NUMMER1 | Source = Service Control Manager | ID = 7023
Description = Der Dienst "Anwendungsverwaltung" wurde mit folgendem Fehler beendet:
%%126
Error - 22.12.2010 08:30:44 | Computer Name = NUMMER1 | Source = Service Control Manager | ID = 7023
Description = Der Dienst "Anwendungsverwaltung" wurde mit folgendem Fehler beendet:
%%126
Error - 22.12.2010 13:01:43 | Computer Name = NUMMER1 | Source = Service Control Manager | ID = 7026
Description = Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
atapi PCIIde Si3114r5
< End of report >
--- --- ---
[/Code]
OTL Logfile: Code:
OTL logfile created on: 22.12.2010 18:10:07 - Run 3
OTL by OldTimer - Version 3.2.18.0 Folder = C:\Dokumente und Einstellungen\Matthias\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
1.023,00 Mb Total Physical Memory | 513,00 Mb Available Physical Memory | 50,00% Memory free
2,00 Gb Paging File | 2,00 Gb Available in Paging File | 84,00% Paging File free
Paging file location(s): C:\pagefile.sys 2048 3072 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 149,04 Gb Total Space | 77,52 Gb Free Space | 52,01% Space Free | Partition Type: NTFS
Drive H: | 5,10 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: CDFS
Drive M: | 541,11 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
Drive U: | 465,76 Gb Total Space | 25,98 Gb Free Space | 5,58% Space Free | Partition Type: NTFS
Computer Name: NUMMER1 | User Name: Matthias | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2010.12.22 18:09:13 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Dokumente und Einstellungen\Matthias\Desktop\OTL.exe
PRC - [2010.12.22 18:05:14 | 000,912,344 | ---- | M] (Mozilla Corporation) -- C:\Programme\Mozilla Firefox\firefox.exe
PRC - [2009.06.11 10:17:38 | 003,618,104 | ---- | M] (brother) -- C:\Programme\Brownie\BrStsWnd.exe
PRC - [2009.04.16 12:23:56 | 000,479,232 | ---- | M] (SAMSUNG ELECTRONICS) -- C:\Programme\Samsung\EmoDio\SMSTray.exe
PRC - [2008.10.20 14:01:28 | 000,222,512 | ---- | M] (Brother Industries, Ltd.) -- C:\Programme\Brownie\BRNIPMON.exe
PRC - [2008.04.14 06:52:46 | 001,036,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2008.01.14 10:48:30 | 001,144,032 | ---- | M] (Memeo Inc.) -- C:\Programme\Seagate\AutoBackup\MemeoBackup.exe
PRC - [2007.01.18 12:20:26 | 000,190,008 | ---- | M] (Seagate LLC) -- C:\Programme\Seagate\SystemTray\StxMenuMgr.exe
PRC - [2006.03.16 10:34:00 | 000,755,480 | ---- | M] (Zone Labs, LLC) -- C:\Programme\Zone Labs\ZoneAlarm\zlclient.exe
PRC - [2006.03.16 10:33:12 | 001,693,464 | ---- | M] (Zone Labs, LLC) -- C:\WINDOWS\system32\ZoneLabs\vsmon.exe
PRC - [2005.06.23 15:57:12 | 000,188,416 | ---- | M] (Computer Associates International, Inc.) -- C:\WINDOWS\system32\ZoneLabs\isafe.exe
PRC - [2004.12.03 07:28:00 | 000,217,088 | ---- | M] (CASIO COMPUTER CO.,LTD.) -- C:\Programme\CASIO\Photo Loader\Plauto.exe
PRC - [2004.12.01 08:54:22 | 000,077,824 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\SOUNDMAN.EXE
PRC - [2004.06.29 03:47:28 | 000,114,688 | ---- | M] (InterVideo Inc.) -- C:\Programme\InterVideo\Common\Bin\WinCinemaMgr.exe
PRC - [2003.05.29 08:51:28 | 000,598,016 | ---- | M] (ashampoo GmbH & Co. KG) -- C:\Programme\Ashampoo\Ashampoo UnInstaller Suite\UIWatcher.exe
PRC - [2000.03.16 14:08:34 | 000,049,152 | ---- | M] (Scansoft, Inc.) -- C:\Programme\TextBridge Pro Millennium\Bin\InstantAccess.exe
========== Modules (SafeList) ==========
MOD - [2010.12.22 18:09:13 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Dokumente und Einstellungen\Matthias\Desktop\OTL.exe
MOD - [2010.08.23 17:11:46 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll
========== Win32 Services (SafeList) ==========
SRV - File not found [Disabled | Stopped] -- C:\WINDOWS\System32\hidserv.dll -- (HidServ)
SRV - File not found [On_Demand | Stopped] -- C:\WINDOWS\System32\appmgmts.dll -- (AppMgmt)
SRV - [2006.03.16 10:33:12 | 001,693,464 | ---- | M] (Zone Labs, LLC) [Auto | Running] -- C:\WINDOWS\System32\ZoneLabs\vsmon.exe -- (vsmon)
SRV - [2005.06.23 15:57:12 | 000,188,416 | ---- | M] (Computer Associates International, Inc.) [On_Demand | Running] -- C:\WINDOWS\system32\ZoneLabs\isafe.exe -- (CAISafe)
SRV - [2005.04.04 00:41:10 | 000,069,632 | ---- | M] (Macrovision Corporation) [On_Demand | Stopped] -- C:\Programme\Gemeinsame Dateien\InstallShield\Driver\11\Intel 32\IDriverT.exe -- (IDriverT)
========== Driver Services (SafeList) ==========
DRV - File not found [Kernel | On_Demand | Stopped] -- D:\NTGLM7X.sys -- (SetupNTGLM7X)
DRV - File not found [Kernel | On_Demand | Stopped] -- D:\NTACCESS.sys -- (NTACCESS)
DRV - File not found [Kernel | On_Demand | Stopped] -- D:\install4\MSICPL.sys -- (MSICPL)
DRV - File not found [Kernel | On_Demand | Stopped] -- D:\INSTALL\GMSIPCI.SYS -- (GMSIPCI)
DRV - [2010.03.12 11:07:44 | 000,278,984 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\atksgt.sys -- (atksgt)
DRV - [2010.03.09 19:58:18 | 000,025,416 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\lirsgt.sys -- (lirsgt)
DRV - [2008.08.01 14:27:35 | 000,099,648 | ---- | M] (SlySoft, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AnyDVD.sys -- (AnyDVD)
DRV - [2008.07.21 13:11:58 | 000,024,392 | ---- | M] (Elaborate Bytes AG) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ElbyCDIO.sys -- (ElbyCDIO)
DRV - [2008.04.13 23:26:50 | 000,012,800 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usb8023.sys -- (fwrnusb)
DRV - [2007.10.18 19:57:09 | 000,896,472 | ---- | M] (Computer Associates International, Inc.) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\vetmonnt.sys -- (VETMONNT)
DRV - [2007.10.18 19:57:09 | 000,114,856 | ---- | M] (Computer Associates International, Inc.) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\vetfddnt.sys -- (VETFDDNT)
DRV - [2007.02.16 01:56:49 | 000,011,984 | ---- | M] (Elaborate Bytes AG) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ElbyDelay.sys -- (ElbyDelay)
DRV - [2006.12.26 13:54:35 | 000,034,760 | ---- | M] (SlySoft, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ElbyCDFL.sys -- (ElbyCDFL)
DRV - [2006.06.04 20:09:43 | 000,009,856 | ---- | M] (Padus, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\pfc.sys -- (pfc)
DRV - [2006.03.16 10:33:00 | 000,372,824 | ---- | M] (Zone Labs, LLC) [Kernel | System | Running] -- C:\WINDOWS\system32\vsdatant.sys -- (vsdatant)
DRV - [2005.12.10 03:06:00 | 003,536,768 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv)
DRV - [2005.05.13 17:53:24 | 000,021,605 | ---- | M] () [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\vet-filt.sys -- (VET-FILT)
DRV - [2005.05.13 17:53:24 | 000,015,668 | ---- | M] () [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\vet-rec.sys -- (VET-REC)
DRV - [2005.04.09 20:28:51 | 000,016,512 | ---- | M] (Adaptec) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\ASPI32.SYS -- (Aspi32)
DRV - [2004.12.07 09:15:54 | 000,087,936 | R--- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\nvatabus.sys -- (nvatabus)
DRV - [2004.12.01 13:40:08 | 002,300,928 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ALCXWDM.SYS -- (ALCXWDM) Service for Realtek AC97 Audio (WDM)
DRV - [2004.11.24 10:42:48 | 000,012,928 | R--- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nvnetbus.sys -- (nvnetbus)
DRV - [2004.11.24 10:42:46 | 000,033,408 | R--- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\NVENETFD.sys -- (NVENETFD)
DRV - [2004.10.21 04:39:44 | 000,035,840 | R--- | M] (Advanced Micro Devices) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\AmdK8.sys -- (AmdK8)
DRV - [2004.07.21 11:02:00 | 000,166,400 | ---- | M] (Silicon Image, Inc) [Kernel | Boot | Stopped] -- C:\WINDOWS\system32\DRIVERS\Si3114r5.sys -- (Si3114r5)
DRV - [2004.06.24 07:38:42 | 000,191,360 | R--- | M] (Ralink Technology Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\M2500.sys -- (M2500)
DRV - [2004.06.16 00:14:00 | 000,180,480 | R--- | M] (Marvell) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\yk51x86.sys -- (yukonwxp)
DRV - [2004.04.30 08:37:02 | 000,160,640 | ---- | M] ( ) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\a19346b.sys -- (a19346b)
DRV - [2004.04.30 08:33:00 | 000,005,248 | ---- | M] ( ) [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\a19346c.sys -- (a19346c)
DRV - [2003.10.15 10:28:00 | 000,010,240 | ---- | M] (Silicon Image, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\SiWinAcc.sys -- (SiFilter)
DRV - [1997.10.08 02:04:06 | 000,006,816 | ---- | M] (3Dfx Interactive, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\System32\drivers\MAPMEM.SYS -- (MapMem)
DRV - [1997.10.08 02:04:06 | 000,006,336 | ---- | M] (3Dfx Interactive, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\System32\drivers\NTREMAP.SYS -- (NTRemap)
DRV - [1997.10.08 02:04:06 | 000,004,832 | ---- | M] (3Dfx Interactive, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\System32\drivers\genport.sys -- (GenPort)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,First Home Page = hxxp://www.arcor.de
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,First Home Page = hxxp://www.arcor.de
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.arcor.de
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.arcor.de
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.startup.homepage: "hxxp://www.tolldrio.de/start/"
FF - prefs.js..extensions.enabledItems: de-DE@dictionaries.addons.mozilla.org:2.0.2
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: support@pdfcreator-toolbar.org:1.0
FF - prefs.js..extensions.enabledItems: {635abd67-4fe9-1b23-4f01-e679fa7484c1}:2.1.1.20091029021655
FF - prefs.js..network.proxy.type: 0
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Components: C:\Programme\Mozilla Firefox\components [2010.12.22 18:05:20 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Plugins: C:\Programme\Mozilla Firefox\plugins [2010.12.22 18:05:20 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Thunderbird 3.0.3\extensions\\Components: C:\Programme\Mozilla Thunderbird\components [2010.03.06 23:05:47 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Thunderbird 3.0.3\extensions\\Plugins: C:\Programme\Mozilla Thunderbird\plugins
[2010.01.17 13:20:51 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Matthias\Anwendungsdaten\Mozilla\Extensions
[2010.01.17 13:20:51 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\Matthias\Anwendungsdaten\Mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}
[2010.12.20 22:10:59 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Matthias\Anwendungsdaten\Mozilla\Firefox\Profiles\he3cd1ow.default\extensions
[2010.09.17 21:30:13 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Dokumente und Einstellungen\Matthias\Anwendungsdaten\Mozilla\Firefox\Profiles\he3cd1ow.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010.05.20 21:19:33 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Dokumente und Einstellungen\Matthias\Anwendungsdaten\Mozilla\Firefox\Profiles\he3cd1ow.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2010.11.21 12:27:38 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Matthias\Anwendungsdaten\Mozilla\Firefox\Profiles\he3cd1ow.default\extensions\de-DE@dictionaries.addons.mozilla.org
[2010.12.20 22:11:00 | 000,000,000 | ---D | M] -- C:\Programme\Mozilla Firefox\extensions
[2010.01.17 13:11:40 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Programme\Mozilla Firefox\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2010.10.28 22:20:00 | 000,001,392 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\amazondotcom-de.xml
[2010.10.28 22:20:00 | 000,002,344 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\eBay-de.xml
[2010.10.28 22:20:00 | 000,006,805 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\leo_ende_de.xml
[2010.10.28 22:20:00 | 000,001,178 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\wikipedia-de.xml
[2010.10.28 22:20:00 | 000,001,105 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\yahoo-de.xml
O1 HOSTS File: ([2002.12.31 13:00:00 | 000,000,820 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (PDFCreator Toolbar Helper) - {C451C08A-EC37-45DF-AAAD-18B51AB5E837} - C:\Programme\PDFCreator Toolbar\v3.3.0.1\PDFCreator_Toolbar.dll ()
O3 - HKLM\..\Toolbar: (PDFCreator Toolbar) - {31CF9EBE-5755-4A1D-AC25-2834D952D9B4} - C:\Programme\PDFCreator Toolbar\v3.3.0.1\PDFCreator_Toolbar.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (PDFCreator Toolbar) - {31CF9EBE-5755-4A1D-AC25-2834D952D9B4} - C:\Programme\PDFCreator Toolbar\v3.3.0.1\PDFCreator_Toolbar.dll ()
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [Adobe ARM] C:\Programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Programme\Adobe\Reader 10.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Arcor Online] File not found
O4 - HKLM..\Run: [BrStsWnd] C:\Programme\Brownie\BrstsWnd.exe (brother)
O4 - HKLM..\Run: [CloneCDTray] C:\Programme\SlySoft\CloneCD\CloneCDTray.exe File not found
O4 - HKLM..\Run: [InstantAccess] C:\Programme\TextBridge Pro Millennium\Bin\InstantAccess.exe (Scansoft, Inc.)
O4 - HKLM..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe (Ahead Software Gmbh)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe ()
O4 - HKLM..\Run: [SMSTray] C:\Programme\Samsung\EmoDio\SMSTray.exe (SAMSUNG ELECTRONICS)
O4 - HKLM..\Run: [SoundMan] C:\WINDOWS\SOUNDMAN.EXE (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [StxTrayMenu] C:\Programme\Seagate\SystemTray\StxMenuMgr.exe (Seagate LLC)
O4 - HKLM..\Run: [user.exe] C:\Programme\Familien-Internet\Zeiten\user.exe ()
O4 - HKLM..\Run: [Zone Labs Client] C:\Programme\Zone Labs\ZoneAlarm\zlclient.exe (Zone Labs, LLC)
O4 - HKCU..\Run: [AnyDVD] C:\Programme\SlySoft\AnyDVD\AnyDVDtray.exe (SlySoft, Inc.)
O4 - HKCU..\Run: [Arcor Online] File not found
O4 - HKCU..\Run: [UIWatcher] C:\Programme\Ashampoo\Ashampoo UnInstaller Suite\UIWatcher.exe (ashampoo GmbH & Co. KG)
O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\Antivirus-Profi-Paket.lnk = C:\Programme\Antivirus-Profi-Paket\avk.exe File not found
O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\InterVideo WinCinema Manager.lnk = C:\Programme\InterVideo\Common\Bin\WinCinemaMgr.exe (InterVideo Inc.)
O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\Photo Loader resident.lnk = C:\Programme\CASIO\Photo Loader\Plauto.exe (CASIO COMPUTER CO.,LTD.)
O4 - Startup: C:\Dokumente und Einstellungen\Matthias\Startmenü\Programme\Autostart\AutoBackup Launcher.lnk = C:\Programme\Seagate\AutoBackup\MemeoLauncher.exe (Memeo Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\WINDOWS\System32\ZoneLabs\vetredir.dll (Computer Associates International, Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\WINDOWS\System32\ZoneLabs\vetredir.dll (Computer Associates International, Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\WINDOWS\System32\ZoneLabs\vetredir.dll (Computer Associates International, Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\WINDOWS\System32\ZoneLabs\vetredir.dll (Computer Associates International, Inc.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab (Java Plug-in 1.6.0_16)
O16 - DPF: {CAFEEFAC-0014-0002-0004-ABCDEFFEDCBA} hxxp://java.sun.com/products/plugin/autodl/jinstall-142-windows-i586.cab (Java Plug-in 1.4.2_04)
O16 - DPF: {CAFEEFAC-0015-0000-0001-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_01-windows-i586.cab (Java Plug-in 1.5.0_01)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab (Java Plug-in 1.6.0_16)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab (Java Plug-in 1.6.0_16)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O24 - Desktop Components:0 (Die derzeitige Homepage) - About:Home
O24 - Desktop WallPaper: C:\Dokumente und Einstellungen\Matthias\Lokale Einstellungen\Anwendungsdaten\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Dokumente und Einstellungen\Matthias\Lokale Einstellungen\Anwendungsdaten\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2005.03.02 13:48:03 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2006.10.13 13:50:51 | 003,834,762 | R--- | M] (Macromedia, Inc.) - H:\Autorun.exe -- [ CDFS ]
O32 - AutoRun File - [2006.10.17 16:24:41 | 000,000,041 | RH-- | M] () - H:\autorun.inf -- [ CDFS ]
O32 - AutoRun File - [2003.04.07 10:30:18 | 000,000,050 | R--- | M] () - M:\AUTORUN.INF -- [ CDFS ]
O32 - AutoRun File - [2006.11.30 06:45:30 | 000,000,132 | ---- | M] () - U:\autorun.inf -- [ NTFS ]
O33 - MountPoints2\{edd7ecc1-8b17-11d9-980a-806d6172696f}\Shell - "" = AutoRun
O33 - MountPoints2\{edd7ecc1-8b17-11d9-980a-806d6172696f}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{edd7ecc1-8b17-11d9-980a-806d6172696f}\Shell\AutoRun\command - "" = D:\Setup.exe -- File not found
O33 - MountPoints2\H\Shell - "" = AutoRun
O33 - MountPoints2\H\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\H\Shell\AutoRun\command - "" = H:\Autorun.exe -- [2006.10.13 13:50:51 | 003,834,762 | R--- | M] (Macromedia, Inc.)
O33 - MountPoints2\U\Shell\AutoRun\command - "" = U:\Install FreeAgent Tools.exe -- [2007.02.09 02:29:48 | 146,041,088 | ---- | M] (Seagate )
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 30 Days ==========
[2010.12.22 18:09:02 | 000,602,624 | ---- | C] (OldTimer Tools) -- C:\Dokumente und Einstellungen\Matthias\Desktop\OTL.exe
[2010.12.21 16:03:09 | 000,000,000 | ---D | C] -- C:\Programme\Trend Micro
[2010.12.20 22:17:43 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Matthias\Anwendungsdaten\Malwarebytes
[2010.12.20 22:17:35 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010.12.20 22:17:34 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Malwarebytes
[2010.12.20 22:17:08 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2010.12.20 22:17:08 | 000,000,000 | ---D | C] -- C:\Programme\Malwarebytes' Anti-Malware
[2010.12.15 16:17:08 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ndproxy.sys
[2010.12.15 16:15:21 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wab.exe
[2005.05.19 20:08:55 | 000,160,640 | ---- | C] ( ) -- C:\WINDOWS\System32\drivers\a19346b.sys
[2005.05.19 20:08:55 | 000,005,248 | ---- | C] ( ) -- C:\WINDOWS\System32\drivers\a19346c.sys
[9 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[5 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2010.12.22 18:09:13 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Dokumente und Einstellungen\Matthias\Desktop\OTL.exe
[2010.12.22 18:03:25 | 000,000,083 | -HS- | M] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\.zreglib
[2010.12.22 18:03:13 | 000,000,365 | ---- | M] () -- C:\WINDOWS\Brownie.ini
[2010.12.22 18:02:31 | 000,043,518 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
[2010.12.22 18:02:14 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010.12.22 18:01:49 | 000,004,212 | -H-- | M] () -- C:\WINDOWS\System32\zllictbl.dat
[2010.12.22 18:01:47 | 000,042,715 | ---- | M] () -- C:\WINDOWS\System32\vsconfig.xml
[2010.12.22 18:01:17 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010.12.22 13:38:11 | 000,000,000 | ---- | M] () -- C:\Dokumente und Einstellungen\Matthias\Anwendungsdaten\sversion.ini
[2010.12.22 13:31:28 | 000,000,015 | ---- | M] () -- C:\WINDOWS\WDZ3.ini
[2010.12.22 12:50:29 | 000,000,756 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2010.12.21 22:21:56 | 000,000,432 | ---- | M] () -- C:\WINDOWS\BRWMARK.INI
[2010.12.21 16:03:10 | 000,001,990 | ---- | M] () -- C:\Dokumente und Einstellungen\Matthias\Desktop\HiJackThis.lnk
[2010.12.20 21:06:29 | 000,459,500 | ---- | M] () -- C:\WINDOWS\System32\perfh007.dat
[2010.12.20 21:06:29 | 000,441,568 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010.12.20 21:06:29 | 000,084,644 | ---- | M] () -- C:\WINDOWS\System32\perfc007.dat
[2010.12.20 21:06:29 | 000,071,312 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010.12.20 18:09:00 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010.12.20 18:08:40 | 000,020,952 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2010.12.19 22:09:08 | 000,035,691 | ---- | M] () -- C:\Dokumente und Einstellungen\Matthias\Desktop\defender.odt
[2010.12.15 19:29:33 | 000,145,216 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010.12.15 17:54:56 | 000,001,393 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[9 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[5 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
========== Files Created - No Company Name ==========
[2010.12.21 16:03:10 | 000,001,990 | ---- | C] () -- C:\Dokumente und Einstellungen\Matthias\Desktop\HiJackThis.lnk
[2010.12.20 22:17:35 | 000,000,756 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2010.12.19 22:09:07 | 000,035,691 | ---- | C] () -- C:\Dokumente und Einstellungen\Matthias\Desktop\defender.odt
[2010.11.12 21:46:54 | 000,000,000 | ---- | C] () -- C:\WINDOWS\brmx2001.ini
[2010.11.12 21:46:53 | 000,000,142 | ---- | C] () -- C:\WINDOWS\BRVIDEO.INI
[2010.11.12 21:46:50 | 000,000,432 | ---- | C] () -- C:\WINDOWS\BRWMARK.INI
[2010.11.12 21:46:49 | 000,000,114 | ---- | C] () -- C:\WINDOWS\System32\brlmw03a.ini
[2010.11.12 21:46:48 | 000,009,868 | ---- | C] () -- C:\WINDOWS\HL-2150N.INI
[2010.11.12 21:28:31 | 000,000,365 | ---- | C] () -- C:\WINDOWS\Brownie.ini
[2010.10.20 12:08:26 | 000,021,504 | ---- | C] () -- C:\WINDOWS\jestertb.dll
[2010.03.09 19:58:18 | 000,278,984 | ---- | C] () -- C:\WINDOWS\System32\drivers\atksgt.sys
[2010.03.09 19:58:18 | 000,025,416 | ---- | C] () -- C:\WINDOWS\System32\drivers\lirsgt.sys
[2010.02.14 19:16:37 | 000,000,175 | ---- | C] () -- C:\WINDOWS\maxlink.ini
[2009.04.24 22:26:33 | 000,000,065 | ---- | C] () -- C:\WINDOWS\FISHUI.INI
[2009.04.19 13:39:14 | 000,000,046 | ---- | C] () -- C:\WINDOWS\hmview.ini
[2009.04.16 12:24:14 | 000,921,600 | ---- | C] () -- C:\WINDOWS\System32\vorbisenc.dll
[2009.04.16 12:24:14 | 000,237,568 | ---- | C] () -- C:\WINDOWS\System32\OggDS.dll
[2009.04.16 12:24:14 | 000,188,416 | ---- | C] () -- C:\WINDOWS\System32\vorbis.dll
[2009.04.16 12:24:14 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\Ogg.dll
[2009.03.15 22:02:08 | 000,116,224 | ---- | C] () -- C:\WINDOWS\System32\pdfcmnnt.dll
[2009.01.10 21:11:46 | 000,000,083 | -HS- | C] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\.zreglib
[2008.01.30 19:55:51 | 000,000,160 | ---- | C] () -- C:\WINDOWS\G403ko_K.INI
[2008.01.30 19:53:32 | 000,000,162 | ---- | C] () -- C:\WINDOWS\G403te_K.INI
[2008.01.30 19:50:06 | 000,000,177 | ---- | C] () -- C:\WINDOWS\G403me_K.INI
[2008.01.30 19:42:31 | 000,000,173 | ---- | C] () -- C:\WINDOWS\G403er_K.INI
[2008.01.30 19:42:09 | 000,375,296 | ---- | C] () -- C:\WINDOWS\System32\tx32.dll
[2008.01.30 19:42:09 | 000,000,202 | ---- | C] () -- C:\WINDOWS\System32\IC32.INI
[2007.07.17 21:34:47 | 000,000,141 | ---- | C] () -- C:\Dokumente und Einstellungen\Matthias\Lokale Einstellungen\Anwendungsdaten\fusioncache.dat
[2006.09.10 11:28:36 | 000,000,061 | ---- | C] () -- C:\WINDOWS\System32\wdz4.ini
[2006.09.07 20:06:39 | 000,021,605 | ---- | C] () -- C:\WINDOWS\System32\drivers\vet-filt.sys
[2006.09.07 20:06:39 | 000,015,668 | ---- | C] () -- C:\WINDOWS\System32\drivers\vet-rec.sys
[2006.09.07 20:06:39 | 000,012,288 | ---- | C] () -- C:\WINDOWS\System32\vetntmsg.dll
[2006.06.02 19:20:41 | 000,000,136 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2006.06.02 19:18:35 | 000,036,864 | ---- | C] () -- C:\WINDOWS\System32\ODBCSTF.DLL
[2006.03.14 21:11:18 | 000,000,503 | ---- | C] () -- C:\WINDOWS\System32\FeMakro.ini
[2006.03.14 21:11:18 | 000,000,497 | ---- | C] () -- C:\WINDOWS\System32\FeAnim.ini
[2006.03.05 13:32:11 | 000,000,015 | ---- | C] () -- C:\WINDOWS\WDZ3.ini
[2005.12.10 03:06:00 | 000,573,440 | ---- | C] () -- C:\WINDOWS\System32\nvhwvid.dll
[2005.12.10 03:06:00 | 000,110,592 | ---- | C] () -- C:\WINDOWS\System32\nvapi.dll
[2005.10.31 21:12:34 | 000,036,352 | ---- | C] () -- C:\Dokumente und Einstellungen\Matthias\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2005.07.24 20:41:16 | 000,000,000 | ---- | C] () -- C:\WINDOWS\distlib.ini
[2005.04.12 13:18:02 | 000,002,704 | ---- | C] () -- C:\WINDOWS\DevMgr.ini
[2005.04.12 08:23:12 | 000,000,000 | ---- | C] () -- C:\Dokumente und Einstellungen\Matthias\Anwendungsdaten\sversion.ini
[2005.04.11 14:15:52 | 000,204,800 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeW7.dll
[2005.04.11 14:15:52 | 000,200,704 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeA6.dll
[2005.04.11 14:15:52 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeP6.dll
[2005.04.11 14:15:52 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeM6.dll
[2005.04.11 14:15:52 | 000,188,416 | ---- | C] () -- C:\WINDOWS\System32\IVIresizePX.dll
[2005.04.11 14:15:52 | 000,020,480 | ---- | C] () -- C:\WINDOWS\System32\IVIresize.dll
[2005.04.11 09:01:25 | 000,000,055 | ---- | C] () -- C:\WINDOWS\TC.INI
[2005.04.10 13:12:00 | 000,021,840 | ---- | C] () -- C:\WINDOWS\System32\SIntfNT.dll
[2005.04.10 13:12:00 | 000,017,212 | ---- | C] () -- C:\WINDOWS\System32\SIntf32.dll
[2005.04.10 13:12:00 | 000,012,067 | ---- | C] () -- C:\WINDOWS\System32\SIntf16.dll
[2005.04.10 13:01:11 | 000,000,020 | ---- | C] () -- C:\WINDOWS\Hposcv07.INI
[2005.04.10 10:44:02 | 000,069,632 | R--- | C] () -- C:\WINDOWS\System32\xmltok.dll
[2005.04.10 10:44:02 | 000,036,864 | R--- | C] () -- C:\WINDOWS\System32\xmlparse.dll
[2005.04.09 20:55:16 | 000,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2005.04.09 20:28:52 | 000,047,226 | ---- | C] () -- C:\WINDOWS\System32\interceptor.sys
[2005.03.02 14:30:07 | 000,156,672 | ---- | C] () -- C:\WINDOWS\System32\RTLCPAPI.dll
[2005.03.02 14:24:21 | 000,000,258 | ---- | C] () -- C:\WINDOWS\System32\raidmgmt.ini
[2005.03.02 13:39:10 | 000,004,325 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2004.09.30 06:35:00 | 001,662,976 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll
[2004.09.30 06:35:00 | 001,466,368 | ---- | C] () -- C:\WINDOWS\System32\nview.dll
[2004.09.30 06:35:00 | 001,019,904 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll
[2004.09.30 06:35:00 | 000,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll
[2004.09.30 06:35:00 | 000,286,720 | ---- | C] () -- C:\WINDOWS\System32\nvnt4cpl.dll
[2003.02.12 19:21:20 | 000,007,698 | ---- | C] () -- C:\WINDOWS\cadx2.ini
[2002.11.20 17:51:34 | 000,159,744 | ---- | C] () -- C:\WINDOWS\System32\win2000.dll
[2002.03.20 20:01:06 | 000,006,688 | R--- | C] () -- C:\WINDOWS\System32\Digita.sys
[2002.03.20 20:00:20 | 000,049,152 | R--- | C] () -- C:\WINDOWS\System32\TransportUSB.dll
[2002.03.20 20:00:20 | 000,049,152 | R--- | C] () -- C:\WINDOWS\System32\TransportSerial.dll
[2002.03.20 20:00:20 | 000,049,152 | R--- | C] () -- C:\WINDOWS\System32\TransportIrDA.dll
[2002.03.20 20:00:20 | 000,049,152 | R--- | C] () -- C:\WINDOWS\System32\TransportIrCOMM.dll
[1997.06.14 12:56:08 | 000,056,832 | ---- | C] () -- C:\WINDOWS\System32\iyvu9_32.dll
========== LOP Check ==========
[2006.06.04 20:09:51 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\ACD Systems
[2006.07.28 20:53:43 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\ArchDesigner
[2008.07.26 19:58:05 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\BVRP Software
[2009.10.10 12:10:20 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\HBZ
[2010.07.02 21:01:36 | 000,000,000 | --SD | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Seagate
[2008.04.04 16:02:55 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\SlySoft
[2007.07.17 21:36:38 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Tanagra
[2006.03.05 13:17:22 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Terzio
[2010.02.14 19:15:54 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TextBridge
[2006.06.04 20:13:48 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Matthias\Anwendungsdaten\ACD Systems
[2005.04.10 10:01:48 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Matthias\Anwendungsdaten\AdsCleaner
[2010.10.28 21:26:09 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Matthias\Anwendungsdaten\Canon
[2005.04.09 19:57:58 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Matthias\Anwendungsdaten\CDZilla
[2009.04.24 22:11:29 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Matthias\Anwendungsdaten\DataCast
[2010.11.08 21:52:24 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Matthias\Anwendungsdaten\gtk-2.0
[2005.04.11 14:18:49 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Matthias\Anwendungsdaten\InterVideo
[2008.05.25 00:06:29 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Matthias\Anwendungsdaten\map&guide
[2009.03.23 21:04:35 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Matthias\Anwendungsdaten\OpenOffice.org
[2010.08.23 19:24:06 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Matthias\Anwendungsdaten\PTV AG
[2010.01.17 13:20:37 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Matthias\Anwendungsdaten\Thunderbird
========== Purity Check ==========
< End of report >
--- --- ---
[/Code]
Die OTL-Scan liefen nur für aktuellen Nutzer, hätte ich alle Nutzer einbeziehen sollen?
Ich werde es auf jeden Fall noch einmal für alle Nutzer machen und wenn nötig posten.
Ich hoffe die Infos reichen ersteinmal für für deine weiteren Untersuchungen.
Danke und viele Grüße
Matthias |
