| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Ist Trojaner Trojan.Agent jemals aktiv geworden?Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
27.09.2010, 14:48
| #1 |
 |  Ist Trojaner Trojan.Agent jemals aktiv geworden? Hallo, erstmals im Board habe ich nun eine Frage: Wie kann ich feststellen, ob der Trojaner Trojan.Agent jemals aktiv geworden ist, oder die verdächtige Datei nur dumm rum gelegen hat? Die von Malwarebytes gefundene Datei befindet sich nämlich auch schon auf einem Backup, welches ich vor ca. 1 Jahr mal angefertigt habe, und habe bisher keine Ausspähungen bemerken können. Hab schon einiges rumgegoogelt, konnte mir aber noch keine wirkliche Meinung bilden, ob nun mit dem Löschen der Datei schon alles getan ist. Mir ist auch nicht so ganz klar, welche Art von Tätigkeit denn von dem Trojan.Agent so zu erwarten ist. Wenn ich richtig verstanden habe, soll das ja eine Java-Malware sein, die ohne laufendes Java ja dann harmlos sein müßte. Die gleiche Frage auch wegen des Worm.Autorun.B. Der war übrigens weg, nachdem ich Avast installiert hatte, und im Sicherheitscenter die AntiVirus-Überwachung wieder eingestellt hatte. Da hatte meine bis dato installierte und upgedatete Version von NortonAV prof. 2004 wohl reingefunkt. Drauf gekommen bin ich, weil ein bestimmter Browser-Plugin-Test Zicken macht. Im Firefox-Forum gab es widersprüchliche Meinungen, ob das beobachtete Phänomen (2 plugin-container.exe Instanzen) auf aktive Malware hindeutet. Malwarebytes log: Code:
ATTFilter Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org
Datenbank Version: 4629
Windows 5.1.2600 Service Pack 3
Internet Explorer 6.0.2900.5512
16.09.2010 18:58:14
mbam-log-2010-09-16 (18-58-14).txt
Art des Suchlaufs: Quick-Scan
Durchsuchte Objekte: 159142
Laufzeit: 18 Minute(n), 17 Sekunde(n)
Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 0
Infizierte Registrierungswerte: 0
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 0
Infizierte Dateien: 3
Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)
Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)
Infizierte Registrierungsschlüssel:
(Keine bösartigen Objekte gefunden)
Infizierte Registrierungswerte:
(Keine bösartigen Objekte gefunden)
Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)
Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)
Infizierte Dateien:
C:\RECYCLER\S-1-5-21-999901472-3601035388-3065584919-1005\Dc12892\HELP.exe (Worm.Autorun.B) -> No action taken.
C:\Dokumente und Einstellungen\***\Cookies\MM2048.DAT (Trojan.Agent) -> No action taken.
C:\Dokumente und Einstellungen\***\Cookies\MM256.DAT (Trojan.Agent) -> No action taken.
Geändert von Herzmann (27.09.2010 um 14:53 Uhr) Grund: Links eingefügt |
|
28.09.2010, 13:38
| #2 |
| /// Winkelfunktion /// TB-Süch-Tiger™   | Ist Trojaner Trojan.Agent jemals aktiv geworden? Hallo und
__________________ Bitte routinemäßig einen Vollscan mit Malwarebytes machen und Log posten. Denk daran, dass Malwarebytes vor jedem Scan manuell aktualisiert werden muss! Danach OTL: Systemscan mit OTL Lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop
__________________ |
|
28.09.2010, 16:00
| #3 |
| | Ist Trojaner Trojan.Agent jemals aktiv geworden?Code:
ATTFilter Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org
Datenbank Version: 4666
Windows 5.1.2600 Service Pack 3
Internet Explorer 6.0.2900.5512
22.09.2010 01:46:39
mbam-log-2010-09-22 (01-46-39).txt
Art des Suchlaufs: Vollständiger Suchlauf (C:\|E:\|F:\|G:\|H:\|)
Durchsuchte Objekte: 724995
Laufzeit: 1 Stunde(n), 42 Minute(n), 44 Sekunde(n)
Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 0
Infizierte Registrierungswerte: 0
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 0
Infizierte Dateien: 0
Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)
Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)
Infizierte Registrierungsschlüssel:
(Keine bösartigen Objekte gefunden)
Infizierte Registrierungswerte:
(Keine bösartigen Objekte gefunden)
Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)
Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)
Infizierte Dateien:
(Keine bösartigen Objekte gefunden)
Code:
ATTFilter OTL logfile created on: 28.09.2010 16:39:54 - Run 1 OTL by OldTimer - Version 3.2.14.1 Folder = E:\Software\Ab 17.04.2009\Download\Sicherheit Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 6.0.2900.5512) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 44,00% Memory free 3,00 Gb Paging File | 2,00 Gb Available in Paging File | 62,00% Paging File free Paging file location(s): C:\pagefile.sys 1024 1536 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme Drive C: | 59,53 Gb Total Space | 5,43 Gb Free Space | 9,12% Space Free | Partition Type: NTFS D: Drive not present or media not loaded Drive E: | 46,18 Gb Total Space | 0,08 Gb Free Space | 0,18% Space Free | Partition Type: FAT32 Drive F: | 4,00 Gb Total Space | 0,45 Gb Free Space | 11,32% Space Free | Partition Type: FAT32 Drive G: | 4,01 Gb Total Space | 0,46 Gb Free Space | 11,49% Space Free | Partition Type: FAT32 Drive H: | 25,27 Gb Total Space | 4,47 Gb Free Space | 17,68% Space Free | Partition Type: NTFS I: Drive not present or media not loaded Computer Name: MOBI Current User Name: *** NOT logged in as Administrator. Current Boot Mode: Normal Scan Mode: Current user Company Name Whitelist: Off Skip Microsoft Files: Off File Age = 30 Days Output = Minimal ========== Processes (SafeList) ========== PRC - E:\Software\Ab 17.04.2009\Download\Sicherheit\OTL.exe (OldTimer Tools) PRC - C:\Programme\Mozilla Thunderbird\thunderbird.exe (Mozilla Messaging) PRC - C:\Programme\Mozilla\Firefox\plugin-container.exe (Mozilla Corporation) PRC - C:\Programme\Mozilla\Firefox\firefox.exe (Mozilla Corporation) PRC - C:\Programme\Alwil Software\Avast5\AvastUI.exe (AVAST Software) PRC - C:\Programme\Gemeinsame Dateien\Real\Update_OB\realsched.exe (RealNetworks, Inc.) PRC - C:\Programme\TortoiseHg\TortoiseHgOverlayServer.exe () PRC - C:\Programme\TortoiseSVN\bin\TSVNCache.exe (hxxp://tortoisesvn.net) PRC - C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe (Sun Microsystems, Inc.) PRC - C:\WINDOWS\system32\TpShocks.exe (Lenovo.) PRC - C:\Programme\ThinkPad\ConnectUtilities\ACWLIcon.exe (Lenovo ) PRC - C:\Programme\ThinkPad\ConnectUtilities\ACTray.exe (Lenovo ) PRC - C:\Programme\Synaptics\SynTP\SynTPLpr.exe (Synaptics Incorporated) PRC - C:\Programme\Lenovo\Message Center Plus\MCPLaunch.exe () PRC - C:\Dokumente und Einstellungen\***\Lokale Einstellungen\Apps\2.0\CDYO31ZO.VG2\OEZVKJ02.55X\frit..tion_f8d772dfbb3f7453_0002.0001_0db5bf169ed5c0c1\fritzbox-usb-fernanschluss.exe (AVM Berlin) PRC - C:\Programme\ThinkPad\Utilities\EZEJMNAP.EXE (Lenovo Group Ltd.) PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation) PRC - C:\Programme\Gemeinsame Dateien\Lenovo\Scheduler\scheduler_proxy.exe (Lenovo Group Limited) PRC - C:\Programme\ThinkPad\Bluetooth Software\BTTray.exe (Broadcom Corporation.) PRC - C:\Programme\FRITZ!DSL\StCenter.exe (AVM Berlin) PRC - C:\Programme\FRITZ!DSL\FwebProt.exe (AVM Berlin) PRC - C:\Programme\Lenovo\HOTKEY\TPOSDSVC.exe (Lenovo Group Limited) PRC - C:\Programme\Lenovo\HOTKEY\TPONSCR.exe (Lenovo Group Limited) PRC - C:\Programme\Logitech\QuickCam10\QuickCam10.exe () PRC - C:\Programme\Gemeinsame Dateien\logishrd\LComMgr\Communications_Helper.exe (Logitech Inc.) PRC - C:\Programme\Gemeinsame Dateien\logishrd\LQCVFX\COCIManager.exe (Logitech Inc.) PRC - C:\Programme\Gemeinsame Dateien\logishrd\LComMgr\LVComSX.exe (Logitech Inc.) PRC - C:\WINDOWS\tsnp2std.exe (SONIX) PRC - C:\WINDOWS\vsnp2std.exe (Sonix) PRC - C:\Program Files\ThinkPad\UltraNav Wizard\UNavTray.exe (Lenovo Group Limited) PRC - C:\Programme\ThinkPad\PkgMgr\HOTKEY_1\TpScrex.exe (Lenovo Group Limited) PRC - C:\WINDOWS\system32\dla\DLACTRLW.EXE (Sonic Solutions) PRC - C:\IBMTOOLS\utils\ibmprc.exe (IBM Corp.) PRC - C:\Programme\Home Cinema\PowerDVD\PDVDServ.exe (Cyberlink Corp.) PRC - C:\Programme\Analog Devices\SoundMAX\SMax4PNP.exe (Analog Devices, Inc.) PRC - C:\Programme\Sony Ericsson\Mobile\audevicemgr.exe (Teleca Software Solutions AB) PRC - C:\Programme\Analog Devices\SoundMAX\SMax4.exe (Analog Devices, Inc.) PRC - C:\Programme\IBM\Messages By IBM\ibmmessages.exe (IBM) PRC - C:\Programme\Gemeinsame Dateien\InstallShield\UpdateService\issch.exe (InstallShield Software Corporation) PRC - C:\Programme\Sony Ericsson\Mobile\Connectivity Pack\ConnMngMntBox.exe (Symbian Ltd.) PRC - c:\Programme\Intuwave Ltd\Shared\mRouterRunTime\mRouterRuntime.exe (Intuwave Ltd.) PRC - C:\Program Files\Digital Line Detect\DLG.exe (BVRP Software) PRC - C:\Programme\Palm\Handspring\HOTSYNC.EXE (Palm, Inc.) PRC - C:\WINDOWS\system32\TpScrLk.exe () PRC - C:\WINDOWS\system32\spool\drivers\w32x86\2\fpdisp4.exe (FinePrint Software, LLC) PRC - C:\WINDOWS\system32\TaskSwitch.exe () PRC - C:\WINDOWS\tppaldr.exe (In-System Design, Inc.) PRC - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Works Shared\WkCalRem.exe (Microsoft® Corporation) PRC - C:\Programme\EPSON\SMART PANEL\SmaPanel.exe (NewSoft) ========== Modules (SafeList) ========== MOD - E:\Software\Ab 17.04.2009\Download\Sicherheit\OTL.exe (OldTimer Tools) MOD - C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Real\RealPlayer\BrowserRecordPlugin\Chrome\Hook\rpchromebrowserrecordhelper.dll () MOD - C:\WINDOWS\system32\msvcr71.dll (Microsoft Corporation) MOD - C:\WINDOWS\system32\msscript.ocx (Microsoft Corporation) MOD - C:\WINDOWS\system32\BtMmHook.dll (Broadcom Corporation.) MOD - C:\Programme\Gemeinsame Dateien\logishrd\LVMVFM\LVPrcInj.dll (Logitech Inc.) MOD - C:\WINDOWS\system32\msvcp71.dll (Microsoft Corporation) ========== Win32 Services (SafeList) ========== ========== Driver Services (SafeList) ========== ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - prefs.js..browser.search.openintab: true FF - prefs.js..browser.search.selectedEngine: "Google Deutschland - auf Deutsch" FF - prefs.js..browser.search.useDBForOrder: true FF - prefs.js..browser.startup.homepage: "hxxp://www.taz.de/|hxxp://www.oya-online.de/" FF - prefs.js..extensions.enabledItems: en-GB@dictionaries.addons.mozilla.org:1.19 FF - prefs.js..extensions.enabledItems: {e1170235-2845-420c-acc3-42261a29dd46}:4.0.1 FF - prefs.js..extensions.enabledItems: pt-PT@dictionaries.addons.mozilla.org:9.10.13.6 FF - prefs.js..extensions.enabledItems: es-es@dictionaries.addons.mozilla.org:1.3.0 FF - prefs.js..extensions.enabledItems: {a0faa0a4-f1a7-4098-9a74-21efc3a92372}:4.0.0 FF - prefs.js..extensions.enabledItems: it-IT@dictionaries.addons.mozilla.org:3.1 FF - prefs.js..extensions.enabledItems: {DDC359D1-844A-42a7-9AA1-88A850A938A8}:1.1.10 FF - prefs.js..extensions.enabledItems: {D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}:0.9.7.1 FF - prefs.js..extensions.enabledItems: fb_add_on@avm.de:1.5.5 FF - prefs.js..extensions.enabledItems: {a7c6cf7f-112c-4500-a7ea-39801a327e5f}:1.0.9 FF - prefs.js..extensions.enabledItems: {0b457cAA-602d-484a-8fe7-c1d894a011ba}:0.85 FF - prefs.js..extensions.enabledItems: firebug@software.joehewitt.com:1.5.4 FF - prefs.js..extensions.enabledItems: {0538E3E3-7E9B-4d49-8831-A227C80A7AD3}:2.0.1 FF - prefs.js..extensions.enabledItems: {e4a8a97b-f2ed-450b-b12d-ee082ba24781}:0.8.20100408.6 FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0 FF - prefs.js..extensions.enabledItems: {28FAD68E-4001-48d5-B994-68069F7CFB1D}:0.4.7 FF - prefs.js..extensions.enabledItems: pagecompare_abk0680@yahoo.com:1.5 FF - prefs.js..extensions.enabledItems: {B17C1C5A-04B1-11DB-9804-B622A1EF5492}:1.2.1 FF - prefs.js..extensions.enabledItems: savecomplete@perlprogrammer.com:1.0.1 FF - prefs.js..extensions.enabledItems: {53A03D43-5363-4669-8190-99061B2DEBA5}:1.3.7 FF - prefs.js..extensions.enabledItems: {02450954-cdd9-410f-b1da-db804e18c671}:0.96.3 FF - prefs.js..extensions.enabledItems: {29c4afe1-db19-4298-8785-fcc94d1d6c1d}:0.6.2009110501 FF - prefs.js..extensions.enabledItems: {dc572301-7619-498c-a57d-39143191b318}:0.3.8.4 FF - prefs.js..extensions.enabledItems: tsvnmenu@pumacode.org:0.2.5 FF - prefs.js..extensions.enabledItems: {139a120b-c2ea-41d2-bf70-542d9f063dfd}:2.03.3 FF - prefs.js..extensions.enabledItems: {eecba28f-b68b-4b3a-b501-6ce12e6b8696}:0.7.2 FF - prefs.js..extensions.enabledItems: {c45c406e-ab73-11d8-be73-000a95be3b12}:1.1.8 FF - prefs.js..extensions.enabledItems: {ABDE892B-13A8-4d1b-88E6-365A6E755758}:1.1.5 FF - prefs.js..extensions.enabledItems: ietab@ip.cn:1.94.20100904 FF - prefs.js..extensions.enabledItems: metatags@porton.ex-code.com:2.3.5.2 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21 FF - prefs.js..extensions.enabledItems: {398e77b8-2304-11dc-8314-0800200c9a66}:0.3.13 FF - prefs.js..extensions.enabledItems: de_DE@dicts.j3e.de:20100720 FF - prefs.js..extensions.enabledItems: fr-moderne@dictionaries.addons.mozilla.org:3.8 FF - HKLM\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2010.09.07 00:35:46 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6.10\extensions\\Components: C:\Programme\Mozilla\Firefox\components [2010.09.17 12:18:07 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6.10\extensions\\Plugins: C:\Programme\Mozilla\Firefox\plugins [2010.09.17 12:24:17 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Thunderbird 3.1.4\extensions\\Components: C:\Programme\Mozilla Thunderbird\components [2010.09.17 12:18:07 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Thunderbird 3.1.4\extensions\\Plugins: C:\Programme\Mozilla Thunderbird\plugins [2010.01.19 19:43:44 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Extensions [2010.01.19 19:43:44 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6} [2010.09.27 19:47:49 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Firefox\Profiles\dv1sjd5g.default\extensions [2010.03.28 01:15:31 | 000,000,000 | ---D | M] (Screengrab) -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Firefox\Profiles\dv1sjd5g.default\extensions\{02450954-cdd9-410f-b1da-db804e18c671} [2010.09.16 14:28:25 | 000,000,000 | ---D | M] (Forecastfox Weather) -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Firefox\Profiles\dv1sjd5g.default\extensions\{0538E3E3-7E9B-4d49-8831-A227C80A7AD3} [2010.08.18 22:54:02 | 000,000,000 | ---D | M] (FireShot) -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Firefox\Profiles\dv1sjd5g.default\extensions\{0b457cAA-602d-484a-8fe7-c1d894a011ba} [2009.11.04 11:06:03 | 000,000,000 | ---D | M] (URL Link) -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Firefox\Profiles\dv1sjd5g.default\extensions\{139a120b-c2ea-41d2-bf70-542d9f063dfd} [2007.03.31 01:03:40 | 000,000,000 | ---D | M] (FlashGot) -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Firefox\Profiles\dv1sjd5g.default\extensions\{19503e42-ca3c-4c27-b1e2-9cdb2170ee34}(2) [2008.03.13 21:48:21 | 000,000,000 | ---D | M] (Image Zoom) -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Firefox\Profiles\dv1sjd5g.default\extensions\{1A2D0EC4-75F5-4c91-89C4-3656F6E44B68}(2) [2010.04.30 19:39:30 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Firefox\Profiles\dv1sjd5g.default\extensions\{20a82645-c095-46ed-80e3-08825760534b} [2010.01.29 15:55:11 | 000,000,000 | ---D | M] (MouseZoom) -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Firefox\Profiles\dv1sjd5g.default\extensions\{28FAD68E-4001-48d5-B994-68069F7CFB1D} [2009.11.12 19:20:16 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Firefox\Profiles\dv1sjd5g.default\extensions\{29c4afe1-db19-4298-8785-fcc94d1d6c1d} [2010.09.08 12:27:24 | 000,000,000 | ---D | M] (Minimap Addon) -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Firefox\Profiles\dv1sjd5g.default\extensions\{398e77b8-2304-11dc-8314-0800200c9a66} [2010.03.28 01:15:33 | 000,000,000 | ---D | M] (ScrapBook) -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Firefox\Profiles\dv1sjd5g.default\extensions\{53A03D43-5363-4669-8190-99061B2DEBA5} [2008.10.10 23:42:45 | 000,000,000 | ---D | M] (NoScript) -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Firefox\Profiles\dv1sjd5g.default\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}(2) [2010.08.12 23:42:20 | 000,000,000 | ---D | M] (DictionarySearch) -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Firefox\Profiles\dv1sjd5g.default\extensions\{a0faa0a4-f1a7-4098-9a74-21efc3a92372} [2008.03.02 22:09:45 | 000,000,000 | ---D | M] (DictionarySearch) -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Firefox\Profiles\dv1sjd5g.default\extensions\{a0faa0a4-f1a7-4098-9a74-21efc3a92372}(2) [2010.06.07 15:22:21 | 000,000,000 | ---D | M] (FireFTP) -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Firefox\Profiles\dv1sjd5g.default\extensions\{a7c6cf7f-112c-4500-a7ea-39801a327e5f} [2010.09.01 13:54:51 | 000,000,000 | ---D | M] (Password Exporter) -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Firefox\Profiles\dv1sjd5g.default\extensions\{B17C1C5A-04B1-11DB-9804-B622A1EF5492} [2008.03.13 21:48:20 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Firefox\Profiles\dv1sjd5g.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}(2) [2010.03.12 18:02:26 | 000,000,000 | ---D | M] (Web Developer) -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Firefox\Profiles\dv1sjd5g.default\extensions\{c45c406e-ab73-11d8-be73-000a95be3b12} [2010.09.01 13:54:50 | 000,000,000 | ---D | M] (Download Statusbar) -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Firefox\Profiles\dv1sjd5g.default\extensions\{D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389} [2010.06.23 19:06:15 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Firefox\Profiles\dv1sjd5g.default\extensions\{dc572301-7619-498c-a57d-39143191b318} [2008.10.10 23:42:43 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Firefox\Profiles\dv1sjd5g.default\extensions\{dc572301-7619-498c-a57d-39143191b318}(2) [2010.06.07 15:22:23 | 000,000,000 | ---D | M] (DownThemAll!) -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Firefox\Profiles\dv1sjd5g.default\extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8} [2010.01.23 20:58:38 | 000,000,000 | ---D | M] (Clipmarks) -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Firefox\Profiles\dv1sjd5g.default\extensions\{e1170235-2845-420c-acc3-42261a29dd46} [2010.04.09 17:27:54 | 000,000,000 | ---D | M] (Greasemonkey) -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Firefox\Profiles\dv1sjd5g.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781} [2010.08.18 22:54:05 | 000,000,000 | ---D | M] (ViewSourceWith) -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Firefox\Profiles\dv1sjd5g.default\extensions\{eecba28f-b68b-4b3a-b501-6ce12e6b8696} [2010.09.08 17:56:48 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Firefox\Profiles\dv1sjd5g.default\extensions\de_DE@dicts.j3e.de [2010.02.19 13:03:13 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Firefox\Profiles\dv1sjd5g.default\extensions\de-DE@dictionaries.addons.mozilla.org [2007.10.23 10:03:51 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Firefox\Profiles\dv1sjd5g.default\extensions\en-GB@dictionaries.addons.mozilla.org [2008.03.13 21:48:21 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Firefox\Profiles\dv1sjd5g.default\extensions\en-US@dictionaries.addons.mozilla(2).org [2009.12.11 23:12:00 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Firefox\Profiles\dv1sjd5g.default\extensions\es-es@dictionaries.addons.mozilla.org [2010.01.14 21:47:19 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Firefox\Profiles\dv1sjd5g.default\extensions\fb_add_on@avm.de [2010.05.07 13:38:37 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Firefox\Profiles\dv1sjd5g.default\extensions\firebug@software.joehewitt.com [2010.02.10 22:21:17 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Firefox\Profiles\dv1sjd5g.default\extensions\fr-FR@dictionaries.addons.mozilla.org [2010.09.08 17:56:48 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Firefox\Profiles\dv1sjd5g.default\extensions\fr-moderne@dictionaries.addons.mozilla.org [2010.09.16 14:28:31 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Firefox\Profiles\dv1sjd5g.default\extensions\ietab@ip.cn [2007.10.23 10:03:52 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Firefox\Profiles\dv1sjd5g.default\extensions\it-IT@dictionaries.addons.mozilla.org [2010.09.06 22:42:48 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Firefox\Profiles\dv1sjd5g.default\extensions\metatags@porton.ex-code.com [2010.01.29 15:55:11 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Firefox\Profiles\dv1sjd5g.default\extensions\pagecompare_abk0680@yahoo.com [2010.09.24 19:14:46 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Firefox\Profiles\dv1sjd5g.default\extensions\pt-PT@dictionaries.addons.mozilla.org [2009.04.11 23:26:34 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Firefox\Profiles\dv1sjd5g.default\extensions\savecomplete@perlprogrammer.com [2006.12.11 16:37:49 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Firefox\Profiles\dv1sjd5g.default\extensions\temp [2010.02.10 22:21:16 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Firefox\Profiles\dv1sjd5g.default\extensions\tsvnmenu@pumacode.org [2010.09.24 19:25:08 | 000,001,089 | ---- | M] () -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Firefox\Profiles\dv1sjd5g.default\searchplugins\astalavista.xml [2010.03.05 17:18:24 | 000,002,058 | ---- | M] () -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Firefox\Profiles\dv1sjd5g.default\searchplugins\astalavistams.xml [2006.11.17 20:43:24 | 000,002,088 | ---- | M] () -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Firefox\Profiles\dv1sjd5g.default\searchplugins\flickr-tags.xml [2009.07.02 10:25:13 | 000,001,157 | ---- | M] () -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Firefox\Profiles\dv1sjd5g.default\searchplugins\freedict.xml [2008.05.27 10:18:53 | 000,002,161 | ---- | M] () -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Firefox\Profiles\dv1sjd5g.default\searchplugins\google-deutschland.xml [2006.11.17 20:45:13 | 000,001,679 | ---- | M] () -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Firefox\Profiles\dv1sjd5g.default\searchplugins\imdb.xml [2010.09.24 19:25:08 | 000,002,008 | ---- | M] () -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Firefox\Profiles\dv1sjd5g.default\searchplugins\leo-de-en.xml [2010.09.24 19:25:08 | 000,002,016 | ---- | M] () -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Firefox\Profiles\dv1sjd5g.default\searchplugins\leo-de-es.xml [2010.09.24 19:25:08 | 000,002,020 | ---- | M] () -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Firefox\Profiles\dv1sjd5g.default\searchplugins\leo-de-fr.xml [2008.06.03 11:49:07 | 000,001,082 | ---- | M] () -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Firefox\Profiles\dv1sjd5g.default\searchplugins\lonely-planet-online.xml [2010.09.24 19:25:08 | 000,001,481 | ---- | M] () -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Firefox\Profiles\dv1sjd5g.default\searchplugins\map24de.xml [2008.06.03 11:49:06 | 000,001,317 | ---- | M] () -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Firefox\Profiles\dv1sjd5g.default\searchplugins\wikipedia-en.xml [2010.08.15 16:04:13 | 000,004,140 | ---- | M] () -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Firefox\Profiles\dv1sjd5g.default\searchplugins\youtube.xml O1 HOSTS File: ([2004.08.04 05:00:00 | 000,000,820 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated) O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer) O2 - BHO: (DriveLetterAccess) - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\DLASHX_W.DLL (Sonic Solutions) O2 - BHO: (no name) - {BDF3E430-B101-42AD-A544-FADC6B084872} - No CLSID value found. O3 - HKCU\..\Toolbar\ShellBrowser: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No CLSID value found. O4 - HKLM..\Run: [] File not found O4 - HKLM..\Run: [ACTray] C:\Programme\ThinkPad\ConnectUtilities\ACTray.exe (Lenovo ) O4 - HKLM..\Run: [ACWLIcon] C:\Programme\ThinkPad\ConnectUtilities\ACWLIcon.exe (Lenovo ) O4 - HKLM..\Run: [Adobe ARM] C:\Programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [AppleSyncNotifier] C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe (Apple Inc.) O4 - HKLM..\Run: [avast5] C:\Programme\Alwil Software\Avast5\avastUI.exe (AVAST Software) O4 - HKLM..\Run: [BLOG] C:\Programme\ThinkPad\Utilities\BATLOGEX.DLL () O4 - HKLM..\Run: [BluetoothAuthenticationAgent] C:\WINDOWS\System32\bthprops.cpl (Microsoft Corporation) O4 - HKLM..\Run: [CoolSwitch] C:\WINDOWS\system32\TaskSwitch.exe () O4 - HKLM..\Run: [DLA] C:\WINDOWS\system32\dla\DLACTRLW.EXE (Sonic Solutions) O4 - HKLM..\Run: [EZEJMNAP] C:\Programme\ThinkPad\Utilities\EZEJMNAP.EXE (Lenovo Group Ltd.) O4 - HKLM..\Run: [FinePrint Dispatcher v4] C:\WINDOWS\system32\spool\drivers\w32x86\2\fpdisp4.exe (FinePrint Software, LLC) O4 - HKLM..\Run: [ibmmessages] C:\Programme\IBM\Messages By IBM\ibmmessages.exe (IBM) O4 - HKLM..\Run: [IBMPRC] C:\IBMTOOLS\utils\ibmprc.exe (IBM Corp.) O4 - HKLM..\Run: [ISUSPM Startup] C:\Programme\Gemeinsame Dateien\InstallShield\UpdateService\ISUSPM.exe (InstallShield Software Corporation) O4 - HKLM..\Run: [ISUSScheduler] C:\Programme\Gemeinsame Dateien\InstallShield\UpdateService\issch.exe (InstallShield Software Corporation) O4 - HKLM..\Run: [KernelFaultCheck] File not found O4 - HKLM..\Run: [LogitechCommunicationsManager] C:\Programme\Gemeinsame Dateien\LogiShrd\LComMgr\Communications_Helper.exe (Logitech Inc.) O4 - HKLM..\Run: [LogitechQuickCamRibbon] C:\Programme\Logitech\QuickCam10\QuickCam10.exe () O4 - HKLM..\Run: [Message Center Plus] C:\Programme\LENOVO\Message Center Plus\MCPLaunch.exe () O4 - HKLM..\Run: [Microsoft Works Portfolio] C:\Programme\Microsoft Works\WksSb.exe (Microsoft® Corporation) O4 - HKLM..\Run: [Microsoft Works Update Detection] C:\Programme\Gemeinsame Dateien\Microsoft Shared\Works Shared\WkUFind.exe (Microsoft® Corporation) O4 - HKLM..\Run: [PWRMGRTR] C:\Programme\ThinkPad\Utilities\PWRMGRTR.DLL (Lenovo Group Limited) O4 - HKLM..\Run: [RemoteControl] C:\Programme\Home Cinema\PowerDVD\PDVDServ.exe (Cyberlink Corp.) O4 - HKLM..\Run: [SmcService] C:\Programme\Sygate\SPF\Smc.exe (Sygate Technologies, Inc.) O4 - HKLM..\Run: [snp2std] C:\WINDOWS\vsnp2std.exe (Sonix) O4 - HKLM..\Run: [SoundMAX] C:\Programme\Analog Devices\SoundMAX\Smax4.exe (Analog Devices, Inc.) O4 - HKLM..\Run: [SoundMAXPnP] C:\Programme\Analog Devices\SoundMAX\SMax4PNP.exe (Analog Devices, Inc.) O4 - HKLM..\Run: [StartCCC] C:\Programme\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.) O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe (Sun Microsystems, Inc.) O4 - HKLM..\Run: [SynTPLpr] C:\Programme\Synaptics\SynTP\SynTPLpr.exe (Synaptics Incorporated) O4 - HKLM..\Run: [TkBellExe] C:\Programme\Gemeinsame Dateien\Real\Update_OB\realsched.exe (RealNetworks, Inc.) O4 - HKLM..\Run: [TortoiseHgOverlayIconServer] C:\Programme\TortoiseHg\TortoiseHgOverlayServer.exe () O4 - HKLM..\Run: [TP4EX] C:\WINDOWS\System32\TP4EX.exe (Lenovo Group Limited) O4 - HKLM..\Run: [TPHOTKEY] C:\Programme\Lenovo\HOTKEY\TPOSDSVC.exe (Lenovo Group Limited) O4 - HKLM..\Run: [TPKBDLED] C:\WINDOWS\system32\TpScrLk.exe () O4 - HKLM..\Run: [TPKMAPHELPER] C:\Programme\ThinkPad\Utilities\TpKmapAp.exe (IBM Corp.) O4 - HKLM..\Run: [TPP Auto Loader] C:\WINDOWS\tppaldr.exe (In-System Design, Inc.) O4 - HKLM..\Run: [TpShocks] C:\WINDOWS\System32\TpShocks.exe (Lenovo.) O4 - HKLM..\Run: [tsnp2std] C:\WINDOWS\tsnp2std.exe (SONIX) O4 - HKLM..\Run: [TVT Scheduler Proxy] C:\Programme\Gemeinsame Dateien\Lenovo\Scheduler\scheduler_proxy.exe (Lenovo Group Limited) O4 - HKCU..\Run: [AVMUSBFernanschluss] C:\Dokumente und Einstellungen\***\Lokale Einstellungen\Apps\2.0\CDYO31ZO.VG2\OEZVKJ02.55X\frit..tion_f8d772dfbb3f7453_0002.0001_0db5bf169ed5c0c1\AVMAutoStart.exe (AVM Berlin) O4 - HKCU..\Run: [IBM RecordNow!] C:\Programme\IBM\Messages By IBM\ibmmessages.exe (IBM) O4 - HKCU..\Run: [ibmmessages] C:\Programme\IBM\Messages By IBM\ibmmessages.exe (IBM) O4 - HKCU..\Run: [Microsoft Works Update Detection] C:\Programme\Microsoft Works\WkDetect.exe File not found O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\BTTray.lnk = C:\Programme\ThinkPad\Bluetooth Software\BTTray.exe (Broadcom Corporation.) O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\Digital Line Detect.lnk = C:\Program Files\Digital Line Detect\DLG.exe (BVRP Software) O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\EPSON SMART PANEL.lnk = C:\Programme\EPSON\SMART PANEL\SmaPanel.exe (NewSoft) O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\EPSON Status Monitor 3 Environment Check.lnk = C:\WINDOWS\system32\spool\drivers\w32x86\3\E_SRCV03.EXE (SEIKO EPSON CORPORATION) O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\Erinnerungen in Microsoft Works-Kalender.lnk = C:\Programme\Gemeinsame Dateien\Microsoft Shared\Works Shared\WkCalRem.exe (Microsoft® Corporation) O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\Fax-Controller.lnk = C:\Programme\EPSON\SMART PANEL\faxicore.exe (NewSoft Technology Corporation) O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\Telefonverbindungsmonitor.lnk = C:\Programme\Sony Ericsson\Mobile\audevicemgr.exe (Teleca Software Solutions AB) O4 - Startup: C:\Dokumente und Einstellungen\***\Startmenü\Programme\Autostart\FRITZ!DSL Protect.lnk = C:\Programme\FRITZ!DSL\FwebProt.exe (AVM Berlin) O4 - Startup: C:\Dokumente und Einstellungen\***\Startmenü\Programme\Autostart\FRITZ!DSL Startcenter.lnk = C:\Programme\FRITZ!DSL\StCenter.exe (AVM Berlin) O4 - Startup: C:\Dokumente und Einstellungen\***\Startmenü\Programme\Autostart\HotSync Manager.lnk = C:\Programme\Palm\Handspring\HOTSYNC.EXE (Palm, Inc.) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O8 - Extra context menu item: Senden an &Bluetooth-Gerät... - C:\Programme\ThinkPad\Bluetooth Software\btsendto_ie_ctx.htm () O8 - Extra context menu item: Senden an Bluetooth - C:\Programme\ThinkPad\Bluetooth Software\btsendto_ie.htm () O9 - Extra Button: Run WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Programme\WinHTTrack\WinHTTrackIEBar.dll () O9 - Extra 'Tools' menuitem : Launch WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Programme\WinHTTrack\WinHTTrackIEBar.dll () O9 - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\ThinkPad\Bluetooth Software\btsendto_ie.htm () O9 - Extra 'Tools' menuitem : @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\ThinkPad\Bluetooth Software\btsendto_ie.htm () O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Programme\FRITZ!DSL\\sarah.dll () O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Programme\FRITZ!DSL\sarah.dll (AVM Berlin) O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Programme\FRITZ!DSL\sarah.dll (AVM Berlin) O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Programme\FRITZ!DSL\sarah.dll (AVM Berlin) O10 - Protocol_Catalog9\Catalog_Entries\000000000037 - C:\Programme\FRITZ!DSL\sarah.dll (AVM Berlin) O15 - HKCU\..Trusted Domains: fritz.box ([]* in Lokales Intranet) O15 - HKCU\..Trusted Ranges: Range1 ([*] in Lokales Intranet) O16 - DPF: {106E49CF-797A-11D2-81A2-00E02C015623} hxxp://www.alternatiff.com/install-ie/alttiff.cab (AlternaTIFF ActiveX) O16 - DPF: {15A7CF10-CB3E-4265-8779-9FD22619E8ED} hxxp://192.168.1.205/XPanel.cab (XPanel Class) O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} hxxp://go.microsoft.com/fwlink/?linkid=39204 (Windows Genuine Advantage Validation Tool) O16 - DPF: {2DAD3559-2923-4935-AD49-B673D2539944} hxxp://www-307.ibm.com/pc/support/acpir.cab (IASRunner Class) O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} hxxp://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1164927521531 (MUWebControl Class) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21) O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} hxxp://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab (Reg Error: Key error.) O16 - DPF: {CAFEEFAC-0014-0002-0000-ABCDEFFEDCBA} hxxp://java.sun.com/products/plugin/1.4.2/jinstall-142-win.cab (Reg Error: Key error.) O16 - DPF: {CAFEEFAC-0015-0000-0010-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_10-windows-i586.cab (Reg Error: Key error.) O16 - DPF: {CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0-windows-i586.cab (Reg Error: Key error.) O16 - DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21) O16 - DPF: {F74959B0-1779-472E-BE6E-3023E1DBEC73} hxxp://192.168.1.205/XInit.cab (Reg Error: Key error.) O16 - DPF: Microsoft XML Parser for Java file://C:\WINDOWS\Java\classes\xmldso.cab (Reg Error: Key error.) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1 O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll (Microsoft Corporation) O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll (Microsoft Corporation) O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll (Microsoft Corporation) O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll (Microsoft Corporation) O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll (Microsoft Corporation) O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation) O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Gemeinsame Dateien\Skype\Skype4COM.dll (Skype Technologies) O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O20 - Winlogon\Notify\ACNotify: DllName - ACNotify.dll - C:\Programme\ThinkPad\ConnectUtilities\ACNotify.dll (Lenovo ) O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.) O20 - Winlogon\Notify\tpfnf2: DllName - C:\Programme\Lenovo\HOTKEY\notifyf2.dll - C:\Programme\Lenovo\HOTKEY\notifyf2.dll () O20 - Winlogon\Notify\tphotkey: DllName - C:\Programme\Lenovo\HOTKEY\tphklock.dll - C:\Programme\Lenovo\HOTKEY\tphklock.dll () O24 - Desktop Components:0 (Die derzeitige Homepage) - About:Home O24 - Desktop WallPaper: C:\Dokumente und Einstellungen\***\Lokale Einstellungen\Anwendungsdaten\Microsoft\Wallpaper1.bmp O24 - Desktop BackupWallPaper: C:\Dokumente und Einstellungen\***\Lokale Einstellungen\Anwendungsdaten\Microsoft\Wallpaper1.bmp O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2006.09.27 10:02:05 | 000,000,000 | -H-- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O32 - AutoRun File - [2003.10.20 15:35:04 | 000,000,042 | ---- | M] () - F:\autoexec.rod -- [ FAT32 ] O32 - AutoRun File - [2003.10.20 15:35:04 | 000,000,042 | ---- | M] () - F:\AUTOEXEC.BAT -- [ FAT32 ] O32 - AutoRun File - [2003.10.20 15:35:04 | 000,000,042 | ---- | M] () - F:\AUTOEXEC.ICR -- [ FAT32 ] O32 - AutoRun File - [2003.10.20 15:35:04 | 000,000,042 | ---- | M] () - G:\autoexec.rod -- [ FAT32 ] O32 - AutoRun File - [2003.10.20 15:35:04 | 000,000,042 | ---- | M] () - G:\AUTOEXEC.BAT -- [ FAT32 ] O32 - AutoRun File - [2003.10.20 15:35:04 | 000,000,042 | ---- | M] () - G:\AUTOEXEC.ICR -- [ FAT32 ] O33 - MountPoints2\{12570190-b56a-11dc-ab3d-000e9bda3b35}\Shell - "" = AutoRun O33 - MountPoints2\{12570190-b56a-11dc-ab3d-000e9bda3b35}\Shell\AutoRun - "" = Auto&Play O33 - MountPoints2\{12570190-b56a-11dc-ab3d-000e9bda3b35}\Shell\AutoRun\command - "" = F:\pushinst.exe -- File not found O33 - MountPoints2\{91a2d536-d712-11db-aaea-000e9bda3b35}\Shell - "" = AutoRun O33 - MountPoints2\{91a2d536-d712-11db-aaea-000e9bda3b35}\Shell\AutoRun - "" = Auto&Play O33 - MountPoints2\{91a2d536-d712-11db-aaea-000e9bda3b35}\Shell\AutoRun\command - "" = F:\LaunchU3.exe -- File not found O33 - MountPoints2\{91a2d537-d712-11db-aaea-000e9bda3b35}\Shell\AutoRun\command - "" = G:\PortableApps\PortableAppsMenu\PortableAppsMenu.exe -- File not found O33 - MountPoints2\{f4f57244-35da-11de-9605-00505b002aa8}\Shell - "" = AutoRun O33 - MountPoints2\{f4f57244-35da-11de-9605-00505b002aa8}\Shell\AutoRun - "" = Auto&Play O33 - MountPoints2\{f4f57244-35da-11de-9605-00505b002aa8}\Shell\AutoRun\command - "" = H:\LaunchU3.exe -- File not found O34 - HKLM BootExecute: (autocheck autochk *) - File not found O34 - HKLM BootExecute: (pgdfgsvc c 1) - C:\WINDOWS\System32\pgdfgsvc.exe (Sysinternals - www.sysinternals.com) O34 - HKLM BootExecute: (lsdelete) - C:\WINDOWS\System32\lsdelete.exe () O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* ========== Files/Folders - Created Within 30 Days ========== [2010.09.16 18:36:50 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Malwarebytes [2010.09.16 18:36:33 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys [2010.09.16 18:36:31 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys [2010.09.16 18:36:31 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Malwarebytes [2010.09.16 18:36:30 | 000,000,000 | ---D | C] -- C:\Programme\Malwarebytes' Anti-Malware [2010.09.09 01:36:21 | 000,165,584 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSP.sys [2010.09.09 01:36:21 | 000,017,744 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys [2010.09.09 01:36:20 | 000,023,376 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys [2010.09.09 01:36:19 | 000,046,672 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys [2010.09.09 01:36:18 | 000,100,176 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys [2010.09.09 01:36:18 | 000,094,544 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon.sys [2010.09.09 01:36:17 | 000,028,880 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys [2010.09.09 01:36:05 | 000,167,592 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\aswBoot.exe [2010.09.09 01:36:05 | 000,038,848 | ---- | C] (AVAST Software) -- C:\WINDOWS\avastSS.scr [2010.09.09 01:35:57 | 000,000,000 | ---D | C] -- C:\Programme\Alwil Software [2010.09.09 01:35:57 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Alwil Software [2010.09.08 11:17:46 | 000,094,208 | ---- | C] (Apple Inc.) -- C:\WINDOWS\System32\QuickTimeVR.qtx [2010.09.08 11:17:46 | 000,069,632 | ---- | C] (Apple Inc.) -- C:\WINDOWS\System32\QuickTime.qts [2010.09.07 00:34:37 | 000,000,000 | ---D | C] -- C:\Programme\Gemeinsame Dateien\xing shared [2010.09.07 00:01:40 | 000,153,376 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe [2010.09.07 00:01:40 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe [2010.09.07 00:01:40 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe [2010.08.30 20:28:30 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\vlc [2007.12.13 22:41:16 | 000,151,552 | ---- | C] ( ) -- C:\WINDOWS\System32\rsnp2std.dll [2007.12.13 22:41:14 | 000,077,824 | ---- | C] ( ) -- C:\WINDOWS\System32\csnp2std.dll [2006.11.14 01:13:40 | 000,021,866 | ---- | C] (In-System Design, Inc.) -- C:\Programme\Gemeinsame Dateien\tppupd2k.dll [2004.11.24 21:25:52 | 000,335,872 | ---- | C] ( ) -- C:\WINDOWS\System32\drvc.dll [7 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [4 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2010.09.28 15:52:54 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT [2010.09.28 15:50:51 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2010.09.28 15:50:41 | 2145,832,960 | -HS- | M] () -- C:\hiberfil.sys [2010.09.28 14:21:51 | 015,990,784 | ---- | M] () -- C:\Dokumente und Einstellungen\***\ntuser.dat [2010.09.28 14:21:46 | 000,000,300 | -HS- | M] () -- C:\Dokumente und Einstellungen\***\ntuser.ini [2010.09.28 14:21:31 | 006,291,456 | -H-- | M] () -- C:\Dokumente und Einstellungen\***\Lokale Einstellungen\Anwendungsdaten\IconCache.db [2010.09.28 14:20:05 | 000,000,266 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-999901472-3601035388-3065584919-1005.job [2010.09.28 14:19:54 | 000,001,078 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job [2010.09.28 13:59:04 | 000,000,274 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-999901472-3601035388-3065584919-1005.job [2010.09.28 13:47:00 | 000,001,082 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job [2010.09.27 18:44:41 | 000,000,296 | ---- | M] () -- C:\WINDOWS\tasks\PMTask.job [2010.09.27 18:44:09 | 000,002,278 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2010.09.20 19:45:17 | 000,001,797 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Logitech QuickCam.lnk [2010.09.16 20:09:02 | 000,000,276 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job [2010.09.15 23:05:26 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK [2010.09.09 01:36:22 | 000,001,672 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\avast! Free Antivirus.lnk [2010.09.09 01:36:18 | 000,003,002 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT [2010.09.08 11:17:46 | 000,094,208 | ---- | M] (Apple Inc.) -- C:\WINDOWS\System32\QuickTimeVR.qtx [2010.09.08 11:17:46 | 000,069,632 | ---- | M] (Apple Inc.) -- C:\WINDOWS\System32\QuickTime.qts [2010.09.07 17:12:17 | 000,038,848 | ---- | M] (AVAST Software) -- C:\WINDOWS\avastSS.scr [2010.09.07 17:11:54 | 000,167,592 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\aswBoot.exe [2010.09.07 16:52:25 | 000,046,672 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys [2010.09.07 16:52:03 | 000,165,584 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSP.sys [2010.09.07 16:47:46 | 000,023,376 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys [2010.09.07 16:47:19 | 000,100,176 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys [2010.09.07 16:47:16 | 000,094,544 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon.sys [2010.09.07 16:47:07 | 000,017,744 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys [2010.09.07 16:46:51 | 000,028,880 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys [2010.09.07 00:35:47 | 000,000,821 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\RealPlayer SP.lnk [2010.09.07 00:35:17 | 000,185,920 | ---- | M] (RealNetworks, Inc.) -- C:\WINDOWS\System32\rmoc3260.dll [2010.09.07 00:34:54 | 000,006,656 | ---- | M] (RealNetworks, Inc.) -- C:\WINDOWS\System32\pndx5016.dll [2010.09.07 00:34:54 | 000,005,632 | ---- | M] (RealNetworks, Inc.) -- C:\WINDOWS\System32\pndx5032.dll [2010.09.07 00:33:10 | 000,278,528 | ---- | M] (Real Networks, Inc) -- C:\WINDOWS\System32\pncrt.dll [2010.09.07 00:10:45 | 000,001,717 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Adobe Reader 9.lnk [2010.09.02 00:07:28 | 000,168,088 | ---- | M] () -- C:\Dokumente und Einstellungen\***\Lokale Einstellungen\Anwendungsdaten\GDIPFONTCACHEV1.DAT [2010.09.02 00:04:08 | 000,505,008 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2010.09.01 22:37:21 | 000,000,699 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\VLC media player.lnk [7 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [4 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] ========== Files Created - No Company Name ========== [2010.09.09 01:36:22 | 000,001,672 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\avast! Free Antivirus.lnk [2010.09.07 00:35:47 | 000,000,821 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\RealPlayer SP.lnk [2010.09.01 22:37:21 | 000,000,699 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\VLC media player.lnk [2010.04.13 21:40:03 | 000,014,848 | ---- | C] () -- C:\WINDOWS\System32\EuEpmGdi.dll [2010.04.13 21:40:03 | 000,013,192 | ---- | C] () -- C:\WINDOWS\System32\epmntdrv.sys [2010.04.13 21:40:03 | 000,008,456 | ---- | C] () -- C:\WINDOWS\System32\EuGdiDrv.sys [2010.04.12 01:17:54 | 000,000,600 | ---- | C] () -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\winscp.rnd [2009.10.21 03:54:22 | 000,007,168 | ---- | C] () -- C:\WINDOWS\System32\drivers\StarOpen.sys [2009.10.17 01:55:02 | 000,000,000 | ---- | C] () -- C:\WINDOWS\QuickInstall.INI [2009.10.06 09:11:50 | 000,091,648 | ---- | C] () -- C:\WINDOWS\System32\lua5.1a.dll [2009.04.11 21:25:54 | 000,721,904 | ---- | C] () -- C:\WINDOWS\System32\drivers\sptd.sys [2008.12.19 18:51:56 | 000,000,734 | ---- | C] () -- C:\WINDOWS\wiso.ini [2008.11.19 17:39:26 | 000,000,011 | ---- | C] () -- C:\WINDOWS\cmvpt32.ini [2008.11.19 17:38:46 | 000,884,736 | ---- | C] () -- C:\WINDOWS\System32\libeay32.dll [2008.11.19 17:38:46 | 000,163,840 | ---- | C] () -- C:\WINDOWS\System32\SSLeay32.dll [2008.11.19 10:53:59 | 000,109,568 | ---- | C] () -- C:\WINDOWS\System32\GCL52FW.DLL [2008.11.19 10:48:43 | 000,204,800 | ---- | C] () -- C:\WINDOWS\System32\Cmpnl32.dll [2008.11.19 10:48:43 | 000,118,784 | ---- | C] () -- C:\WINDOWS\System32\GCL52FWZ.DLL [2008.11.19 10:48:42 | 000,102,400 | ---- | C] () -- C:\WINDOWS\System32\CMUpdate.dll [2008.03.20 23:39:08 | 000,000,030 | ---- | C] () -- C:\Programme\Exiferupdate.ini [2008.03.03 00:55:21 | 000,661,504 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll [2008.03.03 00:55:21 | 000,221,184 | ---- | C] () -- C:\WINDOWS\System32\ff_kernelDeint.dll [2008.03.03 00:55:21 | 000,200,704 | ---- | C] () -- C:\WINDOWS\System32\TomsMoComp_ff.dll [2008.03.03 00:55:21 | 000,126,976 | ---- | C] () -- C:\WINDOWS\System32\libmpeg2_ff.dll [2008.03.03 00:55:21 | 000,006,656 | ---- | C] () -- C:\WINDOWS\System32\ffavisynth.dll [2008.03.03 00:55:20 | 000,397,312 | ---- | C] () -- C:\WINDOWS\System32\ff_libfaad2.dll [2008.03.03 00:55:20 | 000,172,032 | ---- | C] () -- C:\WINDOWS\System32\ff_libdts.dll [2008.03.03 00:55:20 | 000,143,360 | ---- | C] () -- C:\WINDOWS\System32\ff_libmad.dll [2008.03.03 00:55:20 | 000,135,168 | ---- | C] () -- C:\WINDOWS\System32\ff_samplerate.dll [2008.03.03 00:55:20 | 000,118,784 | ---- | C] () -- C:\WINDOWS\System32\ff_realaac.dll [2008.03.03 00:55:20 | 000,102,912 | ---- | C] () -- C:\WINDOWS\System32\ff_tremor.dll [2008.03.03 00:55:20 | 000,056,832 | ---- | C] () -- C:\WINDOWS\System32\ff_unrar.dll [2008.03.03 00:55:20 | 000,054,784 | ---- | C] () -- C:\WINDOWS\System32\ff_liba52.dll [2008.02.14 14:55:42 | 000,000,032 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\ezsid.dat [2008.01.14 20:50:44 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\ZSubTimer.dll [2008.01.10 13:40:29 | 000,015,360 | ---- | C] () -- C:\WINDOWS\System32\evntmsg.dll [2008.01.04 16:13:58 | 000,073,728 | ---- | C] () -- C:\WINDOWS\System32\DEVMAN.DLL [2007.12.24 13:47:52 | 000,007,680 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll [2007.12.24 13:40:26 | 000,405,504 | ---- | C] () -- C:\WINDOWS\System32\libmplayer.dll [2007.12.23 14:00:00 | 000,147,456 | ---- | C] () -- C:\WINDOWS\System32\Merge7z444.dll [2007.12.23 14:00:00 | 000,147,456 | ---- | C] () -- C:\WINDOWS\System32\Merge7z443.dll [2007.12.23 14:00:00 | 000,147,456 | ---- | C] () -- C:\WINDOWS\System32\Merge7z442.dll [2007.12.23 14:00:00 | 000,147,456 | ---- | C] () -- C:\WINDOWS\System32\Merge7z440.dll [2007.12.23 14:00:00 | 000,147,456 | ---- | C] () -- C:\WINDOWS\System32\Merge7z439.dll [2007.12.23 14:00:00 | 000,147,456 | ---- | C] () -- C:\WINDOWS\System32\Merge7z438.dll [2007.12.23 14:00:00 | 000,147,456 | ---- | C] () -- C:\WINDOWS\System32\Merge7z437.dll [2007.12.23 14:00:00 | 000,147,456 | ---- | C] () -- C:\WINDOWS\System32\Merge7z436.dll [2007.12.23 14:00:00 | 000,147,456 | ---- | C] () -- C:\WINDOWS\System32\Merge7z435.dll [2007.12.23 14:00:00 | 000,147,456 | ---- | C] () -- C:\WINDOWS\System32\Merge7z434.dll [2007.12.23 14:00:00 | 000,147,456 | ---- | C] () -- C:\WINDOWS\System32\Merge7z433.dll [2007.12.23 14:00:00 | 000,147,456 | ---- | C] () -- C:\WINDOWS\System32\Merge7z432.dll [2007.12.23 14:00:00 | 000,143,360 | ---- | C] () -- C:\WINDOWS\System32\Merge7z444U.dll [2007.12.23 14:00:00 | 000,143,360 | ---- | C] () -- C:\WINDOWS\System32\Merge7z443U.dll [2007.12.23 14:00:00 | 000,143,360 | ---- | C] () -- C:\WINDOWS\System32\Merge7z442U.dll [2007.12.23 14:00:00 | 000,143,360 | ---- | C] () -- C:\WINDOWS\System32\Merge7z440U.dll [2007.12.23 14:00:00 | 000,143,360 | ---- | C] () -- C:\WINDOWS\System32\Merge7z439U.dll [2007.12.23 14:00:00 | 000,143,360 | ---- | C] () -- C:\WINDOWS\System32\Merge7z438U.dll [2007.12.23 14:00:00 | 000,143,360 | ---- | C] () -- C:\WINDOWS\System32\Merge7z437U.dll [2007.12.23 14:00:00 | 000,143,360 | ---- | C] () -- C:\WINDOWS\System32\Merge7z436U.dll [2007.12.23 14:00:00 | 000,143,360 | ---- | C] () -- C:\WINDOWS\System32\Merge7z435U.dll [2007.12.23 14:00:00 | 000,143,360 | ---- | C] () -- C:\WINDOWS\System32\Merge7z434U.dll [2007.12.23 14:00:00 | 000,143,360 | ---- | C] () -- C:\WINDOWS\System32\Merge7z433U.dll [2007.12.23 14:00:00 | 000,143,360 | ---- | C] () -- C:\WINDOWS\System32\Merge7z432U.dll [2007.12.22 22:02:50 | 000,188,416 | ---- | C] () -- C:\WINDOWS\System32\ff_theora.dll [2007.12.22 21:27:22 | 003,138,048 | ---- | C] () -- C:\WINDOWS\System32\libavcodec.dll [2007.12.13 22:41:22 | 000,015,497 | ---- | C] () -- C:\WINDOWS\snp2std.ini [2007.12.13 22:41:20 | 000,025,472 | ---- | C] () -- C:\WINDOWS\System32\drivers\sncamd.sys [2007.12.13 22:41:19 | 012,039,552 | ---- | C] () -- C:\WINDOWS\System32\drivers\snp2sxp.sys [2007.12.13 19:18:03 | 000,000,719 | R--- | C] () -- C:\WINDOWS\System32\InstExec.ini [2007.12.13 19:17:25 | 000,057,126 | ---- | C] () -- C:\WINDOWS\System32\lvcoinst.ini [2007.12.07 16:15:39 | 000,001,260 | ---- | C] () -- C:\WINDOWS\_delis32.ini [2007.12.03 16:34:32 | 000,026,624 | ---- | C] () -- C:\WINDOWS\System32\ff_wmv9.dll [2007.12.01 13:43:30 | 000,541,696 | ---- | C] () -- C:\WINDOWS\System32\ff_x264.dll [2007.11.29 12:52:36 | 000,000,547 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll.manifest [2007.11.26 16:56:04 | 002,842,624 | ---- | C] () -- C:\WINDOWS\System32\btwicons.dll [2007.11.26 16:43:48 | 000,077,824 | ---- | C] () -- C:\WINDOWS\System32\btprn2k.dll [2007.09.04 23:56:09 | 000,363,520 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll [2007.09.04 23:44:27 | 000,198,144 | ---- | C] () -- C:\WINDOWS\System32\_psisdecd.dll [2007.02.27 18:12:06 | 000,143,360 | ---- | C] () -- C:\WINDOWS\System32\USBaccess.dll [2007.02.06 18:45:04 | 000,025,632 | ---- | C] () -- C:\WINDOWS\System32\drivers\LVPr2Mon.sys [2007.02.06 18:42:40 | 001,691,808 | ---- | C] () -- C:\WINDOWS\System32\drivers\Lvckap.sys [2007.01.29 00:03:03 | 000,000,000 | ---- | C] () -- C:\WINDOWS\IROTVIEW.INI [2007.01.28 21:23:40 | 000,000,275 | ---- | C] () -- C:\WINDOWS\ddespy.ini [2007.01.10 14:00:41 | 000,001,571 | ---- | C] () -- C:\WINDOWS\Faxcpp1.ini [2007.01.10 14:00:41 | 000,000,422 | ---- | C] () -- C:\WINDOWS\Faxcpp.ini [2007.01.10 12:52:58 | 000,000,029 | ---- | C] () -- C:\WINDOWS\DEBUGSM.INI [2006.12.30 20:09:45 | 000,000,240 | ---- | C] () -- C:\WINDOWS\BUHL.INI [2006.12.24 23:39:33 | 000,000,040 | ---- | C] () -- C:\WINDOWS\iltwain.ini [2006.12.24 22:11:08 | 000,000,754 | ---- | C] () -- C:\WINDOWS\WORDPAD.INI [2006.12.21 02:21:58 | 000,144,656 | ---- | C] () -- C:\WINDOWS\System32\FAMCOM.dll [2006.12.20 22:10:03 | 000,044,544 | ---- | C] () -- C:\WINDOWS\System32\Gif89.dll [2006.12.19 18:39:09 | 000,110,642 | ---- | C] () -- C:\WINDOWS\System32\pdfmona.dll [2006.12.19 18:39:09 | 000,043,252 | ---- | C] () -- C:\WINDOWS\System32\pdfmon.dll [2006.12.09 02:04:03 | 000,000,687 | ---- | C] () -- C:\WINDOWS\cdplayer.ini [2006.11.30 22:27:01 | 000,000,000 | ---- | C] () -- C:\WINDOWS\FoneSync.INI [2006.11.30 18:30:30 | 000,000,126 | ---- | C] () -- C:\WINDOWS\mdm.ini [2006.11.30 17:45:46 | 000,000,037 | ---- | C] () -- C:\WINDOWS\Viewer.ini [2006.11.30 17:38:48 | 000,000,151 | ---- | C] () -- C:\WINDOWS\ccard100.ini [2006.11.30 17:37:13 | 000,007,901 | ---- | C] () -- C:\WINDOWS\MSACC20.INI [2006.11.30 17:30:38 | 000,001,245 | ---- | C] () -- C:\WINDOWS\ODBC.INI [2006.11.30 17:30:38 | 000,000,061 | ---- | C] () -- C:\WINDOWS\odbcisam.ini [2006.11.30 17:30:37 | 000,000,914 | ---- | C] () -- C:\WINDOWS\MSOFFICE.INI [2006.11.30 17:30:29 | 000,000,124 | ---- | C] () -- C:\WINDOWS\GRAPH5.INI [2006.11.30 17:30:21 | 000,002,640 | ---- | C] () -- C:\WINDOWS\WINWORD6.INI [2006.11.30 17:30:18 | 000,000,329 | ---- | C] () -- C:\WINDOWS\EXCEL5.INI [2006.11.30 17:30:17 | 000,000,239 | ---- | C] () -- C:\WINDOWS\Winhelp.ini [2006.11.30 17:30:17 | 000,000,110 | ---- | C] () -- C:\WINDOWS\msquery.ini [2006.11.30 17:30:08 | 000,000,535 | ---- | C] () -- C:\WINDOWS\MSTXTCNV.INI [2006.11.30 17:30:06 | 000,002,122 | ---- | C] () -- C:\WINDOWS\MSFNTMAP.INI [2006.11.30 17:30:06 | 000,000,280 | ---- | C] () -- C:\WINDOWS\TTEMBED.INI [2006.11.30 15:01:49 | 000,000,266 | ---- | C] () -- C:\WINDOWS\VISITE.INI [2006.11.30 15:00:13 | 000,005,230 | ---- | C] () -- C:\WINDOWS\TOPDRAW.INI [2006.11.30 14:26:24 | 000,112,688 | ---- | C] () -- C:\WINDOWS\System32\shw32.dll [2006.11.29 18:34:56 | 000,000,044 | ---- | C] () -- C:\WINDOWS\SMWizard.INI [2006.11.16 23:01:57 | 000,003,776 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini [2006.11.14 02:05:27 | 000,000,038 | ---- | C] () -- C:\WINDOWS\AviSplitter.INI [2006.11.13 00:24:27 | 000,015,576 | R--- | C] () -- C:\WINDOWS\System32\drivers\usbbc.sys [2006.11.13 00:24:27 | 000,003,953 | R--- | C] () -- C:\WINDOWS\System32\coinst.dll [2006.11.10 23:55:40 | 000,096,768 | ---- | C] () -- C:\WINDOWS\SlantAdj.dll [2006.10.11 12:18:40 | 000,078,336 | ---- | C] () -- C:\Dokumente und Einstellungen\***\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2006.10.10 09:46:17 | 000,003,252 | ---- | C] () -- C:\WINDOWS\System32\drivers\PQNTDRV.SYS [2006.10.10 04:14:04 | 000,000,092 | ---- | C] () -- C:\WINDOWS\System32\ftdiun2k.ini [2006.09.27 10:01:53 | 000,000,136 | ---- | C] () -- C:\Dokumente und Einstellungen\***\Lokale Einstellungen\Anwendungsdaten\fusioncache.dat [2006.09.26 01:14:35 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini [2006.09.26 01:13:47 | 000,004,442 | ---- | C] () -- C:\WINDOWS\System32\drivers\TPPWRIF.SYS [2006.09.26 01:10:01 | 000,028,672 | ---- | C] () -- C:\WINDOWS\System32\JAWTAccessBridge.dll [2006.09.26 01:09:38 | 000,086,016 | ---- | C] () -- C:\WINDOWS\System32\PcdrKernelModeServices.dll [2006.09.26 01:09:38 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\ProgressTrace.dll [2006.09.26 01:09:10 | 000,004,224 | ---- | C] () -- C:\WINDOWS\System32\drivers\IBMBLDID.sys [2006.09.26 01:02:33 | 000,204,800 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeW7.dll [2006.09.26 01:02:33 | 000,200,704 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeA6.dll [2006.09.26 01:02:33 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeP6.dll [2006.09.26 01:02:33 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeM6.dll [2006.09.26 01:02:33 | 000,188,416 | ---- | C] () -- C:\WINDOWS\System32\IVIresizePX.dll [2006.09.26 01:02:33 | 000,020,480 | ---- | C] () -- C:\WINDOWS\System32\IVIresize.dll [2006.09.26 01:02:00 | 000,000,642 | ---- | C] () -- C:\WINDOWS\wininit.ini [2006.09.26 00:53:24 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\FPCALL.dll [2006.09.26 00:53:07 | 000,007,168 | ---- | C] () -- C:\WINDOWS\System32\drivers\TSMAPIP.SYS [2006.09.26 00:50:44 | 000,009,343 | ---- | C] () -- C:\WINDOWS\System32\drivers\TDSMAPI.SYS [2006.09.26 00:39:34 | 000,002,458 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI [2006.09.26 00:32:23 | 000,024,576 | ---- | C] () -- C:\WINDOWS\System32\tphklock.dll [2006.06.09 11:43:28 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini [2005.09.01 14:11:52 | 000,016,768 | ---- | C] () -- C:\WINDOWS\System32\drivers\LVPrcMon.sys [2005.07.06 00:45:08 | 000,028,672 | ---- | C] () -- C:\WINDOWS\System32\notifyf2.dll [2005.02.17 12:41:32 | 000,000,603 | ---- | C] () -- C:\WINDOWS\System32\BTNeighborhood.dll.manifest [2005.02.17 12:41:30 | 000,000,593 | ---- | C] () -- C:\WINDOWS\System32\btcss.dll.manifest [2004.12.16 03:41:58 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\pwdmon.dll [2004.12.16 03:41:58 | 000,019,853 | ---- | C] () -- C:\WINDOWS\ibmprc.ini [2004.10.15 19:31:56 | 000,218,264 | ---- | C] () -- C:\WINDOWS\System32\SetAid.dll [2004.10.03 19:50:54 | 000,129,024 | ---- | C] () -- C:\WINDOWS\System32\ff_mpeg2enc.dll [2004.08.10 13:48:32 | 000,000,849 | ---- | C] () -- C:\WINDOWS\orun32.ini [2004.01.09 06:10:32 | 000,143,360 | ---- | C] () -- C:\WINDOWS\System32\AIBMRUNL.dll [2001.11.14 13:56:00 | 001,802,240 | ---- | C] () -- C:\WINDOWS\System32\lcppn21.dll [1999.04.29 22:00:00 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\MSRTEDIT.DLL [1998.04.24 01:00:00 | 000,000,218 | ---- | C] () -- C:\WINDOWS\FRONTPG.INI [1996.04.03 21:33:26 | 000,005,248 | ---- | C] () -- C:\WINDOWS\System32\giveio.sys < End of report > Danke für die schnelle Anwort Geändert von Herzmann (28.09.2010 um 16:01 Uhr) Grund: Danksagung |
|
28.09.2010, 17:55
| #4 | |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Ist Trojaner Trojan.Agent jemals aktiv geworden?Zitat:
__________________ Logfiles bitte immer in CODE-Tags posten  |
|
28.09.2010, 18:19
| #5 |
| | Ist Trojaner Trojan.Agent jemals aktiv geworden? Doch, hatte ich. Am 22.09.2010, wo der Scan lief, war das die aktuelle. Da die betreffenden Dateien sich schon seit ca. 1 Jahr oder mehr auf dem Rechner vorhanden sind (kann ich durch ein früheres Backup erkennen), dachte ich, es käme auf 5 Tage dann auch nicht mehr an. Deswegen bin ich ja auch recht zuversichtlich, daß der Trojaner nie aktiv geworden ist, denn alle meine Online-Konten sind nach wie vor in Ordnung, und auch sonst hatte ich nie was Verdächtiges bemerkt, und Norton AV auch nicht (der hätte doch meckern müssen, wenn irgend ein Programm da drauf zugegriffen hätte?). |
|
28.09.2010, 18:33
| #6 | |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Ist Trojaner Trojan.Agent jemals aktiv geworden?Zitat:
__________________ --> Ist Trojaner Trojan.Agent jemals aktiv geworden? |
|
28.09.2010, 18:35
| #7 | |
| | Ist Trojaner Trojan.Agent jemals aktiv geworden?Zitat:
|
|
29.09.2010, 15:05
| #8 |
| | Ist Trojaner Trojan.Agent jemals aktiv geworden? Der Vollscan hat nochwas entdeckt. (Bei genauerem Hinsehen: Der Scan vom 22.9. dauerte nur 1:45 Std., das war der, den ich vorzeitig abgebrochen hatte.) Der heutige brachte noch einen Adware.ADON zum Vorschein. Den hatte ich übrigens auch schon auf meiner ca. 1 Jahr unbenutzten Backup-Platte gefunden. Malwarebytes fror ein, als ich auf Löschen geklickt hatten. Ich mußte das Programm dann nach 10 Min. abschießen. Log war dann leider auch weg. Glücklicherweise hatte Malwarebytes den Schädling aber wenigstens in Quarantäne geschickt. Nach "Wiederherstellen" konnte ich dann über den Ordner noch einen Quicktest machen, sodaß folgendes Protokoll entstand. Erneutes Löschen ging wieder schief. Mögliche Gründe: - Ich hatte gleichzeitig den betreffenden Ordner im Windows-Ordner offen. - parallel zum Admin-Benutzer, von welchem der Scan gestartet war, hatte ich per Benutzerwechsel noch einen 2. eingeschränkten Benutzer aktiv. Code:
ATTFilter Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org
Datenbank Version: 4715
Windows 5.1.2600 Service Pack 3
Internet Explorer 6.0.2900.5512
29.09.2010 14:37:43
mbam-log-2010-09-29 (14-37-43).txt
Art des Suchlaufs: Quick-Scan
Durchsuchte Objekte: 1
Laufzeit: 13 Sekunde(n)
Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 0
Infizierte Registrierungswerte: 0
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 0
Infizierte Dateien: 1
Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)
Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)
Infizierte Registrierungsschlüssel:
(Keine bösartigen Objekte gefunden)
Infizierte Registrierungswerte:
(Keine bösartigen Objekte gefunden)
Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)
Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)
Infizierte Dateien:
C:\Dokumente und Einstellungen\***\Anwendungsdaten\Desktopicon\eBayShortcuts.exe (Adware.ADON) -> No action taken.
|
|
30.09.2010, 11:57
| #9 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Ist Trojaner Trojan.Agent jemals aktiv geworden? Auch im Vollscan wurde nur dieser Eintrag (...eBayShortcuts.exe (Adware.ADON)) entdeckt?
__________________ Logfiles bitte immer in CODE-Tags posten |
|
30.09.2010, 12:29
| #10 | |
| | Ist Trojaner Trojan.Agent jemals aktiv geworden?Zitat:
Allerdings dauerte dieser Vollscan während laufendem Betrieb auf 2. eingeschränkten Benutzer merkwürdigerweise nur ca. 5 Stunden auf meiner aktuellen 160 GB 2,5" Platte. Auf meiner alten 80 GB 2,5" Platte (Inhalt wurde vor ca. 1 Jahr auf die neue geklont) dauerte er über Nacht über 8 Stunden. Möglicherweise ist die alte Platte aber einfach nur langsamer. Geändert von Herzmann (30.09.2010 um 12:42 Uhr) |
|
30.09.2010, 15:27
| #11 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Ist Trojaner Trojan.Agent jemals aktiv geworden? Poste bitte nochmal ein frisches OTL.txt, im letzten fehlen einige Passagen...
__________________ Logfiles bitte immer in CODE-Tags posten |
|
01.10.2010, 12:49
| #12 | |
| | Ist Trojaner Trojan.Agent jemals aktiv geworden?Zitat:
Code:
ATTFilter OTL Extras logfile created on: 28.09.2010 16:39:54 - Run 1
OTL by OldTimer - Version 3.2.14.1 Folder = E:\Software\Ab 17.04.2009\Download\Sicherheit
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.5512)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 44,00% Memory free
3,00 Gb Paging File | 2,00 Gb Available in Paging File | 62,00% Paging File free
Paging file location(s): C:\pagefile.sys 1024 1536 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 59,53 Gb Total Space | 5,43 Gb Free Space | 9,12% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
Drive E: | 46,18 Gb Total Space | 0,08 Gb Free Space | 0,18% Space Free | Partition Type: FAT32
Drive F: | 4,00 Gb Total Space | 0,45 Gb Free Space | 11,32% Space Free | Partition Type: FAT32
Drive G: | 4,01 Gb Total Space | 0,46 Gb Free Space | 11,49% Space Free | Partition Type: FAT32
Drive H: | 25,27 Gb Total Space | 4,47 Gb Free Space | 17,68% Space Free | Partition Type: NTFS
I: Drive not present or media not loaded
Computer Name: XXX
Current User Name: ***
NOT logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Programme\Mozilla\Firefox\firefox.exe (Mozilla Corporation)
.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
htmlfile [edit] -- Reg Error: Key error.
http [open] -- "C:\Programme\Mozilla\Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)
https [open] -- "C:\Programme\Mozilla\Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)
InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Programme\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [Durchsuchen mit &IrfanView] -- "C:\Programme\IrfanView\i_view32.exe" "%1 /thumbs" (Irfan Skiljan)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Programme\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002
"10243:TCP" = 10243:TCP:LocalSubNet:Enabled:Windows Media Player-Netzwerkfreigabedienst
"10280:UDP" = 10280:UDP:LocalSubNet:Enabled:Windows Media Player-Netzwerkfreigabedienst
"10281:UDP" = 10281:UDP:LocalSubNet:Enabled:Windows Media Player-Netzwerkfreigabedienst
"10282:UDP" = 10282:UDP:LocalSubNet:Enabled:Windows Media Player-Netzwerkfreigabedienst
"10283:UDP" = 10283:UDP:LocalSubNet:Enabled:Windows Media Player-Netzwerkfreigabedienst
"10284:UDP" = 10284:UDP:LocalSubNet:Enabled:Windows Media Player-Netzwerkfreigabedienst
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002
"6198:TCP" = 6198:TCP:*:Enabled:freenetSPEED
"3126:TCP" = 3126:TCP:*:Enabled:freenetSPEED
"3128:TCP" = 3128:TCP:*:Enabled:freenetSPEED
"10243:TCP" = 10243:TCP:LocalSubNet:Enabled:Windows Media Player-Netzwerkfreigabedienst
"10280:UDP" = 10280:UDP:LocalSubNet:Enabled:Windows Media Player-Netzwerkfreigabedienst
"10281:UDP" = 10281:UDP:LocalSubNet:Enabled:Windows Media Player-Netzwerkfreigabedienst
"10282:UDP" = 10282:UDP:LocalSubNet:Enabled:Windows Media Player-Netzwerkfreigabedienst
"10283:UDP" = 10283:UDP:LocalSubNet:Enabled:Windows Media Player-Netzwerkfreigabedienst
"10284:UDP" = 10284:UDP:LocalSubNet:Enabled:Windows Media Player-Netzwerkfreigabedienst
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\Programme\IBM\Updater\jre\bin\java.exe" = C:\Programme\IBM\Updater\jre\bin\java.exe:*:Enabled:IBM Update Connector -- File not found
"C:\Programme\IBM\Updater\jre\bin\javaw.exe" = C:\Programme\IBM\Updater\jre\bin\javaw.exe:*:Enabled:IBM Update Connector -- File not found
"C:\Programme\IBM\Updater\ucsmb.exe" = C:\Programme\IBM\Updater\ucsmb.exe:*:Enabled:IBM Update Connector -- File not found
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Programme\IBM\Updater\jre\bin\java.exe" = C:\Programme\IBM\Updater\jre\bin\java.exe:*:Enabled:IBM Update Connector -- File not found
"C:\Programme\IBM\Updater\jre\bin\javaw.exe" = C:\Programme\IBM\Updater\jre\bin\javaw.exe:*:Enabled:IBM Update Connector -- File not found
"C:\Programme\IBM\Updater\ucsmb.exe" = C:\Programme\IBM\Updater\ucsmb.exe:*:Enabled:IBM Update Connector -- File not found
"D:\fsetup.exe" = D:\fsetup.exe:*:Enabled:AVM FSetup Application -- File not found
"C:\Programme\freenet\PxClient.exe" = C:\Programme\freenet\PxClient.exe:*:Enabled:freenetSPEED -- File not found
"C:\Programme\VoipDiscount.com\VoipDiscount\VoipDiscount.exe" = C:\Programme\VoipDiscount.com\VoipDiscount\VoipDiscount.exe:*:Enabled:VoipDiscount -- (VoipDiscount)
"C:\Programme\Mozilla Thunderbird\thunderbird.exe" = C:\Programme\Mozilla Thunderbird\thunderbird.exe:*:Enabled:Mozilla Thunderbird -- (Mozilla Messaging)
"C:\Programme\Intuwave Ltd\Shared\mRouterRunTime\mRouterRuntime.exe" = C:\Programme\Intuwave Ltd\Shared\mRouterRunTime\mRouterRuntime.exe:*:Enabled:mRouterRuntime -- (Intuwave Ltd.)
"C:\WINDOWS\system32\fxsclnt.exe" = C:\WINDOWS\system32\fxsclnt.exe:*:Enabled:Microsoft Fax Console -- (Microsoft Corporation)
"C:\Programme\Java\jdk1.6.0_01\jre\bin\java.exe" = C:\Programme\Java\jdk1.6.0_01\jre\bin\java.exe:*:Enabled:Java(TM) Platform SE binary -- File not found
"C:\Programme\MySQL\MySQL Server 5.0\bin\mysqld-nt.exe" = C:\Programme\MySQL\MySQL Server 5.0\bin\mysqld-nt.exe:*:Enabled:mysqld-nt -- ()
"C:\Programme\Java\jdk1.6.0_01\bin\java.exe" = C:\Programme\Java\jdk1.6.0_01\bin\java.exe:*:Enabled:Java(TM) Platform SE binary -- File not found
"C:\Programme\Java\jdk1.6.0\bin\java.exe" = C:\Programme\Java\jdk1.6.0\bin\java.exe:*:Enabled:Java(TM) Platform SE binary -- File not found
"C:\Programme\FRITZ!DSL\FBOXUPD.EXE" = C:\Programme\FRITZ!DSL\FBOXUPD.EXE:*:Enabled:AVM FRITZ!Box Firmware-Update -- (AVM Berlin)
"C:\Programme\Java\jdk1.6.0_02\jre\bin\java.exe" = C:\Programme\Java\jdk1.6.0_02\jre\bin\java.exe:*:Enabled:Java(TM) Platform SE binary -- File not found
"C:\Programme\Home Cinema\PowerCinema\PowerCinema.exe" = C:\Programme\Home Cinema\PowerCinema\PowerCinema.exe:*:Enabled:PowerCinema -- File not found
"C:\Dokumente und Einstellungen\***\Lokale Einstellungen\Apps\2.0\CDYO31ZO.VG2\OEZVKJ02.55X\frit..tion_f8d772dfbb3f7453_0002.0001_147a792107b9f781\fritzbox-usb-fernanschluss.exe" = C:\Dokumente und Einstellungen\***\Lokale Einstellungen\Apps\2.0\CDYO31ZO.VG2\OEZVKJ02.55X\frit..tion_f8d772dfbb3f7453_0002.0001_147a792107b9f781\fritzbox-usb-fernanschluss.exe:*:Enabled:FRITZ!Box USB-Fernanschluss -- File not found
"C:\Programme\WS_FTP\WS_FTP95.exe" = C:\Programme\WS_FTP\WS_FTP95.exe:*:Enabled:WS_FTP 95 -- (Ipswitch, Inc. 81 Hartwell Ave. Lexington, MA)
"C:\Programme\Java\jdk1.6.0_03\bin\java.exe" = C:\Programme\Java\jdk1.6.0_03\bin\java.exe:*:Enabled:Java(TM) Platform SE binary -- (Sun Microsystems, Inc.)
"C:\Programme\Java\jdk1.6.0_03\jre\bin\java.exe" = C:\Programme\Java\jdk1.6.0_03\jre\bin\java.exe:*:Enabled:Java(TM) Platform SE binary -- (Sun Microsystems, Inc.)
"C:\Programme\Java\jre1.6.0_03\bin\java.exe" = C:\Programme\Java\jre1.6.0_03\bin\java.exe:*:Enabled:Java(TM) Platform SE binary -- File not found
"C:\Programme\Java\NetBeans 6.0 RC2\mobility8\WTK2.5.2\bin\emulator.exe" = C:\Programme\Java\NetBeans 6.0 RC2\mobility8\WTK2.5.2\bin\emulator.exe:*:Enabled:emulator -- File not found
"C:\Programme\Java\WTK22\bin\emulator.exe" = C:\Programme\Java\WTK22\bin\emulator.exe:*:Enabled:emulator -- ()
"C:\Programme\Java\NetBeans 6.0\mobility8\WTK2.5.2\bin\emulator.exe" = C:\Programme\Java\NetBeans 6.0\mobility8\WTK2.5.2\bin\emulator.exe:*:Enabled:emulator -- File not found
"C:\Programme\FRITZ!DSL\IGDCTRL.EXE" = C:\Programme\FRITZ!DSL\IGDCTRL.EXE:*:Enabled:AVM FRITZ!DSL - igdctrl.exe -- (AVM Berlin)
"C:\Programme\FRITZ!DSL\WebwaIgd.exe" = C:\Programme\FRITZ!DSL\WebwaIgd.exe:*:Enabled:AVM FRITZ!DSL - webwaigd.exe -- (AVM Berlin)
"C:\Programme\uTorrent\uTorrent.exe" = C:\Programme\uTorrent\uTorrent.exe:*:Enabled:µTorrent -- File not found
"C:\Programme\Sony Ericsson\Update Service\ma3platform.exe" = C:\Programme\Sony Ericsson\Update Service\ma3platform.exe:*:Enabled:ma3platform -- File not found
"C:\Programme\Sony Ericsson\Update Service\Update Service.exe" = C:\Programme\Sony Ericsson\Update Service\Update Service.exe:*:Enabled:Update Service -- File not found
"C:\Programme\Sony Ericsson\Sony Ericsson Media Manager 1.0\MediaManager.exe" = C:\Programme\Sony Ericsson\Sony Ericsson Media Manager 1.0\MediaManager.exe:*:Enabled:Sony Ericsson Media Manager 1.0 -- (Sony Creative Software Inc.)
"C:\Programme\Java\jdk1.6.0_04\jre\bin\java.exe" = C:\Programme\Java\jdk1.6.0_04\jre\bin\java.exe:*:Enabled:Java(TM) Platform SE binary -- File not found
"C:\Dokumente und Einstellungen\***\Lokale Einstellungen\Apps\2.0\CDYO31ZO.VG2\OEZVKJ02.55X\frit..tion_f8d772dfbb3f7453_0002.0001_0db5bf0e9add42c1\fritzbox-usb-fernanschluss.exe" = C:\Dokumente und Einstellungen\***\Lokale Einstellungen\Apps\2.0\CDYO31ZO.VG2\OEZVKJ02.55X\frit..tion_f8d772dfbb3f7453_0002.0001_0db5bf0e9add42c1\fritzbox-usb-fernanschluss.exe:*:Enabled:FRITZ!Box USB-Fernanschluss -- File not found
"C:\Programme\Java\jre1.6.0_04\bin\javaw.exe" = C:\Programme\Java\jre1.6.0_04\bin\javaw.exe:*:Enabled:Java(TM) Platform SE binary -- File not found
"C:\Program Files\IBM\Java142\jre\bin\javaw.exe" = C:\Program Files\IBM\Java142\jre\bin\javaw.exe:*:Enabled:Java launcher -- (IBM)
"C:\Programme\Mozilla\Firefox\firefox.exe" = C:\Programme\Mozilla\Firefox\firefox.exe:*:Enabled:Firefox -- (Mozilla Corporation)
"C:\Programme\Java\jdk1.6.0_06\jre\bin\java.exe" = C:\Programme\Java\jdk1.6.0_06\jre\bin\java.exe:*:Enabled:Java(TM) Platform SE binary -- File not found
"C:\Dokumente und Einstellungen\***\Lokale Einstellungen\Apps\2.0\CDYO31ZO.VG2\OEZVKJ02.55X\frit..tion_f8d772dfbb3f7453_0002.0001_0db5bf0f9b5c5281\fritzbox-usb-fernanschluss.exe" = C:\Dokumente und Einstellungen\***\Lokale Einstellungen\Apps\2.0\CDYO31ZO.VG2\OEZVKJ02.55X\frit..tion_f8d772dfbb3f7453_0002.0001_0db5bf0f9b5c5281\fritzbox-usb-fernanschluss.exe:*:Enabled:FRITZ!Box USB-Fernanschluss -- File not found
"C:\Programme\Java\jdk1.6.0_07\jre\bin\java.exe" = C:\Programme\Java\jdk1.6.0_07\jre\bin\java.exe:*:Enabled:Java(TM) Platform SE binary -- File not found
"C:\Programme\Real\RealPlayer\realplay.exe" = C:\Programme\Real\RealPlayer\realplay.exe:*:Enabled:RealPlayer -- File not found
"C:\Dokumente und Einstellungen\***\Lokale Einstellungen\Apps\2.0\CDYO31ZO.VG2\OEZVKJ02.55X\frit..tion_f8d772dfbb3f7453_0002.0001_0db5bf139d589181\fritzbox-usb-fernanschluss.exe" = C:\Dokumente und Einstellungen\***\Lokale Einstellungen\Apps\2.0\CDYO31ZO.VG2\OEZVKJ02.55X\frit..tion_f8d772dfbb3f7453_0002.0001_0db5bf139d589181\fritzbox-usb-fernanschluss.exe:*:Enabled:FRITZ!Box USB-Fernanschluss -- File not found
"C:\Dokumente und Einstellungen\***\Lokale Einstellungen\Apps\2.0\CDYO31ZO.VG2\OEZVKJ02.55X\frit..tion_f8d772dfbb3f7453_0002.0001_0db5bf149dd7a141\fritzbox-usb-fernanschluss.exe" = C:\Dokumente und Einstellungen\***\Lokale Einstellungen\Apps\2.0\CDYO31ZO.VG2\OEZVKJ02.55X\frit..tion_f8d772dfbb3f7453_0002.0001_0db5bf149dd7a141\fritzbox-usb-fernanschluss.exe:*:Enabled:FRITZ!Box USB-Fernanschluss -- (AVM Berlin)
"C:\Programme\Java\jre6\bin\java.exe" = C:\Programme\Java\jre6\bin\java.exe:*:Enabled:Java(TM) Platform SE binary -- (Sun Microsystems, Inc.)
"C:\Program Files\Real\RealPlayer\realplay.exe" = C:\Program Files\Real\RealPlayer\realplay.exe:*:Enabled:RealPlayer -- (RealNetworks, Inc.)
"C:\Programme\Java\jre6\bin\javaw.exe" = C:\Programme\Java\jre6\bin\javaw.exe:*:Enabled:Java(TM) Platform SE binary -- (Sun Microsystems, Inc.)
"C:\Dokumente und Einstellungen\***\Lokale Einstellungen\Apps\2.0\CDYO31ZO.VG2\OEZVKJ02.55X\frit..tion_f8d772dfbb3f7453_0002.0001_0db5bf169ed5c0c1\fritzbox-usb-fernanschluss.exe" = C:\Dokumente und Einstellungen\***\Lokale Einstellungen\Apps\2.0\CDYO31ZO.VG2\OEZVKJ02.55X\frit..tion_f8d772dfbb3f7453_0002.0001_0db5bf169ed5c0c1\fritzbox-usb-fernanschluss.exe:*:Enabled:FRITZ!Box USB-Fernanschluss -- (AVM Berlin)
"C:\WINDOWS\LMI35.tmp\lmi_rescue.exe" = C:\WINDOWS\LMI35.tmp\lmi_rescue.exe:*:Enabled:LogMeIn Rescue -- File not found
"C:\WINDOWS\LMI60.tmp\lmi_rescue.exe" = C:\WINDOWS\LMI60.tmp\lmi_rescue.exe:*:Enabled:LogMeIn Rescue -- File not found
"C:\WINDOWS\LMI33D.tmp\lmi_rescue.exe" = C:\WINDOWS\LMI33D.tmp\lmi_rescue.exe:*:Enabled:LogMeIn Rescue -- File not found
"C:\WINDOWS\LMI3B2.tmp\lmi_rescue.exe" = C:\WINDOWS\LMI3B2.tmp\lmi_rescue.exe:*:Enabled:LogMeIn Rescue -- File not found
"C:\WINDOWS\LMI3B7.tmp\lmi_rescue.exe" = C:\WINDOWS\LMI3B7.tmp\lmi_rescue.exe:*:Enabled:LogMeIn Rescue -- File not found
"C:\Programme\BitTorrent\bittorrent.exe" = C:\Programme\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent -- (BitTorrent, Inc.)
"C:\Programme\FRITZ!Box Monitor\FRITZBoxMonitor.exe" = C:\Programme\FRITZ!Box Monitor\FRITZBoxMonitor.exe:*:Enabled:FRITZ!Box Monitor -- (AVM Berlin)
"C:\Programme\FRITZ!vox\Fritz!vox.exe" = C:\Programme\FRITZ!vox\Fritz!vox.exe:*:Enabled:Fritz!vox -- (AVM Berlin)
"C:\CYGWIN\bin\rsync.exe" = C:\CYGWIN\bin\rsync.exe:*:Enabled:rsync -- ()
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00000407-78E1-11D2-B60F-006097C998E7}" = Microsoft Office 2000 SR-1 Premium
"{00170407-78E1-11D2-B60F-006097C998E7}" = Microsoft Word 2000 SR-1
"{00BA866C-F2A2-4BB9-A308-3DFA695B6F7C}" = Java DB 10.5.3.0
"{01008202-823E-46CD-A70E-BEE818F97169}" = Microsoft Encarta Enzyklopädie 2002
"{01DA3FC4-CF94-4AAD-9127-C8F2E09F6E69}" = PowerArchiver 2010
"{024D73F0-1C49-2340-8AC3-5234AAA560C0}" = ccc-core-static
"{03B1BBDC-7FAA-4A03-9988-A85428BAD382}" = Sun ODF Plugin for Microsoft Office 3.0
"{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu
"{055EE59D-217B-43A7-ABFF-507B966405D8}" = ATI Catalyst Control Center
"{05E9F134-07C9-4249-9B80-EE5D975F201B}" = Sony Ericsson Image Editor
"{0873B1A3-00A9-40D6-BACE-3DB4BC5DA840}" = ThinkPad SATA Power Management Driver
"{0BEDBD4E-2D34-47B5-9973-57E62B29307C}" = ATI Systemsteuerung
"{0D05C1D4-BB4C-4545-86DC-F5EA7D04121A}" = Vtpro-e Themes v1.3
"{0E0DF90C-D0BA-4C89-9262-AD78D1A3DE51}" = HP USB Disk Storage Format Tool
"{1007F41F-7D69-468E-8017-3849A5A973C2}" = IBM ThinkVantage Technologies Welcome Message
"{11783F13-C3A9-44A8-929B-21A476F65272}" = IBM Rescue and Recovery with Rapid Restore
"{1206EF92-2E83-4859-ACCB-2048C3CB7DA6}" = Sonic DLA
"{1297C681-92D7-40EF-93BF-03F66EC5105C}" = ThinkPad-Dienstprogramm 'EasyEject'
"{13EDFFFE-DCF2-448A-A653-3C4CD60D99B4}" = Palm Desktop and Synchronization Software
"{1649C93D-C661-4C53-B8AE-DB3592150B34}" = Buhl finance - tax 2006 Professional
"{17CBC505-D1AE-459D-B445-3D2000A85842}" = ThinkPad UltraNav Utility
"{1E5007FA-DA5E-4EDD-BDE5-14D128D66887}" = PowerQuest PartitionMagic 7.0
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{2111B23F-7FDA-4A41-8309-E5A1663CA296}" = Dienstprogramm 'IBM ThinkPad-Tastaturanpassung'
"{23170F69-40C1-2701-0465-000001000000}" = 7-Zip 4.65
"{23FB368F-1399-4EAC-817C-4B83ECBE3D83}" = mProSafe
"{2457326B-C110-40C3-89B0-889CC913871A}" = AVM FRITZ!DSL
"{24F9E04D-4CD5-3979-76F9-C1C6E78471AB}" = CCC Help Italian
"{25F60491-F5AB-4985-9354-37C146783F35}" = Microsoft Works Suite-Add-Ins für Microsoft Word
"{2604C0F9-BFD3-4BA0-9EB5-22537C648F03}" = MobileMe Control Panel
"{26A24AE4-039D-4CA4-87B4-2F83216014FF}" = Java(TM) 6 Update 21
"{2D230139-69DA-4CE8-83FB-EE5F522D2FF5}" = Praesideo Logging Server V2.32.1757
"{2FCE4FC5-6930-40E7-A4F1-F862207424EF}" = InterVideo WinDVD Creator
"{2FEB25F8-C3CB-49A2-AE79-DE17FFAFB5D9}" = MySQL Server 5.0
"{2FFE93F0-BB72-4E52-8761-354D1AAA9387}" = Sony Ericsson PC Suite 3.108.00
"{30465B6C-B53F-49A1-9EBA-A3F187AD502E}" = Sonic Update Manager
"{31E1050B-F69F-4A16-8F5A-E44D31901250}" = Ulead DVD DiskRecorder 2.1.1
"{3248F0A8-6813-11D6-A77B-00B0D0150100}" = J2SE Runtime Environment 5.0 Update 10
"{32A3A4F4-B792-11D6-A78A-00B0D0150100}" = J2SE Development Kit 5.0 Update 10
"{32A3A4F4-B792-11D6-A78A-00B0D0160030}" = Java(TM) SE Development Kit 6 Update 3
"{32A3A4F4-B792-11D6-A78A-00B0D0160180}" = Java(TM) SE Development Kit 6 Update 18
"{32A3A4F4-B792-11D6-A78A-00B0D0160200}" = Java(TM) SE Development Kit 6 Update 20
"{32A3A4F4-B792-11D6-A78A-00B0D0170000}" = Java(TM) SE Development Kit 7
"{3305E24F-1192-0424-8A25-39713FD92728}" = Skins
"{34F0D55F-C386-4195-9A5B-961D3F6ACD46}" = InterVideo MediaOne Gallery
"{350C97B3-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3B94A56F-9FDA-46CC-A3B6-07613A84200B}" = Buhl finance - tax 2007 Professional
"{3D289CAC-AD9F-45d9-9D36-524EB7B6C958}" = Lenovo Hard Drive Quick Test
"{3DA7A736-0B03-565C-1139-83FE890F0AF3}" = CCC Help French
"{3EA9D975-BFDC-4E8E-B88B-0446FBC8CA66}" = ATI HYDRAVISION
"{3F71721C-E73D-481C-B926-C56B68D8F388}" = Praesideo Open Interface Library V2.32.1757
"{437C19B3-7E20-4E39-B868-CA6BAA820E1C}" = Microsoft Rechner-Plus
"{43A1FE83-D39F-3779-8D48-D6D19EE7AC48}" = CCC Help Chinese Traditional
"{443CBE24-0679-4027-9C36-66F129E009C5}" = Crestron Database
"{448AB2CB-C94A-47DE-80B8-9D7824DEFA57}" = Ulead FilmBrennerei 4.0
"{44B32F92-5A96-43D9-BCBE-0AD2CDC409E7}" = TortoiseHg 1.1.3 (x86)
"{46A84694-59EC-48F0-964C-7E76E9F8A2ED}" = ThinkVantage System für aktiven Festplattenschutz
"{47CF8B92-4083-4F43-9680-6EDE10F812BD}" = Praesideo Logging Viewer V2.32.1757
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A7FDA4D-F4D7-4A49-934A-066D59A43C7E}" = SmartSound Quicktracks Plugin
"{55C28EF3-2EA3-46AB-B1E7-54B96C5A6921}" = Viewport v3.99.01
"{57FA0525-01F9-4051-8DE9-CBF43CAC68D9}" = Catalyst Control Center - Branding
"{5C72622B-643D-4296-B57D-5D53D0C68509}" = Sony Ericsson Media Manager 1.0
"{5D73F169-DD54-4C74-AEB0-CE72A4ED95E6}" = Algo Vision LuraTech Browser Plug-ins
"{5DE1B7CF-7429-40CA-987F-6BEE09B63787}" = Prime95
"{5F71EB81-C72E-4B28-8D90-FDEECFEBC2DE}" = Drive Image
"{61A17AE1-B4C3-4FC0-8563-684C23CBFA0F}" = SW-Entwicklung\Sun Java (TM) Wireless Toolkit 2.5.2 for CLDC
"{63F817ED-F710-481B-B332-7A356CE04E10}" = TortoiseOverlays
"{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}" = Sonic Express Labeler
"{6686F38D-1A32-4A8C-94D7-A2AA9C5F3C9B}" = Crestron Device Database
"{66CA5E58-0D03-A75D-16EF-68258DE0DFC3}" = CCC Help English
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{6BC292E6-5C85-4620-C1D0-A2FEAFD5D135}" = CCC Help Japanese
"{6C31E111-96BB-4ADC-9C81-E6D3EEDDD8D3}" = Powertoys For Windows XP
"{6CE96A14-61E2-48CC-837E-22710A953ADE}" = IBM Themes
"{7005C601-B415-4D77-B2ED-FF40E3DACDED}" = DEAL for Windows v4.00
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{735DEB9C-61BD-4D31-994B-92395BBB4E45}" = Microsoft XML Parser
"{75438C0E-9925-412E-AD85-D0E71C6CE2ED}" = USB2.0 PC Camera (SN9C201&202)
"{7579A17B-0E6C-9EF3-D022-30729A24B399}" = CCC Help Chinese Standard
"{76E41F43-59D2-4F30-BA42-9A762EE1E8DE}" = Avanquest update
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7BAA2000-5B8D-66DD-DBE7-089671AC118B}" = ccc-utility
"{7C2BD022-2B09-1F6D-D6C1-AD2A591E7537}" = Catalyst Control Center Core Implementation
"{7D2370AC-D8E6-4996-986A-19824F8A167C}" = Logitech QuickCam
"{7E265513-8CDA-4631-B696-F40D983F3B07}_is1" = CDBurnerXP
"{7EB114D8-207F-45AE-BABD-1669715F2630}" = ThinkVantage Access Connections
"{806DB796-7082-C63F-284E-62245284A417}" = CCC Help Dutch
"{808FAA20-4C3A-11D4-8A57-00201853C903}" = PC-Linq
"{82512BC9-BD5D-4C50-BE4D-B98E7DF78687}" = ThinkPad-UltraNav-Assistent
"{8398B542-3CC4-44D9-83DF-696CCE70124B}" = Windows Support Tools
"{84814E6B-2581-46EC-926A-823BD1C670F6}" = ThinkPad Bluetooth with Enhanced Data Rate Software
"{8675339C-128C-44DD-83BF-0A5D6ABD8297}" = System Update
"{8745DEAB-1126-42F5-9585-C66D5497B47B}" = EMEA Wallpaper
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8D0E26CF-AA2F-48FF-A533-6207DE50B1C4}_is1" = Agendus for Windows Palm Desktop Edition
"{8D1E61D1-1395-4E97-997F-D002DB3A5074}" = OpenOffice.org 3.2
"{8EAB2384-C794-40ED-A9DD-3270A0D2BB76}" = Ulead VideoStudio 9.0
"{91810AFC-A4F8-4EBA-A5AA-B198BBC81144}" = InterVideo WinDVD
"{91AF774D-8506-4194-9B77-9D803CBF5AC1}" = SIMPL Windows v2.10
"{925936AC-9C9A-4897-874B-60961AAB6D52}" = Disc2Phone
"{9541FED0-327F-4DF0-8B96-EF57EF622F19}" = Sonic RecordNow!
"{984E0622-29E5-44EA-A075-A0CE91B2CF13}" = TortoiseOverlays
"{A0E64EBA-8BF0-49FB-90C0-BB3D781A2016}" = ThinkPad Energie-Manager
"{A1A903C9-35DE-4770-9264-5F831E0A3A2E}" = SIMPL Windows Library v565
"{A2092B2A-A4FB-4464-A4C0-023D2C9993F8}" =
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A3E23D97-145F-29BF-81DE-DAEC1E5AB237}" = Catalyst Control Center Graphics Full New
"{A8FA2AC0-3875-B59F-917F-719982FB1BE8}" = CCC Help Portuguese
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AA3983BF-9B72-484E-972A-E47BBAFA9CCA}" = VisionTools Pro-e v3.8
"{AC76BA86-7AD7-1031-7B44-A93000000001}" = Adobe Reader 9.3.4 - Deutsch
"{AC76BA86-7AD7-5464-3428-800000000003}" = Spelling Dictionaries Support For Adobe Reader 8
"{AC849092-6F19-4395-8860-BC3B82CAFE51}" = funScreenScraping Microsoft Systemdateien
"{AE1A0B0E-2EC7-656A-711A-0E7E8D4AB5CF}" = CCC Help Spanish
"{B016DE7B-CA2D-5EFD-9591-A109E67119BD}" = CCC Help Swedish
"{B214C3C8-FC16-42EC-B7BB-703A1BB9C790}" = Lenovo Battery Program
"{B5FDA445-CAC4-4BA6-A8FB-A7212BD439DE}" = Microsoft XML Parser
"{B5FE8184-DB90-4642-826C-096C6369B3DA}" = J2ME Wireless Toolkit 2.2
"{B6826FA8-04C8-4147-AA3C-5B900AB887A1}" = PowerArchiver 2007
"{B7A0CE06-068E-11D6-97FD-0050BACBF861}" = PowerProducer
"{BAF78226-3200-4DB4-BE33-4D922A799840}" = Windows Presentation Foundation
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C2C284D2-6BD7-3B34-B0C5-B2CAED168DF7}" = Microsoft .NET Framework 3.0 Service Pack 2 Language Pack - DEU
"{C314CE45-3392-3B73-B4E1-139CD41CA933}" = Microsoft .NET Framework 2.0 Service Pack 2 Language Pack - DEU
"{C4A92EF9-D14C-937F-742E-D272938DC590}" = CCC Help Korean
"{C769A271-7E1C-48F9-B331-474600DD4C06}" = Microsoft Picture It! Foto 2002
"{C7B8E06E-EBBC-4210-93AB-DFC8760E3FC9}" = Works Suite-Betriebssystem-Pack
"{C9A87D86-FDFD-418B-BF96-EF09320973B3}" = PC Inspector smart recovery
"{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CC016F21-3970-11DE-B878-005056806466}" = Google Earth
"{CD6EB005-957A-4191-93ED-6ECD5F7F931E}" = SKTimeStamp
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CFEDA22F-435D-4891-913A-75B80D8159B8}" = Crestron Toolbox v1.12
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.2
"{D121161E-AD64-4438-97A0-66A1AB7FFDE3}" = Works Suite-Betriebssystem-Pack
"{D2FEBD11-E587-4C41-AD33-0CD90D26A964}" = Client für die Windows-Rechteverwaltung mit Service Pack 2
"{D36DD326-7280-11D8-97C8-000129760CBE}" = PhotoNow! 1.0
"{D5881E4A-0764-11D6-9D93-DECCF2B3F57C}" = Praesideo Core V2.32.1757
"{D5A9B7C0-8751-11D8-9D75-000129760D75}" = MediaShow 3.0
"{D6DE02C7-1F47-11D4-9515-00105AE4B89A}" = Paint Shop Pro 7 Anniversary Edition
"{D702172D-8D17-D9EC-B661-42FA268575AF}" = Catalyst Control Center Localization All
"{DAA3F236-CEEC-C6CC-12C2-AB1B75C8BC09}" = CCC Help German
"{DAEAFD68-BB4A-4507-A241-C8804D2EA66D}" = Apple Application Support
"{DEC2C123-3CE0-4669-B119-61519130CACD}" = TortoiseSVN 1.6.10.19898 (32 bit)
"{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF}" = Ad-Aware
"{E09CEE8B-1DCD-C628-A8EA-2B56D61DDEFA}" = ccc-core-preinstall
"{E258A840-7E9A-443A-B156-67102C48BF17}" = TPP Storage Driver Installation
"{E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}" = Windows Media Encoder 9-Reihe
"{E7004147-2CCA-431C-AA05-2AB166B9785D}" = QuickTime
"{E78BFA60-5393-4C38-82AB-E8019E464EB4}" = Microsoft .NET Framework 1.1 German Language Pack
"{E922961C-6DB6-41DE-9FEA-426DF3E9F81C}" = IBM 32-bit Runtime Environment for Java 2, v1.4.2
"{EA664480-3844-11D5-8C25-444553540000}" = Funktion "TrackPoint-Eingabehilfen"
"{EC6AF20D-4376-4070-BEE4-D3A0DFF7E140}" = Access IBM
"{EC905264-BCFE-423B-9C42-C3A106266790}" = Rückwärtskompatibilität des Clients für die Windows-Rechteverwaltung SP2
"{ED5EDCD0-5745-4B13-8061-58C9833FD06D}" = Microsoft Works 6.0
"{F0A37341-D692-11D4-A984-009027EC0A9C}" = SoundMAX
"{F18B31E4-E2E3-4F4F-A2C9-BA579D6AF400}" = TortoiseOverlays
"{F2260E94-80F2-4CB1-B6B1-6043D9BFFA47}" = Works-Synchronisierung
"{F22FD942-651D-4EE8-BD6F-7E0AF5E17625}" = Intel(R) PROSet/Wireless WiFi-Software
"{F3439243-1BAC-7250-D346-2642655F95ED}" = Catalyst Control Center Graphics Full Existing
"{F34D9A5F-484A-4E31-A9D3-908CB265B289}" = Sygate Personal Firewall
"{F3FAE3D8-A91D-4D11-90C1-27581C2C23B9}" = Sony Ericsson MMS Home Studio
"{F413B3A4-EE5D-457C-BAE5-6E58D9589ED5}" = Access IBM Message Center
"{F4F4F84E-804F-4E9A-84D7-C34283F0088F}" = RealUpgrade 1.0
"{F63E8666-0F10-11D3-8258-00C04F6843FE}" = Microsoft Visual Keyboard
"{F705E3E1-A471-426B-9A09-73429F3418EE}" = System Migration Assistant
"{F7F2DC0A-C22E-49AD-AD37-797309A54E7B}" = Microsoft AutoRoute 2002
"{FB97A745-D1E6-435D-B942-264E94F89938}" = SIMPL+ Cross Compiler
"{FC081D4D-DF1B-4CF1-B530-027E4118D846}" = ThinkPad-Konfiguration
"{FC18114B-05A0-11D6-8140-000102E745A6}" = PC Suite for P800
"{FCA651F3-5BDA-4DDA-9E4A-5D87D6914CC4}" = mWlsSafe
"{FD331A3B-F7A5-4C31-B8D4-DF413C85AF7A}" = Message Center Plus
"{FD9D4CA5-8F97-44A0-B17E-C2C77C824FA4}" = funScreenScraping Client Version
"{FF2AFF73-099E-0BB5-AE87-B044D3D7DE78}" = Catalyst Control Center Graphics Light
"1&1 Upload-Manager" = 1&1 Upload-Manager
"274c5407c4fa26908310cb5c1c5500001224356439" = NetBeans IDE 5.5
"312f77fc8b5965949add215dd8550000-1163196496" = NetBeans Profiler 5.5
"Adobe Flash Player ActiveX" = Adobe Flash Player ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"Adobe SVG Viewer" = Adobe SVG Viewer 3.0
"All ATI Software" = ATI - Dienstprogramm zur Deinstallation der Software
"Any Video Converter_is1" = Any Video Converter 3.0.3
"ATI Display Driver" = ATI Display Driver
"Attribute Manager_is1" = Attribute Manager 2.35
"Audacity 1.3 Beta (Unicode)_is1" = Audacity 1.3.9 (Unicode)
"Audacity_is1" = Audacity 1.2.6
"avast5" = avast! Free Antivirus
"AVIcodec" = AVIcodec (remove only)
"Avira UnErase Personal" = Avira UnErase Personal
"AVMFBox" = AVM FRITZ!Box Dokumentation
"AVMFBoxAnswerMachine" = AVM FRITZ!vox
"AVMFBoxMonitor" = AVM FRITZ!Box Monitor
"BitTorrent" = BitTorrent
"CCleaner" = CCleaner
"CD Audio Reader Filter" = CD Audio Reader Filter (remove only)
"CDCheck" = CDCheck
"CNXT_MODEM_PCI_VEN_8086&DEV_24C6&SUBSYS_05591014" = ThinkPad Integrated 56K Modem
"CollabNet Automatic Update" = CollabNet Automatic Update 1.2
"CollabNet Subversion Client" = CollabNet Subversion Client 1.6.12
"Corel Applications" = Corel Applications
"CvsConflictEditor_is1" = CvsConflictEditor 1.2.0
"CVSNT_is1" = CVSNT
"D2D77DC2-8299-11D1-8949-444553540000_is1" = WinCvs 2.0
"Defraggler" = Defraggler
"DiffUtils-2.8.7_is1" = GnuWin32: DiffUtils version 2.8.7
"Digital Image Recovery_is1" = Digital Image Recovery 1.47
"DirectVobSub" = DirectVobSub (remove only)
"doPDF 7 printer_is1" = doPDF 7.1 printer
"EASEUS Partition Master Home Edition_is1" = EASEUS Partition Master 5.5.1 Home Edition
"EPSON SMART PANEL" = EPSON SMART PANEL
"EPSON Stylus Scan" = EPSON Stylus Scan FB TWAIN
"EPSON-Drucker und Utilities" = EPSON-Drucker-Software
"Exact Audio Copy" = Exact Audio Copy 0.99pb5
"Exifer_is1" = Exifer
"fcd569e3a3b8ade0f9366fc6625500001796351737" = NetBeans Mobility Pack 5.5
"Feurio" = Feurio! CD-Writer
"ffdshow_is1" = ffdshow [rev 1868] [2008-02-22]
"FFmpeg for Audacity on Windows_is1" = FFmpeg for Audacity on Windows
"FinePrint 2000" = FinePrint 2000
"FinePrint2000" = FinePrint 2000
"FolderSizes_is1" = FolderSizes 1.0
"frndial" = freenet.de
"FTDICOMM" = SEMC DSS-20 SyncStation Driver
"GMX Upload-Manager" = GMX Upload-Manager
"IE7 Standalone_is1" = Internet Explorer 7 Standalone
"InstallShield für Microsoft Visual C++ 6" = InstallShield für Microsoft Visual C++ 6
"InstallShield_{4A7FDA4D-F4D7-4A49-934A-066D59A43C7E}" = SmartSound Quicktracks Plugin
"InstallShield_{5D73F169-DD54-4C74-AEB0-CE72A4ED95E6}" = Algo Vision LuraTech Browser Plug-ins
"InstallShield_{E922961C-6DB6-41DE-9FEA-426DF3E9F81C}" = IBM 32-bit Runtime Environment for Java 2, v1.4.2
"IrfanView" = IrfanView (remove only)
"ISO Commander" = ISO Commander 1.6 (remove only)
"IsoBuster_is1" = IsoBuster 2.7
"jclasslib bytecode viewer 3.0" = jclasslib bytecode viewer 3.0
"KompoZer_is1" = KompoZer 0.77
"LAME for Audacity_is1" = LAME v3.98.2 for Audacity
"Lavasoft VX2 Cleaner" = Lavasoft VX2 Cleaner
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"MediaInfo" = MediaInfo 0.7.29
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft Developer Network - Visual Studio 6.0a (deu)" = MSDN Library - Visual Studio 6.0a (Deutsch)
"Mozilla Firefox (3.6.10)" = Mozilla Firefox (3.6.10)
"Mozilla Thunderbird (3.1.4)" = Mozilla Thunderbird (3.1.4)
"Mp3tag" = Mp3tag v2.46a
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"MyDefrag v4.2.5_is1" = MyDefrag v4.2.5
"MyDefrag v4.2.9_is1" = MyDefrag v4.2.9
"nbi-nb-base-6.0.0.0.200711201000" = NetBeans IDE 6.0 RC2
"nbi-nb-base-6.1.0.0.200804211638" = NetBeans IDE 6.1
"nbi-nb-base-6.5.0.0.200811100001" = NetBeans IDE 6.5
"nbi-nb-base-6.7.1.0.0" = NetBeans IDE 6.7.1
"nbi-nb-base-6.9.0.0.0" = NetBeans IDE 6.9
"nbi-nb-base-6.9.1.0.201006282301" = NetBeans IDE 6.9.1 Build 201006282301
"Nero - Burning Rom!UninstallKey" = Ahead Nero - Burning Rom
"Notepad++" = Notepad++
"NTFSRatio_is1" = NTFSRatio V1.3
"Nvu_is1" = Nvu 1.0
"OnScreenDisplay" = Anzeige am Bildschirm
"PC-Doctor 5 for Windows" = PC-Doctor 5 für Windows
"PFrank_is1" = Peter's Flexible RenAmiNg Kit (PFrank) 2.13
"Power Management Driver" = ThinkPad Power Management Driver
"Praesideo PC Callstation" = Praesideo PC Callstation
"Presentation Director" = ThinkPad-Präsentationsdirektor
"ProInst" = Intel PROSet Wireless
"QcDrv" = Logitech® Camera-Treiber
"RealPlayer 12.0" = RealPlayer
"RealVNC_is1" = VNC Free Edition 4.1.2
"Rename-It!" = Rename-It!
"ReNamer_is1" = ReNamer
"Secunia PSI" = Secunia PSI
"SequoiaView" = SequoiaView
"SpeedFan" = SpeedFan (remove only)
"SynTPDeinstKey" = ThinkPad UltraNav Driver
"ThinkPad FullScreen Magnifier" = ThinkPad FullScreen Magnifier
"ThinkPadSoftwareInstaller" = Installationsprogramm für ThinkPad-Software
"TPKBDLED" = Scroll Lock Indicator Utility
"TPP200" = USB Storage Adapter V2 (TPP)
"TPP300" = USB Storage Adapter V3 (TPP)
"TPP725" = USB Storage Adapter (TPP)
"TreeSize Free_is1" = TreeSize Free V2.2.1
"UltraDefrag" = Ultra Defragmenter
"Unlocker" = Unlocker 1.8.7
"VLC media player" = VLC media player 1.1.4
"VoipDiscount_is1" = VoipDiscount
"Wdf01005" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
"Wdf01009" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.9
"WebPost" = Microsoft Web Publishing Wizard 1.53
"WIC" = Windows Imaging Component
"Windows Media Encoder 9" = Windows Media Encoder 9-Reihe
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinHex" = WinHex
"WinHTTrack Website Copier_is1" = WinHTTrack Website Copier 3.43
"WinMerge_is1" = WinMerge 2.12.4
"WinRAR archiver" = WinRAR
"winscp3_is1" = WinSCP 4.2.7
"WinZip" = WinZip
"WinZip Self-Extractor" = WinZip Self-Extractor
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Works2002Setup" = Microsoft Works 2002-Setup-Start
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"X10Hardware" = X10 Hardware(TM)
"xdocdiff" = xdocdiff
"XP Codec Pack" = XP Codec Pack
"XpsEPSC" = XML Paper Specification Shared Components Pack 1.0
"XPSEPSCLP" = XML Paper Specification Shared Components Language Pack 1.0
"Z-DBackup" = Z-DBackup
"ZoomPlayer" = Zoom Player (remove only)
"ZoomPlayerLang" = Zoom Player deutsche Sprachdateien (entfernen)
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{01D5859C-5207-4183-B88D-3DCD2022BC54}" = t@x 2008 Professional
"{40030378-9EB9-482A-AC10-195097CA624D}" = t@x 2009 Professional
"f6791b188d8f3ff8" = AVM FRITZ!Box USB-Fernanschluss
"InstallShield_{5F71EB81-C72E-4B28-8D90-FDEECFEBC2DE}" = PowerQuest Drive Image 2002
"jIRCii" = jIRCii
"muCommander" = muCommander
"StackTrace" = StackTrace
========== Last 10 Event Log Errors ==========
Error: Unable to start EventLog service!
< End of report >
Geändert von Herzmann (01.10.2010 um 13:04 Uhr) |
|
01.10.2010, 13:08
| #13 |
| | Ist Trojaner Trojan.Agent jemals aktiv geworden? OTL.txt: Code:
ATTFilter OTL logfile created on: 01.10.2010 13:50:42 - Run 2 OTL by OldTimer - Version 3.2.14.1 Folder = E:\Software\Ab 17.04.2009\Download\Sicherheit Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 6.0.2900.5512) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 45,00% Memory free 3,00 Gb Paging File | 2,00 Gb Available in Paging File | 61,00% Paging File free Paging file location(s): C:\pagefile.sys 1024 1536 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme Drive C: | 59,53 Gb Total Space | 5,38 Gb Free Space | 9,04% Space Free | Partition Type: NTFS D: Drive not present or media not loaded Drive E: | 46,18 Gb Total Space | 2,20 Gb Free Space | 4,77% Space Free | Partition Type: FAT32 Drive F: | 4,00 Gb Total Space | 0,45 Gb Free Space | 11,32% Space Free | Partition Type: FAT32 Drive G: | 4,01 Gb Total Space | 0,46 Gb Free Space | 11,49% Space Free | Partition Type: FAT32 Drive H: | 25,27 Gb Total Space | 4,47 Gb Free Space | 17,68% Space Free | Partition Type: NTFS I: Drive not present or media not loaded Computer Name: XXX Current User Name: *** NOT logged in as Administrator. Current Boot Mode: Normal Scan Mode: All users Company Name Whitelist: Off Skip Microsoft Files: Off File Age = 30 Days Output = Minimal ========== Processes (SafeList) ========== PRC - E:\Software\Ab 17.04.2009\Download\Sicherheit\OTL.exe (OldTimer Tools) PRC - C:\Programme\Mozilla\Firefox\plugin-container.exe (Mozilla Corporation) PRC - C:\Programme\Mozilla\Firefox\firefox.exe (Mozilla Corporation) PRC - C:\Programme\Alwil Software\Avast5\AvastUI.exe (AVAST Software) PRC - C:\Programme\Gemeinsame Dateien\Real\Update_OB\realsched.exe (RealNetworks, Inc.) PRC - C:\Programme\TortoiseHg\TortoiseHgOverlayServer.exe () PRC - C:\Programme\TortoiseSVN\bin\TSVNCache.exe (hxxp://tortoisesvn.net) PRC - C:\Programme\TortoiseSVN\bin\TortoiseProc.exe (hxxp://tortoisesvn.net) PRC - C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe (Sun Microsystems, Inc.) PRC - C:\WINDOWS\system32\TpShocks.exe (Lenovo.) PRC - C:\Programme\ThinkPad\ConnectUtilities\ACWLIcon.exe (Lenovo ) PRC - C:\Programme\ThinkPad\ConnectUtilities\ACTray.exe (Lenovo ) PRC - C:\Programme\Synaptics\SynTP\SynTPLpr.exe (Synaptics Incorporated) PRC - C:\Programme\WinMerge\WinMergeU.exe (hxxp://winmerge.org) PRC - C:\Programme\Lenovo\Message Center Plus\MCPLaunch.exe () PRC - C:\Dokumente und Einstellungen\***\Lokale Einstellungen\Apps\2.0\CDYO31ZO.VG2\OEZVKJ02.55X\frit..tion_f8d772dfbb3f7453_0002.0001_0db5bf169ed5c0c1\fritzbox-usb-fernanschluss.exe (AVM Berlin) PRC - C:\Programme\ThinkPad\Utilities\EZEJMNAP.EXE (Lenovo Group Ltd.) PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation) PRC - C:\Programme\Gemeinsame Dateien\Lenovo\Scheduler\scheduler_proxy.exe (Lenovo Group Limited) PRC - C:\Programme\ThinkPad\Bluetooth Software\BTTray.exe (Broadcom Corporation.) PRC - C:\Programme\FRITZ!DSL\StCenter.exe (AVM Berlin) PRC - C:\Programme\FRITZ!DSL\FwebProt.exe (AVM Berlin) PRC - C:\Programme\Lenovo\HOTKEY\TPOSDSVC.exe (Lenovo Group Limited) PRC - C:\Programme\Lenovo\HOTKEY\TPONSCR.exe (Lenovo Group Limited) PRC - C:\Programme\Logitech\QuickCam10\QuickCam10.exe () PRC - C:\Programme\Gemeinsame Dateien\logishrd\LComMgr\Communications_Helper.exe (Logitech Inc.) PRC - C:\Programme\Gemeinsame Dateien\logishrd\LQCVFX\COCIManager.exe (Logitech Inc.) PRC - C:\Programme\Gemeinsame Dateien\logishrd\LComMgr\LVComSX.exe (Logitech Inc.) PRC - C:\WINDOWS\tsnp2std.exe (SONIX) PRC - C:\WINDOWS\vsnp2std.exe (Sonix) PRC - C:\Program Files\ThinkPad\UltraNav Wizard\UNavTray.exe (Lenovo Group Limited) PRC - C:\Programme\ThinkPad\PkgMgr\HOTKEY_1\TpScrex.exe (Lenovo Group Limited) PRC - C:\WINDOWS\system32\dla\DLACTRLW.EXE (Sonic Solutions) PRC - C:\IBMTOOLS\utils\ibmprc.exe (IBM Corp.) PRC - C:\Programme\Home Cinema\PowerDVD\PDVDServ.exe (Cyberlink Corp.) PRC - C:\Programme\Analog Devices\SoundMAX\SMax4PNP.exe (Analog Devices, Inc.) PRC - C:\Programme\Sony Ericsson\Mobile\audevicemgr.exe (Teleca Software Solutions AB) PRC - C:\Programme\Analog Devices\SoundMAX\SMax4.exe (Analog Devices, Inc.) PRC - C:\Programme\IBM\Messages By IBM\ibmmessages.exe (IBM) PRC - C:\Programme\Gemeinsame Dateien\InstallShield\UpdateService\issch.exe (InstallShield Software Corporation) PRC - C:\Programme\Sony Ericsson\Mobile\Connectivity Pack\ConnMngMntBox.exe (Symbian Ltd.) PRC - c:\Programme\Intuwave Ltd\Shared\mRouterRunTime\mRouterRuntime.exe (Intuwave Ltd.) PRC - C:\Program Files\Digital Line Detect\DLG.exe (BVRP Software) PRC - C:\Programme\Palm\Handspring\HOTSYNC.EXE (Palm, Inc.) PRC - C:\WINDOWS\system32\TpScrLk.exe () PRC - C:\WINDOWS\system32\spool\drivers\w32x86\2\fpdisp4.exe (FinePrint Software, LLC) PRC - C:\WINDOWS\system32\TaskSwitch.exe () PRC - C:\WINDOWS\tppaldr.exe (In-System Design, Inc.) PRC - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Works Shared\WkCalRem.exe (Microsoft® Corporation) PRC - C:\Programme\EPSON\SMART PANEL\SmaPanel.exe (NewSoft) ========== Modules (SafeList) ========== MOD - E:\Software\Ab 17.04.2009\Download\Sicherheit\OTL.exe (OldTimer Tools) MOD - C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Real\RealPlayer\BrowserRecordPlugin\Chrome\Hook\rpchromebrowserrecordhelper.dll () MOD - C:\WINDOWS\system32\msvcr71.dll (Microsoft Corporation) MOD - C:\WINDOWS\system32\msscript.ocx (Microsoft Corporation) MOD - C:\WINDOWS\system32\BtMmHook.dll (Broadcom Corporation.) MOD - C:\Programme\Gemeinsame Dateien\logishrd\LVMVFM\LVPrcInj.dll (Logitech Inc.) MOD - C:\WINDOWS\system32\msvcp71.dll (Microsoft Corporation) ========== Win32 Services (SafeList) ========== ========== Driver Services (SafeList) ========== ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-999901472-3601035388-3065584919-1005\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - prefs.js..browser.search.openintab: true FF - prefs.js..browser.search.selectedEngine: "LEO de<->en" FF - prefs.js..browser.search.useDBForOrder: true FF - prefs.js..browser.startup.homepage: "hxxp://www.taz.de/|hxxp://www.oya-online.de/" FF - prefs.js..extensions.enabledItems: en-GB@dictionaries.addons.mozilla.org:1.19 FF - prefs.js..extensions.enabledItems: {e1170235-2845-420c-acc3-42261a29dd46}:4.0.1 FF - prefs.js..extensions.enabledItems: pt-PT@dictionaries.addons.mozilla.org:9.10.13.6 FF - prefs.js..extensions.enabledItems: es-es@dictionaries.addons.mozilla.org:1.3.1 FF - prefs.js..extensions.enabledItems: {a0faa0a4-f1a7-4098-9a74-21efc3a92372}:4.0.0 FF - prefs.js..extensions.enabledItems: it-IT@dictionaries.addons.mozilla.org:3.1 FF - prefs.js..extensions.enabledItems: {DDC359D1-844A-42a7-9AA1-88A850A938A8}:1.1.10 FF - prefs.js..extensions.enabledItems: {D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}:0.9.7.1 FF - prefs.js..extensions.enabledItems: fb_add_on@avm.de:1.5.5 FF - prefs.js..extensions.enabledItems: {a7c6cf7f-112c-4500-a7ea-39801a327e5f}:1.0.9 FF - prefs.js..extensions.enabledItems: {0b457cAA-602d-484a-8fe7-c1d894a011ba}:0.85 FF - prefs.js..extensions.enabledItems: firebug@software.joehewitt.com:1.5.4 FF - prefs.js..extensions.enabledItems: {0538E3E3-7E9B-4d49-8831-A227C80A7AD3}:2.0.2 FF - prefs.js..extensions.enabledItems: {e4a8a97b-f2ed-450b-b12d-ee082ba24781}:0.8.20100408.6 FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0 FF - prefs.js..extensions.enabledItems: {28FAD68E-4001-48d5-B994-68069F7CFB1D}:0.4.7 FF - prefs.js..extensions.enabledItems: pagecompare_abk0680@yahoo.com:1.5 FF - prefs.js..extensions.enabledItems: {B17C1C5A-04B1-11DB-9804-B622A1EF5492}:1.2.1 FF - prefs.js..extensions.enabledItems: savecomplete@perlprogrammer.com:1.0.1 FF - prefs.js..extensions.enabledItems: {53A03D43-5363-4669-8190-99061B2DEBA5}:1.3.7 FF - prefs.js..extensions.enabledItems: {02450954-cdd9-410f-b1da-db804e18c671}:0.96.3 FF - prefs.js..extensions.enabledItems: {29c4afe1-db19-4298-8785-fcc94d1d6c1d}:0.6.2009110501 FF - prefs.js..extensions.enabledItems: {dc572301-7619-498c-a57d-39143191b318}:0.3.8.4 FF - prefs.js..extensions.enabledItems: tsvnmenu@pumacode.org:0.2.5 FF - prefs.js..extensions.enabledItems: {139a120b-c2ea-41d2-bf70-542d9f063dfd}:2.03.3 FF - prefs.js..extensions.enabledItems: {eecba28f-b68b-4b3a-b501-6ce12e6b8696}:0.7.2 FF - prefs.js..extensions.enabledItems: {c45c406e-ab73-11d8-be73-000a95be3b12}:1.1.8 FF - prefs.js..extensions.enabledItems: {ABDE892B-13A8-4d1b-88E6-365A6E755758}:1.1.5 FF - prefs.js..extensions.enabledItems: ietab@ip.cn:1.94.20100904 FF - prefs.js..extensions.enabledItems: metatags@porton.ex-code.com:2.3.5.2 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21 FF - prefs.js..extensions.enabledItems: {398e77b8-2304-11dc-8314-0800200c9a66}:0.3.13 FF - prefs.js..extensions.enabledItems: de_DE@dicts.j3e.de:20100720 FF - prefs.js..extensions.enabledItems: fr-moderne@dictionaries.addons.mozilla.org:3.8 FF - HKLM\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2010.09.07 00:35:46 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6.10\extensions\\Components: C:\Programme\Mozilla\Firefox\components [2010.09.17 12:18:07 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6.10\extensions\\Plugins: C:\Programme\Mozilla\Firefox\plugins [2010.09.17 12:24:17 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Thunderbird 3.1.4\extensions\\Components: C:\Programme\Mozilla Thunderbird\components [2010.09.17 12:18:07 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Thunderbird 3.1.4\extensions\\Plugins: C:\Programme\Mozilla Thunderbird\plugins [2010.01.19 19:43:44 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Extensions [2010.01.19 19:43:44 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6} [2010.10.01 13:39:51 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Firefox\Profiles\dv1sjd5g.default\extensions [2010.03.28 01:15:31 | 000,000,000 | ---D | M] (Screengrab) -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Firefox\Profiles\dv1sjd5g.default\extensions\{02450954-cdd9-410f-b1da-db804e18c671} [2010.10.01 13:39:51 | 000,000,000 | ---D | M] (Forecastfox Weather) -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Firefox\Profiles\dv1sjd5g.default\extensions\{0538E3E3-7E9B-4d49-8831-A227C80A7AD3} [2010.08.18 22:54:02 | 000,000,000 | ---D | M] (FireShot) -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Firefox\Profiles\dv1sjd5g.default\extensions\{0b457cAA-602d-484a-8fe7-c1d894a011ba} [2009.11.04 11:06:03 | 000,000,000 | ---D | M] (URL Link) -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Firefox\Profiles\dv1sjd5g.default\extensions\{139a120b-c2ea-41d2-bf70-542d9f063dfd} [2007.03.31 01:03:40 | 000,000,000 | ---D | M] (FlashGot) -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Firefox\Profiles\dv1sjd5g.default\extensions\{19503e42-ca3c-4c27-b1e2-9cdb2170ee34}(2) [2008.03.13 21:48:21 | 000,000,000 | ---D | M] (Image Zoom) -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Firefox\Profiles\dv1sjd5g.default\extensions\{1A2D0EC4-75F5-4c91-89C4-3656F6E44B68}(2) [2010.04.30 19:39:30 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Firefox\Profiles\dv1sjd5g.default\extensions\{20a82645-c095-46ed-80e3-08825760534b} [2010.01.29 15:55:11 | 000,000,000 | ---D | M] (MouseZoom) -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Firefox\Profiles\dv1sjd5g.default\extensions\{28FAD68E-4001-48d5-B994-68069F7CFB1D} [2009.11.12 19:20:16 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Firefox\Profiles\dv1sjd5g.default\extensions\{29c4afe1-db19-4298-8785-fcc94d1d6c1d} [2010.09.08 12:27:24 | 000,000,000 | ---D | M] (Minimap Addon) -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Firefox\Profiles\dv1sjd5g.default\extensions\{398e77b8-2304-11dc-8314-0800200c9a66} [2010.03.28 01:15:33 | 000,000,000 | ---D | M] (ScrapBook) -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Firefox\Profiles\dv1sjd5g.default\extensions\{53A03D43-5363-4669-8190-99061B2DEBA5} [2008.10.10 23:42:45 | 000,000,000 | ---D | M] (NoScript) -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Firefox\Profiles\dv1sjd5g.default\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}(2) [2010.08.12 23:42:20 | 000,000,000 | ---D | M] (DictionarySearch) -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Firefox\Profiles\dv1sjd5g.default\extensions\{a0faa0a4-f1a7-4098-9a74-21efc3a92372} [2008.03.02 22:09:45 | 000,000,000 | ---D | M] (DictionarySearch) -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Firefox\Profiles\dv1sjd5g.default\extensions\{a0faa0a4-f1a7-4098-9a74-21efc3a92372}(2) [2010.06.07 15:22:21 | 000,000,000 | ---D | M] (FireFTP) -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Firefox\Profiles\dv1sjd5g.default\extensions\{a7c6cf7f-112c-4500-a7ea-39801a327e5f} [2010.09.01 13:54:51 | 000,000,000 | ---D | M] (Password Exporter) -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Firefox\Profiles\dv1sjd5g.default\extensions\{B17C1C5A-04B1-11DB-9804-B622A1EF5492} [2008.03.13 21:48:20 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Firefox\Profiles\dv1sjd5g.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}(2) [2010.03.12 18:02:26 | 000,000,000 | ---D | M] (Web Developer) -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Firefox\Profiles\dv1sjd5g.default\extensions\{c45c406e-ab73-11d8-be73-000a95be3b12} [2010.09.01 13:54:50 | 000,000,000 | ---D | M] (Download Statusbar) -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Firefox\Profiles\dv1sjd5g.default\extensions\{D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389} [2010.06.23 19:06:15 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Firefox\Profiles\dv1sjd5g.default\extensions\{dc572301-7619-498c-a57d-39143191b318} [2008.10.10 23:42:43 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Firefox\Profiles\dv1sjd5g.default\extensions\{dc572301-7619-498c-a57d-39143191b318}(2) [2010.06.07 15:22:23 | 000,000,000 | ---D | M] (DownThemAll!) -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Firefox\Profiles\dv1sjd5g.default\extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8} [2010.01.23 20:58:38 | 000,000,000 | ---D | M] (Clipmarks) -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Firefox\Profiles\dv1sjd5g.default\extensions\{e1170235-2845-420c-acc3-42261a29dd46} [2010.04.09 17:27:54 | 000,000,000 | ---D | M] (Greasemonkey) -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Firefox\Profiles\dv1sjd5g.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781} [2010.08.18 22:54:05 | 000,000,000 | ---D | M] (ViewSourceWith) -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Firefox\Profiles\dv1sjd5g.default\extensions\{eecba28f-b68b-4b3a-b501-6ce12e6b8696} [2010.09.08 17:56:48 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Firefox\Profiles\dv1sjd5g.default\extensions\de_DE@dicts.j3e.de [2010.02.19 13:03:13 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Firefox\Profiles\dv1sjd5g.default\extensions\de-DE@dictionaries.addons.mozilla.org [2007.10.23 10:03:51 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Firefox\Profiles\dv1sjd5g.default\extensions\en-GB@dictionaries.addons.mozilla.org [2008.03.13 21:48:21 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Firefox\Profiles\dv1sjd5g.default\extensions\en-US@dictionaries.addons.mozilla(2).org [2010.10.01 13:39:51 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Firefox\Profiles\dv1sjd5g.default\extensions\es-es@dictionaries.addons.mozilla.org [2010.01.14 21:47:19 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Firefox\Profiles\dv1sjd5g.default\extensions\fb_add_on@avm.de [2010.05.07 13:38:37 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Firefox\Profiles\dv1sjd5g.default\extensions\firebug@software.joehewitt.com [2010.02.10 22:21:17 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Firefox\Profiles\dv1sjd5g.default\extensions\fr-FR@dictionaries.addons.mozilla.org [2010.09.08 17:56:48 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Firefox\Profiles\dv1sjd5g.default\extensions\fr-moderne@dictionaries.addons.mozilla.org [2010.09.16 14:28:31 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Firefox\Profiles\dv1sjd5g.default\extensions\ietab@ip.cn [2007.10.23 10:03:52 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Firefox\Profiles\dv1sjd5g.default\extensions\it-IT@dictionaries.addons.mozilla.org [2010.09.06 22:42:48 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Firefox\Profiles\dv1sjd5g.default\extensions\metatags@porton.ex-code.com [2010.01.29 15:55:11 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Firefox\Profiles\dv1sjd5g.default\extensions\pagecompare_abk0680@yahoo.com [2010.09.24 19:14:46 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Firefox\Profiles\dv1sjd5g.default\extensions\pt-PT@dictionaries.addons.mozilla.org [2009.04.11 23:26:34 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Firefox\Profiles\dv1sjd5g.default\extensions\savecomplete@perlprogrammer.com [2006.12.11 16:37:49 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Firefox\Profiles\dv1sjd5g.default\extensions\temp [2010.02.10 22:21:16 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Firefox\Profiles\dv1sjd5g.default\extensions\tsvnmenu@pumacode.org [2010.09.24 19:25:08 | 000,001,089 | ---- | M] () -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Firefox\Profiles\dv1sjd5g.default\searchplugins\astalavista.xml [2010.03.05 17:18:24 | 000,002,058 | ---- | M] () -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Firefox\Profiles\dv1sjd5g.default\searchplugins\astalavistams.xml [2006.11.17 20:43:24 | 000,002,088 | ---- | M] () -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Firefox\Profiles\dv1sjd5g.default\searchplugins\flickr-tags.xml [2009.07.02 10:25:13 | 000,001,157 | ---- | M] () -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Firefox\Profiles\dv1sjd5g.default\searchplugins\freedict.xml [2008.05.27 10:18:53 | 000,002,161 | ---- | M] () -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Firefox\Profiles\dv1sjd5g.default\searchplugins\google-deutschland.xml [2006.11.17 20:45:13 | 000,001,679 | ---- | M] () -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Firefox\Profiles\dv1sjd5g.default\searchplugins\imdb.xml [2010.09.24 19:25:08 | 000,002,008 | ---- | M] () -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Firefox\Profiles\dv1sjd5g.default\searchplugins\leo-de-en.xml [2010.09.24 19:25:08 | 000,002,016 | ---- | M] () -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Firefox\Profiles\dv1sjd5g.default\searchplugins\leo-de-es.xml [2010.09.24 19:25:08 | 000,002,020 | ---- | M] () -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Firefox\Profiles\dv1sjd5g.default\searchplugins\leo-de-fr.xml [2008.06.03 11:49:07 | 000,001,082 | ---- | M] () -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Firefox\Profiles\dv1sjd5g.default\searchplugins\lonely-planet-online.xml [2010.09.24 19:25:08 | 000,001,481 | ---- | M] () -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Firefox\Profiles\dv1sjd5g.default\searchplugins\map24de.xml [2008.06.03 11:49:06 | 000,001,317 | ---- | M] () -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Firefox\Profiles\dv1sjd5g.default\searchplugins\wikipedia-en.xml [2010.08.15 16:04:13 | 000,004,140 | ---- | M] () -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Firefox\Profiles\dv1sjd5g.default\searchplugins\youtube.xml O1 HOSTS File: ([2004.08.04 05:00:00 | 000,000,820 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated) O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer) O2 - BHO: (DriveLetterAccess) - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\DLASHX_W.DLL (Sonic Solutions) O2 - BHO: (no name) - {BDF3E430-B101-42AD-A544-FADC6B084872} - No CLSID value found. O3 - HKU\S-1-5-21-999901472-3601035388-3065584919-1005\..\Toolbar\ShellBrowser: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No CLSID value found. O4 - HKLM..\Run: [] File not found O4 - HKLM..\Run: [ACTray] C:\Programme\ThinkPad\ConnectUtilities\ACTray.exe (Lenovo ) O4 - HKLM..\Run: [ACWLIcon] C:\Programme\ThinkPad\ConnectUtilities\ACWLIcon.exe (Lenovo ) O4 - HKLM..\Run: [Adobe ARM] C:\Programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [AppleSyncNotifier] C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe (Apple Inc.) O4 - HKLM..\Run: [avast5] C:\Programme\Alwil Software\Avast5\avastUI.exe (AVAST Software) O4 - HKLM..\Run: [BLOG] C:\Programme\ThinkPad\Utilities\BATLOGEX.DLL () O4 - HKLM..\Run: [BluetoothAuthenticationAgent] C:\WINDOWS\System32\bthprops.cpl (Microsoft Corporation) O4 - HKLM..\Run: [CoolSwitch] C:\WINDOWS\system32\TaskSwitch.exe () O4 - HKLM..\Run: [DLA] C:\WINDOWS\system32\dla\DLACTRLW.EXE (Sonic Solutions) O4 - HKLM..\Run: [EZEJMNAP] C:\Programme\ThinkPad\Utilities\EZEJMNAP.EXE (Lenovo Group Ltd.) O4 - HKLM..\Run: [FinePrint Dispatcher v4] C:\WINDOWS\system32\spool\drivers\w32x86\2\fpdisp4.exe (FinePrint Software, LLC) O4 - HKLM..\Run: [ibmmessages] C:\Programme\IBM\Messages By IBM\ibmmessages.exe (IBM) O4 - HKLM..\Run: [IBMPRC] C:\IBMTOOLS\utils\ibmprc.exe (IBM Corp.) O4 - HKLM..\Run: [ISUSPM Startup] C:\Programme\Gemeinsame Dateien\InstallShield\UpdateService\ISUSPM.exe (InstallShield Software Corporation) O4 - HKLM..\Run: [ISUSScheduler] C:\Programme\Gemeinsame Dateien\InstallShield\UpdateService\issch.exe (InstallShield Software Corporation) O4 - HKLM..\Run: [KernelFaultCheck] File not found O4 - HKLM..\Run: [LogitechCommunicationsManager] C:\Programme\Gemeinsame Dateien\LogiShrd\LComMgr\Communications_Helper.exe (Logitech Inc.) O4 - HKLM..\Run: [LogitechQuickCamRibbon] C:\Programme\Logitech\QuickCam10\QuickCam10.exe () O4 - HKLM..\Run: [Message Center Plus] C:\Programme\LENOVO\Message Center Plus\MCPLaunch.exe () O4 - HKLM..\Run: [Microsoft Works Portfolio] C:\Programme\Microsoft Works\WksSb.exe (Microsoft® Corporation) O4 - HKLM..\Run: [Microsoft Works Update Detection] C:\Programme\Gemeinsame Dateien\Microsoft Shared\Works Shared\WkUFind.exe (Microsoft® Corporation) O4 - HKLM..\Run: [PWRMGRTR] C:\Programme\ThinkPad\Utilities\PWRMGRTR.DLL (Lenovo Group Limited) O4 - HKLM..\Run: [RemoteControl] C:\Programme\Home Cinema\PowerDVD\PDVDServ.exe (Cyberlink Corp.) O4 - HKLM..\Run: [SmcService] C:\Programme\Sygate\SPF\Smc.exe (Sygate Technologies, Inc.) O4 - HKLM..\Run: [snp2std] C:\WINDOWS\vsnp2std.exe (Sonix) O4 - HKLM..\Run: [SoundMAX] C:\Programme\Analog Devices\SoundMAX\Smax4.exe (Analog Devices, Inc.) O4 - HKLM..\Run: [SoundMAXPnP] C:\Programme\Analog Devices\SoundMAX\SMax4PNP.exe (Analog Devices, Inc.) O4 - HKLM..\Run: [StartCCC] C:\Programme\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.) O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe (Sun Microsystems, Inc.) O4 - HKLM..\Run: [SynTPLpr] C:\Programme\Synaptics\SynTP\SynTPLpr.exe (Synaptics Incorporated) O4 - HKLM..\Run: [TkBellExe] C:\Programme\Gemeinsame Dateien\Real\Update_OB\realsched.exe (RealNetworks, Inc.) O4 - HKLM..\Run: [TortoiseHgOverlayIconServer] C:\Programme\TortoiseHg\TortoiseHgOverlayServer.exe () O4 - HKLM..\Run: [TP4EX] C:\WINDOWS\System32\TP4EX.exe (Lenovo Group Limited) O4 - HKLM..\Run: [TPHOTKEY] C:\Programme\Lenovo\HOTKEY\TPOSDSVC.exe (Lenovo Group Limited) O4 - HKLM..\Run: [TPKBDLED] C:\WINDOWS\system32\TpScrLk.exe () O4 - HKLM..\Run: [TPKMAPHELPER] C:\Programme\ThinkPad\Utilities\TpKmapAp.exe (IBM Corp.) O4 - HKLM..\Run: [TPP Auto Loader] C:\WINDOWS\tppaldr.exe (In-System Design, Inc.) O4 - HKLM..\Run: [TpShocks] C:\WINDOWS\System32\TpShocks.exe (Lenovo.) O4 - HKLM..\Run: [tsnp2std] C:\WINDOWS\tsnp2std.exe (SONIX) O4 - HKLM..\Run: [TVT Scheduler Proxy] C:\Programme\Gemeinsame Dateien\Lenovo\Scheduler\scheduler_proxy.exe (Lenovo Group Limited) O4 - HKU\S-1-5-21-999901472-3601035388-3065584919-1005..\Run: [AVMUSBFernanschluss] C:\Dokumente und Einstellungen\***\Lokale Einstellungen\Apps\2.0\CDYO31ZO.VG2\OEZVKJ02.55X\frit..tion_f8d772dfbb3f7453_0002.0001_0db5bf169ed5c0c1\AVMAutoStart.exe (AVM Berlin) O4 - HKU\S-1-5-21-999901472-3601035388-3065584919-1005..\Run: [IBM RecordNow!] C:\Programme\IBM\Messages By IBM\ibmmessages.exe (IBM) O4 - HKU\S-1-5-21-999901472-3601035388-3065584919-1005..\Run: [ibmmessages] C:\Programme\IBM\Messages By IBM\ibmmessages.exe (IBM) O4 - HKU\S-1-5-21-999901472-3601035388-3065584919-1005..\Run: [Microsoft Works Update Detection] C:\Programme\Microsoft Works\WkDetect.exe File not found O4 - HKU\.DEFAULT..\RunOnce: [IETI] C:\Programme\Skype\Phone\IEPlugin\unins000.exe File not found O4 - HKU\.DEFAULT..\RunOnce: [WUAppSetup] C:\Programme\Gemeinsame Dateien\logishrd\WUApp32.exe -v 0x046d -p 0x08c3 -f video -m logitech -d 11.0.0.1217 File not found O4 - HKU\S-1-5-18..\RunOnce: [IETI] C:\Programme\Skype\Phone\IEPlugin\unins000.exe File not found O4 - HKU\S-1-5-18..\RunOnce: [WUAppSetup] C:\Programme\Gemeinsame Dateien\logishrd\WUApp32.exe -v 0x046d -p 0x08c3 -f video -m logitech -d 11.0.0.1217 File not found O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\BTTray.lnk = C:\Programme\ThinkPad\Bluetooth Software\BTTray.exe (Broadcom Corporation.) O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\Digital Line Detect.lnk = C:\Program Files\Digital Line Detect\DLG.exe (BVRP Software) O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\EPSON SMART PANEL.lnk = C:\Programme\EPSON\SMART PANEL\SmaPanel.exe (NewSoft) O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\EPSON Status Monitor 3 Environment Check.lnk = C:\WINDOWS\system32\spool\drivers\w32x86\3\E_SRCV03.EXE (SEIKO EPSON CORPORATION) O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\Erinnerungen in Microsoft Works-Kalender.lnk = C:\Programme\Gemeinsame Dateien\Microsoft Shared\Works Shared\WkCalRem.exe (Microsoft® Corporation) O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\Fax-Controller.lnk = C:\Programme\EPSON\SMART PANEL\faxicore.exe (NewSoft Technology Corporation) O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\Telefonverbindungsmonitor.lnk = C:\Programme\Sony Ericsson\Mobile\audevicemgr.exe (Teleca Software Solutions AB) O4 - Startup: C:\Dokumente und Einstellungen\***\Startmenü\Programme\Autostart\FRITZ!DSL Protect.lnk = C:\Programme\FRITZ!DSL\FwebProt.exe (AVM Berlin) O4 - Startup: C:\Dokumente und Einstellungen\***\Startmenü\Programme\Autostart\FRITZ!DSL Startcenter.lnk = C:\Programme\FRITZ!DSL\StCenter.exe (AVM Berlin) O4 - Startup: C:\Dokumente und Einstellungen\***\Startmenü\Programme\Autostart\HotSync Manager.lnk = C:\Programme\Palm\Handspring\HOTSYNC.EXE (Palm, Inc.) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0 O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 91 00 00 00 [binary data] O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 91 00 00 00 [binary data] O7 - HKU\S-1-5-21-999901472-3601035388-3065584919-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O8 - Extra context menu item: Senden an &Bluetooth-Gerät... - C:\Programme\ThinkPad\Bluetooth Software\btsendto_ie_ctx.htm () O8 - Extra context menu item: Senden an Bluetooth - C:\Programme\ThinkPad\Bluetooth Software\btsendto_ie.htm () O9 - Extra Button: Run WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Programme\WinHTTrack\WinHTTrackIEBar.dll () O9 - Extra 'Tools' menuitem : Launch WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Programme\WinHTTrack\WinHTTrackIEBar.dll () O9 - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\ThinkPad\Bluetooth Software\btsendto_ie.htm () O9 - Extra 'Tools' menuitem : @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\ThinkPad\Bluetooth Software\btsendto_ie.htm () O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Programme\FRITZ!DSL\\sarah.dll () O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Programme\FRITZ!DSL\sarah.dll (AVM Berlin) O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Programme\FRITZ!DSL\sarah.dll (AVM Berlin) O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Programme\FRITZ!DSL\sarah.dll (AVM Berlin) O10 - Protocol_Catalog9\Catalog_Entries\000000000037 - C:\Programme\FRITZ!DSL\sarah.dll (AVM Berlin) O15 - HKU\S-1-5-21-999901472-3601035388-3065584919-1005\..Trusted Domains: fritz.box ([]* in Lokales Intranet) O15 - HKU\S-1-5-21-999901472-3601035388-3065584919-1005\..Trusted Ranges: Range1 ([*] in Lokales Intranet) O16 - DPF: {106E49CF-797A-11D2-81A2-00E02C015623} hxxp://www.alternatiff.com/install-ie/alttiff.cab (AlternaTIFF ActiveX) O16 - DPF: {15A7CF10-CB3E-4265-8779-9FD22619E8ED} hxxp://192.168.1.205/XPanel.cab (XPanel Class) O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} hxxp://go.microsoft.com/fwlink/?linkid=39204 (Windows Genuine Advantage Validation Tool) O16 - DPF: {2DAD3559-2923-4935-AD49-B673D2539944} hxxp://www-307.ibm.com/pc/support/acpir.cab (IASRunner Class) O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} hxxp://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1164927521531 (MUWebControl Class) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21) O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} hxxp://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab (Reg Error: Key error.) O16 - DPF: {CAFEEFAC-0014-0002-0000-ABCDEFFEDCBA} hxxp://java.sun.com/products/plugin/1.4.2/jinstall-142-win.cab (Reg Error: Key error.) O16 - DPF: {CAFEEFAC-0015-0000-0010-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_10-windows-i586.cab (Reg Error: Key error.) O16 - DPF: {CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0-windows-i586.cab (Reg Error: Key error.) O16 - DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21) O16 - DPF: {F74959B0-1779-472E-BE6E-3023E1DBEC73} hxxp://192.168.1.205/XInit.cab (Reg Error: Key error.) O16 - DPF: Microsoft XML Parser for Java file://C:\WINDOWS\Java\classes\xmldso.cab (Reg Error: Key error.) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1 O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll (Microsoft Corporation) O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll (Microsoft Corporation) O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll (Microsoft Corporation) O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll (Microsoft Corporation) O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll (Microsoft Corporation) O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation) O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Gemeinsame Dateien\Skype\Skype4COM.dll (Skype Technologies) O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O20 - Winlogon\Notify\ACNotify: DllName - ACNotify.dll - C:\Programme\ThinkPad\ConnectUtilities\ACNotify.dll (Lenovo ) O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.) O20 - Winlogon\Notify\tpfnf2: DllName - C:\Programme\Lenovo\HOTKEY\notifyf2.dll - C:\Programme\Lenovo\HOTKEY\notifyf2.dll () O20 - Winlogon\Notify\tphotkey: DllName - C:\Programme\Lenovo\HOTKEY\tphklock.dll - C:\Programme\Lenovo\HOTKEY\tphklock.dll () O24 - Desktop Components:0 (Die derzeitige Homepage) - About:Home O24 - Desktop WallPaper: C:\Dokumente und Einstellungen\***\Lokale Einstellungen\Anwendungsdaten\Microsoft\Wallpaper1.bmp O24 - Desktop BackupWallPaper: C:\Dokumente und Einstellungen\***\Lokale Einstellungen\Anwendungsdaten\Microsoft\Wallpaper1.bmp O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2006.09.27 10:02:05 | 000,000,000 | -H-- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O32 - AutoRun File - [2003.10.20 15:35:04 | 000,000,042 | ---- | M] () - F:\autoexec.rod -- [ FAT32 ] O32 - AutoRun File - [2003.10.20 15:35:04 | 000,000,042 | ---- | M] () - F:\AUTOEXEC.BAT -- [ FAT32 ] O32 - AutoRun File - [2003.10.20 15:35:04 | 000,000,042 | ---- | M] () - F:\AUTOEXEC.ICR -- [ FAT32 ] O32 - AutoRun File - [2003.10.20 15:35:04 | 000,000,042 | ---- | M] () - G:\autoexec.rod -- [ FAT32 ] O32 - AutoRun File - [2003.10.20 15:35:04 | 000,000,042 | ---- | M] () - G:\AUTOEXEC.BAT -- [ FAT32 ] O32 - AutoRun File - [2003.10.20 15:35:04 | 000,000,042 | ---- | M] () - G:\AUTOEXEC.ICR -- [ FAT32 ] O33 - MountPoints2\{12570190-b56a-11dc-ab3d-000e9bda3b35}\Shell - "" = AutoRun O33 - MountPoints2\{12570190-b56a-11dc-ab3d-000e9bda3b35}\Shell\AutoRun - "" = Auto&Play O33 - MountPoints2\{12570190-b56a-11dc-ab3d-000e9bda3b35}\Shell\AutoRun\command - "" = F:\pushinst.exe -- File not found O33 - MountPoints2\{91a2d536-d712-11db-aaea-000e9bda3b35}\Shell - "" = AutoRun O33 - MountPoints2\{91a2d536-d712-11db-aaea-000e9bda3b35}\Shell\AutoRun - "" = Auto&Play O33 - MountPoints2\{91a2d536-d712-11db-aaea-000e9bda3b35}\Shell\AutoRun\command - "" = F:\LaunchU3.exe -- File not found O33 - MountPoints2\{91a2d537-d712-11db-aaea-000e9bda3b35}\Shell\AutoRun\command - "" = G:\PortableApps\PortableAppsMenu\PortableAppsMenu.exe -- File not found O33 - MountPoints2\{f4f57244-35da-11de-9605-00505b002aa8}\Shell - "" = AutoRun O33 - MountPoints2\{f4f57244-35da-11de-9605-00505b002aa8}\Shell\AutoRun - "" = Auto&Play O33 - MountPoints2\{f4f57244-35da-11de-9605-00505b002aa8}\Shell\AutoRun\command - "" = H:\LaunchU3.exe -- File not found O34 - HKLM BootExecute: (autocheck autochk *) - File not found O34 - HKLM BootExecute: (pgdfgsvc c 1) - C:\WINDOWS\System32\pgdfgsvc.exe (Sysinternals - www.sysinternals.com) O34 - HKLM BootExecute: (lsdelete) - C:\WINDOWS\System32\lsdelete.exe () O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* ========== Files/Folders - Created Within 30 Days ========== [2010.09.16 18:36:50 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Malwarebytes [2010.09.16 18:36:33 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys [2010.09.16 18:36:31 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys [2010.09.16 18:36:31 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Malwarebytes [2010.09.16 18:36:30 | 000,000,000 | ---D | C] -- C:\Programme\Malwarebytes' Anti-Malware [2010.09.09 01:36:21 | 000,165,584 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSP.sys [2010.09.09 01:36:21 | 000,017,744 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys [2010.09.09 01:36:20 | 000,023,376 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys [2010.09.09 01:36:19 | 000,046,672 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys [2010.09.09 01:36:18 | 000,100,176 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys [2010.09.09 01:36:18 | 000,094,544 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon.sys [2010.09.09 01:36:17 | 000,028,880 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys [2010.09.09 01:36:05 | 000,167,592 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\aswBoot.exe [2010.09.09 01:36:05 | 000,038,848 | ---- | C] (AVAST Software) -- C:\WINDOWS\avastSS.scr [2010.09.09 01:35:57 | 000,000,000 | ---D | C] -- C:\Programme\Alwil Software [2010.09.09 01:35:57 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Alwil Software [2010.09.08 11:17:46 | 000,094,208 | ---- | C] (Apple Inc.) -- C:\WINDOWS\System32\QuickTimeVR.qtx [2010.09.08 11:17:46 | 000,069,632 | ---- | C] (Apple Inc.) -- C:\WINDOWS\System32\QuickTime.qts [2010.09.07 00:34:37 | 000,000,000 | ---D | C] -- C:\Programme\Gemeinsame Dateien\xing shared [2010.09.07 00:01:40 | 000,153,376 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe [2010.09.07 00:01:40 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe [2010.09.07 00:01:40 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe [2007.12.13 22:41:16 | 000,151,552 | ---- | C] ( ) -- C:\WINDOWS\System32\rsnp2std.dll [2007.12.13 22:41:14 | 000,077,824 | ---- | C] ( ) -- C:\WINDOWS\System32\csnp2std.dll [2006.11.14 01:13:40 | 000,021,866 | ---- | C] (In-System Design, Inc.) -- C:\Programme\Gemeinsame Dateien\tppupd2k.dll [2004.11.24 21:25:52 | 000,335,872 | ---- | C] ( ) -- C:\WINDOWS\System32\drvc.dll [7 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [4 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2010.10.01 13:47:00 | 000,001,082 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job [2010.09.30 22:49:19 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT [2010.09.30 22:47:16 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2010.09.30 22:47:06 | 2145,832,960 | -HS- | M] () -- C:\hiberfil.sys [2010.09.30 20:31:58 | 000,000,300 | -HS- | M] () -- C:\Dokumente und Einstellungen\***\ntuser.ini [2010.09.30 20:31:34 | 001,445,318 | -H-- | M] () -- C:\Dokumente und Einstellungen\***\Lokale Einstellungen\Anwendungsdaten\IconCache.db [2010.09.30 20:09:02 | 000,000,276 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job [2010.09.30 20:01:24 | 000,000,296 | ---- | M] () -- C:\WINDOWS\tasks\PMTask.job [2010.09.30 20:00:58 | 000,002,278 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2010.09.29 22:47:00 | 000,001,078 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job [2010.09.29 10:09:09 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat [2010.09.28 21:47:58 | 015,990,784 | ---- | M] () -- C:\Dokumente und Einstellungen\***\ntuser.dat [2010.09.28 21:46:38 | 000,000,266 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-999901472-3601035388-3065584919-1005.job [2010.09.28 21:46:37 | 000,000,274 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-999901472-3601035388-3065584919-1005.job [2010.09.20 19:45:17 | 000,001,797 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Logitech QuickCam.lnk [2010.09.15 23:05:35 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK [2010.09.09 01:36:22 | 000,001,672 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\avast! Free Antivirus.lnk [2010.09.09 01:36:18 | 000,003,002 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT [2010.09.08 11:17:46 | 000,094,208 | ---- | M] (Apple Inc.) -- C:\WINDOWS\System32\QuickTimeVR.qtx [2010.09.08 11:17:46 | 000,069,632 | ---- | M] (Apple Inc.) -- C:\WINDOWS\System32\QuickTime.qts [2010.09.07 17:12:17 | 000,038,848 | ---- | M] (AVAST Software) -- C:\WINDOWS\avastSS.scr [2010.09.07 17:11:54 | 000,167,592 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\aswBoot.exe [2010.09.07 16:52:25 | 000,046,672 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys [2010.09.07 16:52:03 | 000,165,584 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSP.sys [2010.09.07 16:47:46 | 000,023,376 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys [2010.09.07 16:47:19 | 000,100,176 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys [2010.09.07 16:47:16 | 000,094,544 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon.sys [2010.09.07 16:47:07 | 000,017,744 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys [2010.09.07 16:46:51 | 000,028,880 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys [2010.09.07 00:35:47 | 000,000,821 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\RealPlayer SP.lnk [2010.09.07 00:35:17 | 000,185,920 | ---- | M] (RealNetworks, Inc.) -- C:\WINDOWS\System32\rmoc3260.dll [2010.09.07 00:34:54 | 000,006,656 | ---- | M] (RealNetworks, Inc.) -- C:\WINDOWS\System32\pndx5016.dll [2010.09.07 00:34:54 | 000,005,632 | ---- | M] (RealNetworks, Inc.) -- C:\WINDOWS\System32\pndx5032.dll [2010.09.07 00:33:10 | 000,278,528 | ---- | M] (Real Networks, Inc) -- C:\WINDOWS\System32\pncrt.dll [2010.09.07 00:10:45 | 000,001,717 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Adobe Reader 9.lnk [2010.09.02 00:07:28 | 000,168,088 | ---- | M] () -- C:\Dokumente und Einstellungen\***\Lokale Einstellungen\Anwendungsdaten\GDIPFONTCACHEV1.DAT [2010.09.02 00:04:08 | 000,505,008 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2010.09.01 22:37:21 | 000,000,699 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\VLC media player.lnk [7 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [4 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] ========== Files Created - No Company Name ========== [2010.09.09 01:36:22 | 000,001,672 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\avast! Free Antivirus.lnk [2010.09.07 00:35:47 | 000,000,821 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\RealPlayer SP.lnk [2010.09.01 22:37:21 | 000,000,699 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\VLC media player.lnk [2010.04.13 21:40:03 | 000,014,848 | ---- | C] () -- C:\WINDOWS\System32\EuEpmGdi.dll [2010.04.13 21:40:03 | 000,013,192 | ---- | C] () -- C:\WINDOWS\System32\epmntdrv.sys [2010.04.13 21:40:03 | 000,008,456 | ---- | C] () -- C:\WINDOWS\System32\EuGdiDrv.sys [2010.04.12 01:17:54 | 000,000,600 | ---- | C] () -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\winscp.rnd [2009.10.21 03:54:22 | 000,007,168 | ---- | C] () -- C:\WINDOWS\System32\drivers\StarOpen.sys [2009.10.17 01:55:02 | 000,000,000 | ---- | C] () -- C:\WINDOWS\QuickInstall.INI [2009.10.06 09:11:50 | 000,091,648 | ---- | C] () -- C:\WINDOWS\System32\lua5.1a.dll [2009.04.11 21:25:54 | 000,721,904 | ---- | C] () -- C:\WINDOWS\System32\drivers\sptd.sys [2008.12.19 18:51:56 | 000,000,734 | ---- | C] () -- C:\WINDOWS\wiso.ini [2008.11.19 17:39:26 | 000,000,011 | ---- | C] () -- C:\WINDOWS\cmvpt32.ini [2008.11.19 17:38:46 | 000,884,736 | ---- | C] () -- C:\WINDOWS\System32\libeay32.dll [2008.11.19 17:38:46 | 000,163,840 | ---- | C] () -- C:\WINDOWS\System32\SSLeay32.dll [2008.11.19 10:53:59 | 000,109,568 | ---- | C] () -- C:\WINDOWS\System32\GCL52FW.DLL [2008.11.19 10:48:43 | 000,204,800 | ---- | C] () -- C:\WINDOWS\System32\Cmpnl32.dll [2008.11.19 10:48:43 | 000,118,784 | ---- | C] () -- C:\WINDOWS\System32\GCL52FWZ.DLL [2008.11.19 10:48:42 | 000,102,400 | ---- | C] () -- C:\WINDOWS\System32\CMUpdate.dll [2008.03.20 23:39:08 | 000,000,030 | ---- | C] () -- C:\Programme\Exiferupdate.ini [2008.03.03 00:55:21 | 000,661,504 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll [2008.03.03 00:55:21 | 000,221,184 | ---- | C] () -- C:\WINDOWS\System32\ff_kernelDeint.dll [2008.03.03 00:55:21 | 000,200,704 | ---- | C] () -- C:\WINDOWS\System32\TomsMoComp_ff.dll [2008.03.03 00:55:21 | 000,126,976 | ---- | C] () -- C:\WINDOWS\System32\libmpeg2_ff.dll [2008.03.03 00:55:21 | 000,006,656 | ---- | C] () -- C:\WINDOWS\System32\ffavisynth.dll [2008.03.03 00:55:20 | 000,397,312 | ---- | C] () -- C:\WINDOWS\System32\ff_libfaad2.dll [2008.03.03 00:55:20 | 000,172,032 | ---- | C] () -- C:\WINDOWS\System32\ff_libdts.dll [2008.03.03 00:55:20 | 000,143,360 | ---- | C] () -- C:\WINDOWS\System32\ff_libmad.dll [2008.03.03 00:55:20 | 000,135,168 | ---- | C] () -- C:\WINDOWS\System32\ff_samplerate.dll [2008.03.03 00:55:20 | 000,118,784 | ---- | C] () -- C:\WINDOWS\System32\ff_realaac.dll [2008.03.03 00:55:20 | 000,102,912 | ---- | C] () -- C:\WINDOWS\System32\ff_tremor.dll [2008.03.03 00:55:20 | 000,056,832 | ---- | C] () -- C:\WINDOWS\System32\ff_unrar.dll [2008.03.03 00:55:20 | 000,054,784 | ---- | C] () -- C:\WINDOWS\System32\ff_liba52.dll [2008.02.14 14:55:42 | 000,000,032 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\ezsid.dat [2008.01.14 20:50:44 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\ZSubTimer.dll [2008.01.10 13:40:29 | 000,015,360 | ---- | C] () -- C:\WINDOWS\System32\evntmsg.dll [2008.01.04 16:13:58 | 000,073,728 | ---- | C] () -- C:\WINDOWS\System32\DEVMAN.DLL [2007.12.24 13:47:52 | 000,007,680 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll [2007.12.24 13:40:26 | 000,405,504 | ---- | C] () -- C:\WINDOWS\System32\libmplayer.dll [2007.12.23 14:00:00 | 000,147,456 | ---- | C] () -- C:\WINDOWS\System32\Merge7z444.dll [2007.12.23 14:00:00 | 000,147,456 | ---- | C] () -- C:\WINDOWS\System32\Merge7z443.dll [2007.12.23 14:00:00 | 000,147,456 | ---- | C] () -- C:\WINDOWS\System32\Merge7z442.dll [2007.12.23 14:00:00 | 000,147,456 | ---- | C] () -- C:\WINDOWS\System32\Merge7z440.dll [2007.12.23 14:00:00 | 000,147,456 | ---- | C] () -- C:\WINDOWS\System32\Merge7z439.dll [2007.12.23 14:00:00 | 000,147,456 | ---- | C] () -- C:\WINDOWS\System32\Merge7z438.dll [2007.12.23 14:00:00 | 000,147,456 | ---- | C] () -- C:\WINDOWS\System32\Merge7z437.dll [2007.12.23 14:00:00 | 000,147,456 | ---- | C] () -- C:\WINDOWS\System32\Merge7z436.dll [2007.12.23 14:00:00 | 000,147,456 | ---- | C] () -- C:\WINDOWS\System32\Merge7z435.dll [2007.12.23 14:00:00 | 000,147,456 | ---- | C] () -- C:\WINDOWS\System32\Merge7z434.dll [2007.12.23 14:00:00 | 000,147,456 | ---- | C] () -- C:\WINDOWS\System32\Merge7z433.dll [2007.12.23 14:00:00 | 000,147,456 | ---- | C] () -- C:\WINDOWS\System32\Merge7z432.dll [2007.12.23 14:00:00 | 000,143,360 | ---- | C] () -- C:\WINDOWS\System32\Merge7z444U.dll [2007.12.23 14:00:00 | 000,143,360 | ---- | C] () -- C:\WINDOWS\System32\Merge7z443U.dll [2007.12.23 14:00:00 | 000,143,360 | ---- | C] () -- C:\WINDOWS\System32\Merge7z442U.dll [2007.12.23 14:00:00 | 000,143,360 | ---- | C] () -- C:\WINDOWS\System32\Merge7z440U.dll [2007.12.23 14:00:00 | 000,143,360 | ---- | C] () -- C:\WINDOWS\System32\Merge7z439U.dll [2007.12.23 14:00:00 | 000,143,360 | ---- | C] () -- C:\WINDOWS\System32\Merge7z438U.dll [2007.12.23 14:00:00 | 000,143,360 | ---- | C] () -- C:\WINDOWS\System32\Merge7z437U.dll [2007.12.23 14:00:00 | 000,143,360 | ---- | C] () -- C:\WINDOWS\System32\Merge7z436U.dll [2007.12.23 14:00:00 | 000,143,360 | ---- | C] () -- C:\WINDOWS\System32\Merge7z435U.dll [2007.12.23 14:00:00 | 000,143,360 | ---- | C] () -- C:\WINDOWS\System32\Merge7z434U.dll [2007.12.23 14:00:00 | 000,143,360 | ---- | C] () -- C:\WINDOWS\System32\Merge7z433U.dll [2007.12.23 14:00:00 | 000,143,360 | ---- | C] () -- C:\WINDOWS\System32\Merge7z432U.dll [2007.12.22 22:02:50 | 000,188,416 | ---- | C] () -- C:\WINDOWS\System32\ff_theora.dll [2007.12.22 21:27:22 | 003,138,048 | ---- | C] () -- C:\WINDOWS\System32\libavcodec.dll [2007.12.13 22:41:22 | 000,015,497 | ---- | C] () -- C:\WINDOWS\snp2std.ini [2007.12.13 22:41:20 | 000,025,472 | ---- | C] () -- C:\WINDOWS\System32\drivers\sncamd.sys [2007.12.13 22:41:19 | 012,039,552 | ---- | C] () -- C:\WINDOWS\System32\drivers\snp2sxp.sys [2007.12.13 19:18:03 | 000,000,719 | R--- | C] () -- C:\WINDOWS\System32\InstExec.ini [2007.12.13 19:17:25 | 000,057,126 | ---- | C] () -- C:\WINDOWS\System32\lvcoinst.ini [2007.12.07 16:15:39 | 000,001,260 | ---- | C] () -- C:\WINDOWS\_delis32.ini [2007.12.03 16:34:32 | 000,026,624 | ---- | C] () -- C:\WINDOWS\System32\ff_wmv9.dll [2007.12.01 13:43:30 | 000,541,696 | ---- | C] () -- C:\WINDOWS\System32\ff_x264.dll [2007.11.29 12:52:36 | 000,000,547 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll.manifest [2007.11.26 16:56:04 | 002,842,624 | ---- | C] () -- C:\WINDOWS\System32\btwicons.dll [2007.11.26 16:43:48 | 000,077,824 | ---- | C] () -- C:\WINDOWS\System32\btprn2k.dll [2007.09.04 23:56:09 | 000,363,520 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll [2007.09.04 23:44:27 | 000,198,144 | ---- | C] () -- C:\WINDOWS\System32\_psisdecd.dll [2007.02.27 18:12:06 | 000,143,360 | ---- | C] () -- C:\WINDOWS\System32\USBaccess.dll [2007.02.06 18:45:04 | 000,025,632 | ---- | C] () -- C:\WINDOWS\System32\drivers\LVPr2Mon.sys [2007.02.06 18:42:40 | 001,691,808 | ---- | C] () -- C:\WINDOWS\System32\drivers\Lvckap.sys [2007.01.29 00:03:03 | 000,000,000 | ---- | C] () -- C:\WINDOWS\IROTVIEW.INI [2007.01.28 21:23:40 | 000,000,275 | ---- | C] () -- C:\WINDOWS\ddespy.ini [2007.01.10 14:00:41 | 000,001,571 | ---- | C] () -- C:\WINDOWS\Faxcpp1.ini [2007.01.10 14:00:41 | 000,000,422 | ---- | C] () -- C:\WINDOWS\Faxcpp.ini [2007.01.10 12:52:58 | 000,000,029 | ---- | C] () -- C:\WINDOWS\DEBUGSM.INI [2006.12.30 20:09:45 | 000,000,240 | ---- | C] () -- C:\WINDOWS\BUHL.INI [2006.12.24 23:39:33 | 000,000,040 | ---- | C] () -- C:\WINDOWS\iltwain.ini [2006.12.24 22:11:08 | 000,000,754 | ---- | C] () -- C:\WINDOWS\WORDPAD.INI [2006.12.21 02:21:58 | 000,144,656 | ---- | C] () -- C:\WINDOWS\System32\FAMCOM.dll [2006.12.20 22:10:03 | 000,044,544 | ---- | C] () -- C:\WINDOWS\System32\Gif89.dll [2006.12.19 18:39:09 | 000,110,642 | ---- | C] () -- C:\WINDOWS\System32\pdfmona.dll [2006.12.19 18:39:09 | 000,043,252 | ---- | C] () -- C:\WINDOWS\System32\pdfmon.dll [2006.12.09 02:04:03 | 000,000,687 | ---- | C] () -- C:\WINDOWS\cdplayer.ini [2006.11.30 22:27:01 | 000,000,000 | ---- | C] () -- C:\WINDOWS\FoneSync.INI [2006.11.30 18:30:30 | 000,000,126 | ---- | C] () -- C:\WINDOWS\mdm.ini [2006.11.30 17:45:46 | 000,000,037 | ---- | C] () -- C:\WINDOWS\Viewer.ini [2006.11.30 17:38:48 | 000,000,151 | ---- | C] () -- C:\WINDOWS\ccard100.ini [2006.11.30 17:37:13 | 000,007,901 | ---- | C] () -- C:\WINDOWS\MSACC20.INI [2006.11.30 17:30:38 | 000,001,245 | ---- | C] () -- C:\WINDOWS\ODBC.INI [2006.11.30 17:30:38 | 000,000,061 | ---- | C] () -- C:\WINDOWS\odbcisam.ini [2006.11.30 17:30:37 | 000,000,914 | ---- | C] () -- C:\WINDOWS\MSOFFICE.INI [2006.11.30 17:30:29 | 000,000,124 | ---- | C] () -- C:\WINDOWS\GRAPH5.INI [2006.11.30 17:30:21 | 000,002,640 | ---- | C] () -- C:\WINDOWS\WINWORD6.INI [2006.11.30 17:30:18 | 000,000,329 | ---- | C] () -- C:\WINDOWS\EXCEL5.INI [2006.11.30 17:30:17 | 000,000,239 | ---- | C] () -- C:\WINDOWS\Winhelp.ini [2006.11.30 17:30:17 | 000,000,110 | ---- | C] () -- C:\WINDOWS\msquery.ini [2006.11.30 17:30:08 | 000,000,535 | ---- | C] () -- C:\WINDOWS\MSTXTCNV.INI [2006.11.30 17:30:06 | 000,002,122 | ---- | C] () -- C:\WINDOWS\MSFNTMAP.INI [2006.11.30 17:30:06 | 000,000,280 | ---- | C] () -- C:\WINDOWS\TTEMBED.INI [2006.11.30 15:01:49 | 000,000,266 | ---- | C] () -- C:\WINDOWS\VISITE.INI [2006.11.30 15:00:13 | 000,005,230 | ---- | C] () -- C:\WINDOWS\TOPDRAW.INI [2006.11.30 14:26:24 | 000,112,688 | ---- | C] () -- C:\WINDOWS\System32\shw32.dll [2006.11.29 18:34:56 | 000,000,044 | ---- | C] () -- C:\WINDOWS\SMWizard.INI [2006.11.16 23:01:57 | 000,003,776 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini [2006.11.14 02:05:27 | 000,000,038 | ---- | C] () -- C:\WINDOWS\AviSplitter.INI [2006.11.13 00:24:27 | 000,015,576 | R--- | C] () -- C:\WINDOWS\System32\drivers\usbbc.sys [2006.11.13 00:24:27 | 000,003,953 | R--- | C] () -- C:\WINDOWS\System32\coinst.dll [2006.11.10 23:55:40 | 000,096,768 | ---- | C] () -- C:\WINDOWS\SlantAdj.dll [2006.10.11 12:18:40 | 000,078,336 | ---- | C] () -- C:\Dokumente und Einstellungen\***\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2006.10.10 09:46:17 | 000,003,252 | ---- | C] () -- C:\WINDOWS\System32\drivers\PQNTDRV.SYS [2006.10.10 04:14:04 | 000,000,092 | ---- | C] () -- C:\WINDOWS\System32\ftdiun2k.ini [2006.09.27 10:01:53 | 000,000,136 | ---- | C] () -- C:\Dokumente und Einstellungen\***\Lokale Einstellungen\Anwendungsdaten\fusioncache.dat [2006.09.26 01:14:35 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini [2006.09.26 01:13:47 | 000,004,442 | ---- | C] () -- C:\WINDOWS\System32\drivers\TPPWRIF.SYS [2006.09.26 01:10:01 | 000,028,672 | ---- | C] () -- C:\WINDOWS\System32\JAWTAccessBridge.dll [2006.09.26 01:09:38 | 000,086,016 | ---- | C] () -- C:\WINDOWS\System32\PcdrKernelModeServices.dll [2006.09.26 01:09:38 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\ProgressTrace.dll [2006.09.26 01:09:10 | 000,004,224 | ---- | C] () -- C:\WINDOWS\System32\drivers\IBMBLDID.sys [2006.09.26 01:02:33 | 000,204,800 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeW7.dll [2006.09.26 01:02:33 | 000,200,704 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeA6.dll [2006.09.26 01:02:33 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeP6.dll [2006.09.26 01:02:33 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeM6.dll [2006.09.26 01:02:33 | 000,188,416 | ---- | C] () -- C:\WINDOWS\System32\IVIresizePX.dll [2006.09.26 01:02:33 | 000,020,480 | ---- | C] () -- C:\WINDOWS\System32\IVIresize.dll [2006.09.26 01:02:00 | 000,000,642 | ---- | C] () -- C:\WINDOWS\wininit.ini [2006.09.26 00:53:24 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\FPCALL.dll [2006.09.26 00:53:07 | 000,007,168 | ---- | C] () -- C:\WINDOWS\System32\drivers\TSMAPIP.SYS [2006.09.26 00:50:44 | 000,009,343 | ---- | C] () -- C:\WINDOWS\System32\drivers\TDSMAPI.SYS [2006.09.26 00:39:34 | 000,002,458 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI [2006.09.26 00:32:23 | 000,024,576 | ---- | C] () -- C:\WINDOWS\System32\tphklock.dll [2006.06.09 11:43:28 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini [2005.09.01 14:11:52 | 000,016,768 | ---- | C] () -- C:\WINDOWS\System32\drivers\LVPrcMon.sys [2005.07.06 00:45:08 | 000,028,672 | ---- | C] () -- C:\WINDOWS\System32\notifyf2.dll [2005.02.17 12:41:32 | 000,000,603 | ---- | C] () -- C:\WINDOWS\System32\BTNeighborhood.dll.manifest [2005.02.17 12:41:30 | 000,000,593 | ---- | C] () -- C:\WINDOWS\System32\btcss.dll.manifest [2004.12.16 03:41:58 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\pwdmon.dll [2004.12.16 03:41:58 | 000,019,853 | ---- | C] () -- C:\WINDOWS\ibmprc.ini [2004.10.15 19:31:56 | 000,218,264 | ---- | C] () -- C:\WINDOWS\System32\SetAid.dll [2004.10.03 19:50:54 | 000,129,024 | ---- | C] () -- C:\WINDOWS\System32\ff_mpeg2enc.dll [2004.08.10 13:48:32 | 000,000,849 | ---- | C] () -- C:\WINDOWS\orun32.ini [2004.01.09 06:10:32 | 000,143,360 | ---- | C] () -- C:\WINDOWS\System32\AIBMRUNL.dll [2001.11.14 13:56:00 | 001,802,240 | ---- | C] () -- C:\WINDOWS\System32\lcppn21.dll [1999.04.29 22:00:00 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\MSRTEDIT.DLL [1998.04.24 01:00:00 | 000,000,218 | ---- | C] () -- C:\WINDOWS\FRONTPG.INI [1996.04.03 21:33:26 | 000,005,248 | ---- | C] () -- C:\WINDOWS\System32\giveio.sys < End of report > |
|
01.10.2010, 13:09
| #14 |
| | Ist Trojaner Trojan.Agent jemals aktiv geworden? Extras.txt: [CODE]14:00 01.10.2010OTL EXTRAS Logfile: Code:
ATTFilter OTL Extras logfile created on: 01.10.2010 13:50:42 - Run 2
OTL by OldTimer - Version 3.2.14.1 Folder = E:\Software\Ab 17.04.2009\Download\Sicherheit
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.5512)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 45,00% Memory free
3,00 Gb Paging File | 2,00 Gb Available in Paging File | 61,00% Paging File free
Paging file location(s): C:\pagefile.sys 1024 1536 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 59,53 Gb Total Space | 5,38 Gb Free Space | 9,04% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
Drive E: | 46,18 Gb Total Space | 2,20 Gb Free Space | 4,77% Space Free | Partition Type: FAT32
Drive F: | 4,00 Gb Total Space | 0,45 Gb Free Space | 11,32% Space Free | Partition Type: FAT32
Drive G: | 4,01 Gb Total Space | 0,46 Gb Free Space | 11,49% Space Free | Partition Type: FAT32
Drive H: | 25,27 Gb Total Space | 4,47 Gb Free Space | 17,68% Space Free | Partition Type: NTFS
I: Drive not present or media not loaded
Computer Name: XXX
Current User Name: ***
NOT logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Programme\Mozilla\Firefox\firefox.exe (Mozilla Corporation)
.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
htmlfile [edit] -- Reg Error: Key error.
http [open] -- "C:\Programme\Mozilla\Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)
https [open] -- "C:\Programme\Mozilla\Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)
InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Programme\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [Durchsuchen mit &IrfanView] -- "C:\Programme\IrfanView\i_view32.exe" "%1 /thumbs" (Irfan Skiljan)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Programme\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002
"10243:TCP" = 10243:TCP:LocalSubNet:Enabled:Windows Media Player-Netzwerkfreigabedienst
"10280:UDP" = 10280:UDP:LocalSubNet:Enabled:Windows Media Player-Netzwerkfreigabedienst
"10281:UDP" = 10281:UDP:LocalSubNet:Enabled:Windows Media Player-Netzwerkfreigabedienst
"10282:UDP" = 10282:UDP:LocalSubNet:Enabled:Windows Media Player-Netzwerkfreigabedienst
"10283:UDP" = 10283:UDP:LocalSubNet:Enabled:Windows Media Player-Netzwerkfreigabedienst
"10284:UDP" = 10284:UDP:LocalSubNet:Enabled:Windows Media Player-Netzwerkfreigabedienst
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002
"6198:TCP" = 6198:TCP:*:Enabled:freenetSPEED
"3126:TCP" = 3126:TCP:*:Enabled:freenetSPEED
"3128:TCP" = 3128:TCP:*:Enabled:freenetSPEED
"10243:TCP" = 10243:TCP:LocalSubNet:Enabled:Windows Media Player-Netzwerkfreigabedienst
"10280:UDP" = 10280:UDP:LocalSubNet:Enabled:Windows Media Player-Netzwerkfreigabedienst
"10281:UDP" = 10281:UDP:LocalSubNet:Enabled:Windows Media Player-Netzwerkfreigabedienst
"10282:UDP" = 10282:UDP:LocalSubNet:Enabled:Windows Media Player-Netzwerkfreigabedienst
"10283:UDP" = 10283:UDP:LocalSubNet:Enabled:Windows Media Player-Netzwerkfreigabedienst
"10284:UDP" = 10284:UDP:LocalSubNet:Enabled:Windows Media Player-Netzwerkfreigabedienst
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\Programme\IBM\Updater\jre\bin\java.exe" = C:\Programme\IBM\Updater\jre\bin\java.exe:*:Enabled:IBM Update Connector -- File not found
"C:\Programme\IBM\Updater\jre\bin\javaw.exe" = C:\Programme\IBM\Updater\jre\bin\javaw.exe:*:Enabled:IBM Update Connector -- File not found
"C:\Programme\IBM\Updater\ucsmb.exe" = C:\Programme\IBM\Updater\ucsmb.exe:*:Enabled:IBM Update Connector -- File not found
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Programme\IBM\Updater\jre\bin\java.exe" = C:\Programme\IBM\Updater\jre\bin\java.exe:*:Enabled:IBM Update Connector -- File not found
"C:\Programme\IBM\Updater\jre\bin\javaw.exe" = C:\Programme\IBM\Updater\jre\bin\javaw.exe:*:Enabled:IBM Update Connector -- File not found
"C:\Programme\IBM\Updater\ucsmb.exe" = C:\Programme\IBM\Updater\ucsmb.exe:*:Enabled:IBM Update Connector -- File not found
"D:\fsetup.exe" = D:\fsetup.exe:*:Enabled:AVM FSetup Application -- File not found
"C:\Programme\freenet\PxClient.exe" = C:\Programme\freenet\PxClient.exe:*:Enabled:freenetSPEED -- File not found
"C:\Programme\VoipDiscount.com\VoipDiscount\VoipDiscount.exe" = C:\Programme\VoipDiscount.com\VoipDiscount\VoipDiscount.exe:*:Enabled:VoipDiscount -- (VoipDiscount)
"C:\Programme\Mozilla Thunderbird\thunderbird.exe" = C:\Programme\Mozilla Thunderbird\thunderbird.exe:*:Enabled:Mozilla Thunderbird -- (Mozilla Messaging)
"C:\Programme\Intuwave Ltd\Shared\mRouterRunTime\mRouterRuntime.exe" = C:\Programme\Intuwave Ltd\Shared\mRouterRunTime\mRouterRuntime.exe:*:Enabled:mRouterRuntime -- (Intuwave Ltd.)
"C:\WINDOWS\system32\fxsclnt.exe" = C:\WINDOWS\system32\fxsclnt.exe:*:Enabled:Microsoft Fax Console -- (Microsoft Corporation)
"C:\Programme\Java\jdk1.6.0_01\jre\bin\java.exe" = C:\Programme\Java\jdk1.6.0_01\jre\bin\java.exe:*:Enabled:Java(TM) Platform SE binary -- File not found
"C:\Programme\MySQL\MySQL Server 5.0\bin\mysqld-nt.exe" = C:\Programme\MySQL\MySQL Server 5.0\bin\mysqld-nt.exe:*:Enabled:mysqld-nt -- ()
"C:\Programme\Java\jdk1.6.0_01\bin\java.exe" = C:\Programme\Java\jdk1.6.0_01\bin\java.exe:*:Enabled:Java(TM) Platform SE binary -- File not found
"C:\Programme\Java\jdk1.6.0\bin\java.exe" = C:\Programme\Java\jdk1.6.0\bin\java.exe:*:Enabled:Java(TM) Platform SE binary -- File not found
"C:\Programme\FRITZ!DSL\FBOXUPD.EXE" = C:\Programme\FRITZ!DSL\FBOXUPD.EXE:*:Enabled:AVM FRITZ!Box Firmware-Update -- (AVM Berlin)
"C:\Programme\Java\jdk1.6.0_02\jre\bin\java.exe" = C:\Programme\Java\jdk1.6.0_02\jre\bin\java.exe:*:Enabled:Java(TM) Platform SE binary -- File not found
"C:\Programme\Home Cinema\PowerCinema\PowerCinema.exe" = C:\Programme\Home Cinema\PowerCinema\PowerCinema.exe:*:Enabled:PowerCinema -- File not found
"C:\Dokumente und Einstellungen\***\Lokale Einstellungen\Apps\2.0\CDYO31ZO.VG2\OEZVKJ02.55X\frit..tion_f8d772dfbb3f7453_0002.0001_147a792107b9f781\fritzbox-usb-fernanschluss.exe" = C:\Dokumente und Einstellungen\***\Lokale Einstellungen\Apps\2.0\CDYO31ZO.VG2\OEZVKJ02.55X\frit..tion_f8d772dfbb3f7453_0002.0001_147a792107b9f781\fritzbox-usb-fernanschluss.exe:*:Enabled:FRITZ!Box USB-Fernanschluss -- File not found
"C:\Programme\WS_FTP\WS_FTP95.exe" = C:\Programme\WS_FTP\WS_FTP95.exe:*:Enabled:WS_FTP 95 -- (Ipswitch, Inc. 81 Hartwell Ave. Lexington, MA)
"C:\Programme\Java\jdk1.6.0_03\bin\java.exe" = C:\Programme\Java\jdk1.6.0_03\bin\java.exe:*:Enabled:Java(TM) Platform SE binary -- (Sun Microsystems, Inc.)
"C:\Programme\Java\jdk1.6.0_03\jre\bin\java.exe" = C:\Programme\Java\jdk1.6.0_03\jre\bin\java.exe:*:Enabled:Java(TM) Platform SE binary -- (Sun Microsystems, Inc.)
"C:\Programme\Java\jre1.6.0_03\bin\java.exe" = C:\Programme\Java\jre1.6.0_03\bin\java.exe:*:Enabled:Java(TM) Platform SE binary -- File not found
"C:\Programme\Java\NetBeans 6.0 RC2\mobility8\WTK2.5.2\bin\emulator.exe" = C:\Programme\Java\NetBeans 6.0 RC2\mobility8\WTK2.5.2\bin\emulator.exe:*:Enabled:emulator -- File not found
"C:\Programme\Java\WTK22\bin\emulator.exe" = C:\Programme\Java\WTK22\bin\emulator.exe:*:Enabled:emulator -- ()
"C:\Programme\Java\NetBeans 6.0\mobility8\WTK2.5.2\bin\emulator.exe" = C:\Programme\Java\NetBeans 6.0\mobility8\WTK2.5.2\bin\emulator.exe:*:Enabled:emulator -- File not found
"C:\Programme\FRITZ!DSL\IGDCTRL.EXE" = C:\Programme\FRITZ!DSL\IGDCTRL.EXE:*:Enabled:AVM FRITZ!DSL - igdctrl.exe -- (AVM Berlin)
"C:\Programme\FRITZ!DSL\WebwaIgd.exe" = C:\Programme\FRITZ!DSL\WebwaIgd.exe:*:Enabled:AVM FRITZ!DSL - webwaigd.exe -- (AVM Berlin)
"C:\Programme\uTorrent\uTorrent.exe" = C:\Programme\uTorrent\uTorrent.exe:*:Enabled:µTorrent -- File not found
"C:\Programme\Sony Ericsson\Update Service\ma3platform.exe" = C:\Programme\Sony Ericsson\Update Service\ma3platform.exe:*:Enabled:ma3platform -- File not found
"C:\Programme\Sony Ericsson\Update Service\Update Service.exe" = C:\Programme\Sony Ericsson\Update Service\Update Service.exe:*:Enabled:Update Service -- File not found
"C:\Programme\Sony Ericsson\Sony Ericsson Media Manager 1.0\MediaManager.exe" = C:\Programme\Sony Ericsson\Sony Ericsson Media Manager 1.0\MediaManager.exe:*:Enabled:Sony Ericsson Media Manager 1.0 -- (Sony Creative Software Inc.)
"C:\Programme\Java\jdk1.6.0_04\jre\bin\java.exe" = C:\Programme\Java\jdk1.6.0_04\jre\bin\java.exe:*:Enabled:Java(TM) Platform SE binary -- File not found
"C:\Dokumente und Einstellungen\***\Lokale Einstellungen\Apps\2.0\CDYO31ZO.VG2\OEZVKJ02.55X\frit..tion_f8d772dfbb3f7453_0002.0001_0db5bf0e9add42c1\fritzbox-usb-fernanschluss.exe" = C:\Dokumente und Einstellungen\***\Lokale Einstellungen\Apps\2.0\CDYO31ZO.VG2\OEZVKJ02.55X\frit..tion_f8d772dfbb3f7453_0002.0001_0db5bf0e9add42c1\fritzbox-usb-fernanschluss.exe:*:Enabled:FRITZ!Box USB-Fernanschluss -- File not found
"C:\Programme\Java\jre1.6.0_04\bin\javaw.exe" = C:\Programme\Java\jre1.6.0_04\bin\javaw.exe:*:Enabled:Java(TM) Platform SE binary -- File not found
"C:\Program Files\IBM\Java142\jre\bin\javaw.exe" = C:\Program Files\IBM\Java142\jre\bin\javaw.exe:*:Enabled:Java launcher -- (IBM)
"C:\Programme\Mozilla\Firefox\firefox.exe" = C:\Programme\Mozilla\Firefox\firefox.exe:*:Enabled:Firefox -- (Mozilla Corporation)
"C:\Programme\Java\jdk1.6.0_06\jre\bin\java.exe" = C:\Programme\Java\jdk1.6.0_06\jre\bin\java.exe:*:Enabled:Java(TM) Platform SE binary -- File not found
"C:\Dokumente und Einstellungen\***\Lokale Einstellungen\Apps\2.0\CDYO31ZO.VG2\OEZVKJ02.55X\frit..tion_f8d772dfbb3f7453_0002.0001_0db5bf0f9b5c5281\fritzbox-usb-fernanschluss.exe" = C:\Dokumente und Einstellungen\***\Lokale Einstellungen\Apps\2.0\CDYO31ZO.VG2\OEZVKJ02.55X\frit..tion_f8d772dfbb3f7453_0002.0001_0db5bf0f9b5c5281\fritzbox-usb-fernanschluss.exe:*:Enabled:FRITZ!Box USB-Fernanschluss -- File not found
"C:\Programme\Java\jdk1.6.0_07\jre\bin\java.exe" = C:\Programme\Java\jdk1.6.0_07\jre\bin\java.exe:*:Enabled:Java(TM) Platform SE binary -- File not found
"C:\Programme\Real\RealPlayer\realplay.exe" = C:\Programme\Real\RealPlayer\realplay.exe:*:Enabled:RealPlayer -- File not found
"C:\Dokumente und Einstellungen\***\Lokale Einstellungen\Apps\2.0\CDYO31ZO.VG2\OEZVKJ02.55X\frit..tion_f8d772dfbb3f7453_0002.0001_0db5bf139d589181\fritzbox-usb-fernanschluss.exe" = C:\Dokumente und Einstellungen\***\Lokale Einstellungen\Apps\2.0\CDYO31ZO.VG2\OEZVKJ02.55X\frit..tion_f8d772dfbb3f7453_0002.0001_0db5bf139d589181\fritzbox-usb-fernanschluss.exe:*:Enabled:FRITZ!Box USB-Fernanschluss -- File not found
"C:\Dokumente und Einstellungen\***\Lokale Einstellungen\Apps\2.0\CDYO31ZO.VG2\OEZVKJ02.55X\frit..tion_f8d772dfbb3f7453_0002.0001_0db5bf149dd7a141\fritzbox-usb-fernanschluss.exe" = C:\Dokumente und Einstellungen\***\Lokale Einstellungen\Apps\2.0\CDYO31ZO.VG2\OEZVKJ02.55X\frit..tion_f8d772dfbb3f7453_0002.0001_0db5bf149dd7a141\fritzbox-usb-fernanschluss.exe:*:Enabled:FRITZ!Box USB-Fernanschluss -- (AVM Berlin)
"C:\Programme\Java\jre6\bin\java.exe" = C:\Programme\Java\jre6\bin\java.exe:*:Enabled:Java(TM) Platform SE binary -- (Sun Microsystems, Inc.)
"C:\Program Files\Real\RealPlayer\realplay.exe" = C:\Program Files\Real\RealPlayer\realplay.exe:*:Enabled:RealPlayer -- (RealNetworks, Inc.)
"C:\Programme\Java\jre6\bin\javaw.exe" = C:\Programme\Java\jre6\bin\javaw.exe:*:Enabled:Java(TM) Platform SE binary -- (Sun Microsystems, Inc.)
"C:\Dokumente und Einstellungen\***\Lokale Einstellungen\Apps\2.0\CDYO31ZO.VG2\OEZVKJ02.55X\frit..tion_f8d772dfbb3f7453_0002.0001_0db5bf169ed5c0c1\fritzbox-usb-fernanschluss.exe" = C:\Dokumente und Einstellungen\***\Lokale Einstellungen\Apps\2.0\CDYO31ZO.VG2\OEZVKJ02.55X\frit..tion_f8d772dfbb3f7453_0002.0001_0db5bf169ed5c0c1\fritzbox-usb-fernanschluss.exe:*:Enabled:FRITZ!Box USB-Fernanschluss -- (AVM Berlin)
"C:\WINDOWS\LMI35.tmp\lmi_rescue.exe" = C:\WINDOWS\LMI35.tmp\lmi_rescue.exe:*:Enabled:LogMeIn Rescue -- File not found
"C:\WINDOWS\LMI60.tmp\lmi_rescue.exe" = C:\WINDOWS\LMI60.tmp\lmi_rescue.exe:*:Enabled:LogMeIn Rescue -- File not found
"C:\WINDOWS\LMI33D.tmp\lmi_rescue.exe" = C:\WINDOWS\LMI33D.tmp\lmi_rescue.exe:*:Enabled:LogMeIn Rescue -- File not found
"C:\WINDOWS\LMI3B2.tmp\lmi_rescue.exe" = C:\WINDOWS\LMI3B2.tmp\lmi_rescue.exe:*:Enabled:LogMeIn Rescue -- File not found
"C:\WINDOWS\LMI3B7.tmp\lmi_rescue.exe" = C:\WINDOWS\LMI3B7.tmp\lmi_rescue.exe:*:Enabled:LogMeIn Rescue -- File not found
"C:\Programme\BitTorrent\bittorrent.exe" = C:\Programme\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent -- (BitTorrent, Inc.)
"C:\Programme\FRITZ!Box Monitor\FRITZBoxMonitor.exe" = C:\Programme\FRITZ!Box Monitor\FRITZBoxMonitor.exe:*:Enabled:FRITZ!Box Monitor -- (AVM Berlin)
"C:\Programme\FRITZ!vox\Fritz!vox.exe" = C:\Programme\FRITZ!vox\Fritz!vox.exe:*:Enabled:Fritz!vox -- (AVM Berlin)
"C:\CYGWIN\bin\rsync.exe" = C:\CYGWIN\bin\rsync.exe:*:Enabled:rsync -- ()
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00000407-78E1-11D2-B60F-006097C998E7}" = Microsoft Office 2000 SR-1 Premium
"{00170407-78E1-11D2-B60F-006097C998E7}" = Microsoft Word 2000 SR-1
"{00BA866C-F2A2-4BB9-A308-3DFA695B6F7C}" = Java DB 10.5.3.0
"{01008202-823E-46CD-A70E-BEE818F97169}" = Microsoft Encarta Enzyklopädie 2002
"{01DA3FC4-CF94-4AAD-9127-C8F2E09F6E69}" = PowerArchiver 2010
"{024D73F0-1C49-2340-8AC3-5234AAA560C0}" = ccc-core-static
"{03B1BBDC-7FAA-4A03-9988-A85428BAD382}" = Sun ODF Plugin for Microsoft Office 3.0
"{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu
"{055EE59D-217B-43A7-ABFF-507B966405D8}" = ATI Catalyst Control Center
"{05E9F134-07C9-4249-9B80-EE5D975F201B}" = Sony Ericsson Image Editor
"{0873B1A3-00A9-40D6-BACE-3DB4BC5DA840}" = ThinkPad SATA Power Management Driver
"{0BEDBD4E-2D34-47B5-9973-57E62B29307C}" = ATI Systemsteuerung
"{0D05C1D4-BB4C-4545-86DC-F5EA7D04121A}" = Vtpro-e Themes v1.3
"{0E0DF90C-D0BA-4C89-9262-AD78D1A3DE51}" = HP USB Disk Storage Format Tool
"{1007F41F-7D69-468E-8017-3849A5A973C2}" = IBM ThinkVantage Technologies Welcome Message
"{11783F13-C3A9-44A8-929B-21A476F65272}" = IBM Rescue and Recovery with Rapid Restore
"{1206EF92-2E83-4859-ACCB-2048C3CB7DA6}" = Sonic DLA
"{1297C681-92D7-40EF-93BF-03F66EC5105C}" = ThinkPad-Dienstprogramm 'EasyEject'
"{13EDFFFE-DCF2-448A-A653-3C4CD60D99B4}" = Palm Desktop and Synchronization Software
"{1649C93D-C661-4C53-B8AE-DB3592150B34}" = Buhl finance - tax 2006 Professional
"{17CBC505-D1AE-459D-B445-3D2000A85842}" = ThinkPad UltraNav Utility
"{1E5007FA-DA5E-4EDD-BDE5-14D128D66887}" = PowerQuest PartitionMagic 7.0
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{2111B23F-7FDA-4A41-8309-E5A1663CA296}" = Dienstprogramm 'IBM ThinkPad-Tastaturanpassung'
"{23170F69-40C1-2701-0465-000001000000}" = 7-Zip 4.65
"{23FB368F-1399-4EAC-817C-4B83ECBE3D83}" = mProSafe
"{2457326B-C110-40C3-89B0-889CC913871A}" = AVM FRITZ!DSL
"{24F9E04D-4CD5-3979-76F9-C1C6E78471AB}" = CCC Help Italian
"{25F60491-F5AB-4985-9354-37C146783F35}" = Microsoft Works Suite-Add-Ins für Microsoft Word
"{2604C0F9-BFD3-4BA0-9EB5-22537C648F03}" = MobileMe Control Panel
"{26A24AE4-039D-4CA4-87B4-2F83216014FF}" = Java(TM) 6 Update 21
"{2D230139-69DA-4CE8-83FB-EE5F522D2FF5}" = Praesideo Logging Server V2.32.1757
"{2FCE4FC5-6930-40E7-A4F1-F862207424EF}" = InterVideo WinDVD Creator
"{2FEB25F8-C3CB-49A2-AE79-DE17FFAFB5D9}" = MySQL Server 5.0
"{2FFE93F0-BB72-4E52-8761-354D1AAA9387}" = Sony Ericsson PC Suite 3.108.00
"{30465B6C-B53F-49A1-9EBA-A3F187AD502E}" = Sonic Update Manager
"{31E1050B-F69F-4A16-8F5A-E44D31901250}" = Ulead DVD DiskRecorder 2.1.1
"{3248F0A8-6813-11D6-A77B-00B0D0150100}" = J2SE Runtime Environment 5.0 Update 10
"{32A3A4F4-B792-11D6-A78A-00B0D0150100}" = J2SE Development Kit 5.0 Update 10
"{32A3A4F4-B792-11D6-A78A-00B0D0160030}" = Java(TM) SE Development Kit 6 Update 3
"{32A3A4F4-B792-11D6-A78A-00B0D0160180}" = Java(TM) SE Development Kit 6 Update 18
"{32A3A4F4-B792-11D6-A78A-00B0D0160200}" = Java(TM) SE Development Kit 6 Update 20
"{32A3A4F4-B792-11D6-A78A-00B0D0170000}" = Java(TM) SE Development Kit 7
"{3305E24F-1192-0424-8A25-39713FD92728}" = Skins
"{34F0D55F-C386-4195-9A5B-961D3F6ACD46}" = InterVideo MediaOne Gallery
"{350C97B3-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3B94A56F-9FDA-46CC-A3B6-07613A84200B}" = Buhl finance - tax 2007 Professional
"{3D289CAC-AD9F-45d9-9D36-524EB7B6C958}" = Lenovo Hard Drive Quick Test
"{3DA7A736-0B03-565C-1139-83FE890F0AF3}" = CCC Help French
"{3EA9D975-BFDC-4E8E-B88B-0446FBC8CA66}" = ATI HYDRAVISION
"{3F71721C-E73D-481C-B926-C56B68D8F388}" = Praesideo Open Interface Library V2.32.1757
"{437C19B3-7E20-4E39-B868-CA6BAA820E1C}" = Microsoft Rechner-Plus
"{43A1FE83-D39F-3779-8D48-D6D19EE7AC48}" = CCC Help Chinese Traditional
"{443CBE24-0679-4027-9C36-66F129E009C5}" = Crestron Database
"{448AB2CB-C94A-47DE-80B8-9D7824DEFA57}" = Ulead FilmBrennerei 4.0
"{44B32F92-5A96-43D9-BCBE-0AD2CDC409E7}" = TortoiseHg 1.1.3 (x86)
"{46A84694-59EC-48F0-964C-7E76E9F8A2ED}" = ThinkVantage System für aktiven Festplattenschutz
"{47CF8B92-4083-4F43-9680-6EDE10F812BD}" = Praesideo Logging Viewer V2.32.1757
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A7FDA4D-F4D7-4A49-934A-066D59A43C7E}" = SmartSound Quicktracks Plugin
"{55C28EF3-2EA3-46AB-B1E7-54B96C5A6921}" = Viewport v3.99.01
"{57FA0525-01F9-4051-8DE9-CBF43CAC68D9}" = Catalyst Control Center - Branding
"{5C72622B-643D-4296-B57D-5D53D0C68509}" = Sony Ericsson Media Manager 1.0
"{5D73F169-DD54-4C74-AEB0-CE72A4ED95E6}" = Algo Vision LuraTech Browser Plug-ins
"{5DE1B7CF-7429-40CA-987F-6BEE09B63787}" = Prime95
"{5F71EB81-C72E-4B28-8D90-FDEECFEBC2DE}" = Drive Image
"{61A17AE1-B4C3-4FC0-8563-684C23CBFA0F}" = SW-Entwicklung\Sun Java (TM) Wireless Toolkit 2.5.2 for CLDC
"{63F817ED-F710-481B-B332-7A356CE04E10}" = TortoiseOverlays
"{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}" = Sonic Express Labeler
"{6686F38D-1A32-4A8C-94D7-A2AA9C5F3C9B}" = Crestron Device Database
"{66CA5E58-0D03-A75D-16EF-68258DE0DFC3}" = CCC Help English
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{6BC292E6-5C85-4620-C1D0-A2FEAFD5D135}" = CCC Help Japanese
"{6C31E111-96BB-4ADC-9C81-E6D3EEDDD8D3}" = Powertoys For Windows XP
"{6CE96A14-61E2-48CC-837E-22710A953ADE}" = IBM Themes
"{7005C601-B415-4D77-B2ED-FF40E3DACDED}" = DEAL for Windows v4.00
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{735DEB9C-61BD-4D31-994B-92395BBB4E45}" = Microsoft XML Parser
"{75438C0E-9925-412E-AD85-D0E71C6CE2ED}" = USB2.0 PC Camera (SN9C201&202)
"{7579A17B-0E6C-9EF3-D022-30729A24B399}" = CCC Help Chinese Standard
"{76E41F43-59D2-4F30-BA42-9A762EE1E8DE}" = Avanquest update
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7BAA2000-5B8D-66DD-DBE7-089671AC118B}" = ccc-utility
"{7C2BD022-2B09-1F6D-D6C1-AD2A591E7537}" = Catalyst Control Center Core Implementation
"{7D2370AC-D8E6-4996-986A-19824F8A167C}" = Logitech QuickCam
"{7E265513-8CDA-4631-B696-F40D983F3B07}_is1" = CDBurnerXP
"{7EB114D8-207F-45AE-BABD-1669715F2630}" = ThinkVantage Access Connections
"{806DB796-7082-C63F-284E-62245284A417}" = CCC Help Dutch
"{808FAA20-4C3A-11D4-8A57-00201853C903}" = PC-Linq
"{82512BC9-BD5D-4C50-BE4D-B98E7DF78687}" = ThinkPad-UltraNav-Assistent
"{8398B542-3CC4-44D9-83DF-696CCE70124B}" = Windows Support Tools
"{84814E6B-2581-46EC-926A-823BD1C670F6}" = ThinkPad Bluetooth with Enhanced Data Rate Software
"{8675339C-128C-44DD-83BF-0A5D6ABD8297}" = System Update
"{8745DEAB-1126-42F5-9585-C66D5497B47B}" = EMEA Wallpaper
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8D0E26CF-AA2F-48FF-A533-6207DE50B1C4}_is1" = Agendus for Windows Palm Desktop Edition
"{8D1E61D1-1395-4E97-997F-D002DB3A5074}" = OpenOffice.org 3.2
"{8EAB2384-C794-40ED-A9DD-3270A0D2BB76}" = Ulead VideoStudio 9.0
"{91810AFC-A4F8-4EBA-A5AA-B198BBC81144}" = InterVideo WinDVD
"{91AF774D-8506-4194-9B77-9D803CBF5AC1}" = SIMPL Windows v2.10
"{925936AC-9C9A-4897-874B-60961AAB6D52}" = Disc2Phone
"{9541FED0-327F-4DF0-8B96-EF57EF622F19}" = Sonic RecordNow!
"{984E0622-29E5-44EA-A075-A0CE91B2CF13}" = TortoiseOverlays
"{A0E64EBA-8BF0-49FB-90C0-BB3D781A2016}" = ThinkPad Energie-Manager
"{A1A903C9-35DE-4770-9264-5F831E0A3A2E}" = SIMPL Windows Library v565
"{A2092B2A-A4FB-4464-A4C0-023D2C9993F8}" =
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A3E23D97-145F-29BF-81DE-DAEC1E5AB237}" = Catalyst Control Center Graphics Full New
"{A8FA2AC0-3875-B59F-917F-719982FB1BE8}" = CCC Help Portuguese
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AA3983BF-9B72-484E-972A-E47BBAFA9CCA}" = VisionTools Pro-e v3.8
"{AC76BA86-7AD7-1031-7B44-A93000000001}" = Adobe Reader 9.3.4 - Deutsch
"{AC76BA86-7AD7-5464-3428-800000000003}" = Spelling Dictionaries Support For Adobe Reader 8
"{AC849092-6F19-4395-8860-BC3B82CAFE51}" = funScreenScraping Microsoft Systemdateien
"{AE1A0B0E-2EC7-656A-711A-0E7E8D4AB5CF}" = CCC Help Spanish
"{B016DE7B-CA2D-5EFD-9591-A109E67119BD}" = CCC Help Swedish
"{B214C3C8-FC16-42EC-B7BB-703A1BB9C790}" = Lenovo Battery Program
"{B5FDA445-CAC4-4BA6-A8FB-A7212BD439DE}" = Microsoft XML Parser
"{B5FE8184-DB90-4642-826C-096C6369B3DA}" = J2ME Wireless Toolkit 2.2
"{B6826FA8-04C8-4147-AA3C-5B900AB887A1}" = PowerArchiver 2007
"{B7A0CE06-068E-11D6-97FD-0050BACBF861}" = PowerProducer
"{BAF78226-3200-4DB4-BE33-4D922A799840}" = Windows Presentation Foundation
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C2C284D2-6BD7-3B34-B0C5-B2CAED168DF7}" = Microsoft .NET Framework 3.0 Service Pack 2 Language Pack - DEU
"{C314CE45-3392-3B73-B4E1-139CD41CA933}" = Microsoft .NET Framework 2.0 Service Pack 2 Language Pack - DEU
"{C4A92EF9-D14C-937F-742E-D272938DC590}" = CCC Help Korean
"{C769A271-7E1C-48F9-B331-474600DD4C06}" = Microsoft Picture It! Foto 2002
"{C7B8E06E-EBBC-4210-93AB-DFC8760E3FC9}" = Works Suite-Betriebssystem-Pack
"{C9A87D86-FDFD-418B-BF96-EF09320973B3}" = PC Inspector smart recovery
"{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CC016F21-3970-11DE-B878-005056806466}" = Google Earth
"{CD6EB005-957A-4191-93ED-6ECD5F7F931E}" = SKTimeStamp
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CFEDA22F-435D-4891-913A-75B80D8159B8}" = Crestron Toolbox v1.12
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.2
"{D121161E-AD64-4438-97A0-66A1AB7FFDE3}" = Works Suite-Betriebssystem-Pack
"{D2FEBD11-E587-4C41-AD33-0CD90D26A964}" = Client für die Windows-Rechteverwaltung mit Service Pack 2
"{D36DD326-7280-11D8-97C8-000129760CBE}" = PhotoNow! 1.0
"{D5881E4A-0764-11D6-9D93-DECCF2B3F57C}" = Praesideo Core V2.32.1757
"{D5A9B7C0-8751-11D8-9D75-000129760D75}" = MediaShow 3.0
"{D6DE02C7-1F47-11D4-9515-00105AE4B89A}" = Paint Shop Pro 7 Anniversary Edition
"{D702172D-8D17-D9EC-B661-42FA268575AF}" = Catalyst Control Center Localization All
"{DAA3F236-CEEC-C6CC-12C2-AB1B75C8BC09}" = CCC Help German
"{DAEAFD68-BB4A-4507-A241-C8804D2EA66D}" = Apple Application Support
"{DEC2C123-3CE0-4669-B119-61519130CACD}" = TortoiseSVN 1.6.10.19898 (32 bit)
"{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF}" = Ad-Aware
"{E09CEE8B-1DCD-C628-A8EA-2B56D61DDEFA}" = ccc-core-preinstall
"{E258A840-7E9A-443A-B156-67102C48BF17}" = TPP Storage Driver Installation
"{E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}" = Windows Media Encoder 9-Reihe
"{E7004147-2CCA-431C-AA05-2AB166B9785D}" = QuickTime
"{E78BFA60-5393-4C38-82AB-E8019E464EB4}" = Microsoft .NET Framework 1.1 German Language Pack
"{E922961C-6DB6-41DE-9FEA-426DF3E9F81C}" = IBM 32-bit Runtime Environment for Java 2, v1.4.2
"{EA664480-3844-11D5-8C25-444553540000}" = Funktion "TrackPoint-Eingabehilfen"
"{EC6AF20D-4376-4070-BEE4-D3A0DFF7E140}" = Access IBM
"{EC905264-BCFE-423B-9C42-C3A106266790}" = Rückwärtskompatibilität des Clients für die Windows-Rechteverwaltung SP2
"{ED5EDCD0-5745-4B13-8061-58C9833FD06D}" = Microsoft Works 6.0
"{F0A37341-D692-11D4-A984-009027EC0A9C}" = SoundMAX
"{F18B31E4-E2E3-4F4F-A2C9-BA579D6AF400}" = TortoiseOverlays
"{F2260E94-80F2-4CB1-B6B1-6043D9BFFA47}" = Works-Synchronisierung
"{F22FD942-651D-4EE8-BD6F-7E0AF5E17625}" = Intel(R) PROSet/Wireless WiFi-Software
"{F3439243-1BAC-7250-D346-2642655F95ED}" = Catalyst Control Center Graphics Full Existing
"{F34D9A5F-484A-4E31-A9D3-908CB265B289}" = Sygate Personal Firewall
"{F3FAE3D8-A91D-4D11-90C1-27581C2C23B9}" = Sony Ericsson MMS Home Studio
"{F413B3A4-EE5D-457C-BAE5-6E58D9589ED5}" = Access IBM Message Center
"{F4F4F84E-804F-4E9A-84D7-C34283F0088F}" = RealUpgrade 1.0
"{F63E8666-0F10-11D3-8258-00C04F6843FE}" = Microsoft Visual Keyboard
"{F705E3E1-A471-426B-9A09-73429F3418EE}" = System Migration Assistant
"{F7F2DC0A-C22E-49AD-AD37-797309A54E7B}" = Microsoft AutoRoute 2002
"{FB97A745-D1E6-435D-B942-264E94F89938}" = SIMPL+ Cross Compiler
"{FC081D4D-DF1B-4CF1-B530-027E4118D846}" = ThinkPad-Konfiguration
"{FC18114B-05A0-11D6-8140-000102E745A6}" = PC Suite for P800
"{FCA651F3-5BDA-4DDA-9E4A-5D87D6914CC4}" = mWlsSafe
"{FD331A3B-F7A5-4C31-B8D4-DF413C85AF7A}" = Message Center Plus
"{FD9D4CA5-8F97-44A0-B17E-C2C77C824FA4}" = funScreenScraping Client Version
"{FF2AFF73-099E-0BB5-AE87-B044D3D7DE78}" = Catalyst Control Center Graphics Light
"1&1 Upload-Manager" = 1&1 Upload-Manager
"274c5407c4fa26908310cb5c1c5500001224356439" = NetBeans IDE 5.5
"312f77fc8b5965949add215dd8550000-1163196496" = NetBeans Profiler 5.5
"Adobe Flash Player ActiveX" = Adobe Flash Player ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"Adobe SVG Viewer" = Adobe SVG Viewer 3.0
"All ATI Software" = ATI - Dienstprogramm zur Deinstallation der Software
"Any Video Converter_is1" = Any Video Converter 3.0.3
"ATI Display Driver" = ATI Display Driver
"Attribute Manager_is1" = Attribute Manager 2.35
"Audacity 1.3 Beta (Unicode)_is1" = Audacity 1.3.9 (Unicode)
"Audacity_is1" = Audacity 1.2.6
"avast5" = avast! Free Antivirus
"AVIcodec" = AVIcodec (remove only)
"Avira UnErase Personal" = Avira UnErase Personal
"AVMFBox" = AVM FRITZ!Box Dokumentation
"AVMFBoxAnswerMachine" = AVM FRITZ!vox
"AVMFBoxMonitor" = AVM FRITZ!Box Monitor
"BitTorrent" = BitTorrent
"CCleaner" = CCleaner
"CD Audio Reader Filter" = CD Audio Reader Filter (remove only)
"CDCheck" = CDCheck
"CNXT_MODEM_PCI_VEN_8086&DEV_24C6&SUBSYS_05591014" = ThinkPad Integrated 56K Modem
"CollabNet Automatic Update" = CollabNet Automatic Update 1.2
"CollabNet Subversion Client" = CollabNet Subversion Client 1.6.12
"Corel Applications" = Corel Applications
"CvsConflictEditor_is1" = CvsConflictEditor 1.2.0
"CVSNT_is1" = CVSNT
"D2D77DC2-8299-11D1-8949-444553540000_is1" = WinCvs 2.0
"Defraggler" = Defraggler
"DiffUtils-2.8.7_is1" = GnuWin32: DiffUtils version 2.8.7
"Digital Image Recovery_is1" = Digital Image Recovery 1.47
"DirectVobSub" = DirectVobSub (remove only)
"doPDF 7 printer_is1" = doPDF 7.1 printer
"EASEUS Partition Master Home Edition_is1" = EASEUS Partition Master 5.5.1 Home Edition
"EPSON SMART PANEL" = EPSON SMART PANEL
"EPSON Stylus Scan" = EPSON Stylus Scan FB TWAIN
"EPSON-Drucker und Utilities" = EPSON-Drucker-Software
"Exact Audio Copy" = Exact Audio Copy 0.99pb5
"Exifer_is1" = Exifer
"fcd569e3a3b8ade0f9366fc6625500001796351737" = NetBeans Mobility Pack 5.5
"Feurio" = Feurio! CD-Writer
"ffdshow_is1" = ffdshow [rev 1868] [2008-02-22]
"FFmpeg for Audacity on Windows_is1" = FFmpeg for Audacity on Windows
"FinePrint 2000" = FinePrint 2000
"FinePrint2000" = FinePrint 2000
"FolderSizes_is1" = FolderSizes 1.0
"frndial" = freenet.de
"FTDICOMM" = SEMC DSS-20 SyncStation Driver
"GMX Upload-Manager" = GMX Upload-Manager
"IE7 Standalone_is1" = Internet Explorer 7 Standalone
"InstallShield für Microsoft Visual C++ 6" = InstallShield für Microsoft Visual C++ 6
"InstallShield_{4A7FDA4D-F4D7-4A49-934A-066D59A43C7E}" = SmartSound Quicktracks Plugin
"InstallShield_{5D73F169-DD54-4C74-AEB0-CE72A4ED95E6}" = Algo Vision LuraTech Browser Plug-ins
"InstallShield_{E922961C-6DB6-41DE-9FEA-426DF3E9F81C}" = IBM 32-bit Runtime Environment for Java 2, v1.4.2
"IrfanView" = IrfanView (remove only)
"ISO Commander" = ISO Commander 1.6 (remove only)
"IsoBuster_is1" = IsoBuster 2.7
"jclasslib bytecode viewer 3.0" = jclasslib bytecode viewer 3.0
"KompoZer_is1" = KompoZer 0.77
"LAME for Audacity_is1" = LAME v3.98.2 for Audacity
"Lavasoft VX2 Cleaner" = Lavasoft VX2 Cleaner
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"MediaInfo" = MediaInfo 0.7.29
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft Developer Network - Visual Studio 6.0a (deu)" = MSDN Library - Visual Studio 6.0a (Deutsch)
"Mozilla Firefox (3.6.10)" = Mozilla Firefox (3.6.10)
"Mozilla Thunderbird (3.1.4)" = Mozilla Thunderbird (3.1.4)
"Mp3tag" = Mp3tag v2.46a
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"MyDefrag v4.2.5_is1" = MyDefrag v4.2.5
"MyDefrag v4.2.9_is1" = MyDefrag v4.2.9
"nbi-nb-base-6.0.0.0.200711201000" = NetBeans IDE 6.0 RC2
"nbi-nb-base-6.1.0.0.200804211638" = NetBeans IDE 6.1
"nbi-nb-base-6.5.0.0.200811100001" = NetBeans IDE 6.5
"nbi-nb-base-6.7.1.0.0" = NetBeans IDE 6.7.1
"nbi-nb-base-6.9.0.0.0" = NetBeans IDE 6.9
"nbi-nb-base-6.9.1.0.201006282301" = NetBeans IDE 6.9.1 Build 201006282301
"Nero - Burning Rom!UninstallKey" = Ahead Nero - Burning Rom
"Notepad++" = Notepad++
"NTFSRatio_is1" = NTFSRatio V1.3
"Nvu_is1" = Nvu 1.0
"OnScreenDisplay" = Anzeige am Bildschirm
"PC-Doctor 5 for Windows" = PC-Doctor 5 für Windows
"PFrank_is1" = Peter's Flexible RenAmiNg Kit (PFrank) 2.13
"Power Management Driver" = ThinkPad Power Management Driver
"Praesideo PC Callstation" = Praesideo PC Callstation
"Presentation Director" = ThinkPad-Präsentationsdirektor
"ProInst" = Intel PROSet Wireless
"QcDrv" = Logitech® Camera-Treiber
"RealPlayer 12.0" = RealPlayer
"RealVNC_is1" = VNC Free Edition 4.1.2
"Rename-It!" = Rename-It!
"ReNamer_is1" = ReNamer
"Secunia PSI" = Secunia PSI
"SequoiaView" = SequoiaView
"SpeedFan" = SpeedFan (remove only)
"SynTPDeinstKey" = ThinkPad UltraNav Driver
"ThinkPad FullScreen Magnifier" = ThinkPad FullScreen Magnifier
"ThinkPadSoftwareInstaller" = Installationsprogramm für ThinkPad-Software
"TPKBDLED" = Scroll Lock Indicator Utility
"TPP200" = USB Storage Adapter V2 (TPP)
"TPP300" = USB Storage Adapter V3 (TPP)
"TPP725" = USB Storage Adapter (TPP)
"TreeSize Free_is1" = TreeSize Free V2.2.1
"UltraDefrag" = Ultra Defragmenter
"Unlocker" = Unlocker 1.8.7
"VLC media player" = VLC media player 1.1.4
"VoipDiscount_is1" = VoipDiscount
"Wdf01005" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
"Wdf01009" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.9
"WebPost" = Microsoft Web Publishing Wizard 1.53
"WIC" = Windows Imaging Component
"Windows Media Encoder 9" = Windows Media Encoder 9-Reihe
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinHex" = WinHex
"WinHTTrack Website Copier_is1" = WinHTTrack Website Copier 3.43
"WinMerge_is1" = WinMerge 2.12.4
"WinRAR archiver" = WinRAR
"winscp3_is1" = WinSCP 4.2.7
"WinZip" = WinZip
"WinZip Self-Extractor" = WinZip Self-Extractor
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Works2002Setup" = Microsoft Works 2002-Setup-Start
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"X10Hardware" = X10 Hardware(TM)
"xdocdiff" = xdocdiff
"XP Codec Pack" = XP Codec Pack
"XpsEPSC" = XML Paper Specification Shared Components Pack 1.0
"XPSEPSCLP" = XML Paper Specification Shared Components Language Pack 1.0
"Z-DBackup" = Z-DBackup
"ZoomPlayer" = Zoom Player (remove only)
"ZoomPlayerLang" = Zoom Player deutsche Sprachdateien (entfernen)
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-999901472-3601035388-3065584919-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{01D5859C-5207-4183-B88D-3DCD2022BC54}" = t@x 2008 Professional
"{40030378-9EB9-482A-AC10-195097CA624D}" = t@x 2009 Professional
"f6791b188d8f3ff8" = AVM FRITZ!Box USB-Fernanschluss
"InstallShield_{5F71EB81-C72E-4B28-8D90-FDEECFEBC2DE}" = PowerQuest Drive Image 2002
"jIRCii" = jIRCii
"muCommander" = muCommander
"StackTrace" = StackTrace
========== Last 10 Event Log Errors ==========
Error: Unable to start EventLog service!
< End of report >
|
|
01.10.2010, 14:51
| #15 | |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Ist Trojaner Trojan.Agent jemals aktiv geworden?Zitat:
Bist Du sicher, dass Du OTL direkt nach der Anleitung ausführst? 
__________________ Logfiles bitte immer in CODE-Tags posten |
|
| Themen zu Ist Trojaner Trojan.Agent jemals aktiv geworden? |
| aktiv, anti-malware, avast, board, code, datei, dateien, einstellungen, explorer, frage, infizierte, infizierte dateien, internet, internet explorer, laufzeit, log, löschen, malwarebytes, phänomen, recycler, rum, service, sicherheitscenter, trojan.agent, trojaner, version, windows, worm.autorun.b |
Linear-Darstellung
