| |
| |||||||
Log-Analyse und Auswertung: nerviger virus/trojaner, downadup?Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML |
 |
29.12.2009, 15:46
| #1 |
| |  nerviger virus/trojaner, downadup? hallo zusammen! seit etwa einer woche bekomm ich pop-ups von avg wenn ich einen wechseldatenträger an mein notebook anstecke. manchmal kommt davor noch ein windows-popup (fehler in .\recycler\S-5-3-42-821....65\jwgkvsq.vmx folgernder eintrag fehlt:ahaezedrn). das avg-popup sag mir, dass in 2 svchost-prozessen, die sich beide in win32 befinden, der worm downadup ausgeführt wird. den genauen text weiß ich jetzt leider nicht. die scan-results von hijack-this zeigen zwei O9-einträge, die als äußerst schädlich eingestuft werden. wenn ich versuche, sie zu löschen gelingt das nur bei einem der zwei einträge, und beim nächsten neustart sinds dann wieder 2. ich habe schon probiert, die systemwiederherstellungspunkte zu löschen, ccleaner laufen lassen, bringt alles nichts. sollte ich den pc neu aufsetzen? sind die dateien auf der festplatte noch clean, kann ich nach dem Neuaufsetzen alle daten behalten? bitte um hilfreiche posts. danke.  Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 14:57:26, on 29.12.2009 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\Programme\Intel\Wireless\Bin\S24EvMon.exe C:\WINDOWS\system32\spoolsv.exe C:\Programme\D-Link DWA-643\D-Link DWA-643 Wireless N ExpressCard Notebook Adapter\acs.exe C:\WINDOWS\Explorer.EXE C:\Programme\Gemeinsame Dateien\Acronis\Schedule2\schedul2.exe C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe C:\Programme\Synaptics\SynTP\SynTPEnh.exe C:\Programme\IVT Corporation\BlueSoleil\BlueSoleilCS.exe C:\Programme\Intel\Wireless\bin\ZCfgSvc.exe C:\Programme\Creative\Shared Files\CTDevSrv.exe C:\PROGRA~1\WinTV\EPG Services\System\EPGService.exe C:\Programme\Intel\Wireless\Bin\ifrmewrk.exe C:\Programme\Intel\Wireless\Bin\EvtEng.exe C:\WINDOWS\system32\igfxtray.exe C:\WINDOWS\system32\hkcmd.exe C:\WINDOWS\system32\igfxpers.exe C:\WINDOWS\system32\igfxsrvc.exe C:\Programme\IVT Corporation\BlueSoleil\BtTray.exe C:\PROGRA~1\AVG\AVG8\avgrsx.exe C:\PROGRA~1\AVG\AVG8\avgtray.exe C:\Programme\Java\jre6\bin\jqs.exe C:\WINDOWS\RTHDCPL.EXE C:\WINDOWS\system32\oodag.exe C:\Programme\Java\jre6\bin\jusched.exe C:\Programme\Gemeinsame Dateien\Acronis\Schedule2\schedhlp.exe C:\WINDOWS\system32\ctfmon.exe C:\Programme\Spybot - Search & Destroy\Spybot - Search & Destroy\TeaTimer.exe C:\Programme\Sony Ericsson PC Suite\SEPCSuite.exe C:\Programme\Creative\Software Update 3\SoftAuto.exe C:\Programme\Skype\Phone\Skype.exe C:\Programme\Intel\Wireless\Bin\RegSrvc.exe C:\WINDOWS\system32\svchost.exe C:\Programme\Gemeinsame Dateien\Acronis\Fomatik\TrueImageTryStartService.exe C:\Programme\HotKey_Driver\HotKeyDriver.exe C:\Programme\D-Link DWA-643\D-Link DWA-643 Wireless N ExpressCard Notebook Adapter\wirelesscm.exe C:\Programme\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe C:\Programme\IVT Corporation\BlueSoleil\BsHelpCS.exe C:\Programme\TuneUp Utilities 2010\TuneUpUtilitiesApp32.exe C:\WINDOWS\system32\wbem\wmiapsrv.exe C:\Programme\Skype\Plugin Manager\skypePM.exe C:\WINDOWS\system32\wbem\unsecapp.exe C:\Programme\HijackThis\HijackThis.exe C:\Programme\bob\bob internet\Dashboard.exe C:\Programme\Google\Chrome\Application\chrome.exe C:\Programme\Google\Chrome\Application\chrome.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.orbitdownloader.com O2 - BHO: btorbit.com - {000123B4-9B42-4900-B3F7-F4B073EFC214} - C:\Programme\Orbitdownloader\orbitcth.dll O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Winamp Toolbar Loader - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Programme\Winamp Toolbar\winamptb.dll O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Programme\RealPlayer\rpbrowserrecordplugin.dll O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Programme\AVG\AVG8\avgssie.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programme\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Programme\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O3 - Toolbar: Grab Pro - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - C:\Programme\Orbitdownloader\GrabPro.dll O3 - Toolbar: Winamp Toolbar - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Programme\Winamp Toolbar\winamptb.dll O4 - HKLM\..\Run: [SynTPEnh] C:\Programme\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [IntelZeroConfig] "C:\Programme\Intel\Wireless\bin\ZCfgSvc.exe" O4 - HKLM\..\Run: [IntelWireless] "C:\Programme\Intel\Wireless\Bin\ifrmewrk.exe" /tf Intel PROSet/Wireless O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32 O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName O4 - HKLM\..\Run: [BtTray] "C:\Programme\IVT Corporation\BlueSoleil\BtTray.exe" O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe O4 - HKLM\..\Run: [StormCodec_Helper] "C:\Programme\Ringz Studio\Storm Codec\StormSet.exe" /S /opti O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [Adobe ARM] "C:\Programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [MP10_EnsureFileVer] C:\WINDOWS\inf\unregmp2.exe /EnsureFileVersions O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Programme\Java\jre6\bin\jusched.exe" O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Programme\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [Acronis Scheduler2 Service] "C:\Programme\Gemeinsame Dateien\Acronis\Schedule2\schedhlp.exe" O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Programme\Spybot - Search & Destroy\Spybot - Search & Destroy\TeaTimer.exe O4 - HKCU\..\Run: [Sony Ericsson PC Suite] "C:\Programme\Sony Ericsson PC Suite\SEPCSuite.exe" /systray /nologon O4 - HKCU\..\Run: [SoftAuto.exe] "C:\Programme\Creative\Software Update 3\SoftAuto.exe" O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Programme\DAEMON Tools Lite\daemon.exe" -autorun O4 - HKCU\..\Run: [Skype] "C:\Programme\Skype\Phone\Skype.exe" /nosplash /minimized O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOKALER DIENST') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETZWERKDIENST') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Global Startup: AutoStart IR.lnk.disabled O4 - Global Startup: HotKeyDriver.lnk = ? O4 - Global Startup: Microsoft Office.lnk = C:\Programme\Microsoft Office\Office10\OSA.EXE O4 - Global Startup: Wireless Connection Manager.lnk = C:\Programme\D-Link DWA-643\D-Link DWA-643 Wireless N ExpressCard Notebook Adapter\wirelesscm.exe O8 - Extra context menu item: &Download by Orbit - res://C:\Programme\Orbitdownloader\orbitmxt.dll/201 O8 - Extra context menu item: &Grab video by Orbit - res://C:\Programme\Orbitdownloader\orbitmxt.dll/204 O8 - Extra context menu item: &Winamp Search - C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html O8 - Extra context menu item: Alles mit FDM herunterladen - file://C:\Programme\Free Download Manager\dlall.htm O8 - Extra context menu item: Auswahl mit FDM herunterladen - file://C:\Programme\Free Download Manager\dlselected.htm O8 - Extra context menu item: Datei mit FDM herunterladen - file://C:\Programme\Free Download Manager\dllink.htm O8 - Extra context menu item: Do&wnload selected by Orbit - res://C:\Programme\Orbitdownloader\orbitmxt.dll/203 O8 - Extra context menu item: Down&load all by Orbit - res://C:\Programme\Orbitdownloader\orbitmxt.dll/202 O8 - Extra context menu item: Nach Microsoft &Excel exportieren - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000 O8 - Extra context menu item: Videos mit FDM herunterladen - file://C:\Programme\Free Download Manager\dlfvideo.htm O9 - Extra button: Ò×Ȥ¹ºÎï - {DE60714F-AC17-427e-861A-FD60CBDF119A} - h**p://click2.ad4all.net/url2/urlmanage/url.asp?id=1 (file missing) O9 - Extra 'Tools' menuitem: Ò×Ȥ¹ºÎï - {DE60714F-AC17-427e-861A-FD60CBDF119A} - h**p://click2.ad4all.net/url2/urlmanage/url.asp?id=1 (file missing) O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll O16 - DPF: {CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA} (Java Plug-in 1.6.0_16) - O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Programme\AVG\AVG8\avgpp.dll O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\GEMEIN~1\Skype\SKYPE4~1.DLL O20 - Winlogon Notify: Antiwpa - C:\WINDOWS\SYSTEM32\antiwpa.dll O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS\SYSTEM32\avgrsstx.dll O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - C:\Programme\Gemeinsame Dateien\Acronis\Schedule2\schedul2.exe O23 - Service: Atheros Configuration Service (ACS) - Atheros - C:\Programme\D-Link DWA-643\D-Link DWA-643 Wireless N ExpressCard Notebook Adapter\acs.exe O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe O23 - Service: BlueSoleilCS - Unknown owner - C:\Programme\IVT Corporation\BlueSoleil\BlueSoleilCS.exe O23 - Service: BsHelpCS - Unknown owner - C:\Programme\IVT Corporation\BlueSoleil\BsHelpCS.exe O23 - Service: CT Device Query service (CTDevice_Srv) - Creative Technology Ltd - C:\Programme\Creative\Shared Files\CTDevSrv.exe O23 - Service: Creative Centrale Media Server (CTUPnPSv) - Creative Technology Ltd - C:\Programme\Creative\Creative Centrale\CTUPnPSv.exe O23 - Service: EPGService - Hauppauge Computer Works - C:\PROGRA~1\WinTV\EPG Services\System\EPGService.exe O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Programme\Intel\Wireless\Bin\EvtEng.exe O23 - Service: Google Update Service (gupdate1ca7ca3119a3434) (gupdate1ca7ca3119a3434) - Google Inc. - C:\Programme\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Programme\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: HauppaugeTVServer - Hauppauge Computer Works - C:\PROGRA~1\WinTV\HCWTVS~1.EXE O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programme\Gemeinsame Dateien\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Programme\Java\jre6\bin\jqs.exe O23 - Service: O&O Defrag - O&O Software GmbH - C:\WINDOWS\system32\oodag.exe O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Programme\Intel\Wireless\Bin\RegSrvc.exe O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - C:\Programme\WinPcap\rpcapd.exe O23 - Service: Intel(R) PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Programme\Intel\Wireless\Bin\S24EvMon.exe O23 - Service: Acronis Try And Decide Service (TryAndDecideService) - Unknown owner - C:\Programme\Gemeinsame Dateien\Acronis\Fomatik\TrueImageTryStartService.exe O23 - Service: TuneUp Drive Defrag-Dienst (TuneUp.Defrag) - TuneUp Software - C:\Programme\TuneUp Utilities 2010\TuneUpDefragService.exe O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Programme\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe -- End of file - 11661 bytes |
|
29.12.2009, 15:54
| #2 |
| | nerviger virus/trojaner, downadup? hier mein RunAlyzer log, ich hab es aufgeteilt auf 2 txt-files, 1 wäre zu groß zum uploaden gewesen.
__________________ |
|
29.12.2009, 15:57
| #3 |
| | nerviger virus/trojaner, downadup? hab den log umgestaltet, jetzt geht er zum posten.
__________________Service (registry key): s1018unic Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Sony Ericsson Device 1018 USB Ethernet Emulation (WDM) Image path: system32\DRIVERS\s1018unic.sys Image size: 0 Image MD5: D41D8CD98F00B204E9800998ECF8427E Control Set: CurrentControlSet Start: 3 Type: 1 Error Control: 1 Service (registry key): S24EventMonitor Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Intel(R) PROSet/Wireless Service Description: Wireless Management Service for Intel(R) PROSet/Wireless Object name: LocalSystem Image path: C:\Programme\Intel\Wireless\Bin\S24EvMon.exe Image size: 983040 Image MD5: 131D50F081D2E29EBD1365B21F6B9736 Control Set: CurrentControlSet Start: 2 Type: 272 Error Control: 1 Depends On services: s24trans Service (registry key): sdbus Registry path: \SYSTEM\CurrentControlSet\Services\ Image path: system32\DRIVERS\sdbus.sys Image size: 0 Image MD5: D41D8CD98F00B204E9800998ECF8427E Control Set: CurrentControlSet Start: 3 Type: 1 Error Control: 1 Service (registry key): sfiqwh Registry path: \SYSTEM\CurrentControlSet\Services\ Control Set: CurrentControlSet Start: 0 Type: 0 Error Control: 0 Service (registry key): smserial Registry path: \SYSTEM\CurrentControlSet\Services\ Image path: system32\DRIVERS\smserial.sys Image size: 0 Image MD5: D41D8CD98F00B204E9800998ECF8427E Control Set: CurrentControlSet Start: 3 Type: 1 Error Control: 1 Service (registry key): SwPrv Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: MS Software Shadow Copy Provider Description: Verwaltet Software-basierte Schattenkopien des Volumeschattenkopie-Dienstes. Software-basierte Schattenkopien können nicht verwaltet werden, wenn dieser Dienst beendet wird. Falls dieser Dienst deaktiviert wird, können die Dienste, die von diesem Dienst ausschließlich abhängig sind, nicht mehr gestartet werden. Object name: LocalSystem Image path: C:\WINDOWS\system32\dllhost.exe /Processid:{FB380388-033A-43C4-B32A-E7DB56A2D961} Image size: 5120 Image MD5: BED2C7627AB78CA721EFB8B49EFB13EE Control Set: CurrentControlSet Start: 3 Type: 16 Error Control: 0 Depends On services: rpcss Service (registry key): tdrpman Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Acronis Try&Decide and Restore Points filter Image path: system32\DRIVERS\tdrpman.sys Image size: 0 Image MD5: D41D8CD98F00B204E9800998ECF8427E Control Set: CurrentControlSet Start: 0 Type: 1 Error Control: 1 Service (registry key): tifsfilter Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Acronis True Image FS Filter Image path: system32\DRIVERS\tifsfilt.sys Image size: 0 Image MD5: D41D8CD98F00B204E9800998ECF8427E Control Set: CurrentControlSet Start: 2 Type: 2 Error Control: 1 Service (registry key): timounter Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Acronis True Image Backup Archive Explorer Image path: system32\DRIVERS\timntr.sys Image size: 0 Image MD5: D41D8CD98F00B204E9800998ECF8427E Control Set: CurrentControlSet Start: 0 Type: 1 Error Control: 1 Service (registry key): TryAndDecideService Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Acronis Try And Decide Service Description: Acronis Try And Decide Service Object name: LocalSystem Image path: "C:\Programme\Gemeinsame Dateien\Acronis\Fomatik\TrueImageTryStartService.exe" Image size: 492896 Image MD5: BC236BBB0B16049392E020E53F17D04C Control Set: CurrentControlSet Start: 2 Type: 16 Error Control: 1 Service (registry key): ts_lb Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: ts_lb Image path: system32\drivers\ts_lb.sys Image size: 0 Image MD5: D41D8CD98F00B204E9800998ECF8427E Control Set: CurrentControlSet Start: 1 Type: 1 Error Control: 1 Depends On services: tcpip Service (registry key): TuneUp.Defrag Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: TuneUp Drive Defrag-Dienst Description: Ermöglicht TuneUp Drive Defrag das Defragmentieren von Datenträgern, damit der Computer schneller und effizienter wird. Object name: LocalSystem Image path: C:\Programme\TuneUp Utilities 2010\TuneUpDefragService.exe Image size: 435016 Image MD5: FAF93BB76E9334A2901D7657C193BE08 Control Set: CurrentControlSet Start: 3 Type: 16 Error Control: 0 Service (registry key): TuneUp.UtilitiesSvc Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: TuneUp Utilities Service Description: Dieser Dienst analysiert im Hintergrund die Nutzung Ihres Computers und ermöglicht die automatische Durchführung von situationsabhängigen Optimierungen. Alle Funktionen können in TuneUp Utilities eingestellt werden. Wenn Sie diesen Dienst stoppen oder deaktivieren, funktionieren Teile von TuneUp Utilities nicht mehr. Object name: LocalSystem Image path: "C:\Programme\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe" Image size: 1021256 Image MD5: 0351843ED98271993C83A5E4407F17FF Control Set: CurrentControlSet Start: 2 Type: 16 Error Control: 1 Depends On services: RPCSS Service (registry key): TuneUpUtilitiesDrv Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: TuneUpUtilitiesDrv Image path: \??\C:\Programme\TuneUp Utilities 2010\TuneUpUtilitiesDriver32.sys Image size: 0 Image MD5: D41D8CD98F00B204E9800998ECF8427E Control Set: CurrentControlSet Start: 3 Type: 1 Error Control: 1 Service (registry key): VNUSB Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: VN Series Device Image path: system32\DRIVERS\VNUSB.sys Image size: 0 Image MD5: D41D8CD98F00B204E9800998ECF8427E Control Set: CurrentControlSet Start: 3 Type: 1 Error Control: 1 Service (registry key): vsmon Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: TrueVector Internet Monitor Description: Monitors internet traffic and generates alerts for disallowed access. Object name: LocalSystem Image path: C:\WINDOWS\system32\ZoneLabs\vsmon.exe -service Image size: 75304 Image MD5: 4ABE946715D5E17C013D70FABB9E9780 Control Set: CurrentControlSet Start: 3 Type: 272 Error Control: 1 Depends On services: Afd,RpcSs,CryptSvc,vsdatant Service (registry key): WpdUsb Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: WpdUsb Image path: System32\Drivers\wpdusb.sys Image size: 0 Image MD5: D41D8CD98F00B204E9800998ECF8427E Control Set: CurrentControlSet Start: 3 Type: 1 Error Control: 1 Service (registry key): WSIMD Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: wsimd Service Image path: system32\DRIVERS\wsimd.sys Image size: 0 Image MD5: D41D8CD98F00B204E9800998ECF8427E Control Set: CurrentControlSet Start: 3 Type: 1 Error Control: 1 Service (registry key): zmolznj Registry path: \SYSTEM\CurrentControlSet\Services\ Control Set: CurrentControlSet Start: 0 Type: 0 Error Control: 0 Service (registry key): {067C3C4C-9CA0-42F9-BED5-D9727C772289} Registry path: \SYSTEM\CurrentControlSet\Services\ Control Set: CurrentControlSet Start: 0 Type: 0 Error Control: 0 Service (registry key): {31E2FEAB-6627-4B2C-BC68-772C38122BAB} Registry path: \SYSTEM\CurrentControlSet\Services\ Control Set: CurrentControlSet Start: 0 Type: 0 Error Control: 0 Service (registry key): {47BCA449-B1DF-4A95-A022-574A5C21A87E} Registry path: \SYSTEM\CurrentControlSet\Services\ Control Set: CurrentControlSet Start: 0 Type: 0 Error Control: 0 Service (registry key): {56B569A1-75A5-44FA-A770-3939BBECFF1A} Registry path: \SYSTEM\CurrentControlSet\Services\ Control Set: CurrentControlSet Start: 0 Type: 0 Error Control: 0 Service (registry key): {8973EB65-5268-4F8E-9DC6-ACA06DDF65D9} Registry path: \SYSTEM\CurrentControlSet\Services\ Control Set: CurrentControlSet Start: 0 Type: 0 Error Control: 0 Service (registry key): {9FECC5BC-A17F-4F13-8820-1456AFCA3EA8} Registry path: \SYSTEM\CurrentControlSet\Services\ Control Set: CurrentControlSet Start: 0 Type: 0 Error Control: 0 Service (registry key): {D0B8FED6-E733-46CD-96BE-13FBBE33FA01} Registry path: \SYSTEM\CurrentControlSet\Services\ Control Set: CurrentControlSet Start: 0 Type: 0 Error Control: 0 Service (registry key): {E2FA01C2-4D28-4AE0-BCA7-71EA7B6F1335} Registry path: \SYSTEM\CurrentControlSet\Services\ Control Set: CurrentControlSet Start: 0 Type: 0 Error Control: 0 Service (registry key): ado2vh5p Registry path: \SYSTEM\CurrentControlSet\Services\ Control Set: CurrentControlSet Start: 3 Type: 1 Error Control: 0 --- Winsock Layered Service Provider list --- Protocol 0: MSAFD NetBIOS [\Device\NwlnkNb] SEQPACKET 16 GUID: {8D5F1830-C273-11CF-95C8-00805F48A192} Filename: %SystemRoot%\system32\mswsock.dll Protocol 0: MSAFD NetBIOS [\Device\NwlnkNb] DATAGRAM 16 GUID: {8D5F1830-C273-11CF-95C8-00805F48A192} Filename: %SystemRoot%\system32\mswsock.dll Protocol 0: MSAFD NetBIOS [\Device\NwlnkNb] SEQPACKET 16 GUID: {8D5F1830-C273-11CF-95C8-00805F48A192} Filename: %SystemRoot%\system32\mswsock.dll Protocol 0: MSAFD NetBIOS [\Device\NwlnkNb] DATAGRAM 16 GUID: {8D5F1830-C273-11CF-95C8-00805F48A192} Filename: %SystemRoot%\system32\mswsock.dll Protocol 0: MSAFD NetBIOS [\Device\NwlnkNb] SEQPACKET 16 GUID: {8D5F1830-C273-11CF-95C8-00805F48A192} Filename: %SystemRoot%\system32\mswsock.dll Protocol 0: MSAFD NetBIOS [\Device\NwlnkNb] DATAGRAM 16 GUID: {8D5F1830-C273-11CF-95C8-00805F48A192} Filename: %SystemRoot%\system32\mswsock.dll --- Scheduled Tasks list --- Scheduled Task: C:\WINDOWS\Tasks\Automatische Problemsuche.job schedules in: C:\WINDOWS\Tasks\ Exec dir: Filename: C:\Programme\TuneUp Utilities 2010\TuneUpSystemStatusCheck.exe Filesize: 316232 File MD5: F0B93A6F16B048CFF9DD4344CD593D50 Parameters: Creator: banana joe Comment: Startet die Automatische Problemsuche zu festgelegten Zeiten Scheduled Task: C:\WINDOWS\Tasks\Google Software Updater.job schedules in: C:\WINDOWS\Tasks\ Exec dir: Filename: C:\Programme\Google\Common\Google Updater\GoogleUpdaterService.exe Filesize: 183280 File MD5: 5467F1FF0AF264566740F67E8B810735 Parameters: scheduled_start Creator: SYSTEM Comment: Mit Google Updater bleibt Ihre Google-Software stets auf dem neuesten Stand. Wird der Google Updater-Service deaktiviert oder angehalten, so wird Ihre Google-Software nicht mehr aktualisiert, was dazu führen kann, dass etwaige Sicherheitslücken nicht geschlossen werden und bestimmte Funktionen möglicherweise nicht mehr verfügbar sind. Scheduled Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job schedules in: C:\WINDOWS\Tasks\ Exec dir: Filename: C:\Programme\Google\Update\GoogleUpdate.exe Filesize: 133104 File MD5: 626A24ED1228580B9518C01930936DF9 Parameters: /c Creator: SYSTEM Comment: Hält Ihre Google-Software auf dem neuesten Stand. Wenn diese Anwendung deaktiviert oder angehalten wird, wird Ihre Google-Software nicht aktualisiert. Das heißt, dass eventuell auftretende Sicherheitslücken nicht behoben und bestimmte Funktionen möglicherweise nicht ausgeführt werden können. Diese Anwendung deinstalliert sich selbst, wenn sie nicht von einer Google-Software verwendet wird. Scheduled Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job schedules in: C:\WINDOWS\Tasks\ Exec dir: Filename: C:\Programme\Google\Update\GoogleUpdate.exe Filesize: 133104 File MD5: 626A24ED1228580B9518C01930936DF9 Parameters: /ua /installsource scheduler Creator: SYSTEM Comment: Hält Ihre Google-Software auf dem neuesten Stand. Wenn diese Anwendung deaktiviert oder angehalten wird, wird Ihre Google-Software nicht aktualisiert. Das heißt, dass eventuell auftretende Sicherheitslücken nicht behoben und bestimmte Funktionen möglicherweise nicht ausgeführt werden können. Diese Anwendung deinstalliert sich selbst, wenn sie nicht von einer Google-Software verwendet wird. --- Browser helper object list --- {000123B4-9B42-4900-B3F7-F4B073EFC214} (btorbit.com) location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\ BHO name: btorbit.com CLSID name: Octh Class Path: C:\Programme\Orbitdownloader\ Long name: orbitcth.dll Short name: Date (created): 30.04.2009 21:09:42 Date (last access): 29.12.2009 15:11:38 Date (last write): 26.11.2009 11:03:00 Filesize: 240912 Attributes: archive MD5: 0A15D81452C07B1E8E62D3113433C4C2 CRC32: 018DAFF4 Version: 2.4.0.8 {18DF081C-E8AD-4283-A596-FA578C2EBDC3} (AcroIEHelperStub) location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\ BHO name: AcroIEHelperStub CLSID name: Adobe PDF Link Helper Path: C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\ Long name: AcroIEHelperShim.dll Short name: ACROIE~2.DLL Date (created): 27.02.2009 13:07:26 Date (last access): 27.12.2009 12:34:06 Date (last write): 27.02.2009 13:07:26 Filesize: 75128 Attributes: archive MD5: 5CF6190CD875DA6B35256FEE573E7908 CRC32: 764BA81B Version: 9.1.0.163 {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} (Winamp Toolbar Loader) location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\ BHO name: Winamp Toolbar Loader CLSID name: Winamp Toolbar Loader Path: C:\Programme\Winamp Toolbar\ Long name: winamptb.dll Short name: Date (created): 06.05.2009 15:22:22 Date (last access): 29.12.2009 15:11:38 Date (last write): 06.05.2009 15:22:22 Filesize: 1262888 Attributes: archive MD5: 2A876E86DEF8E955F1D567D4FBC400E1 CRC32: 13FBE9CD Version: 5.1.56.1 {3049C3E9-B461-4BC5-8870-4C09146192CA} (RealPlayer Download and Record Plugin for Internet Explorer) location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\ BHO name: CLSID name: RealPlayer Download and Record Plugin for Internet Explorer Path: C:\Programme\RealPlayer\ Long name: rpbrowserrecordplugin.dll Short name: RPBROW~1.DLL Date (created): 17.02.2009 13:02:14 Date (last access): 29.12.2009 15:11:38 Date (last write): 17.02.2009 13:02:14 Filesize: 370296 Attributes: archive MD5: 4D630E9EF94CF8814DFD0E5938230822 CRC32: 02C3DBBF Version: 1.0.0.522 {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} (WormRadar.com IESiteBlocker.NavFilter) location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\ BHO name: WormRadar.com IESiteBlocker.NavFilter CLSID name: AVG Safe Search Path: C:\Programme\AVG\AVG8\ Long name: avgssie.dll Short name: Date (created): 26.09.2008 21:55:16 Date (last access): 29.12.2009 15:11:38 Date (last write): 20.12.2009 10:38:22 Filesize: 1111320 Attributes: archive MD5: 4343834DFB40CEAB85B0B4D77AFF1718 CRC32: 8CF0A8BE Version: 8.5.0.427 {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} (Google Toolbar Notifier BHO) location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\ BHO name: CLSID name: Google Toolbar Notifier BHO Path: C:\Programme\Google\GoogleToolbarNotifier\5.1.1309.3572\ Long name: swg.dll Short name: Date (created): 02.05.2009 02:03:58 Date (last access): 29.12.2009 15:11:38 Date (last write): 02.05.2009 02:03:58 Filesize: 668656 Attributes: archive MD5: D1585B06DED161E13B905DC4FFBF7F12 CRC32: 88D5BAA5 Version: 5.1.1309.3572 {DBC80044-A445-435b-BC74-9C25C1C588A9} (Java(tm) Plug-In 2 SSV Helper) location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\ BHO name: CLSID name: Java(tm) Plug-In 2 SSV Helper Path: C:\Programme\Java\jre6\bin\ Long name: jp2ssv.dll Short name: Date (created): 23.08.2009 22:47:44 Date (last access): 24.11.2009 21:03:08 Date (last write): 11.10.2009 04:17:30 Filesize: 41760 Attributes: archive MD5: C9EDE29F223A27873E187D9FB6045EA6 CRC32: 5951C3E0 Version: 6.0.170.4 {E7E6F031-17CE-4C07-BC86-EABFE594F69C} (JQSIEStartDetectorImpl) location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\ BHO name: JQSIEStartDetectorImpl CLSID name: JQSIEStartDetectorImpl Class Path: C:\Programme\Java\jre6\lib\deploy\jqs\ie\ Long name: jqs_plugin.dll Short name: JQS_PL~1.DLL Date (created): 23.08.2009 22:47:46 Date (last access): 24.11.2009 21:03:08 Date (last write): 11.10.2009 04:17:12 Filesize: 73728 Attributes: archive MD5: DEE8F03D1EACE0C8F914A2C76568EA32 CRC32: 53F8F67C Version: 6.0.170.4 {C4EE31F3-4768-11D2-BE5C-00A0C9A83DA1} (File Search Explorer Band) location: HKEY_USERS\S-1-5-21-606747145-1303643608-725345543-1003\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\ BHO name: CLSID name: File Search Explorer Band Path: %SystemRoot%\system32\ Long name: SHELL32.dll MD5: D41D8CD98F00B204E9800998ECF8427E {EFA24E64-B078-11D0-89E4-00C04FC9E26E} (Explorer-Band) location: HKEY_USERS\S-1-5-21-606747145-1303643608-725345543-1003\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\ BHO name: CLSID name: Explorer-Band Path: %SystemRoot%\system32\ Long name: shdocvw.dll MD5: D41D8CD98F00B204E9800998ECF8427E {3af36230-a269-11d1-b5bf-0000f8051515} (Offlinebrowsingpaket) location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\ BHO name: Offlinebrowsingpaket CLSID name: MD5: D41D8CD98F00B204E9800998ECF8427E {5A8D6EE0-3E18-11D0-821E-444553540000} () location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\ BHO name: CLSID name: MD5: D41D8CD98F00B204E9800998ECF8427E {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} (Microsoft NetShow Player) location: HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Active Setup\Installed Components\ BHO name: CLSID name: Microsoft NetShow Player Path: C:\WINDOWS\system32\ Long name: wmpdxm.dll Short name: Date (created): 29.10.2007 13:00:00 Date (last access): 28.12.2009 22:23:00 Date (last write): 29.10.2007 13:00:00 Filesize: 233472 Attributes: archive MD5: 7E682A6D623DB1E70996D06A2214E1E4 CRC32: 2794EFCD Version: 9.0.0.3250 {22d6f312-b0f6-11d0-94ab-0080c74c7e95} (Windows Media Player) location: HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Active Setup\Installed Components\ BHO name: CLSID name: Windows Media Player Path: C:\WINDOWS\system32\ Long name: wmpdxm.dll Short name: Date (created): 29.10.2007 13:00:00 Date (last access): 29.12.2009 15:12:06 Date (last write): 29.10.2007 13:00:00 Filesize: 233472 Attributes: archive MD5: 7E682A6D623DB1E70996D06A2214E1E4 CRC32: 2794EFCD Version: 9.0.0.3250 {44BBA842-CC51-11CF-AAFA-00AA00B6015B} () location: HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Active Setup\Installed Components\ BHO name: CLSID name: MD5: D41D8CD98F00B204E9800998ECF8427E {44BBA848-CC51-11CF-AAFA-00AA00B6015C} () location: HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Active Setup\Installed Components\ BHO name: CLSID name: MD5: D41D8CD98F00B204E9800998ECF8427E {6BF52A52-394A-11d3-B153-00C04F79FAA6} (Windows Media Player) location: HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Active Setup\Installed Components\ BHO name: CLSID name: Windows Media Player Path: C:\WINDOWS\system32\ Long name: wmp.dll Short name: Date (created): 29.10.2007 13:00:00 Date (last access): 29.12.2009 14:51:38 Date (last write): 29.10.2007 13:00:00 Filesize: 4874240 Attributes: archive MD5: 40F0D16791405FDC23EF09E3E5009385 CRC32: F3054639 Version: 9.0.0.3250 {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} (Microsoft NetShow Player) location: HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Active Setup\Installed Components\ BHO name: CLSID name: Microsoft NetShow Player Path: C:\WINDOWS\system32\ Long name: wmpdxm.dll Short name: Date (created): 29.10.2007 13:00:00 Date (last access): 29.12.2009 15:12:06 Date (last write): 29.10.2007 13:00:00 Filesize: 233472 Attributes: archive MD5: 7E682A6D623DB1E70996D06A2214E1E4 CRC32: 2794EFCD Version: 9.0.0.3250 {22d6f312-b0f6-11d0-94ab-0080c74c7e95} (Windows Media Player) location: HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Active Setup\Installed Components\ BHO name: CLSID name: Windows Media Player Path: C:\WINDOWS\system32\ Long name: wmpdxm.dll Short name: Date (created): 29.10.2007 13:00:00 Date (last access): 29.12.2009 15:12:06 Date (last write): 29.10.2007 13:00:00 Filesize: 233472 Attributes: archive MD5: 7E682A6D623DB1E70996D06A2214E1E4 CRC32: 2794EFCD Version: 9.0.0.3250 {44BBA842-CC51-11CF-AAFA-00AA00B6015B} () location: HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Active Setup\Installed Components\ BHO name: CLSID name: MD5: D41D8CD98F00B204E9800998ECF8427E {44BBA848-CC51-11CF-AAFA-00AA00B6015C} () location: HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Active Setup\Installed Components\ BHO name: CLSID name: MD5: D41D8CD98F00B204E9800998ECF8427E {6BF52A52-394A-11d3-B153-00C04F79FAA6} (Windows Media Player) location: HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Active Setup\Installed Components\ BHO name: CLSID name: Windows Media Player Path: C:\WINDOWS\system32\ Long name: wmp.dll Short name: Date (created): 29.10.2007 13:00:00 Date (last access): 29.12.2009 14:51:38 Date (last write): 29.10.2007 13:00:00 Filesize: 4874240 Attributes: archive MD5: 40F0D16791405FDC23EF09E3E5009385 CRC32: F3054639 Version: 9.0.0.3250 {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} (Microsoft NetShow Player) location: HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Active Setup\Installed Components\ BHO name: CLSID name: Microsoft NetShow Player Path: C:\WINDOWS\system32\ Long name: wmpdxm.dll Short name: Date (created): 29.10.2007 13:00:00 Date (last access): 29.12.2009 15:12:06 Date (last write): 29.10.2007 13:00:00 Filesize: 233472 Attributes: archive MD5: 7E682A6D623DB1E70996D06A2214E1E4 CRC32: 2794EFCD Version: 9.0.0.3250 {22d6f312-b0f6-11d0-94ab-0080c74c7e95} (Windows Media Player) location: HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Active Setup\Installed Components\ BHO name: CLSID name: Windows Media Player Path: C:\WINDOWS\system32\ Long name: wmpdxm.dll Short name: Date (created): 29.10.2007 13:00:00 Date (last access): 29.12.2009 15:12:06 Date (last write): 29.10.2007 13:00:00 Filesize: 233472 Attributes: archive MD5: 7E682A6D623DB1E70996D06A2214E1E4 CRC32: 2794EFCD Version: 9.0.0.3250 {44BBA842-CC51-11CF-AAFA-00AA00B6015B} () location: HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Active Setup\Installed Components\ BHO name: CLSID name: MD5: D41D8CD98F00B204E9800998ECF8427E {44BBA848-CC51-11CF-AAFA-00AA00B6015C} () location: HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Active Setup\Installed Components\ BHO name: CLSID name: MD5: D41D8CD98F00B204E9800998ECF8427E {6BF52A52-394A-11d3-B153-00C04F79FAA6} (Windows Media Player) location: HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Active Setup\Installed Components\ BHO name: CLSID name: Windows Media Player Path: C:\WINDOWS\system32\ Long name: wmp.dll Short name: Date (created): 29.10.2007 13:00:00 Date (last access): 29.12.2009 14:51:38 Date (last write): 29.10.2007 13:00:00 Filesize: 4874240 Attributes: archive MD5: 40F0D16791405FDC23EF09E3E5009385 CRC32: F3054639 Version: 9.0.0.3250 >{26923b43-4d38-484f-9b9e-de460746276c} () location: HKEY_USERS\S-1-5-21-606747145-1303643608-725345543-1003\SOFTWARE\Microsoft\Active Setup\Installed Components\ BHO name: CLSID name: MD5: D41D8CD98F00B204E9800998ECF8427E >{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS () location: HKEY_USERS\S-1-5-21-606747145-1303643608-725345543-1003\SOFTWARE\Microsoft\Active Setup\Installed Components\ BHO name: CLSID name: MD5: D41D8CD98F00B204E9800998ECF8427E >{881dd1c5-3dcf-431b-b061-f3f88e8be88a} () location: HKEY_USERS\S-1-5-21-606747145-1303643608-725345543-1003\SOFTWARE\Microsoft\Active Setup\Installed Components\ BHO name: CLSID name: MD5: D41D8CD98F00B204E9800998ECF8427E {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} (Microsoft NetShow Player) location: HKEY_USERS\S-1-5-21-606747145-1303643608-725345543-1003\SOFTWARE\Microsoft\Active Setup\Installed Components\ BHO name: CLSID name: Microsoft NetShow Player Path: C:\WINDOWS\system32\ Long name: wmpdxm.dll Short name: Date (created): 29.10.2007 13:00:00 Date (last access): 29.12.2009 15:12:06 Date (last write): 29.10.2007 13:00:00 Filesize: 233472 Attributes: archive MD5: 7E682A6D623DB1E70996D06A2214E1E4 CRC32: 2794EFCD Version: 9.0.0.3250 {22d6f312-b0f6-11d0-94ab-0080c74c7e95} (Windows Media Player) location: HKEY_USERS\S-1-5-21-606747145-1303643608-725345543-1003\SOFTWARE\Microsoft\Active Setup\Installed Components\ BHO name: CLSID name: Windows Media Player Path: C:\WINDOWS\system32\ Long name: wmpdxm.dll Short name: Date (created): 29.10.2007 13:00:00 Date (last access): 29.12.2009 15:12:06 Date (last write): 29.10.2007 13:00:00 Filesize: 233472 Attributes: archive MD5: 7E682A6D623DB1E70996D06A2214E1E4 CRC32: 2794EFCD Version: 9.0.0.3250 {2C7339CF-2B09-4501-B3F3-F3508C9228ED} () location: HKEY_USERS\S-1-5-21-606747145-1303643608-725345543-1003\SOFTWARE\Microsoft\Active Setup\Installed Components\ BHO name: CLSID name: MD5: D41D8CD98F00B204E9800998ECF8427E {44BBA840-CC51-11CF-AAFA-00AA00B6015C} () location: HKEY_USERS\S-1-5-21-606747145-1303643608-725345543-1003\SOFTWARE\Microsoft\Active Setup\Installed Components\ BHO name: CLSID name: MD5: D41D8CD98F00B204E9800998ECF8427E {44BBA842-CC51-11CF-AAFA-00AA00B6015B} () location: HKEY_USERS\S-1-5-21-606747145-1303643608-725345543-1003\SOFTWARE\Microsoft\Active Setup\Installed Components\ BHO name: CLSID name: MD5: D41D8CD98F00B204E9800998ECF8427E {44BBA848-CC51-11CF-AAFA-00AA00B6015C} () location: HKEY_USERS\S-1-5-21-606747145-1303643608-725345543-1003\SOFTWARE\Microsoft\Active Setup\Installed Components\ BHO name: CLSID name: MD5: D41D8CD98F00B204E9800998ECF8427E {5945c046-1e7d-11d1-bc44-00c04fd912be} () location: HKEY_USERS\S-1-5-21-606747145-1303643608-725345543-1003\SOFTWARE\Microsoft\Active Setup\Installed Components\ BHO name: CLSID name: MD5: D41D8CD98F00B204E9800998ECF8427E {6BF52A52-394A-11d3-B153-00C04F79FAA6} (Windows Media Player) location: HKEY_USERS\S-1-5-21-606747145-1303643608-725345543-1003\SOFTWARE\Microsoft\Active Setup\Installed Components\ BHO name: CLSID name: Windows Media Player Path: C:\WINDOWS\system32\ Long name: wmp.dll Short name: Date (created): 29.10.2007 13:00:00 Date (last access): 29.12.2009 14:51:38 Date (last write): 29.10.2007 13:00:00 Filesize: 4874240 Attributes: archive MD5: 40F0D16791405FDC23EF09E3E5009385 CRC32: F3054639 Version: 9.0.0.3250 {73FA19D0-2D75-11D2-995D-00C04F98BBC9} () location: HKEY_USERS\S-1-5-21-606747145-1303643608-725345543-1003\SOFTWARE\Microsoft\Active Setup\Installed Components\ BHO name: CLSID name: MD5: D41D8CD98F00B204E9800998ECF8427E {7790769C-0471-11d2-AF11-00C04FA35D02} () location: HKEY_USERS\S-1-5-21-606747145-1303643608-725345543-1003\SOFTWARE\Microsoft\Active Setup\Installed Components\ BHO name: CLSID name: MD5: D41D8CD98F00B204E9800998ECF8427E {89820200-ECBD-11cf-8B85-00AA005B4340} () location: HKEY_USERS\S-1-5-21-606747145-1303643608-725345543-1003\SOFTWARE\Microsoft\Active Setup\Installed Components\ BHO name: CLSID name: MD5: D41D8CD98F00B204E9800998ECF8427E {89820200-ECBD-11cf-8B85-00AA005B4383} () location: HKEY_USERS\S-1-5-21-606747145-1303643608-725345543-1003\SOFTWARE\Microsoft\Active Setup\Installed Components\ BHO name: CLSID name: MD5: D41D8CD98F00B204E9800998ECF8427E {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} (Microsoft NetShow Player) location: HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Active Setup\Installed Components\ BHO name: CLSID name: Microsoft NetShow Player Path: C:\WINDOWS\system32\ Long name: wmpdxm.dll Short name: Date (created): 29.10.2007 13:00:00 Date (last access): 29.12.2009 15:12:06 Date (last write): 29.10.2007 13:00:00 Filesize: 233472 Attributes: archive MD5: 7E682A6D623DB1E70996D06A2214E1E4 CRC32: 2794EFCD Version: 9.0.0.3250 {22d6f312-b0f6-11d0-94ab-0080c74c7e95} (Windows Media Player) location: HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Active Setup\Installed Components\ BHO name: CLSID name: Windows Media Player Path: C:\WINDOWS\system32\ Long name: wmpdxm.dll Short name: Date (created): 29.10.2007 13:00:00 Date (last access): 29.12.2009 15:12:06 Date (last write): 29.10.2007 13:00:00 Filesize: 233472 Attributes: archive MD5: 7E682A6D623DB1E70996D06A2214E1E4 CRC32: 2794EFCD Version: 9.0.0.3250 {44BBA842-CC51-11CF-AAFA-00AA00B6015B} () location: HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Active Setup\Installed Components\ BHO name: CLSID name: MD5: D41D8CD98F00B204E9800998ECF8427E {44BBA848-CC51-11CF-AAFA-00AA00B6015C} () location: HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Active Setup\Installed Components\ BHO name: CLSID name: MD5: D41D8CD98F00B204E9800998ECF8427E {6BF52A52-394A-11d3-B153-00C04F79FAA6} (Windows Media Player) location: HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Active Setup\Installed Components\ BHO name: CLSID name: Windows Media Player Path: C:\WINDOWS\system32\ Long name: wmp.dll Short name: Date (created): 29.10.2007 13:00:00 Date (last access): 29.12.2009 14:51:38 Date (last write): 29.10.2007 13:00:00 Filesize: 4874240 Attributes: archive MD5: 40F0D16791405FDC23EF09E3E5009385 CRC32: F3054639 Version: 9.0.0.3250 CmdMapping () location: HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Extensions\ BHO name: CLSID name: MD5: D41D8CD98F00B204E9800998ECF8427E CmdMapping () location: HKEY_USERS\S-1-5-21-606747145-1303643608-725345543-1003\SOFTWARE\Microsoft\Internet Explorer\Extensions\ BHO name: CLSID name: MD5: D41D8CD98F00B204E9800998ECF8427E CmdMapping () location: HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Extensions\ BHO name: CLSID name: MD5: D41D8CD98F00B204E9800998ECF8427E {AAA288BA-9A4C-45B0-95D7-94D524869DB5} (WPDShServiceObj) location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\ BHO name: WPDShServiceObj CLSID name: WPDShServiceObj Class Path: C:\WINDOWS\system32\ Long name: WPDShServiceObj.dll Short name: WPDSHS~1.DLL Date (created): 18.10.2006 21:47:22 Date (last access): 29.12.2009 14:50:48 Date (last write): 18.10.2006 21:47:22 Filesize: 133632 Attributes: MD5: 045E228F71C31901084B64BE59093499 CRC32: A448DC9A Version: 5.2.5721.5145 {00BB2763-6A77-11D0-A535-00C04FD7D062} (Shell Microsoft AutoComplete) location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\ BHO name: Shell Microsoft AutoComplete CLSID name: Shell Microsoft AutoComplete Path: %SystemRoot%\system32\ Long name: browseui.dll MD5: D41D8CD98F00B204E9800998ECF8427E {30D02401-6A81-11d0-8274-00C04FD5AE38} (IE Search Band) location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\ BHO name: IE Search Band CLSID name: IE Search Band Path: %SystemRoot%\system32\ Long name: browseui.dll MD5: D41D8CD98F00B204E9800998ECF8427E {3028902F-6374-48b2-8DC6-9725E775B926} (IE Microsoft AutoComplete) location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\ BHO name: IE Microsoft AutoComplete CLSID name: IE Microsoft AutoComplete Path: %SystemRoot%\system32\ Long name: browseui.dll MD5: D41D8CD98F00B204E9800998ECF8427E {EFA24E62-B078-11d0-89E4-00C04FC9E26E} (History Band) location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\ BHO name: History Band CLSID name: History Band Path: %SystemRoot%\system32\ Long name: shdocvw.dll MD5: D41D8CD98F00B204E9800998ECF8427E {2F603045-309F-11CF-9774-0020AFD0CFF6} (Synaptics Control Panel) location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\ BHO name: Synaptics Control Panel CLSID name: Path: C:\Programme\Synaptics\SynTP\ Long name: SynTPCpl.dll Short name: Date (created): 23.06.2008 22:52:52 Date (last access): 26.12.2009 21:52:36 Date (last write): 12.10.2006 11:38:40 Filesize: 872448 Attributes: readonly archive MD5: 2E8F36118056BFFE2517FB15EA4DFDE6 CRC32: DDC4BF1E Version: 9.0.2.0 {A5D35F9F-6A11-4EAA-B70B-7BB6FE32663A} (XnView Shell Extension) location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\ BHO name: XnView Shell Extension CLSID name: XnViewShell Class Path: C:\Programme\XnView\ Long name: XnViewShellExt.dll Short name: XNVIEW~1.DLL Date (created): 07.02.2007 10:26:24 Date (last access): 29.12.2009 02:28:56 Date (last write): 07.02.2007 10:26:24 Filesize: 1003520 Attributes: archive MD5: 4AC86F15E60F6036214B4F55E921924F CRC32: 72EB75C9 Version: 1.5.0.0 {B41DB860-8EE4-11D2-9906-E49FADC173CA} (WinRAR shell extension) location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\ BHO name: WinRAR shell extension CLSID name: WinRAR Path: C:\Programme\WinRAR\ Long name: RarExt.dll Short name: Date (created): 08.08.2008 22:33:24 Date (last access): 29.12.2009 14:57:18 Date (last write): 16.09.2008 19:18:06 Filesize: 132608 Attributes: archive MD5: F11FE030158F8EF14A56A3EA9E9BD47D CRC32: C9FD55A1 Version: 3.80.0.0 {C539A15A-3AF9-4c92-B771-50CB78F5C751} (Acronis True Image Shell Context Menu Extension) location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\ BHO name: Acronis True Image Shell Context Menu Extension CLSID name: Acronis True Image Shell Context Menu Extension Path: C:\Programme\Acronis\TrueImageHome\ Long name: tishell.dll Short name: Date (created): 09.04.2008 19:21:58 Date (last access): 29.12.2009 14:49:04 Date (last write): 09.04.2008 19:21:58 Filesize: 514328 Attributes: archive MD5: 7307E1F13DF10094CD2CBEEB1463F205 CRC32: CE255AF6 Version: 11.0.0.8101 {C539A15B-3AF9-4c92-B771-50CB78F5C751} (Acronis True Image Shell Extension) location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\ BHO name: Acronis True Image Shell Extension CLSID name: Acronis True Image Shell Extension Path: C:\Programme\Acronis\TrueImageHome\ Long name: tishell.dll Short name: Date (created): 09.04.2008 19:21:58 Date (last access): 29.12.2009 14:49:04 Date (last write): 09.04.2008 19:21:58 Filesize: 514328 Attributes: archive MD5: 7307E1F13DF10094CD2CBEEB1463F205 CRC32: CE255AF6 Version: 11.0.0.8101 {9F97547E-4609-42C5-AE0C-81C61FFAEBC3} (AVG8 Shell Extension) location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\ BHO name: AVG8 Shell Extension CLSID name: AVG8 Shell Extension Class Path: C:\Programme\AVG\AVG8\ Long name: avgse.dll Short name: Date (created): 26.09.2008 21:55:14 Date (last access): 29.12.2009 14:57:20 Date (last write): 18.09.2009 10:55:38 Filesize: 114968 Attributes: archive MD5: EB12E0DC83F6744F4E20F7559C88B89A CRC32: D47CECBD Version: 8.5.0.401 {9F97547E-460A-42C5-AE0C-81C61FFAEBC3} (AVG8 Find Extension) location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\ BHO name: AVG8 Find Extension CLSID name: MD5: D41D8CD98F00B204E9800998ECF8427E {F0CB00CD-5A07-4D91-97F5-A8C92CDA93E4} (Shell Extensions for RealOne Player) location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\ BHO name: Shell Extensions for RealOne Player CLSID name: RealOne Player Context Menu Class Path: C:\Programme\RealPlayer\ Long name: rpshell.dll Short name: Date (created): 17.02.2009 13:01:52 Date (last access): 14.08.2009 17:32:06 Date (last write): 17.02.2009 13:01:52 Filesize: 63040 Attributes: archive MD5: F8C799BB63C6020BE54E4132E1866BE0 CRC32: 193D49A0 Version: 1.0.1.3001 {D9872D13-7651-4471-9EEE-F0A00218BEBB} (Multiscan) location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\ BHO name: Multiscan CLSID name: ZLAVShExt Class Path: C:\Programme\Zone Labs\ZoneAlarm\ Long name: zlavscan.dll Short name: Date (created): 23.06.2008 23:43:08 Date (last access): 29.12.2009 14:57:16 Date (last write): 09.07.2008 08:05:12 Filesize: 50664 Attributes: archive MD5: F84503799F785E838D87AE8F08EAE350 CRC32: 0A542523 Version: 7.0.483.0 {48EAD1E1-ECF2-4a85-AA09-1C44FBEED451} (OODefrag) location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\ BHO name: OODefrag CLSID name: OODShellExtObj Class Path: C:\PROGRA~1\OODEFR~1\ Long name: oodsh.dll Short name: Date (created): 11.05.2005 02:30:40 Date (last access): 29.12.2009 14:57:18 Date (last write): 11.05.2005 02:30:40 Filesize: 376832 Attributes: archive MD5: C24F4537CBFC763AD2D482340B5876F8 CRC32: 1FACEDDA Version: 1.0.1.2596 {44440D00-FF19-4AFC-B765-9A0970567D97} (TuneUp Theme Extension) location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\ BHO name: TuneUp Theme Extension CLSID name: TuneUp Theme Extension Path: %SystemRoot%\System32\ Long name: uxtuneup.dll MD5: D41D8CD98F00B204E9800998ECF8427E {4858E7D9-8E12-45a3-B6A3-1CD128C9D403} (TuneUp Shredder Shell Extension) location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\ BHO name: TuneUp Shredder Shell Extension CLSID name: TuneUp Shredder Shell Extension Path: C:\Programme\TuneUp Utilities 2010\ Long name: SDShelEx-win32.dll Short name: SDSHEL~1.DLL Date (created): 13.11.2009 09:25:24 Date (last access): 29.12.2009 12:39:46 Date (last write): 13.11.2009 09:25:24 Filesize: 30536 Attributes: archive MD5: 0AC7ACB0FCDAC258ECE3FEC74B53AE96 CRC32: 4C57101A Version: 9.0.2010.9 {4838CD50-7E5D-4811-9B17-C47A85539F28} (TuneUp Disk Space Explorer Shell Extension) location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\ BHO name: TuneUp Disk Space Explorer Shell Extension CLSID name: TuneUp Disk Space Explorer Shell Extension Path: C:\Programme\TuneUp Utilities 2010\ Long name: DseShExt-x86.dll Short name: DSESHE~1.DLL Date (created): 13.11.2009 09:25:08 Date (last access): 28.12.2009 13:08:54 Date (last write): 13.11.2009 09:25:08 Filesize: 26440 Attributes: archive MD5: F63BF5F3FDF08C57FA39B01DC1FB87A8 CRC32: 9DB8D7FC Version: 9.0.2010.9 {35786D3C-B075-49b9-88DD-029876E11C01} (Portable Devices) location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\ BHO name: Portable Devices CLSID name: Portable Devices Path: %SystemRoot%\system32\ Long name: wpdshext.dll MD5: D41D8CD98F00B204E9800998ECF8427E {D6791A63-E7E2-4fee-BF52-5DED8E86E9B8} (Portable Devices Menu) location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\ BHO name: Portable Devices Menu CLSID name: Portable Devices Menu Path: %SystemRoot%\system32\ Long name: wpdshext.dll MD5: D41D8CD98F00B204E9800998ECF8427E --- Browser helper object list --- {CFBFAE00-17A6-11D0-99CB-00C04FD64497} (Microsoft Url Sucheingriff) location: HKEY_USERS\S-1-5-21-606747145-1303643608-725345543-1003\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\ BHO name: CLSID name: Microsoft Url Sucheingriff Path: %SystemRoot%\system32\ Long name: shdocvw.dll MD5: D41D8CD98F00B204E9800998ECF8427E {01E04581-4EEE-11D0-BFE9-00AA005B4383} (&Adresse) location: HKEY_USERS\S-1-5-21-606747145-1303643608-725345543-1003\SOFTWARE\Microsoft\Internet Explorer\Toolbar\ShellBrowser\ BHO name: CLSID name: &Adresse Path: %SystemRoot%\system32\ Long name: browseui.dll MD5: D41D8CD98F00B204E9800998ECF8427E {C55BBCD6-41AD-48AD-9953-3609C48EACC7} (Grab Pro) location: HKEY_USERS\S-1-5-21-606747145-1303643608-725345543-1003\SOFTWARE\Microsoft\Internet Explorer\Toolbar\ShellBrowser\ BHO name: CLSID name: Grab Pro Path: C:\Programme\Orbitdownloader\ Long name: GrabPro.dll Short name: Date (created): 30.04.2009 21:09:42 Date (last access): 02.12.2009 13:20:52 Date (last write): 26.11.2009 11:03:00 Filesize: 662720 Attributes: archive MD5: 604ACE62FF8139CED938792D9AD88D4F CRC32: 739F8BB8 Version: 1.0.0.17 {0E5CBF21-D15F-11D0-8301-00AA005B4383} (&Links) location: HKEY_USERS\S-1-5-21-606747145-1303643608-725345543-1003\SOFTWARE\Microsoft\Internet Explorer\Toolbar\ShellBrowser\ BHO name: CLSID name: &Links Path: %SystemRoot%\system32\ Long name: SHELL32.dll MD5: D41D8CD98F00B204E9800998ECF8427E {01E04581-4EEE-11D0-BFE9-00AA005B4383} (&Adresse) location: HKEY_USERS\S-1-5-21-606747145-1303643608-725345543-1003\SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser\ BHO name: CLSID name: &Adresse Path: %SystemRoot%\system32\ Long name: browseui.dll MD5: D41D8CD98F00B204E9800998ECF8427E {0E5CBF21-D15F-11D0-8301-00AA005B4383} (&Links) location: HKEY_USERS\S-1-5-21-606747145-1303643608-725345543-1003\SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser\ BHO name: CLSID name: &Links Path: %SystemRoot%\system32\ Long name: SHELL32.dll MD5: D41D8CD98F00B204E9800998ECF8427E {C55BBCD6-41AD-48AD-9953-3609C48EACC7} (Grab Pro) location: HKEY_USERS\S-1-5-21-606747145-1303643608-725345543-1003\SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser\ BHO name: CLSID name: Grab Pro Path: C:\Programme\Orbitdownloader\ Long name: GrabPro.dll Short name: Date (created): 30.04.2009 21:09:42 Date (last access): 29.12.2009 15:12:08 Date (last write): 26.11.2009 11:03:00 Filesize: 662720 Attributes: archive MD5: 604ACE62FF8139CED938792D9AD88D4F CRC32: 739F8BB8 Version: 1.0.0.17 {EBF2BA02-9094-4C5A-858B-BB198F3D8DE2} (Winamp Toolbar) location: HKEY_USERS\S-1-5-21-606747145-1303643608-725345543-1003\SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser\ BHO name: CLSID name: Winamp Toolbar Path: C:\Programme\Winamp Toolbar\ Long name: winamptb.dll Short name: Date (created): 06.05.2009 15:22:22 Date (last access): 29.12.2009 15:11:38 Date (last write): 06.05.2009 15:22:22 Filesize: 1262888 Attributes: archive MD5: 2A876E86DEF8E955F1D567D4FBC400E1 CRC32: 13FBE9CD Version: 5.1.56.1 --- ActiveX list --- {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.6.0) DPF name: Java Runtime Environment 1.6.0 CLSID name: Java Plug-in 1.6.0_17 Installer: Codebase: http://java.sun.com/update/1.6.0/jin...ndows-i586.cab Path: C:\Programme\Java\jre6\bin\ Long name: npjpi160_17.dll Short name: NPJPI1~1.DLL Date (created): 11.10.2009 02:14:36 Date (last access): 11.10.2073 04:18:30 Date (last write): 11.10.2009 04:17:30 Filesize: 136992 Attributes: archive MD5: 3D58770680F268A23A8CE1F14B49AA2F CRC32: 6091A816 Version: 6.0.170.4 {CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA} () DPF name: CLSID name: Installer: Codebase: MD5: D41D8CD98F00B204E9800998ECF8427E {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} (Java Runtime Environment 1.6.0) DPF name: Java Runtime Environment 1.6.0 CLSID name: Java Plug-in 1.6.0_17 Installer: Codebase: http://java.sun.com/update/1.6.0/jin...ndows-i586.cab Path: C:\Programme\Java\jre6\bin\ Long name: npjpi160_17.dll Short name: NPJPI1~1.DLL Date (created): 11.10.2009 02:14:36 Date (last access): 29.12.2009 15:12:08 Date (last write): 11.10.2009 04:17:30 Filesize: 136992 Attributes: archive MD5: 3D58770680F268A23A8CE1F14B49AA2F CRC32: 6091A816 Version: 6.0.170.4 {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} (Java Runtime Environment 1.6.0) DPF name: Java Runtime Environment 1.6.0 CLSID name: Java Plug-in 1.6.0_17 Installer: Codebase: http://java.sun.com/update/1.6.0/jin...ndows-i586.cab Path: C:\Programme\Java\jre6\bin\ Long name: npjpi160_17.dll Short name: NPJPI1~1.DLL Date (created): 11.10.2009 02:14:36 Date (last access): 29.12.2009 15:12:08 Date (last write): 11.10.2009 04:17:30 Filesize: 136992 Attributes: archive MD5: 3D58770680F268A23A8CE1F14B49AA2F CRC32: 6091A816 Version: 6.0.170.4 --- ActiveX list --- |
|
| Themen zu nerviger virus/trojaner, downadup? |
| adobe, antiwpa, avg, avg free, bho, computer, downadup, einstellungen, excel, explorer, fehler, festplatte, free download, google, gupdate, hijack-this, hijackthis, hkus\s-1-5-18, hotkey, internet, internet explorer, jwgkvsq.vmx, löschen, microsoft, monitor, nerviger virus/trojaner, neu aufsetzen, neustart, notebook, plug-in, pop-ups, programme, registry, server, software, studio, virus/trojaner, windows xp |
Linear-Darstellung
