OTL Logfile: Code:
OTL logfile created on: 6/20/2011 5:36:40 PM - Run
OTLPE by OldTimer - Version 3.1.46.0 Folder = X:\Programs\OTLPE
Microsoft Windows XP Service Pack 3 (Version = 5.1.2600) - Type = SYSTEM
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
2.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 86.00% Memory free
2.00 Gb Paging File | 2.00 Gb Available in Paging File | 97.00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 78.13 Gb Total Space | 38.19 Gb Free Space | 48.89% Space Free | Partition Type: NTFS
Drive E: | 38.29 Gb Total Space | 31.26 Gb Free Space | 81.64% Space Free | Partition Type: NTFS
Drive X: | 436.59 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
Computer Name: REATOGO | User Name: SYSTEM
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
Using ControlSet: ControlSet001
========== Win32 Services (SafeList) ==========
SRV - [2011/06/19 04:54:12 | 003,435,096 | ---- | M] () [Auto] -- C:\Programme\Gemeinsame Dateien\Akamai\netsession_win_e877e12.dll -- (Akamai)
SRV - [2011/02/18 10:37:16 | 000,037,664 | ---- | M] (Apple Inc.) [Auto] -- C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2010/11/18 18:29:00 | 000,072,704 | ---- | M] (Adobe Systems) [On_Demand] -- C:\Programme\Gemeinsame Dateien\Adobe Systems Shared\Service\Adobelmsvc.exe -- (Adobe LM Service)
SRV - [2010/04/06 15:23:54 | 000,655,624 | ---- | M] (Acresso Software Inc.) [On_Demand] -- C:\Programme\Gemeinsame Dateien\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2010/01/15 08:49:20 | 000,227,232 | ---- | M] (McAfee, Inc.) [On_Demand] -- C:\Programme\McAfee Security Scan\2.0.181\McCHSvc.exe -- (McComponentHostService)
SRV - [2009/08/05 16:22:13 | 000,185,089 | ---- | M] (Avira GmbH) [Auto] -- C:\Programme\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2009/06/21 13:28:24 | 000,108,289 | ---- | M] (Avira GmbH) [Auto] -- C:\Programme\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2009/03/03 07:45:11 | 000,296,400 | ---- | M] () [Auto] -- C:\Programme\Verbindungsassistent\WTGService.exe -- (WTGService)
SRV - [2008/11/03 19:06:28 | 000,441,712 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE12\ODSERV.EXE -- (odserv)
SRV - [2008/10/20 16:18:26 | 000,071,096 | ---- | M] () [Auto] -- C:\Programme\CDBurnerXP\NMSAccessU.exe -- (NMSAccessU)
SRV - [2006/10/26 08:03:08 | 000,145,184 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE -- (ose)
SRV - [2006/10/26 07:40:34 | 000,335,872 | ---- | M] (Microsoft Corporation) [Auto] -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7DEBUG\MDM.EXE -- (MDM)
SRV - [2006/03/25 12:17:26 | 000,278,613 | ---- | M] (Atheros) [Auto] -- C:\WINDOWS\system32\acs.exe -- (ACS)
========== Driver Services (SafeList) ==========
DRV - File not found [Kernel | On_Demand] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand] -- -- (VcommMgr)
DRV - File not found [Kernel | On_Demand] -- -- (VComm)
DRV - File not found [Kernel | On_Demand] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand] -- -- (PDCOMP)
DRV - File not found [Kernel | System] -- -- (PCIDump)
DRV - File not found [Kernel | System] -- -- (lbrtfdc)
DRV - File not found [Kernel | System] -- -- (i2omgmt)
DRV - File not found [Kernel | System] -- -- (Changer)
DRV - File not found [Kernel | Boot] -- -- (BTHidMgr)
DRV - File not found [Kernel | Boot] -- -- (BTHidEnum)
DRV - File not found [Kernel | On_Demand] -- -- (Btcsrusb)
DRV - File not found [Kernel | On_Demand] -- -- (BT)
DRV - File not found [Kernel | On_Demand] -- -- (BlueletSCOAudio)
DRV - File not found [Kernel | On_Demand] -- -- (BlueletAudio)
DRV - [2010/12/17 17:18:39 | 000,691,696 | ---- | M] (Duplex Secure Ltd.) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\sptd.sys -- (sptd)
DRV - [2009/12/07 17:13:19 | 000,056,816 | ---- | M] (Avira GmbH) [File_System | Auto] -- C:\WINDOWS\system32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2009/06/21 13:28:25 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System] -- C:\WINDOWS\system32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2009/03/30 04:33:03 | 000,096,104 | ---- | M] (Avira GmbH) [Kernel | System] -- C:\WINDOWS\system32\drivers\avipbb.sys -- (avipbb)
DRV - [2009/02/13 06:35:01 | 000,011,608 | ---- | M] (Avira GmbH) [Kernel | System] -- C:\Programme\Avira\AntiVir Desktop\avgio.sys -- (avgio)
DRV - [2008/07/24 06:03:56 | 000,101,760 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ewusbmdm.sys -- (hwdatacard)
DRV - [2008/04/13 18:16:24 | 000,015,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\MPE.sys -- (MPE)
DRV - [2007/12/20 06:05:02 | 000,554,240 | R--- | M] (DiBcom SA) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\mod7700.sys -- (mod7700) Cinergy DT USB XS Diversity (MKII)
DRV - [2007/10/25 19:20:36 | 000,549,184 | R--- | M] (Atheros Communications, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ar5211.sys -- (AR5211)
DRV - [2007/07/11 05:06:20 | 000,013,824 | R--- | M] (DiBcom S.A.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\modrc.sys -- (MODRC) Cinergy DT USB XS Diversity (MKII)
DRV - [2007/01/16 15:51:28 | 001,957,376 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2006/11/03 03:32:30 | 004,394,496 | R--- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\RtkHDAud.Sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2006/08/14 05:40:24 | 000,027,776 | R--- | M] (Attansic Technology corporation.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\atl02_xp.sys -- (AtcL002)
DRV - [2006/05/18 15:46:16 | 000,110,976 | ---- | M] (TOSHIBA CORPORATION) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\tosrfbd.sys -- (Tosrfbd)
DRV - [2006/05/09 05:21:54 | 000,040,192 | ---- | M] (TOSHIBA CORPORATION) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\tosrfusb.sys -- (Tosrfusb)
DRV - [2006/05/09 04:33:54 | 000,062,848 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\tosrfhid.sys -- (Tosrfhid)
DRV - [2006/04/19 07:57:44 | 000,047,488 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\tosporte.sys -- (tosporte)
DRV - [2006/03/21 17:04:24 | 000,889,472 | R--- | M] (Motorola Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\smserial.sys -- (smserial)
DRV - [2006/03/16 04:45:12 | 000,037,632 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\tosrfbnp.sys -- (Tosrfbnp)
DRV - [2006/03/15 04:52:40 | 000,052,864 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\tosrfsnd.sys -- (TosRfSnd) Bluetooth Audio Device (WDM)
DRV - [2005/08/01 10:45:08 | 000,064,896 | ---- | M] (TOSHIBA Corporation) [Kernel | System] -- C:\WINDOWS\system32\drivers\tosrfcom.sys -- (Tosrfcom)
DRV - [2005/07/11 12:58:56 | 000,003,712 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\toshidpt.sys -- (toshidpt)
DRV - [2005/02/17 17:07:48 | 000,005,632 | R--- | M] () [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ATKACPI.sys -- (MTsensor)
DRV - [2005/01/06 07:42:42 | 000,018,612 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\tosrfnds.sys -- (tosrfnds)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\Amelie_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.conduit.com?SearchSource=10&ctid=CT2269050
IE - HKU\Amelie_ON_C\..\URLSearchHook: {872b5b88-9db5-4310-bdd0-ac189557e5f5} - File not found
IE - HKU\Amelie_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\Amelie_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
IE - HKU\systemprofile_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.search.defaultthis.engineName: "Search"
FF - prefs.js..browser.search.defaulturl: "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2269050&SearchSource=3&q={searchTerms}"
FF - prefs.js..browser.search.selectedEngine: "Wikipedia (de)"
FF - prefs.js..browser.startup.homepage: "hxxp://www.google.com/ig?source=gama&hl=de"
FF - prefs.js..extensions.enabledItems: dvscontextmenuy@dvdvideosoft.com:1.0
FF - prefs.js..extensions.enabledItems: zotero@chnm.gmu.edu:2.1.5
FF - prefs.js..extensions.enabledItems: {872b5b88-9db5-4310-bdd0-ac189557e5f5}:3.3.3.2
FF - prefs.js..extensions.enabledItems: {ACAA314B-EEBA-48e4-AD47-84E31C44796C}:1.0.1
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.6
FF - prefs.js..extensions.enabledItems: engine@conduit.com:3.3.3.2
FF - prefs.js..keyword.URL: "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2269050&q="
FF - HKLM\software\mozilla\Mozilla Firefox 4.0.1\extensions\\Components: C:\Programme\Mozilla Firefox\components [2011/05/11 04:26:08 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 4.0.1\extensions\\Plugins: C:\Programme\Mozilla Firefox\plugins [2011/05/11 04:26:08 | 000,000,000 | ---D | M]
[2009/05/11 09:39:38 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\Amelie\Anwendungsdaten\mozilla\Extensions
[2011/06/19 07:27:24 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\Amelie\Anwendungsdaten\mozilla\Firefox\Profiles\4le70vqj.default\extensions
[2010/04/28 09:07:06 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Dokumente und Einstellungen\Amelie\Anwendungsdaten\mozilla\Firefox\Profiles\4le70vqj.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2011/04/07 11:38:49 | 000,000,000 | ---D | M] (DVDVideoSoftTB Community Toolbar) -- C:\Dokumente und Einstellungen\Amelie\Anwendungsdaten\mozilla\Firefox\Profiles\4le70vqj.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}
[2010/08/03 13:53:23 | 000,000,000 | ---D | M] ("DVDVideoSoft Menu") -- C:\Dokumente und Einstellungen\Amelie\Anwendungsdaten\mozilla\Firefox\Profiles\4le70vqj.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
[2011/04/07 11:38:45 | 000,000,000 | ---D | M] (Conduit Engine) -- C:\Dokumente und Einstellungen\Amelie\Anwendungsdaten\mozilla\Firefox\Profiles\4le70vqj.default\extensions\engine@conduit.com
[2011/06/19 07:27:24 | 000,000,000 | ---D | M] (Zotero) -- C:\Dokumente und Einstellungen\Amelie\Anwendungsdaten\mozilla\Firefox\Profiles\4le70vqj.default\extensions\zotero@chnm.gmu.edu
[2010/08/03 16:05:43 | 000,000,873 | ---- | M] () -- C:\Dokumente und Einstellungen\Amelie\Anwendungsdaten\Mozilla\Firefox\Profiles\4le70vqj.default\searchplugins\conduit.xml
[2011/05/08 11:36:52 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
[2010/11/21 18:49:46 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
File not found (No name found) --
() (No name found) -- C:\DOKUMENTE UND EINSTELLUNGEN\AMELIE\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\4LE70VQJ.DEFAULT\EXTENSIONS\{D10D0BF8-F5B5-C8B4-A8B2-2B9879E08C5D}.XPI
[2010/11/21 18:49:31 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAMME\JAVA\JRE6\LIB\DEPLOY\JQS\FF
[2011/05/08 11:43:49 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Programme\Mozilla Firefox\components\browsercomps.dll
[2010/11/21 18:49:29 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Programme\Mozilla Firefox\plugins\npdeployJava1.dll
[2011/05/08 11:43:52 | 000,001,392 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\amazondotcom-de.xml
[2011/05/08 11:43:52 | 000,002,252 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\bing.xml
[2011/05/08 11:43:52 | 000,001,153 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\eBay-de.xml
[2011/05/08 11:43:52 | 000,006,805 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\leo_ende_de.xml
[2011/05/08 11:43:52 | 000,001,178 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\wikipedia-de.xml
[2011/05/08 11:43:52 | 000,001,105 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\yahoo-de.xml
O1 HOSTS File: ([2009/05/13 05:38:08 | 000,249,967 | R--- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 www.008k.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 www.00hq.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 www.032439.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 www.1001-search.info
O1 - Hosts: 127.0.0.1 1001-search.info
O1 - Hosts: 127.0.0.1 www.100888290cs.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 www.100sexlinks.com
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 www.10sek.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 www.123topsearch.com
O1 - Hosts: 127.0.0.1 123topsearch.com
O1 - Hosts: 127.0.0.1 www.132.com
O1 - Hosts: 127.0.0.1 132.com
O1 - Hosts: 127.0.0.1 www.136136.net
O1 - Hosts: 127.0.0.1 136136.net
O1 - Hosts: 8710 more lines...
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Programme\ConduitEngine\ConduitEngine.dll (Conduit Ltd.)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Programme\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (DVDVideoSoftTB Toolbar) - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - File not found
O2 - BHO: (Windows Live Anmelde-Hilfsprogramm) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (DVDVideoSoftTB Toolbar) - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - File not found
O3 - HKLM\..\Toolbar: (TerraTec Home Cinema) - {AD6E6555-FB2C-47D4-8339-3E2965509877} - C:\Programme\TerraTec\TerraTec Home Cinema\ThcDeskBand.dll (TerraTec Electronic GmbH)
O3 - HKU\Amelie_ON_C\..\Toolbar\WebBrowser: (DVDVideoSoftTB Toolbar) - {872B5B88-9DB5-4310-BDD0-AC189557E5F5} - File not found
O4 - HKLM..\Run: [AdobeCS4ServiceManager] C:\Programme\Gemeinsame Dateien\Adobe\CS4ServiceManager\CS4ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AppleSyncNotifier] C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\AppleSyncNotifier.exe (Apple Inc.)
O4 - HKLM..\Run: [avgnt] C:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [BrStsWnd] C:\Programme\Brownie\BrstsWnd.exe (brother)
O4 - HKLM..\Run: [Control Center] C:\Programme\ASUS\WLAN Card Utilities\Center.exe (ASUSTeK COMPUTER INC.)
O4 - HKLM..\Run: [DivXUpdate] C:\Programme\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [FreePDF Assistant] C:\Programme\FreePDF_XP\fpassist.exe (shbox.de)
O4 - HKLM..\Run: [HControl] C:\WINDOWS\ATK0100\HControl.exe ()
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [Wireless Console 2] C:\Programme\Wireless Console 2\wcourier.exe ()
O4 - HKU\Amelie_ON_C..\Run: [] File not found
O4 - HKU\Amelie_ON_C..\Run: [DAEMON Tools Lite] C:\Programme\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKU\Amelie_ON_C..\Run: [Remote Control Editor] C:\Programme\Gemeinsame Dateien\TerraTec\Remote\TTTVRC.exe (Elgato Systems)
O4 - HKU\Amelie_ON_C..\Run: [StartCCC] C:\Programme\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe ()
O4 - HKU\Amelie_ON_C..\RunOnce: [FlashPlayerUpdate] C:\WINDOWS\System32\Macromed\Flash\NPSWF32_FlashUtil.exe (Adobe Systems, Inc.)
O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\Bluetooth Manager.lnk = C:\Programme\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe (TOSHIBA CORPORATION.)
O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\McAfee Security Scan Plus.lnk = C:\Programme\McAfee Security Scan\2.0.181\SSScheduler.exe (McAfee, Inc.)
O4 - Startup: C:\Dokumente und Einstellungen\Amelie\Startmenü\Programme\Autostart\Adobe Gamma.lnk = C:\Programme\Gemeinsame Dateien\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\Amelie_ON_C\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\Amelie_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\LocalService_ON_C\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\LocalService_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\NetworkService_ON_C\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\NetworkService_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\systemprofile_ON_C\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\systemprofile_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: Free YouTube to Mp3 Converter - C:\Dokumente und Einstellungen\Amelie\Anwendungsdaten\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O8 - Extra context menu item: Save YouTube Video as MP3 - C:\Programme\Gemeinsame Dateien\DVDVideoSoft\Dll\IEContextMenuY.dll (DVSTeam)
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Programme\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} hxxp://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1242108942015 (MUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Web Components\10\OWC10.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Web Components\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (C:\Dokumente und Einstellungen\Amelie\Lokale Einstellungen\Temporary Internet Files\Content.IE5\FSVFOC9M\info[1].exe) - C:\Dokumente und Einstellungen\Amelie\Lokale Einstellungen\Temporary Internet Files\Content.IE5\FSVFOC9M\info[1].exe (BitDefender)
O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O24 - Desktop Components:0 (Die derzeitige Homepage) - About:Home
O24 - Desktop WallPaper:
O24 - Desktop BackupWallPaper:
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/05/11 06:44:36 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2006/03/24 07:06:41 | 000,000,053 | R--- | M] () - X:\AUTORUN.INF -- [ CDFS ]
O33 - MountPoints2\{64c8d901-0534-11e0-b664-001d6008faf7}\Shell\AutoRun\command - "" = F:\Rebit\sbin\Seagate-Replica-Autorun.exe
O33 - MountPoints2\{64c8d901-0534-11e0-b664-001d6008faf7}\Shell\Install\command - "" = F:\Rebit\sbin\Seagate-Replica-Autorun.exe
O33 - MountPoints2\{8adc9af2-cd30-11de-b43e-001d6008faf7}\Shell\AutoRun\command - "" = G:\Menu.exe
O33 - MountPoints2\{fc490414-b60f-11df-b601-001d6008faf7}\Shell - "" = AutoRun
O33 - MountPoints2\{fc490414-b60f-11df-b601-001d6008faf7}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{fc490414-b60f-11df-b601-001d6008faf7}\Shell\AutoRun\command - "" = G:\LaunchU3.exe -a
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 30 Days ==========
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2011/06/20 10:02:18 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011/06/20 10:02:08 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011/06/20 09:28:21 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2011/06/19 11:16:00 | 000,001,214 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1229272821-1364589140-1177238915-1003UA.job
[2011/06/19 04:54:52 | 000,000,313 | ---- | M] () -- C:\WINDOWS\Brownie.ini
[2011/06/07 16:23:28 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2011/06/06 05:16:00 | 000,001,162 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1229272821-1364589140-1177238915-1003Core.job
[2011/06/02 03:52:52 | 000,000,432 | ---- | M] () -- C:\WINDOWS\BRWMARK.INI
[2011/05/30 15:55:31 | 000,012,288 | ---- | M] () -- C:\Dokumente und Einstellungen\Amelie\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/05/25 07:42:27 | 000,268,879 | ---- | M] () -- C:\Dokumente und Einstellungen\Amelie\Desktop\acceptanceAmelieWerkhausen.jpg
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
========== Files Created - No Company Name ==========
[2011/05/25 07:42:27 | 000,268,879 | ---- | C] () -- C:\Dokumente und Einstellungen\Amelie\Desktop\acceptanceAmelieWerkhausen.jpg
[2011/01/24 18:24:31 | 000,186,240 | ---- | C] () -- C:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\Anwendungsdaten\FontCache3.0.0.0.dat
[2010/05/06 04:42:12 | 000,056,004 | -H-- | C] () -- C:\WINDOWS\System32\mlfcache.dat
[2009/11/15 11:30:12 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2009/10/23 07:52:52 | 000,000,432 | ---- | C] () -- C:\WINDOWS\BRWMARK.INI
[2009/10/23 07:52:52 | 000,000,034 | ---- | C] () -- C:\WINDOWS\System32\BD2140.DAT
[2009/10/22 14:49:58 | 000,000,141 | ---- | C] () -- C:\WINDOWS\BRVIDEO.INI
[2009/10/22 14:49:58 | 000,000,000 | ---- | C] () -- C:\WINDOWS\brmx2001.ini
[2009/10/22 14:49:43 | 000,000,114 | ---- | C] () -- C:\WINDOWS\System32\brlmw03a.ini
[2009/10/22 14:49:42 | 000,009,853 | ---- | C] () -- C:\WINDOWS\HL-2140.INI
[2009/10/22 14:40:56 | 000,000,313 | ---- | C] () -- C:\WINDOWS\Brownie.ini
[2009/08/09 14:31:13 | 000,012,288 | ---- | C] () -- C:\Dokumente und Einstellungen\Amelie\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/08/05 16:26:36 | 000,363,520 | ---- | C] () -- C:\WINDOWS\System32\PsisDecd.dll
[2009/06/29 09:23:09 | 000,000,000 | ---- | C] () -- C:\WINDOWS\tosOBEX.INI
[2009/06/29 09:13:02 | 000,000,098 | ---- | C] () -- C:\WINDOWS\WirelessFTP.INI
[2009/05/12 02:12:53 | 000,000,534 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2009/05/11 09:40:25 | 000,116,224 | ---- | C] () -- C:\WINDOWS\System32\redmonnt.dll
[2009/05/11 09:40:25 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\unredmon.exe
[2009/05/11 09:39:39 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2009/05/11 08:04:29 | 000,049,152 | R--- | C] () -- C:\WINDOWS\System32\ChCfg.exe
[2009/05/11 07:48:27 | 003,107,788 | R--- | C] () -- C:\WINDOWS\System32\ativvaxx.dat
[2009/05/11 07:48:27 | 000,145,112 | R--- | C] () -- C:\WINDOWS\System32\atiicdxx.dat
[2009/05/11 07:34:37 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2009/05/11 07:32:58 | 002,139,776 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2009/05/11 07:11:29 | 000,315,392 | ---- | C] () -- C:\WINDOWS\System32\AegisI5.exe
[2009/05/11 07:11:19 | 000,000,553 | R--- | C] () -- C:\WINDOWS\System32\drivers\AW1012d.ini
[2009/05/11 07:06:57 | 000,537,600 | ---- | C] () -- C:\WINDOWS\System32\ASWL2K.exe
[2009/05/11 07:06:57 | 000,496,640 | ---- | C] () -- C:\WINDOWS\System32\ASWLSVC.exe
[2009/05/11 07:06:57 | 000,159,827 | ---- | C] () -- C:\WINDOWS\System32\RemSvc.exe
[2009/05/11 06:59:48 | 000,005,632 | R--- | C] () -- C:\WINDOWS\System32\drivers\ATKACPI.sys
[2009/05/11 06:47:21 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2009/05/11 06:41:02 | 000,021,740 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2008/04/14 02:06:26 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\Dcache.bin
[2006/12/31 01:57:08 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2005/09/02 08:44:08 | 000,110,592 | ---- | C] () -- C:\WINDOWS\System32\TosBtAcc.dll
[2005/07/22 15:30:20 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\TosCommAPI.dll
[2004/08/04 07:00:00 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2004/08/04 07:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2004/08/04 07:00:00 | 000,452,554 | ---- | C] () -- C:\WINDOWS\System32\perfh007.dat
[2004/08/04 07:00:00 | 000,435,594 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2004/08/04 07:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2004/08/04 07:00:00 | 000,269,480 | ---- | C] () -- C:\WINDOWS\System32\perfi007.dat
[2004/08/04 07:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2004/08/04 07:00:00 | 000,081,316 | ---- | C] () -- C:\WINDOWS\System32\perfc007.dat
[2004/08/04 07:00:00 | 000,068,490 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2004/08/04 07:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2004/08/04 07:00:00 | 000,034,478 | ---- | C] () -- C:\WINDOWS\System32\perfd007.dat
[2004/08/04 07:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2004/08/04 07:00:00 | 000,004,461 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2004/08/04 07:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2004/07/20 11:04:02 | 000,094,208 | ---- | C] () -- C:\WINDOWS\System32\TosBtHcrpAPI.dll
[2004/01/15 08:43:28 | 000,114,688 | ---- | C] () -- C:\WINDOWS\System32\TBTMonUI.dll
[2003/02/20 11:53:42 | 000,005,702 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI
========== LOP Check ==========
[2009/05/13 07:58:38 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Amelie\Anwendungsdaten\Canneverbe_Limited
[2010/12/17 17:29:51 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Amelie\Anwendungsdaten\DAEMON Tools Lite
[2010/08/03 13:53:22 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Amelie\Anwendungsdaten\DVDVideoSoftIEHelpers
[2011/02/14 06:40:33 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Amelie\Anwendungsdaten\PriceGong
[2009/06/21 14:25:27 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Amelie\Anwendungsdaten\TeamViewer
[2009/08/06 06:48:40 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Amelie\Anwendungsdaten\TerraTec
[2010/05/29 16:33:13 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Amelie\Anwendungsdaten\Uniblue
[2010/03/07 06:15:01 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Amelie\Anwendungsdaten\Verbindungsassistent
[2009/05/13 05:56:41 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Acronis
[2009/06/29 07:10:25 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Bluetooth
[2010/12/17 17:18:14 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\DAEMON Tools Lite
[2011/01/10 18:14:09 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Rosetta Stone
[2011/06/01 04:50:47 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TEMP
[2009/08/06 06:49:19 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TerraTec
[2010/05/05 13:29:54 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2009/10/20 05:23:54 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\{755AC846-7372-4AC8-8550-C52491DAA8BD}
[2009/07/20 06:44:47 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}
========== Purity Check ==========
========== Alternate Data Streams ==========
@Alternate Data Stream - 99 bytes -> C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TEMP:24051EFF
< End of report >
--- --- ---
So vielen, vielen Dank es scheint wohl wieder alles zu laufen. Die moved files.rar darf ich aber nicht als anhang posten, weil rar dateien nicht zugelassen sind. |
