zu 1: (das mit volume nicht löschen kam zu spät) -soll ich noch mal anfangen? Code:
Malwarebytes Anti-Malware 1.60.1.1000
www.malwarebytes.org
Datenbank Version: v2012.02.06.01
Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
*** :: *** [Administrator]
08.02.2012 18:36:36
mbam-log-2012-02-08 (18-36-36).txt
Art des Suchlaufs: Vollständiger Suchlauf
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 360087
Laufzeit: 1 Stunde(n), 10 Minute(n), 30 Sekunde(n)
Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)
Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)
Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)
Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)
Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)
Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)
Infizierte Dateien: 6
D:\System Volume Information\_restore{09325496-3B6D-45E0-AC3B-6991FBA2284E}\RP215\A0064896.exe (Trojan.VUPX.ON1) -> Erfolgreich gelöscht und in Quarantäne gestellt.
D:\System Volume Information\_restore{09325496-3B6D-45E0-AC3B-6991FBA2284E}\RP215\A0064897.exe (Trojan.VUPX.ON1) -> Erfolgreich gelöscht und in Quarantäne gestellt.
D:\System Volume Information\_restore{09325496-3B6D-45E0-AC3B-6991FBA2284E}\RP215\A0064898.exe (Trojan.Ransom) -> Erfolgreich gelöscht und in Quarantäne gestellt.
D:\System Volume Information\_restore{09325496-3B6D-45E0-AC3B-6991FBA2284E}\RP215\A0064899.exe (Backdoor.Bot) -> Erfolgreich gelöscht und in Quarantäne gestellt.
D:\TDSSKiller_Quarantine\07.02.2012_19.53.19\rtkt0000\svc0000\tsk0000.dta (Virus.RLoader) -> Erfolgreich gelöscht und in Quarantäne gestellt.
D:\TDSSKiller_Quarantine\07.02.2012_19.53.19\rtkt0001\svc0000\tsk0000.dta (Trojan.FakeAlert) -> Erfolgreich gelöscht und in Quarantäne gestellt.
(Ende) zu2: Code:
aswMBR version 0.9.9.1532 Copyright(c) 2011 AVAST Software
Run date: 2012-02-08 20:13:42
-----------------------------
20:13:42.418 OS Version: Windows 5.1.2600 Service Pack 3
20:13:42.418 Number of processors: 2 586 0xF0B
20:13:42.418 ComputerName: *** UserName: whw
20:13:43.090 Initialize success
20:14:59.638 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP2T0L0-16
20:14:59.654 Disk 0 Vendor: WDC_WD3200BEVT-63ZCT0 11.01A11 Size: 305245MB BusType: 3
20:14:59.654 Disk 0 MBR read successfully
20:14:59.669 Disk 0 MBR scan
20:14:59.669 Disk 0 Windows XP default MBR code
20:14:59.669 Disk 0 Partition 1 80 (A) 06 FAT16 MSDOS5.0 502 MB offset 63
20:14:59.669 Disk 0 Partition - 00 0F Extended LBA 152115 MB offset 1028160
20:14:59.669 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 39997 MB offset 1028223
20:14:59.669 Disk 0 Partition - 00 05 Extended 517 MB offset 82943595
20:14:59.685 Disk 0 Partition 3 00 82 Linux swap 517 MB offset 82943658
20:14:59.685 Disk 0 Partition - 00 05 Extended 10009 MB offset 165919320
20:14:59.700 Disk 0 Partition 4 00 83 Linux 10009 MB offset 84003948
20:14:59.700 Disk 0 Partition - 00 05 Extended 2047 MB offset 187478550
20:14:59.841 Disk 0 Partition 5 00 06 FAT16 2047 MB offset 104502888
20:14:59.872 Disk 0 Partition - 00 05 Extended 10009 MB offset 212170455
20:14:59.872 Disk 0 Partition 6 00 07 HPFS/NTFS NTFS 10009 MB offset 108695853
20:14:59.872 Disk 0 Partition - 00 05 Extended 10009 MB offset 236862360
20:14:59.888 Disk 0 Partition 7 00 07 HPFS/NTFS NTFS 10009 MB offset 129194793
20:14:59.888 Disk 0 Partition - 00 05 Extended 20002 MB offset 277860240
20:14:59.919 Disk 0 Partition 8 00 07 HPFS/NTFS NTFS 20002 MB offset 149693733
20:14:59.919 Disk 0 Partition - 00 05 Extended 20002 MB offset 339324930
20:14:59.935 Disk 0 Partition 9 00 07 HPFS/NTFS NTFS 20002 MB offset 190659483
20:14:59.950 Disk 0 scanning sectors +312560640
20:15:00.060 Disk 0 scanning D:\WINDOWS\system32\drivers
20:15:03.576 File: D:\WINDOWS\system32\drivers\afd.sys **SUSPICIOUS**
20:15:07.326 Disk 0 trace - called modules:
20:15:07.326 ntkrnlpa.exe CLASSPNP.SYS disk.sys >>UNKNOWN [0xba2abfc0]<<
20:15:07.341 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x83f1fab8]
20:15:07.341 3 CLASSPNP.SYS[ba0f8fd7] -> nt!IofCallDriver -> [0x83876340]
20:15:07.341 \Driver\00000773[0x838be960] -> IRP_MJ_CREATE -> 0xba2abfc0
20:15:07.341 Scan finished successfully
20:16:02.905 Disk 0 MBR has been saved successfully to "D:\Dokumente und Einstellungen\whw\Desktop\MBR.dat"
20:16:02.905 The log file has been saved successfully to "D:\Dokumente und Einstellungen\whw\Desktop\aswMBR2.txt"
aswMBR version 0.9.9.1532 Copyright(c) 2011 AVAST Software
Run date: 2012-02-08 20:16:20
-----------------------------
20:16:20.155 OS Version: Windows 5.1.2600 Service Pack 3
20:16:20.155 Number of processors: 2 586 0xF0B
20:16:20.155 ComputerName: *** UserName: ***
20:16:20.577 Initialize success
20:16:33.796 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP2T0L0-16
20:16:33.796 Disk 0 Vendor: WDC_WD3200BEVT-63ZCT0 11.01A11 Size: 305245MB BusType: 3
20:16:33.796 Disk 0 MBR read successfully
20:16:33.796 Disk 0 MBR scan
20:16:33.796 Disk 0 Windows XP default MBR code
20:16:33.796 Disk 0 Partition 1 80 (A) 06 FAT16 MSDOS5.0 502 MB offset 63
20:16:33.796 Disk 0 Partition - 00 0F Extended LBA 152115 MB offset 1028160
20:16:33.811 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 39997 MB offset 1028223
20:16:33.811 Disk 0 Partition - 00 05 Extended 517 MB offset 82943595
20:16:33.827 Disk 0 Partition 3 00 82 Linux swap 517 MB offset 82943658
20:16:33.827 Disk 0 Partition - 00 05 Extended 10009 MB offset 165919320
20:16:33.843 Disk 0 Partition 4 00 83 Linux 10009 MB offset 84003948
20:16:33.843 Disk 0 Partition - 00 05 Extended 2047 MB offset 187478550
20:16:33.858 Disk 0 Partition 5 00 06 FAT16 2047 MB offset 104502888
20:16:33.858 Disk 0 Partition - 00 05 Extended 10009 MB offset 212170455
20:16:33.874 Disk 0 Partition 6 00 07 HPFS/NTFS NTFS 10009 MB offset 108695853
20:16:33.874 Disk 0 Partition - 00 05 Extended 10009 MB offset 236862360
20:16:33.889 Disk 0 Partition 7 00 07 HPFS/NTFS NTFS 10009 MB offset 129194793
20:16:33.889 Disk 0 Partition - 00 05 Extended 20002 MB offset 277860240
20:16:33.905 Disk 0 Partition 8 00 07 HPFS/NTFS NTFS 20002 MB offset 149693733
20:16:33.905 Disk 0 Partition - 00 05 Extended 20002 MB offset 339324930
20:16:33.921 Disk 0 Partition 9 00 07 HPFS/NTFS NTFS 20002 MB offset 190659483
20:16:33.936 Disk 0 scanning sectors +312560640
20:16:33.968 Disk 0 scanning D:\WINDOWS\system32\drivers
20:16:37.280 File: D:\WINDOWS\system32\drivers\afd.sys **SUSPICIOUS**
20:16:41.015 Disk 0 trace - called modules:
20:16:41.030 ntkrnlpa.exe CLASSPNP.SYS disk.sys >>UNKNOWN [0xba2abfc0]<<
20:16:41.030 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x83f1fab8]
20:16:41.030 3 CLASSPNP.SYS[ba0f8fd7] -> nt!IofCallDriver -> [0x83876340]
20:16:41.030 \Driver\00000773[0x838be960] -> IRP_MJ_CREATE -> 0xba2abfc0
20:16:41.030 Scan finished successfully
20:17:07.265 Disk 0 MBR has been saved successfully to "D:\Dokumente und Einstellungen\***\Desktop\MBR.dat"
20:17:07.281 The log file has been saved successfully to "D:\Dokumente und Einstellungen\***\Desktop\aswMBR2.txt" edit:
zu3
OTL Logfile: Code:
OTL logfile created on: 08.02.2012 20:44:02 - Run 5
OTL by OldTimer - Version 3.2.31.0 Folder = D:\mnt\source
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
2,97 Gb Total Physical Memory | 2,46 Gb Available Physical Memory | 82,70% Memory free
4,91 Gb Paging File | 4,48 Gb Available in Paging File | 91,26% Paging File free
Paging file location(s): D:\pagefile.sys 2046 4092 [binary data]
%SystemDrive% = D: | %SystemRoot% = D:\WINDOWS | %ProgramFiles% = D:\Programme
Drive C: | 501,73 Mb Total Space | 68,54 Mb Free Space | 13,66% Space Free | Partition Type: FAT
Drive D: | 39,06 Gb Total Space | 7,55 Gb Free Space | 19,33% Space Free | Partition Type: NTFS
Drive G: | 3,73 Gb Total Space | 3,44 Gb Free Space | 92,06% Space Free | Partition Type: FAT32
Computer Name: *** | User Name: *** | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2012.02.06 22:36:09 | 000,584,192 | ---- | M] (OldTimer Tools) -- D:\mnt\source\OTL.exe
PRC - [2011.10.24 21:32:00 | 000,055,144 | ---- | M] (Apple Inc.) -- D:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\AppleMobileDeviceService.exe
PRC - [2010.06.23 23:40:36 | 000,077,824 | ---- | M] (Avid Technology, Inc..) -- D:\Programme\Digidesign\Drivers\MMERefresh.exe
PRC - [2010.06.21 18:23:10 | 001,923,592 | ---- | M] (M-Audio) -- D:\Programme\M-Audio\MobilePre\AudioDevMon.exe
PRC - [2010.06.17 20:56:44 | 000,370,176 | ---- | M] (shbox.de) -- D:\Programme\FreePDF_XP\fpassist.exe
PRC - [2009.12.18 01:31:52 | 001,551,712 | ---- | M] (Nullsoft) -- D:\Programme\Winamp\winamp.exe
PRC - [2009.06.18 08:29:12 | 000,635,416 | ---- | M] (PDF Complete Inc) -- D:\Programme\PDF Complete\pdfsvc.exe
PRC - [2008.09.01 08:43:40 | 000,241,136 | ---- | M] () -- D:\Programme\NTP\bin\ntpd.exe
PRC - [2008.04.14 13:00:00 | 001,036,800 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\explorer.exe
PRC - [2002.10.30 16:09:50 | 000,073,728 | ---- | M] (Intel Corporation) -- D:\WINDOWS\system32\PROMon.exe
PRC - [2002.05.03 11:36:24 | 001,118,208 | ---- | M] (Intel Corporation) -- D:\WINDOWS\system32\NMSSvc.Exe
========== Modules (No Company Name) ==========
MOD - [2011.11.01 23:26:32 | 000,087,912 | ---- | M] () -- D:\Programme\Gemeinsame Dateien\Apple\Apple Application Support\zlib1.dll
MOD - [2011.11.01 23:26:12 | 001,242,472 | ---- | M] () -- D:\Programme\Gemeinsame Dateien\Apple\Apple Application Support\libxml2.dll
MOD - [2011.04.06 05:45:17 | 000,623,104 | ---- | M] () -- D:\Programme\Winamp\System\jnetlib.w5s
MOD - [2011.04.06 05:45:17 | 000,288,768 | ---- | M] () -- D:\Programme\Winamp\Plugins\ml_local.dll
MOD - [2011.04.06 05:45:17 | 000,237,056 | ---- | M] () -- D:\Programme\Winamp\System\aacPlusDecoder.w5s
MOD - [2011.04.06 05:45:17 | 000,212,480 | ---- | M] () -- D:\Programme\Winamp\Plugins\ml_pmp.dll
MOD - [2011.04.06 05:45:17 | 000,174,080 | ---- | M] () -- D:\Programme\Winamp\System\auth.w5s
MOD - [2011.04.06 05:45:17 | 000,154,624 | ---- | M] () -- D:\Programme\Winamp\System\jpeg.w5s
MOD - [2011.04.06 05:45:17 | 000,121,344 | ---- | M] () -- D:\Programme\Winamp\Plugins\ml_online.dll
MOD - [2011.04.06 05:45:17 | 000,115,200 | ---- | M] () -- D:\Programme\Winamp\Plugins\pmp_p4s.dll
MOD - [2011.04.06 05:45:17 | 000,113,152 | ---- | M] () -- D:\Programme\Winamp\Plugins\pmp_ipod.dll
MOD - [2011.04.06 05:45:17 | 000,090,112 | ---- | M] () -- D:\Programme\Winamp\System\xml.w5s
MOD - [2011.04.06 05:45:17 | 000,084,992 | ---- | M] () -- D:\Programme\Winamp\System\png.w5s
MOD - [2011.04.06 05:45:17 | 000,083,968 | ---- | M] () -- D:\Programme\Winamp\tataki.dll
MOD - [2011.04.06 05:45:17 | 000,083,968 | ---- | M] () -- D:\Programme\Winamp\System\playlist.w5s
MOD - [2011.04.06 05:45:17 | 000,081,920 | ---- | M] () -- D:\Programme\Winamp\Plugins\ml_playlists.dll
MOD - [2011.04.06 05:45:17 | 000,061,952 | ---- | M] () -- D:\Programme\Winamp\Plugins\ml_plg.dll
MOD - [2011.04.06 05:45:17 | 000,050,688 | ---- | M] () -- D:\Programme\Winamp\Plugins\out_ds.dll
MOD - [2011.04.06 05:45:17 | 000,050,176 | ---- | M] () -- D:\Programme\Winamp\Plugins\pmp_usb.dll
MOD - [2011.04.06 05:45:17 | 000,047,616 | ---- | M] () -- D:\Programme\Winamp\zlib.dll
MOD - [2011.04.06 05:45:17 | 000,035,840 | ---- | M] () -- D:\Programme\Winamp\System\timer.w5s
MOD - [2011.04.06 05:45:17 | 000,033,280 | ---- | M] () -- D:\Programme\Winamp\Plugins\ml_rg.dll
MOD - [2011.04.06 05:45:17 | 000,031,232 | ---- | M] () -- D:\Programme\Winamp\Plugins\ml_transcode.dll
MOD - [2011.04.06 05:45:17 | 000,022,016 | ---- | M] () -- D:\Programme\Winamp\Plugins\out_disk.dll
MOD - [2011.04.06 05:45:17 | 000,021,504 | ---- | M] () -- D:\Programme\Winamp\System\tagz.w5s
MOD - [2011.04.06 05:45:17 | 000,020,992 | ---- | M] () -- D:\Programme\Winamp\Plugins\pmp_njb.dll
MOD - [2011.04.06 05:45:17 | 000,019,456 | ---- | M] () -- D:\Programme\Winamp\System\gif.w5s
MOD - [2011.04.06 05:45:17 | 000,018,432 | ---- | M] () -- D:\Programme\Winamp\Plugins\out_wave.dll
MOD - [2011.04.06 05:45:17 | 000,018,432 | ---- | M] () -- D:\Programme\Winamp\System\bmp.w5s
MOD - [2011.04.06 05:45:17 | 000,016,384 | ---- | M] () -- D:\Programme\Winamp\System\gracenote.w5s
MOD - [2011.04.06 05:45:17 | 000,014,336 | ---- | M] () -- D:\Programme\Winamp\System\filereader.w5s
MOD - [2011.04.06 05:45:17 | 000,014,336 | ---- | M] () -- D:\Programme\Winamp\System\dlmgr.w5s
MOD - [2011.04.06 05:45:17 | 000,013,824 | ---- | M] () -- D:\Programme\Winamp\System\primo.w5s
MOD - [2011.04.06 05:45:16 | 000,311,808 | ---- | M] () -- D:\Programme\Winamp\Plugins\in_wm.dll
MOD - [2011.04.06 05:45:16 | 000,284,160 | ---- | M] () -- D:\Programme\Winamp\Plugins\in_mp3.dll
MOD - [2011.04.06 05:45:16 | 000,217,088 | ---- | M] () -- D:\Programme\Winamp\Plugins\in_vorbis.dll
MOD - [2011.04.06 05:45:16 | 000,198,144 | ---- | M] () -- D:\Programme\Winamp\Plugins\ml_disc.dll
MOD - [2011.04.06 05:45:16 | 000,162,304 | ---- | M] () -- D:\Programme\Winamp\Plugins\in_mod.dll
MOD - [2011.04.06 05:45:16 | 000,107,008 | ---- | M] () -- D:\Programme\Winamp\Plugins\in_midi.dll
MOD - [2011.04.06 05:45:16 | 000,102,400 | ---- | M] () -- D:\Programme\Winamp\Plugins\in_cdda.dll
MOD - [2011.04.06 05:45:16 | 000,074,240 | ---- | M] () -- D:\Programme\Winamp\Plugins\in_nsv.dll
MOD - [2011.04.06 05:45:16 | 000,074,240 | ---- | M] () -- D:\Programme\Winamp\Plugins\in_dshow.dll
MOD - [2011.04.06 05:45:16 | 000,066,560 | ---- | M] () -- D:\Programme\Winamp\Plugins\in_avi.dll
MOD - [2011.04.06 05:45:16 | 000,057,344 | ---- | M] () -- D:\Programme\Winamp\Plugins\in_flac.dll
MOD - [2011.04.06 05:45:16 | 000,053,248 | ---- | M] () -- D:\Programme\Winamp\Plugins\ml_impex.dll
MOD - [2011.04.06 05:45:16 | 000,048,640 | ---- | M] () -- D:\Programme\Winamp\Plugins\in_mkv.dll
MOD - [2011.04.06 05:45:16 | 000,048,128 | ---- | M] () -- D:\Programme\Winamp\Plugins\ml_history.dll
MOD - [2011.04.06 05:45:16 | 000,044,032 | ---- | M] () -- D:\Programme\Winamp\Plugins\in_mp4.dll
MOD - [2011.04.06 05:45:16 | 000,041,984 | ---- | M] () -- D:\Programme\Winamp\Plugins\in_flv.dll
MOD - [2011.04.06 05:45:16 | 000,028,672 | ---- | M] () -- D:\Programme\Winamp\Plugins\ml_autotag.dll
MOD - [2011.04.06 05:45:16 | 000,023,040 | ---- | M] () -- D:\Programme\Winamp\Plugins\ml_bookmarks.dll
MOD - [2011.04.06 05:45:16 | 000,023,040 | ---- | M] () -- D:\Programme\Winamp\Plugins\in_swf.dll
MOD - [2011.04.06 05:45:16 | 000,016,384 | ---- | M] () -- D:\Programme\Winamp\Plugins\in_wave.dll
MOD - [2011.04.06 05:45:16 | 000,007,168 | ---- | M] () -- D:\Programme\Winamp\Plugins\in_linein.dll
MOD - [2011.04.06 05:45:15 | 001,735,680 | ---- | M] () -- D:\Programme\Winamp\Plugins\gen_ff.dll
MOD - [2011.04.06 05:45:15 | 000,304,640 | ---- | M] () -- D:\Programme\Winamp\Plugins\gen_ml.dll
MOD - [2011.04.06 05:45:15 | 000,245,760 | ---- | M] () -- D:\Programme\Winamp\libsndfile.dll
MOD - [2011.04.06 05:45:15 | 000,212,480 | ---- | M] () -- D:\Programme\Winamp\Plugins\gen_jumpex.dll
MOD - [2011.04.06 05:45:15 | 000,076,288 | ---- | M] () -- D:\Programme\Winamp\nde.dll
MOD - [2011.04.06 05:45:15 | 000,057,344 | ---- | M] () -- D:\Programme\Winamp\Plugins\gen_orgler.dll
MOD - [2011.04.06 05:45:15 | 000,052,224 | ---- | M] () -- D:\Programme\Winamp\nsutil.dll
MOD - [2011.04.06 05:45:15 | 000,026,624 | ---- | M] () -- D:\Programme\Winamp\Plugins\gen_hotkeys.dll
MOD - [2011.04.06 05:45:15 | 000,024,064 | ---- | M] () -- D:\Programme\Winamp\Plugins\gen_tray.dll
MOD - [2010.06.17 20:56:52 | 000,116,224 | ---- | M] () -- D:\WINDOWS\system32\redmonnt.dll
MOD - [2009.08.23 18:58:06 | 000,094,208 | ---- | M] () -- D:\Programme\FileZilla FTP Client\fzshellext.dll
MOD - [2008.06.20 17:02:46 | 000,247,296 | ---- | M] () -- \\?\globalroot\systemroot\system32\mswsock.dll
MOD - [2008.06.20 17:02:46 | 000,247,296 | ---- | M] () -- \\.\globalroot\systemroot\system32\mswsock.dll
MOD - [2007.10.26 08:04:40 | 000,068,080 | ---- | M] () -- D:\Programme\Gemeinsame Dateien\Roxio Shared\9.0\DLLShared\dlaapi_w.dll
MOD - [2007.09.20 17:34:58 | 000,129,024 | ---- | M] () -- D:\Programme\WinRAR\RarExt.dll
========== Win32 Services (SafeList) ==========
SRV - File not found [Disabled | Stopped] -- -- (HidServ)
SRV - [2011.10.27 10:34:30 | 000,718,384 | ---- | M] (Nokia) [On_Demand | Stopped] -- D:\Programme\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2011.10.24 21:32:00 | 000,055,144 | ---- | M] (Apple Inc.) [Auto | Running] -- D:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2010.06.23 23:40:36 | 000,077,824 | ---- | M] (Avid Technology, Inc..) [Auto | Running] -- D:\Programme\Digidesign\Drivers\MMERefresh.exe -- (DigiRefresh)
SRV - [2010.06.21 18:23:10 | 001,923,592 | ---- | M] (M-Audio) [Auto | Running] -- D:\Programme\M-Audio\MobilePre\AudioDevMon.exe -- (MobilePreIIAudioDevMon)
SRV - [2009.06.18 08:29:12 | 000,635,416 | ---- | M] (PDF Complete Inc) [Auto | Running] -- D:\Programme\PDF Complete\pdfsvc.exe -- (pdfcDispatcher)
SRV - [2008.10.24 14:35:44 | 000,128,296 | ---- | M] () [On_Demand | Stopped] -- D:\Programme\Akademische Arbeitsgemeinschaft\AAVUpdateManager\aavus.exe -- (AAV UpdateService)
SRV - [2008.09.01 08:43:40 | 000,241,136 | ---- | M] () [Auto | Running] -- D:\Programme\NTP\bin\ntpd.exe -- (NTP)
SRV - [2008.04.14 13:00:00 | 000,005,632 | ---- | M] (Oak Technology Inc.) [Auto | Running] -- D:\WINDOWS\system32\s217mgmt.dll -- (symsecureport)
SRV - [2002.05.03 11:36:24 | 001,118,208 | ---- | M] (Intel Corporation) [Auto | Running] -- D:\WINDOWS\system32\NMSSvc.Exe -- (NMSSvc) Intel(R)
========== Driver Services (SafeList) ==========
DRV - [2011.08.17 13:03:58 | 000,137,472 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- D:\WINDOWS\system32\drivers\nmwcdnsu.sys -- (nmwcdnsu)
DRV - [2011.08.17 13:03:50 | 000,008,576 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- D:\WINDOWS\system32\drivers\nmwcdnsuc.sys -- (nmwcdnsuc)
DRV - [2011.08.17 12:56:32 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- D:\WINDOWS\system32\drivers\usbser_lowerfltj.sys -- (UsbserFilt)
DRV - [2011.08.17 12:56:30 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- D:\WINDOWS\system32\drivers\usbser_lowerflt.sys -- (upperdev)
DRV - [2011.08.17 12:56:26 | 000,023,168 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- D:\WINDOWS\system32\drivers\ccdcmbo.sys -- (nmwcdc)
DRV - [2011.08.17 09:56:22 | 000,018,176 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- D:\WINDOWS\system32\drivers\ccdcmb.sys -- (nmwcd)
DRV - [2011.03.18 12:46:26 | 000,061,704 | ---- | M] (FTDI Ltd.) [Kernel | On_Demand | Stopped] -- D:\WINDOWS\system32\drivers\ftdibus.sys -- (FTDIBUS)
DRV - [2011.03.18 12:46:10 | 000,073,096 | ---- | M] (FTDI Ltd.) [Kernel | On_Demand | Stopped] -- D:\WINDOWS\system32\drivers\ftser2k.sys -- (FTSER2K)
DRV - [2011.02.11 22:23:34 | 000,035,088 | ---- | M] (CACE Technologies, Inc.) [Kernel | On_Demand | Stopped] -- D:\WINDOWS\system32\drivers\npf.sys -- (npf)
DRV - [2010.12.18 12:03:56 | 000,021,696 | ---- | M] (Almico Software) [Kernel | Boot | Running] -- D:\WINDOWS\system32\speedfan.sys -- (speedfan)
DRV - [2010.06.21 18:23:00 | 000,454,792 | ---- | M] (M-Audio) [Kernel | On_Demand | Stopped] -- D:\WINDOWS\system32\drivers\MAudioMobilePreII.sys -- (MAUSBMOBILEPREII)
DRV - [2009.12.23 10:32:26 | 000,086,016 | ---- | M] (PACE Anti-Piracy, Inc.) [Kernel | Boot | Running] -- D:\WINDOWS\System32\drivers\TPkd.sys -- (TPkd)
DRV - [2009.11.19 13:33:20 | 000,051,200 | ---- | M] (Prolific Technology Inc.) [Kernel | On_Demand | Running] -- D:\WINDOWS\system32\drivers\ser2pl.sys -- (Ser2pl)
DRV - [2009.09.18 13:32:06 | 000,045,184 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- D:\WINDOWS\system32\drivers\HECI.sys -- (HECI) Intel(R)
DRV - [2008.08.26 10:26:12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- D:\WINDOWS\system32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2008.07.23 10:31:38 | 000,044,800 | ---- | M] (Infineon Technologies AG) [Kernel | On_Demand | Running] -- D:\WINDOWS\system32\drivers\ifxtpm.sys -- (IFXTPM)
DRV - [2008.06.06 08:15:40 | 000,098,816 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- D:\WINDOWS\system32\drivers\baspxp32.sys -- (Blfp)
DRV - [2008.04.14 13:00:00 | 000,040,320 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- D:\WINDOWS\system32\drivers\nmnt.sys -- (nm)
DRV - [2008.04.13 23:15:34 | 000,011,520 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- D:\WINDOWS\system32\drivers\scsiscan.sys -- (scsiscan)
DRV - [2008.03.28 10:14:02 | 000,024,064 | ---- | M] (Sonic Focus, Inc) [Kernel | Boot | Running] -- D:\WINDOWS\system32\drivers\sfaudio.sys -- (SFAUDIO)
DRV - [2007.10.26 09:05:30 | 000,009,104 | ---- | M] (Roxio) [File_System | Auto | Running] -- D:\WINDOWS\system32\drivers\DLADResM.SYS -- (DLADResM)
DRV - [2007.10.26 09:04:58 | 000,037,360 | ---- | M] (Roxio) [File_System | Auto | Running] -- D:\WINDOWS\system32\drivers\DLABMFSM.SYS -- (DLABMFSM)
DRV - [2007.10.26 09:04:56 | 000,093,584 | ---- | M] (Roxio) [File_System | Auto | Running] -- D:\WINDOWS\system32\drivers\DLAUDFAM.SYS -- (DLAUDFAM)
DRV - [2007.10.26 09:04:52 | 000,098,480 | ---- | M] (Roxio) [File_System | Auto | Running] -- D:\WINDOWS\system32\drivers\DLAUDF_M.SYS -- (DLAUDF_M)
DRV - [2007.10.26 09:04:50 | 000,032,848 | ---- | M] (Roxio) [File_System | Auto | Running] -- D:\WINDOWS\system32\drivers\DLABOIOM.SYS -- (DLABOIOM)
DRV - [2007.10.26 09:04:50 | 000,027,216 | ---- | M] (Roxio) [File_System | Auto | Running] -- D:\WINDOWS\system32\drivers\DLAOPIOM.SYS -- (DLAOPIOM)
DRV - [2007.10.26 09:04:46 | 000,016,304 | ---- | M] (Roxio) [File_System | Auto | Running] -- D:\WINDOWS\system32\drivers\DLAPoolM.SYS -- (DLAPoolM)
DRV - [2007.10.26 09:04:44 | 000,108,752 | ---- | M] (Roxio) [File_System | Auto | Running] -- D:\WINDOWS\system32\drivers\DLAIFS_M.SYS -- (DLAIFS_M)
DRV - [2007.07.23 13:49:44 | 000,030,064 | ---- | M] (Roxio) [File_System | System | Running] -- D:\WINDOWS\system32\drivers\DLARTL_M.SYS -- (DLARTL_M)
DRV - [2007.07.23 13:49:44 | 000,014,576 | ---- | M] (Roxio) [Kernel | Boot | Running] -- D:\WINDOWS\System32\Drivers\DLACDBHM.SYS -- (DLACDBHM)
DRV - [2003.11.04 12:30:06 | 000,025,294 | ---- | M] (CANON INC.) [Kernel | On_Demand | Stopped] -- D:\WINDOWS\system32\drivers\CNMFWC.sys -- (CNMFWC)
DRV - [2003.10.24 01:07:38 | 000,010,368 | ---- | M] (Padus, Inc.) [Kernel | On_Demand | Running] -- D:\WINDOWS\system32\drivers\pfc.sys -- (pfc)
DRV - [2002.05.03 11:36:44 | 000,009,868 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- D:\WINDOWS\system32\drivers\NMSCFG.SYS -- (NMSCFG)
DRV - [1996.04.03 20:33:26 | 000,005,248 | ---- | M] () [Kernel | Boot | Running] -- D:\WINDOWS\system32\giveio.sys -- (giveio)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0A 50 4E BB F9 E4 CC 01 [binary data]
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
========== FireFox ==========
FF - prefs.js..browser.search.update: false
FF - prefs.js..browser.startup.homepage: "hxxp://www.heise.de"
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:2.0.3
FF - prefs.js..extensions.enabledItems: elemhidehelper@adblockplus.org:1.1.4
FF - prefs.js..extensions.enabledItems: {dd3d7613-0246-469d-bc65-2a3cc1668adc}:0.7.1.1
FF - prefs.js..extensions.enabledItems: fsonlinescanner@f-secure.com:1.01
FF - prefs.js..extensions.enabledItems: {B13721C7-F507-4982-B2E5-502A71474FED}:2.2.0.102
FF - prefs.js..extensions.enabledItems: {19503e42-ca3c-4c27-b1e2-9cdb2170ee34}:1.3.6
FF - prefs.js..extensions.enabledItems: {3d7eb24f-2740-49df-8937-200b1cc08f8a}:1.5.15.1
FF - prefs.js..extensions.enabledItems: 2020Player@2020Technologies.com:4.5.2.0
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: exif_viewer@mozilla.doslash.org:1.70
FF - prefs.js..extensions.enabledItems: {e968fc70-8f95-4ab9-9e79-304de2a71ee1}:0.7.3
FF - prefs.js..extensions.enabledItems: {82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}:5.6.0.8153
FF - prefs.js..extensions.enabledItems: 2020Player_IKEA@2020Technologies.com:5.0.7.0
FF - prefs.js..extensions.enabledItems: fe_3.6@nokia.com:1.7.56.205
FF - prefs.js..network.proxy.http: "127.0.0.1"
FF - prefs.js..network.proxy.http_port: 81
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: D:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: D:\Programme\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: D:\Programme\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@innoplus.de/ino3DViewer: D:\Programme\innoplus\3D-Viewer-innoPlus\npIno3DViewer.dll (INNOVA-engineering GmbH Dresden)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: d:\Programme\Microsoft Silverlight\4.0.60531.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: d:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: D:\Programme\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: D:\Programme\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=1.1.11: D:\Programme\VideoLAN\VLC\npvlc.dll (the VideoLAN Team)
FF - HKLM\Software\MozillaPlugins\@viewpoint.com/VMP: D:\Programme\Viewpoint\Viewpoint Media Player\npViewpoint.dll ()
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\fe_3.6@nokia.com: D:\Programme\Nokia\Nokia Suite\Connectors\Bookmarks Connector\FirefoxExtension_3.6 [2011.11.21 17:36:50 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.25\extensions\\Components: D:\Programme\Mozilla Firefox\components [2011.12.28 10:38:44 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.25\extensions\\Plugins: D:\Programme\Mozilla Firefox\plugins [2011.12.22 12:55:21 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\SeaMonkey 1.1.19\Extensions\\Components: D:\Programme\mozilla.org\SeaMonkey\Components [2011.07.02 10:54:48 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\SeaMonkey 1.1.19\Extensions\\Plugins: D:\Programme\mozilla.org\SeaMonkey\Plugins [2011.04.24 19:18:33 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\te_7.0@nokia.com: D:\Programme\Nokia\Nokia Suite\Connectors\Thunderbird Connector\ThunderbirdExtension_7.0 [2011.11.21 17:36:50 | 000,000,000 | ---D | M]
[2011.04.11 20:58:28 | 000,000,000 | ---D | M] (No name found) -- D:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Extensions
[2011.04.11 20:58:28 | 000,000,000 | ---D | M] (No name found) -- D:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Extensions\{92650c4d-4b8e-4d2a-b7eb-24ecf4f6b63a}
[2012.02.03 20:58:57 | 000,000,000 | ---D | M] (No name found) -- D:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Firefox\Profiles\vsxd5krh.default\extensions
[2012.01.08 18:00:43 | 000,000,000 | ---D | M] (FlashGot) -- D:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Firefox\Profiles\vsxd5krh.default\extensions\{19503e42-ca3c-4c27-b1e2-9cdb2170ee34}
[2011.07.24 18:41:48 | 000,000,000 | ---D | M] (Flashblock) -- D:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Firefox\Profiles\vsxd5krh.default\extensions\{3d7eb24f-2740-49df-8937-200b1cc08f8a}
[2012.01.08 18:00:41 | 000,000,000 | ---D | M] (NoScript) -- D:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Firefox\Profiles\vsxd5krh.default\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}
[2012.01.08 18:00:42 | 000,000,000 | ---D | M] (Adblock Plus) -- D:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Firefox\Profiles\vsxd5krh.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2011.04.11 20:58:25 | 000,000,000 | ---D | M] (BlockSite) -- D:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Firefox\Profiles\vsxd5krh.default\extensions\{dd3d7613-0246-469d-bc65-2a3cc1668adc}
[2011.07.02 09:44:17 | 000,000,000 | ---D | M] (User Agent Switcher) -- D:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Firefox\Profiles\vsxd5krh.default\extensions\{e968fc70-8f95-4ab9-9e79-304de2a71ee1}
[2011.04.11 20:58:27 | 000,000,000 | ---D | M] (20-20 3D Viewer) -- D:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Firefox\Profiles\vsxd5krh.default\extensions\2020Player@2020Technologies.com
[2011.09.22 18:05:27 | 000,000,000 | ---D | M] (20-20 3D Viewer - IKEA) -- D:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Firefox\Profiles\vsxd5krh.default\extensions\2020Player_IKEA@2020Technologies.com
[2012.01.08 18:00:43 | 000,000,000 | ---D | M] (Element Hiding Helper for Adblock Plus) -- D:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Firefox\Profiles\vsxd5krh.default\extensions\elemhidehelper@adblockplus.org
[2011.10.18 22:48:58 | 000,000,000 | ---D | M] ("Exif Viewer") -- D:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Firefox\Profiles\vsxd5krh.default\extensions\exif_viewer@mozilla.doslash.org
[2011.04.11 20:58:27 | 000,000,000 | ---D | M] (No name found) -- D:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Firefox\Profiles\vsxd5krh.default\extensions\fsonlinescanner@f-secure.com
[2011.04.11 20:58:14 | 000,000,000 | ---D | M] (No name found) -- D:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Profiles\muc00653\psv2qcsl.slt\extensions
[2011.04.11 20:58:14 | 000,000,000 | ---D | M] (No name found) -- D:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Profiles\muc00653\psv2qcsl.slt\extensions\{3cd27e92-1a30-11da-94c6-00e08161165f}
[2012.02.03 21:08:53 | 000,000,000 | ---D | M] (No name found) -- D:\Programme\Mozilla Firefox\extensions
[2011.08.22 06:07:15 | 000,000,000 | ---D | M] (Click to call with Skype) -- D:\Programme\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2011.04.06 22:37:05 | 000,000,000 | ---D | M] (Java Console) -- D:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
[2011.10.09 07:48:14 | 000,000,000 | ---D | M] (Java Quick Starter) -- D:\PROGRAMME\JAVA\JRE6\LIB\DEPLOY\JQS\FF
[2011.11.21 17:36:50 | 000,000,000 | ---D | M] (Firefox Synchronisation Extension) -- D:\PROGRAMME\NOKIA\NOKIA SUITE\CONNECTORS\BOOKMARKS CONNECTOR\FIREFOXEXTENSION_3.6
[2012.01.23 13:24:32 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- D:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V3.5\WINDOWS PRESENTATION FOUNDATION\DOTNETASSISTANTEXTENSION
[2011.04.11 21:08:03 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- D:\Programme\mozilla firefox\plugins\npdeployJava1.dll
[2009.12.18 01:31:54 | 000,063,488 | ---- | M] (Nullsoft) -- D:\Programme\mozilla firefox\plugins\npwachk.dll
[2011.09.13 19:08:08 | 000,001,392 | ---- | M] () -- D:\Programme\mozilla firefox\searchplugins\amazondotcom-de.xml
[2011.09.13 19:08:08 | 000,002,344 | ---- | M] () -- D:\Programme\mozilla firefox\searchplugins\eBay-de.xml
[2011.09.13 19:08:08 | 000,006,805 | ---- | M] () -- D:\Programme\mozilla firefox\searchplugins\leo_ende_de.xml
[2011.09.13 19:08:08 | 000,001,178 | ---- | M] () -- D:\Programme\mozilla firefox\searchplugins\wikipedia-de.xml
[2011.09.13 19:08:08 | 000,001,105 | ---- | M] () -- D:\Programme\mozilla firefox\searchplugins\yahoo-de.xml
Hosts file not found
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - D:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O4 - HKLM..\Run: [APSDaemon] D:\Programme\Gemeinsame Dateien\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [DigidesignMMERefresh] D:\Programme\Digidesign\Drivers\MMERefresh.exe (Avid Technology, Inc..)
O4 - HKLM..\Run: [FreePDF Assistant] D:\Programme\FreePDF_XP\fpassist.exe (shbox.de)
O4 - HKLM..\Run: [PROMon.exe] D:\WINDOWS\System32\PROMon.exe (Intel Corporation)
O4 - HKCU..\Run: [] File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9 - Extra Button: Click to call with Skype - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - D:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Click to call with Skype - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - D:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - D:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - D:\Programme\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - D:\Programme\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - D:\Programme\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - D:\Programme\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - D:\Programme\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - D:\Programme\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - D:\Programme\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - D:\Programme\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - D:\Programme\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - D:\Programme\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - D:\Programme\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - D:\Programme\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - D:\Programme\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - D:\Programme\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - D:\Programme\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000016 - D:\Programme\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000017 - D:\Programme\Bonjour\mdnsNSP.dll File not found
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} hxxp://download.eset.com/special/eos/OnlineScanner.cab (OnlineScanner Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{70F35C8C-A678-4D72-8BD6-3FC50C093773}: DhcpNameServer = 192.168.0.254
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - D:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - D:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - D:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - D:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) -D:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (D:\WINDOWS\system32\userinit.exe) -D:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O24 - Desktop Components:0 (Die derzeitige Homepage) - About:Home
O24 - Desktop WallPaper: D:\Dokumente und Einstellungen\***\Lokale Einstellungen\Anwendungsdaten\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: D:\Dokumente und Einstellungen\***\Lokale Einstellungen\Anwendungsdaten\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2003.01.30 22:56:52 | 000,000,732 | ---- | M] () - C:\AUTOEXEC.BAT -- [ FAT ]
O32 - AutoRun File - [2000.09.02 08:56:14 | 000,000,745 | ---- | M] () - C:\autoexec.bak -- [ FAT ]
O32 - AutoRun File - [2000.07.26 22:02:32 | 000,000,710 | ---- | M] () - C:\autoexec.dos -- [ FAT ]
O32 - AutoRun File - [2000.08.01 23:47:20 | 000,000,778 | ---- | M] () - C:\autoexec.pss -- [ FAT ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 30 Days ==========
[2012.02.08 20:16:17 | 004,733,440 | ---- | C] (AVAST Software) -- D:\Dokumente und Einstellungen\***\Desktop\aswMBR.exe
[2012.02.07 19:57:48 | 000,000,000 | ---D | C] -- D:\TDSSKiller_Quarantine
[2012.02.07 19:53:17 | 002,060,336 | ---- | C] (Kaspersky Lab ZAO) -- D:\Dokumente und Einstellungen\***\Desktop\TDSSKiller.exe
[2012.02.07 07:41:08 | 000,000,000 | ---D | C] -- D:\Programme\ESET
[2012.02.06 08:44:11 | 000,000,000 | ---D | C] -- D:\Dokumente und Einstellungen\NetworkService\Anwendungsdaten\Sun
[2012.02.06 08:08:07 | 000,000,000 | ---D | C] -- D:\Dokumente und Einstellungen\NetworkService\Anwendungsdaten\Macromedia
[2012.02.06 08:08:04 | 000,000,000 | ---D | C] -- D:\Dokumente und Einstellungen\NetworkService\Anwendungsdaten\Adobe
[2012.01.23 13:25:19 | 000,000,000 | -HSD | C] -- D:\Config.Msi
[2012.01.22 19:15:54 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\XPSViewer
[2012.01.22 19:15:49 | 000,000,000 | ---D | C] -- D:\Programme\MSBuild
[2012.01.22 19:15:48 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\en-US
[2012.01.22 19:15:42 | 000,000,000 | ---D | C] -- D:\Programme\Reference Assemblies
[2012.01.22 19:15:20 | 001,676,288 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\xpssvcs.dll
[2012.01.22 19:15:20 | 001,676,288 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\xpssvcs.dll
[2012.01.22 19:15:20 | 000,597,504 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\printfilterpipelinesvc.exe
[2012.01.22 19:15:20 | 000,575,488 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\xpsshhdr.dll
[2012.01.22 19:15:20 | 000,117,760 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\prntvpt.dll
[2012.01.22 19:15:20 | 000,089,088 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\filterpipelineprintproc.dll
[2012.01.22 19:15:20 | 000,000,000 | ---D | C] -- D:\a0d2243c27e3ff2b71
[2012.01.22 19:10:39 | 000,000,000 | ---D | C] -- D:\Programme\iPhoneBrowser
[2012.01.22 19:10:39 | 000,000,000 | ---D | C] -- D:\Dokumente und Einstellungen\All Users\Startmenü\Programme\iPhoneBrowser
[2012.01.22 11:16:34 | 000,000,000 | ---D | C] -- D:\Dokumente und Einstellungen\***\Lokale Einstellungen\Anwendungsdaten\libimobiledevice
[2012.01.22 11:04:07 | 000,000,000 | ---D | C] -- D:\Dokumente und Einstellungen\***\Lokale Einstellungen\Anwendungsdaten\Apple Computer
[2012.01.22 11:04:06 | 000,000,000 | ---D | C] -- D:\Dokumente und Einstellungen\***\Anwendungsdaten\Apple Computer
[2012.01.22 11:04:00 | 000,000,000 | ---D | C] -- D:\Dokumente und Einstellungen\All Users\Startmenü\Programme\iTunes
[2012.01.22 11:03:59 | 000,107,368 | ---- | C] (GEAR Software Inc.) -- D:\WINDOWS\System32\GEARAspi.dll
[2012.01.22 11:03:17 | 000,000,000 | ---D | C] -- D:\Programme\iPod
[2012.01.22 11:03:13 | 000,000,000 | ---D | C] -- D:\Programme\iTunes
[2012.01.22 11:03:13 | 000,000,000 | ---D | C] -- D:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Apple Computer
[2012.01.22 11:03:13 | 000,000,000 | ---D | C] -- D:\Dokumente und Einstellungen\All Users\Anwendungsdaten\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2012.01.22 11:03:01 | 000,000,000 | ---D | C] -- D:\Dokumente und Einstellungen\***\Lokale Einstellungen\Anwendungsdaten\Apple
[2012.01.22 11:03:00 | 000,000,000 | ---D | C] -- D:\Programme\Apple Software Update
[2012.01.22 11:02:57 | 000,000,000 | ---D | C] -- D:\Dokumente und Einstellungen\LocalService\Anwendungsdaten\Apple Computer
[2012.01.22 11:02:51 | 004,517,664 | ---- | C] (Apple, Inc.) -- D:\WINDOWS\System32\usbaaplrc.dll
[2012.01.22 11:02:15 | 000,000,000 | ---D | C] -- D:\Programme\Bonjour
[2012.01.22 11:02:00 | 000,000,000 | ---D | C] -- D:\Programme\Gemeinsame Dateien\Apple
[2012.01.22 11:02:00 | 000,000,000 | ---D | C] -- D:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Apple
[3 D:\WINDOWS\*.tmp files -> D:\WINDOWS\*.tmp -> ]
[1 D:\WINDOWS\System32\*.tmp files -> D:\WINDOWS\System32\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2012.02.08 20:17:07 | 000,000,512 | ---- | M] () -- D:\Dokumente und Einstellungen\***\Desktop\MBR.dat
[2012.02.08 19:58:03 | 000,054,016 | ---- | M] () -- D:\WINDOWS\System32\drivers\xnqjiweo.sys
[2012.02.08 19:54:10 | 000,001,084 | ---- | M] () -- D:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2012.02.08 18:06:32 | 000,012,598 | ---- | M] () -- D:\WINDOWS\System32\wpa.dbl
[2012.02.08 18:06:27 | 000,001,080 | ---- | M] () -- D:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2012.02.08 18:05:59 | 000,002,048 | --S- | M] () -- D:\WINDOWS\bootstat.dat
[2012.02.08 06:58:26 | 000,460,664 | ---- | M] () -- D:\WINDOWS\System32\perfh007.dat
[2012.02.08 06:58:26 | 000,442,602 | ---- | M] () -- D:\WINDOWS\System32\perfh009.dat
[2012.02.08 06:58:26 | 000,085,396 | ---- | M] () -- D:\WINDOWS\System32\perfc007.dat
[2012.02.08 06:58:26 | 000,071,868 | ---- | M] () -- D:\WINDOWS\System32\perfc009.dat
[2012.02.08 06:46:19 | 000,057,728 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\redbook.sys
[2012.02.07 20:22:00 | 000,000,484 | ---- | M] () -- D:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
[2012.02.07 19:58:56 | 000,009,592 | ---- | M] () -- D:\WINDOWS\mozver.dat
[2012.02.07 15:15:44 | 002,060,336 | ---- | M] (Kaspersky Lab ZAO) -- D:\Dokumente und Einstellungen\***\Desktop\TDSSKiller.exe
[2012.02.07 07:53:44 | 000,004,804 | ---- | M] () -- D:\WINDOWS\System32\d3d9caps.dat
[2012.02.07 07:01:29 | 000,000,000 | -HS- | M] () -- D:\WINDOWS\System32\dds_trash_log.cmd
[2012.02.06 21:50:03 | 004,733,440 | ---- | M] (AVAST Software) -- D:\Dokumente und Einstellungen\***\Desktop\aswMBR.exe
[2012.02.06 09:30:50 | 000,001,000 | ---- | M] () -- D:\Dokumente und Einstellungen\***\Eigene Dateien\sptd.reg
[2012.02.06 07:59:06 | 000,000,756 | ---- | M] () -- D:\Dokumente und Einstellungen\All Users\Desktop\Malwarebytes Anti-Malware.lnk
[2012.02.06 07:51:42 | 006,157,039 | ---- | M] () -- D:\Dokumente und Einstellungen\***\Eigene Dateien\history.rtf
[2012.02.06 07:16:36 | 000,064,013 | ---- | M] () -- D:\Dokumente und Einstellungen\***\.recently-used.xbel
[2012.02.02 16:00:05 | 000,000,424 | ---- | M] () -- D:\Dokumente und Einstellungen\All Users\Dokumente\Verknüpfung mit Eigene Dateien.lnk
[2012.01.23 13:27:04 | 000,001,374 | ---- | M] () -- D:\WINDOWS\imsins.BAK
[2012.01.22 21:30:17 | 000,144,424 | ---- | M] () -- D:\WINDOWS\System32\FNTCACHE.DAT
[2012.01.22 18:49:46 | 000,000,600 | ---- | M] () -- D:\Dokumente und Einstellungen\***\PUTTY.RND
[2012.01.22 12:51:50 | 695,604,079 | ---- | M] () -- D:\Dokumente und Einstellungen\***\Eigene Dateien\NO_BB_OLDROM_iPhone2,1_5.0_9A334_Restore.ipsw
[2012.01.22 12:33:03 | 701,195,503 | ---- | M] () -- D:\Dokumente und Einstellungen\***\Eigene Dateien\iPhone2,1_5.0_9A334_Restore.ipsw
[3 D:\WINDOWS\*.tmp files -> D:\WINDOWS\*.tmp -> ]
[1 D:\WINDOWS\System32\*.tmp files -> D:\WINDOWS\System32\*.tmp -> ]
========== Files Created - No Company Name ==========
[2012.02.08 19:58:03 | 000,054,016 | ---- | C] () -- D:\WINDOWS\System32\drivers\xnqjiweo.sys
[2012.02.06 22:08:08 | 000,000,512 | ---- | C] () -- D:\Dokumente und Einstellungen\***\Desktop\MBR.dat
[2012.02.06 09:30:50 | 000,001,000 | ---- | C] () -- D:\Dokumente und Einstellungen\***\Eigene Dateien\sptd.reg
[2012.02.06 07:59:06 | 000,000,756 | ---- | C] () -- D:\Dokumente und Einstellungen\All Users\Desktop\Malwarebytes Anti-Malware.lnk
[2012.02.06 07:51:42 | 006,157,039 | ---- | C] () -- D:\Dokumente und Einstellungen\***\Eigene Dateien\history.rtf
[2012.02.06 07:36:56 | 000,000,000 | -HS- | C] () -- D:\WINDOWS\System32\dds_trash_log.cmd
[2012.02.06 07:16:36 | 000,064,013 | ---- | C] () -- D:\Dokumente und Einstellungen\***\.recently-used.xbel
[2012.02.02 16:00:05 | 000,000,424 | ---- | C] () -- D:\Dokumente und Einstellungen\All Users\Dokumente\Verknüpfung mit Eigene Dateien.lnk
[2012.01.22 12:50:59 | 695,604,079 | ---- | C] () -- D:\Dokumente und Einstellungen\***\Eigene Dateien\NO_BB_OLDROM_iPhone2,1_5.0_9A334_Restore.ipsw
[2012.01.22 12:48:19 | 701,195,503 | ---- | C] () -- D:\Dokumente und Einstellungen\***\Eigene Dateien\iPhone2,1_5.0_9A334_Restore.ipsw
[2012.01.22 11:03:00 | 000,001,830 | ---- | C] () -- D:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Apple Software Update.lnk
[2011.07.26 06:22:53 | 000,217,088 | ---- | C] () -- D:\WINDOWS\System32\qtmlClient.dll
[2011.07.18 18:50:53 | 000,003,776 | ---- | C] () -- D:\WINDOWS\System32\fxsperf.ini
[2011.06.23 09:10:39 | 000,000,002 | ---- | C] () -- D:\WINDOWS\tm.ini
[2011.06.14 21:51:09 | 000,044,544 | ---- | C] () -- D:\WINDOWS\System32\Gif89.dll
[2011.05.29 09:49:27 | 000,003,260 | ---- | C] () -- D:\WINDOWS\System32\d3d8caps.dat
[2011.05.08 12:10:42 | 000,004,804 | ---- | C] () -- D:\WINDOWS\System32\d3d9caps.dat
[2011.04.15 20:44:13 | 000,116,224 | ---- | C] () -- D:\WINDOWS\System32\redmonnt.dll
[2011.04.15 20:44:13 | 000,045,056 | ---- | C] () -- D:\WINDOWS\System32\unredmon.exe
[2011.04.13 06:14:45 | 000,000,064 | ---- | C] () -- D:\WINDOWS\System32\rp_stats.dat
[2011.04.13 06:14:45 | 000,000,044 | ---- | C] () -- D:\WINDOWS\System32\rp_rules.dat
[2011.04.12 19:48:30 | 000,000,054 | ---- | C] () -- D:\WINDOWS\setihome.ini
[2011.04.12 07:16:34 | 000,000,232 | ---- | C] () -- D:\WINDOWS\wininit.ini
[2011.04.12 07:07:21 | 000,007,680 | ---- | C] () -- D:\WINDOWS\System32\CNMVS5x.DLL
[2011.04.11 21:50:09 | 000,000,035 | ---- | C] () -- D:\WINDOWS\InfModM.ini
[2011.04.11 21:06:58 | 000,127,488 | ---- | C] () -- D:\Dokumente und Einstellungen\***\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011.04.11 20:42:27 | 000,220,944 | ---- | C] () -- D:\WINDOWS\SeaMonkeyUninstall.exe
[2011.04.11 20:42:20 | 000,118,784 | ---- | C] () -- D:\WINDOWS\GREUninstall.exe
[2011.04.11 20:42:20 | 000,009,592 | ---- | C] () -- D:\WINDOWS\mozver.dat
[2011.04.06 05:35:14 | 000,147,456 | ---- | C] () -- D:\WINDOWS\System32\igfxCoIn_v5016.dll
[2011.04.05 20:44:10 | 000,000,335 | ---- | C] () -- D:\WINDOWS\nsreg.dat
[2011.04.05 20:01:59 | 000,004,161 | ---- | C] () -- D:\WINDOWS\ODBCINST.INI
[2011.04.05 20:00:45 | 000,144,424 | ---- | C] () -- D:\WINDOWS\System32\FNTCACHE.DAT
[2011.04.05 19:12:11 | 000,002,048 | --S- | C] () -- D:\WINDOWS\bootstat.dat
[2011.04.05 19:07:29 | 000,021,740 | ---- | C] () -- D:\WINDOWS\System32\emptyregdb.dat
[2011.02.11 22:23:34 | 000,053,299 | ---- | C] () -- D:\WINDOWS\System32\pthreadVC.dll
[2008.04.14 13:00:00 | 013,107,200 | ---- | C] () -- D:\WINDOWS\System32\oembios.bin
[2008.04.14 13:00:00 | 000,673,088 | ---- | C] () -- D:\WINDOWS\System32\mlang.dat
[2008.04.14 13:00:00 | 000,460,664 | ---- | C] () -- D:\WINDOWS\System32\perfh007.dat
[2008.04.14 13:00:00 | 000,442,602 | ---- | C] () -- D:\WINDOWS\System32\perfh009.dat
[2008.04.14 13:00:00 | 000,272,128 | ---- | C] () -- D:\WINDOWS\System32\perfi009.dat
[2008.04.14 13:00:00 | 000,269,480 | ---- | C] () -- D:\WINDOWS\System32\perfi007.dat
[2008.04.14 13:00:00 | 000,218,003 | ---- | C] () -- D:\WINDOWS\System32\dssec.dat
[2008.04.14 13:00:00 | 000,085,396 | ---- | C] () -- D:\WINDOWS\System32\perfc007.dat
[2008.04.14 13:00:00 | 000,071,868 | ---- | C] () -- D:\WINDOWS\System32\perfc009.dat
[2008.04.14 13:00:00 | 000,046,258 | ---- | C] () -- D:\WINDOWS\System32\mib.bin
[2008.04.14 13:00:00 | 000,034,478 | ---- | C] () -- D:\WINDOWS\System32\perfd007.dat
[2008.04.14 13:00:00 | 000,028,626 | ---- | C] () -- D:\WINDOWS\System32\perfd009.dat
[2008.04.14 13:00:00 | 000,004,569 | ---- | C] () -- D:\WINDOWS\System32\secupd.dat
[2008.04.14 13:00:00 | 000,004,461 | ---- | C] () -- D:\WINDOWS\System32\oembios.dat
[2008.04.14 13:00:00 | 000,001,804 | ---- | C] () -- D:\WINDOWS\System32\Dcache.bin
[2008.04.14 13:00:00 | 000,000,741 | ---- | C] () -- D:\WINDOWS\System32\noise.dat
[2002.03.26 07:36:48 | 000,069,632 | ---- | C] () -- D:\WINDOWS\System32\PROInst.dll
[2002.02.06 08:04:14 | 000,065,536 | ---- | C] () -- D:\WINDOWS\System32\NMSInst.dll
[1996.04.03 20:33:26 | 000,005,248 | ---- | C] () -- D:\WINDOWS\System32\giveio.sys
========== LOP Check ==========
[2011.04.12 06:03:04 | 000,000,000 | ---D | M] -- D:\Dokumente und Einstellungen\All Users\Anwendungsdaten\AAV
[2011.04.11 21:46:27 | 000,000,000 | -H-D | M] -- D:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Anwendungsdaten
[2011.04.12 06:03:23 | 000,000,000 | ---D | M] -- D:\Dokumente und Einstellungen\All Users\Anwendungsdaten\BVRP Software
[2011.04.12 07:16:34 | 000,000,000 | ---D | M] -- D:\Dokumente und Einstellungen\All Users\Anwendungsdaten\CanonCP
[2011.04.15 20:44:12 | 000,000,000 | ---D | M] -- D:\Dokumente und Einstellungen\All Users\Anwendungsdaten\FreePDF
[2011.04.24 21:34:58 | 000,000,000 | -HSD | M] -- D:\Dokumente und Einstellungen\All Users\Anwendungsdaten\HHD Software Hex Editor 4
[2011.11.21 17:36:48 | 000,000,000 | ---D | M] -- D:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Nokia
[2011.11.21 17:21:13 | 000,000,000 | ---D | M] -- D:\Dokumente und Einstellungen\All Users\Anwendungsdaten\NokiaInstallerCache
[2011.07.26 06:53:45 | 000,000,000 | ---D | M] -- D:\Dokumente und Einstellungen\All Users\Anwendungsdaten\PACE Anti-Piracy
[2011.04.28 20:29:48 | 000,000,000 | ---D | M] -- D:\Dokumente und Einstellungen\All Users\Anwendungsdaten\PassMark
[2011.11.21 17:38:48 | 000,000,000 | ---D | M] -- D:\Dokumente und Einstellungen\All Users\Anwendungsdaten\PC Suite
[2012.02.04 06:46:14 | 000,000,000 | ---D | M] -- D:\Dokumente und Einstellungen\All Users\Anwendungsdaten\PDFC
[2012.01.22 11:03:58 | 000,000,000 | ---D | M] -- D:\Dokumente und Einstellungen\All Users\Anwendungsdaten\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2011.04.11 20:58:48 | 000,000,000 | ---D | M] -- D:\Dokumente und Einstellungen\***\Anwendungsdaten\AAV
[2011.04.11 20:58:46 | 000,000,000 | ---D | M] -- D:\Dokumente und Einstellungen\***\Anwendungsdaten\ASAP Utilities
[2011.04.11 20:58:46 | 000,000,000 | ---D | M] -- D:\Dokumente und Einstellungen\***\Anwendungsdaten\com.adobe.example.avatarAirApplication.199ED43C2CFEB351CD0244628B93195D7C58F98C.1
[2011.07.26 07:01:42 | 000,000,000 | ---D | M] -- D:\Dokumente und Einstellungen\***\Anwendungsdaten\Digidesign
[2011.12.03 21:23:08 | 000,000,000 | ---D | M] -- D:\Dokumente und Einstellungen\***\Anwendungsdaten\ESBCalc
[2012.01.22 20:18:36 | 000,000,000 | ---D | M] -- D:\Dokumente und Einstellungen\***\Anwendungsdaten\FileZilla
[2011.06.14 20:54:32 | 000,000,000 | ---D | M] -- D:\Dokumente und Einstellungen\***\Anwendungsdaten\Flash Undelete Software
[2011.11.17 21:52:58 | 000,000,000 | ---D | M] -- D:\Dokumente und Einstellungen\***\Anwendungsdaten\Foxit Software
[2011.04.11 20:58:46 | 000,000,000 | ---D | M] -- D:\Dokumente und Einstellungen\***\Anwendungsdaten\FRISK Software
[2012.01.15 23:38:05 | 000,000,000 | ---D | M] -- D:\Dokumente und Einstellungen\***\Anwendungsdaten\gtk-2.0
[2011.04.11 20:58:46 | 000,000,000 | ---D | M] -- D:\Dokumente und Einstellungen\***\Anwendungsdaten\HSETU
[2011.04.11 20:58:45 | 000,000,000 | ---D | M] -- D:\Dokumente und Einstellungen\***\Anwendungsdaten\Leadertech
[2011.04.12 20:35:08 | 000,000,000 | ---D | M] -- D:\Dokumente und Einstellungen\***\Anwendungsdaten\LibreOffice
[2011.04.11 20:58:28 | 000,000,000 | ---D | M] -- D:\Dokumente und Einstellungen\***\Anwendungsdaten\MobileAction
[2011.11.21 17:43:08 | 000,000,000 | ---D | M] -- D:\Dokumente und Einstellungen\***\Anwendungsdaten\Nokia
[2011.11.21 17:43:09 | 000,000,000 | ---D | M] -- D:\Dokumente und Einstellungen\***\Anwendungsdaten\Nokia Suite
[2011.04.11 20:55:37 | 000,000,000 | ---D | M] -- D:\Dokumente und Einstellungen\***\Anwendungsdaten\PC Suite
[2011.04.11 20:55:35 | 000,000,000 | ---D | M] -- D:\Dokumente und Einstellungen\***\Anwendungsdaten\Shareaza
[2011.04.11 20:55:28 | 000,000,000 | ---D | M] -- D:\Dokumente und Einstellungen\***\Anwendungsdaten\Wireshark
[2012.02.07 20:22:00 | 000,000,484 | ---- | M] () -- D:\WINDOWS\Tasks\Ad-Aware Update (Weekly).job
========== Purity Check ==========
========== Alternate Data Streams ==========
@Alternate Data Stream - 8380 bytes -> D:\Dokumente und Einstellungen\***\Eigene Dateien\Hausdach.JPG:Q30lsldxJoudresxAaaqpcawXc
@Alternate Data Stream - 7380 bytes -> D:\Dokumente und Einstellungen\***\Desktop\Schwimmbeck Hausgeräte und Service GmbH.URL:Q30lsldxJoudresxAaaqpcawXc
@Alternate Data Stream - 6368 bytes -> D:\Dokumente und Einstellungen\***\Desktop\antrag2005_fes_stand_08_05.pdf:Q30lsldxJoudresxAaaqpcawXc
@Alternate Data Stream - 6296 bytes -> D:\Dokumente und Einstellungen\***\Desktop\Einladung 45.Geburtstag.Geburtstag.pdf:Q30lsldxJoudresxAaaqpcawXc
@Alternate Data Stream - 5496 bytes -> D:\Dokumente und Einstellungen\***\Desktop\SDIM1399.JPG:Q30lsldxJoudresxAaaqpcawXc
@Alternate Data Stream - 48 bytes -> D:\Dokumente und Einstellungen\All Users\DRM:مايكروسوفت
@Alternate Data Stream - 4504 bytes -> D:\Dokumente und Einstellungen\***\Desktop\Handbremsklötze Voyager.pdf:Q30lsldxJoudresxAaaqpcawXc
@Alternate Data Stream - 4008 bytes -> D:\Dokumente und Einstellungen\***\Desktop\foerderrichtlinien_fes-1.pdf:Q30lsldxJoudresxAaaqpcawXc
@Alternate Data Stream - 16756 bytes -> D:\Dokumente und Einstellungen\***\Desktop\monitortest.bmp:Q30lsldxJoudresxAaaqpcawXc
@Alternate Data Stream - 13940 bytes -> D:\Dokumente und Einstellungen\***\Desktop\Campingplatz Seewiese.URL:Q30lsldxJoudresxAaaqpcawXc
@Alternate Data Stream - 1223 bytes -> D:\Programme\WindowsUpdate:NsSJ8uSt7jjD6GiakbXGfKV0
@Alternate Data Stream - 1214 bytes -> D:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Microsoft:G7uOsGqLT9TlGjKNalsc9EQ
@Alternate Data Stream - 1183 bytes -> D:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Microsoft:UF6VKtLfbx5A1kiJvTaVPQ3
@Alternate Data Stream - 1167 bytes -> D:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Microsoft:6k2YZJXNQhlPMq91ookcrhdi0J6qq
@Alternate Data Stream - 1151 bytes -> D:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Microsoft:pOZIboR0l8kv9yYb30
@Alternate Data Stream - 1143 bytes -> D:\Programme\Outlook Express:OeAy2al2ITkF9gkTBhcREVEjTRJY
@Alternate Data Stream - 10504 bytes -> D:\Dokumente und Einstellungen\***\Desktop\Whois.Net.URL:Q30lsldxJoudresxAaaqpcawXc
< End of report > --- --- ---
extra.txt
OTL Logfile: Code:
OTL Extras logfile created on: 08.02.2012 20:44:02 - Run 5
OTL by OldTimer - Version 3.2.31.0 Folder = D:\mnt\source
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
2,97 Gb Total Physical Memory | 2,46 Gb Available Physical Memory | 82,70% Memory free
4,91 Gb Paging File | 4,48 Gb Available in Paging File | 91,26% Paging File free
Paging file location(s): D:\pagefile.sys 2046 4092 [binary data]
%SystemDrive% = D: | %SystemRoot% = D:\WINDOWS | %ProgramFiles% = D:\Programme
Drive C: | 501,73 Mb Total Space | 68,54 Mb Free Space | 13,66% Space Free | Partition Type: FAT
Drive D: | 39,06 Gb Total Space | 7,55 Gb Free Space | 19,33% Space Free | Partition Type: NTFS
Drive G: | 3,73 Gb Total Space | 3,44 Gb Free Space | 92,06% Space Free | Partition Type: FAT32
Computer Name: *** | User Name: *** | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.html [@ = MozillaHTML] -- D:\Programme\mozilla.org\SeaMonkey\seamonkey.exe (mozilla.org)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
htmlfile [edit] -- Reg Error: Key error.
http [open] -- D:\PROGRA~1\MOZILLA.ORG\SEAMON~1\SEAMON~1.EXE -osint -url "%1" (mozilla.org)
https [open] -- D:\PROGRA~1\MOZILLA.ORG\SEAMON~1\SEAMON~1.EXE -osint -url "%1" (mozilla.org)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "D:\Programme\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "D:\Programme\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Directory [Winamp.Bookmark] -- "D:\Programme\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft)
Directory [Winamp.Enqueue] -- "D:\Programme\Winamp\winamp.exe" /ADD "%1" (Nullsoft)
Directory [Winamp.Play] -- "D:\Programme\Winamp\winamp.exe" "%1" (Nullsoft)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"UpdatesDisableNotify" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"5900:TCP" = 5900:TCP:*:Enabled:vnc5900
"5800:TCP" = 5800:TCP:*:Enabled:vnc5800
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"D:\Programme\UltraVNC\winvnc.exe" = D:\Programme\UltraVNC\winvnc.exe:*:Enabled:winvnc.exe -- (UltraVNC)
"D:\Programme\UltraVNC\vncviewer.exe" = D:\Programme\UltraVNC\vncviewer.exe:*:Enabled:vncviewer.exe -- (UltraVNC)
"D:\Programme\Shareaza\Shareaza.exe" = D:\Programme\Shareaza\Shareaza.exe:*:Enabled:Shareaza -- (Shareaza Development Team)
"D:\Programme\Google\Google Earth\client\googleearth.exe" = D:\Programme\Google\Google Earth\client\googleearth.exe:*:Disabled:Google Earth -- (Google)
"D:\Programme\Gemeinsame Dateien\Apple\Apple Application Support\WebKit2WebProcess.exe" = D:\Programme\Gemeinsame Dateien\Apple\Apple Application Support\WebKit2WebProcess.exe:*:Enabled:WebKit -- (Apple Inc.)
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{18189552-78C0-11DF-AE5E-CBF1DED72085}" = M-Audio MobilePre Driver 1.0.4 (x86)
"{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{25613C10-27D2-410B-942B-D922D5C3A7BE}" = Interlok driver setup x32
"{26A24AE4-039D-4CA4-87B4-2F83216017FF}" = Java(TM) 6 Update 17
"{2F4C24E6-CBD4-4AAC-B56F-C9FD44DE5668}" = Roxio Drag-to-Disc
"{343666E2-A059-48AC-AD67-230BF74E2DB2}" = Apple Application Support
"{350C97B3-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{371F27A1-9502-4762-AE97-1C1938B21055}" = Avid Pro Tools SE 8.0.3
"{55EB7967-5BB1-4EA2-8AFF-B2F9E487E553}" = PC Connectivity Solution
"{5A3C1721-F8ED-11E0-8AFB-B8AC6F97B88E}" = Google Earth
"{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}" = MSVC80_x86_v2
"{6EC5D2BB-C70D-4A1E-9E0E-384568CA5E97}" = Intel(R) PRO Intelligent Installer
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{79155F2B-9895-49D7-8612-D92580E0DE5B}" = Bonjour
"{7AAA00C4-26E6-4EC0-8069-955B0A9D6009}" = Intel(R) Network Connections 15.2.89.2
"{7BB045C3-D5E4-4620-B536-DC11AACD5942}" = Broadcom Management Programs
"{8153ED9A-C94A-426E-9880-5E6775C08B62}" = Apple Mobile Device Support
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{89B078C4-50B0-453E-BF53-3A7E6A0D85FA}" = Windows Support Tools
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A367C28-423C-48E2-8C76-EBA1171F932A}" = Adobe Photoshop Album 2.0
"{91B323B5-A79C-4D23-BD6D-046C565F9BCF}" = MadOnion.com/3DMark2001 SE
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9F5FD796-86F0-4360-85F8-D54C0F5411EB}" = Steuer-Spar-Erklärung 2011
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A4D7B764-4140-11D4-88EB-0050DA3579C0}" = Nero - Burning Rom
"{A89131FD-3D18-4DA8-84C8-622423011B51}_is1" = ALNO AG Küchenplaner
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AA59DDE4-B672-4621-A016-4C248204957A}" = Skype™ 5.5
"{AF111648-99A1-453E-81DD-80DBBF6DAD0D}" = MSVC90_x86
"{AF88496B-4BBA-4922-97E9-2582D3A28358}" = Nokia Connectivity Cable Driver
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Click to Call with Skype
"{B96DB037-DBEA-4186-9081-9CBD537F82E8}" = 3D-Viewer-innoplus
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C1FCDCA1-2759-4E5E-84EE-3A665BB2F513}" = iPhoneBrowser
"{C9A87D86-FDFD-418B-BF96-EF09320973B3}" = PC Inspector smart recovery
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CE518445-0054-44F8-8315-2AD45BF3701E}" = Raw Therapee V4.0.4.2 x86
"{D64833F8-860D-4216-8EDC-DD08AD68C0B5}" = LibreOffice 3.4
"{D8E1DFEE-622B-46BA-AEFF-AB7E541C0B21}" = Steuer-Spar-Erklärung 2010
"{DB24A9E5-A068-43DD-88D0-B51BED3C0B99}" = Nokia Suite
"{DBBE5C26-72B7-4E01-950D-86BDE35918ED}" = Embedded Security for HP ProtectTools Driver
"{E3B64CC5-C011-40C0-92BC-7316CD5E5688}" = Microsoft_VC100_CRT_SP1_x86
"{E8C23EBE-EE3C-4299-9DB9-601AB3751454}" = AAVUpdateManager
"{ECC3713C-08A4-40E3-95F1-7D0704F1CE5E}" = PL-2303 USB-to-Serial
"{F0A37341-D692-11D4-A984-009027EC0A9C}" = SoundMAX
"{F0A55445-B637-4CEA-A580-A8FC6954130D}" = HP Client Management Interface Providers
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}" = Visual C++ 2008 x86 Runtime - (v9.0.30729)
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01" = Visual C++ 2008 x86 Runtime - v9.0.30729.01
"{F6D6B258-E3CA-4AAC-965A-68D3E3140A8C}" = iTunes
"{FA237125-51FF-408C-8BB8-30C2B3DFFF9C}" = Windows Resource Kit Tools
"504244733D18C8F63FF584AEB290E3904E791693" = Windows-Treiberpaket - Nokia pccsmcfd (08/22/2008 7.0.0.0)
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe SVG Viewer" = Adobe SVG Viewer 3.0
"BurnInTest_is1" = BurnInTest v6.0 Pro
"CANONBJ_Deinstall_CNMCP5x.DLL" = Canon i9950
"ESBCalc6_is1" = ESBCalc
"ESET Online Scanner" = ESET Online Scanner v3
"FileZilla Client" = FileZilla Client 3.2.7.1
"FotoLook3DeinstKey" = Agfa FotoLook 3.60.00
"Foxit Reader_is1" = Foxit Reader 5.1
"FreeCommander_is1" = FreeCommander 2009.02b
"FreePDF_XP" = FreePDF (Remove only)
"GPL Ghostscript 8.71" = GPL Ghostscript 8.71
"HDMI" = Intel(R) Graphics Media Accelerator Driver
"HECI" = Intel(R) Management Engine Interface
"Horlands Scan2Pdf_is1" = Horland's Scan2Pdf
"ie8" = Windows Internet Explorer 8
"ImgBurn" = ImgBurn
"Logoi Hellenikoi_is1" = Logoi Hellenikoi Version 1.1
"Macromedia Shockwave Player" = Macromedia Shockwave Player
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware Version 1.51.2.1300
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"MozBackup" = MozBackup 1.5.1
"Mozilla Firefox (3.6.25)" = Mozilla Firefox (3.6.25)
"Nmap" = Nmap 5.51
"Nokia Suite" = Nokia Suite
"NTP" = Network Time Protocol
"PDF Complete" = PDF Complete Special Edition
"Redirection Port Monitor" = RedMon - Redirection Port Monitor
"SeaMonkey (1.1.19)" = SeaMonkey (1.1.19)
"Shareaza_is1" = Shareaza Version 2.2.1.0
"SP46137" = HP Softpaq SP46137
"SpeedFan" = SpeedFan (remove only)
"Ultravnc2_is1" = UltraVNC 1.0.8.2
"ViewpointMediaPlayer" = Viewpoint Media Player
"VLC media player" = VLC media player 1.1.11
"Wdf01009" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.9
"Winamp" = Winamp
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"WinGimp-2.0_is1" = GIMP 2.6.11
"WinPcapInst" = WinPcap 4.1.2
"WinRAR archiver" = WinRAR
"Wireshark" = Wireshark 0.99.7
"WMFDist11" = Windows Media Format 11 runtime
"Wudf01009" = Microsoft User-Mode Driver Framework Feature Pack 1.9
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{8EB85C0E-DE7D-4A53-BD66-708B8F2C80B0}" = HHD Software Hex Editor Neo 4.97
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 08.02.2012 15:13:38 | Computer Name = *** | Source = NTP | ID = 1
Description = Address not found for 0.de.pool.ntp.org
Error - 08.02.2012 15:13:38 | Computer Name = *** | Source = NTP | ID = 1
Description = Address not found for 1.de.pool.ntp.org
Error - 08.02.2012 15:13:38 | Computer Name = *** | Source = NTP | ID = 1
Description = Address not found for 2.de.pool.ntp.org
Error - 08.02.2012 15:13:38 | Computer Name = *** | Source = NTP | ID = 1
Description = Address not found for 1.nl.pool.ntp.org
Error - 08.02.2012 15:13:38 | Computer Name = *** | Source = NTP | ID = 1
Description = Address not found for 2.uk.pool.ntp.org
Error - 08.02.2012 15:29:40 | Computer Name = *** | Source = NTP | ID = 1
Description = Address not found for 0.de.pool.ntp.org
Error - 08.02.2012 15:29:40 | Computer Name = *** | Source = NTP | ID = 1
Description = Address not found for 1.de.pool.ntp.org
Error - 08.02.2012 15:29:40 | Computer Name = *** | Source = NTP | ID = 1
Description = Address not found for 2.de.pool.ntp.org
Error - 08.02.2012 15:29:40 | Computer Name = *** | Source = NTP | ID = 1
Description = Address not found for 1.nl.pool.ntp.org
Error - 08.02.2012 15:29:40 | Computer Name = *** | Source = NTP | ID = 1
Description = Address not found for 2.uk.pool.ntp.org
[ System Events ]
Error - 08.02.2012 01:55:52 | Computer Name = *** | Source = Service Control Manager | ID = 7023
Description = Der Dienst "NLA (Network Location Awareness)" wurde mit folgendem
Fehler beendet: %%127
Error - 08.02.2012 01:55:52 | Computer Name = *** | Source = Service Control Manager | ID = 7023
Description = Der Dienst "NLA (Network Location Awareness)" wurde mit folgendem
Fehler beendet: %%127
Error - 08.02.2012 01:55:52 | Computer Name = *** | Source = Service Control Manager | ID = 7023
Description = Der Dienst "NLA (Network Location Awareness)" wurde mit folgendem
Fehler beendet: %%127
Error - 08.02.2012 02:14:25 | Computer Name = *** | Source = Service Control Manager | ID = 7023
Description = Der Dienst "NLA (Network Location Awareness)" wurde mit folgendem
Fehler beendet: %%127
Error - 08.02.2012 13:07:40 | Computer Name = *** | Source = Service Control Manager | ID = 7000
Description = Der Dienst "Treiber für parallelen Anschluss" wurde aufgrund folgenden
Fehlers nicht gestartet: %%1058
Error - 08.02.2012 13:07:40 | Computer Name = *** | Source = Service Control Manager | ID = 7023
Description = Der Dienst "NLA (Network Location Awareness)" wurde mit folgendem
Fehler beendet: %%127
Error - 08.02.2012 13:07:40 | Computer Name = *** | Source = Service Control Manager | ID = 7023
Description = Der Dienst "NLA (Network Location Awareness)" wurde mit folgendem
Fehler beendet: %%127
Error - 08.02.2012 13:07:40 | Computer Name = *** | Source = Service Control Manager | ID = 7023
Description = Der Dienst "NLA (Network Location Awareness)" wurde mit folgendem
Fehler beendet: %%127
Error - 08.02.2012 13:07:40 | Computer Name = *** | Source = Service Control Manager | ID = 7023
Description = Der Dienst "NLA (Network Location Awareness)" wurde mit folgendem
Fehler beendet: %%127
Error - 08.02.2012 13:07:40 | Computer Name = *** | Source = Service Control Manager | ID = 7023
Description = Der Dienst "NLA (Network Location Awareness)" wurde mit folgendem
Fehler beendet: %%127
< End of report > --- --- ---
[/code] |