sweetboy200 | 06.07.2012 13:30 | Extra TXT von OtlOTL EXTRAS Logfile: Code:
OTL Extras logfile created on: 06.07.2012 13:59:01 - Run 1
OTL by OldTimer - Version 3.2.53.1 Folder = C:\Dokumente und Einstellungen\Magda\Desktop
Windows XP Home Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
2,00 Gb Total Physical Memory | 1,28 Gb Available Physical Memory | 64,01% Memory free
3,85 Gb Paging File | 3,31 Gb Available in Paging File | 86,14% Paging File free
Paging file location(s): c:\pagefile.sys 2046 4092 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 232,88 Gb Total Space | 149,69 Gb Free Space | 64,28% Space Free | Partition Type: NTFS
Computer Name: MAGDA-JB6XZUWSQ | User Name: Magda | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.html [@ = ChromeHTML] -- C:\Programme\Google\Chrome\Application\chrome.exe (Google Inc.)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
htmlfile [edit] -- Reg Error: Key error.
http [open] -- "C:\Programme\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
https [open] -- "C:\Programme\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Programme\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Programme\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
"AntiSpywareOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1542:TCP" = 1542:TCP:*:Enabled:Realtek WPS TCP Prot
"1542:UDP" = 1542:UDP:*:Enabled:Realtek WPS UDP Prot
"53:UDP" = 53:UDP:*:Enabled:Realtek AP UDP Prot
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Programme\Opera\opera.exe" = C:\Programme\Opera\opera.exe:*:Enabled:Opera Internet Browser -- (Opera Software)
"C:\Dokumente und Einstellungen\Magda\Eigene Dateien\uTorrent-1.-6.1-Build-489.exe" = C:\Dokumente und Einstellungen\Magda\Eigene Dateien\uTorrent-1.-6.1-Build-489.exe:*:Enabled:µTorrent
"C:\Dokumente und Einstellungen\Magda\Desktop\uTorrent-1.-6.1-Build-489.exe" = C:\Dokumente und Einstellungen\Magda\Desktop\uTorrent-1.-6.1-Build-489.exe:*:Enabled:µTorrent -- ()
"C:\Programme\Java\jre6\bin\java.exe" = C:\Programme\Java\jre6\bin\java.exe:*:Enabled:Java(TM) Platform SE binary -- (Sun Microsystems, Inc.)
"C:\Programme\Java\jre6\bin\javaw.exe" = C:\Programme\Java\jre6\bin\javaw.exe:*:Enabled:Java(TM) Platform SE binary -- (Sun Microsystems, Inc.)
"C:\Programme\Microsoft Office\Office14\GROOVE.EXE" = C:\Programme\Microsoft Office\Office14\GROOVE.EXE:*:Enabled:Microsoft SharePoint Workspace -- (Microsoft Corporation)
"C:\Programme\Microsoft Office\Office14\ONENOTE.EXE" = C:\Programme\Microsoft Office\Office14\ONENOTE.EXE:*:Enabled:Microsoft OneNote -- (Microsoft Corporation)
"C:\Programme\Microsoft Office\Office14\OUTLOOK.EXE" = C:\Programme\Microsoft Office\Office14\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook -- (Microsoft Corporation)
"C:\Programme\IVT Corporation\BlueSoleil\BlueSoleil.exe" = C:\Programme\IVT Corporation\BlueSoleil\BlueSoleil.exe:*:Enabled:BlueSoleil
"C:\Programme\Windows iLivid Toolbar\Datamngr\ToolBar\dtUser.exe" = C:\Programme\Windows iLivid Toolbar\Datamngr\ToolBar\dtUser.exe:*:Enabled:DTX broker -- (Visicom Media Inc.)
"C:\WINDOWS\explorer.exe" = C:\WINDOWS\explorer.exe:*:Enabled:Windows Explorer -- (Microsoft Corporation)
"C:\Dokumente und Einstellungen\Magda\Lokale Einstellungen\Temp\KMSAct\Pack\Keygen\Keygen.exe" = C:\Dokumente und Einstellungen\Magda\Lokale Einstellungen\Temp\KMSAct\Pack\Keygen\Keygen.exe:*:Enabled:Keygen -- ()
"C:\Programme\HP\Digital Imaging\bin\hpofxm08.exe" = C:\Programme\HP\Digital Imaging\bin\hpofxm08.exe:*:Enabled:hpofxm08.exe -- (Hewlett-Packard Co.)
"C:\Programme\HP\Digital Imaging\bin\hposfx08.exe" = C:\Programme\HP\Digital Imaging\bin\hposfx08.exe:*:Enabled:hposfx08.exe -- (Hewlett-Packard Co.)
"C:\Programme\HP\Digital Imaging\bin\hposid01.exe" = C:\Programme\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe -- (Hewlett-Packard Co.)
"C:\Programme\HP\Digital Imaging\bin\hpqCopy.exe" = C:\Programme\HP\Digital Imaging\bin\hpqCopy.exe:*:Enabled:hpqcopy.exe -- (Hewlett-Packard Co.)
"C:\Programme\HP\Digital Imaging\bin\hpfccopy.exe" = C:\Programme\HP\Digital Imaging\bin\hpfccopy.exe:*:Enabled:hpfccopy.exe -- (Hewlett-Packard)
"C:\Programme\HP\Digital Imaging\bin\hpzwiz01.exe" = C:\Programme\HP\Digital Imaging\bin\hpzwiz01.exe:*:Enabled:hpzwiz01.exe -- (Hewlett-Packard Co.)
"C:\Programme\HP\Digital Imaging\Unload\HpqPhUnl.exe" = C:\Programme\HP\Digital Imaging\Unload\HpqPhUnl.exe:*:Enabled:hpqphunl.exe -- ()
"C:\Programme\HP\Digital Imaging\bin\hpoews01.exe" = C:\Programme\HP\Digital Imaging\bin\hpoews01.exe:*:Enabled:hpoews01.exe -- (Hewlett-Packard Co.)
"C:\Programme\Proxy Switcher Standard\ProxySwitcher.exe" = C:\Programme\Proxy Switcher Standard\ProxySwitcher.exe:*:Enabled:Proxy Switcher
"C:\Programme\MultiProxy\MProxy.exe" = C:\Programme\MultiProxy\MProxy.exe:*:Enabled:MultiProxy personal proxy server -- (MishkinSoft, hxxp://www.multiproxy.org)
"C:\Programme\Opera\pluginwrapper\opera_plugin_wrapper.exe" = C:\Programme\Opera\pluginwrapper\opera_plugin_wrapper.exe:*:Enabled:Opera Internet Browser - Plugin wrapper -- (Opera Software)
"C:\Programme\REALTEK\11n USB Wireless LAN Utility\RtWLan.exe" = C:\Programme\REALTEK\11n USB Wireless LAN Utility\RtWLan.exe:*:Enabled:RtWlan -- (Realtek Semiconductor Corp.)
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{01E9B2FF-DAF4-4529-9CC9-2101625517C7}" = nero.prerequisites.msi
"{034DCAF9-96E7-4936-9A07-712F80B5181E}" = Nero RescueAgent 11
"{0611BD4E-4FE4-4a62-B0C0-18A4CC463428}" = CP_Package_Variety1
"{0713D1F9-DD77-42C1-8C7D-54D479E2E743}" = Nero SoundTrax 11
"{0766C1B9-B2DC-46E5-8934-4F3D6B42B1BD}" = ICQ Sparberater
"{09984AEC-6B9F-4ca7-B78D-CB44D4771DA3}" = Destinations
"{0B33B738-AD79-4E32-90C5-E67BFB10BBFF}" = AiO_Scan
"{0D7A4289-99CF-4B8D-B812-86BE50A54552}" = Nero Video 11
"{0D8AA092-1319-40CD-99ED-47B89C52CB2B}" = MAGIX Speed burnR (MSI)
"{11D3EF85-63E1-4AE4-A7C1-9241BDB16B51}" = Nero ControlCenter 11
"{15EE79F4-4ED1-4267-9B0F-351009325D7D}" = HP Software Update
"{196467F1-C11F-4F76-858B-5812ADC83B94}" = MSXML 4.0 SP3 Parser
"{1C139D7D-9FEA-468d-A9C8-2A6E3BDE564A}" = CP_Package_Variety3
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool
"{20D4A895-748C-4D88-871C-FDB1695B0169}" = Platform
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{2436F2A8-4B7E-4B6C-AE4E-604C84AA6A4F}" = Nero Core Components 10
"{2466E904-7E48-4597-9321-722CF02930EB}" = 5600
"{26A24AE4-039D-4CA4-87B4-2F83216031FF}" = Java(TM) 6 Update 31
"{28DA7D8B-F9A4-4F18-8AA0-551B1E084D0D}" = Ralink RT2870 Wireless LAN Card
"{2CA7225D-CB12-462A-9DD1-50319E158BA5}" = Nero 11 PiP Effects Basic
"{2CADCEAB-D5DA-44D6-B5FC-7DEE87AB3C0C}" = Unload
"{2FB1052B-2F3D-48CE-A65D-006240516ECE}_is1" = Office 2010 Trial Extender
"{30C19FF2-7FBA-4d09-B9DE-1659977F64F6}" = TrayApp
"{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}" = Windows Live Communications Platform
"{350C97B3-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{390757AA-8830-43DC-AEE0-4E5B6F8439EB}" = Nero SoundTrax 11 Help (CHM)
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{45A66726-69BC-466B-A7A4-12FCBA4883D7}" = HiJackThis
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{523B2B1B-D8DB-4B41-90FF-C4D799E2758A}" = Nero ControlCenter 10 Help (CHM)
"{52809086-618D-4F0B-8BF1-B75A5BB817A4}" = Sony Ericsson PC Suite
"{52B97218-98CB-4B8B-9283-D213C85E1AA4}" = Windows Live Anmelde-Assistent
"{534803A0-780C-4011-AB72-DAAB0CB82FD6}" = O&O FormatRecovery
"{53F7746A-96AA-49A5-86B8-59989680DAC5}" = Nero Burning ROM 11 Help (CHM)
"{54E3707F-808E-4fd4-95C9-15D1AB077E5D}" = NewCopy
"{55C2143E-FBA5-442F-9AFA-726FF068F39D}" = Nero CoverDesigner 11 Help (CHM)
"{56F8AFC3-FA98-4ff1-9673-8A026CBF85BE}" = WebReg
"{57F80ECF-E27C-4EEE-AB58-E971BACE2639}" = Nero Recode 11 Help (CHM)
"{5A212B2D-140D-46F4-B625-2D1CA5A00594}" = Nero 11 Kwik Themes Basic
"{5A347920-4AFC-11D5-9FB0-800649886934}" = SDFormatter
"{5AEDCB07-25E3-4136-BE1E-BB2A2944355D}" = Game Graphic Studio
"{5B622B7A-60FB-4630-B11D-F121D20BCCD6}" = MarketResearch
"{5B79CFD1-6845-4158-9D7D-6BE89DF2C135}" = HP PSC & OfficeJet 5.3.B
"{65BB0407-4CC8-4DC7-952E-3EEFDF05602A}" = Nero Update
"{66E6CE0C-5A1E-430C-B40A-0C90FF1804A8}" = eSupportQFolder
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6AB2427E-A18F-4809-9A12-29F5EBABBB3A}" = Nero BackItUp 11 Help (CHM)
"{6BB6627C-694F-4FDC-A3E5-C7F4BED4C724}" = DocProc
"{6DFB899F-17A2-48F0-A533-ED8D6866CF38}" = Nero Control Center 10
"{6F5E2F4A-377D-4700-B0E3-8F7F7507EA15}" = CustomerResearchQFolder
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{782EA0FD-66F8-4D0F-957F-27BF3B4425FC}" = Bloom
"{7850A6D2-CBEA-4728-9877-F1BEDEA9F619}" = AiOSoftware
"{7C9B95B7-B598-4398-B30F-7F6827192E6C}" = ProductContext
"{8014FACB-1D1D-48C2-94AA-E29EE2E6B9CE}" = Nero WaveEditor 11
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{842BEE12-CCCB-43F4-ABAF-CBA6DFE2583D}" = Nero BurnLite 10
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{8777AC6D-89F9-4793-8266-DE406F343E89}" = QFolder
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90140000-0010-0407-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (German) 14
"{90140000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2010
"{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{047B0968-E622-4FAA-9B4B-121FA109EDDE}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2010
"{90140000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2010
"{90140000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2010
"{90140000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2010
"{90140000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2010
"{90140000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2010
"{90140000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2010
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2010
"{90140000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2010
"{90140000-0044-0407-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2010
"{90140000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2010
"{90140000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2010
"{90140000-00BA-0407-0000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2010
"{9193490D-5229-4FC4-9BB9-A6D63C09574A}" = High-Definition Video Playback
"{923A7F5A-1E8C-4FBE-8DF6-85940A60A79F}" = Readme
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9C049499-055C-4a0c-A916-1D12314F45EB}" = REALTEK Wireless LAN Driver and Utility
"{A195B13E-A5E3-4BAF-A995-7F70F445CD06}" = ScannerCopy
"{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}" = Segoe UI
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A5B5B6D8-DE44-44A3-90C4-8C07A1E0FAD4}" = WBFS Manager 2.5
"{A7A0BF2E-31CC-49E3-9913-52C503EB969D}" = Nero Audio Pack 1
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AB2BBC64-8AC8-4E66-BBF3-E22D5EACEECA}" = Nero BackItUp 11
"{AB5D51AE-EBC3-438D-872C-705C7C2084B0}" = DeviceManagementQFolder
"{AB627AF2-9C7E-4DBD-816B-3B2646B81E89}" = Nero BurnLite 10
"{AC76BA86-1033-F400-7760-000000000005}" = Adobe Acrobat X Pro - English, Français, Deutsch
"{AED2DD42-9853-407E-A6BC-8A1D6B715909}" = Windows Live Messenger
"{B1846721-A8E6-46C7-83B6-0DCF7ADB4267}" = Nero Burning ROM 11
"{B7E01095-8BAA-456E-8AED-504C3CCADBA0}" = Nero 11
"{B824B5C9-849F-4b9e-9EA7-6FD8CD8116DA}" = CP_Package_Variety2
"{B93DCF58-AA57-41EC-8D69-B05C66C6312D}_is1" = SUPER © v2012.build.51 (April 7, 2012) Version v2012.build.51
"{B996AE66-10DB-4ac5-B151-E8B4BFBC42FC}" = BufferChm
"{B9B1BA7F-7E07-49DD-A713-5B397A5BB66B}" = Nero Kwik Media Help (CHM)
"{BD2DA092-F254-43D0-9683-DD09840315C4}" = WISO EÜR & Kasse 2012
"{BE686891-3C56-4714-AFEF-341A7867BA80}" = REALTEK USB Wireless LAN Driver and Utility
"{BE814218-3919-4EA3-868A-2F60BC135CB4}" = Nero Kwik Media
"{BEBEE34D-84A2-4EDD-8BEA-96CC54371263}" = Nero Core Components 11
"{BFD5AC8A-5884-4da8-9873-3DF8E3DCCE18}" = 5600Trb
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C506A18C-1469-4678-B094-F4EC9DAE6DB7}" = Scan
"{C549017A-FFAB-4679-9112-26E83DD82DB5}" = Enterprise
"{C82C515A-CAE3-44B3-B5CC-81C5E4A92E8F}" = Nero Prerequisite Installer 1.0
"{CAFA57E8-8927-4912-AFCF-B0AA3837E989}" = Windows Live Essentials
"{CC7984C5-020D-4944-85A0-58D09D4A8BFB}" = 5600_Help
"{CCE210DF-7EEF-4A76-A63C-3EB091FDB992}" = welcome
"{CE24344F-DFD8-40C8-8FD8-C9740B5F25AC}" = Fax
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D01CE99A-8802-483C-A79F-298B691EB432}" = Nero RescueAgent 11 Help (CHM)
"{D2041A37-5FEC-49F0-AE5C-3F2FFDFAA4F4}" = Windows Live Call
"{D2CBEFA4-F2D3-4E97-A171-8BFD6A31A5EC}" = Nero Express 11 Help (CHM)
"{D47A1E08-B59C-4003-A2A0-DA645FA00DEA}" = MAGIX Screenshare
"{D4D66270-9147-4BDF-9946-FCA2B303AA8F}" = Nero ControlCenter 11 Help (CHM)
"{DB9E4EAB-2717-499F-8D56-4CC8A644AB60}" = MPlayer für Windows (Full Package)
"{E10AAE4A-98B8-420A-BD93-E0520C23D624}" = Nero Express 11
"{E3F90083-80D4-4b5a-87C7-E97E12F5516D}" = HPProductAssistant
"{E51BC4B0-EA5E-49CC-AF3B-93B5C627EC22}" = Nero 11 Effects Basic
"{E623BB3F-F7ED-4148-BEB5-A0D1DB28B4DE}" = Media Converter for Philips
"{E77FF215-69B6-475A-82D7-27E3FDF7D252}" = MAGIX Video Pro X3 Download-Version
"{EA103B64-C0E4-4C0E-A506-751590E1653D}" = SolutionCenter
"{EA1CB7AC-E221-4822-A789-0ADB051DC498}" = Medion Flash XL
"{EB8DED20-A887-4A9C-BB5A-F3E7523DFB44}" = Nero WaveEditor 11 Help (CHM)
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F3743A2C-5D5F-4456-8F98-5DF36A954C50}" = Nero 11 Image Samples
"{F49EF443-B2BD-4F10-8A46-87AFCDB90EDD}" = Nero 11 Disc Menus Basic
"{F4C2E5F5-2970-45f4-ABD3-C180C4D961C4}" = Status
"{F69FB940-5031-4FE8-AFAD-085802D0BF63}" = Nero Recode 11
"{F8EF9B71-53E7-41F5-8E54-47B4C979CB38}" = Nero Backup Drivers
"{FAC3C37E-EDAB-4F3A-A173-A7C70CC88F09}" = Nero Video 11 Help (CHM)
"{FB08F381-6533-4108-B7DD-039E11FBC27E}" = Realtek AC'97 Audio
"{FC3DCCA5-52FE-4BAB-B495-F3760767E4D1}" = O&O DiskRecovery
"{FE64AE29-0883-4C70-8388-DC026019C900}" = HP Image Zone Express
"{FF44BCE5-5A18-4051-85F0-BC172D7B4695}" = Nero CoverDesigner 11
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"1662586483718b296340b07084c1fddc" = Pastry Passion
"76b63e7fe0fc8747db2c74e2b5aec244" = Vacation Quest(TM) - The Hawaiian Islands
"8bb8fd233eaf13fb316b23cd49bd13cb" = Pet Shop Hop(TM)
"a8f1d0bcd4b9b29c92d0e8dc4789ae27" = SKIP-BO Castaway Caper(TM)
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"avast" = avast! Free Antivirus
"AviSynth" = AviSynth 2.5
"Debut" = Debut Video Capture Software
"ef0fb31eaa5898fd24dc211df0834426" = Spooky Mall
"Free YouTube Download_is1" = Free YouTube Download version 2.10.33.324
"Freemake Video Converter_is1" = Freemake Video Converter Version 3.0.2
"Google Chrome" = Google Chrome
"HP Imaging Device Functions" = HP Imaging Device Functions 5.3
"HP Solution Center & Imaging Support Tools" = HP Solution Center & Imaging Support Tools 5.3
"HPExtendedCapabilities" = HP Extended Capabilities 5.3
"ie8" = Windows Internet Explorer 8
"ImgBurn" = ImgBurn
"InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}" = VIA Platform Device Manager
"JDownloader" = JDownloader
"KLiteCodecPack_is1" = K-Lite Mega Codec Pack 6.9.0
"MAGIX_MSI_Videodeluxe17_pro" = MAGIX Video Pro X3 Download-Version
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Mozilla Firefox 13.0.1 (x86 de)" = Mozilla Firefox 13.0.1 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"My Farm Life 2 1.00" = My Farm Life 2 1.00
"Nero - Burning Rom!UninstallKey" = Nero OEM
"NVIDIA Drivers" = NVIDIA Drivers
"Office14.PROPLUS" = Microsoft Office Professional Plus 2010
"Opera 12.00.1467" = Opera 12.00
"PhotoScape" = PhotoScape
"SCLS" = MSU Screen Capture Lossless Codec v1.2 (Remove Only)
"Searchqu 406 MediaBar" = Windows iLivid Toolbar
"Uninstall_is1" = Uninstall 1.0.0.1
"Unlocker" = Unlocker 1.9.0
"Veetle TV" = Veetle TV 0.9.18
"VideoPad" = VideoPad Video Editor
"VLC media player" = VLC media player 1.1.7
"VLMC" = VideoLAN Movie Creator
"VobSub" = VobSub v2.23 (Remove Only)
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 2
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinRAR archiver" = WinRAR 4.10 beta 4 (32-bit)
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"XviD MPEG4 Video Codec" = XviD MPEG4 Video Codec (remove only)
"YouTube Downloader App" = YouTube Downloader App 3.00
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"PhotoFiltre" = PhotoFiltre
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 04.07.2012 04:55:45 | Computer Name = MAGDA-JB6XZUWSQ | Source = WinMgmt | ID = 10
Description = Ereignisfilter mit Abfrage "SELECT * FROM RaWLANMessageEvent" konnte
im Namespace "//./ROOT/WMI" nicht (re-)aktiviert werden aufgrund des Fehlers 0x80041010.
Ereignisse können möglicherweise nicht durch diesen Filter geschickt werden, bis
dieses Problem gelöst ist.
Error - 04.07.2012 04:55:45 | Computer Name = MAGDA-JB6XZUWSQ | Source = WinMgmt | ID = 10
Description = Ereignisfilter mit Abfrage "SELECT * FROM RaWLANMessageEvent where
InstanceName = "802.11 USB Wireless LAN Card"" konnte im Namespace "//./ROOT/WMI"
nicht (re-)aktiviert werden aufgrund des Fehlers 0x80041010. Ereignisse können möglicherweise
nicht durch diesen Filter geschickt werden, bis dieses Problem gelöst ist.
Error - 04.07.2012 05:05:12 | Computer Name = MAGDA-JB6XZUWSQ | Source = WinMgmt | ID = 10
Description = Ereignisfilter mit Abfrage "SELECT * FROM RaWLANMessageEvent" konnte
im Namespace "//./ROOT/WMI" nicht (re-)aktiviert werden aufgrund des Fehlers 0x80041010.
Ereignisse können möglicherweise nicht durch diesen Filter geschickt werden, bis
dieses Problem gelöst ist.
Error - 04.07.2012 05:59:08 | Computer Name = MAGDA-JB6XZUWSQ | Source = WinMgmt | ID = 4
Description = .MOF.Datei C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V2.0.50727\ASPNET.MOF
konnte während der Wiederherstellung der Repositorydatei nicht geladen werden.
Error - 04.07.2012 05:59:08 | Computer Name = MAGDA-JB6XZUWSQ | Source = WinMgmt | ID = 4
Description = .MOF.Datei C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V2.0.50727\CLR.MOF konnte
während der Wiederherstellung der Repositorydatei nicht geladen werden.
Error - 04.07.2012 05:59:09 | Computer Name = MAGDA-JB6XZUWSQ | Source = WinMgmt | ID = 4
Description = .MOF.Datei C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V3.0\WINDOWS COMMUNICATION
FOUNDATION\SERVICEMODEL.MOF konnte während der Wiederherstellung der Repositorydatei
nicht geladen werden.
Error - 04.07.2012 05:59:10 | Computer Name = MAGDA-JB6XZUWSQ | Source = WinMgmt | ID = 4
Description = .MOF.Datei C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V4.0.30319\MOF\SERVICEMODEL.MOF
konnte während der Wiederherstellung der Repositorydatei nicht geladen werden.
Error - 04.07.2012 05:59:11 | Computer Name = MAGDA-JB6XZUWSQ | Source = WinMgmt | ID = 4
Description = .MOF.Datei C:\76C32DAD402F3CF9EAC68C38C35798\I386\LICWMI.MOF konnte
während der Wiederherstellung der Repositorydatei nicht geladen werden.
Error - 06.07.2012 03:34:53 | Computer Name = MAGDA-JB6XZUWSQ | Source = Userenv | ID = 1512
Description = Die Registrierungsdatei konnte nicht entladen werden. Der für die
Registrierung verwendete Arbeitsspeicher wurde nicht freigegeben. Dies wird oft
durch Dienste verursacht, die unter einem Benutzerkonto ausgeführt werden. Versuchen
Sie die Dienste entweder unter dem Konto "LocalService" oder "NetworkService" auszuführen.
Wenden Sie sich an den Netzwerkadministrator, wenn das Problem weiterhin besteht.
Details - Nicht genügend Systemressourcen, um den angeforderten Dienst auszuführen.
Error - 06.07.2012 06:09:57 | Computer Name = MAGDA-JB6XZUWSQ | Source = WmiAdapter | ID = 4099
Description = Dienst konnte nicht geöffnet werden.
[ System Events ]
Error - 06.07.2012 06:08:02 | Computer Name = MAGDA-JB6XZUWSQ | Source = DCOM | ID = 10010
Description = Der Server "{9B1F122C-2982-4E91-AA8B-E071D54F2A4D}" konnte innerhalb
des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
Error - 06.07.2012 06:08:30 | Computer Name = MAGDA-JB6XZUWSQ | Source = Service Control Manager | ID = 7000
Description = Der Dienst "BlueSoleil Hid Service" wurde aufgrund folgenden Fehlers
nicht gestartet: %%2
Error - 06.07.2012 06:08:30 | Computer Name = MAGDA-JB6XZUWSQ | Source = Service Control Manager | ID = 7000
Description = Der Dienst "FABS - Helping agent for MAGIX media database" wurde aufgrund
folgenden Fehlers nicht gestartet: %%2
Error - 06.07.2012 06:08:30 | Computer Name = MAGDA-JB6XZUWSQ | Source = Service Control Manager | ID = 7000
Description = Der Dienst "LEC TranslateDotNet Server" wurde aufgrund folgenden Fehlers
nicht gestartet: %%2
Error - 06.07.2012 06:08:30 | Computer Name = MAGDA-JB6XZUWSQ | Source = Service Control Manager | ID = 7000
Description = Der Dienst "vToolbarUpdater11.1.0" wurde aufgrund folgenden Fehlers
nicht gestartet: %%2
Error - 06.07.2012 06:08:30 | Computer Name = MAGDA-JB6XZUWSQ | Source = Service Control Manager | ID = 7009
Description = Zeitüberschreitung (30000 ms) beim Verbindungsversuch mit Dienst X10
Device Network Service.
Error - 06.07.2012 06:08:30 | Computer Name = MAGDA-JB6XZUWSQ | Source = Service Control Manager | ID = 7000
Description = Der Dienst "X10 Device Network Service" wurde aufgrund folgenden Fehlers
nicht gestartet: %%1053
Error - 06.07.2012 06:09:56 | Computer Name = MAGDA-JB6XZUWSQ | Source = Service Control Manager | ID = 7022
Description = Der Dienst "Freemake Improver" wurde nicht ordnungsgemäß gestartet.
Error - 06.07.2012 06:09:56 | Computer Name = MAGDA-JB6XZUWSQ | Source = Service Control Manager | ID = 7026
Description = Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
BTHidMgr ElbyCDIO
Error - 06.07.2012 06:11:57 | Computer Name = MAGDA-JB6XZUWSQ | Source = DCOM | ID = 10010
Description = Der Server "{03CA98D6-FF5D-49B8-ABC6-03DD84127020}" konnte innerhalb
des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
< End of report > --- --- ---
und die Otl TXT.
OTL Logfile: Code:
OTL logfile created on: 06.07.2012 13:59:01 - Run 1
OTL by OldTimer - Version 3.2.53.1 Folder = C:\Dokumente und Einstellungen\Magda\Desktop
Windows XP Home Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
2,00 Gb Total Physical Memory | 1,28 Gb Available Physical Memory | 64,01% Memory free
3,85 Gb Paging File | 3,31 Gb Available in Paging File | 86,14% Paging File free
Paging file location(s): c:\pagefile.sys 2046 4092 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 232,88 Gb Total Space | 149,69 Gb Free Space | 64,28% Space Free | Partition Type: NTFS
Computer Name: MAGDA-JB6XZUWSQ | User Name: Magda | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2012.07.06 13:56:20 | 000,595,968 | ---- | M] (OldTimer Tools) -- C:\Dokumente und Einstellungen\Magda\Desktop\OTL.exe
PRC - [2012.07.03 18:21:30 | 004,273,976 | ---- | M] (AVAST Software) -- C:\Programme\AVAST Software\Avast\AvastUI.exe
PRC - [2012.07.03 18:21:29 | 000,044,808 | ---- | M] (AVAST Software) -- C:\Programme\AVAST Software\Avast\AvastSvc.exe
PRC - [2012.06.18 13:16:02 | 000,096,768 | ---- | M] (Freemake) -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe
PRC - [2012.06.16 12:30:57 | 000,874,384 | ---- | M] (Opera Software) -- C:\Programme\Opera\opera.exe
PRC - [2012.06.16 12:30:57 | 000,800,656 | ---- | M] (Opera Software) -- C:\Programme\Opera\pluginwrapper\opera_plugin_wrapper.exe
PRC - [2012.04.04 07:53:56 | 000,815,512 | ---- | M] (Adobe Systems Inc.) -- C:\Programme\Adobe\Acrobat 10.0\Acrobat\acrotray.exe
PRC - [2012.01.18 15:02:04 | 000,254,696 | ---- | M] (Sun Microsystems, Inc.) -- C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe
PRC - [2011.09.23 18:37:42 | 000,641,832 | ---- | M] (Nero AG) -- C:\Programme\Nero\Update\NASvc.exe
PRC - [2011.06.01 22:44:15 | 001,546,640 | ---- | M] (Bandoo Media, inc) -- C:\Programme\Windows iLivid Toolbar\Datamngr\datamngrUI.exe
PRC - [2011.04.11 10:41:00 | 001,044,480 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Programme\REALTEK\11n USB Wireless LAN Utility\RtWLan.exe
PRC - [2010.10.27 20:17:52 | 000,207,424 | ---- | M] (ArcSoft Inc.) -- C:\Programme\Gemeinsame Dateien\ArcSoft\Connection Service\Bin\ACDaemon.exe
PRC - [2010.08.25 12:27:44 | 000,309,824 | ---- | M] (ArcSoft Inc.) -- C:\Programme\Gemeinsame Dateien\ArcSoft\Connection Service\Bin\ArcCon.ac
PRC - [2010.07.04 21:51:26 | 000,017,408 | ---- | M] () -- C:\Programme\Unlocker\UnlockerAssistant.exe
PRC - [2010.03.18 12:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) -- C:\Programme\Gemeinsame Dateien\ArcSoft\Connection Service\Bin\ACService.exe
PRC - [2009.08.19 10:55:00 | 000,185,632 | ---- | M] (Ralink Technology, Corp.) -- C:\Programme\Ralink\Common\RaRegistry.exe
PRC - [2007.03.29 14:22:04 | 000,786,432 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Programme\REALTEK USB Wireless LAN Driver and Utility\RtWLan.exe
PRC - [2006.08.02 10:54:00 | 000,684,032 | ---- | M] (VIA Technologies, Inc.) -- C:\Programme\VIAudioi\HDADeck\HDeck.exe
PRC - [2004.09.29 13:14:36 | 000,069,632 | ---- | M] (HP) -- C:\WINDOWS\system32\HPZipm12.exe
PRC - [2004.08.04 00:57:54 | 001,035,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2002.08.28 13:43:26 | 000,073,728 | ---- | M] () -- C:\WINDOWS\Dit.exe
PRC - [2002.07.12 10:29:24 | 000,065,536 | ---- | M] () -- C:\WINDOWS\DitExp.exe
========== Modules (No Company Name) ==========
MOD - [2012.07.06 10:12:39 | 001,781,248 | ---- | M] () -- C:\Programme\AVAST Software\Avast\defs\12070600\algo.dll
MOD - [2012.07.05 21:14:14 | 001,781,248 | ---- | M] () -- C:\Programme\AVAST Software\Avast\defs\12070501\algo.dll
MOD - [2012.06.14 03:30:37 | 000,221,696 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.ServiceProce#\2516a49d10f4418f72e1c25f691815a8\System.ServiceProcess.ni.dll
MOD - [2012.06.14 03:30:25 | 000,148,480 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Configuratio#\909306caa69b55ffdce3ae5a7f6baa20\System.Configuration.Install.ni.dll
MOD - [2012.05.10 03:38:47 | 001,859,584 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Web.Services\1126dc2c152098ec23d4554405217184\System.Web.Services.ni.dll
MOD - [2012.05.10 03:38:30 | 017,996,800 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.ServiceModel\5be1370b1331393f73af710d0d71b02d\System.ServiceModel.ni.dll
MOD - [2012.05.10 03:35:08 | 001,020,928 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Runtime.Dura#\a40c42510e312339018486b1d7076e0a\System.Runtime.DurableInstancing.ni.dll
MOD - [2012.05.10 03:35:06 | 000,142,848 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\SMDiagnostics\9115e9f656b00fc4e46da91537ef1358\SMDiagnostics.ni.dll
MOD - [2012.05.10 03:35:05 | 002,637,312 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Runtime.Seri#\9bfda0add366eea12ea0402e60d01e84\System.Runtime.Serialization.ni.dll
MOD - [2012.05.10 03:10:15 | 000,980,480 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Configuration\0c8e950df17a0abec10888e8ad966cbe\System.Configuration.ni.dll
MOD - [2012.05.10 03:10:11 | 007,052,800 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Core\14ba6251d6ec84c9579ed3d3e10b30c1\System.Core.ni.dll
MOD - [2012.05.10 03:10:05 | 005,618,176 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Xml\5ee8bf77e7b3e25cdbff6e1c299574fe\System.Xml.ni.dll
MOD - [2012.05.10 03:09:56 | 009,090,560 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System\6f399163bb35597da7141ccdb7f39d16\System.ni.dll
MOD - [2012.05.10 03:09:42 | 014,412,800 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\mscorlib\3953b1d8b9b57e4957bff8f58145384e\mscorlib.ni.dll
MOD - [2012.04.04 07:54:04 | 000,019,968 | ---- | M] () -- C:\Programme\Adobe\Acrobat 10.0\Acrobat\Locale\de_DE\AcroTray.DEU
MOD - [2011.11.23 09:33:03 | 008,527,008 | ---- | M] () -- C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll
MOD - [2010.07.04 23:32:36 | 000,004,608 | ---- | M] () -- C:\Programme\Unlocker\UnlockerHook.dll
MOD - [2010.07.04 21:51:26 | 000,017,408 | ---- | M] () -- C:\Programme\Unlocker\UnlockerAssistant.exe
MOD - [2009.12.09 21:20:06 | 000,126,976 | ---- | M] () -- C:\Programme\REALTEK\11n USB Wireless LAN Utility\EnumDevLib.dll
MOD - [2007.07.12 11:11:54 | 001,163,264 | ---- | M] () -- C:\Programme\REALTEK\11n USB Wireless LAN Utility\acAuth.dll
MOD - [2006.10.26 22:30:12 | 000,131,072 | R--- | M] () -- C:\Programme\REALTEK USB Wireless LAN Driver and Utility\EnumDevLib.dll
MOD - [2006.10.22 13:22:00 | 000,212,992 | ---- | M] () -- C:\WINDOWS\system32\nvapi.dll
MOD - [2005.07.20 04:53:04 | 000,966,765 | R--- | M] () -- C:\Programme\REALTEK USB Wireless LAN Driver and Utility\acAuth.dll
MOD - [2004.08.04 00:57:26 | 000,014,336 | ---- | M] () -- C:\WINDOWS\system32\msdmo.dll
MOD - [2002.08.28 13:43:26 | 000,073,728 | ---- | M] () -- C:\WINDOWS\Dit.exe
MOD - [2002.07.12 10:29:24 | 000,065,536 | ---- | M] () -- C:\WINDOWS\DitExp.exe
========== Win32 Services (SafeList) ==========
SRV - File not found [Auto | Stopped] -- C:\Programme\Gemeinsame Dateien\AVG Secure Search\vToolbarUpdater\11.1.0\ToolbarUpdater.exe -- (vToolbarUpdater11.1.0)
SRV - File not found [Auto | Stopped] -- C:\Programme\Power Translator 12\LogoMedia TranslateDotNet Server.exe -- (LEC TranslateDotNet Server)
SRV - File not found [On_Demand | Stopped] -- C:\Programme\Gemeinsame Dateien\MAGIX Services\Database\bin\fbserver.exe -- (FirebirdServerMAGIXInstance)
SRV - File not found [Auto | Stopped] -- C:\Programme\Gemeinsame Dateien\MAGIX Services\Database\bin\FABS.exe /DisableUI -- (Fabs)
SRV - File not found [Auto | Stopped] -- C:\Programme\IVT Corporation\BlueSoleil\BTNtService.exe -- (BlueSoleil Hid Service)
SRV - File not found [On_Demand | Stopped] -- %SystemRoot%\System32\appmgmts.dll -- (AppMgmt)
SRV - [2012.07.03 18:21:29 | 000,044,808 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Programme\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2012.06.18 13:16:02 | 000,096,768 | ---- | M] (Freemake) [Auto | Running] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe -- (Freemake Improver)
SRV - [2012.06.16 17:59:51 | 000,113,120 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2011.09.23 18:37:42 | 000,641,832 | ---- | M] (Nero AG) [Auto | Running] -- C:\Programme\Nero\Update\NASvc.exe -- (NAUpdate)
SRV - [2011.06.12 11:15:00 | 031,125,880 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Microsoft Office\Office14\GROOVE.EXE -- (Microsoft SharePoint Workspace Audit Service)
SRV - [2011.03.31 18:06:55 | 000,008,192 | ---- | M] () [Auto | Stopped] -- C:\WINDOWS\system32\srvany.exe -- (KMService)
SRV - [2010.03.18 12:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) [Auto | Running] -- C:\Programme\Gemeinsame Dateien\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon)
SRV - [2010.01.09 22:37:50 | 004,640,000 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE -- (osppsvc)
SRV - [2010.01.09 21:18:00 | 000,149,352 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE -- (ose)
SRV - [2009.08.19 10:55:00 | 000,185,632 | ---- | M] (Ralink Technology, Corp.) [Auto | Running] -- C:\Programme\Ralink\Common\RaRegistry.exe -- (RalinkRegistryWriter)
SRV - [2004.09.29 13:14:36 | 000,069,632 | ---- | M] (HP) [Auto | Running] -- C:\WINDOWS\system32\HPZipm12.exe -- (Pml Driver HPZ12)
SRV - [2001.11.12 15:31:48 | 000,020,480 | ---- | M] (X10) [Auto | Stopped] -- C:\Programme\Common Files\X10\Common\X10nets.exe -- (x10nets)
========== Driver Services (SafeList) ==========
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- System32\Drivers\VcommMgr.sys -- (VcommMgr)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\VComm.sys -- (VComm)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)
DRV - File not found [Kernel | On_Demand | Stopped] -- E:\INSTALL\GMSIPCI.SYS -- (GMSIPCI)
DRV - File not found [Kernel | System | Stopped] -- System32\Drivers\ElbyCDIO.sys -- (ElbyCDIO)
DRV - File not found [Kernel | On_Demand | Stopped] -- System32\Drivers\ElbyCDFL.sys -- (ElbyCDFL)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - File not found [Kernel | Boot | Stopped] -- System32\Drivers\BTHidMgr.sys -- (BTHidMgr)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\vbtenum.sys -- (BTHidEnum)
DRV - File not found [Kernel | On_Demand | Stopped] -- System32\Drivers\btcusb.sys -- (Btcsrusb)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\btnetdrv.sys -- (BT)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\BlueletSCOAudio.sys -- (BlueletSCOAudio)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\blueletaudio.sys -- (BlueletAudio)
DRV - [2012.07.03 18:21:54 | 000,054,232 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2012.07.03 18:21:53 | 000,721,000 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\WINDOWS\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2012.07.03 18:21:53 | 000,353,688 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2012.07.03 18:21:53 | 000,097,608 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2)
DRV - [2012.07.03 18:21:53 | 000,035,928 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2012.07.03 18:21:53 | 000,021,256 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2012.07.03 18:21:52 | 000,025,256 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4)
DRV - [2011.09.09 18:50:06 | 000,114,048 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\snapman.sys -- (snapman)
DRV - [2011.07.13 13:39:10 | 000,056,496 | ---- | M] (Nero AG) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\NBVol.sys -- (NBVol)
DRV - [2011.07.13 13:39:10 | 000,012,464 | ---- | M] (Nero AG) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\NBVolUp.sys -- (NBVolUp)
DRV - [2011.05.09 17:54:02 | 000,904,680 | R--- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\rtwlanu.sys -- (RTL8192cu)
DRV - [2010.07.04 21:51:26 | 000,004,096 | ---- | M] () [Kernel | Unavailable | Unknown] -- C:\Programme\Unlocker\UnlockerDriver5.sys -- (UnlockerDriver5)
DRV - [2009.09.15 15:09:22 | 000,779,136 | ---- | M] (Ralink Technology, Corp.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\rt2870.sys -- (rt2870)
DRV - [2009.04.21 16:31:10 | 000,019,072 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\Scutum50.sys -- (Scutum50)
DRV - [2007.02.08 18:46:00 | 000,209,152 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\RTL8187B.sys -- (RTL8187B)
DRV - [2006.10.27 18:18:00 | 000,011,264 | R--- | M] (VIA Technologies,Inc) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\xfilt.sys -- (xfilt)
DRV - [2006.10.27 18:18:00 | 000,009,728 | R--- | M] (VIA Technologies, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\videX32.sys -- (videX32)
DRV - [2006.09.18 16:59:08 | 000,090,800 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\se27unic.sys -- (se27unic) Sony Ericsson Device 039 USB Ethernet Emulation SEMC39 (WDM)
DRV - [2006.09.18 16:59:02 | 000,086,560 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\SE27obex.sys -- (SE27obex)
DRV - [2006.09.18 16:59:00 | 000,018,704 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\se27nd5.sys -- (se27nd5) Sony Ericsson Device 039 USB Ethernet Emulation SEMC39 (NDIS)
DRV - [2006.09.18 16:58:58 | 000,088,688 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\SE27mgmt.sys -- (SE27mgmt) Sony Ericsson Device 039 USB WMC Device Management Drivers (WDM)
DRV - [2006.09.18 16:58:54 | 000,097,184 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\SE27mdm.sys -- (SE27mdm)
DRV - [2006.09.18 16:58:52 | 000,009,360 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\SE27mdfl.sys -- (SE27mdfl)
DRV - [2006.09.18 16:58:48 | 000,061,600 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\SE27bus.sys -- (SE27bus) Sony Ericsson Device 039 Driver driver (WDM)
DRV - [2006.08.02 10:54:00 | 000,137,216 | ---- | M] (VIA Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\viahduaa.sys -- (HdAudAddService)
DRV - [2006.04.28 16:34:00 | 000,882,688 | R--- | M] (Philips Semiconductors GmbH) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\3xHybrid.sys -- (3xHybrid)
DRV - [2005.11.28 12:45:16 | 000,007,040 | ---- | M] (X10 Wireless Technology, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\x10hid.sys -- (X10Hid)
DRV - [2005.11.21 07:48:21 | 000,016,512 | ---- | M] (Adaptec) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\ASPI32.SYS -- (Aspi32)
DRV - [2004.08.03 23:10:14 | 000,015,360 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mpe.sys -- (MPE)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = MSN Deutschland: Hotmail, Skype Download und Messenger sowie Nachrichten, Unterhaltung, Video, Sport, Lifestyle, Finanzen, Auto uvm. bei MSN
IE - HKCU\..\SearchScopes,DefaultScope = {95B7759C-8C7F-4BF1-B163-73684A933233}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{0D7562AE-8EF6-416d-A838-AB665251703A}: "URL" = hxxp://start.facemoods.com/?a=ddr&s={searchTerms}&f=4
IE - HKCU\..\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}: "URL" = hxxp://search.icq.com/search/results.php?q={searchTerms}&ch_id=osd
IE - HKCU\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" = hxxp://isearch.avg.com/search?cid={ADEDAB5B-D470-4E11-8164-B106A48AA728}&mid=947ddedc843447d09bd9d1565958edcd-b9d74365be10560b1ed3ef72a75f5b02b133f19d&lang=de&ds=od011&pr=sa&d=2012-04-29 20:59:46&v=11.0.0.9&sap=dsp&q={searchTerms}
IE - HKCU\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3214568
IE - HKCU\..\SearchScopes\{D743CDBF-C0B2-45B9-AC39-CC580B5C5860}: "URL" = hxxp://de.search.yahoo.com/search?p={searchterms}&ei=UTF-8&fr=w3i&type=W3i_DS,105,0_0,Search,20110209,16991,0,6,0
IE - HKCU\..\SearchScopes\{E95191F7-FB51-4B45-AB8A-A6C4DD4BAF72}: "URL" = hxxp://search.softonic.com/MON00016/tb_v1?q={searchTerms}&SearchSource=4&cc=
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = ftp=98.248.192.55:5047;http=98.248.192.55:5047;https=98.248.192.55:5047
========== FireFox ==========
FF - prefs.js..browser.search.defaultenginename: "ICQ Search"
FF - prefs.js..browser.search.defaultthis.engineName: "FreeMake Customized Web Search"
FF - prefs.js..browser.search.defaulturl: "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3214568&SearchSource=3&q={searchTerms}"
FF - prefs.js..browser.search.order.1: "Search Results"
FF - prefs.js..browser.search.selectedEngine: "AVG Secure Search"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "hxxp://www.searchqu.com/406"
FF - prefs.js..extensions.enabledItems: quickstores@quickstores.de:1.1.0
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: ffxtlbr@Facemoods.com:1.2.1
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: web2pdfextension@web2pdf.adobedotcom:1.0
FF - prefs.js..extensions.enabledItems: {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.8.3
FF - prefs.js..extensions.enabledItems: {ACAA314B-EEBA-48e4-AD47-84E31C44796C}:1.0.1
FF - prefs.js..extensions.enabledItems: {B728AB94-9BC7-49b7-B76A-422BB31B2FD0}:2.0.0.8
FF - prefs.js..keyword.URL: "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3228034&SearchSource=2&q="
FF - prefs.js..network.proxy.MM3ProxySwitch.type: 0
FF - prefs.js..network.proxy.http: "109.205.113.118"
FF - prefs.js..network.proxy.http_port: 80
FF - prefs.js..network.proxy.type: 0
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Programme\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Programme\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@Nero.com/KM: C:\PROGRA~1\GEMEIN~1\Nero\BROWSE~1\NPBROW~1.DLL (Nero AG)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Programme\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Programme\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@veetle.com/veetleCorePlugin,version=0.9.18: C:\Programme\Veetle\plugins\npVeetle.dll (Veetle Inc)
FF - HKLM\Software\MozillaPlugins\@veetle.com/veetlePlayerPlugin,version=0.9.18: C:\Programme\Veetle\Player\npvlc.dll (Veetle Inc)
FF - HKLM\Software\MozillaPlugins\@zylom.com/ZylomGamesPlayer: C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Zylom\ZylomGamesPlayer\npzylomgamesplayer.dll (Zylom)
FF - HKLM\Software\MozillaPlugins\Adobe Acrobat: C:\Programme\Adobe\Acrobat 10.0\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\web2pdfextension@web2pdf.adobedotcom: C:\Programme\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn [2012.04.27 14:43:06 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{B728AB94-9BC7-49b7-B76A-422BB31B2FD0}: C:\Programme\ArcSoft\Media Converter for Philips\Internet Video Downloader\Plugin_FireFox [2011.03.02 14:48:01 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\wrc@avast.com: C:\Programme\AVAST Software\Avast\WebRep\FF [2012.07.06 07:58:10 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\fmconverter@gmail.com: C:\Programme\Freemake\Freemake Video Converter\BrowserPlugin\Firefox\
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Components: C:\Programme\Mozilla Firefox\components [2012.06.16 17:59:52 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Plugins: C:\Programme\Mozilla Firefox\plugins [2012.04.27 14:43:24 | 000,000,000 | ---D | M]
[2011.07.27 12:07:06 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\Magda\Anwendungsdaten\Mozilla\Extensions
[2011.05.16 18:54:35 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\Magda\Anwendungsdaten\Mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}
[2012.06.23 19:53:49 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\Magda\Anwendungsdaten\Mozilla\Firefox\Profiles\03h8zxh7.default\extensions
[2011.02.26 13:11:59 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Dokumente und Einstellungen\Magda\Anwendungsdaten\Mozilla\Firefox\Profiles\03h8zxh7.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2012.03.28 20:12:29 | 000,000,000 | ---D | M] ("ICQ Toolbar") -- C:\Dokumente und Einstellungen\Magda\Anwendungsdaten\Mozilla\Firefox\Profiles\03h8zxh7.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
[2011.07.27 12:06:54 | 000,000,000 | ---D | M] (Searchqu Toolbar) -- C:\Dokumente und Einstellungen\Magda\Anwendungsdaten\Mozilla\Firefox\Profiles\03h8zxh7.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}
[2011.02.26 15:41:27 | 000,000,000 | ---D | M] ("DVDVideoSoft Menu") -- C:\Dokumente und Einstellungen\Magda\Anwendungsdaten\Mozilla\Firefox\Profiles\03h8zxh7.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
[2012.06.20 11:32:48 | 000,000,000 | ---D | M] (FreeMake Community Toolbar) -- C:\Dokumente und Einstellungen\Magda\Anwendungsdaten\Mozilla\Firefox\Profiles\03h8zxh7.default\extensions\{adca5064-9e30-43fe-9856-58b07a3149fe}
[2012.03.29 21:20:31 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Dokumente und Einstellungen\Magda\Anwendungsdaten\Mozilla\Firefox\Profiles\03h8zxh7.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2011.05.27 20:06:12 | 000,000,000 | ---D | M] (IMinent Toolbar) -- C:\Dokumente und Einstellungen\Magda\Anwendungsdaten\Mozilla\Firefox\Profiles\03h8zxh7.default\extensions\{C9B68337-E93A-44EA-94DC-CB300EC06444}
[2012.06.18 14:42:24 | 000,000,000 | ---D | M] (softonic.com) -- C:\Dokumente und Einstellungen\Magda\Anwendungsdaten\Mozilla\Firefox\Profiles\03h8zxh7.default\extensions\ffxtlbra@softonic.com
[2012.06.07 08:13:41 | 000,000,000 | ---D | M] (MM3-ProxySwitch) -- C:\Dokumente und Einstellungen\Magda\Anwendungsdaten\Mozilla\Firefox\Profiles\03h8zxh7.default\extensions\ProxySwitch@MM3Tools.com
[2012.06.14 16:03:04 | 000,000,919 | ---- | M] () -- C:\Dokumente und Einstellungen\Magda\Anwendungsdaten\Mozilla\Firefox\Profiles\03h8zxh7.default\searchplugins\conduit.xml
[2012.07.01 21:22:18 | 000,000,950 | ---- | M] () -- C:\Dokumente und Einstellungen\Magda\Anwendungsdaten\Mozilla\Firefox\Profiles\03h8zxh7.default\searchplugins\icqplugin-1.xml
[2012.02.18 11:57:54 | 000,000,950 | ---- | M] () -- C:\Dokumente und Einstellungen\Magda\Anwendungsdaten\Mozilla\Firefox\Profiles\03h8zxh7.default\searchplugins\icqplugin-2.xml
[2012.02.29 17:38:59 | 000,000,950 | ---- | M] () -- C:\Dokumente und Einstellungen\Magda\Anwendungsdaten\Mozilla\Firefox\Profiles\03h8zxh7.default\searchplugins\icqplugin-3.xml
[2012.04.29 21:00:22 | 000,000,950 | ---- | M] () -- C:\Dokumente und Einstellungen\Magda\Anwendungsdaten\Mozilla\Firefox\Profiles\03h8zxh7.default\searchplugins\icqplugin-4.xml
[2012.06.07 16:11:38 | 000,000,950 | ---- | M] () -- C:\Dokumente und Einstellungen\Magda\Anwendungsdaten\Mozilla\Firefox\Profiles\03h8zxh7.default\searchplugins\icqplugin-5.xml
[2012.06.16 18:00:14 | 000,000,950 | ---- | M] () -- C:\Dokumente und Einstellungen\Magda\Anwendungsdaten\Mozilla\Firefox\Profiles\03h8zxh7.default\searchplugins\icqplugin-6.xml
[2012.06.20 11:50:45 | 000,000,950 | ---- | M] () -- C:\Dokumente und Einstellungen\Magda\Anwendungsdaten\Mozilla\Firefox\Profiles\03h8zxh7.default\searchplugins\icqplugin-7.xml
[2012.01.31 09:06:19 | 000,001,056 | ---- | M] () -- C:\Dokumente und Einstellungen\Magda\Anwendungsdaten\Mozilla\Firefox\Profiles\03h8zxh7.default\searchplugins\icqplugin.xml
[2011.06.19 19:42:35 | 000,005,117 | ---- | M] () -- C:\Dokumente und Einstellungen\Magda\Anwendungsdaten\Mozilla\Firefox\Profiles\03h8zxh7.default\searchplugins\search.xml
[2011.07.27 12:06:40 | 000,002,501 | ---- | M] () -- C:\Dokumente und Einstellungen\Magda\Anwendungsdaten\Mozilla\Firefox\Profiles\03h8zxh7.default\searchplugins\SearchResults.xml
[2012.02.01 14:59:45 | 000,002,060 | ---- | M] () -- C:\Dokumente und Einstellungen\Magda\Anwendungsdaten\Mozilla\Firefox\Profiles\03h8zxh7.default\searchplugins\softonic.xml
[2012.02.29 17:14:26 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
[2011.02.21 15:34:17 | 000,000,000 | ---D | M] (QuickStores-Toolbar) -- C:\Programme\Mozilla Firefox\extensions\quickstores@quickstores.de
[2012.06.23 19:53:49 | 000,015,979 | ---- | M] () (No name found) -- C:\DOKUMENTE UND EINSTELLUNGEN\MAGDA\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\03H8ZXH7.DEFAULT\EXTENSIONS\ELITEPROXYSWITCHER@MY-PROXY.COM.XPI
[2011.08.17 20:08:58 | 000,025,939 | ---- | M] () (No name found) -- C:\DOKUMENTE UND EINSTELLUNGEN\MAGDA\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\03H8ZXH7.DEFAULT\EXTENSIONS\FFXTLBR@FACEMOODS.COM.XPI
[2012.06.16 17:59:52 | 000,085,472 | ---- | M] (Mozilla Foundation) -- C:\Programme\mozilla firefox\components\browsercomps.dll
[2012.02.16 16:17:54 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Programme\mozilla firefox\plugins\npdeployJava1.dll
[2006.09.26 12:03:14 | 000,098,304 | ---- | M] (Zylom) -- C:\Programme\mozilla firefox\plugins\npzylomgamesplayer.dll
[2012.02.16 13:02:53 | 000,001,392 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012.06.14 03:42:58 | 000,003,768 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\avg-secure-search.xml
[2012.02.16 12:48:01 | 000,002,252 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\bing.xml
[2012.02.16 13:02:53 | 000,001,153 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\eBay-de.xml
[2011.02.22 21:17:00 | 000,002,046 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\fcmdSrchddr.xml
[2012.02.16 13:02:53 | 000,006,805 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\leo_ende_de.xml
[2010.04.12 14:01:50 | 000,005,495 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\SearchquWebSearch.xml
[2011.07.27 12:06:40 | 000,002,501 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\SearchResults.xml
[2012.02.16 13:02:53 | 000,001,178 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\wikipedia-de.xml
[2012.02.16 13:02:53 | 000,001,105 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\yahoo-de.xml
========== Chrome ==========
CHR - default_search_provider: Conduit (Enabled)
CHR - default_search_provider: search_url = hxxp://search.conduit.com/Results.aspx?q={searchTerms}&SearchSource=49&ctid=CT3214568
CHR - default_search_provider: suggest_url = Suche
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Programme\Google\Chrome\Application\20.0.1132.47\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Programme\Google\Chrome\Application\20.0.1132.47\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Programme\Google\Chrome\Application\20.0.1132.47\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Programme\Adobe\Acrobat 10.0\Acrobat\Browser\nppdf32.dll
CHR - plugin: Microsoft\u00AE Windows Media Player Firefox Plugin (Enabled) = C:\Programme\Mozilla Firefox\plugins\np-mswmp.dll
CHR - plugin: Java Deployment Toolkit 6.0.310.5 (Enabled) = C:\Programme\Mozilla Firefox\plugins\npdeployJava1.dll
CHR - plugin: Java(TM) Platform SE 6 U31 (Enabled) = C:\Programme\Java\jre6\bin\plugin2\npjp2.dll
CHR - plugin: Zylom Plugin (Enabled) = C:\Programme\Mozilla Firefox\plugins\npzylomgamesplayer.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Programme\Windows Media Player\npdrmv2.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Programme\Windows Media Player\npwmsdrm.dll
CHR - plugin: Nero Kwik Media Helper (Enabled) = C:\PROGRA~1\GEMEIN~1\Nero\BROWSE~1\NPBROW~1.DLL
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL
CHR - plugin: Google Update (Enabled) = C:\Programme\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: Veetle TV Player (Enabled) = C:\Programme\Veetle\Player\npvlc.dll
CHR - plugin: Veetle TV Core (Enabled) = C:\Programme\Veetle\plugins\npVeetle.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Programme\Microsoft Silverlight\5.1.10411.0\npctrl.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - Extension: YouTube = C:\Dokumente und Einstellungen\Magda\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Google-Suche = C:\Dokumente und Einstellungen\Magda\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: FreeMake = C:\Dokumente und Einstellungen\Magda\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\kgficikadnmmefckdecajlmffkbagomp\2.3.15.10_0\
CHR - Extension: Google Mail = C:\Dokumente und Einstellungen\Magda\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
O1 HOSTS File: ([2011.02.23 11:06:46 | 000,000,850 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 activate.adobe.com
O2 - BHO: (ICQ Sparberater) - {0766C1B9-B2DC-46E5-8934-4F3D6B42B1BD} - C:\Programme\icq\Internet Explorer\icq.dll (solute gmbh)
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Programme\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Programme\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Searchqu Toolbar) - {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\Programme\Windows iLivid Toolbar\Datamngr\ToolBar\searchqudtx.dll ()
O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Programme\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (SmartSelect Class) - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Programme\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [Acrobat Assistant 8.0] C:\Programme\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe (Adobe Systems Inc.)
O4 - HKLM..\Run: [Adobe Acrobat Speed Launcher] C:\Programme\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Adobe ARM] C:\Programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [ArcSoft Connection Service] C:\Programme\Gemeinsame Dateien\ArcSoft\Connection Service\Bin\ACDaemon.exe (ArcSoft Inc.)
O4 - HKLM..\Run: [avast] C:\Programme\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [BCSSync] C:\Programme\Microsoft Office\Office14\BCSSync.exe (Microsoft Corporation)
O4 - HKLM..\Run: [BluetoothAuthenticationAgent] C:\WINDOWS\System32\bthprops.cpl (Microsoft Corporation)
O4 - HKLM..\Run: [DATAMNGR] C:\Programme\Windows iLivid Toolbar\Datamngr\datamngrUI.exe (Bandoo Media, inc)
O4 - HKLM..\Run: [Dit] C:\WINDOWS\Dit.exe ()
O4 - HKLM..\Run: [HDAudDeck] C:\Programme\VIAudioi\HDADeck\HDeck.exe (VIA Technologies, Inc.)
O4 - HKLM..\Run: [Iminent.Notifier] C:\Programme\Iminent\SearchTheWeb\Iminent.Notifier.exe File not found
O4 - HKLM..\Run: [MPlayerForWindows_UpdateReminder] C:\Programme\MPlayer für Windows\AutoUpdate.exe ()
O4 - HKLM..\Run: [NBAgent] C:\Programme\Nero\Nero 11\Nero BackItUp\NBAgent.exe (Nero AG)
O4 - HKLM..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe (Ahead Software Gmbh)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe ()
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [UnlockerAssistant] C:\Programme\Unlocker\UnlockerAssistant.exe ()
O4 - HKCU..\Run: [Adobe Acrobat Synchronizer] C:\Programme\Adobe\Acrobat 10.0\Acrobat\AdobeCollabSync.exe (Adobe Systems Incorporated)
O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\Ralink Wireless Utility.lnk = C:\Programme\Ralink\Common\RaUI.exe (Ralink Technology, Corp.)
O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\REALTEK 11n USB Wireless LAN Utility.lnk = C:\Programme\REALTEK\11n USB Wireless LAN Utility\RtWLan.exe (Realtek Semiconductor Corp.)
O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\REALTEK USB Wireless LAN Utility.lnk = C:\Programme\REALTEK USB Wireless LAN Driver and Utility\RtWLan.exe (Realtek Semiconductor Corp.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 177
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 177
O8 - Extra context menu item: An OneNote s&enden - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O8 - Extra context menu item: An vorhandene PDF-Datei anfügen - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: In Adobe PDF konvertieren - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Linkziel an vorhandene PDF-Datei anhängen - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Linkziel in Adobe PDF konvertieren - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Nach Microsoft E&xcel exportieren - C:\Programme\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 File not found
O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: DirectAnimation Java Classes file://C:\WINDOWS\Java\classes\dajava.cab (Reg Error: Key error.)
O16 - DPF: Microsoft XML Parser for Java file://C:\WINDOWS\Java\classes\xmldso.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{BFBCF5E6-5632-4B4C-8156-ED86C0912841}: DhcpNameServer = 192.168.178.1
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O24 - Desktop Components:0 (Die derzeitige Homepage) - About:Home
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Programme\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2011.02.21 14:42:09 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Microsoft VM
ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608555} - Internet Explorer Classes for Java
ActiveX: {10072CEC-8CC1-11D1-986E-00A0C955B42F} - Vektorgrafik-Rendering (VML)
ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - NetShow
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 6.4
ActiveX: {283807B5-2C60-11D0-A31D-00AA00B92C03} - DirectAnimation
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {36f8ec70-c29a-11d1-b5c7-0000f8051515} - Dynamic HTML-Datenbindung für Java
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offlinebrowsingpaket
ActiveX: {3bf42070-b3b1-11d1-b5c5-0000f8051515} - Uniscribe
ActiveX: {3C3901C5-3455-3E0A-A214-0B093A5070A6} - .NET Framework
ActiveX: {4278c270-a269-11d1-b5bf-0000f8051515} - Erweitertes Authoring
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install
ActiveX: {44BBA842-CC51-11CF-AAFA-00AA00B6015B} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT
ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - DirectShow
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer-Hilfe
ActiveX: {4f216970-c90c-11d1-b5c7-0000f8051515} - DirectAnimation Java Classes
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5056b317-8d4c-43ee-8543-b9d1e234b8f4} - Sicherheitsupdate für Windows XP (KB923789)
ActiveX: {5945c046-1e7d-11d1-bc44-00c04fd912be} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser
ActiveX: {5A8D6EE0-3E18-11D0-821E-444553540000} - ICW
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsererweiterungen
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - Zugang zu MSN Site
ActiveX: {7131646D-CD3C-40F4-97B9-CD9E4E6262EF} - .NET Framework
ActiveX: {73fa19d0-2d75-11d2-995d-00c04f98bbc9} - Web Folders
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - %SystemRoot%\system32\ie4uinit.exe
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - c:\WINDOWS\system32\Rundll32.exe c:\WINDOWS\system32\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML-Datenbindung
ActiveX: {C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F} - .NET Framework
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer-Hauptschriftarten
ActiveX: {CC2A9BA0-3BDD-11D0-821E-444553540000} - Taskplaner
ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1
ActiveX: {D27CDB6E-AE6D-11cf-96B8-444553540000} - Macromedia Shockwave Flash
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML-Hilfe
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: <{12d0ed0d-0ee0-4f90-8827-78cefb8f4988} - C:\WINDOWS\system32\ieudinit.exe
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\WINDOWS\inf\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - %systemroot%\system32\shmgrate.exe OCInstallUserConfigIE
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP
ActiveX: >{881dd1c5-3dcf-431b-b061-f3f88e8be88a} - %systemroot%\system32\shmgrate.exe OCInstallUserConfigOE
NetSvcs: 6to4 - File not found
NetSvcs: AppMgmt - %SystemRoot%\System32\appmgmts.dll File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found
MsConfig - StartUpReg: Acrobat Assistant 8.0 - hkey= - key= - C:\Programme\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe (Adobe Systems Inc.)
MsConfig - StartUpReg: Acronis Scheduler2 Service - hkey= - key= - File not found
MsConfig - StartUpReg: Adobe Acrobat Speed Launcher - hkey= - key= - C:\Programme\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe (Adobe Systems Incorporated)
MsConfig - StartUpReg: Adobe ARM - hkey= - key= - C:\Programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
MsConfig - StartUpReg: Duden Korrektor SysTray - hkey= - key= - File not found
MsConfig - StartUpReg: msnmsgr - hkey= - key= - C:\Programme\Windows Live\Messenger\msnmsgr.exe (Microsoft Corporation)
MsConfig - StartUpReg: NeroCheck - hkey= - key= - File not found
MsConfig - StartUpReg: SAOB Monitor - hkey= - key= - File not found
MsConfig - StartUpReg: Sony Ericsson PC Suite - hkey= - key= - C:\Programme\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe (Sony Ericsson Mobile Communications AB)
MsConfig - StartUpReg: TrueImageMonitor.exe - hkey= - key= - File not found
MsConfig - State: "system.ini" - 0
MsConfig - State: "win.ini" - 0
MsConfig - State: "bootini" - 0
MsConfig - State: "services" - 0
MsConfig - State: "startup" - 2
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
========== Files/Folders - Created Within 30 Days ==========
[2012.07.06 13:56:19 | 000,595,968 | ---- | C] (OldTimer Tools) -- C:\Dokumente und Einstellungen\Magda\Desktop\OTL.exe
[2012.07.06 12:04:53 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\REALTEK 11n USB Wireless LAN Utility
[2012.07.06 12:03:55 | 000,000,000 | ---D | C] -- C:\WINDOWS\OPTIONS
[2012.07.06 12:03:24 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\RtlGina
[2012.07.06 12:03:24 | 000,000,000 | ---D | C] -- C:\Programme\REALTEK
[2012.07.06 10:03:17 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Google Chrome
[2012.07.06 09:17:19 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Magda\Anwendungsdaten\Malwarebytes
[2012.07.06 09:17:04 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Malwarebytes
[2012.07.05 21:13:03 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Magda\Startmenü\Programme\HiJackThis
[2012.07.05 21:13:02 | 000,000,000 | ---D | C] -- C:\Programme\Trend Micro
[2012.07.05 13:05:49 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Magda\Desktop\Ice.Age.4.Voll.verschoben.TS.LD.German.XViD-AOE
[2012.07.04 22:51:16 | 000,000,000 | ---D | C] -- C:\WINDOWS\Prefetch
[2012.07.04 11:22:24 | 000,000,000 | -H-D | C] -- C:\WINDOWS\$NtServicePackUninstall$
[2012.07.04 10:21:41 | 000,081,408 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia330.dll
[2012.07.04 10:21:41 | 000,081,408 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia001.dll
[2012.07.04 10:21:41 | 000,026,624 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rw330ext.dll
[2012.07.04 10:20:44 | 000,054,528 | ---- | C] (Philips Semiconductors GmbH) -- C:\WINDOWS\System32\dllcache\cap7146.sys
[2012.07.04 08:19:56 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Magda\WINDOWS
[2012.07.04 08:19:23 | 000,000,000 | ---D | C] -- C:\Programme\Realtek Sound Manager
[2012.07.04 08:19:23 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Realtek Sound Manager
[2012.07.04 08:19:21 | 000,000,000 | ---D | C] -- C:\Programme\AvRack
[2012.07.03 21:07:35 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Magda\Desktop\test drive ferrari
[2012.07.01 12:35:46 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\avast! Free Antivirus
[2012.06.22 10:21:44 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Magda\Desktop\musik
[2012.06.20 11:49:56 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Magda\Eigene Dateien\Freemake
[2012.06.20 11:49:54 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Magda\Startmenü\Programme\Freemake
[2012.06.20 11:49:51 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Freemake
[2012.06.20 11:49:50 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Freemake
[2012.06.20 11:49:32 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Magda\Lokale Einstellungen\Anwendungsdaten\CRE
[2012.06.20 11:32:41 | 000,000,000 | ---D | C] -- C:\Programme\Conduit
[2012.06.18 22:11:36 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Magda\Anwendungsdaten\Crown
[2012.06.18 22:11:36 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Crown
[2012.06.16 19:38:00 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Magda\Desktop\videoprogramm
[2012.06.16 14:25:41 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Magda\Eigene Dateien\MAGIX Downloads
[2012.06.16 14:25:40 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Magda\Eigene Dateien\MAGIX
[2012.06.16 14:15:30 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Magda\Lokale Einstellungen\Anwendungsdaten\MAGIX
[2012.06.16 14:15:29 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Magda\Eigene Dateien\MAGIX_MusicEditor
[2012.06.16 14:15:26 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Magda\Lokale Einstellungen\Anwendungsdaten\Xara
[2012.06.16 14:15:22 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Magda\Anwendungsdaten\MAGIX
[2012.06.16 14:13:45 | 000,000,000 | ---D | C] -- C:\Programme\Gemeinsame Dateien\MAGIX Shared
[2012.06.16 14:12:10 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\MAGIX
[2012.06.16 14:11:51 | 000,000,000 | ---D | C] -- C:\Programme\MAGIX
[2012.06.16 14:11:33 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\MAGIX
[2012.06.16 13:50:44 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Magda\Startmenü\Programme\VideoLAN Movie Creator
[2012.06.16 13:47:30 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Magda\Lokale Einstellungen\Anwendungsdaten\WMTools Downloaded Files
[2012.06.16 13:42:00 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Magda\Lokale Einstellungen\Anwendungsdaten\Deshaker
[2012.06.14 03:43:27 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\cache
[2012.06.10 20:57:11 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Sandlot Games
[2011.11.13 12:40:50 | 000,047,360 | ---- | C] (VSO Software) -- C:\Dokumente und Einstellungen\Magda\Anwendungsdaten\pcouffin.sys
[3 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[10 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2012.07.06 13:56:20 | 000,595,968 | ---- | M] (OldTimer Tools) -- C:\Dokumente und Einstellungen\Magda\Desktop\OTL.exe
[2012.07.06 13:11:00 | 000,001,088 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2012.07.06 12:11:00 | 000,000,308 | -H-- | M] () -- C:\WINDOWS\tasks\avast! Emergency Update.job
[2012.07.06 12:10:15 | 000,087,882 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
[2012.07.06 12:08:48 | 000,001,084 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2012.07.06 12:08:28 | 000,000,266 | ---- | M] () -- C:\WINDOWS\tasks\AutoKMS.job
[2012.07.06 12:08:25 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2012.07.06 12:04:53 | 000,001,788 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\REALTEK 11n USB Wireless LAN Utility.lnk
[2012.07.06 10:41:40 | 000,558,133 | ---- | M] () -- C:\WINDOWS\System32\sqlite3.dll
[2012.07.06 10:03:17 | 000,001,789 | ---- | M] () -- C:\Dokumente und Einstellungen\Magda\Desktop\Google Chrome.lnk
[2012.07.06 08:16:03 | 000,002,431 | ---- | M] () -- C:\Dokumente und Einstellungen\Magda\Desktop\HiJackThis.lnk
[2012.07.06 07:58:12 | 000,003,001 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2012.07.05 19:19:48 | 000,000,116 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2012.07.05 19:19:47 | 000,005,632 | ---- | M] () -- C:\Dokumente und Einstellungen\Magda\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012.07.05 17:57:26 | 000,000,614 | ---- | M] () -- C:\WINDOWS\wiso.ini
[2012.07.05 17:57:18 | 000,427,339 | ---- | M] () -- C:\Dokumente und Einstellungen\Magda\Desktop\Schütte, Magdalena2012.eur2012
[2012.07.05 13:25:07 | 000,023,392 | ---- | M] () -- C:\WINDOWS\System32\nscompat.tlb
[2012.07.05 13:25:07 | 000,016,832 | ---- | M] () -- C:\WINDOWS\System32\amcompat.tlb
[2012.07.05 13:23:44 | 000,316,640 | ---- | M] () -- C:\WINDOWS\WMSysPr9.prx
[2012.07.05 13:21:12 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2012.07.04 12:17:37 | 000,000,217 | RHS- | M] () -- C:\boot.ini
[2012.07.04 12:00:07 | 000,004,635 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2012.07.04 12:00:05 | 000,496,464 | ---- | M] () -- C:\WINDOWS\System32\perfh007.dat
[2012.07.04 12:00:05 | 000,476,154 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2012.07.04 12:00:05 | 000,092,222 | ---- | M] () -- C:\WINDOWS\System32\perfc007.dat
[2012.07.04 12:00:05 | 000,077,188 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2012.07.04 11:56:48 | 000,355,360 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2012.07.04 11:34:36 | 000,000,375 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.ics
[2012.07.04 11:25:07 | 000,251,184 | RHS- | M] () -- C:\ntldr
[2012.07.04 11:25:07 | 000,047,564 | RHS- | M] () -- C:\NTDETECT.COM
[2012.07.04 10:32:14 | 000,025,065 | ---- | M] () -- C:\WINDOWS\System32\wmpscheme.xml
[2012.07.04 10:26:03 | 000,000,293 | ---- | M] () -- C:\WINDOWS\System32\$winnt$.inf
[2012.07.04 10:20:19 | 000,299,552 | ---- | M] () -- C:\WINDOWS\WMSysPrx.prx
[2012.07.04 10:20:09 | 000,004,161 | ---- | M] () -- C:\WINDOWS\ODBCINST.INI
[2012.07.04 10:18:50 | 000,022,908 | ---- | M] () -- C:\WINDOWS\System32\emptyregdb.dat
[2012.07.04 09:46:06 | 000,000,671 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\Ralink Wireless Utility.lnk
[2012.07.04 09:44:43 | 000,669,080 | ---- | M] () -- C:\WINDOWS\setupapi.old
[2012.07.04 08:03:25 | 000,001,903 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\REALTEK USB Wireless LAN Utility.lnk
[2012.07.03 18:21:54 | 000,054,232 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys
[2012.07.03 18:21:53 | 000,721,000 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSnx.sys
[2012.07.03 18:21:53 | 000,353,688 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSP.sys
[2012.07.03 18:21:53 | 000,097,608 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys
[2012.07.03 18:21:53 | 000,089,624 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon.sys
[2012.07.03 18:21:53 | 000,035,928 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys
[2012.07.03 18:21:53 | 000,021,256 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys
[2012.07.03 18:21:52 | 000,025,256 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys
[2012.07.03 18:21:32 | 000,041,224 | ---- | M] (AVAST Software) -- C:\WINDOWS\avastSS.scr
[2012.07.03 18:21:28 | 000,227,648 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\aswBoot.exe
[2012.07.03 07:10:00 | 015,904,509 | ---- | M] () -- C:\Dokumente und Einstellungen\Magda\Desktop\Calle Latina feat Crovack - Bonita (Summer Love) (Video Oficial).mp4
[2012.07.02 12:47:19 | 000,000,142 | ---- | M] () -- C:\Dokumente und Einstellungen\Magda\Desktop\verkleinerer.set
[2012.06.20 14:17:23 | 000,012,811 | ---- | M] () -- C:\Dokumente und Einstellungen\Magda\Eigene Dateien\speeddial.ini
[2012.06.20 11:49:54 | 000,000,945 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Freemake Video Converter.lnk
[2012.06.19 13:44:02 | 000,000,272 | ---- | M] () -- C:\WINDOWS\tasks\videopadShakeIcon.job
[2012.06.16 18:50:28 | 000,002,715 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Nero Video 11.lnk
[2012.06.15 13:33:35 | 038,013,210 | ---- | M] () -- C:\Dokumente und Einstellungen\Magda\Desktop\Key Ring Spy Camera DVK808 Review.mp4
[2012.06.08 15:24:13 | 000,034,339 | ---- | M] () -- C:\Dokumente und Einstellungen\Magda\Eigene Dateien\abmeldung werther.rtf
[3 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[10 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
========== Files Created - No Company Name ==========
[2012.07.06 12:04:53 | 000,001,788 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\REALTEK 11n USB Wireless LAN Utility.lnk
[2012.07.06 12:03:24 | 000,451,072 | ---- | C] () -- C:\WINDOWS\System32\ISSRemoveSP.exe
[2012.07.06 10:41:53 | 000,558,133 | ---- | C] () -- C:\WINDOWS\System32\sqlite3.dll
[2012.07.06 10:03:17 | 000,001,789 | ---- | C] () -- C:\Dokumente und Einstellungen\Magda\Desktop\Google Chrome.lnk
[2012.07.06 10:01:41 | 000,001,088 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2012.07.06 10:01:40 | 000,001,084 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2012.07.05 21:13:03 | 000,002,431 | ---- | C] () -- C:\Dokumente und Einstellungen\Magda\Desktop\HiJackThis.lnk
[2012.07.05 13:25:29 | 000,764,868 | ---- | C] () -- C:\WINDOWS\System32\dllcache\apph_sp.sdb
[2012.07.05 13:25:29 | 000,217,118 | ---- | C] () -- C:\WINDOWS\System32\dllcache\apphelp.sdb
[2012.07.04 11:30:36 | 000,081,920 | ---- | C] () -- C:\WINDOWS\System32\ieencode.dll
[2012.07.04 10:21:36 | 000,175,104 | ---- | C] () -- C:\WINDOWS\System32\dllcache\pintlcsa.dll
[2012.07.04 10:21:19 | 001,158,818 | ---- | C] () -- C:\WINDOWS\System32\dllcache\korwbrkr.lex
[2012.07.04 10:21:13 | 000,059,392 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imscinst.exe
[2012.07.04 10:21:12 | 000,196,665 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imjpinst.exe
[2012.07.04 10:21:11 | 000,134,339 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imekr.lex
[2012.07.04 10:21:03 | 013,463,552 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hwxjpn.dll
[2012.07.04 10:20:58 | 000,108,827 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hanja.lex
[2012.07.04 10:20:46 | 000,173,568 | ---- | C] () -- C:\WINDOWS\System32\dllcache\chtskf.dll
[2012.07.04 10:13:20 | 000,041,270 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MW770.CAT
[2012.07.04 10:13:20 | 000,022,151 | ---- | C] () -- C:\WINDOWS\System32\dllcache\TCLASSES.CAT
[2012.07.04 10:13:20 | 000,013,472 | ---- | C] () -- C:\WINDOWS\System32\dllcache\HPCRDP.CAT
[2012.07.04 10:13:20 | 000,008,574 | ---- | C] () -- C:\WINDOWS\System32\dllcache\IASNT4.CAT
[2012.07.04 10:13:20 | 000,007,046 | ---- | C] () -- C:\WINDOWS\System32\dllcache\OEMBIOS.CAT
[2012.07.04 10:13:19 | 000,817,199 | ---- | C] () -- C:\WINDOWS\System32\dllcache\NT5IIS.CAT
[2012.07.04 10:13:19 | 000,657,548 | ---- | C] () -- C:\WINDOWS\System32\dllcache\CLASSES.CAT
[2012.07.04 10:13:19 | 000,399,645 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MAPIMIG.CAT
[2012.07.04 10:13:19 | 000,056,081 | ---- | C] () -- C:\WINDOWS\System32\dllcache\DAJAVAC.CAT
[2012.07.04 10:13:19 | 000,052,311 | ---- | C] () -- C:\WINDOWS\System32\dllcache\DX3.CAT
[2012.07.04 10:13:19 | 000,014,031 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MSJDBC.CAT
[2012.07.04 08:21:54 | 000,065,536 | ---- | C] () -- C:\WINDOWS\Dit.DLL
[2012.07.04 08:21:54 | 000,000,208 | ---- | C] () -- C:\WINDOWS\Dit.INI
[2012.07.04 08:21:53 | 000,073,728 | ---- | C] () -- C:\WINDOWS\Dit.exe
[2012.07.04 08:21:50 | 000,065,536 | ---- | C] () -- C:\WINDOWS\DitExp.exe
[2012.07.04 08:21:39 | 000,000,138 | ---- | C] () -- C:\WINDOWS\ICCLR.INF
[2012.07.04 08:19:21 | 000,000,164 | ---- | C] () -- C:\WINDOWS\avrack.ini
[2012.07.04 08:19:19 | 000,141,016 | ---- | C] () -- C:\WINDOWS\System32\alsndmgr.wav
[2012.07.03 07:09:50 | 015,904,509 | ---- | C] () -- C:\Dokumente und Einstellungen\Magda\Desktop\Calle Latina feat Crovack - Bonita (Summer Love) (Video Oficial).mp4
[2012.07.01 12:35:45 | 000,000,308 | -H-- | C] () -- C:\WINDOWS\tasks\avast! Emergency Update.job
[2012.07.01 12:26:35 | 001,466,677 | ---- | C] () -- C:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\Anwendungsdaten\WPFFontCache_v0400-S-1-5-21-861567501-1614895754-839522115-1004-0.dat
[2012.06.20 14:17:23 | 000,012,811 | ---- | C] () -- C:\Dokumente und Einstellungen\Magda\Eigene Dateien\speeddial.ini
[2012.06.20 11:49:52 | 000,000,945 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Freemake Video Converter.lnk
[2012.06.16 13:44:36 | 000,000,272 | ---- | C] () -- C:\WINDOWS\tasks\videopadShakeIcon.job
[2012.06.16 13:39:23 | 000,000,785 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\VideoPad Video Editor.lnk
[2012.06.15 13:32:54 | 038,013,210 | ---- | C] () -- C:\Dokumente und Einstellungen\Magda\Desktop\Key Ring Spy Camera DVK808 Review.mp4
[2012.05.29 17:37:48 | 000,107,520 | RHS- | C] () -- C:\WINDOWS\System32\TAKDSDecoder.dll
[2012.02.16 03:09:56 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2012.01.14 16:04:10 | 000,113,741 | ---- | C] () -- C:\WINDOWS\hpoins07.dat
[2012.01.14 16:04:10 | 000,021,124 | ---- | C] () -- C:\WINDOWS\hpomdl07.dat
[2011.12.24 18:55:24 | 000,147,456 | ---- | C] () -- C:\WINDOWS\System32\DiagFunc.dll
[2011.12.24 18:55:24 | 000,001,191 | ---- | C] () -- C:\WINDOWS\System32\W32N55.INI
[2011.12.24 18:55:24 | 000,000,480 | ---- | C] () -- C:\WINDOWS\System32\DiagFunc.ini
[2011.12.24 18:54:48 | 000,013,931 | ---- | C] () -- C:\WINDOWS\System32\RaCoInst.dat
[2011.12.09 20:13:38 | 000,000,614 | ---- | C] () -- C:\WINDOWS\wiso.ini
[2011.11.13 12:40:50 | 000,007,887 | ---- | C] () -- C:\Dokumente und Einstellungen\Magda\Anwendungsdaten\pcouffin.cat
[2011.11.13 12:40:50 | 000,001,144 | ---- | C] () -- C:\Dokumente und Einstellungen\Magda\Anwendungsdaten\pcouffin.inf
[2011.11.08 14:32:09 | 000,162,727 | ---- | C] () -- C:\WINDOWS\MedicApiLys Uninstaller.exe.bak
[2011.11.01 20:13:54 | 000,386,923 | ---- | C] () -- C:\WINDOWS\KMSAct.exe
[2011.10.17 03:31:42 | 000,346,058 | ---- | C] () -- C:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\Anwendungsdaten\WPFFontCache_v0400-System.dat
[2011.10.13 19:46:42 | 000,000,584 | ---- | C] () -- C:\Dokumente und Einstellungen\Magda\Anwendungsdaten\AutoGK.ini
[2011.10.05 08:15:12 | 000,156,160 | ---- | C] () -- C:\WINDOWS\System32\WS_ContextMenu.dll
[2011.09.10 08:45:39 | 000,000,038 | -HS- | C] () -- C:\WINDOWS\camcodec100.ini
[2011.09.10 08:45:39 | 000,000,028 | -HS- | C] () -- C:\WINDOWS\lagarith.ini
[2011.05.20 15:22:30 | 000,105,561 | ---- | C] () -- C:\WINDOWS\hpoins07.dat.temp
[2011.05.20 15:22:30 | 000,017,505 | ---- | C] () -- C:\WINDOWS\hpomdl07.dat.temp
[2011.03.31 18:07:21 | 000,008,192 | ---- | C] () -- C:\WINDOWS\System32\srvany.exe
[2011.03.28 14:33:58 | 000,032,256 | ---- | C] () -- C:\WINDOWS\System32\AVSredirect.dll
[2011.03.26 11:04:42 | 000,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2011.03.18 19:42:24 | 000,000,126 | -HS- | C] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\.zreglib
[2011.02.23 18:09:21 | 000,057,344 | ---- | C] () -- C:\WINDOWS\System32\ImagXppr5.dll
[2011.02.23 12:34:04 | 000,000,038 | ---- | C] () -- C:\WINDOWS\avisplitter.ini
[2011.02.23 12:34:01 | 000,810,496 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2011.02.23 12:34:01 | 000,183,808 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2011.02.23 11:00:29 | 000,003,072 | R--- | C] () -- C:\WINDOWS\System32\34CoInstaller.dll
[2011.02.23 09:58:20 | 000,127,184 | ---- | C] () -- C:\WINDOWS\Unwise.exe
[2011.02.21 23:15:23 | 000,005,632 | ---- | C] () -- C:\Dokumente und Einstellungen\Magda\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011.02.21 16:53:57 | 000,581,632 | ---- | C] () -- C:\WINDOWS\System32\nvhwvid.dll
[2011.02.21 16:53:57 | 000,286,720 | ---- | C] () -- C:\WINDOWS\System32\nvnt4cpl.dll
[2011.02.21 16:31:00 | 000,000,552 | ---- | C] () -- C:\WINDOWS\System32\d3d8caps.dat
[2011.02.21 15:49:12 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2011.02.21 14:43:23 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2011.02.21 14:40:10 | 000,022,908 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2011.02.21 14:36:39 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2011.02.21 14:35:48 | 000,355,360 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2002.08.29 14:00:00 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\autoofmt.exe
========== LOP Check ==========
[2011.04.17 11:40:52 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Alawar Stargaze
[2011.06.12 18:43:50 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\aliasworlds
[2012.02.04 11:45:00 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\AVAST Software
[2012.07.05 10:44:14 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Bluetooth
[2011.07.28 17:35:58 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\boost_interprocess
[2012.04.10 12:14:15 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Buhl Data Service GmbH
[2012.02.27 19:51:29 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\casualArts
[2012.01.05 22:33:10 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Christmasville
[2012.04.29 20:58:04 | 000,000,000 | -H-D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Common Files
[2012.06.18 22:11:36 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Crown
[2011.02.23 11:44:49 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Duden
[2011.02.23 09:16:56 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Easy Driver Pro
[2012.02.08 11:04:55 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\EPS
[2011.06.12 23:51:09 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\FarmFrenzy3_Arctica
[2011.06.26 21:57:59 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\FarmFrenzy_Rome
[2012.06.20 11:50:42 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Freemake
[2012.03.20 14:38:50 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Fugazo
[2011.03.10 22:05:13 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\GameHouse
[2011.12.25 21:23:36 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Gogii
[2012.01.02 10:25:15 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\ICQ
[2012.06.16 14:25:45 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\MAGIX
[2011.12.27 22:23:25 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Merscom
[2012.04.12 21:59:12 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Namco
[2011.12.28 21:10:15 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\NannyMania
[2012.01.20 20:50:47 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\PlayFirst
[2011.12.24 18:54:47 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Ralink Driver
[2011.02.23 11:11:43 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\regid.1986-12.com.adobe
[2012.06.10 20:57:11 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Sandlot Games
[2012.05.04 20:21:54 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\SpookyMall
[2012.02.29 23:19:57 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\SulusGames
[2011.02.23 09:02:44 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Teleca
[2012.03.14 13:40:09 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TEMP
[2012.04.16 21:19:17 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\The Revills Games
[2012.02.01 15:15:23 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\WNR
[2011.10.05 08:49:02 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\xml_param
[2012.03.07 20:46:27 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Zylom
[2011.05.17 16:02:42 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Magda\Anwendungsdaten\abgx360
[2011.12.04 20:54:05 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Magda\Anwendungsdaten\aliasworlds
[2011.10.13 11:58:11 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Magda\Anwendungsdaten\AnvSoft
[2011.12.12 13:56:27 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Magda\Anwendungsdaten\Boolat Games
[2012.01.26 21:38:18 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Magda\Anwendungsdaten\BowWow
[2011.12.09 20:13:03 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Magda\Anwendungsdaten\Buhl Data Service
[2012.02.27 19:51:29 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Magda\Anwendungsdaten\casualArts
[2012.06.18 22:11:36 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Magda\Anwendungsdaten\Crown
[2012.02.08 17:12:43 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Magda\Anwendungsdaten\DesktopIconForAmazon
[2011.02.23 11:44:53 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Magda\Anwendungsdaten\Duden
[2012.07.05 10:53:51 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Magda\Anwendungsdaten\DVDVideoSoft
[2011.03.09 18:46:57 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Magda\Anwendungsdaten\DVDVideoSoftIEHelpers
[2011.02.23 10:56:02 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Magda\Anwendungsdaten\facemoods.com
[2012.06.01 19:28:57 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Magda\Anwendungsdaten\Freemium
[2011.03.13 21:05:54 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Magda\Anwendungsdaten\GetRightToGo
[2012.04.12 07:43:18 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Magda\Anwendungsdaten\gnupg
[2011.11.23 09:28:56 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Magda\Anwendungsdaten\Ima
[2011.03.01 12:32:06 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Magda\Anwendungsdaten\ImgBurn
[2012.02.01 14:10:49 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Magda\Anwendungsdaten\JonDo
[2012.06.16 14:25:45 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Magda\Anwendungsdaten\MAGIX
[2011.11.08 14:32:53 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Magda\Anwendungsdaten\MedicApiLys
[2012.04.12 21:59:12 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Magda\Anwendungsdaten\Namco
[2011.11.01 11:47:45 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Magda\Anwendungsdaten\Omgyul
[2012.06.20 11:50:09 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Magda\Anwendungsdaten\OpenCandy
[2011.08.15 11:10:38 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Magda\Anwendungsdaten\Opera
[2011.10.28 15:02:06 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Magda\Anwendungsdaten\Party Buffalo Drive Explorer
[2011.07.27 19:55:15 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Magda\Anwendungsdaten\PhotoFiltre
[2011.06.26 13:35:45 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Magda\Anwendungsdaten\PhotoScape
[2012.02.08 10:43:47 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Magda\Anwendungsdaten\ProxySwitcher
[2011.09.25 12:02:40 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Magda\Anwendungsdaten\Regensoft
[2011.08.26 21:10:43 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Magda\Anwendungsdaten\searchquband
[2012.02.01 15:00:52 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Magda\Anwendungsdaten\searchqutoolbar
[2011.05.21 21:56:39 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Magda\Anwendungsdaten\Skip-Bo
[2011.03.20 14:14:56 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Magda\Anwendungsdaten\SpinTop Games
[2011.02.23 10:56:43 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Magda\Anwendungsdaten\Teleca
[2011.05.16 18:54:19 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Magda\Anwendungsdaten\Thunderbird
[2011.08.26 21:08:37 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Magda\Anwendungsdaten\Toolbar4
[2012.06.04 11:17:43 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Magda\Anwendungsdaten\uTorrent
[2012.02.08 12:10:59 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Magda\Anwendungsdaten\Vso
[2012.02.01 15:15:09 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Magda\Anwendungsdaten\WNR
[2011.10.04 23:41:57 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Magda\Anwendungsdaten\Xilisoft
[2012.03.07 20:46:47 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Magda\Anwendungsdaten\Zylom
[2012.02.28 15:02:31 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Magda\Anwendungsdaten\Zylom JanesZOO
[2012.07.06 12:08:28 | 000,000,266 | ---- | M] () -- C:\WINDOWS\Tasks\AutoKMS.job
[2012.07.06 12:11:00 | 000,000,308 | -H-- | M] () -- C:\WINDOWS\Tasks\avast! Emergency Update.job
[2012.06.19 13:44:02 | 000,000,272 | ---- | M] () -- C:\WINDOWS\Tasks\videopadShakeIcon.job
========== Purity Check ==========
========== Custom Scans ==========
< %SYSTEMDRIVE%\*. >
[2011.02.24 22:17:15 | 000,000,000 | ---D | M] -- C:\7fe7a07c8947d15b87444e7ab963a94f
[2011.02.24 22:44:12 | 000,000,000 | ---D | M] -- C:\aeabccfa99ba4b02cdf254acc1b861
[2012.07.06 12:12:13 | 000,000,000 | -H-D | M] -- C:\Config.Msi
[2011.09.10 17:58:50 | 000,000,000 | ---D | M] -- C:\ConverterOutput
[2011.02.21 16:44:35 | 000,000,000 | ---D | M] -- C:\dell
[2012.07.04 17:53:37 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen
[2012.07.06 10:19:19 | 000,000,000 | ---D | M] -- C:\Downloads
[2011.02.24 22:17:17 | 000,000,000 | ---D | M] -- C:\eca5f59cc30ad837bc5758c705
[2011.02.23 09:59:11 | 000,000,000 | ---D | M] -- C:\Medion
[2011.02.21 18:54:02 | 000,000,000 | RH-D | M] -- C:\MSOCache
[2011.11.08 14:30:17 | 000,000,000 | ---D | M] -- C:\nailview
[2011.05.20 15:16:02 | 000,000,000 | ---D | M] -- C:\Program Files
[2012.07.06 12:08:21 | 000,000,000 | R--D | M] -- C:\Programme
[2011.02.21 15:10:31 | 000,000,000 | -HSD | M] -- C:\RECYCLER
[2012.07.04 10:28:57 | 000,000,000 | -HSD | M] -- C:\System Volume Information
[2012.02.27 19:57:29 | 000,000,000 | ---D | M] -- C:\Temp
[2012.07.06 12:12:02 | 000,000,000 | ---D | M] -- C:\WINDOWS
[2011.02.21 16:26:20 | 000,000,000 | ---D | M] -- C:\WUTemp
< %PROGRAMFILES%\*.exe >
Invalid Environment Variable: LOCALAPPDATA
< %systemroot%\*. /mp /s >
< MD5 for: AGP440.SYS >
[2004.08.04 01:10:00 | 018,782,319 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:AGP440.sys
[2004.08.04 01:10:00 | 018,782,319 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp2.cab:AGP440.sys
[2004.08.03 23:07:42 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=2C428FA0C3E3A01ED93C9B2A27D8D4BB -- C:\WINDOWS\ServicePackFiles\i386\agp440.sys
[2004.08.03 23:07:42 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=2C428FA0C3E3A01ED93C9B2A27D8D4BB -- C:\WINDOWS\system32\drivers\agp440.sys
[2002.08.29 14:00:00 | 000,025,472 | ---- | M] (Microsoft Corporation) MD5=65880045C51AA36184841CEE915A61DF -- C:\WINDOWS\$NtServicePackUninstall$\agp440.sys
< MD5 for: ATAPI.SYS >
[2002.08.29 14:00:00 | 010,180,476 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp1.cab:atapi.sys
[2004.08.04 01:10:00 | 018,782,319 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2004.08.04 01:10:00 | 018,782,319 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp2.cab:atapi.sys
[2002.08.29 14:00:00 | 000,086,912 | ---- | M] (Microsoft Corporation) MD5=95B858761A00E1D4F81F79A0DA019ACA -- C:\WINDOWS\$NtServicePackUninstall$\atapi.sys
[2004.08.03 22:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys
[2004.08.03 22:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\drivers\atapi.sys
< MD5 for: EVENTLOG.DLL >
[2004.08.04 00:57:20 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=B932C077D5A65B71B4512544AC404CB4 -- C:\WINDOWS\ServicePackFiles\i386\eventlog.dll
[2004.08.04 00:57:20 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=B932C077D5A65B71B4512544AC404CB4 -- C:\WINDOWS\system32\eventlog.dll
[2002.08.29 14:00:00 | 000,049,152 | ---- | M] (Microsoft Corporation) MD5=B9358A1FB66CF656328FD8B792B2CCC4 -- C:\WINDOWS\$NtServicePackUninstall$\eventlog.dll
< MD5 for: EXPLORER.EXE >
[2002.08.29 14:00:00 | 001,007,104 | ---- | M] (Microsoft Corporation) MD5=22B0A56E6C5847292437078B484EC61B -- C:\WINDOWS\$NtServicePackUninstall$\explorer.exe
[2004.08.04 00:57:54 | 001,035,264 | ---- | M] (Microsoft Corporation) MD5=22FE1BE02EADDE1632E478E4125639E0 -- C:\WINDOWS\explorer.exe
[2004.08.04 00:57:54 | 001,035,264 | ---- | M] (Microsoft Corporation) MD5=22FE1BE02EADDE1632E478E4125639E0 -- C:\WINDOWS\ServicePackFiles\i386\explorer.exe
< MD5 for: NETLOGON.DLL >
[2002.08.29 14:00:00 | 000,399,360 | ---- | M] (Microsoft Corporation) MD5=BCA549B21E651111CE7BAD0FC8C45F4B -- C:\WINDOWS\$NtServicePackUninstall$\netlogon.dll
[2004.08.04 00:57:32 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=D27395EDCD3416AFD125A9370DCB585C -- C:\WINDOWS\ServicePackFiles\i386\netlogon.dll
[2004.08.04 00:57:32 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=D27395EDCD3416AFD125A9370DCB585C -- C:\WINDOWS\system32\netlogon.dll
< MD5 for: SCECLI.DLL >
[2004.08.04 00:57:34 | 000,186,880 | ---- | M] (Microsoft Corporation) MD5=64DC26B3CF7BCCAD431CE360A4C625D5 -- C:\WINDOWS\ServicePackFiles\i386\scecli.dll
[2004.08.04 00:57:34 | 000,186,880 | ---- | M] (Microsoft Corporation) MD5=64DC26B3CF7BCCAD431CE360A4C625D5 -- C:\WINDOWS\system32\scecli.dll
[2002.08.29 14:00:00 | 000,181,248 | ---- | M] (Microsoft Corporation) MD5=ADD49C10F5DADFA81912D124FE1C9A99 -- C:\WINDOWS\$NtServicePackUninstall$\scecli.dll
< MD5 for: USER32.DLL >
[2004.08.04 00:57:38 | 000,578,560 | ---- | M] (Microsoft Corporation) MD5=56785FD5236D7B22CF471A6DA9DB46D8 -- C:\WINDOWS\ServicePackFiles\i386\user32.dll
[2004.08.04 00:57:38 | 000,578,560 | ---- | M] (Microsoft Corporation) MD5=56785FD5236D7B22CF471A6DA9DB46D8 -- C:\WINDOWS\system32\user32.dll
[2002.08.29 14:00:00 | 000,561,664 | ---- | M] (Microsoft Corporation) MD5=E3DAFFDB1C86C1AEAC1B205F6CF67009 -- C:\WINDOWS\$NtServicePackUninstall$\user32.dll
< MD5 for: USERINIT.EXE >
[2002.08.29 14:00:00 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=BEBD3F08461F9A88E5ABCE0CB9707000 -- C:\WINDOWS\$NtServicePackUninstall$\userinit.exe
[2004.08.04 00:58:18 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=D1E53DC57143F2584B1DD53B036C0633 -- C:\WINDOWS\ServicePackFiles\i386\userinit.exe
[2004.08.04 00:58:18 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=D1E53DC57143F2584B1DD53B036C0633 -- C:\WINDOWS\system32\userinit.exe
< MD5 for: VIAMRAID.SYS >
[2006.10.27 18:19:00 | 000,114,952 | R--- | M] (VIA Technologies inc,.ltd) MD5=7FA61BA47E0CDBCC0FA3581C98718747 -- C:\Medion\VIA_HyperionPro_(5.09A)\DRVDISK\I386\NT4\VIAMRAID.SYS
[2006.10.27 18:18:00 | 000,114,952 | R--- | M] (VIA Technologies inc,.ltd) MD5=7FA61BA47E0CDBCC0FA3581C98718747 -- C:\Medion\VIA_HyperionPro_(5.09A)\VIARAID\DRIVER\WINNT40\VIAMRAID.SYS
[2006.03.31 03:29:00 | 000,114,952 | ---- | M] (VIA Technologies inc,.ltd) MD5=7FA61BA47E0CDBCC0FA3581C98718747 -- C:\Medion\VIA_RAID_(5.1.2600.530)\F6 Windows Driver Disc\i386\NT4\viamraid.sys
[2006.03.31 03:29:00 | 000,114,952 | ---- | M] (VIA Technologies inc,.ltd) MD5=7FA61BA47E0CDBCC0FA3581C98718747 -- C:\Medion\VIA_RAID_(5.1.2600.530)\VIA_RAID_V530C\drvdisk\i386\NT4\viamraid.sys
[2006.03.31 03:29:00 | 000,114,952 | ---- | M] (VIA Technologies inc,.ltd) MD5=7FA61BA47E0CDBCC0FA3581C98718747 -- C:\Medion\VIA_RAID_(5.1.2600.530)\VIA_RAID_V530C\VIAStor\driver\Raid\winnt40\viamraid.sys
[2006.10.27 18:18:00 | 000,100,992 | R--- | M] (VIA Technologies inc,.ltd) MD5=9F3F276C7300ED211129757A411B605F -- C:\Medion\VIA_HyperionPro_(5.09A)\DRVDISK\I386\NT5\VIAMRAID.SYS
[2006.10.27 18:18:00 | 000,100,992 | R--- | M] (VIA Technologies inc,.ltd) MD5=9F3F276C7300ED211129757A411B605F -- C:\Medion\VIA_HyperionPro_(5.09A)\VIARAID\DRIVER\WINXP\VIAMRAID.SYS
[2006.03.31 03:18:30 | 000,100,992 | ---- | M] (VIA Technologies inc,.ltd) MD5=9F3F276C7300ED211129757A411B605F -- C:\Medion\VIA_RAID_(5.1.2600.530)\F6 Windows Driver Disc\i386\NT5\viamraid.sys
[2006.03.31 03:18:30 | 000,100,992 | ---- | M] (VIA Technologies inc,.ltd) MD5=9F3F276C7300ED211129757A411B605F -- C:\Medion\VIA_RAID_(5.1.2600.530)\VIA_RAID_V530C\drvdisk\i386\NT5\viamraid.sys
[2006.03.31 03:18:30 | 000,100,992 | ---- | M] (VIA Technologies inc,.ltd) MD5=9F3F276C7300ED211129757A411B605F -- C:\Medion\VIA_RAID_(5.1.2600.530)\VIA_RAID_V530C\VIAStor\driver\Raid\winxp\viamraid.sys
< MD5 for: WINLOGON.EXE >
[2004.08.04 00:58:20 | 000,507,392 | ---- | M] (Microsoft Corporation) MD5=2B6A0BAF33A9918F09442D873848FF72 -- C:\WINDOWS\ServicePackFiles\i386\winlogon.exe
[2004.08.04 00:58:20 | 000,507,392 | ---- | M] (Microsoft Corporation) MD5=2B6A0BAF33A9918F09442D873848FF72 -- C:\WINDOWS\system32\winlogon.exe
[2002.08.29 14:00:00 | 000,521,728 | ---- | M] (Microsoft Corporation) MD5=616896B708286DA98D6A099293F181D7 -- C:\WINDOWS\$NtServicePackUninstall$\winlogon.exe
< MD5 for: WS2IFSL.SYS >
[2002.08.29 14:00:00 | 000,012,032 | ---- | M] (Microsoft Corporation) MD5=6ABE6E225ADB5A751622A9CC3BC19CE8 -- C:\WINDOWS\system32\dllcache\ws2ifsl.sys
[2002.08.29 14:00:00 | 000,012,032 | ---- | M] (Microsoft Corporation) MD5=6ABE6E225ADB5A751622A9CC3BC19CE8 -- C:\WINDOWS\system32\drivers\ws2ifsl.sys
< %systemroot%\system32\drivers\*.sys /lockedfiles >
< %systemroot%\System32\config\*.sav >
[2012.07.04 12:10:03 | 000,524,288 | ---- | M] () -- C:\WINDOWS\System32\config\default.sav
[2012.07.04 10:01:47 | 000,262,144 | ---- | M] () -- C:\WINDOWS\System32\config\security.sav
[2012.07.04 12:10:03 | 045,613,056 | ---- | M] () -- C:\WINDOWS\System32\config\software.sav
[2012.07.04 12:10:03 | 006,553,600 | ---- | M] () -- C:\WINDOWS\System32\config\system.sav
< %systemroot%\system32\*.dll /lockedfiles >
[3 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]
< %USERPROFILE%\*.* >
[2012.07.06 12:08:14 | 010,747,904 | -H-- | M] () -- C:\Dokumente und Einstellungen\Magda\NTUSER.DAT
[2012.07.06 14:07:49 | 000,001,024 | -H-- | M] () -- C:\Dokumente und Einstellungen\Magda\NTUSER.DAT.LOG
[2012.07.06 12:06:01 | 000,000,190 | -HS- | M] () -- C:\Dokumente und Einstellungen\Magda\ntuser.ini
[2012.07.06 12:12:15 | 002,977,652 | ---- | M] () -- C:\Dokumente und Einstellungen\Magda\ProductContext5600.log
[2012.07.06 12:10:03 | 000,000,487 | ---- | M] () -- C:\Dokumente und Einstellungen\Magda\results.txt
< %USERPROFILE%\Local Settings\Temp\*.exe >
< %USERPROFILE%\Local Settings\Temp\*.dll >
< %USERPROFILE%\Application Data\*.exe >
< HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems|Windows /rs >
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems\\Kmode: %SystemRoot%\system32\win32k.sys [2004.08.04 00:46:24 | 001,836,032 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems\\Required: DebugWindows [binary data]
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems\\Windows: %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,3072,512 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ProfileControl=Off MaxRequestThreads=16
========== Alternate Data Streams ==========
@Alternate Data Stream - 96 bytes -> C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TEMP:18897B1D
@Alternate Data Stream - 121 bytes -> C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TEMP:073139EC
@Alternate Data Stream - 118 bytes -> C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TEMP:B36361EE
< End of report > --- --- --- |