Hi,
anbei der Inhalt der Dateien.
otl.txt
OTL Logfile: Code:
OTL logfile created on: 09.10.2010 18:30:54 - Run 4
OTL by OldTimer - Version 3.2.14.1 Folder = D:\Eigene Dateien\Downloads
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 63,00% Memory free
3,00 Gb Paging File | 3,00 Gb Available in Paging File | 84,00% Paging File free
Paging file location(s): C:\pagefile.sys 1524 3048 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 72,06 Gb Total Space | 50,70 Gb Free Space | 70,36% Space Free | Partition Type: NTFS
Drive D: | 72,05 Gb Total Space | 38,86 Gb Free Space | 53,93% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: EEEPC
Current User Name: xxxxxxxxxx
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal
========== Processes (SafeList) ==========
PRC - D:\Eigene Dateien\Downloads\OTL.exe (OldTimer Tools)
PRC - C:\Dokumente und Einstellungen\xxxxxxxxxx\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\Application\chrome.exe (Google Inc.)
PRC - D:\Programme\Mozilla Firefox\plugin-container.exe (Mozilla Corporation)
PRC - D:\Programme\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.)
PRC - C:\Programme\Trend Micro\HiJackThis\HiJackThis.exe (Trend Micro Inc.)
PRC - C:\Programme\Java\jre6\bin\jucheck.exe (Sun Microsystems, Inc.)
PRC - C:\Programme\EeePC\ACPI\AsAcpiSvr.exe (ASUSTeK Computer Inc.)
PRC - C:\Programme\EeePC\ACPI\AsTray.exe (ASUSTeK Computer Inc.)
PRC - C:\Programme\T-Mobile Internet Manager 03\AssistantServices.exe ()
PRC - C:\Programme\T-Mobile Internet Manager 03\UIExec.exe ()
PRC - C:\Programme\ASUS\EeePC\Super Hybrid Engine\SuperHybridEngine.exe (ASUSTeK Computer Inc.)
PRC - C:\Programme\EeePC\ACPI\AsEPCMon.exe (ASUSTeK Computer Inc.)
PRC - C:\Programme\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe (Microsoft Corp.)
PRC - D:\Programme\Greenshot\Greenshot.exe ()
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\WINDOWS\system32\igfxext.exe (Intel Corporation)
========== Modules (SafeList) ==========
MOD - D:\Eigene Dateien\Downloads\OTL.exe (OldTimer Tools)
MOD - C:\WINDOWS\system32\msscript.ocx (Microsoft Corporation)
MOD - C:\WINDOWS\system32\cabinet.dll (Microsoft Corporation)
========== Win32 Services (SafeList) ==========
SRV - (AppMgmt) -- C:\WINDOWS\System32\appmgmts.dll File not found
SRV - (Akamai) -- c:\Programme\Gemeinsame Dateien\Akamai\netsession_win_062a651.dll ()
SRV - (Apple Mobile Device) -- C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.)
SRV - (FLEXnet Licensing Service) -- C:\Programme\Gemeinsame Dateien\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Macrovision Europe Ltd.)
SRV - (GoogleDesktopManager-093009-130223) -- C:\Programme\Google\Google Desktop Search\GoogleDesktop.exe (Google)
SRV - (npggsvc) -- C:\WINDOWS\System32\GameMon.des (INCA Internet Co., Ltd.)
SRV - (UI Assistant Service) -- C:\Programme\T-Mobile Internet Manager 03\AssistantServices.exe ()
SRV - (fsssvc) -- C:\Programme\Windows Live\Family Safety\fsssvc.exe (Microsoft Corporation)
SRV - (SeaPort) -- C:\Programme\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe (Microsoft Corp.)
SRV - (odserv) -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE12\ODSERV.EXE (Microsoft Corporation)
SRV - (ose) -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE (Microsoft Corporation)
========== Driver Services (SafeList) ==========
DRV - (SSPORT) -- C:\WINDOWS\System32\Drivers\SSPORT.sys File not found
DRV - (hwdatacard) -- C:\WINDOWS\System32\DRIVERS\ewusbmdm.sys File not found
DRV - (BTWUSB) -- C:\WINDOWS\System32\Drivers\btwusb.sys File not found
DRV - (btwhid) -- C:\WINDOWS\System32\DRIVERS\btwhid.sys File not found
DRV - (BTWDNDIS) -- C:\WINDOWS\System32\DRIVERS\btwdndis.sys File not found
DRV - (BTDriver) -- C:\WINDOWS\System32\DRIVERS\btport.sys File not found
DRV - (btaudio) -- C:\WINDOWS\System32\drivers\btaudio.sys File not found
DRV - (sptd) -- C:\WINDOWS\System32\Drivers\sptd.sys (Duplex Secure Ltd.)
DRV - (Netaapl) -- C:\WINDOWS\system32\drivers\netaapl.sys (Apple Inc.)
DRV - (IntcAzAudAddService) Service for Realtek HD Audio (WDM) -- C:\WINDOWS\system32\drivers\RtkHDAud.sys (Realtek Semiconductor Corp.)
DRV - (SRS_PremiumSound_Service) -- C:\WINDOWS\system32\drivers\SRS_PremiumSound_i386.sys ()
DRV - (AR5416) -- C:\WINDOWS\system32\drivers\athw.sys (Atheros Communications, Inc.)
DRV - (DgiVecp) -- C:\WINDOWS\system32\drivers\DgivEcp.sys (Samsung Electronics Co., Ltd.)
DRV - (SynTP) -- C:\WINDOWS\system32\drivers\SynTP.sys (Synaptics Incorporated)
DRV - (L1c) -- C:\WINDOWS\system32\drivers\l1c51x86.sys (Atheros Communications, Inc.)
DRV - (fssfltr) -- C:\WINDOWS\system32\drivers\fssfltr_tdi.sys (Microsoft Corporation)
DRV - (ZTEusbnmea) -- C:\WINDOWS\system32\drivers\ZTEusbnmea.sys (ZTE Incorporated)
DRV - (ZTEusbser6k) -- C:\WINDOWS\system32\drivers\ZTEusbser6k.sys (ZTE Incorporated)
DRV - (ZTEusbmdm6k) -- C:\WINDOWS\system32\drivers\ZTEusbmdm6k.sys (ZTE Incorporated)
DRV - (tcpipBM) -- C:\WINDOWS\System32\drivers\tcpipBM.sys (Bytemobile, Inc.)
DRV - (uvclf) -- C:\WINDOWS\system32\drivers\uvclf.sys (GenesysLogic Technologies, Inc.)
DRV - (massfilter) -- C:\WINDOWS\system32\drivers\massfilter.sys (ZTE Incorporated)
DRV - (iaStor) -- C:\WINDOWS\system32\drivers\iaStor.sys (Intel Corporation)
DRV - (Ambfilt) -- C:\WINDOWS\system32\drivers\Ambfilt.sys (Creative)
DRV - (HDAudBus) -- C:\WINDOWS\system32\drivers\hdaudbus.sys (Windows (R) Server 2003 DDK provider)
DRV - (AsusACPI) -- C:\WINDOWS\system32\drivers\ASUSACPI.SYS (ASUSTeK Computer Inc.)
DRV - (ialm) -- C:\WINDOWS\system32\drivers\igxpmp32.sys (Intel Corporation)
DRV - (Monfilt) -- C:\WINDOWS\system32\drivers\Monfilt.sys (Creative Technology Ltd.)
DRV - (NPPTNT2) -- C:\WINDOWS\system32\npptNT2.sys (INCA Internet Co., Ltd.)
DRV - (BrScnUsb) -- C:\WINDOWS\system32\drivers\BrScnUsb.sys (Brother Industries Ltd.)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-3695312464-1671728247-3960944336-1006\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://eeepc.asus.com/global
IE - HKU\S-1-5-21-3695312464-1671728247-3960944336-1006\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-3695312464-1671728247-3960944336-1006\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
========== FireFox ==========
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: firebug@software.joehewitt.com:1.5.4
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..network.proxy.no_proxies_on: "*.local"
FF - HKLM\software\mozilla\Firefox\extensions\\ff-bmboc@bytemobile.com: C:\Programme\T-Mobile Internet Manager 03\addon [2010.05.28 21:50:57 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.8\extensions\\Components: D:\Programme\Mozilla Firefox\components [2010.10.09 16:38:28 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.8\extensions\\Plugins: D:\Programme\Mozilla Firefox\plugins [2010.10.09 16:39:00 | 000,000,000 | ---D | M]
[2009.03.05 23:01:17 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\xxxxxxxxxx\Anwendungsdaten\Mozilla\Extensions
[2010.10.09 17:27:50 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\xxxxxxxxxx\Anwendungsdaten\Mozilla\Firefox\Profiles\6qm7s989.default\extensions
[2010.05.30 18:22:21 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Dokumente und Einstellungen\xxxxxxxxxx\Anwendungsdaten\Mozilla\Firefox\Profiles\6qm7s989.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010.05.30 18:22:26 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\xxxxxxxxxx\Anwendungsdaten\Mozilla\Firefox\Profiles\6qm7s989.default\extensions\firebug@software.joehewitt.com
O1 HOSTS File: ([2008.04.14 14:00:00 | 000,000,820 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Search Helper) - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Programme\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll (Microsoft Corp.)
O2 - BHO: (Windows Live Anmelde-Hilfsprogramm) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (Windows Live Toolbar Helper) - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Programme\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Programme\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKU\S-1-5-21-3695312464-1671728247-3960944336-1006\..\Toolbar\WebBrowser: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Programme\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O4 - HKLM..\Run: [AsusACPIServer] C:\Programme\EeePC\ACPI\AsAcpiSvr.exe (ASUSTeK Computer Inc.)
O4 - HKLM..\Run: [AsusEPCMonitor] C:\Programme\EeePC\ACPI\AsEPCMon.exe (ASUSTeK Computer Inc.)
O4 - HKLM..\Run: [AsusTray] C:\Programme\EeePC\ACPI\AsTray.exe (ASUSTeK Computer Inc.)
O4 - HKLM..\Run: [Google Desktop Search] C:\Programme\Google\Google Desktop Search\GoogleDesktop.exe (Google)
O4 - HKLM..\Run: [SynAsusAcpi] C:\Programme\Synaptics\SynTP\SynAsusAcpi.exe (Synaptics Incorporated)
O4 - HKLM..\Run: [TrojanScanner] C:\Programme\Trojan Remover\Trjscan.exe (Simply Super Software)
O4 - HKLM..\Run: [UIExec] C:\Programme\T-Mobile Internet Manager 03\UIExec.exe ()
O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\ SuperHybridEngine.lnk = C:\Programme\ASUS\EeePC\Super Hybrid Engine\SuperHybridEngine.exe (ASUSTeK Computer Inc.)
O4 - Startup: C:\Dokumente und Einstellungen\xxxxxxxxxx\Startmenü\Programme\Autostart\Greenshot.lnk = D:\Programme\Greenshot\Greenshot.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-3695312464-1671728247-3960944336-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - C:\Programme\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: SmarThru4 Als HTML speichern - C:\Programme\SmarThru 4\WEBCapture.dll1.htm ()
O8 - Extra context menu item: SmarThru4 Auswahl erfassen - C:\Programme\SmarThru 4\WEBCapture.dll2.htm ()
O8 - Extra context menu item: SmarThru4 Capture Selection - C:\Programme\SmarThru 4\WEBCapture.dll2.htm ()
O8 - Extra context menu item: SmarThru4 Markierten Text speichern - C:\Programme\SmarThru 4\WEBCapture.dll.htm ()
O8 - Extra context menu item: SmarThru4 Save as HTML - C:\Programme\SmarThru 4\WEBCapture.dll1.htm ()
O8 - Extra context menu item: SmarThru4 Save Selected Text - C:\Programme\SmarThru 4\WEBCapture.dll.htm ()
O8 - Extra context menu item: SmarThru4 Web Capture - C:\Programme\SmarThru 4\WebCapture.dll ()
O9 - Extra Button: In Blog veröffentlichen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : In Windows Live Writer in Blog veröffentliche&n - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Programme\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O15 - HKU\S-1-5-21-3695312464-1671728247-3960944336-1006\..Trusted Domains: localhost ([]http in Local intranet)
O15 - HKU\S-1-5-21-3695312464-1671728247-3960944336-1006\..Trusted Ranges: GD ([http] in Local intranet)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.14.0.8064.0206.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.14.0.8064.0206.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Gemeinsame Dateien\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Programme\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - AppInit_DLLs: (C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL) - C:\Programme\Google\Google Desktop Search\GoogleDesktopNetwork3.dll (Google)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\WINDOWS\System32\igfxdev.dll (Intel Corporation)
O24 - Desktop Components:0 (Die derzeitige Homepage) - About:Home
O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Grüne Idylle.bmp
O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Grüne Idylle.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.05.13 21:41:50 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2009.03.06 10:49:26 | 000,000,100 | ---- | M] () - D:\AUTORUN.INF -- [ NTFS ]
O33 - MountPoints2\{3082a108-5bfd-11df-9c2d-00261882cb67}\Shell - "" = AutoRun
O33 - MountPoints2\{3082a108-5bfd-11df-9c2d-00261882cb67}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{3082a108-5bfd-11df-9c2d-00261882cb67}\Shell\AutoRun\command - "" = E:\Install.exe -- File not found
O33 - MountPoints2\{42b6175d-4005-11de-bdd2-806d6172696f}\Shell - "" = AutoRun
O33 - MountPoints2\{42b6175d-4005-11de-bdd2-806d6172696f}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{42b6175d-4005-11de-bdd2-806d6172696f}\Shell\AutoRun\command - "" = E:\setup.exe -- File not found
O33 - MountPoints2\{6a89716a-efec-11de-9bdd-00261882cb67}\Shell - "" = AutoRun
O33 - MountPoints2\{6a89716a-efec-11de-9bdd-00261882cb67}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{6a89716a-efec-11de-9bdd-00261882cb67}\Shell\AutoRun\command - "" = E:\VMC_PBStarter.exe -- File not found
O33 - MountPoints2\{6a89716b-efec-11de-9bdd-00261882cb67}\Shell - "" = AutoRun
O33 - MountPoints2\{6a89716b-efec-11de-9bdd-00261882cb67}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{6a89716b-efec-11de-9bdd-00261882cb67}\Shell\AutoRun\command - "" = E:\VMC_PBStarter.exe -- File not found
O33 - MountPoints2\{a54797ca-0891-11de-9bf2-00261882cb67}\Shell - "" = AutoRun
O33 - MountPoints2\{a54797ca-0891-11de-9bf2-00261882cb67}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{a54797ca-0891-11de-9bf2-00261882cb67}\Shell\AutoRun\command - "" = E:\VMC_PBStarter.exe -- File not found
O33 - MountPoints2\{ba0845da-fed9-11de-9be1-00261882cb67}\Shell - "" = AutoRun
O33 - MountPoints2\{ba0845da-fed9-11de-9be1-00261882cb67}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{ba0845da-fed9-11de-9be1-00261882cb67}\Shell\AutoRun\command - "" = E:\VMC_PBStarter.exe -- File not found
O33 - MountPoints2\{ba0845db-fed9-11de-9be1-00261882cb67}\Shell - "" = AutoRun
O33 - MountPoints2\{ba0845db-fed9-11de-9be1-00261882cb67}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{ba0845db-fed9-11de-9be1-00261882cb67}\Shell\AutoRun\command - "" = E:\VMC_PBStarter.exe -- File not found
O33 - MountPoints2\{cc931afc-7c99-11df-9c19-00261882cb67}\Shell - "" = AutoRun
O33 - MountPoints2\{cc931afc-7c99-11df-9c19-00261882cb67}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{cc931afc-7c99-11df-9c19-00261882cb67}\Shell\AutoRun\command - "" = E:\AutoRun.exe -- File not found
O33 - MountPoints2\{cc931afe-7c99-11df-9c19-00261882cb67}\Shell - "" = AutoRun
O33 - MountPoints2\{cc931afe-7c99-11df-9c19-00261882cb67}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{cc931afe-7c99-11df-9c19-00261882cb67}\Shell\AutoRun\command - "" = E:\AutoRun.exe -- File not found
O33 - MountPoints2\D\Shell\AutoRun\command - "" = D:\setupSNK.exe -- [2008.04.14 08:53:06 | 000,028,672 | ---- | M] (Microsoft Corporation)
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 30 Days ==========
[2010.10.09 17:19:00 | 000,000,000 | ---D | C] -- C:\b4251fe32b44a7235cb82b8c70
[2010.10.09 17:16:08 | 000,000,000 | ---D | C] -- C:\Programme\MSXML 4.0
[2010.10.09 17:01:56 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TEMP
[2010.10.09 17:01:33 | 000,000,000 | ---D | C] -- D:\Eigene Dateien\Simply Super Software
[2010.10.09 17:01:10 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ztvcabinet.dll
[2010.10.09 17:01:07 | 000,000,000 | ---D | C] -- C:\Programme\Trojan Remover
[2010.10.09 17:01:07 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\xxxxxxxxxx\Anwendungsdaten\Simply Super Software
[2010.10.09 17:01:07 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Simply Super Software
[2010.10.09 16:54:26 | 000,000,000 | ---D | C] -- C:\Programme\Trend Micro
[2010.10.09 16:40:50 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\Anwendungsdaten\Temp
[2010.10.09 16:37:52 | 000,000,000 | ---D | C] -- C:\Programme\iPod
[2010.10.09 16:36:14 | 000,000,000 | ---D | C] -- C:\Config.Msi
[2010.10.09 16:17:45 | 000,000,000 | ---D | C] -- C:\Programme\Alwil Software
[2010.10.09 16:17:45 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Alwil Software
[2010.10.09 16:12:33 | 000,000,000 | ---D | C] -- C:\Programme\Microsoft Security Essentials
[2010.10.09 16:04:19 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\MFAData
[2010.09.29 21:23:59 | 000,000,000 | ---D | C] -- C:\spoolerlogs
[2010.09.26 11:14:54 | 000,000,000 | ---D | C] -- C:\Programme\Garmin GPS Plugin
[2010.09.20 22:23:37 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\xxxxxxxxxx\Desktop\design
[2010.09.20 22:22:52 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\xxxxxxxxxx\Desktop\b2blichtlieferant(2)
[2010.09.20 22:20:35 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\xxxxxxxxxx\Desktop\b2blichtlieferant
[2010.09.19 20:21:31 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\xxxxxxxxxx\Desktop\Desktop
[2010.09.18 18:28:49 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Sun
[2010.09.18 18:28:47 | 000,000,000 | ---D | C] -- C:\Programme\Gemeinsame Dateien\Java
[2010.09.18 18:28:36 | 000,149,280 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe
[2010.09.18 18:28:36 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe
[2010.09.18 18:28:36 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2010.10.09 18:05:00 | 000,001,090 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2010.10.09 17:42:00 | 000,001,216 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-3695312464-1671728247-3960944336-1006UA.job
[2010.10.09 17:27:06 | 000,001,086 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2010.10.09 17:26:57 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010.10.09 17:26:53 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010.10.09 17:25:57 | 003,932,160 | ---- | M] () -- C:\Dokumente und Einstellungen\xxxxxxxxxx\ntuser.dat
[2010.10.09 17:25:45 | 000,000,190 | -HS- | M] () -- C:\Dokumente und Einstellungen\xxxxxxxxxx\ntuser.ini
[2010.10.09 17:24:26 | 001,073,172 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2010.10.09 17:24:26 | 000,477,068 | ---- | M] () -- C:\WINDOWS\System32\perfh007.dat
[2010.10.09 17:24:26 | 000,456,150 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010.10.09 17:24:26 | 000,092,608 | ---- | M] () -- C:\WINDOWS\System32\perfc007.dat
[2010.10.09 17:24:26 | 000,077,598 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010.10.09 17:23:52 | 000,000,020 | ---- | M] () -- C:\Dokumente und Einstellungen\xxxxxxxxxx\defogger_reenable
[2010.10.09 17:16:35 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2010.10.09 17:01:20 | 000,000,786 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Trojan Remover.lnk
[2010.10.09 16:54:26 | 000,001,988 | ---- | M] () -- C:\Dokumente und Einstellungen\xxxxxxxxxx\Desktop\HiJackThis.lnk
[2010.10.09 16:46:36 | 000,001,887 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Google Earth.lnk
[2010.10.09 16:18:05 | 000,003,002 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2010.10.09 16:18:02 | 000,000,400 | -H-- | M] () -- C:\WINDOWS\tasks\MP Scheduled Scan.job
[2010.10.09 16:09:25 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010.10.08 21:46:35 | 000,023,552 | ---- | M] () -- C:\Dokumente und Einstellungen\xxxxxxxxxx\Lokale Einstellungen\Anwendungsdaten\WebpageIcons.db
[2010.09.28 22:31:39 | 000,001,891 | ---- | M] () -- C:\Dokumente und Einstellungen\xxxxxxxxxx\Desktop\filter.phtml
[2010.09.25 18:57:52 | 000,047,652 | ---- | M] () -- C:\Dokumente und Einstellungen\xxxxxxxxxx\Desktop\_1557073893166222192_Legende-und-Wahrheit.gpx
[2010.09.25 18:49:19 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\MsftWdf_Kernel_01009_Coinstaller_Critical.Wdf
[2010.09.25 18:49:19 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\Msft_Kernel_netaapl_01009.Wdf
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
========== Files Created - No Company Name ==========
[2010.10.09 17:23:24 | 000,000,020 | ---- | C] () -- C:\Dokumente und Einstellungen\xxxxxxxxxx\defogger_reenable
[2010.10.09 17:01:20 | 000,000,786 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Trojan Remover.lnk
[2010.10.09 17:01:10 | 000,162,304 | ---- | C] () -- C:\WINDOWS\System32\ztvunrar36.dll
[2010.10.09 17:01:10 | 000,077,312 | ---- | C] () -- C:\WINDOWS\System32\ztvunace26.dll
[2010.10.09 17:01:10 | 000,075,264 | ---- | C] () -- C:\WINDOWS\System32\unacev2.dll
[2010.10.09 17:01:09 | 000,153,088 | ---- | C] () -- C:\WINDOWS\System32\UNRAR3.dll
[2010.10.09 16:54:26 | 000,001,988 | ---- | C] () -- C:\Dokumente und Einstellungen\xxxxxxxxxx\Desktop\HiJackThis.lnk
[2010.10.09 16:46:36 | 000,001,887 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Google Earth.lnk
[2010.10.09 16:18:02 | 000,000,400 | -H-- | C] () -- C:\WINDOWS\tasks\MP Scheduled Scan.job
[2010.09.28 22:31:39 | 000,001,891 | ---- | C] () -- C:\Dokumente und Einstellungen\xxxxxxxxxx\Desktop\filter.phtml
[2010.09.25 18:58:03 | 000,047,652 | ---- | C] () -- C:\Dokumente und Einstellungen\xxxxxxxxxx\Desktop\_1557073893166222192_Legende-und-Wahrheit.gpx
[2010.09.25 18:49:19 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\MsftWdf_Kernel_01009_Coinstaller_Critical.Wdf
[2010.09.25 18:49:19 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\Msft_Kernel_netaapl_01009.Wdf
[2010.09.04 20:31:15 | 000,010,449 | ---- | C] () -- C:\Dokumente und Einstellungen\xxxxxxxxxx\Anwendungsdaten\SmarThruOptions.xml
[2010.09.04 20:30:57 | 000,172,032 | ---- | C] () -- C:\WINDOWS\System32\SecSNMP.dll
[2010.09.04 20:30:52 | 000,000,116 | ---- | C] () -- C:\WINDOWS\Readiris.ini
[2010.09.04 20:30:51 | 000,023,040 | ---- | C] () -- C:\WINDOWS\System32\irisco32.dll
[2010.05.16 18:05:51 | 000,000,754 | ---- | C] () -- C:\WINDOWS\WORDPAD.INI
[2010.03.14 22:19:27 | 000,000,161 | ---- | C] () -- C:\Programme\INSTALL.LOG
[2010.03.14 16:00:11 | 000,023,552 | ---- | C] () -- C:\Dokumente und Einstellungen\xxxxxxxxxx\Lokale Einstellungen\Anwendungsdaten\WebpageIcons.db
[2010.01.29 14:29:03 | 002,463,976 | ---- | C] () -- C:\WINDOWS\System32\NPSWF32.dll
[2009.12.27 20:47:01 | 000,000,425 | ---- | C] () -- C:\WINDOWS\BRWMARK.INI
[2009.12.27 20:47:01 | 000,000,027 | ---- | C] () -- C:\WINDOWS\BRPP2KA.INI
[2009.12.19 18:41:17 | 000,000,600 | ---- | C] () -- C:\Dokumente und Einstellungen\xxxxxxxxxx\Lokale Einstellungen\Anwendungsdaten\PUTTY.RND
[2009.11.29 02:29:48 | 000,000,032 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\ezsid.dat
[2009.10.30 04:03:59 | 000,000,141 | ---- | C] () -- C:\Dokumente und Einstellungen\xxxxxxxxxx\Lokale Einstellungen\Anwendungsdaten\fusioncache.dat
[2009.10.29 22:39:39 | 000,006,656 | ---- | C] () -- C:\Dokumente und Einstellungen\xxxxxxxxxx\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009.10.26 04:45:00 | 000,022,723 | ---- | C] () -- C:\WINDOWS\System32\sx450sl3.dll
[2009.09.14 23:24:12 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\SaXPWIA.dll
[2009.09.14 23:24:10 | 000,138,240 | ---- | C] () -- C:\WINDOWS\System32\SaXPUIEx.dll
[2009.09.14 23:24:10 | 000,087,552 | ---- | C] () -- C:\WINDOWS\System32\SaXPSTI.dll
[2009.09.14 23:24:08 | 000,140,288 | ---- | C] () -- C:\WINDOWS\System32\SaXPEH.dll
[2009.09.14 23:24:08 | 000,117,248 | ---- | C] () -- C:\WINDOWS\System32\SaXPIPH.dll
[2009.05.14 00:37:29 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2009.05.13 23:30:25 | 000,232,872 | R--- | C] () -- C:\WINDOWS\System32\drivers\SRS_PremiumSound_i386.sys
[2009.05.13 22:31:07 | 000,021,864 | ---- | C] () -- C:\WINDOWS\AsAcpiSvrLang.ini
[2009.05.13 22:31:07 | 000,012,208 | ---- | C] () -- C:\WINDOWS\AsTrayLang.ini
[2009.05.13 22:17:48 | 000,147,456 | ---- | C] () -- C:\WINDOWS\System32\igfxCoIn_v4906.dll
[2009.05.13 21:29:39 | 000,005,312 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI
========== LOP Check ==========
[2010.10.09 16:17:45 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Alwil Software
[2010.01.29 10:24:55 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\DAEMON Tools Lite
[2010.10.09 16:36:16 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\MFAData
[2010.03.14 22:19:20 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Quest Software
[2010.03.20 16:41:13 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Ralink Driver
[2010.10.09 17:01:07 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Simply Super Software
[2009.12.01 22:28:11 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Sync App Settings
[2010.10.09 17:01:56 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TEMP
[2009.05.13 22:29:03 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Wireless LAN Card
[2010.06.21 15:52:57 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2010.03.09 11:45:45 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\{755AC846-7372-4AC8-8550-C52491DAA8BD}
[2009.02.10 21:17:24 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\xxxxxxxxxx\Anwendungsdaten\Bullzip
[2010.01.29 11:04:14 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\xxxxxxxxxx\Anwendungsdaten\DAEMON Tools Lite
[2010.10.09 16:34:33 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\xxxxxxxxxx\Anwendungsdaten\FileZilla
[2010.03.08 13:26:13 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\xxxxxxxxxx\Anwendungsdaten\Greenshot
[2010.06.20 20:34:04 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\xxxxxxxxxx\Anwendungsdaten\HCM Updater
[2009.11.26 19:24:24 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\xxxxxxxxxx\Anwendungsdaten\IrfanView
[2009.02.07 01:50:25 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\xxxxxxxxxx\Anwendungsdaten\OpenOffice.org
[2010.05.28 21:51:18 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\xxxxxxxxxx\Anwendungsdaten\Programme
[2010.03.14 22:19:20 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\xxxxxxxxxx\Anwendungsdaten\Quest Software
[2010.10.09 17:01:07 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\xxxxxxxxxx\Anwendungsdaten\Simply Super Software
[2010.09.04 20:31:16 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\xxxxxxxxxx\Anwendungsdaten\SmarThru4
[2009.12.14 00:39:58 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\xxxxxxxxxx\Anwendungsdaten\Sync App Settings
[2009.02.06 16:23:14 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\xxxxxxxxxx\Anwendungsdaten\uTorrent
[2010.10.09 16:18:02 | 000,000,400 | -H-- | M] () -- C:\WINDOWS\Tasks\MP Scheduled Scan.job
========== Purity Check ==========
========== Custom Scans ==========
< %ALLUSERSPROFILE%\Application Data\*. >
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
< %APPDATA%\*. >
[2010.01.29 14:38:10 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\xxxxxxxxxx\Anwendungsdaten\Adobe
[2010.03.09 20:08:20 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\xxxxxxxxxx\Anwendungsdaten\Apple Computer
[2009.02.10 21:17:24 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\xxxxxxxxxx\Anwendungsdaten\Bullzip
[2010.01.29 11:04:14 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\xxxxxxxxxx\Anwendungsdaten\DAEMON Tools Lite
[2010.10.09 16:34:33 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\xxxxxxxxxx\Anwendungsdaten\FileZilla
[2009.02.26 16:56:41 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\xxxxxxxxxx\Anwendungsdaten\Google
[2010.03.08 13:26:13 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\xxxxxxxxxx\Anwendungsdaten\Greenshot
[2010.06.20 20:34:04 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\xxxxxxxxxx\Anwendungsdaten\HCM Updater
[2009.05.13 21:44:59 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\xxxxxxxxxx\Anwendungsdaten\Identities
[2009.05.13 22:28:58 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\xxxxxxxxxx\Anwendungsdaten\InstallShield
[2009.11.26 19:24:24 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\xxxxxxxxxx\Anwendungsdaten\IrfanView
[2009.10.29 22:13:51 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\xxxxxxxxxx\Anwendungsdaten\Macromedia
[2010.10.09 16:54:27 | 000,000,000 | --SD | M] -- C:\Dokumente und Einstellungen\xxxxxxxxxx\Anwendungsdaten\Microsoft
[2010.04.11 21:45:29 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\xxxxxxxxxx\Anwendungsdaten\mIRC
[2009.03.05 23:01:17 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\xxxxxxxxxx\Anwendungsdaten\Mozilla
[2009.02.07 01:50:25 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\xxxxxxxxxx\Anwendungsdaten\OpenOffice.org
[2010.05.28 21:51:18 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\xxxxxxxxxx\Anwendungsdaten\Programme
[2010.03.14 22:19:20 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\xxxxxxxxxx\Anwendungsdaten\Quest Software
[2010.10.09 17:01:07 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\xxxxxxxxxx\Anwendungsdaten\Simply Super Software
[2010.10.05 23:09:26 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\xxxxxxxxxx\Anwendungsdaten\Skype
[2010.10.04 20:08:43 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\xxxxxxxxxx\Anwendungsdaten\skypePM
[2010.09.04 20:31:16 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\xxxxxxxxxx\Anwendungsdaten\SmarThru4
[2009.10.31 11:39:42 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\xxxxxxxxxx\Anwendungsdaten\Sun
[2009.12.14 00:39:58 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\xxxxxxxxxx\Anwendungsdaten\Sync App Settings
[2009.02.06 16:23:14 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\xxxxxxxxxx\Anwendungsdaten\uTorrent
[2010.01.29 12:14:00 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\xxxxxxxxxx\Anwendungsdaten\WinRAR
< %APPDATA%\*.exe /s >
[2010.10.09 16:54:27 | 000,388,096 | R--- | M] (Trend Micro Inc.) -- C:\Dokumente und Einstellungen\xxxxxxxxxx\Anwendungsdaten\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
[2010.07.05 14:30:36 | 003,687,344 | ---- | M] (Simply Super Software) -- C:\Dokumente und Einstellungen\xxxxxxxxxx\Anwendungsdaten\Simply Super Software\Trojan Remover\fkv122.exe
< %SYSTEMDRIVE%\*.exe >
< MD5 for: AGP440.SYS >
[2008.04.14 14:00:00 | 020,108,202 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:AGP440.sys
[2008.04.14 14:00:00 | 020,108,202 | ---- | M] () .cab file -- C:\WINDOWS\I386\sp3.cab:AGP440.sys
< MD5 for: ATAPI.SYS >
[2008.04.14 14:00:00 | 020,108,202 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2008.04.14 14:00:00 | 020,108,202 | ---- | M] () .cab file -- C:\WINDOWS\I386\sp3.cab:atapi.sys
[2008.04.14 00:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\dllcache\atapi.sys
[2008.04.14 00:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys
[2008.04.14 14:00:00 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\ReinstallBackups\0005\DriverFiles\i386\atapi.sys
< MD5 for: EVENTLOG.DLL >
[2008.04.14 14:00:00 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=04955AA695448C181B367D964AF158AA -- C:\WINDOWS\system32\dllcache\eventlog.dll
[2008.04.14 14:00:00 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=04955AA695448C181B367D964AF158AA -- C:\WINDOWS\system32\eventlog.dll
< MD5 for: EXPLORER.EXE >
[2008.04.14 14:00:00 | 001,036,800 | ---- | M] (Microsoft Corporation) MD5=418045A93CD87A352098AB7DABE1B53E -- C:\WINDOWS\explorer.exe
[2008.04.14 14:00:00 | 001,036,800 | ---- | M] (Microsoft Corporation) MD5=418045A93CD87A352098AB7DABE1B53E -- C:\WINDOWS\system32\dllcache\explorer.exe
< MD5 for: IASTOR.SYS >
[2008.09.12 07:32:56 | 000,327,192 | ---- | M] (Intel Corporation) MD5=8EF427C54497C5F8A7A645990E4278C7 -- C:\WINDOWS\I386\$OEM$\TEXTMODE\IASTOR.SYS
[2008.09.12 07:32:56 | 000,327,192 | ---- | M] (Intel Corporation) MD5=8EF427C54497C5F8A7A645990E4278C7 -- C:\WINDOWS\OemDir\iaStor.sys
[2008.09.12 07:32:56 | 000,327,192 | ---- | M] (Intel Corporation) MD5=8EF427C54497C5F8A7A645990E4278C7 -- C:\WINDOWS\system32\drivers\iaStor.sys
< MD5 for: NETLOGON.DLL >
[2008.04.14 14:00:00 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=0098D35F91DEAB9C127360A877F2CF84 -- C:\WINDOWS\system32\dllcache\netlogon.dll
[2008.04.14 14:00:00 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=0098D35F91DEAB9C127360A877F2CF84 -- C:\WINDOWS\system32\netlogon.dll
< MD5 for: SCECLI.DLL >
[2008.04.14 14:00:00 | 000,187,904 | ---- | M] (Microsoft Corporation) MD5=5132443DF6FC3771A17AB4AE55DCBC28 -- C:\WINDOWS\system32\dllcache\scecli.dll
[2008.04.14 14:00:00 | 000,187,904 | ---- | M] (Microsoft Corporation) MD5=5132443DF6FC3771A17AB4AE55DCBC28 -- C:\WINDOWS\system32\scecli.dll
< MD5 for: USER32.DLL >
[2008.04.14 14:00:00 | 000,580,096 | ---- | M] (Microsoft Corporation) MD5=B0050CC5340E3A0760DD8B417FF7AEBD -- C:\WINDOWS\system32\dllcache\user32.dll
[2008.04.14 14:00:00 | 000,580,096 | ---- | M] (Microsoft Corporation) MD5=B0050CC5340E3A0760DD8B417FF7AEBD -- C:\WINDOWS\system32\user32.dll
< MD5 for: USERINIT.EXE >
[2008.04.14 14:00:00 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=788F95312E26389D596C0FA55834E106 -- C:\WINDOWS\system32\dllcache\userinit.exe
[2008.04.14 14:00:00 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=788F95312E26389D596C0FA55834E106 -- C:\WINDOWS\system32\userinit.exe
< MD5 for: WINLOGON.EXE >
[2008.04.14 14:00:00 | 000,513,024 | ---- | M] (Microsoft Corporation) MD5=F09A527B422E25C478E38CAA0E44417A -- C:\WINDOWS\system32\dllcache\winlogon.exe
[2008.04.14 14:00:00 | 000,513,024 | ---- | M] (Microsoft Corporation) MD5=F09A527B422E25C478E38CAA0E44417A -- C:\WINDOWS\system32\winlogon.exe
< MD5 for: WS2IFSL.SYS >
[2008.04.14 14:00:00 | 000,012,032 | ---- | M] (Microsoft Corporation) MD5=6ABE6E225ADB5A751622A9CC3BC19CE8 -- C:\WINDOWS\system32\dllcache\ws2ifsl.sys
[2008.04.14 14:00:00 | 000,012,032 | ---- | M] (Microsoft Corporation) MD5=6ABE6E225ADB5A751622A9CC3BC19CE8 -- C:\WINDOWS\system32\drivers\ws2ifsl.sys
< %systemroot%\system32\drivers\*.sys /lockedfiles >
< %systemroot%\System32\config\*.sav >
[2009.05.13 23:35:23 | 000,094,208 | ---- | M] () -- C:\WINDOWS\system32\config\default.sav
[2009.05.13 23:35:23 | 001,069,056 | ---- | M] () -- C:\WINDOWS\system32\config\software.sav
[2009.05.13 23:35:23 | 000,450,560 | ---- | M] () -- C:\WINDOWS\system32\config\system.sav
< %systemroot%\*. /mp /s >
< %systemroot%\system32\*.dll /lockedfiles >
[2008.04.14 14:00:00 | 001,384,479 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\msvbvm60.dll
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]
< End of report > --- --- ---
[/QUOTE]
extras.txt
OTL Logfile: Code:
OTL Extras logfile created on: 09.10.2010 18:30:54 - Run 4
OTL by OldTimer - Version 3.2.14.1 Folder = D:\Eigene Dateien\Downloads
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 63,00% Memory free
3,00 Gb Paging File | 3,00 Gb Available in Paging File | 84,00% Paging File free
Paging file location(s): C:\pagefile.sys 1524 3048 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 72,06 Gb Total Space | 50,70 Gb Free Space | 70,36% Space Free | Partition Type: NTFS
Drive D: | 72,05 Gb Total Space | 38,86 Gb Free Space | 53,93% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: EEEPC
Current User Name: xxxxxxxxxx
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
[HKEY_USERS\S-1-5-21-3695312464-1671728247-3960944336-1006\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- D:\Programme\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
htmlfile [edit] -- "C:\Programme\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Programme\Microsoft Office\Office12\msohtmed.exe" /p %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~1\MICROS~3\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 1
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002
"1900:UDP" = 1900:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22008
"1496:TCP" = 1496:TCP:*:Enabled:Akamai NetSession Interface
"5000:UDP" = 5000:UDP:*:Enabled:Akamai NetSession Interface
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\Programme\Windows Live\Messenger\wlcsdk.exe" = C:\Programme\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call -- (Microsoft Corporation)
"C:\Programme\Windows Live\Sync\WindowsLiveSync.exe" = C:\Programme\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync -- (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Programme\Windows Live\Messenger\wlcsdk.exe" = C:\Programme\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call -- (Microsoft Corporation)
"C:\Programme\Windows Live\Sync\WindowsLiveSync.exe" = C:\Programme\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync -- (Microsoft Corporation)
"D:\Programme\Zattoo\zattood.exe" = D:\Programme\Zattoo\zattood.exe:*:Enabled:zattood -- ()
"D:\Programme\Altitude\altitude.exe" = D:\Programme\Altitude\altitude.exe:*:Enabled:altitude -- ()
"D:\Programme\NetBeans 6.8\bin\netbeans.exe" = D:\Programme\NetBeans 6.8\bin\netbeans.exe:*:Enabled:netbeans -- ()
"D:\xampp\apache\bin\httpd.exe" = D:\xampp\apache\bin\httpd.exe:*:Enabled:Apache HTTP Server -- (Apache Software Foundation)
"D:\xampp\mysql\bin\mysqld.exe" = D:\xampp\mysql\bin\mysqld.exe:*:Enabled:The MySQL Server -- (MySQL AB)
"D:\Programme\mIRC\mirc.exe" = D:\Programme\mIRC\mirc.exe:*:Enabled:mIRC -- (mIRC Co. Ltd.)
"C:\Programme\Microsoft Office\Office12\ONENOTE.EXE" = C:\Programme\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote -- (Microsoft Corporation)
"D:\Programme\Aptana\Aptana Studio 2.0\AptanaStudio.exe" = D:\Programme\Aptana\Aptana Studio 2.0\AptanaStudio.exe:*:Enabled:AptanaStudio -- ()
"D:\Programme\iTunes\iTunes.exe" = D:\Programme\iTunes\iTunes.exe:*:Enabled:iTunes -- (Apple Inc.)
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{04AF207D-9A77-465A-8B76-991F6AB66245}" = Adobe Help Viewer CS3
"{08B32819-6EEF-4057-AEDA-5AB681A36A23}" = Adobe Bridge Start Meeting
"{0CB9668D-F979-4F31-B8B8-67FE90F929F8}" = Bonjour
"{119B7481-0216-40D2-A5CC-C3E1F461ECC1}" = Windows Live Fotogalerie
"{14D08502-FEE4-40E5-90D3-8A967A1D8BA2}" = Readiris Pro 10
"{184CE391-7E0E-4C63-9935-D7A10EDFD3C6}" = Adobe WinSoft Linguistics Plugin
"{19F5658D-92E8-4A08-8657-D38ABB1574B2}" = Asus ACPI Driver
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{26A24AE4-039D-4CA4-87B4-2F83216016FF}" = Java(TM) 6 Update 17
"{28006915-2739-4EBE-B5E8-49B25D32EB33}" = Atheros Client Installation Program
"{29E5EA97-5F74-4A57-B8B2-D4F169117183}" = Adobe Stock Photos CS3
"{3108C217-BE83-42E4-AE9E-A56A2A92E549}" = Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver
"{350C97B3-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{36A1E3D6-288A-4EEE-A081-30D9808B2BE3}" = Joe
"{39D0E034-1042-4905-BECB-5502909FCB7C}" = Microsoft Works
"{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform
"{3D9892BB-A751-4E48-ADC8-E4289956CE1D}" = QuickTime
"{3FB39BED-37C8-4E60-8E02-315B8C2B07E3}" = USB2.0 UVC Camera Device
"{4286E640-B5FB-11DF-AC4B-005056C00008}" = Google Earth
"{45A66726-69BC-466B-A7A4-12FCBA4883D7}" = HiJackThis
"{47BACF74-5A07-48BD-BADB-A769550F0F5A}" = FontResizer
"{4AA5B8A5-BEEF-4AD8-B11D-4443A042EA4F}" = Adobe Dreamweaver CS3
"{4DE3E3D9-AE81-45DE-9195-3015F7B1DBF3}" = Junk Mail filter update
"{52B97218-98CB-4B8B-9283-D213C85E1AA4}" = Windows Live Anmelde-Assistent
"{54793AA1-5001-42F4-ABB6-C364617C6078}" = Adobe Linguistics CS3
"{54B1E5A3-1B29-4582-A226-172A1FC7BA6C}" = Windows Live Family Safety
"{587178E7-B1DF-494E-9838-FA4DD36E873C}" = ASUSUpdate for Eee PC
"{5A166C0B-9557-4364-A057-F946D674E6AC}" = Windows Live Mail
"{5FC68772-6D56-41C6-9DF1-24E868198AE6}" = Windows Live Call
"{6333FC29-BFE5-4024-AC78-958A1A7555D1}" = EeeSplendid
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{6ABE0BEE-D572-4FE8-B434-9E72A289431B}" = Adobe Fonts All
"{6B708481-748A-4EB4-97C1-CD386244FF77}" = Adobe MotionPicture Color Files
"{6BBAA81D-6A7E-43AD-8889-2F002DCAAFDD}" = AHV content for Acrobat and Flash
"{6FF5DD7A-FE28-4439-B8CF-1E9AF4EA0A61}" = Adobe Asset Services CS3
"{70B7A167-0B88-445D-A3EA-97C73AA88CAC}" = Windows Live Toolbar
"{73B5D990-04EA-4751-B10F-5534770B91F2}" = Adobe Color EU Recommended Settings
"{802771A9-A856-4A41-ACF7-1450E523C923}" = Adobe XMP Panels CS3
"{81821BF8-DA20-4F8C-AA87-F70A274828D4}" = Windows Live Writer
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{837B6259-6FF5-4E66-87C1-A5A15ED36FF4}" = Windows Live Messenger
"{85991ED2-010C-4930-96FA-52F43C2CE98A}" = Apple Mobile Device Support
"{879D5454-1A5E-4F3F-8DCC-69FBE95D0647}" = Adobe Setup
"{88F08F98-12BC-4613-81A2-8F9B88CFC73E}" = Super Hybrid Engine
"{8A74E887-8F0F-4017-AF53-CBA42211AAA5}" = Microsoft Sync Framework Runtime Native v1.0 (x86)
"{8C640345-AF96-4ABA-A697-97D2A0B8C6DB}" = Adobe Flash CS3
"{8D2BA474-F406-4710-9AE4-D4F22D21F0DD}" = Adobe Device Central CS3
"{8E6808E2-613D-4FCD-81A2-6C8FA8E03312}" = Adobe Type Support
"{8FC4F1DD-F7FD-4766-804D-3C8FF1D309AF}" = Ralink Wireless LAN
"{8FFC5648-FAF8-43A3-BC8F-42BA1E275C4E}" = Choice Guard
"{90120000-0010-0407-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (German) 12
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-0020-0407-0000-0000000FF1CE}" = Compatibility Pack für 2007 Office System
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{90176341-0A8B-4CCC-A78D-F862228A6B95}" = Adobe Anchor Service CS3
"{90F1943D-EA4A-4460-B59F-30023F3BA69A}" = SmarThru 4
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91E04CA7-0B13-4F8C-AA4D-2A573AC96D19}" = Windows Live Essentials
"{91F7F3F3-CE80-48C3-8327-7D24A0A5716A}" = iTunes
"{95120000-00AF-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (German)
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{99E862CC-6F69-4D39-99AA-DBF71BF3B585}" = OpenOffice.org 3.1
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9C9824D9-9000-4373-A6A5-D0E5D4831394}" = Adobe Bridge CS3
"{9C9CEB9D-53FD-49A7-85D2-FE674F72F24E}" = Microsoft Search Enhancement Pack
"{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}" = Segoe UI
"{A2B242BD-FF8D-4840-9DAA-9170EABEC59C}" = Adobe CMaps
"{A2D81E70-2A98-4A08-A628-94388B063C5E}" = Adobe Color - Photoshop Specific
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9E5EDA7-2E6C-49E7-924B-A32B89C24A04}" = T-Mobile Internet Manager 03
"{AC5B0C19-D851-42F4-BDA0-410ECF7F70A5}" = PDF Settings
"{AC76BA86-7AD7-1031-7B44-A81000000003}" = Adobe Reader 8.1.0 - Deutsch
"{B2974D26-9080-4FA4-B344-DA2D314F41DC}" = Vodafone Mobile Connect Lite Runtime Components
"{B2D328BE-45AD-4D92-96F9-2151490A203E}" = Apple Application Support
"{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}" = Adobe Camera Raw 4.0
"{B73CFB12-C814-4638-AFFD-7E3AAFAF0B4E}" = Adobe BridgeTalk Plugin CS3
"{B9B35331-B7E4-4E5C-BF4C-7BC87856124D}" = Adobe Default Language CS3
"{B9BDA46B-2E17-4F43-9D7A-9B1E09A0A4D8}" = Data Sync
"{BC4F8E84-5E29-49EC-B4E7-E6F9CB50986C}" = Adobe Flash Player 9 ActiveX
"{BCEDD813-269C-4D8F-A4BA-01FDC66254D3}" = Adobe Flash Video Encoder
"{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}" = Microsoft Sync Framework Services Native v1.0 (x86)
"{BE5F3842-8309-4754-92D5-83E02E6077A3}" = Adobe Extension Manager CS3
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C2D69781-F392-4118-A5A7-C7E9C38DBFC2}" = Adobe ExtendScript Toolkit 2
"{C5BD220A-EFE8-48A5-B70E-9503D535FACE}" = Adobe WAS CS3
"{C72CA49A-9237-4810-8449-45DA3BD26D64}" = EzMessenger
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CFA368B3-59C8-4EF5-83A0-39DF46588030}" = Adobe Creative Suite 3 Web Premium
"{D0DFF92A-492E-4C40-B862-A74A173C25C5}" = Adobe Version Cue CS3 Client
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.2
"{D2559B88-CC9D-4B48-81BB-F492BAA9C48C}" = Adobe PDF Library Files
"{D3C605D8-3A5E-4BAD-965D-2C61441BF2AC}" = Adobe Photoshop CS3
"{DADD7B8A-BCB0-44F5-967A-ECB6B4F2ECD9}" = Adobe Color Common Settings
"{DD7DB3C5-6FA3-4FA3-8A71-C2F2940EB029}" = Adobe Color JA Extra Settings
"{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}" = Microsoft Office Suite Activation Assistant
"{E69AE897-9E0B-485C-8552-7841F48D42D8}" = Adobe Update Manager CS3
"{ED636101-1959-4360-8BF7-209436E7DEE4}" = Windows Live Sync
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F7AA860E-F538-440B-AA66-ECA15D97A535}" = Quest Software Toad for MySQL Freeware 4.6
"{FF29A7E2-FF40-4D07-B7E4-2093DE59E10A}" = Adobe Color NA Extra Settings
"4578-0181-0549-1546" = Altitude 1.0.0
"Adobe Flash Player ActiveX" = Adobe Flash Player ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe_b0efd5c6e27241b2a2a88dbddd25245" = Adobe Creative Suite 3 Web Premium hinzufügen oder entfernen
"Akamai" = Akamai NetSession Interface
"Allway Sync_is1" = Allway Sync version 9.4.11
"Aptana Studio 2.0" = Aptana Studio 2.0
"Bullzip PDF Printer_is1" = Bullzip PDF Printer 4.0.0.463
"Crimson Editor" = Crimson Editor (remove only)
"Eee Docking_is1" = Eee Docking 1.3.1.0
"EeePC1005HA" = EeePC1005HA Screen Saver
"FileZilla Client" = FileZilla Client 3.3.2
"Google Desktop" = Google Desktop
"GPL Ghostscript Lite_is1" = GPL Ghostscript Lite 8.70
"Greenshot_is1" = Greenshot
"HDMI" = Intel(R) Graphics Media Accelerator Driver
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie7" = Windows Internet Explorer 7
"IrfanView" = IrfanView (remove only)
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"mIRC" = mIRC
"Mozilla Firefox (3.6.8)" = Mozilla Firefox (3.6.8)
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"nbi-nb-base-6.8.0.0.0" = NetBeans IDE 6.8
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"RealVNC_is1" = VNC Free Edition 4.1.3
"Samsung SCX-4500 Series" = Samsung SCX-4500 Series
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"Trojan Remover_is1" = Trojan Remover 6.8.2
"Wdf01007" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.7
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinRAR archiver" = WinRAR
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"XMind" = XMind
"Zattoo" = Zattoo 3.3.4 Beta
"Zattoo4" = Zattoo4 4.0.5
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-3695312464-1671728247-3960944336-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 22.06.2010 14:21:08 | Computer Name = EEEPC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second
Error - 22.06.2010 14:21:08 | Computer Name = EEEPC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 2203
Error - 22.06.2010 14:21:08 | Computer Name = EEEPC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 2203
Error - 26.06.2010 03:45:29 | Computer Name = EEEPC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second
Error - 26.06.2010 03:45:29 | Computer Name = EEEPC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 140365953
Error - 26.06.2010 03:45:29 | Computer Name = EEEPC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 140365953
Error - 07.07.2010 17:38:57 | Computer Name = EEEPC | Source = Application Hang | ID = 1002
Description = Stillstehende Anwendung netbeans.exe, Version 0.0.0.0, Stillstandmodul
hungapp, Version 0.0.0.0, Stillstandadresse 0x00000000.
Error - 17.07.2010 05:30:59 | Computer Name = EEEPC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second
Error - 17.07.2010 05:30:59 | Computer Name = EEEPC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 28422047
Error - 17.07.2010 05:30:59 | Computer Name = EEEPC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 28422047
[ OSession Events ]
Error - 05.08.2010 16:50:18 | Computer Name = EEEPC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 1257
seconds with 840 seconds of active time. This session ended with a crash.
Error - 05.08.2010 16:50:37 | Computer Name = EEEPC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 13
seconds with 0 seconds of active time. This session ended with a crash.
Error - 05.08.2010 16:51:37 | Computer Name = EEEPC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 54
seconds with 0 seconds of active time. This session ended with a crash.
Error - 05.08.2010 16:53:41 | Computer Name = EEEPC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 101
seconds with 60 seconds of active time. This session ended with a crash.
Error - 05.08.2010 17:26:29 | Computer Name = EEEPC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 878
seconds with 120 seconds of active time. This session ended with a crash.
[ System Events ]
Error - 09.10.2010 10:40:30 | Computer Name = EEEPC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "SSPORT" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error - 09.10.2010 11:24:22 | Computer Name = EEEPC | Source = Windows Update Agent | ID = 20
Description = Installationsfehler: Die Installation des folgenden Updates ist mit
Fehler 0x800706be fehlgeschlagen: Security Update for Microsoft .NET Framework
2.0 SP2 and 3.5 SP1 on Windows Server 2003 and Windows XP x86 (KB2418241)
Error - 09.10.2010 11:24:22 | Computer Name = EEEPC | Source = Windows Update Agent | ID = 20
Description = Installationsfehler: Die Installation des folgenden Updates ist mit
Fehler 0x800706ba fehlgeschlagen: Sicherheitsupdate für Windows XP (KB982802)
Error - 09.10.2010 11:24:22 | Computer Name = EEEPC | Source = Windows Update Agent | ID = 20
Description = Installationsfehler: Die Installation des folgenden Updates ist mit
Fehler 0x800706ba fehlgeschlagen: Sicherheitsupdate für Windows XP (KB2121546)
Error - 09.10.2010 11:24:22 | Computer Name = EEEPC | Source = Windows Update Agent | ID = 20
Description = Installationsfehler: Die Installation des folgenden Updates ist mit
Fehler 0x800706ba fehlgeschlagen: Security Update for Microsoft .NET Framework
3.5 SP1 on Windows XP, Windows Server 2003, Windows Vista, Windows Server 2008 x86
(KB2416473)
Error - 09.10.2010 11:24:22 | Computer Name = EEEPC | Source = Windows Update Agent | ID = 20
Description = Installationsfehler: Die Installation des folgenden Updates ist mit
Fehler 0x800706ba fehlgeschlagen: Sicherheitsupdate für Windows XP (KB2347290)
Error - 09.10.2010 11:24:22 | Computer Name = EEEPC | Source = Windows Update Agent | ID = 20
Description = Installationsfehler: Die Installation des folgenden Updates ist mit
Fehler 0x800706ba fehlgeschlagen: Sicherheitsupdate für Windows XP (KB975558)
Error - 09.10.2010 11:24:22 | Computer Name = EEEPC | Source = Windows Update Agent | ID = 20
Description = Installationsfehler: Die Installation des folgenden Updates ist mit
Fehler 0x800706ba fehlgeschlagen: Sicherheitsupdate für Windows XP (KB2259922)
Error - 09.10.2010 11:27:03 | Computer Name = EEEPC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "DgiVecp" wurde aufgrund folgenden Fehlers nicht gestartet:
%%20
Error - 09.10.2010 11:27:03 | Computer Name = EEEPC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "SSPORT" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
< End of report > --- --- ---
[/QUOTE]
Danke!!!!
c509 |