Jule_maus | 28.07.2011 10:55 | Hallo, danke schon mal für deine Antwort und deine Hilfe =)
Das Problem mit dem BKA Trojaner hatte ich übrigens erst nachdem mein Bruder sich vor einigen Tagen was runtergeladen hat (wir nutzen den Laptop zusammen) ich vermute deswegen das er sich den Trojaner irgednwo gezogen hat :headbang:
Habe es jetzt auch geschafft den Scan durchzuführen, allerdings mit OTLPE (auch von Oldtimer). Ich hoffe das macht keinen zu großen Unterschied =/
die Logs vom Scan hab ich anbei hinzugefügt. Code:
OTL logfile created on: 7/28/2011 12:30:37 PM - Run
OTLPE by OldTimer - Version 3.1.48.0 Folder = X:\Programs\OTLPE
Microsoft Windows XP Service Pack 2 (Version = 5.1.2600) - Type = SYSTEM
Internet Explorer (Version = 6.0.2900.2180)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
1.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 77.00% Memory free
1.00 Gb Paging File | 1.00 Gb Available in Paging File | 90.00% Paging File free
Paging file location(s): C:\pagefile.sys 4000 4092 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 111.78 Gb Total Space | 3.01 Gb Free Space | 2.69% Space Free | Partition Type: NTFS
Drive D: | 1.92 Gb Total Space | 0.05 Gb Free Space | 2.34% Space Free | Partition Type: FAT
Drive X: | 436.59 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
Computer Name: REATOGO | User Name: SYSTEM
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
Using ControlSet: ControlSet002
========== Win32 Services (SafeList) ==========
SRV - File not found [Disabled] -- -- (HidServ)
SRV - File not found [Auto] -- -- (AVK Client)
SRV - [2011/06/29 05:03:03 | 000,269,480 | ---- | M] (Avira GmbH) [Auto] -- C:\Programme\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2011/05/06 11:20:10 | 000,136,360 | ---- | M] (Avira GmbH) [Auto] -- C:\Programme\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2011/02/18 11:37:16 | 000,037,664 | ---- | M] (Apple Inc.) [Auto] -- C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2010/01/15 08:49:20 | 000,227,232 | ---- | M] (McAfee, Inc.) [On_Demand] -- C:\Programme\McAfee Security Scan\2.0.181\McCHSvc.exe -- (McComponentHostService)
SRV - [2009/04/17 18:08:39 | 000,654,848 | ---- | M] (Macrovision Europe Ltd.) [On_Demand] -- C:\Programme\Gemeinsame Dateien\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2007/03/20 10:41:24 | 000,153,792 | ---- | M] (Adobe Systems Incorporated) [On_Demand] -- C:\Programme\Gemeinsame Dateien\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3.exe -- (Adobe Version Cue CS3)
SRV - [2007/02/22 08:20:26 | 000,739,152 | ---- | M] (G DATA Software AG) [Auto] -- C:\Programme\G DATA\AVKClient\AVKCl.exe -- (AntiVirusKit Client)
SRV - [2007/02/21 03:45:02 | 000,624,464 | ---- | M] (G DATA Software AG) [Auto] -- C:\Programme\Gemeinsame Dateien\G DATA\AVKProxy\AVKProxy.exe -- (AVKProxy)
SRV - [2007/02/15 07:04:32 | 001,242,960 | ---- | M] (G DATA Software AG) [Auto] -- C:\Programme\G DATA\AVKClient\AVKWCtl.exe -- (AVKWCtl)
SRV - [2004/10/04 02:59:00 | 001,163,536 | ---- | M] (Danware Data A/S) [Auto] -- C:\Programme\Danware Data\NetOp Remote Control\HOST\NHOSTSVC.EXE -- (NetOp Host for NT Service) NetOp Helper ver. 7.65 (2004278)
SRV - [2003/07/28 07:28:22 | 000,089,136 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE -- (ose)
========== Driver Services (SafeList) ==========
DRV - File not found [Kernel | On_Demand] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand] -- -- (PDCOMP)
DRV - File not found [Kernel | System] -- -- (PCIDump)
DRV - File not found [Kernel | System] -- -- (lbrtfdc)
DRV - File not found [Kernel | System] -- -- (i2omgmt)
DRV - File not found [Kernel | System] -- -- (Changer)
DRV - File not found [Kernel | System] -- -- (Beep)
DRV - [2011/07/24 04:24:42 | 000,218,688 | ---- | M] (DT Soft Ltd) [Kernel | System] -- C:\WINDOWS\system32\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV - [2011/06/29 05:03:04 | 000,138,192 | ---- | M] (Avira GmbH) [Kernel | System] -- C:\WINDOWS\system32\drivers\avipbb.sys -- (avipbb)
DRV - [2011/06/29 05:03:04 | 000,066,616 | ---- | M] (Avira GmbH) [File_System | Auto] -- C:\WINDOWS\system32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2009/05/11 05:12:49 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System] -- C:\WINDOWS\system32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2009/02/13 06:35:01 | 000,011,608 | ---- | M] (Avira GmbH) [Kernel | System] -- C:\Programme\Avira\AntiVir Desktop\avgio.sys -- (avgio)
DRV - [2008/11/06 09:56:45 | 000,047,184 | ---- | M] (G DATA Software AG) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\MiniIcpt.sys -- (GDMnIcpt)
DRV - [2008/11/06 09:56:44 | 000,037,112 | ---- | M] (G DATA Software AG) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\HookCentre.sys -- (HookCentre)
DRV - [2008/11/06 09:56:39 | 000,038,096 | ---- | M] () [Kernel | Auto] -- C:\WINDOWS\system32\drivers\GDTdiIcpt.sys -- (GDTdiInterceptor)
DRV - [2008/11/05 04:52:02 | 001,287,552 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\BCMWL5.SYS -- (BCM43XX)
DRV - [2008/11/05 04:29:18 | 000,050,714 | ---- | M] () [Kernel | On_Demand] -- C:\WINDOWS\system32\interceptor.sys -- (GDInterceptor)
DRV - [2008/04/28 10:22:10 | 000,009,344 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\CPQBttn.sys -- (HBtnKey)
DRV - [2007/04/21 10:15:42 | 000,009,344 | ---- | M] (Hajo Krabbenhöft) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\tenCapture.sys -- (tenCapture)
DRV - [2004/10/04 02:59:00 | 000,065,296 | ---- | M] (Danware Data A/S) [Kernel | System] -- C:\WINDOWS\System32\Drivers\NHOSTNT1.SYS -- (NHostNT1) NetOp Driver 1 ver. 7.65 (2004278)
DRV - [2004/10/04 02:59:00 | 000,003,216 | ---- | M] (Danware Data A/S) [Kernel | On_Demand] -- C:\WINDOWS\System32\Drivers\NHOSTNT3.SYS -- (NHOSTNT3) NetOp Driver 3 ver. 7.65 (2004278) (NHOSTNT3)
DRV - [2001/08/17 07:49:10 | 000,026,624 | ---- | M] (SigmaTel, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\irstusb.sys -- (STIrUsb)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com/ie
IE - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
IE - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
IE - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = hxxp://www.google.com/ie
IE - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://www.google.com/ie
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\NetworkService_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\Sandra_ON_C\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
IE - HKU\Sandra_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.babylon.com/home/?ai=13055
IE - HKU\Sandra_ON_C\Software\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://www.google.com/ie
IE - HKU\Sandra_ON_C\..\URLSearchHook: {cc05a3e3-64c3-4af2-bfc1-af0d66b69065} - C:\Programme\softonic-de3\prxtbsof2.dll (Conduit Ltd.)
IE - HKU\Sandra_ON_C\..\URLSearchHook: {e9911ec6-1bcc-40b0-9993-e0eea7f6953f} - C:\Programme\DVDVideoSoft\prxtbDVD2.dll (Conduit Ltd.)
IE - HKU\Sandra_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\Sandra_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
IE - HKU\systemprofile_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Programme\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@bittorrent.com/BitTorrentDNA: C:\Programme\DNA\plugins\npbtdna.dll (BitTorrent, Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Programme\DivX\DivX Web Player\npdivx32.dll (DivX,Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: C:\Programme\DivX\DivX Player\npDivxPlayerPlugin.dll (DivX, Inc)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Programme\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.3: C:\Programme\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8117.0416: C:\Programme\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 5.0\extensions\\Components: C:\Programme\Mozilla Firefox\components [2011/06/22 05:39:13 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 5.0\extensions\\Plugins: C:\Programme\Mozilla Firefox\plugins [2011/05/25 10:14:58 | 000,000,000 | ---D | M]
[2011/06/13 05:21:33 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
[2011/02/22 19:43:57 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
[2011/03/14 13:53:13 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
[2011/06/13 05:21:34 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}
[2011/06/22 05:39:12 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Programme\mozilla firefox\components\browsercomps.dll
[2011/05/03 22:52:23 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Programme\mozilla firefox\plugins\npdeployJava1.dll
[2011/05/25 10:14:46 | 000,001,392 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\amazondotcom-de.xml
[2010/07/30 02:39:33 | 000,002,226 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\babylon.xml
[2011/05/25 10:14:46 | 000,002,252 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\bing.xml
[2011/05/25 10:14:46 | 000,001,153 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\eBay-de.xml
[2011/05/25 10:14:46 | 000,006,805 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\leo_ende_de.xml
[2011/05/25 10:14:46 | 000,001,178 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\wikipedia-de.xml
[2011/05/25 10:14:46 | 000,001,105 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\yahoo-de.xml
O1 HOSTS File: ([2009/02/09 01:44:57 | 000,001,176 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 reggame.biz
O1 - Hosts: 127.0.0.1 tele-globus.biz
O1 - Hosts: 127.0.0.1 microsoft.com
O1 - Hosts: 127.0.0.1 kaspersky.com
O1 - Hosts: 127.0.0.1 norton.com
O1 - Hosts: 127.0.0.1 multitrader.info
O1 - Hosts: 127.0.0.1 newasp.com.cn
O1 - Hosts: 127.0.0.1 mygolddinar.com
O1 - Hosts: 127.0.0.1 xfatum.com
O1 - Hosts: 127.0.0.1 think-adz2.com
O1 - Hosts: 127.0.0.1 daoway.biz
O1 - Hosts: 127.0.0.1 lem0n.info
O1 - Hosts: 127.0.0.1 fuckingwhitehats.com
O1 - Hosts: 127.0.0.1 i-nt-e-r-n-e-t.com
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (Conduit Engine ) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Programme\ConduitEngine\prxConduitEngine.dll (Conduit Ltd.)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (no name) - {84303217-7279-7274-6573-5599ca323026} - File not found
O2 - BHO: (Windows Live Anmelde-Hilfsprogramm) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Programme\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (softonic-de3 Toolbar) - {cc05a3e3-64c3-4af2-bfc1-af0d66b69065} - C:\Programme\softonic-de3\prxtbsof2.dll (Conduit Ltd.)
O2 - BHO: (no name) - {D032570A-5F63-4812-A094-87D007C23012} - File not found
O2 - BHO: (DVDVideoSoftTB Toolbar) - {e9911ec6-1bcc-40b0-9993-e0eea7f6953f} - C:\Programme\DVDVideoSoft\prxtbDVD2.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Conduit Engine ) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Programme\ConduitEngine\prxConduitEngine.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Programme\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (softonic-de3 Toolbar) - {cc05a3e3-64c3-4af2-bfc1-af0d66b69065} - C:\Programme\softonic-de3\prxtbsof2.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (DVDVideoSoftTB Toolbar) - {e9911ec6-1bcc-40b0-9993-e0eea7f6953f} - C:\Programme\DVDVideoSoft\prxtbDVD2.dll (Conduit Ltd.)
O3 - HKU\Sandra_ON_C\..\Toolbar\ShellBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Programme\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKU\Sandra_ON_C\..\Toolbar\ShellBrowser: (softonic-de3 Toolbar) - {CC05A3E3-64C3-4AF2-BFC1-AF0D66B69065} - C:\Programme\softonic-de3\prxtbsof2.dll (Conduit Ltd.)
O3 - HKU\Sandra_ON_C\..\Toolbar\ShellBrowser: (DVDVideoSoftTB Toolbar) - {E9911EC6-1BCC-40B0-9993-E0EEA7F6953F} - C:\Programme\DVDVideoSoft\prxtbDVD2.dll (Conduit Ltd.)
O3 - HKU\Sandra_ON_C\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Programme\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKU\Sandra_ON_C\..\Toolbar\WebBrowser: (softonic-de3 Toolbar) - {CC05A3E3-64C3-4AF2-BFC1-AF0D66B69065} - C:\Programme\softonic-de3\prxtbsof2.dll (Conduit Ltd.)
O3 - HKU\Sandra_ON_C\..\Toolbar\WebBrowser: (DVDVideoSoftTB Toolbar) - {E9911EC6-1BCC-40B0-9993-E0EEA7F6953F} - C:\Programme\DVDVideoSoft\prxtbDVD2.dll (Conduit Ltd.)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [Acrobat Assistant 8.0] C:\Programme\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe (Adobe Systems Inc.)
O4 - HKLM..\Run: [Adobe_ID0EYTHM] C:\Programme\Gemeinsame Dateien\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3Tray.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [avgnt] C:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [realteks] File not found
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)
O4 - HKU\Sandra_ON_C..\Run: [4Y3Y0C3AYF7XXHWDRJLTU] C:\Recycle.Bin\B6232F3A1AF.exe (Digital Media Group)
O4 - HKU\Sandra_ON_C..\Run: [DAEMON Tools Lite] C:\Programme\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKU\Sandra_ON_C..\Run: [EA Core] File not found
O4 - HKU\Sandra_ON_C..\Run: [SVCHOST.EXE] File not found
O4 - HKU\Sandra_ON_C..\Run: [System] C:\Dokumente und Einstellungen\Sandra\Music\lst.exe ()
O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\McAfee Security Scan Plus.lnk = C:\Programme\McAfee Security Scan\2.0.181\SSScheduler.exe (McAfee, Inc.)
O4 - Startup: C:\Dokumente und Einstellungen\Sandra\Startmenü\Programme\Autostart\DOGS DIARY.lnk = File not found
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\LocalService_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\NetworkService_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\Sandra_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\systemprofile_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-its51 {F6F1E82D-DE4D-11D2-875C-0000F8105754} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Information Retrieval\itss51.dll (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Web Components\10\OWC10.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Web Components\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Gemeinsame Dateien\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation)
O20 - AppInit_DLLs: (karna.dats\system3) - File not found
O20 - HKLM Winlogon: Shell - (C:\Dokumente und Einstellungen\Sandra\Anwendungsdaten\jashla.exe) - C:\Dokumente und Einstellungen\Sandra\Anwendungsdaten\jashla.exe (Galilean Cauchy Aesop Bellamy)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2008/11/04 03:18:29 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2008/11/09 12:22:40 | 000,000,000 | RHS- | M] () - C:\autorun.inf -- [ NTFS ]
O32 - AutoRun File - [2011/07/24 21:49:52 | 000,000,053 | ---- | M] () - D:\autorun.inf -- [ FAT ]
O32 - AutoRun File - [2006/03/24 07:06:41 | 000,000,053 | R--- | M] () - X:\AUTORUN.INF -- [ CDFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 30 Days ==========
[2011/07/28 12:29:40 | 000,000,000 | RH-D | C] -- C:\Dokumente und Einstellungen\LocalService\Recent
[2011/07/28 12:29:40 | 000,000,000 | R--D | C] -- C:\Dokumente und Einstellungen\LocalService\Eigene Dateien
[2011/07/27 10:28:33 | 000,134,656 | ---- | C] (Galilean Cauchy Aesop Bellamy) -- C:\Dokumente und Einstellungen\Sandra\Anwendungsdaten\jashla.exe
[2011/07/24 18:39:32 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Sandra\Desktop\10070_The_Sims_3_v_1
[2011/07/24 17:16:49 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\EA Core
[2011/07/24 16:59:34 | 001,275,152 | ---- | C] (EA.com) -- C:\Sims3Launcher.ex_
[2011/07/24 16:37:25 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Sandra\Eigene Dateien\Electronic Arts
[2011/07/24 16:27:10 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Electronic Arts
[2011/07/24 04:37:00 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Sandra\Desktop\Die Sims 3
[2011/07/24 04:19:44 | 000,218,688 | ---- | C] (DT Soft Ltd) -- C:\WINDOWS\System32\drivers\dtsoftbus01.sys
[2011/07/24 04:19:07 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\DAEMON Tools Lite
[2011/07/24 04:19:01 | 000,000,000 | ---D | C] -- C:\Programme\DAEMON Tools Lite
[2011/07/24 04:18:19 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Sandra\Anwendungsdaten\DAEMON Tools Lite
[2011/07/24 04:18:19 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\DAEMON Tools Lite
[2011/07/23 17:14:20 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Sandra\Music
[2011/07/23 16:49:18 | 000,000,000 | ---D | C] -- C:\ProgramData
[2011/07/23 16:46:19 | 000,000,000 | ---D | C] -- C:\Programme\Microsoft WSE
[2011/07/23 16:41:53 | 000,000,000 | R-SD | C] -- C:\WINDOWS\assembly
[2011/07/23 16:40:57 | 000,000,000 | ---D | C] -- C:\WINDOWS\Microsoft.NET
[2011/07/23 16:16:47 | 000,000,000 | ---D | C] -- C:\Programme\Electronic Arts
[2011/07/23 12:40:55 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Dokumente\EA Games
[2011/07/19 14:58:38 | 000,237,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_4.dll
[2011/07/19 14:58:38 | 000,015,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\x3daudio1_1.dll
[2011/07/19 14:58:37 | 000,068,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xinput1_3.dll
[2011/07/19 14:58:36 | 002,414,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_31.dll
[2011/07/19 14:58:35 | 000,236,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_3.dll
[2011/07/19 14:58:34 | 000,062,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xinput1_2.dll
[2011/07/19 14:58:33 | 000,230,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_2.dll
[2011/07/19 14:58:32 | 000,062,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xinput1_1.dll
[2011/07/19 14:58:30 | 000,229,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_1.dll
[2011/07/19 14:58:29 | 002,388,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_30.dll
[2011/07/19 14:58:28 | 000,230,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_0.dll
[2011/07/19 14:58:28 | 000,014,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\x3daudio1_0.dll
[2011/07/19 14:58:27 | 002,332,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_29.dll
[2011/07/19 14:58:26 | 002,323,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_28.dll
[2011/07/19 14:58:24 | 000,061,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xinput9_1_0.dll
[2011/07/19 14:58:23 | 002,319,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_27.dll
[2011/07/19 14:58:21 | 002,297,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_26.dll
[2011/07/19 14:58:20 | 002,337,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_25.dll
[2011/07/19 14:58:09 | 002,222,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_24.dll
[2011/07/19 07:45:03 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Harry Potter Creative CD
[2011/07/19 07:44:57 | 000,000,000 | ---D | C] -- C:\Programme\Harry Potter Creative CD
[2010/09/03 19:25:27 | 306,708,552 | ---- | C] (Nero AG) -- C:\Programme\Nero-10.0.13100_trial.exe
[2009/07/09 11:20:59 | 007,562,568 | ---- | C] (Opera Software ASA) -- C:\Programme\Opera_964_int_Setup.exe
[2009/07/07 02:33:40 | 007,946,536 | ---- | C] (Mozilla) -- C:\Programme\Firefox Setup 3.5.exe
[2009/05/28 13:05:49 | 111,167,648 | ---- | C] (MAGIX AG) -- C:\Programme\music_maker_15_106mb_d.exe
[2009/04/27 11:39:46 | 020,617,000 | ---- | C] (Skype Technologies S.A.) -- C:\Programme\SkypeSetupFull.exe
[8 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[2 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2011/07/27 12:39:12 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011/07/27 12:37:45 | 1601,490,944 | -HS- | M] () -- C:\hiberfil.sys
[2011/07/27 10:28:34 | 000,134,656 | ---- | M] (Galilean Cauchy Aesop Bellamy) -- C:\Dokumente und Einstellungen\Sandra\Anwendungsdaten\jashla.exe
[2011/07/24 17:41:10 | 000,085,686 | ---- | M] () -- C:\Dokumente und Einstellungen\Sandra\Desktop\5256421_m.jpg
[2011/07/24 16:27:10 | 000,001,687 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Die*Sims™*3.lnk
[2011/07/24 16:27:10 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Electronic Arts
[2011/07/24 16:24:00 | 000,150,661 | ---- | M] () -- C:\Dokumente und Einstellungen\Sandra\Desktop\16739900_m.jpg
[2011/07/24 15:28:05 | 000,046,610 | ---- | M] () -- C:\Dokumente und Einstellungen\Sandra\Desktop\8267639_m.jpg
[2011/07/24 15:27:54 | 000,019,871 | ---- | M] () -- C:\Dokumente und Einstellungen\Sandra\Desktop\8318797.jpg
[2011/07/24 15:11:44 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011/07/24 05:51:27 | 000,890,512 | ---- | M] () -- C:\Dokumente und Einstellungen\Sandra\Desktop\20552244.jpg
[2011/07/24 04:59:57 | 003,610,624 | ---- | M] () -- C:\Dokumente und Einstellungen\Sandra\Desktop\Buttons- PussycatDolls.mp3
[2011/07/24 04:24:42 | 000,218,688 | ---- | M] (DT Soft Ltd) -- C:\WINDOWS\System32\drivers\dtsoftbus01.sys
[2011/07/24 04:19:07 | 000,001,577 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\DAEMON Tools Lite.lnk
[2011/07/24 04:19:07 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\DAEMON Tools Lite
[2011/07/23 16:45:10 | 000,409,192 | ---- | M] () -- C:\WINDOWS\System32\perfh007.dat
[2011/07/23 16:45:10 | 000,280,456 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2011/07/23 16:45:10 | 000,071,994 | ---- | M] () -- C:\WINDOWS\System32\perfc007.dat
[2011/07/23 16:45:10 | 000,059,774 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2011/07/23 12:39:33 | 000,000,000 | R--D | M] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart
[2011/07/23 06:00:10 | 000,000,276 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2011/07/22 09:19:14 | 004,367,598 | ---- | M] () -- C:\Dokumente und Einstellungen\Sandra\Desktop\Junior Senior - Move Your Feet(1).mp3
[2011/07/20 09:31:02 | 001,518,640 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2011/07/19 07:45:05 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Harry Potter Creative CD
[2011/07/19 07:45:04 | 000,000,728 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Harry Potter Creative CD.lnk
[2011/07/17 18:43:16 | 003,592,227 | ---- | M] () -- C:\Dokumente und Einstellungen\Sandra\Desktop\W0mHhNTnrIT1i6hHAHQuIuU7NjN76PyST3x6pAkAF8TbMuw0W5tJWze3qu58Czt_swkrKnyFHOJTOX-jnkNap0lhAXBCaGDH-xMH33kexYttwiCG--OjwEUvUKTu6IjXfZ-mgXOODEUWBchBeCOclw==.mp3
[2011/07/17 18:20:05 | 002,771,178 | ---- | M] () -- C:\Dokumente und Einstellungen\Sandra\Desktop\0qEMEAL9oJ9FthzZk3Xutb7u4HvhAvOdiWcJi6twkOwRc8ohkzsVZy6B2hBeWht4nSPom84rUf-SNHnOzaqyY6QgJ_tHcwzj1rP7PBRrp2tkca-0mWfJ39Uh1CbODaVO.mp3
[2011/07/15 05:50:00 | 004,496,900 | ---- | M] () -- C:\Dokumente und Einstellungen\Sandra\Desktop\black eyed peas - don't stop the party.mp3
[2011/07/09 05:06:04 | 008,189,240 | ---- | M] () -- C:\Dokumente und Einstellungen\Sandra\Desktop\zTqbU17USDlAB8qw3KWsL9MJgk_oTgUTJlu8buaOPyJuPYukHsjRwoEQs4x3chOKkWfrVLljrxQ4qW8o6dKMSeI34XL4D5h0kQuH5yTYC2hofK4FYM1Q3qe8qUYflh9zX59VPcSOIe6VdIVLqIeY5pvV2AdOIU1ddM8LdPMtrFbFxfKMTYZ_p7O5Zb9bsOK_.mp3
[2011/06/29 05:11:45 | 000,404,640 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl
[2011/06/29 05:03:04 | 000,138,192 | ---- | M] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avipbb.sys
[2011/06/29 05:03:04 | 000,066,616 | ---- | M] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avgntflt.sys
[8 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[2 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
========== Files Created - No Company Name ==========
[2011/07/24 17:41:05 | 000,085,686 | ---- | C] () -- C:\Dokumente und Einstellungen\Sandra\Desktop\5256421_m.jpg
[2011/07/24 16:27:08 | 000,001,687 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Die*Sims™*3.lnk
[2011/07/24 16:23:48 | 000,150,661 | ---- | C] () -- C:\Dokumente und Einstellungen\Sandra\Desktop\16739900_m.jpg
[2011/07/24 15:28:01 | 000,046,610 | ---- | C] () -- C:\Dokumente und Einstellungen\Sandra\Desktop\8267639_m.jpg
[2011/07/24 15:27:46 | 000,019,871 | ---- | C] () -- C:\Dokumente und Einstellungen\Sandra\Desktop\8318797.jpg
[2011/07/24 05:51:24 | 000,890,512 | ---- | C] () -- C:\Dokumente und Einstellungen\Sandra\Desktop\20552244.jpg
[2011/07/24 04:56:35 | 003,610,624 | ---- | C] () -- C:\Dokumente und Einstellungen\Sandra\Desktop\Buttons- PussycatDolls.mp3
[2011/07/24 04:19:07 | 000,001,577 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\DAEMON Tools Lite.lnk
[2011/07/22 09:18:15 | 004,367,598 | ---- | C] () -- C:\Dokumente und Einstellungen\Sandra\Desktop\Junior Senior - Move Your Feet(1).mp3
[2011/07/20 16:16:11 | 001,297,937 | ---- | C] () -- C:\Dokumente und Einstellungen\Sandra\Desktop\381018.jpg
[2011/07/19 07:45:04 | 000,000,728 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Harry Potter Creative CD.lnk
[2011/07/17 18:42:58 | 003,592,227 | ---- | C] () -- C:\Dokumente und Einstellungen\Sandra\Desktop\W0mHhNTnrIT1i6hHAHQuIuU7NjN76PyST3x6pAkAF8TbMuw0W5tJWze3qu58Czt_swkrKnyFHOJTOX-jnkNap0lhAXBCaGDH-xMH33kexYttwiCG--OjwEUvUKTu6IjXfZ-mgXOODEUWBchBeCOclw==.mp3
[2011/07/17 18:19:48 | 002,771,178 | ---- | C] () -- C:\Dokumente und Einstellungen\Sandra\Desktop\0qEMEAL9oJ9FthzZk3Xutb7u4HvhAvOdiWcJi6twkOwRc8ohkzsVZy6B2hBeWht4nSPom84rUf-SNHnOzaqyY6QgJ_tHcwzj1rP7PBRrp2tkca-0mWfJ39Uh1CbODaVO.mp3
[2011/07/15 05:48:43 | 004,496,900 | ---- | C] () -- C:\Dokumente und Einstellungen\Sandra\Desktop\black eyed peas - don't stop the party.mp3
[2011/07/09 05:05:22 | 008,189,240 | ---- | C] () -- C:\Dokumente und Einstellungen\Sandra\Desktop\zTqbU17USDlAB8qw3KWsL9MJgk_oTgUTJlu8buaOPyJuPYukHsjRwoEQs4x3chOKkWfrVLljrxQ4qW8o6dKMSeI34XL4D5h0kQuH5yTYC2hofK4FYM1Q3qe8qUYflh9zX59VPcSOIe6VdIVLqIeY5pvV2AdOIU1ddM8LdPMtrFbFxfKMTYZ_p7O5Zb9bsOK_.mp3
[2010/02/10 15:39:43 | 000,000,038 | ---- | C] () -- C:\WINDOWS\avisplitter.INI
[2010/01/26 16:43:49 | 000,237,568 | ---- | C] () -- C:\WINDOWS\System32\lame_enc.dll
[2010/01/26 16:36:52 | 000,000,034 | -H-- | C] () -- C:\WINDOWS\System32\Converter_sysquict.dat
[2010/01/26 16:36:28 | 000,164,352 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2010/01/26 16:36:24 | 000,755,027 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2010/01/26 16:36:23 | 000,159,839 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2010/01/26 16:36:21 | 000,007,680 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2009/12/08 05:07:58 | 000,445,440 | ---- | C] () -- C:\WINDOWS\System32\AGL.dll
[2009/12/03 05:56:36 | 000,002,816 | ---- | C] () -- C:\WINDOWS\System32\drivers\ProcView.sys
[2009/07/17 16:08:00 | 000,481,331 | ---- | C] () -- C:\Programme\1247764527833.jpg
[2009/07/16 11:01:58 | 032,467,048 | ---- | C] () -- C:\Programme\avira_antivir_personal_de.exe
[2009/07/08 16:43:25 | 000,066,386 | ---- | C] () -- C:\WINDOWS\Sysvxd.exe
[2009/07/08 06:25:36 | 000,002,119 | ---- | C] () -- C:\Dokumente und Einstellungen\Sandra\Anwendungsdaten\5eT7WQpJat.gif
[2009/07/08 06:25:36 | 000,000,607 | ---- | C] () -- C:\Dokumente und Einstellungen\Sandra\Anwendungsdaten\5eT7WQpJzn.gif
[2009/07/08 06:25:36 | 000,000,598 | ---- | C] () -- C:\Dokumente und Einstellungen\Sandra\Anwendungsdaten\5eT7WQpJby.gif
[2009/05/28 13:10:46 | 000,040,613 | ---- | C] () -- C:\Programme\20090526_593142.jpg
[2009/05/28 13:10:36 | 000,053,855 | ---- | C] () -- C:\Programme\20090528_593713.jpg
[2009/04/27 14:48:46 | 000,000,056 | -H-- | C] () -- C:\WINDOWS\System32\ezsidmv.dat
[2009/04/17 18:22:15 | 002,463,976 | ---- | C] () -- C:\WINDOWS\System32\NPSWF32.dll
[2009/03/29 14:39:23 | 000,010,099 | ---- | C] () -- C:\WINDOWS\Ascd_tmp.ini
[2009/03/29 14:39:21 | 000,010,296 | ---- | C] () -- C:\WINDOWS\System32\drivers\ASUSHWIO.SYS
[2008/11/22 08:17:35 | 000,013,501 | ---- | C] () -- C:\Programme\Gemeinsame Dateien\kequrynod._sy
[2008/11/21 11:56:58 | 000,017,973 | ---- | C] () -- C:\WINDOWS\fywezynu.exe
[2008/11/18 11:58:20 | 000,011,785 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\vuro.lib
[2008/11/08 09:27:22 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2008/11/08 09:03:26 | 000,019,966 | ---- | C] () -- C:\Programme\Gemeinsame Dateien\xozecuf.lib
[2008/11/08 09:03:26 | 000,019,869 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\loginarum.com
[2008/11/08 09:03:26 | 000,019,527 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\osyxiq.bat
[2008/11/08 09:03:26 | 000,017,000 | ---- | C] () -- C:\WINDOWS\System32\yfac.sys
[2008/11/08 09:03:26 | 000,016,051 | ---- | C] () -- C:\Dokumente und Einstellungen\Sandra\Lokale Einstellungen\Anwendungsdaten\yhykemev.vbs
[2008/11/08 09:03:26 | 000,015,551 | ---- | C] () -- C:\Programme\Gemeinsame Dateien\etizehu.com
[2008/11/08 09:03:26 | 000,015,382 | ---- | C] () -- C:\Dokumente und Einstellungen\Sandra\Lokale Einstellungen\Anwendungsdaten\orakilac.com
[2008/11/08 09:03:26 | 000,014,572 | ---- | C] () -- C:\Dokumente und Einstellungen\Sandra\Lokale Einstellungen\Anwendungsdaten\uquxad.ban
[2008/11/08 09:03:26 | 000,014,302 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\yradep.ban
[2008/11/08 09:03:26 | 000,012,156 | ---- | C] () -- C:\WINDOWS\yrotute.com
[2008/11/08 09:03:26 | 000,011,885 | ---- | C] () -- C:\Programme\Gemeinsame Dateien\ziwos._dl
[2008/11/08 09:03:26 | 000,011,411 | ---- | C] () -- C:\Programme\Gemeinsame Dateien\camo.ban
[2008/11/08 09:03:26 | 000,010,350 | ---- | C] () -- C:\Programme\Gemeinsame Dateien\ygyxyqewu.dat
[2008/11/07 14:48:42 | 000,052,224 | ---- | C] () -- C:\Dokumente und Einstellungen\Sandra\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008/11/06 09:56:39 | 000,038,096 | ---- | C] () -- C:\WINDOWS\System32\drivers\GDTdiIcpt.sys
[2008/11/05 05:10:18 | 000,000,206 | ---- | C] () -- C:\WINDOWS\NetOp.INI
[2008/11/05 04:52:42 | 000,143,360 | ---- | C] () -- C:\WINDOWS\System32\preflib.dll
[2008/11/05 04:52:41 | 000,753,664 | ---- | C] () -- C:\WINDOWS\System32\bcm1xsup.dll
[2008/11/05 04:52:41 | 000,024,064 | ---- | C] () -- C:\WINDOWS\System32\WLTRYSVC.EXE
[2008/11/05 04:29:18 | 000,050,714 | ---- | C] () -- C:\WINDOWS\System32\interceptor.sys
[2008/11/04 10:19:09 | 000,000,400 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2008/11/04 09:33:36 | 002,215,364 | ---- | C] () -- C:\WINDOWS\System32\igklg400.bin
[2008/11/04 09:33:36 | 000,147,456 | ---- | C] () -- C:\WINDOWS\System32\igfxCoIn_v4935.dll
[2008/11/04 09:33:36 | 000,029,932 | ---- | C] () -- C:\WINDOWS\System32\igmedcompkrn.bin
[2008/11/04 09:33:35 | 001,971,732 | ---- | C] () -- C:\WINDOWS\System32\igklg450.bin
[2008/11/04 03:20:51 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2008/11/04 03:15:02 | 000,021,740 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2008/11/04 03:06:40 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2008/11/04 03:05:19 | 001,518,640 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2008/09/19 17:57:34 | 003,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll
[2008/09/19 17:54:18 | 000,012,288 | ---- | C] () -- C:\WINDOWS\System32\DivXWMPExtType.dll
[2004/08/03 23:12:38 | 000,001,788 | ---- | C] () -- C:\WINDOWS\System32\Dcache.bin
[2004/08/03 22:57:22 | 000,081,920 | ---- | C] () -- C:\WINDOWS\System32\ieencode.dll
[2004/08/02 12:20:40 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2004/07/17 09:36:38 | 000,027,440 | ---- | C] () -- C:\WINDOWS\System32\drivers\secdrv.sys
[2003/02/20 12:53:42 | 000,005,702 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI
[2001/08/23 12:00:00 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2001/08/23 12:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2001/08/23 12:00:00 | 000,409,192 | ---- | C] () -- C:\WINDOWS\System32\perfh007.dat
[2001/08/23 12:00:00 | 000,280,456 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2001/08/23 12:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2001/08/23 12:00:00 | 000,269,480 | ---- | C] () -- C:\WINDOWS\System32\perfi007.dat
[2001/08/23 12:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2001/08/23 12:00:00 | 000,071,994 | ---- | C] () -- C:\WINDOWS\System32\perfc007.dat
[2001/08/23 12:00:00 | 000,059,774 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2001/08/23 12:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2001/08/23 12:00:00 | 000,034,478 | ---- | C] () -- C:\WINDOWS\System32\perfd007.dat
[2001/08/23 12:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2001/08/23 12:00:00 | 000,004,463 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2001/08/23 12:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
========== LOP Check ==========
[2011/07/19 17:18:33 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Sandra\Anwendungsdaten\BitTorrent
[2010/10/31 10:55:51 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Sandra\Anwendungsdaten\com.adobe.example.diary.AC2D34E49418B393981766FA31245F1D30E4A56D.1
[2011/07/24 15:04:21 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Sandra\Anwendungsdaten\DAEMON Tools Lite
[2009/03/22 15:03:57 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Sandra\Anwendungsdaten\DNA
[2010/11/04 16:53:30 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Sandra\Anwendungsdaten\eBay
[2010/02/15 18:02:32 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Sandra\Anwendungsdaten\Haihaisoft
[2010/02/15 18:02:37 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Sandra\Anwendungsdaten\Haihaisoft Universal Player
[2009/07/09 11:28:21 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Sandra\Anwendungsdaten\Opera
[2011/07/24 16:38:39 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Sandra\Anwendungsdaten\PriceGong
[2009/02/01 14:47:07 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Sandra\Anwendungsdaten\WholeSecurity
[2010/01/26 16:40:30 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Sandra\Anwendungsdaten\Xilisoft
[2011/07/25 06:27:58 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\DAEMON Tools Lite
[2008/11/05 05:14:08 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Danware Data
[2011/07/24 17:16:49 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\EA Core
[2010/11/04 16:53:30 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\eBay
[2008/11/06 09:56:41 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\G DATA
[2011/03/03 15:57:48 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
========== Purity Check ==========
========== Files - Unicode (All) ==========
[2011/06/23 18:40:22 | 004,347,644 | ---- | M] ()(C:\Dokumente und Einstellungen\Sandra\Desktop\??????Colorful World???????.mp3) -- C:\Dokumente und Einstellungen\Sandra\Desktop\【初音ミク】Colorful World【オリジナル】.mp3
[2011/06/23 18:40:08 | 004,347,644 | ---- | C] ()(C:\Dokumente und Einstellungen\Sandra\Desktop\??????Colorful World???????.mp3) -- C:\Dokumente und Einstellungen\Sandra\Desktop\【初音ミク】Colorful World【オリジナル】.mp3
[2008/12/03 14:53:36 | 000,167,142 | ---- | C] ()(C:\Dokumente und Einstellungen\Sandra\Eigene Dateien\?---?-?.jpg) -- C:\Dokumente und Einstellungen\Sandra\Eigene Dateien\億---乕-嘆.jpg
[2008/12/03 14:53:36 | 000,151,237 | ---- | C] ()(C:\Dokumente und Einstellungen\Sandra\Eigene Dateien\?---?--.4.jpg) -- C:\Dokumente und Einstellungen\Sandra\Eigene Dateien\億---乕--.4.jpg
[2008/12/03 14:53:36 | 000,138,175 | ---- | C] ()(C:\Dokumente und Einstellungen\Sandra\Eigene Dateien\?---?--.2.jpg) -- C:\Dokumente und Einstellungen\Sandra\Eigene Dateien\億---乕--.2.jpg
[2008/12/03 14:53:36 | 000,130,512 | ---- | C] ()(C:\Dokumente und Einstellungen\Sandra\Eigene Dateien\?---?--.0.jpg) -- C:\Dokumente und Einstellungen\Sandra\Eigene Dateien\億---乕--.0.jpg
[2008/12/03 14:53:36 | 000,127,638 | ---- | C] ()(C:\Dokumente und Einstellungen\Sandra\Eigene Dateien\?---?--.5.jpg) -- C:\Dokumente und Einstellungen\Sandra\Eigene Dateien\億---乕--.5.jpg
[2008/12/03 14:53:36 | 000,112,562 | ---- | C] ()(C:\Dokumente und Einstellungen\Sandra\Eigene Dateien\?---?--.1.jpg) -- C:\Dokumente und Einstellungen\Sandra\Eigene Dateien\億---乕--.1.jpg
[2008/12/03 14:53:36 | 000,109,974 | ---- | C] ()(C:\Dokumente und Einstellungen\Sandra\Eigene Dateien\?---?--.jpg) -- C:\Dokumente und Einstellungen\Sandra\Eigene Dateien\億---乕--.jpg
[2008/12/03 14:53:36 | 000,098,635 | ---- | C] ()(C:\Dokumente und Einstellungen\Sandra\Eigene Dateien\?---?--.3.jpg) -- C:\Dokumente und Einstellungen\Sandra\Eigene Dateien\億---乕--.3.jpg
[2008/12/03 14:53:36 | 000,061,841 | ---- | C] ()(C:\Dokumente und Einstellungen\Sandra\Eigene Dateien\----?-?-?.jpg) -- C:\Dokumente und Einstellungen\Sandra\Eigene Dateien\----乕-乕-昞.jpg
[2006/01/01 04:36:47 | 000,167,142 | ---- | M] ()(C:\Dokumente und Einstellungen\Sandra\Eigene Dateien\?---?-?.jpg) -- C:\Dokumente und Einstellungen\Sandra\Eigene Dateien\億---乕-嘆.jpg
[2006/01/01 04:36:47 | 000,151,237 | ---- | M] ()(C:\Dokumente und Einstellungen\Sandra\Eigene Dateien\?---?--.4.jpg) -- C:\Dokumente und Einstellungen\Sandra\Eigene Dateien\億---乕--.4.jpg
[2006/01/01 04:36:47 | 000,138,175 | ---- | M] ()(C:\Dokumente und Einstellungen\Sandra\Eigene Dateien\?---?--.2.jpg) -- C:\Dokumente und Einstellungen\Sandra\Eigene Dateien\億---乕--.2.jpg
[2006/01/01 04:36:47 | 000,130,512 | ---- | M] ()(C:\Dokumente und Einstellungen\Sandra\Eigene Dateien\?---?--.0.jpg) -- C:\Dokumente und Einstellungen\Sandra\Eigene Dateien\億---乕--.0.jpg
[2006/01/01 04:36:47 | 000,127,638 | ---- | M] ()(C:\Dokumente und Einstellungen\Sandra\Eigene Dateien\?---?--.5.jpg) -- C:\Dokumente und Einstellungen\Sandra\Eigene Dateien\億---乕--.5.jpg
[2006/01/01 04:36:47 | 000,112,562 | ---- | M] ()(C:\Dokumente und Einstellungen\Sandra\Eigene Dateien\?---?--.1.jpg) -- C:\Dokumente und Einstellungen\Sandra\Eigene Dateien\億---乕--.1.jpg
[2006/01/01 04:36:47 | 000,109,974 | ---- | M] ()(C:\Dokumente und Einstellungen\Sandra\Eigene Dateien\?---?--.jpg) -- C:\Dokumente und Einstellungen\Sandra\Eigene Dateien\億---乕--.jpg
[2006/01/01 04:36:47 | 000,098,635 | ---- | M] ()(C:\Dokumente und Einstellungen\Sandra\Eigene Dateien\?---?--.3.jpg) -- C:\Dokumente und Einstellungen\Sandra\Eigene Dateien\億---乕--.3.jpg
[2006/01/01 04:36:47 | 000,061,841 | ---- | M] ()(C:\Dokumente und Einstellungen\Sandra\Eigene Dateien\----?-?-?.jpg) -- C:\Dokumente und Einstellungen\Sandra\Eigene Dateien\----乕-乕-昞.jpg
< End of report > Code:
OTL Extras logfile created on: 7/28/2011 12:30:37 PM - Run
OTLPE by OldTimer - Version 3.1.48.0 Folder = X:\Programs\OTLPE
Microsoft Windows XP Service Pack 2 (Version = 5.1.2600) - Type = SYSTEM
Internet Explorer (Version = 6.0.2900.2180)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
1.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 77.00% Memory free
1.00 Gb Paging File | 1.00 Gb Available in Paging File | 90.00% Paging File free
Paging file location(s): C:\pagefile.sys 4000 4092 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 111.78 Gb Total Space | 3.01 Gb Free Space | 2.69% Space Free | Partition Type: NTFS
Drive D: | 1.92 Gb Total Space | 0.05 Gb Free Space | 2.34% Space Free | Partition Type: FAT
Drive X: | 436.59 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
Computer Name: REATOGO | User Name: SYSTEM
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
Using ControlSet: ControlSet002
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.html [@ = Opera.HTML] -- C:\Programme\Opera\Opera.exe (Opera Software)
.url [@ = InternetShortcut] -- rundll32.exe shdocvw.dll,OpenURL %l
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
http [open] -- "C:\Programme\Opera\opera.exe" (Opera Software)
https [open] -- "C:\Programme\Opera\opera.exe" (Opera Software)
InternetShortcut [open] -- rundll32.exe shdocvw.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Winamp.Bookmark] -- "C:\Programme\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft)
Directory [Winamp.Enqueue] -- "C:\Programme\Winamp\winamp.exe" /ADD "%1" (Nullsoft)
Directory [Winamp.Play] -- "C:\Programme\Winamp\winamp.exe" "%1" (Nullsoft)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 1
"FirewallDisableNotify" = 1
"UpdatesDisableNotify" = 1
"AntiVirusOverride" = 1
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Sr]
"Start" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\SrService]
"Start" = 2
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002
"3703:TCP" = 3703:TCP:*:Enabled:Adobe Version Cue CS3 Server
"3704:TCP" = 3704:TCP:*:Enabled:Adobe Version Cue CS3 Server
"50900:TCP" = 50900:TCP:*:Enabled:Adobe Version Cue CS3 Server
"50901:TCP" = 50901:TCP:*:Enabled:Adobe Version Cue CS3 Server
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\Programme\Danware Data\NetOp Remote Control\HOST\Nhstw32.exe" = C:\Programme\Danware Data\NetOp Remote Control\HOST\Nhstw32.exe:*:Enabled:NetOp Host -- (Danware Data A/S)
"C:\Programme\Danware Data\NetOp Remote Control\GUEST\Ngstw32.exe" = C:\Programme\Danware Data\NetOp Remote Control\GUEST\Ngstw32.exe:*:Enabled:NetOp Guest -- (Danware Data A/S)
"%windir%\system32\drivers\svchost.exe" = %windir%\system32\drivers\svchost.exe:*:Enabled:svchost
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Programme\G DATA\AVKClient\AVKAgent.exe" = C:\Programme\G DATA\AVKClient\AVKAgent.exe:LocalSubNet:Enabled:AntiVirenKit Client
"C:\Programme\Danware Data\NetOp Remote Control\HOST\Nhstw32.exe" = C:\Programme\Danware Data\NetOp Remote Control\HOST\Nhstw32.exe:*:Enabled:NetOp Host -- (Danware Data A/S)
"C:\Programme\Danware Data\NetOp Remote Control\GUEST\Ngstw32.exe" = C:\Programme\Danware Data\NetOp Remote Control\GUEST\Ngstw32.exe:*:Enabled:NetOp Guest -- (Danware Data A/S)
"C:\Programme\G DATA\AVKClient\AVKCl.exe" = C:\Programme\G DATA\AVKClient\AVKCl.exe:LocalSubNet:Enabled:G DATA AntiVirus Client -- (G DATA Software AG)
"C:\Programme\DNA\btdna.exe" = C:\Programme\DNA\btdna.exe:*:Enabled:DNA -- (BitTorrent, Inc.)
"C:\Programme\BitTorrent\bittorrent.exe" = C:\Programme\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent -- (BitTorrent, Inc.)
"C:\Programme\Gemeinsame Dateien\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3.exe" = C:\Programme\Gemeinsame Dateien\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3.exe:*:Enabled:Adobe Version Cue CS3 Server -- (Adobe Systems Incorporated)
"%windir%\system32\drivers\svchost.exe" = %windir%\system32\drivers\svchost.exe:*:Enabled:svchost
"C:\Programme\Opera\opera.exe" = C:\Programme\Opera\opera.exe:*:Enabled:Opera Internet Browser -- (Opera Software)
"C:\Dokumente und Einstellungen\Sandra\Eigene Dateien\Hetalia\YoutubeToMp3_Setup.exe" = C:\Dokumente und Einstellungen\Sandra\Eigene Dateien\Hetalia\YoutubeToMp3_Setup.exe:*:Enabled:Youtube To MP3
"C:\Programme\Electronic Arts\EADM\Core.exe" = C:\Programme\Electronic Arts\EADM\Core.exe:*:Enabled:EA Download Manager
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{04AF207D-9A77-465A-8B76-991F6AB66245}" = Adobe Help Viewer CS3
"{08B32819-6EEF-4057-AEDA-5AB681A36A23}" = Adobe Bridge Start Meeting
"{182ACEA4-834A-4C60-AA55-E979EDFBBA3E}" = Harry Potter Creative CD
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{184CE391-7E0E-4C63-9935-D7A10EDFD3C6}" = Adobe WinSoft Linguistics Plugin
"{18D10072035C4515918F7E37EAFAACFC}" = AutoUpdate
"{1B343C8C-F170-4829-8481-E163317C5830}" = iTunes
"{1D58229F-C505-45CA-8223-F35F3A34B963}" = Adobe Version Cue CS3 Server {ko_KR}
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{24D7346D-D4B4-45E8-98EA-75EC14B42DD8}" = Adobe ExtendScript Toolkit 2
"{26A24AE4-039D-4CA4-87B4-2F83216023FF}" = Java(TM) 6 Update 26
"{29E5EA97-5F74-4A57-B8B2-D4F169117183}" = Adobe Stock Photos CS3
"{2A981294-F14C-4F0F-9627-D793270922F8}" = Bonjour
"{2DC94AFD-A6E2-4AB4-9132-4A3F8E07B386}" = Apple Application Support
"{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}" = Windows Live Communications Platform
"{340F521E-3576-4E1A-B75C-EB0ACF751379}" = HP Wireless Assistant
"{350C97B3-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{411E0CC3-587A-468C-B461-95FAFD05E4DE}" = Adobe InDesign CS3
"{4393DE35-AD67-4F37-95E4-30F06EA0FDB2}" = Adobe Creative Suite 3 Design Premium
"{46C045BF-2B3F-4BC4-8E4C-00E0CF8BD9DB}" = Adobe AIR
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4AA5B8A5-BEEF-4AD8-B11D-4443A042EA4F}" = Adobe Dreamweaver CS3
"{52B97218-98CB-4B8B-9283-D213C85E1AA4}" = Windows Live Anmelde-Assistent
"{5335DADB-34BA-4AE8-A519-648D78498846}" = Skype™ 5.3
"{54793AA1-5001-42F4-ABB6-C364617C6078}" = Adobe Linguistics CS3
"{5518E08A-2053-4A3E-85B2-F912D4666C9F}" = Adobe Setup
"{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime
"{57F0ED40-8F11-41AA-B926-4A66D0D1A9CC}" = Microsoft Office Live Add-in 1.3
"{586509F0-350D-48B5-B763-9CC2F8D96C4C}" = Windows Live Sync
"{64C1FA9A-FA94-4B6E-B3E4-8573738E4AD1}" = Adobe Setup
"{6ABE0BEE-D572-4FE8-B434-9E72A289431B}" = Adobe Fonts All
"{6B708481-748A-4EB4-97C1-CD386244FF77}" = Adobe MotionPicture Color Files
"{6BBAA81D-6A7E-43AD-8889-2F002DCAAFDD}" = AHV content for Acrobat and Flash
"{6D4AC5A4-4CF9-4F90-8111-B9B53CE257BF}" = Adobe Color Common Settings
"{6FF5DD7A-FE28-4439-B8CF-1E9AF4EA0A61}" = Adobe Asset Services CS3
"{7131646D-CD3C-40F4-97B9-CD9E4E6262EF}" = Microsoft .NET Framework 2.0
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{73B5D990-04EA-4751-B10F-5534770B91F2}" = Adobe Color EU Recommended Settings
"{7B63B2922B174135AFC0E1377DD81EC2}" = DivX Codec
"{802771A9-A856-4A41-ACF7-1450E523C923}" = Adobe XMP Panels CS3
"{850C7BD3-9F3F-46AD-9396-E7985B38C55E}" = Windows Live Fotogalerie
"{8690891C-DD95-E081-CE42-71C64761AFA3}" = DOGS DIARY
"{8ADFC4160D694100B5B8A22DE9DCABD9}" = DivX Player
"{8C640345-AF96-4ABA-A697-97D2A0B8C6DB}" = Adobe Flash CS3
"{8D2BA474-F406-4710-9AE4-D4F22D21F0DD}" = Adobe Device Central CS3
"{8E5233E1-7495-44FB-8DEB-4BE906D59619}" = Junk Mail filter update
"{8E6808E2-613D-4FCD-81A2-6C8FA8E03312}" = Adobe Type Support
"{90110407-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{90120000-0020-0407-0000-0000000FF1CE}" = Compatibility Pack für 2007 Office System
"{90176341-0A8B-4CCC-A78D-F862228A6B95}" = Adobe Anchor Service CS3
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9985ABB2-14F3-4825-B5AF-0EFB23F715CB}" = Badongo
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9C9824D9-9000-4373-A6A5-D0E5D4831394}" = Adobe Bridge CS3
"{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}" = Segoe UI
"{A2B242BD-FF8D-4840-9DAA-9170EABEC59C}" = Adobe CMaps
"{A2D81E70-2A98-4A08-A628-94388B063C5E}" = Adobe Color - Photoshop Specific
"{AC5B0C19-D851-42F4-BDA0-410ECF7F70A5}" = PDF Settings
"{AC76BA86-1033-F400-7760-000000000003}" = Adobe Acrobat 8 Professional - English, Français, Deutsch
"{AC76BA86-7AD7-1031-7B44-A90000000001}" = Adobe Reader 9 - Deutsch
"{AED2DD42-9853-407E-A6BC-8A1D6B715909}" = Windows Live Messenger
"{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter
"{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}" = Adobe Camera Raw 4.0
"{B3C02EC1-A7B0-4987-9A43-8789426AAA7D}" = Adobe Setup
"{B671CBFD-4109-4D35-9252-3062D3CCB7B2}" = Adobe SING CS3
"{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Web Player
"{B73CFB12-C814-4638-AFFD-7E3AAFAF0B4E}" = Adobe BridgeTalk Plugin CS3
"{B9B35331-B7E4-4E5C-BF4C-7BC87856124D}" = Adobe Default Language CS3
"{BCEDD813-269C-4D8F-A4BA-01FDC66254D3}" = Adobe Flash Video Encoder
"{BE5F3842-8309-4754-92D5-83E02E6077A3}" = Adobe Extension Manager CS3
"{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}" = Die Sims™ 3
"{C41300B9-185D-475E-BFEC-39EF732F19B1}" = Apple Software Update
"{C4D738F7-996A-4C81-B8FA-C4E26D767E41}" = Windows Live Mail
"{C5BD220A-EFE8-48A5-B70E-9503D535FACE}" = Adobe WAS CS3
"{C8D7A672-F697-4572-AC62-C856053A8DBC}" = Adobe Illustrator CS3
"{CACAEB5F-174D-4C7C-AC56-A33289A807CA}" = Apple Mobile Device Support
"{CAE7D1D9-3794-4169-B4DD-964ADBC534EE}" = HP Product Detection
"{CAFA57E8-8927-4912-AFCF-B0AA3837E989}" = Windows Live Essentials
"{D0DFF92A-492E-4C40-B862-A74A173C25C5}" = Adobe Version Cue CS3 Client
"{D2041A37-5FEC-49F0-AE5C-3F2FFDFAA4F4}" = Windows Live Call
"{D2559B88-CC9D-4B48-81BB-F492BAA9C48C}" = Adobe PDF Library Files
"{D3C605D8-3A5E-4BAD-965D-2C61441BF2AC}" = Adobe Photoshop CS3
"{DD7DB3C5-6FA3-4FA3-8A71-C2F2940EB029}" = Adobe Color JA Extra Settings
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{E69AE897-9E0B-485C-8552-7841F48D42D8}" = Adobe Update Manager CS3
"{EA7B3CC4-366D-4CF6-8350-FD7A7034116E}" = Adobe InDesign CS3 Icon Handler
"{F0A37341-D692-11D4-A984-009027EC0A9C}" = SoundMAX
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F58E04CD-6E76-43C8-AAF1-482225C2910E}" = Xml Viewer
"{F9C38440-0B01-11D4-9F43-005004450C82}" = G DATA AntiVirus Client
"{FF29A7E2-FF40-4D07-B7E4-2093DE59E10A}" = Adobe Color NA Extra Settings
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"Adobe Acrobat 8 Professional - English, Français, Deutsch" = Adobe Acrobat 8.1.6 Professional
"Adobe Acrobat 8 Professional - English, Français, Deutsch_816" = Adobe Acrobat 8.1.6 - CPSID_49167
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe_061850775b1c6d22bf2a145678e05e0" = Adobe Creative Suite 3 Design Premium hinzufügen oder entfernen
"Adobe_3e054d2218e7aa282c2369d939e58ff" = Adobe ExtendScript Toolkit 2
"Adobe_6c8e2cb4fd241c55406016127a6ab2e" = Adobe Color Common Settings
"Audacity_is1" = Audacity 1.2.6
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"Broadcom 802.11 Application" = Broadcom Wireless-Dienstprogramm
"Broadcom 802.11b Network Adapter" = Broadcom 802.11-WLAN-Adapter
"com.adobe.example.diary.AC2D34E49418B393981766FA31245F1D30E4A56D.1" = DOGS DIARY
"conduitEngine" = Conduit Engine
"DAEMON Tools Lite" = DAEMON Tools Lite
"divx650vfw_is1" = DivX Pro 6.8.0 VFW
"DVDVideoSoft Toolbar" = DVDVideoSoft Toolbar
"Encarta Encyclopedia 2000 D" = Microsoft Encarta Enzyklopädie 2000
"Encarta Research Organizer 2000 D" = Microsoft Encarta Recherche-Planer
"Free YouTube Download_is1" = Free YouTube Download 2.3
"Haihaisoft Universal Player" = Haihaisoft Universal Player
"HDMI" = Intel(R) Graphics Media Accelerator Driver
"IrfanView" = IrfanView (remove only)
"KLiteCodecPack_is1" = K-Lite Codec Pack 4.0.0 (Full)
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"McAfee Security Scan" = McAfee Security Scan Plus
"Microsoft .NET Framework 2.0" = Microsoft .NET Framework 2.0
"Mozilla Firefox 5.0 (x86 de)" = Mozilla Firefox 5.0 (x86 de)
"MSNINST" = MSN
"NetOp Guest and Host" = NetOp Guest und Host
"Opera 11.11.2109" = Opera 11.11
"PROSet" = Intel(R) PRO Network Connections Drivers
"RMVB Player_is1" = RMVB Player 1.0
"softonic-de3 Toolbar" = softonic-de3 Toolbar
"Uninstall_is1" = Uninstall 1.0.0.1
"VLC media player" = VideoLAN VLC media player 0.8.6d
"WIC" = Windows Imaging Component
"Winamp" = Winamp (remove only)
"Windows Media Format Runtime" = Windows Media Format Runtime
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinRAR archiver" = WinRAR
"Xilisoft YouTube Video Converter" = Xilisoft YouTube Video Converter
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\Sandra_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"BitTorrent" = BitTorrent
"BitTorrent DNA" = DNA
< End of report > ich hoffe das ist alles richtig soweit.
Und geht das installieren von dem Ccleaner denn auch wenn ich nicht auf mei normales Windows zugreifen kann? Kann ja momentan nur über das booten von der OTLPE-CD auf meinen PC zugreifen. sitze hier nur am Laptop meines Vaters |