PhoeniXxx | 24.12.2011 14:15 | Guten Morgen.
Als erstes möchte ich Ihnen danken kira für die schnelle Hilfe. Echt super! =)
Aktueller Stand: Ich habe nun heute morgen noch einmal die Kaspersky Rescue Disc 10 geupdatet. Den Scan noch einmal durch laufen lassen und siehe da, er hat 2 weitere Schädlinge entdeckt, die ich dann auch neutralisieren konnte. Es handelte sich dabei zum Glück um die für den Trojaner wichtige .dll* Datei. Als ich dann Windows startete, wollte sich der Trojaner initialisieren, aber ich bekam eine Fehlermeldung, dass besagte .dll* nicht gefunden wurde. Somit konnte sich der Trojaner nicht starten. Jedoch ist momentan der Task Manager immer noch ausgeschaltet.
Nun meine Bitte, da ich die Windows Oberfläche wieder komplett benutzen kann, was ich mit welchem Programm scannen soll, damit Sie mir bei der Bereinigung weiterhelfen können. Als erstes dachte ich, fange ich an ein OTL Log zu erstellen.
MfG PhoeniXxx
Hier nun die LogFiles vom OTL Scan
OTL.txt Code:
OTL logfile created on: 24.12.2011 14:31:31 - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = E:\CryptFiles
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
3,25 Gb Total Physical Memory | 2,33 Gb Available Physical Memory | 71,84% Memory free
8,95 Gb Paging File | 7,95 Gb Available in Paging File | 88,79% Paging File free
Paging file location(s): C:\pagefile.sys 6000 6000 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = D:\Programme
Drive C: | 29,29 Gb Total Space | 10,82 Gb Free Space | 36,94% Space Free | Partition Type: NTFS
Drive D: | 97,65 Gb Total Space | 14,90 Gb Free Space | 15,26% Space Free | Partition Type: NTFS
Drive E: | 26,43 Gb Total Space | 5,51 Gb Free Space | 20,86% Space Free | Partition Type: NTFS
Computer Name: REMOTE | User Name: Remoter | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2011.12.24 14:27:28 | 000,584,192 | ---- | M] (OldTimer Tools) -- E:\CryptFiles\OTL.exe
PRC - [2011.11.27 10:43:35 | 000,924,632 | ---- | M] (Mozilla Corporation) -- D:\Programme\Mozilla Firefox\firefox.exe
PRC - [2011.08.16 14:07:14 | 003,077,528 | ---- | M] () -- D:\Programme\Pando Networks\Media Booster\PMB.exe
PRC - [2011.07.01 18:45:49 | 000,484,008 | ---- | M] (Avira GmbH) -- d:\Programme\Avira\AntiVir Desktop\avscan.exe
PRC - [2011.07.01 18:45:49 | 000,269,480 | ---- | M] (Avira GmbH) -- D:\Programme\Avira\AntiVir Desktop\avguard.exe
PRC - [2011.04.29 14:36:00 | 000,136,360 | ---- | M] (Avira GmbH) -- D:\Programme\Avira\AntiVir Desktop\sched.exe
PRC - [2011.04.08 16:41:37 | 000,119,608 | ---- | M] (ICQ, LLC.) -- D:\Programme\ICQ7.4\ICQ.exe
PRC - [2010.11.26 23:54:44 | 000,281,768 | ---- | M] (Avira GmbH) -- D:\Programme\Avira\AntiVir Desktop\avgnt.exe
PRC - [2010.08.13 12:58:56 | 000,144,672 | ---- | M] (Apple Inc.) -- C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\AppleMobileDeviceService.exe
PRC - [2010.01.15 13:49:20 | 000,255,536 | ---- | M] (McAfee, Inc.) -- D:\Programme\McAfee Security Scan\2.0.181\SSScheduler.exe
PRC - [2010.01.14 21:10:53 | 000,076,968 | ---- | M] (Avira GmbH) -- D:\Programme\Avira\AntiVir Desktop\avshadow.exe
PRC - [2009.08.18 11:29:22 | 001,529,728 | ---- | M] (Microsoft Corporation) -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\Windows Live\WLIDSVC.EXE
PRC - [2009.08.18 11:29:22 | 000,183,152 | ---- | M] (Microsoft Corporation) -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\Windows Live\WLIDSVCM.EXE
PRC - [2009.03.05 16:07:20 | 002,260,480 | RHS- | M] (Safer-Networking Ltd.) -- D:\Programme\Spybot - Search & Destroy\TeaTimer.exe
PRC - [2009.01.26 15:31:12 | 005,365,592 | RHS- | M] (Safer Networking Limited) -- D:\Programme\Spybot - Search & Destroy\SpybotSD.exe
PRC - [2008.06.18 11:01:56 | 000,077,824 | R--- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\SoundMan.exe
PRC - [2008.04.14 07:52:46 | 001,036,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2008.01.07 12:28:02 | 000,143,360 | ---- | M] () -- D:\Programme\Razer\Lycosa\razertra.exe
PRC - [2007.11.20 15:53:36 | 000,147,456 | ---- | M] (Razer USA Ltd.) -- D:\Programme\Razer\Lycosa\razerhid.exe
PRC - [2005.04.01 18:02:34 | 000,215,040 | ---- | M] () -- D:\Programme\HDD Thermometer\HDD Thermometer.exe
========== Modules (No Company Name) ==========
MOD - [2011.11.27 10:43:34 | 001,989,592 | ---- | M] () -- D:\Programme\Mozilla Firefox\mozjs.dll
MOD - [2011.11.19 11:19:38 | 008,527,008 | ---- | M] () -- C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll
MOD - [2011.08.16 14:07:14 | 003,077,528 | ---- | M] () -- D:\Programme\Pando Networks\Media Booster\PMB.exe
MOD - [2010.08.10 00:01:06 | 000,067,872 | ---- | M] () -- C:\Programme\Gemeinsame Dateien\Apple\Apple Application Support\zlib1.dll
MOD - [2010.01.28 12:57:53 | 000,355,688 | ---- | M] () -- D:\Programme\Avira\AntiVir Desktop\sqlite3.dll
MOD - [2008.06.19 18:35:36 | 000,333,288 | ---- | M] () -- D:\Programme\Spybot - Search & Destroy\sqlite3.dll
MOD - [2008.03.05 10:34:32 | 000,795,520 | ---- | M] () -- D:\Programme\Spybot - Search & Destroy\Plugins\Fennel.dll
MOD - [2008.03.04 15:52:00 | 000,790,392 | ---- | M] () -- D:\Programme\Spybot - Search & Destroy\Plugins\Chai.dll
MOD - [2008.02.26 12:04:40 | 000,717,176 | ---- | M] () -- D:\Programme\Spybot - Search & Destroy\Plugins\Mate.dll
MOD - [2008.01.07 12:28:02 | 000,143,360 | ---- | M] () -- D:\Programme\Razer\Lycosa\razertra.exe
MOD - [2007.12.24 02:05:00 | 000,121,344 | ---- | M] () -- D:\Programme\Spybot - Search & Destroy\Plugins\TCPIPAddress.dll
MOD - [2005.04.01 18:02:34 | 000,215,040 | ---- | M] () -- D:\Programme\HDD Thermometer\HDD Thermometer.exe
========== Win32 Services (SafeList) ==========
SRV - [2011.07.01 18:45:49 | 000,269,480 | ---- | M] (Avira GmbH) [Auto | Running] -- D:\Programme\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2011.04.29 14:36:00 | 000,136,360 | ---- | M] (Avira GmbH) [Auto | Running] -- D:\Programme\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2011.02.10 14:29:24 | 000,150,528 | ---- | M] (Avanquest Software) [On_Demand | Stopped] -- D:\Programme\Sony Ericsson\Sony Ericsson PC Companion\PCCService.exe -- (Sony Ericsson PCCompanion)
SRV - [2010.08.13 12:58:56 | 000,144,672 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2010.01.15 13:49:20 | 000,227,232 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- D:\Programme\McAfee Security Scan\2.0.181\McCHSvc.exe -- (McComponentHostService)
SRV - [2009.08.18 11:29:22 | 001,529,728 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\Windows Live\WLIDSVC.EXE -- (wlidsvc)
SRV - [2006.10.26 18:49:34 | 000,441,136 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE12\ODSERV.EXE -- (odserv)
SRV - [2006.10.26 13:03:08 | 000,145,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE -- (ose)
========== Driver Services (SafeList) ==========
DRV - [2011.12.24 14:05:14 | 000,024,944 | ---- | M] () [Kernel | Unknown | Stopped] -- C:\WINDOWS\system32\drivers\GVTDrv.sys -- (GVTDrv)
DRV - [2011.07.28 23:20:10 | 007,084,544 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2011.07.01 18:45:49 | 000,138,192 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avipbb.sys -- (avipbb)
DRV - [2011.07.01 18:45:49 | 000,066,616 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2009.10.01 16:29:47 | 000,721,904 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd)
DRV - [2009.10.01 16:14:32 | 000,281,760 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\atksgt.sys -- (atksgt)
DRV - [2009.10.01 16:14:32 | 000,025,888 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\lirsgt.sys -- (lirsgt)
DRV - [2009.09.28 02:17:56 | 000,016,608 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\gdrv.sys -- (gdrv)
DRV - [2009.08.22 19:25:00 | 000,009,088 | ---- | M] () [Kernel | On_Demand | Stopped] -- D:\Tools\RivaTuner v2.24\RivaTuner32.sys -- (RivaTuner32)
DRV - [2009.05.11 09:12:49 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2009.02.13 10:35:01 | 000,011,608 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- D:\Programme\Avira\AntiVir Desktop\avgio.sys -- (avgio)
DRV - [2009.02.06 18:34:30 | 000,017,480 | ---- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\hamachi.sys -- (hamachi)
DRV - [2008.07.03 10:03:14 | 004,745,216 | R--- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2008.06.18 04:23:38 | 003,692,288 | R--- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtHDMI.sys -- (RTHDMIAzAudService)
DRV - [2008.06.16 15:08:42 | 000,109,184 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtenicxp.sys -- (RTLE8023xp)
DRV - [2008.05.16 12:33:14 | 000,115,752 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s0016unic.sys -- (s0016unic) Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (WDM)
DRV - [2008.05.16 12:33:14 | 000,025,512 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s0016nd5.sys -- (s0016nd5) Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (NDIS)
DRV - [2008.05.16 12:33:14 | 000,015,016 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s0016mdfl.sys -- (s0016mdfl)
DRV - [2008.05.16 12:33:12 | 000,120,744 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s0016mdm.sys -- (s0016mdm)
DRV - [2008.05.16 12:33:12 | 000,114,216 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s0016mgmt.sys -- (s0016mgmt) Sony Ericsson Device 0016 USB WMC Device Management Drivers (WDM)
DRV - [2008.05.16 12:33:12 | 000,110,632 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s0016obex.sys -- (s0016obex)
DRV - [2008.05.16 12:33:12 | 000,089,256 | R--- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s0016bus.sys -- (s0016bus) Sony Ericsson Device 0016 driver (WDM)
DRV - [2008.01.18 13:43:16 | 000,016,128 | ---- | M] (Razer USA Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Lycosa.sys -- (LycoFltr)
DRV - [2008.01.09 12:28:34 | 000,027,632 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\seehcri.sys -- (seehcri)
DRV - [2007.10.11 11:10:52 | 000,030,008 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ET5Drv.sys -- (ET5Drv)
DRV - [2007.06.29 13:47:34 | 000,034,304 | ---- | M] (AMD, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AmdLLD.sys -- (AmdLLD)
DRV - [2007.04.16 16:46:34 | 000,033,792 | ---- | M] (Advanced Micro Devices) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\AmdPPM.sys -- (AmdPPM)
DRV - [2006.11.10 14:08:50 | 000,024,064 | ---- | M] () [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\ATITool.sys -- (ATITool)
DRV - [2006.10.06 02:00:00 | 000,014,976 | ---- | M] (AVM GmbH) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\avmunet.sys -- (AVMUNET)
DRV - [2006.09.24 14:28:46 | 000,005,248 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | Boot | Running] -- C:\WINDOWS\system32\speedfan.sys -- (speedfan)
DRV - [1996.04.03 20:33:26 | 000,005,248 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\system32\giveio.sys -- (giveio)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = fritz.box;192.168.178.1;*.local
========== FireFox ==========
FF - prefs.js..browser.startup.homepage: "hxxp://www.demonews.de/"
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: D:\Programme\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: D:\Tools\DivX\DivX Web Player\npdivx32.dll (DivX,Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: D:\Programme\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKLM\Software\MozillaPlugins\@zylom.com/ZylomGamesPlayer: C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Zylom\ZylomGamesPlayer\npzylomgamesplayer.dll (Zylom)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: D:\Programme\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0.1\extensions\\Components: D:\Programme\Mozilla Firefox\components [2011.11.27 10:43:36 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0.1\extensions\\Plugins: D:\Programme\Mozilla Firefox\plugins [2011.10.28 21:53:13 | 000,000,000 | ---D | M]
[2009.02.04 19:40:29 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\Remoter\Anwendungsdaten\Mozilla\Extensions
[2010.10.30 11:16:32 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\Remoter\Anwendungsdaten\Mozilla\Firefox\Profiles\gmiqlm4x.default\extensions
[2011.02.19 12:44:00 | 000,000,000 | ---D | M] (No name found) -- D:\Programme\Mozilla Firefox\extensions
[2011.11.27 10:43:35 | 000,134,104 | ---- | M] (Mozilla Foundation) -- D:\Programme\mozilla firefox\components\browsercomps.dll
[2011.02.19 00:58:00 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- D:\Programme\mozilla firefox\plugins\npdeployJava1.dll
[2009.04.08 03:06:28 | 000,122,880 | ---- | M] (AB) -- D:\Programme\mozilla firefox\plugins\NPOP7PlugIn.dll
[2006.09.26 12:03:14 | 000,098,304 | ---- | M] (Zylom) -- D:\Programme\mozilla firefox\plugins\npzylomgamesplayer.dll
[2011.10.01 17:38:46 | 000,001,392 | ---- | M] () -- D:\Programme\mozilla firefox\searchplugins\amazondotcom-de.xml
[2011.10.01 17:38:46 | 000,002,252 | ---- | M] () -- D:\Programme\mozilla firefox\searchplugins\bing.xml
[2011.10.01 17:38:46 | 000,001,153 | ---- | M] () -- D:\Programme\mozilla firefox\searchplugins\eBay-de.xml
[2011.10.01 17:38:45 | 000,006,805 | ---- | M] () -- D:\Programme\mozilla firefox\searchplugins\leo_ende_de.xml
[2011.10.01 17:38:45 | 000,001,178 | ---- | M] () -- D:\Programme\mozilla firefox\searchplugins\wikipedia-de.xml
[2011.10.01 17:38:45 | 000,001,105 | ---- | M] () -- D:\Programme\mozilla firefox\searchplugins\yahoo-de.xml
O1 HOSTS File: ([2011.12.23 23:01:45 | 000,440,238 | R--- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 www.008k.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 www.00hq.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 www.032439.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 www.0scan.com
O1 - Hosts: 127.0.0.1 0scan.com
O1 - Hosts: 127.0.0.1 1000gratisproben.com
O1 - Hosts: 127.0.0.1 www.1000gratisproben.com
O1 - Hosts: 127.0.0.1 www.1001namen.com
O1 - Hosts: 127.0.0.1 1001namen.com
O1 - Hosts: 127.0.0.1 www.100888290cs.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 www.100sexlinks.com
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 www.10sek.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 www.1-2005-search.com
O1 - Hosts: 127.0.0.1 1-2005-search.com
O1 - Hosts: 15136 more lines...
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - D:\Programme\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (no name) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - {ED0E8CA5-42FB-4B18-997B-769E0408E79D} - No CLSID value found.
O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\Alcmtr.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [AlcWzrd] C:\WINDOWS\alcwzrd.exe (RealTek Semicoductor Corp.)
O4 - HKLM..\Run: [amd_dc_opt] C:\Programme\AMD\Dual-Core Optimizer\amd_dc_opt.exe (AMD)
O4 - HKLM..\Run: [avgnt] D:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [EasyTuneVPro] C:\Programme\GIGABYTE\ET5Pro\ETcall.exe ()
O4 - HKLM..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k File not found
O4 - HKLM..\Run: [Lycosa] D:\Programme\Razer\Lycosa\razerhid.exe (Razer USA Ltd.)
O4 - HKLM..\Run: [NeroCheck] C:\WINDOWS\System32\\NeroCheck.exe ()
O4 - HKLM..\Run: [SoundMan] C:\WINDOWS\SoundMan.exe (Realtek Semiconductor Corp.)
O4 - HKCU..\Run: [Pando Media Booster] D:\Programme\Pando Networks\Media Booster\PMB.exe ()
O4 - HKCU..\Run: [RSD_HDDThermo] D:\Programme\HDD Thermometer\HDD Thermometer.exe ()
O4 - HKCU..\Run: [SpybotSD TeaTimer] D:\Programme\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\McAfee Security Scan Plus.lnk = D:\Programme\McAfee Security Scan\2.0.181\SSScheduler.exe (McAfee, Inc.)
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableTaskMgr = 1
O8 - Extra context menu item: Free YouTube to Mp3 Converter - C:\Dokumente und Einstellungen\Remoter\Anwendungsdaten\DVDVideoSoftIEHelpers\youtubetomp3.htm ()
O9 - Extra Button: ICQ7.4 - {73C6DCFB-B606-47F3-BDFA-9A4FBF931E37} - D:\Programme\ICQ7.4\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.4 - {73C6DCFB-B606-47F3-BDFA-9A4FBF931E37} - D:\Programme\ICQ7.4\ICQ.exe (ICQ, LLC.)
O9 - Extra Button: FreshDownload - {B91B7D41-61B4-4FC9-AD38-57D55CDF6FBF} - D:\Tools\FreshDevices\FreshDownload\fd.exe File not found
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - D:\Programme\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - D:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O15 - HKCU\..Trusted Domains: fritz.box ([]* in Lokales Intranet)
O15 - HKCU\..Trusted Ranges: Range37 ([*] in Lokales Intranet)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O16 - DPF: DirectAnimation Java Classes file://C:\WINDOWS\Java\classes\dajava.cab (Reg Error: Key error.)
O16 - DPF: Microsoft XML Parser for Java file://C:\WINDOWS\Java\classes\xmldso.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{5DF0934B-8150-4685-A0EE-34F1241E9313}: DhcpNameServer = 192.168.179.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{8D7F4447-3675-45B9-A294-BD4DBD2FED60}: DhcpNameServer = 192.168.179.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{C491D7B9-3D75-4169-A096-984E9397A939}: DhcpNameServer = 192.168.2.1
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) -C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - (Ati2evxx.dll) - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O24 - Desktop Components:0 (Die derzeitige Homepage) - About:Home
O24 - Desktop WallPaper: C:\Dokumente und Einstellungen\Remoter\Lokale Einstellungen\Anwendungsdaten\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Dokumente und Einstellungen\Remoter\Lokale Einstellungen\Anwendungsdaten\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.02.04 18:04:40 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{365c903e-f385-11dd-8863-001fd0a38c23}\Shell - "" = AutoRun
O33 - MountPoints2\{365c903e-f385-11dd-8863-001fd0a38c23}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{365c903e-f385-11dd-8863-001fd0a38c23}\Shell\AutoRun\command - "" = G:\preinst.exe
O33 - MountPoints2\{5205d17c-0fda-11de-8894-00040e806620}\Shell\AutoRun\command - "" = WDSetup.exe
O33 - MountPoints2\{f8c97d84-f2f7-11dd-8861-00040e806620}\Shell - "" = AutoRun
O33 - MountPoints2\{f8c97d84-f2f7-11dd-8861-00040e806620}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{f8c97d84-f2f7-11dd-8861-00040e806620}\Shell\AutoRun\command - "" = G:\AUTOSTARTER.EXE
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 30 Days ==========
[2011.12.24 03:42:32 | 000,000,000 | RH-D | C] -- C:\Dokumente und Einstellungen\Remoter\Recent
[2011.12.23 23:18:54 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Remoter\Eigene Dateien\Assassin's Creed Revelations
[2011.12.23 22:56:08 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Ubisoft
[2011.12.09 04:34:20 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Remoter\Eigene Dateien\WB Games
[2011.12.09 04:31:46 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\WB Games
[2011.12.09 03:07:27 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Microsoft Games for Windows Marketplace
[7 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[3 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2011.12.24 14:05:14 | 000,024,944 | ---- | M] () -- C:\WINDOWS\System32\drivers\GVTDrv.sys
[2011.12.24 14:03:49 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011.12.24 03:41:30 | 000,001,324 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2011.12.23 23:25:39 | 000,000,762 | ---- | M] () -- C:\Dokumente und Einstellungen\Remoter\Startmenü\Programme\Autostart\wpbt0.dll.lnk
[2011.12.23 23:16:47 | 000,000,772 | ---- | M] () -- C:\Dokumente und Einstellungen\Remoter\Desktop\Assassins Creed Revelations.lnk
[2011.12.23 23:01:45 | 000,440,238 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2011.12.23 23:01:26 | 000,440,238 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.20111223-230145.backup
[2011.12.22 18:03:30 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011.12.10 13:42:07 | 000,458,732 | ---- | M] () -- C:\WINDOWS\System32\perfh007.dat
[2011.12.10 13:42:07 | 000,440,820 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2011.12.10 13:42:07 | 000,084,704 | ---- | M] () -- C:\WINDOWS\System32\perfc007.dat
[2011.12.10 13:42:07 | 000,071,138 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2011.12.09 10:51:45 | 000,146,808 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2011.12.09 04:31:46 | 000,001,781 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Batman Arkham City™.lnk
[2011.12.03 13:38:23 | 000,140,496 | ---- | M] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys
[2011.12.03 13:38:19 | 000,280,736 | ---- | M] () -- C:\WINDOWS\System32\PnkBstrB.xtr
[2011.11.26 15:16:25 | 000,000,207 | ---- | M] () -- C:\Dokumente und Einstellungen\Remoter\Desktop\Call of Duty Modern Warfare 3 - Multiplayer.url
[2011.11.26 13:06:30 | 000,280,736 | ---- | M] () -- C:\WINDOWS\System32\PnkBstrB.ex0
[7 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[3 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
========== Files Created - No Company Name ==========
[2011.12.23 23:25:39 | 000,000,762 | ---- | C] () -- C:\Dokumente und Einstellungen\Remoter\Startmenü\Programme\Autostart\wpbt0.dll.lnk
[2011.12.23 23:16:47 | 000,000,772 | ---- | C] () -- C:\Dokumente und Einstellungen\Remoter\Desktop\Assassins Creed Revelations.lnk
[2011.12.09 04:31:46 | 000,001,781 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Batman Arkham City™.lnk
[2011.12.09 03:07:09 | 000,001,085 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Windows Live ID.lnk
[2011.11.26 15:16:25 | 000,000,207 | ---- | C] () -- C:\Dokumente und Einstellungen\Remoter\Desktop\Call of Duty Modern Warfare 3 - Multiplayer.url
[2011.08.16 16:18:38 | 000,016,352 | -H-- | C] () -- C:\WINDOWS\System32\mlfcache.dat
[2011.07.28 16:49:12 | 000,053,760 | ---- | C] () -- C:\WINDOWS\System32\OVDecode.dll
[2011.04.09 18:55:28 | 000,179,261 | ---- | C] () -- C:\WINDOWS\System32\xlive.dll.cat
[2011.01.08 18:17:03 | 000,000,069 | ---- | C] () -- C:\WINDOWS\drD3D.ini
[2010.12.11 16:21:40 | 002,434,856 | ---- | C] () -- C:\WINDOWS\System32\pbsvc_bc2.exe
[2010.12.11 01:30:40 | 000,000,307 | ---- | C] () -- C:\WINDOWS\game.ini
[2010.08.28 11:31:13 | 000,138,056 | ---- | C] () -- C:\Dokumente und Einstellungen\Remoter\Anwendungsdaten\PnkBstrK.sys
[2010.08.28 11:30:48 | 002,444,656 | ---- | C] () -- C:\WINDOWS\System32\pbsvc_apb.exe
[2010.06.30 15:27:21 | 000,887,724 | ---- | C] () -- C:\WINDOWS\System32\ativva6x.dat
[2010.06.30 15:27:21 | 000,234,855 | ---- | C] () -- C:\WINDOWS\System32\atiicdxx.dat
[2010.06.30 15:27:21 | 000,000,003 | ---- | C] () -- C:\WINDOWS\System32\ativva5x.dat
[2009.12.26 23:31:13 | 000,140,496 | ---- | C] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys
[2009.12.26 23:31:04 | 000,280,736 | ---- | C] () -- C:\WINDOWS\System32\PnkBstrB.exe
[2009.12.26 23:30:59 | 000,075,136 | ---- | C] () -- C:\WINDOWS\System32\PnkBstrA.exe
[2009.12.08 19:37:49 | 000,117,571 | ---- | C] () -- C:\WINDOWS\War3Unin.dat
[2009.10.04 19:20:53 | 000,000,531 | ---- | C] () -- C:\WINDOWS\eReg.dat
[2009.10.01 16:14:32 | 000,281,760 | ---- | C] () -- C:\WINDOWS\System32\drivers\atksgt.sys
[2009.10.01 16:14:31 | 000,025,888 | ---- | C] () -- C:\WINDOWS\System32\drivers\lirsgt.sys
[2009.09.28 02:19:18 | 000,049,152 | R--- | C] () -- C:\WINDOWS\System32\ChCfg.exe
[2009.04.04 17:17:37 | 000,000,552 | ---- | C] () -- C:\WINDOWS\System32\d3d8caps.dat
[2009.04.04 16:30:05 | 000,000,010 | ---- | C] () -- C:\WINDOWS\WININIT.INI
[2009.02.04 22:31:59 | 000,000,403 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2009.02.04 22:01:09 | 000,064,512 | ---- | C] () -- C:\Dokumente und Einstellungen\Remoter\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009.02.04 21:24:28 | 000,354,816 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2009.02.04 20:34:31 | 000,081,552 | ---- | C] () -- C:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\Anwendungsdaten\FontCache3.0.0.0.dat
[2009.02.04 19:40:30 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2009.02.04 19:35:32 | 000,024,944 | ---- | C] () -- C:\WINDOWS\System32\drivers\GVTDrv.sys
[2009.02.04 18:40:25 | 000,000,000 | ---- | C] () -- C:\WINDOWS\ativpsrm.bin
[2009.02.04 18:38:01 | 000,001,324 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2009.02.04 18:06:02 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2009.02.04 18:02:43 | 000,021,740 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2009.02.04 17:56:25 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2009.02.04 17:55:13 | 000,146,808 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2006.12.31 07:57:08 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2006.11.10 14:08:50 | 000,024,064 | ---- | C] () -- C:\WINDOWS\System32\drivers\ATITool.sys
[2002.08.29 02:54:14 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin
[2001.08.31 23:15:44 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2001.08.31 23:15:44 | 000,004,463 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2001.08.18 20:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2001.08.18 20:00:00 | 000,458,732 | ---- | C] () -- C:\WINDOWS\System32\perfh007.dat
[2001.08.18 20:00:00 | 000,440,820 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2001.08.18 20:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2001.08.18 20:00:00 | 000,269,480 | ---- | C] () -- C:\WINDOWS\System32\perfi007.dat
[2001.08.18 20:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2001.08.18 20:00:00 | 000,084,704 | ---- | C] () -- C:\WINDOWS\System32\perfc007.dat
[2001.08.18 20:00:00 | 000,071,138 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2001.08.18 20:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2001.08.18 20:00:00 | 000,034,478 | ---- | C] () -- C:\WINDOWS\System32\perfd007.dat
[2001.08.18 20:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2001.08.18 20:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[1996.04.03 20:33:26 | 000,005,248 | ---- | C] () -- C:\WINDOWS\System32\giveio.sys
========== LOP Check ==========
[2011.04.15 17:04:50 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Avanquest
[2010.03.01 19:56:15 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\BioWare
[2011.04.15 17:04:34 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\BVRP Software
[2011.10.03 05:46:46 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Codemasters
[2009.10.01 16:33:15 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\DAEMON Tools Lite
[2010.10.30 22:36:14 | 000,000,000 | -HSD | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\DSS
[2011.12.24 14:04:20 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\HDD Thermometer
[2011.08.16 16:55:42 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\PMB Files
[2009.07.26 22:46:34 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Razer
[2011.04.22 15:56:01 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Ubisoft
[2010.01.09 00:01:10 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Zylom
[2010.11.05 12:15:46 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2010.03.15 02:44:52 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Remoter\Anwendungsdaten\Bioshock2
[2009.06.20 14:30:00 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Remoter\Anwendungsdaten\BlackBean
[2009.10.01 16:35:02 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Remoter\Anwendungsdaten\DAEMON Tools
[2011.08.19 16:51:04 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Remoter\Anwendungsdaten\DAEMON Tools Lite
[2010.06.03 17:35:11 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Remoter\Anwendungsdaten\DVDVideoSoftIEHelpers
[2009.09.27 19:50:50 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Remoter\Anwendungsdaten\GetRight
[2010.12.19 22:56:47 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Remoter\Anwendungsdaten\GetRightToGo
[2009.02.04 19:38:20 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Remoter\Anwendungsdaten\HDD Thermometer
[2011.12.23 13:47:28 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Remoter\Anwendungsdaten\ICQ
[2011.08.16 15:38:51 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Remoter\Anwendungsdaten\LolClient
[2010.09.10 22:45:49 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Remoter\Anwendungsdaten\Mount&Blade Warband
[2010.03.25 20:13:06 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Remoter\Anwendungsdaten\Publish Providers
[2011.04.22 15:45:14 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Remoter\Anwendungsdaten\PunkBuster
[2009.12.17 14:59:24 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Remoter\Anwendungsdaten\Replay Explorer
[2011.11.18 21:12:13 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Remoter\Anwendungsdaten\RIFT
[2010.03.25 20:13:10 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Remoter\Anwendungsdaten\Sony
[2011.04.01 19:52:23 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Remoter\Anwendungsdaten\The Creative Assembly
[2009.10.08 18:34:19 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Remoter\Anwendungsdaten\Tropico 3
[2011.08.18 21:37:52 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Remoter\Anwendungsdaten\TS3Client
[2011.04.22 15:56:01 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Remoter\Anwendungsdaten\Ubisoft
[2009.11.27 21:01:49 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Remoter\Anwendungsdaten\Wargaming.Net
[2010.01.09 00:01:17 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Remoter\Anwendungsdaten\Zylom
========== Purity Check ==========
< End of report > Extras.txt Code:
OTL Extras logfile created on: 24.12.2011 14:31:32 - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = E:\CryptFiles
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
3,25 Gb Total Physical Memory | 2,33 Gb Available Physical Memory | 71,84% Memory free
8,95 Gb Paging File | 7,95 Gb Available in Paging File | 88,79% Paging File free
Paging file location(s): C:\pagefile.sys 6000 6000 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = D:\Programme
Drive C: | 29,29 Gb Total Space | 10,82 Gb Free Space | 36,94% Space Free | Partition Type: NTFS
Drive D: | 97,65 Gb Total Space | 14,90 Gb Free Space | 15,26% Space Free | Partition Type: NTFS
Drive E: | 26,43 Gb Total Space | 5,51 Gb Free Space | 20,86% Space Free | Partition Type: NTFS
Computer Name: REMOTE | User Name: Remoter | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- D:\Programme\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- D:\Programme\VideoLAN\VLC\vlc.exe --started-from-file --playlist-enqueue "%1" ()
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- D:\Programme\VideoLAN\VLC\vlc.exe --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002
"56105:TCP" = 56105:TCP:*:Enabled:Pando Media Booster
"56105:UDP" = 56105:UDP:*:Enabled:Pando Media Booster
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
"DoNotAllowExceptions" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22008
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002
"56105:TCP" = 56105:TCP:*:Enabled:Pando Media Booster
"56105:UDP" = 56105:UDP:*:Enabled:Pando Media Booster
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"D:\Programme\ICQ7.4\ICQ.exe" = D:\Programme\ICQ7.4\ICQ.exe:*:Enabled:ICQ7.4 -- (ICQ, LLC.)
"D:\Games\Dragon Age 2\bin_ship\DragonAge2.exe" = D:\Games\Dragon Age 2\bin_ship\DragonAge2.exe:*:Enabled:Dragon Age II-Spiel
"D:\Games\Dragon Age 2\DragonAge2Launcher.exe" = D:\Games\Dragon Age 2\DragonAge2Launcher.exe:*:Enabled:Dragon Age II-Launcher
"D:\Programme\Pando Networks\Media Booster\PMB.exe" = D:\Programme\Pando Networks\Media Booster\PMB.exe:*:Enabled:Pando Media Booster -- ()
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"D:\Programme\ICQ6\ICQ.exe" = D:\Programme\ICQ6\ICQ.exe:*:Enabled:ICQ6
"D:\Programme\ICQ6\ICQ6.5\ICQ.exe" = D:\Programme\ICQ6\ICQ6.5\ICQ.exe:*:Enabled:ICQ6
"D:\Tools\Garena\Garena.exe" = D:\Tools\Garena\Garena.exe:*:Enabled:Garena
"D:\Games\Warcraft III\Frozen Throne.exe" = D:\Games\Warcraft III\Frozen Throne.exe:*:Enabled:Warcraft III - The Frozen Throne -- (Blizzard Entertainment)
"D:\Games\Heroes of Newerth\hon.exe" = D:\Games\Heroes of Newerth\hon.exe:*:Enabled:Play Heroes of Newerth -- (S2 Games)
"D:\Games\Electronic Arts\Battlefield Bad Company 2\BFBC2Updater.exe" = D:\Games\Electronic Arts\Battlefield Bad Company 2\BFBC2Updater.exe:*:Enabled:Battlefield: Bad Company™ 2 -- (EA Digital Illusions CE AB)
"D:\Programme\ICQ7.4\ICQ.exe" = D:\Programme\ICQ7.4\ICQ.exe:*:Enabled:ICQ7.4 -- (ICQ, LLC.)
"D:\Games\Ubisoft\Assassin's Creed Brotherhood\ACBMP.exe" = D:\Games\Ubisoft\Assassin's Creed Brotherhood\ACBMP.exe:*:Enabled:Assassin's Creed Brotherhood Multiplayer
"D:\Programme\Pando Networks\Media Booster\PMB.exe" = D:\Programme\Pando Networks\Media Booster\PMB.exe:*:Enabled:Pando Media Booster -- ()
"D:\Games\Steam\steamapps\common\dirt 2\dirt2.exe" = D:\Games\Steam\steamapps\common\dirt 2\dirt2.exe:*:Enabled:DiRT 2 -- (Sony DADC Austria AG)
"E:\Games\WB Games\Batman Arkham City\Binaries\Win32\BatmanAC.exe" = E:\Games\WB Games\Batman Arkham City\Binaries\Win32\BatmanAC.exe:*:Enabled:Batman: Arkham City™ -- (Rocksteady Studios Ltd.)
"D:\Games\Steam\steamapps\common\call of duty modern warfare 3\iw5sp.exe" = D:\Games\Steam\steamapps\common\call of duty modern warfare 3\iw5sp.exe:*:Enabled:Call of Duty: Modern Warfare 3 -- ()
"D:\Games\Steam\steamapps\common\total war shogun 2\Shogun2.exe" = D:\Games\Steam\steamapps\common\total war shogun 2\Shogun2.exe:*:Enabled:Total War: SHOGUN 2 -- (The Creative Assembly Ltd)
"D:\Games\Steam\steamapps\common\total war shogun 2\data\encyclopedia\how_to_play.html" = D:\Games\Steam\steamapps\common\total war shogun 2\data\encyclopedia\how_to_play.html:*:Enabled:Total War: SHOGUN 2 -- ()
"D:\Games\Steam\steamapps\common\total war shogun 2\benchmarks\benchmark_current_settings.bat" = D:\Games\Steam\steamapps\common\total war shogun 2\benchmarks\benchmark_current_settings.bat:*:Enabled:Total War: SHOGUN 2 -- ()
"D:\Games\Steam\steamapps\common\total war shogun 2\benchmarks\benchmark_specify_properties.bat" = D:\Games\Steam\steamapps\common\total war shogun 2\benchmarks\benchmark_specify_properties.bat:*:Enabled:Total War: SHOGUN 2 -- ()
"D:\Games\Steam\steamapps\common\call of duty modern warfare 3\iw5mp_server.exe" = D:\Games\Steam\steamapps\common\call of duty modern warfare 3\iw5mp_server.exe:*:Enabled:Call of Duty: Modern Warfare 3 - Dedicated Server -- ()
"D:\Games\Steam\steamapps\common\call of duty modern warfare 3\iw5mp.exe" = D:\Games\Steam\steamapps\common\call of duty modern warfare 3\iw5mp.exe:*:Enabled:Call of Duty: Modern Warfare 3 - Multiplayer -- ()
"D:\Programme\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe" = D:\Programme\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe:*:Enabled:Ubisoft Game Launcher -- ()
"D:\Games\Ubisoft\Assassin's Creed Revelations\ACRSP.exe" = D:\Games\Ubisoft\Assassin's Creed Revelations\ACRSP.exe:*:Enabled:Assassin's Creed Revelations -- ()
"D:\Games\Ubisoft\Assassin's Creed Revelations\ACRMP.exe" = D:\Games\Ubisoft\Assassin's Creed Revelations\ACRMP.exe:*:Enabled:Assassin's Creed Revelations Multiplayer -- ()
"D:\Games\Ubisoft\Assassin's Creed Revelations\AssassinsCreedRevelations.exe" = D:\Games\Ubisoft\Assassin's Creed Revelations\AssassinsCreedRevelations.exe:*:Enabled:Assassin's Creed Revelations Update -- (Ubisoft)
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00000407-78E1-11D2-B60F-006097C998E7}" = Microsoft Office 2000 Premium
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu
"{0840B4D6-7DD1-4187-8523-E6FC0007EFB7}" = Windows Live ID Sign-in Assistant
"{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{2CE5A2E7-3437-4CE7-BCF4-85ED6EEFF9E4}" = iTunes
"{31D6277B-5BFA-403D-B637-8779D9D4B5F4}" = ATI RADEON 8500 Bubbles Screen Saver v1.1
"{338A8172-DD69-4D83-9CC8-4420561F15B0}" = ATI RADEON 8500 Tubes Screen Saver v1.1
"{33A22B2D-55BA-4508-B767-BF2E9C21A73F}" = Assassin's Creed Revelations
"{350C97B3-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{38979A0F-DF38-4CDA-89DA-35E49C8A452C}" = AMD Catalyst Install Manager
"{3AC8457C-0385-4BEA-A959-E095F05D6D67}" = Battlefield: Bad Company™ 2
"{4CB0307C-565E-4441-86BE-0DF2E4FB828C}" = Microsoft Games for Windows Marketplace
"{4D87DC92-C328-46EC-A7B4-9C88129DC696}" = Dead Space™
"{57520FA0-AC56-469B-9983-FF1000008300}" = Batman: Arkham City™
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD
"{6AFCA4E1-9B78-3640-8F72-A7BF33448200}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{6C37FA93-10B5-4F55-A672-954ECEDA221B}_is1" = Mass Effect - English 2 German Patch v.1.0
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{7323EFB7-865D-4E3C-8F6E-89C7F902DBE5}" = ATI RADEON 9800 Caves Screen Saver v1.1
"{73C6DCFB-B606-47F3-BDFA-9A4FBF931E37}" = ICQ7.4
"{767CC44C-9BBC-438D-BAD3-FD4595DD148B}" = VC80CRTRedist - 8.0.50727.762
"{76E41F43-59D2-4F30-BA42-9A762EE1E8DE}" = Avanquest update
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{888F1505-C2B3-4FDE-835D-36353EBD4754}" = Ubisoft Game Launcher
"{90120000-0010-0407-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (German) 12
"{90120000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2007
"{90120000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0044-0407-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{90120000-00BA-0407-0000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2007
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9FD6F1A8-5550-46AF-8509-271DF0E768B5}" = Dual-Core Optimizer
"{A25FF1C0-80B6-4B8B-A551-DC525697A408}" = AMD APP SDK Runtime
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{A4D7B764-4140-11D4-88EB-0050DA3579C0}" = Nero - Burning Rom
"{AA59DDE4-B672-4621-A016-4C248204957A}" = Skype™ 5.5
"{AC76BA86-7AD7-1031-7B44-A90000000001}" = Adobe Reader 9 - Deutsch
"{B2DC3F08-2EB2-49A5-AA24-15DFC8B1CB83}" = @BIOS
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Web Player
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C151CE54-E7EA-4804-854B-F515368B0798}" = AMD Processor Driver
"{C1D76CDF-3161-449E-AFC3-0F77381481C0}" = ATI RADEON 8500 Ocean Screen Saver v1.1
"{C2C284D2-6BD7-3B34-B0C5-B2CAED168DF7}" = Microsoft .NET Framework 3.0 Service Pack 2 Language Pack - DEU
"{C314CE45-3392-3B73-B4E1-139CD41CA933}" = Microsoft .NET Framework 2.0 Service Pack 2 Language Pack - DEU
"{C41300B9-185D-475E-BFEC-39EF732F19B1}" = Apple Software Update
"{C9BED750-1211-4480-B1A5-718A3BE15525}" = REALTEK GbE & FE Ethernet PCI-E NIC Driver
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CCA1EEA3-555E-4D05-AC46-4B49C6C5D887}" = Apple Mobile Device Support
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CF110019-D640-4252-9DD7-99C7CB684E9F}" = ATI RADEON 9700 Bacteria Screen Saver v1.1
"{D2FCA41E-AC01-4DCD-B3A7-DC9E32363065}}_is1" = Rapture3D 2.3.26 Game
"{DAEAFD68-BB4A-4507-A241-C8804D2EA66D}" = Apple Application Support
"{E0FA1DC5-FEBF-4E7B-8FA3-DB94233E952D}" = Razer Lycosa
"{E7004147-2CCA-431C-AA05-2AB166B9785D}" = QuickTime
"{E78BFA60-5393-4C38-82AB-E8019E464EB4}" = Microsoft .NET Framework 1.1 German Language Pack
"{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}" = Sony Ericsson PC Companion 2.01.149
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F2508213-9989-4E85-A078-72BE483917EF}" = Microsoft Games for Windows - LIVE Redistributable
"{F2AD071E-2E86-4E8A-AA66-E8E222F84CDE}_is1" = Replay Explorer 3.0.2
"{F2E23139-3404-4E3C-9855-7724415D62A5}" = Dragon Age II
"{F9835182-794B-4F24-902A-E2CA9D43380F}" = NVIDIA PhysX
"{FF1C31AE-0CDC-40CE-AB85-406F8B70D643}" = Bonjour
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"593AFD5277FA19E67C70E56534B45B0DDD9ED9FE" = Windows Driver Package - Razer (HidUsb) HIDClass (01/11/2007 1.0)
"AC3Filter" = AC3Filter (remove only)
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"CCleaner" = CCleaner
"EasyTune5Pro" = EasyTune5Pro
"ENTERPRISE" = Microsoft Office Enterprise 2007
"EVEREST Home Edition_is1" = EVEREST Home Edition v2.20
"Fraps" = Fraps
"Free Audio CD Burner_is1" = Free Audio CD Burner version 1.4
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.9
"GFWL_{57520FA0-AC56-469B-9983-FF1000008300}" = Batman: Arkham City™
"Grundbegriffe der Taktik" = Grundbegriffe der Taktik
"HDD Thermometer" = HDD Thermometer
"hon" = Heroes of Newerth
"ie8" = Windows Internet Explorer 8
"InstallShield_{8A15B7D9-908A-4EF9-BA84-5AEDE61743EE}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch
"InstallShield_{931C37FC-594D-43A9-B10F-A2F2B1F03498}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch
"IrfanView" = IrfanView (remove only)
"LHTTSGED" = L&H TTS3000 Deutsch
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware Version 1.51.1.1800
"McAfee Security Scan" = McAfee Security Scan Plus
"Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mozilla Firefox 8.0.1 (x86 de)" = Mozilla Firefox 8.0.1 (x86 de)
"OpenAL" = OpenAL
"oZone3D.Net FurMark_is1" = oZone3D.Net FurMark v1.6.5
"PunkBusterSvc" = PunkBuster Services
"RivaTuner" = RivaTuner v2.24 MSI Master Overclocking Arena 2009 edition
"SpeedFan" = SpeedFan (remove only)
"Steam App 12840" = DiRT 2
"Steam App 215" = Source SDK Base 2006
"Steam App 34330" = Total War: SHOGUN 2
"Steam App 42680" = Call of Duty: Modern Warfare 3
"Steam App 42690" = Call of Duty: Modern Warfare 3 - Multiplayer
"Steam App 42750" = Call of Duty: Modern Warfare 3 - Dedicated Server
"Steam App 590" = Left 4 Dead 2 Demo
"Teamspeak 2 RC2_is1" = TeamSpeak 2 RC2
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"Uninstall_is1" = Uninstall 1.0.0.1
"VLC media player" = VLC media player 0.9.6
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinRAR archiver" = WinRAR
"WMFDist11" = Windows Media Format 11 runtime
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"xp-AntiSpy" = xp-AntiSpy 3.97
"XPSEPSCLP" = XML Paper Specification Shared Components Language Pack 1.0
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Octoshape add-in for Adobe Flash Player" = Octoshape add-in for Adobe Flash Player
"Warcraft III" = Warcraft III: All Products
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 27.08.2010 13:07:29 | Computer Name = REMOTE | Source = PerfNet | ID = 2004
Description = Der Serverdienst konnte nicht geöffnet werden. Die Server-Leistungsinformationen
werden
nicht zurückgegeben. Der zurückgegebene Fehlercode befindet sich in DWORD 0.
Error - 27.08.2010 15:15:57 | Computer Name = REMOTE | Source = Application Error | ID = 1000
Description = Fehlgeschlagene Anwendung keytro.exe, Version 0.0.0.0, fehlgeschlagenes
Modul keytro.exe, Version 0.0.0.0, Fehleradresse 0x0000bdca.
Error - 27.08.2010 15:16:21 | Computer Name = REMOTE | Source = Application Error | ID = 1000
Description = Fehlgeschlagene Anwendung keytro.exe, Version 0.0.0.0, fehlgeschlagenes
Modul keytro.exe, Version 0.0.0.0, Fehleradresse 0x0000bdca.
Error - 27.08.2010 15:16:25 | Computer Name = REMOTE | Source = Application Error | ID = 1000
Description = Fehlgeschlagene Anwendung keytro.exe, Version 0.0.0.0, fehlgeschlagenes
Modul keytro.exe, Version 0.0.0.0, Fehleradresse 0x0000bdca.
Error - 27.08.2010 15:17:04 | Computer Name = REMOTE | Source = Application Error | ID = 1000
Description = Fehlgeschlagene Anwendung keytro.exe, Version 0.0.0.0, fehlgeschlagenes
Modul keytro.exe, Version 0.0.0.0, Fehleradresse 0x0000bdca.
Error - 27.08.2010 15:17:16 | Computer Name = REMOTE | Source = Application Error | ID = 1000
Description = Fehlgeschlagene Anwendung keytro.exe, Version 0.0.0.0, fehlgeschlagenes
Modul keytro.exe, Version 0.0.0.0, Fehleradresse 0x0000bdca.
Error - 27.08.2010 15:20:27 | Computer Name = REMOTE | Source = Application Error | ID = 1000
Description = Fehlgeschlagene Anwendung keytro.exe, Version 0.0.0.0, fehlgeschlagenes
Modul keytro.exe, Version 0.0.0.0, Fehleradresse 0x0000bdca.
Error - 27.08.2010 15:20:51 | Computer Name = REMOTE | Source = Application Error | ID = 1000
Description = Fehlgeschlagene Anwendung keytro.exe, Version 0.0.0.0, fehlgeschlagenes
Modul keytro.exe, Version 0.0.0.0, Fehleradresse 0x0000bdca.
Error - 27.08.2010 15:21:14 | Computer Name = REMOTE | Source = Application Error | ID = 1000
Description = Fehlgeschlagene Anwendung keytro.exe, Version 0.0.0.0, fehlgeschlagenes
Modul keytro.exe, Version 0.0.0.0, Fehleradresse 0x0000bdca.
Error - 27.08.2010 15:27:09 | Computer Name = REMOTE | Source = PerfNet | ID = 2004
Description = Der Serverdienst konnte nicht geöffnet werden. Die Server-Leistungsinformationen
werden
nicht zurückgegeben. Der zurückgegebene Fehlercode befindet sich in DWORD 0.
[ Application Events ]
Error - 27.08.2010 13:07:29 | Computer Name = REMOTE | Source = PerfNet | ID = 2004
Description = Der Serverdienst konnte nicht geöffnet werden. Die Server-Leistungsinformationen
werden
nicht zurückgegeben. Der zurückgegebene Fehlercode befindet sich in DWORD 0.
Error - 27.08.2010 15:15:57 | Computer Name = REMOTE | Source = Application Error | ID = 1000
Description = Fehlgeschlagene Anwendung keytro.exe, Version 0.0.0.0, fehlgeschlagenes
Modul keytro.exe, Version 0.0.0.0, Fehleradresse 0x0000bdca.
Error - 27.08.2010 15:16:21 | Computer Name = REMOTE | Source = Application Error | ID = 1000
Description = Fehlgeschlagene Anwendung keytro.exe, Version 0.0.0.0, fehlgeschlagenes
Modul keytro.exe, Version 0.0.0.0, Fehleradresse 0x0000bdca.
Error - 27.08.2010 15:16:25 | Computer Name = REMOTE | Source = Application Error | ID = 1000
Description = Fehlgeschlagene Anwendung keytro.exe, Version 0.0.0.0, fehlgeschlagenes
Modul keytro.exe, Version 0.0.0.0, Fehleradresse 0x0000bdca.
Error - 27.08.2010 15:17:04 | Computer Name = REMOTE | Source = Application Error | ID = 1000
Description = Fehlgeschlagene Anwendung keytro.exe, Version 0.0.0.0, fehlgeschlagenes
Modul keytro.exe, Version 0.0.0.0, Fehleradresse 0x0000bdca.
Error - 27.08.2010 15:17:16 | Computer Name = REMOTE | Source = Application Error | ID = 1000
Description = Fehlgeschlagene Anwendung keytro.exe, Version 0.0.0.0, fehlgeschlagenes
Modul keytro.exe, Version 0.0.0.0, Fehleradresse 0x0000bdca.
Error - 27.08.2010 15:20:27 | Computer Name = REMOTE | Source = Application Error | ID = 1000
Description = Fehlgeschlagene Anwendung keytro.exe, Version 0.0.0.0, fehlgeschlagenes
Modul keytro.exe, Version 0.0.0.0, Fehleradresse 0x0000bdca.
Error - 27.08.2010 15:20:51 | Computer Name = REMOTE | Source = Application Error | ID = 1000
Description = Fehlgeschlagene Anwendung keytro.exe, Version 0.0.0.0, fehlgeschlagenes
Modul keytro.exe, Version 0.0.0.0, Fehleradresse 0x0000bdca.
Error - 27.08.2010 15:21:14 | Computer Name = REMOTE | Source = Application Error | ID = 1000
Description = Fehlgeschlagene Anwendung keytro.exe, Version 0.0.0.0, fehlgeschlagenes
Modul keytro.exe, Version 0.0.0.0, Fehleradresse 0x0000bdca.
Error - 27.08.2010 15:27:09 | Computer Name = REMOTE | Source = PerfNet | ID = 2004
Description = Der Serverdienst konnte nicht geöffnet werden. Die Server-Leistungsinformationen
werden
nicht zurückgegeben. Der zurückgegebene Fehlercode befindet sich in DWORD 0.
[ System Events ]
Error - 08.12.2011 23:32:37 | Computer Name = REMOTE | Source = Service Control Manager | ID = 7034
Description = Dienst "iPod-Dienst" wurde unerwartet beendet. Dies ist bereits 1
Mal passiert.
Error - 08.12.2011 23:32:47 | Computer Name = REMOTE | Source = Service Control Manager | ID = 7031
Description = Der Dienst "Apple Mobile Device" wurde unerwartet beendet. Dies ist
bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 60000 Millisekunden
durchgeführt: Starten Sie den Dienst neu..
Error - 09.12.2011 21:37:04 | Computer Name = REMOTE | Source = Service Control Manager | ID = 7034
Description = Dienst "iPod-Dienst" wurde unerwartet beendet. Dies ist bereits 1
Mal passiert.
Error - 21.12.2011 21:18:01 | Computer Name = REMOTE | Source = Service Control Manager | ID = 7034
Description = Dienst "iPod-Dienst" wurde unerwartet beendet. Dies ist bereits 1
Mal passiert.
Error - 21.12.2011 21:18:05 | Computer Name = REMOTE | Source = Service Control Manager | ID = 7031
Description = Der Dienst "Apple Mobile Device" wurde unerwartet beendet. Dies ist
bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 60000 Millisekunden
durchgeführt: Starten Sie den Dienst neu..
Error - 22.12.2011 17:02:43 | Computer Name = REMOTE | Source = Service Control Manager | ID = 7034
Description = Dienst "iPod-Dienst" wurde unerwartet beendet. Dies ist bereits 1
Mal passiert.
Error - 22.12.2011 17:02:49 | Computer Name = REMOTE | Source = Service Control Manager | ID = 7031
Description = Der Dienst "Apple Mobile Device" wurde unerwartet beendet. Dies ist
bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 60000 Millisekunden
durchgeführt: Starten Sie den Dienst neu..
Error - 23.12.2011 17:18:30 | Computer Name = REMOTE | Source = Service Control Manager | ID = 7034
Description = Dienst "iPod-Dienst" wurde unerwartet beendet. Dies ist bereits 1
Mal passiert.
Error - 23.12.2011 17:18:42 | Computer Name = REMOTE | Source = Service Control Manager | ID = 7031
Description = Der Dienst "Apple Mobile Device" wurde unerwartet beendet. Dies ist
bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 60000 Millisekunden
durchgeführt: Starten Sie den Dienst neu..
Error - 23.12.2011 17:20:51 | Computer Name = REMOTE | Source = Service Control Manager | ID = 7031
Description = Der Dienst "Apple Mobile Device" wurde unerwartet beendet. Dies ist
bereits 2 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 60000 Millisekunden
durchgeführt: Starten Sie den Dienst neu..
< End of report > |