pannenmann | 30.06.2010 10:53 | Hier die OTS log:
Teil 1: Zitat:
[code]
OTS logfile created on: 30.06.2010 11:42:37 - Run 1
OTS by OldTimer - Version 3.1.31.2 Folder = C:\Users\Klaus\Desktop
An unknown product (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 53,00% Memory free
4,00 Gb Paging File | 3,00 Gb Available in Paging File | 72,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 127,99 Gb Total Space | 66,27 Gb Free Space | 51,78% Space Free | Partition Type: NTFS
Drive D: | 170,10 Gb Total Space | 63,43 Gb Free Space | 37,29% Space Free | Partition Type: NTFS
Unable to calculate disk information.
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: KLAUS-PC
Current User Name: Klaus
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
[Processes - Safe List]
ots.exe -> C:\Users\Klaus\Desktop\OTS.exe -> [2010.06.30 11:40:54 | 000,640,000 | ---- | M | MD5 = 7435934B1FB04E0839ECB930A6A18CC6] (OldTimer Tools)
firefox.exe -> C:\Programme\Mozilla Firefox\firefox.exe -> [2010.06.28 01:26:58 | 000,910,296 | ---- | M | MD5 = 8FC4306F0FFAA592BBA29F9273293D22] (Mozilla Corporation)
plugin-container.exe -> C:\Programme\Mozilla Firefox\plugin-container.exe -> [2010.06.28 01:26:58 | 000,014,808 | ---- | M | MD5 = A0002BED9AAB2644437CA4C973AD3AF1] (Mozilla Corporation)
dwengine.exe -> C:\Programme\Common Files\Doctor Web\Scanning Engine\dwengine.exe -> [2010.06.21 16:50:18 | 001,628,504 | ---- | M | MD5 = EF82CCA9650ABE38880D799913DD18B6] (Doctor Web, Ltd.)
icq service.exe -> C:\Programme\ICQ6Toolbar\ICQ Service.exe -> [2010.06.02 16:58:20 | 000,246,520 | ---- | M | MD5 = 5C7D72EAB04B1DF8C5D2ACC6551FDE49] ()
pwrisovm.exe -> C:\Programme\PowerISO\PWRISOVM.EXE -> [2010.04.12 10:40:16 | 000,180,224 | ---- | M | MD5 = AA16204FD1F75637E8EAEB593A8FA597] (PowerISO Computing, Inc.)
frwl_notify.exe -> C:\Programme\DrWeb\frwl_notify.exe -> [2010.03.15 10:03:22 | 002,600,200 | ---- | M | MD5 = 16DB89EAEB4024116EB72DB5F1A8C0F4] (Doctor Web, Ltd.)
spideragent.exe -> C:\Programme\DrWeb\spideragent.exe -> [2010.03.10 18:09:00 | 001,314,032 | ---- | M | MD5 = 5CFDBBFF3E160A9C31BA1AAE19A45178] (Doctor Web, Ltd.)
ssscheduler.exe -> C:\Programme\McAfee Security Scan\2.0.181\SSScheduler.exe -> [2010.01.15 14:49:20 | 000,255,536 | ---- | M | MD5 = 89F7C30A91E5581BDF14C62AB46A2B2D] (McAfee, Inc.)
explorer.exe -> C:\Windows\explorer.exe -> [2009.10.31 07:45:39 | 002,614,272 | ---- | M | MD5 = 2626FC9755BE22F805D3CFA0CE3EE727] (Microsoft Corporation)
photoshopelementsfileagent.exe -> C:\Programme\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe -> [2009.10.09 06:45:56 | 000,169,312 | ---- | M | MD5 = 34400005DE52842C4D6D4EE978B4D7CE] (Adobe Systems Incorporated)
avguard.exe -> C:\Programme\Avira\AntiVir Desktop\avguard.exe -> [2009.07.21 15:34:28 | 000,185,089 | ---- | M | MD5 = B8720A787C1223492E6F319465E996CE] (Avira GmbH)
wmpnetwk.exe -> C:\Programme\Windows Media Player\wmpnetwk.exe -> [2009.07.14 03:14:47 | 001,121,280 | ---- | M | MD5 = 77FBD400984CF72BA0FC4B3489D65F74] (Microsoft Corporation)
taskhost.exe -> C:\Windows\System32\taskhost.exe -> [2009.07.14 03:14:42 | 000,049,152 | ---- | M | MD5 = 8F4F5A5C1BAE72CE6EAEEA1CA3F98CA2] (Microsoft Corporation)
sched.exe -> C:\Programme\Avira\AntiVir Desktop\sched.exe -> [2009.05.13 17:48:18 | 000,108,289 | ---- | M | MD5 = 9015BC03F62940527EC92D45EE89E46F] (Avira GmbH)
avgnt.exe -> C:\Programme\Avira\AntiVir Desktop\avgnt.exe -> [2009.03.02 14:08:43 | 000,209,153 | ---- | M | MD5 = 29680A793F690EEF4AAA68479D2A6DF8] (Avira GmbH)
ctaudsvc.exe -> C:\Programme\Creative\Shared Files\CTAudSvc.exe -> [2008.11.18 14:15:30 | 000,307,200 | ---- | M | MD5 = 69CDBA2B9C397E349A04FA70DD9170A2] (Creative Technology Ltd)
groovemonitor.exe -> C:\Programme\Microsoft Office\Office12\GrooveMonitor.exe -> [2008.10.25 11:44:34 | 000,031,072 | ---- | M | MD5 = 644795F6985C740F5E36E9336B837D0B] (Microsoft Corporation)
[Modules - Safe List]
ots.exe -> C:\Users\Klaus\Desktop\OTS.exe -> [2010.06.30 11:40:54 | 000,640,000 | ---- | M | MD5 = 7435934B1FB04E0839ECB930A6A18CC6] (OldTimer Tools)
sspicli.dll -> C:\Windows\System32\sspicli.dll -> [2009.07.14 03:16:15 | 000,099,840 | ---- | M | MD5 = 3450BB5465D61E8876FD3006F772DEA9] (Microsoft Corporation)
sechost.dll -> C:\Windows\System32\sechost.dll -> [2009.07.14 03:16:13 | 000,092,160 | ---- | M | MD5 = CFC97F07904067A1E5FAE195D534DA3A] (Microsoft Corporation)
samcli.dll -> C:\Windows\System32\samcli.dll -> [2009.07.14 03:16:13 | 000,050,688 | ---- | M | MD5 = 742AA02BD9FA3492C9E525BBD427D87D] (Microsoft Corporation)
profapi.dll -> C:\Windows\System32\profapi.dll -> [2009.07.14 03:16:12 | 000,031,744 | ---- | M | MD5 = C733D233B623B7FFCE5031E4B756EE26] (Microsoft Corporation)
netutils.dll -> C:\Windows\System32\netutils.dll -> [2009.07.14 03:16:03 | 000,022,016 | ---- | M | MD5 = C6BB27D9A8AC13D4A44486F528B5C884] (Microsoft Corporation)
kernelbase.dll -> C:\Windows\System32\KernelBase.dll -> [2009.07.14 03:15:35 | 000,288,256 | ---- | M | MD5 = B03C89367C03C19A742482DC78904DD0] (Microsoft Corporation)
dwmapi.dll -> C:\Windows\System32\dwmapi.dll -> [2009.07.14 03:15:13 | 000,067,072 | ---- | M | MD5 = 39C5F32747B3414D1BB216FDB1DEFC58] (Microsoft Corporation)
devobj.dll -> C:\Windows\System32\devobj.dll -> [2009.07.14 03:15:11 | 000,064,512 | ---- | M | MD5 = CC4ED8BEA78B0DCA6F217E014C3291A7] (Microsoft Corporation)
cryptbase.dll -> C:\Windows\System32\cryptbase.dll -> [2009.07.14 03:15:07 | 000,036,864 | ---- | M | MD5 = F08F6FCD09F9BE94C37ACC1B344685FF] (Microsoft Corporation)
cfgmgr32.dll -> C:\Windows\System32\cfgmgr32.dll -> [2009.07.14 03:15:02 | 000,145,920 | ---- | M | MD5 = 15B94E4AC75C9295275BDC9A1D7054C3] (Microsoft Corporation)
msscript.ocx -> C:\Windows\System32\msscript.ocx -> [2009.07.14 03:14:10 | 000,095,232 | ---- | M | MD5 = 6DF3EA6FB1D0521127377F454081ABEA] (Microsoft Corporation)
comctl32.dll -> C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc\comctl32.dll -> [2009.07.14 03:03:50 | 001,680,896 | ---- | M | MD5 = 0FA436A553408CBEBA070E3182658DE3] (Microsoft Corporation)
[Win32 Services - Safe List]
(DrWebEngine) Dr.Web Scanning Engine (DrWebEngine) [Auto | Running] -> C:\Program Files\Common Files\Doctor Web\Scanning Engine\dwengine.exe -> [2010.06.21 16:50:18 | 001,628,504 | ---- | M | MD5 = EF82CCA9650ABE38880D799913DD18B6] (Doctor Web, Ltd.)
(Steam Client Service) Steam Client Service [On_Demand | Stopped] -> C:\Program Files\Common Files\Steam\SteamService.exe -> [2010.06.17 16:09:00 | 000,395,048 | ---- | M | MD5 = 9C6BAE20CC4E1CE253BB3942E32C1F5A] (Valve Corporation)
(ICQ Service) ICQ Service [Auto | Running] -> C:\Programme\ICQ6Toolbar\ICQ Service.exe -> [2010.06.02 16:58:20 | 000,246,520 | ---- | M | MD5 = 5C7D72EAB04B1DF8C5D2ACC6551FDE49] ()
(Apple Mobile Device) Apple Mobile Device [Auto | Stopped] -> C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe -> [2010.04.16 08:33:40 | 000,144,672 | ---- | M | MD5 = D503DF3ABA595F551B98B9BAE017A271] (Apple Inc.)
(clr_optimization_v4.0.30319_32) Microsoft .NET Framework NGEN v4.0.30319_X86 [Auto | Stopped] -> C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -> [2010.03.18 13:16:28 | 000,130,384 | ---- | M | MD5 = C5A75EB48E2344ABDC162BDA79E16841] (Microsoft Corporation)
(FLEXnet Licensing Service) FLEXnet Licensing Service [On_Demand | Stopped] -> C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -> [2010.03.17 17:38:34 | 000,867,080 | ---- | M | MD5 = ABEDFD48AC042C6AAAD32452E77217A1] (Acresso Software Inc.)
(McComponentHostService) McAfee Security Scan Component Host Service [On_Demand | Stopped] -> C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe -> [2010.01.15 14:49:20 | 000,227,232 | ---- | M | MD5 = F453D1E6D881E8F8717E20CCD4199E85] (McAfee, Inc.)
(Creative Audio Engine Licensing Service) Creative Audio Engine Licensing Service [On_Demand | Stopped] -> C:\Program Files\Common Files\Creative Labs Shared\Service\CTAELicensing.exe -> [2009.11.02 00:21:24 | 000,079,360 | ---- | M | MD5 = C0EAD9F8AB83D41FF07303C75589C2B8] (Creative Labs)
(AdobeActiveFileMonitor8.0) Adobe Active File Monitor V8 [Auto | Running] -> C:\Programme\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe -> [2009.10.09 06:45:56 | 000,169,312 | ---- | M | MD5 = 34400005DE52842C4D6D4EE978B4D7CE] (Adobe Systems Incorporated)
(AntiVirService) Avira AntiVir Guard [Auto | Running] -> C:\Program Files\Avira\AntiVir Desktop\avguard.exe -> [2009.07.21 15:34:28 | 000,185,089 | ---- | M | MD5 = B8720A787C1223492E6F319465E996CE] (Avira GmbH)
(WwanSvc) WWAN - automatische Konfiguration [On_Demand | Stopped] -> C:\Windows\System32\wwansvc.dll -> [2009.07.14 03:16:21 | 000,185,856 | ---- | M | MD5 = FF2D745B560F7C71B31F30F4D49F73D2] (Microsoft Corporation)
(WbioSrvc) Windows-Biometriedienst [On_Demand | Stopped] -> C:\Windows\System32\wbiosrvc.dll -> [2009.07.14 03:16:17 | 000,151,552 | ---- | M | MD5 = 9614B5D29DC76AC3C29F6D2D3AA70E67] (Microsoft Corporation)
(Power) Stromversorgung [Auto | Running] -> C:\Windows\System32\umpo.dll -> [2009.07.14 03:16:17 | 000,119,808 | ---- | M | MD5 = DBFF83F709A91049621C1D35DD45C92C] (Microsoft Corporation)
(Themes) Designs [Auto | Running] -> C:\Windows\System32\themeservice.dll -> [2009.07.14 03:16:16 | 000,037,376 | ---- | M | MD5 = 42FB6AFD6B79D9FE07381609172E7CA4] (Microsoft Corporation)
(sppuinotify) SPP-Benachrichtigungsdienst [On_Demand | Stopped] -> C:\Windows\System32\sppuinotify.dll -> [2009.07.14 03:16:15 | 000,053,760 | ---- | M | MD5 = D8E3E19EEBDAB49DD4A8D3062EAD4EC7] (Microsoft Corporation)
(StorSvc) Speicherdienst [On_Demand | Stopped] -> C:\Windows\System32\StorSvc.dll -> [2009.07.14 03:16:15 | 000,016,384 | ---- | M | MD5 = 0BF669F0A910BEDA4A32258D363AF2A5] (Microsoft Corporation)
(RpcEptMapper) RPC-Endpunktzuordnung [Unknown | Running] -> C:\Windows\System32\RpcEpMap.dll -> [2009.07.14 03:16:13 | 000,043,520 | ---- | M | MD5 = 78D072F35BC45D9E4E1B61895C152234] (Microsoft Corporation)
(SensrSvc) Adaptive Helligkeit [On_Demand | Stopped] -> C:\Windows\System32\sensrsvc.dll -> [2009.07.14 03:16:13 | 000,025,088 | ---- | M | MD5 = 50087FE1EE447009C9CC2997B90DE53F] (Microsoft Corporation)
(PeerDistSvc) BranchCache [On_Demand | Stopped] -> C:\Windows\System32\PeerDistSvc.dll -> [2009.07.14 03:16:12 | 001,004,544 | ---- | M | MD5 = AF4D64D2A57B9772CF3801950B8058A6] (Microsoft Corporation)
(PNRPsvc) Peer Name Resolution-Protokoll [On_Demand | Running] -> C:\Windows\System32\pnrpsvc.dll -> [2009.07.14 03:16:12 | 000,269,824 | ---- | M | MD5 = 82A8521DDC60710C3D3D3E7325209BEC] (Microsoft Corporation)
(p2pimsvc) Peernetzwerkidentitäts-Manager [On_Demand | Running] -> C:\Windows\System32\pnrpsvc.dll -> [2009.07.14 03:16:12 | 000,269,824 | ---- | M | MD5 = 82A8521DDC60710C3D3D3E7325209BEC] (Microsoft Corporation)
(HomeGroupProvider) Heimnetzgruppen-Anbieter [On_Demand | Running] -> C:\Windows\System32\provsvc.dll -> [2009.07.14 03:16:12 | 000,165,376 | ---- | M | MD5 = FB08DEC5EF43D0C66D83B8E9694E7549] (Microsoft Corporation)
(PNRPAutoReg) PNRP-Computernamenveröffentlichungs-Dienst [On_Demand | Stopped] -> C:\Windows\System32\pnrpauto.dll -> [2009.07.14 03:16:12 | 000,020,480 | ---- | M | MD5 = 63FF8572611249931EB16BB8EED6AFC8] (Microsoft Corporation)
(WinDefend) Windows Defender [On_Demand | Stopped] -> C:\Programme\Windows Defender\MpSvc.dll -> [2009.07.14 03:15:41 | 000,680,960 | ---- | M | MD5 = 3FAE8F94296001C32EAB62CD7D82E0FD] (Microsoft Corporation)
(HomeGroupListener) Heimnetzgruppen-Listener [On_Demand | Running] -> C:\Windows\System32\ListSvc.dll -> [2009.07.14 03:15:36 | 000,194,560 | ---- | M | MD5 = A768CA158BB06782A2835B907F4873C3] (Microsoft Corporation)
(FontCache) Windows-Dienst für Schriftartencache [On_Demand | Stopped] -> C:\Windows\System32\FntCache.dll -> [2009.07.14 03:15:21 | 000,797,696 | ---- | M | MD5 = B6512A85815FDC3D560C3705F5BDB93D] (Microsoft Corporation)
(Dhcp) DHCP-Client [Auto | Running] -> C:\Windows\System32\dhcpcore.dll -> [2009.07.14 03:15:11 | 000,253,440 | ---- | M | MD5 = C56495FBD770712367CAD35E5DE72DA6] (Microsoft Corporation)
(defragsvc) Defragmentierung [On_Demand | Stopped] -> C:\Windows\System32\defragsvc.dll -> [2009.07.14 03:15:10 | 000,218,624 | ---- | M | MD5 = 8D6E10A2D9A5EED59562D9B82CF804E1] (Microsoft Corporation)
(BDESVC) BitLocker-Laufwerkverschlüsselungsdienst [Unknown | Stopped] -> C:\Windows\System32\bdesvc.dll -> [2009.07.14 03:14:59 | 000,076,800 | ---- | M | MD5 = EE1E9C3BB8228AE423DD38DB69128E71] (Microsoft Corporation)
(AxInstSV) ActiveX-Installer (AxInstSV) [On_Demand | Stopped] -> C:\Windows\System32\AxInstSv.dll -> [2009.07.14 03:14:58 | 000,088,064 | ---- | M | MD5 = DD6A431B43E34B91A767D1CE33728175] (Microsoft Corporation)
(AppIDSvc) Anwendungsidentität [On_Demand | Stopped] -> C:\Windows\System32\appidsvc.dll -> [2009.07.14 03:14:53 | 000,027,648 | ---- | M | MD5 = 62A9C86CB6085E20DB4823E4E97826F5] (Microsoft Corporation)
(sppsvc) Software Protection [Auto | Stopped] -> C:\Windows\System32\sppsvc.exe -> [2009.07.14 03:14:29 | 003,179,520 | ---- | M | MD5 = 4C287F9069FEDBD791178876EE9DE536] (Microsoft Corporation)
(AntiVirSchedulerService) Avira AntiVir Planer [Auto | Running] -> C:\Program Files\Avira\AntiVir Desktop\sched.exe -> [2009.05.13 17:48:18 | 000,108,289 | ---- | M | MD5 = 9015BC03F62940527EC92D45EE89E46F] (Avira GmbH)
(CTAudSvcService) Creative Audio Service [Auto | Running] -> C:\Programme\Creative\Shared Files\CTAudSvc.exe -> [2008.11.18 14:15:30 | 000,307,200 | ---- | M | MD5 = 69CDBA2B9C397E349A04FA70DD9170A2] (Creative Technology Ltd)
[Driver Services - Safe List]
(DRWEBAF) DrWEB Firewall Application Filter [Kernel | System | Running] -> C:\Windows\System32\drivers\drwebaf.sys -> [2010.06.30 00:57:17 | 000,083,064 | ---- | M | MD5 = 5DB69F0EE53CE704D7FDCD4F58FE963D] (Doctor Web)
(DrWebPF) DrWeb Packet Filter Driver [Kernel | On_Demand | Running] -> C:\Windows\System32\drivers\DrWebPF.sys -> [2010.06.30 00:57:17 | 000,072,184 | ---- | M | MD5 = 49303F44C24A4B1A5CF8E0E009EAF5B7] (Doctor Web)
(SpiderG3) DrWeb file system scanner [File_System | Boot | Running] -> C:\Windows\system32\drivers\spiderg3.sys -> [2010.06.18 14:24:24 | 000,081,016 | ---- | M | MD5 = 09DA1B43994BF1F023DBBF8536A0D0E3] (Doctor Web, Ltd.)
(DwProt) DrWeb Protection [File_System | Boot | Running] -> C:\Windows\system32\drivers\dwprot.sys -> [2010.04.20 17:44:30 | 000,119,288 | ---- | M | MD5 = CDE066123A0A7B52369EA75CDD39A343] (Doctor Web, Ltd.)
(SCDEmu) SCDEmu [Kernel | System | Running] -> C:\Windows\System32\drivers\scdemu.sys -> [2010.04.12 10:44:34 | 000,059,388 | ---- | M | MD5 = 20B2751CD4C8F3FD989739CA661B9F30] (PowerISO Computing, Inc.)
(KSecPkg) KSecPkg [Kernel | Boot | Running] -> C:\Windows\System32\Drivers\ksecpkg.sys -> [2009.12.11 09:44:02 | 000,133,720 | ---- | M | MD5 = 365C6154BBBC5377173F1CA7BFB6CC59] (Microsoft Corporation)
(avgntflt) avgntflt [File_System | Auto | Running] -> C:\Windows\System32\drivers\avgntflt.sys -> [2009.12.07 21:03:19 | 000,056,816 | ---- | M | MD5 = 14FE36D8F2C6A2435275338D061A0B66] (Avira GmbH)
(sptd) sptd [Kernel | Disabled | Stopped] -> C:\Windows\System32\drivers\sptd.sys -> [2009.11.01 23:49:59 | 000,691,696 | ---- | M | MD5 = CDDDEC541BC3C96F91ECB48759673505] (Duplex Secure Ltd.)
(P17) SB Audigy [Kernel | On_Demand | Running] -> C:\Windows\System32\drivers\P17.sys -> [2009.10.16 03:11:56 | 001,168,896 | ---- | M | MD5 = F2519D547A6AC2AFE0DF0DC826A085A7] (Creative Technology Ltd.)
(atikmdag) atikmdag [Kernel | On_Demand | Running] -> C:\Windows\System32\drivers\atikmdag.sys -> [2009.07.21 18:31:44 | 004,450,816 | ---- | M | MD5 = 194A2261DAD9B766B1B7333A5DC26999] (ATI Technologies Inc.)
(cmdide) cmdide [Kernel | On_Demand | Stopped] -> C:\Windows\system32\DRIVERS\cmdide.sys -> [2009.07.14 03:26:21 | 000,015,952 | ---- | M | MD5 = C537B1DB64D495B9B4717B4D6D9EDBF2] (CMD Technology, Inc.)
(adpahci) adpahci [Kernel | On_Demand | Stopped] -> C:\Windows\system32\DRIVERS\adpahci.sys -> [2009.07.14 03:26:17 | 000,297,552 | ---- | M | MD5 = 0C676BC278D5B59FF5ABD57BBE9123F2] (Adaptec, Inc.)
(adp94xx) adp94xx [Kernel | On_Demand | Stopped] -> C:\Windows\system32\DRIVERS\adp94xx.sys -> [2009.07.14 03:26:15 | 000,422,976 | ---- | M | MD5 = 21E785EBD7DC90A06391141AAC7892FB] (Adaptec, Inc.)
(amdsbs) amdsbs [Kernel | On_Demand | Stopped] -> C:\Windows\system32\DRIVERS\amdsbs.sys -> [2009.07.14 03:26:15 | 000,159,312 | ---- | M | MD5 = EA43AF0C423FF267355F74E7A53BDABA] (AMD Technologies Inc.)
(adpu320) adpu320 [Kernel | On_Demand | Stopped] -> C:\Windows\system32\DRIVERS\adpu320.sys -> [2009.07.14 03:26:15 | 000,146,512 | ---- | M | MD5 = 7C7B5EE4B7B822EC85321FE23A27DB33] (Adaptec, Inc.)
(arcsas) arcsas [Kernel | On_Demand | Stopped] -> C:\Windows\system32\DRIVERS\arcsas.sys -> [2009.07.14 03:26:15 | 000,086,608 | ---- | M | MD5 = 5D6F36C46FD283AE1B57BD2E9FEB0BC7] (Adaptec, Inc.)
(amdsata) amdsata [Kernel | On_Demand | Stopped] -> C:\Windows\system32\DRIVERS\amdsata.sys -> [2009.07.14 03:26:15 | 000,079,952 | ---- | M | MD5 = 2101A86C25C154F8314B24EF49D7FBC2] (Advanced Micro Devices)
(arc) arc [Kernel | On_Demand | Stopped] -> C:\Windows\system32\DRIVERS\arc.sys -> [2009.07.14 03:26:15 | 000,076,368 | ---- | M | MD5 = 2932004F49677BD84DBC72EDB754FFB3] (Adaptec, Inc.)
(amdxata) amdxata [Kernel | Boot | Running] -> C:\Windows\system32\DRIVERS\amdxata.sys -> [2009.07.14 03:26:15 | 000,023,616 | ---- | M | MD5 = B81C2B5616F6420A9941EA093A92B150] (Advanced Micro Devices)
(aliide) aliide [Kernel | On_Demand | Stopped] -> C:\Windows\system32\DRIVERS\aliide.sys -> [2009.07.14 03:26:15 | 000,014,400 | ---- | M | MD5 = 0D40BCF52EA90FC7DF2AEAB6503DEA44] (Acer Laboratories Inc.)
(nvstor) nvstor [Kernel | Boot | Running] -> C:\Windows\system32\DRIVERS\nvstor.sys -> [2009.07.14 03:20:44 | 000,142,416 | ---- | M | MD5 = C99F251A5DE63C6F129CF71933ACED0F] (NVIDIA Corporation)
(nvraid) nvraid [Kernel | On_Demand | Stopped] -> C:\Windows\system32\DRIVERS\nvraid.sys -> [2009.07.14 03:20:44 | 000,117,312 | ---- | M | MD5 = 3F3D04B1D08D43C16EA7963954EC768D] (NVIDIA Corporation)
(nfrd960) nfrd960 [Kernel | On_Demand | Stopped] -> C:\Windows\system32\DRIVERS\nfrd960.sys -> [2009.07.14 03:20:44 | 000,044,624 | ---- | M | MD5 = 1D85C4B390B0EE09C7A46B91EFB2C097] (IBM Corporation)
(LSI_SAS) LSI_SAS [Kernel | On_Demand | Stopped] -> C:\Windows\system32\DRIVERS\lsi_sas.sys -> [2009.07.14 03:20:37 | 000,089,168 | ---- | M | MD5 = 8ADE1C877256A22E49B75D1CC9161F9C] (LSI Corporation)
(iaStorV) iaStorV [Kernel | On_Demand | Stopped] -> C:\Windows\system32\DRIVERS\iaStorV.sys -> [2009.07.14 03:20:36 | 000,332,352 | ---- | M | MD5 = 934AF4D7C5F457B9F0743F4299B77B67] (Intel Corporation)
(MegaSR) MegaSR [Kernel | On_Demand | Stopped] -> C:\Windows\system32\DRIVERS\MegaSR.sys -> [2009.07.14 03:20:36 | 000,235,584 | ---- | M | MD5 = DCBAB2920C75F390CAF1D29F675D03D6] (LSI Corporation, Inc.)
(LSI_SCSI) LSI_SCSI [Kernel | On_Demand | Stopped] -> C:\Windows\system32\DRIVERS\lsi_scsi.sys -> [2009.07.14 03:20:36 | 000,096,848 | ---- | M | MD5 = 0A036C7D7CAB643A7F07135AC47E0524] (LSI Corporation)
(LSI_FC) LSI_FC [Kernel | On_Demand | Stopped] -> C:\Windows\system32\DRIVERS\lsi_fc.sys -> [2009.07.14 03:20:36 | 000,095,824 | ---- | M | MD5 = EB119A53CCF2ACC000AC71B065B78FEF] (LSI Corporation)
(LSI_SAS2) LSI_SAS2 [Kernel | On_Demand | Stopped] -> C:\Windows\system32\DRIVERS\lsi_sas2.sys -> [2009.07.14 03:20:36 | 000,054,864 | ---- | M | MD5 = DC9DC3D3DAA0E276FD2EC262E38B11E9] (LSI Corporation)
(iirsp) iirsp [Kernel | On_Demand | Stopped] -> C:\Windows\system32\DRIVERS\iirsp.sys -> [2009.07.14 03:20:36 | 000,041,040 | ---- | M | MD5 = 4173FF5708F3236CF25195FECD742915] (Intel Corp./ICP vortex GmbH)
(megasas) megasas [Kernel | On_Demand | Stopped] -> C:\Windows\system32\DRIVERS\megasas.sys -> [2009.07.14 03:20:36 | 000,030,800 | ---- | M | MD5 = 0FFF5B045293002AB38EB1FD1FC2FB74] (LSI Corporation)
(hwpolicy) Hardware Policy Driver [Kernel | Boot | Running] -> C:\Windows\System32\drivers\hwpolicy.sys -> [2009.07.14 03:20:36 | 000,013,904 | ---- | M | MD5 = 8305F33CDE89AD6C7A0763ED0B5A8D42] (Microsoft Corporation)
(elxstor) elxstor [Kernel | On_Demand | Stopped] -> C:\Windows\system32\DRIVERS\elxstor.sys -> [2009.07.14 03:20:28 | 000,453,712 | ---- | M | MD5 = 0ED67910C8C326796FAA00B2BF6D9D3C] (Emulex)
(aic78xx) aic78xx [Kernel | On_Demand | Stopped] -> C:\Windows\system32\DRIVERS\djsvs.sys -> [2009.07.14 03:20:28 | 000,070,720 | ---- | M | MD5 = 8B30250D573A8F6B4BD23195160D8707] (Adaptec, Inc.)
(HpSAMD) HpSAMD [Kernel | On_Demand | Stopped] -> C:\Windows\system32\DRIVERS\HpSAMD.sys -> [2009.07.14 03:20:28 | 000,067,152 | ---- | M | MD5 = 295FDC419039090EB8B49FFDBB374549] (Hewlett-Packard Company)
(FsDepends) File System Dependency Minifilter [File_System | On_Demand | Stopped] -> C:\Windows\System32\drivers\fsdepends.sys -> [2009.07.14 03:20:28 | 000,046,160 | ---- | M | MD5 = 1A16B57943853E598CFF37FE2B8CBF1D] (Microsoft Corporation)
(vsmraid) vsmraid [Kernel | On_Demand | Stopped] -> C:\Windows\system32\DRIVERS\vsmraid.sys -> [2009.07.14 03:19:11 | 000,141,904 | ---- | M | MD5 = 9DFA0CC2F8855A04816729651175B631] (VIA Technologies Inc.,Ltd)
(vmbus) Bus des virtuellen Computers [Kernel | On_Demand | Stopped] -> C:\Windows\system32\DRIVERS\vmbus.sys -> [2009.07.14 03:19:10 | 000,175,824 | ---- | M | MD5 = 379B349F65F453D2A6E75EA6B7448E49] (Microsoft Corporation)
(vhdmp) vhdmp [Kernel | On_Demand | Stopped] -> C:\Windows\system32\DRIVERS\vhdmp.sys -> [2009.07.14 03:19:10 | 000,159,824 | ---- | M | MD5 = 3BE6E1F3A4F1AFEC8CEE0D7883F93583] (Microsoft Corporation)
(storflt) Filtertreiber zur Busbeschleunigung für den Datenträger des virtuellen Computers [Kernel | Boot | Running] -> C:\Windows\system32\DRIVERS\vmstorfl.sys -> [2009.07.14 03:19:10 | 000,040,896 | ---- | M | MD5 = 957E346CA948668F2496A6CCF6FF82CC] (Microsoft Corporation)
(vdrvroot) Enumerator-Treiber für Microsoft Virtual Drive [Kernel | Boot | Running] -> C:\Windows\system32\DRIVERS\vdrvroot.sys -> [2009.07.14 03:19:10 | 000,032,832 | ---- | M | MD5 = A059C4C3EDB09E07D21A8E5C0AABD3CB] (Microsoft Corporation)
(storvsc) storvsc [Kernel | On_Demand | Stopped] -> C:\Windows\system32\DRIVERS\storvsc.sys -> [2009.07.14 03:19:10 | 000,028,224 | ---- | M | MD5 = D5751969DC3E4B88BF482AC8EC9FE019] (Microsoft Corporation)
(WIMMount) WIMMount [File_System | On_Demand | Stopped] -> C:\Windows\System32\drivers\wimmount.sys -> [2009.07.14 03:19:10 | 000,019,008 | ---- | M | MD5 = 5CF95B35E59E2A38023836FFF31BE64C] (Microsoft Corporation)
(viaide) viaide [Kernel | On_Demand | Stopped] -> C:\Windows\system32\DRIVERS\viaide.sys -> [2009.07.14 03:19:10 | 000,016,976 | ---- | M | MD5 = E43574F6A56A0EE11809B48C09E4FD3C] (VIA Technologies, Inc.)
(ql2300) ql2300 [Kernel | On_Demand | Stopped] -> C:\Windows\system32\DRIVERS\ql2300.sys -> [2009.07.14 03:19:04 | 001,383,488 | ---- | M | MD5 = AB95ECF1F6659A60DDC166D8315B0751] (QLogic Corporation)
(rdyboost) ReadyBoost [Kernel | Boot | Running] -> C:\Windows\System32\drivers\rdyboost.sys -> [2009.07.14 03:19:04 | 000,173,648 | ---- | M | MD5 = 4EA225BF1CF05E158853F30A99CA29A7] (Microsoft Corporation)
(ql40xx) ql40xx [Kernel | On_Demand | Stopped] -> C:\Windows\system32\DRIVERS\ql40xx.sys -> [2009.07.14 03:19:04 | 000,106,064 | ---- | M | MD5 = B4DD51DD25182244B86737DC51AF2270] (QLogic Corporation)
(SiSRaid4) SiSRaid4 [Kernel | On_Demand | Stopped] -> C:\Windows\system32\DRIVERS\sisraid4.sys -> [2009.07.14 03:19:04 | 000,077,888 | ---- | M | MD5 = 3727097B55738E2F554972C3BE5BC1AA] (Silicon Integrated Systems)
(pcw) Performance Counters for Windows Driver [Kernel | Boot | Running] -> C:\Windows\System32\drivers\pcw.sys -> [2009.07.14 03:19:04 | 000,043,088 | ---- | M | MD5 = 250F6B43D2B613172035C6747AEEB19F] (Microsoft Corporation)
(SiSRaid2) SiSRaid2 [Kernel | On_Demand | Stopped] -> C:\Windows\system32\DRIVERS\SiSRaid2.sys -> [2009.07.14 03:19:04 | 000,040,016 | ---- | M | MD5 = A9F0486851BECB6DDA1D89D381E71055] (Silicon Integrated Systems Corp.)
(stexstor) stexstor [Kernel | On_Demand | Stopped] -> C:\Windows\system32\DRIVERS\stexstor.sys -> [2009.07.14 03:19:04 | 000,021,072 | ---- | M | MD5 = DB32D325C192B801DF274BFD12A7E72B] (Promise Technology)
(CNG) CNG [Kernel | Boot | Running] -> C:\Windows\System32\Drivers\cng.sys -> [2009.07.14 03:17:54 | 000,369,568 | ---- | M | MD5 = 1B675691ED940766149C93E8F4488D68] (Microsoft Corporation)
(Brserid) Brother MFC Serial Port Interface Driver (WDM) [Kernel | On_Demand | Stopped] -> C:\Windows\System32\Drivers\Brserid.sys -> [2009.07.14 02:57:25 | 000,272,128 | ---- | M | MD5 = 845B8CE732E67F3B4133164868C666EA] (Brother Industries Ltd.)
(rdpbus) Remote Desktop Device Redirector Bus Driver [Kernel | On_Demand | Running] -> C:\Windows\System32\drivers\rdpbus.sys -> [2009.07.14 02:02:41 | 000,018,944 | ---- | M | MD5 = 0D8F05481CB76E70E1DA06EE9F0DA9DF] (Microsoft Corporation)
(RDPREFMP) Reflector Display Driver used to gain access to graphics data [Kernel | System | Running] -> C:\Windows\System32\drivers\RDPREFMP.sys -> [2009.07.14 02:01:41 | 000,007,168 | ---- | M | MD5 = 44B0A53CD4F27D50ED461DAE0C0B4E1F] (Microsoft Corporation)
(RasAgileVpn) WAN Miniport (IKEv2) [Kernel | On_Demand | Running] -> C:\Windows\System32\drivers\agilevpn.sys -> [2009.07.14 01:55:00 | 000,049,152 | ---- | M | MD5 = 57EC4AEF73660166074D8F7F31C0D4FD] (Microsoft Corporation)
(WfpLwf) WFP Lightweight Filter [Kernel | System | Running] -> C:\Windows\System32\drivers\wfplwf.sys -> [2009.07.14 01:53:51 | 000,009,728 | ---- | M | MD5 = 8B9A943F3B53861F2BFAF6C186168F79] (Microsoft Corporation)
(NdisCap) NDIS Capture LightWeight Filter [Kernel | On_Demand | Stopped] -> C:\Windows\System32\drivers\ndiscap.sys -> [2009.07.14 01:52:44 | 000,027,136 | ---- | M | MD5 = 0E1787AA6C9191D3D319E8BAFE86F80C] (Microsoft Corporation)
(vwifibus) Virtueller WiFi-Bustreiber [Kernel | On_Demand | Stopped] -> C:\Windows\System32\drivers\vwifibus.sys -> [2009.07.14 01:52:02 | 000,019,968 | ---- | M | MD5 = 90567B1E658001E79D7C8BBD3DDE5AA6] (Microsoft Corporation)
(1394ohci) OHCI-konformer 1394-Hostcontroller [Kernel | On_Demand | Running] -> C:\Windows\System32\drivers\1394ohci.sys -> [2009.07.14 01:52:00 | 000,163,328 | ---- | M | MD5 = 6D2ACA41739BFE8CB86EE8E85F29697D] (Microsoft Corporation)
(UmPass) Microsoft UMPass Driver [Kernel | On_Demand | Stopped] -> C:\Windows\system32\DRIVERS\umpass.sys -> [2009.07.14 01:51:35 | 000,008,192 | ---- | M | MD5 = 7550AD0C6998BA1CB4843E920EE0FEAC] (Microsoft Corporation)
(mshidkmdf) Pass-through HID to KMDF Filter Driver [Kernel | On_Demand | Stopped] -> C:\Windows\System32\drivers\mshidkmdf.sys -> [2009.07.14 01:51:08 | 000,004,096 | ---- | M | MD5 = 3E1E5767043C5AF9367F0056295E9F84] (Microsoft Corporation)
(MTConfig) Microsoft Input Configuration Driver [Kernel | On_Demand | Stopped] -> C:\Windows\system32\DRIVERS\MTConfig.sys -> [2009.07.14 01:46:55 | 000,012,288 | ---- | M | MD5 = 33599130F44E1F34631CEA241DE8AC84] (Microsoft Corporation)
(CompositeBus) Busenumeratortreiber für Verbundgeräte [Kernel | On_Demand | Running] -> C:\Windows\System32\drivers\CompositeBus.sys -> [2009.07.14 01:45:26 | 000,031,232 | ---- | M | MD5 = F1724BA27E97D627F808FB0BA77A28A6] (Microsoft Corporation)
(AppID) Anwendungs-ID-Treiber [Kernel | On_Demand | Stopped] -> C:\Windows\system32\drivers\appid.sys -> [2009.07.14 01:36:52 | 000,050,176 | ---- | M | MD5 = FEB834C02CE1E84B6A38F953CA067706] (Microsoft Corporation)
(scfilter) Filtertreiber für Smartcards der Plug & Play-Klasse [Kernel | Unknown | Stopped] -> C:\Windows\System32\drivers\scfilter.sys -> [2009.07.14 01:33:50 | 000,026,624 | ---- | M | MD5 = A95C54B2AC3CC9C73FCDF9E51A1D6B51] (Microsoft Corporation)
(s3cap) s3cap [Kernel | On_Demand | Stopped] -> C:\Windows\system32\DRIVERS\vms3cap.sys -> [2009.07.14 01:28:47 | 000,005,632 | ---- | M | MD5 = 5423D8437051E89DD34749F242C98648] (Microsoft Corporation)
(VMBusHID) VMBusHID [Kernel | On_Demand | Stopped] -> C:\Windows\system32\DRIVERS\VMBusHID.sys -> [2009.07.14 01:28:45 | 000,017,920 | ---- | M | MD5 = EC2BBAB4B84D0738C6C83D2234DC36FE] (Microsoft Corporation)
(discache) System Attribute Cache [Kernel | System | Running] -> C:\Windows\System32\drivers\discache.sys -> [2009.07.14 01:24:05 | 000,032,256 | ---- | M | MD5 = 1A050B0274BFB3890703D490F330C0DA] (Microsoft Corporation)
(HidBatt) HID UPS Battery Driver [Kernel | On_Demand | Stopped] -> C:\Windows\system32\DRIVERS\HidBatt.sys -> [2009.07.14 01:19:21 | 000,021,504 | ---- | M | MD5 = 1D58A7F3E11A9731D0EAAAA8405ACC36] (Microsoft Corporation)
(AcpiPmi) ACPI Power Meter Driver [Kernel | On_Demand | Stopped] -> C:\Windows\system32\DRIVERS\acpipmi.sys -> [2009.07.14 01:16:36 | 000,009,728 | ---- | M | MD5 = 98D81CA942D19F7D9153B095162AC013] (Microsoft Corporation)
(AmdPPM) AMD Processor Driver [Kernel | On_Demand | Stopped] -> C:\Windows\system32\DRIVERS\amdppm.sys -> [2009.07.14 01:11:04 | 000,052,736 | ---- | M | MD5 = 3CBF30F5370FDA40DD3E87DF38EA53B6] (Microsoft Corporation)
(hcw85cir) Hauppauge Consumer Infrared Receiver [Kernel | On_Demand | Stopped] -> C:\Windows\system32\drivers\hcw85cir.sys -> [2009.07.14 00:54:14 | 000,026,624 | ---- | M | MD5 = C44E3C2BAB6837DB337DDEE7544736DB] (Hauppauge Computer Works, Inc.)
(BrUsbMdm) Brother MFC USB Fax Only Modem [Kernel | On_Demand | Stopped] -> C:\Windows\System32\Drivers\BrUsbMdm.sys -> [2009.07.14 00:53:33 | 000,012,160 | ---- | M | MD5 = BD456606156BA17E60A04E18016AE54B] (Brother Industries Ltd.)
(BrUsbSer) Brother MFC USB Serial WDM Driver [Kernel | On_Demand | Stopped] -> C:\Windows\System32\Drivers\BrUsbSer.sys -> [2009.07.14 00:53:33 | 000,011,904 | ---- | M | MD5 = AF72ED54503F717A43268B3CC5FAEC2E] (Brother Industries Ltd.)
(BrSerWdm) Brother WDM Serial driver [Kernel | On_Demand | Stopped] -> C:\Windows\System32\Drivers\BrSerWdm.sys -> [2009.07.14 00:53:32 | 000,062,336 | ---- | M | MD5 = 203F0B1E73ADADBBB7B7B1FABD901F6B] (Brother Industries Ltd.)
(BrFiltLo) Brother USB Mass-Storage Lower Filter Driver [Kernel | On_Demand | Stopped] -> C:\Windows\system32\DRIVERS\BrFiltLo.sys -> [2009.07.14 00:53:28 | 000,013,568 | ---- | M | MD5 = 9F9ACC7F7CCDE8A15C282D3F88B43309] (Brother Industries, Ltd.)
(BrFiltUp) Brother USB Mass-Storage Upper Filter Driver [Kernel | On_Demand | Stopped] -> C:\Windows\system32\DRIVERS\BrFiltUp.sys -> [2009.07.14 00:53:28 | 000,005,248 | ---- | M | MD5 = 56801AD62213A41F6497F96DEE83755A] (Brother Industries, Ltd.)
(NVENETFD) NVIDIA nForce-Netzwerkcontrollertreiber [Kernel | On_Demand | Running] -> C:\Windows\System32\drivers\nvm62x32.sys -> [2009.07.14 00:02:52 | 000,347,264 | ---- | M | MD5 = B5E37E31C053BC9950455A257526514B] (NVIDIA Corporation)
(b57nd60x) Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0 [Kernel | On_Demand | Stopped] -> C:\Windows\System32\drivers\b57nd60x.sys -> [2009.07.14 00:02:49 | 000,229,888 | ---- | M | MD5 = BD8869EB9CDE6BBE4508D869929869EE] (Broadcom Corporation)
(ebdrv) Broadcom NetXtreme II 10 GigE VBD [Kernel | On_Demand | Stopped] -> C:\Windows\system32\DRIVERS\evbdx.sys -> [2009.07.14 00:02:48 | 003,100,160 | ---- | M | MD5 = 024E1B5CAC09731E4D868E64DBFB4AB0] (Broadcom Corporation)
(b06bdrv) Broadcom NetXtreme II VBD [Kernel | On_Demand | Stopped] -> C:\Windows\system32\DRIVERS\bxvbdx.sys -> [2009.07.14 00:02:48 | 000,430,080 | ---- | M | MD5 = 1A231ABEC60FD316EC54C66715543CEC] (Broadcom Corporation)
(ssmdrv) ssmdrv [Kernel | System | Running] -> C:\Windows\System32\drivers\ssmdrv.sys -> [2009.05.11 11:12:20 | 000,028,520 | ---- | M | MD5 = 5EC550B8952882EE856B862CF648522D] (Avira GmbH)
(avipbb) avipbb [Kernel | System | Running] -> C:\Windows\System32\drivers\avipbb.sys -> [2009.03.30 11:33:03 | 000,096,104 | ---- | M | MD5 = 6D52060B59E7D79CD2A044B6ADD1F1EF] (Avira GmbH)
(avgio) avgio [Kernel | System | Running] -> C:\Programme\Avira\AntiVir Desktop\avgio.sys -> [2009.02.13 13:35:01 | 000,011,608 | ---- | M | MD5 = 0B497C79824F8E1BF22FA6AACD3DE3A0] (Avira GmbH)
[Registry - Safe List]
< Internet Explorer Settings [HKEY_LOCAL_MACHINE\] > -> ->
< Internet Explorer Settings [HKEY_USERS\.DEFAULT\] > -> ->
HKEY_USERS\.DEFAULT\: "ProxyEnable" -> 0 ->
< Internet Explorer Settings [HKEY_USERS\S-1-5-18\] > -> ->
HKEY_USERS\S-1-5-18\: "ProxyEnable" -> 0 ->
< Internet Explorer Settings [HKEY_USERS\S-1-5-19\] > -> ->
< Internet Explorer Settings [HKEY_USERS\S-1-5-20\] > -> ->
< Internet Explorer Settings [HKEY_USERS\S-1-5-21-1654013148-911664163-2520165974-1001\] > -> ->
HKEY_USERS\S-1-5-21-1654013148-911664163-2520165974-1001\: Main\\"Default_Search_URL" -> hxxp://www.google.com/ie ->
HKEY_USERS\S-1-5-21-1654013148-911664163-2520165974-1001\: Main\\"Start Page" -> hxxp://web.de/ ->
HKEY_USERS\S-1-5-21-1654013148-911664163-2520165974-1001\: Main\\"Start Page Redirect Cache" -> hxxp://de.msn.com/?ocid=iehp ->
HKEY_USERS\S-1-5-21-1654013148-911664163-2520165974-1001\: Main\\"Start Page Redirect Cache AcceptLangs" -> de ->
HKEY_USERS\S-1-5-21-1654013148-911664163-2520165974-1001\: Main\\"Start Page Redirect Cache_TIMESTAMP" -> 0E C0 2D 2E 3B 5B CA 01 [binary data] ->
HKEY_USERS\S-1-5-21-1654013148-911664163-2520165974-1001\: Search\\"Default_Search_URL" -> hxxp://www.google.com/ie ->
HKEY_USERS\S-1-5-21-1654013148-911664163-2520165974-1001\: Search\\"SearchAssistant" -> hxxp://www.google.com/ie ->
HKEY_USERS\S-1-5-21-1654013148-911664163-2520165974-1001\: SearchURL\\"" -> hxxp://www.google.com/search?q=%s ->
HKEY_USERS\S-1-5-21-1654013148-911664163-2520165974-1001\: URLSearchHooks\\"" [HKLM] -> Reg Error: Key error. [Reg Error: Value error.] -> File not found
HKEY_USERS\S-1-5-21-1654013148-911664163-2520165974-1001\: URLSearchHooks\\"{855F3B16-6D32-4fe6-8A56-BBB695989046}" [HKLM] -> C:\Programme\ICQ6Toolbar\ICQToolBar.dll [ICQToolBar] -> [2010.06.02 16:58:20 | 001,018,616 | ---- | M | MD5 = 2A21B1EBEFE3A69D1E071F93DF95E0AC] (ICQ)
HKEY_USERS\S-1-5-21-1654013148-911664163-2520165974-1001\: "ProxyEnable" -> 0 ->
< FireFox Settings [Prefs.js] > -> C:\Users\Klaus\AppData\Roaming\Mozilla\FireFox\Profiles\lpflhio7.default\prefs.js ->
browser.search.defaultenginename -> "ICQ Search" ->
browser.search.selectedEngine -> "Google" ->
browser.search.useDBForOrder -> true ->
browser.startup.homepage -> "web.de" ->
extensions.enabledItems -> {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.2 ->
extensions.enabledItems -> {e4a8a97b-f2ed-450b-b12d-ee082ba24781}:0.8.20100408.6 ->
extensions.enabledItems -> moveplayer@movenetworks.com:1.0.0.071303000004 ->
extensions.enabledItems -> {B13721C7-F507-4982-B2E5-502A71474FED}:3.3.0.3971 ->
extensions.enabledItems -> qtl.co.il@gmail.com:14.3 ->
extensions.enabledItems -> {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20 ->
keyword.URL -> "hxxp://search.icq.com/search/afe_results.php?ch_id=afex&tb_ver=1.1.6&q=" ->
< FireFox Extensions [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla
HKLM\software\mozilla\Firefox\Extensions -> ->
HKLM\software\mozilla\Mozilla Firefox 3.6.6\extensions -> ->
HKLM\software\mozilla\Mozilla Firefox 3.6.6\extensions\\Components -> C:\Programme\Mozilla Firefox\components [C:\PROGRAM FILES\MOZILLA FIREFOX\COMPONENTS] -> [2010.06.28 01:26:59 | 000,000,000 | ---D | M]
HKLM\software\mozilla\Mozilla Firefox 3.6.6\extensions\\Plugins -> C:\Programme\Mozilla Firefox\plugins [C:\PROGRAM FILES\MOZILLA FIREFOX\PLUGINS] -> [2010.06.28 01:26:59 | 000,000,000 | ---D | M]
< FireFox Extensions [User Folders] > ->
-> C:\Users\Klaus\AppData\Roaming\mozilla\Extensions -> [2009.11.01 23:41:18 | 000,000,000 | ---D | M]
-> C:\Users\Klaus\AppData\Roaming\mozilla\Firefox\Profiles\lpflhio7.default\extensions -> [2010.06.29 12:29:16 | 000,000,000 | ---D | M]
Adblock Plus -> C:\Users\Klaus\AppData\Roaming\mozilla\Firefox\Profiles\lpflhio7.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} -> [2010.06.28 13:05:12 | 000,000,000 | ---D | M]
Greasemonkey -> C:\Users\Klaus\AppData\Roaming\mozilla\Firefox\Profiles\lpflhio7.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781} -> [2010.04.09 13:06:41 | 000,000,000 | ---D | M]
-> C:\Users\Klaus\AppData\Roaming\mozilla\Firefox\Profiles\lpflhio7.default\extensions\moveplayer@movenetworks.com -> [2009.11.07 15:06:13 | 000,000,000 | ---D | M]
-> C:\Users\Klaus\AppData\Roaming\mozilla\Firefox\Profiles\lpflhio7.default\extensions\qtl.co.il@gmail.com -> [2010.04.08 22:32:40 | 000,000,000 | ---D | M]
< FireFox SearchPlugins [User Folders] > ->
icqplugin.xml -> C:\Users\Klaus\AppData\Roaming\Mozilla\FireFox\Profiles\lpflhio7.default\searchplugins\icqplugin.xml -> [2010.06.23 23:15:20 | 000,001,056 | ---- | M | MD5 = 84F774E26CB3ADC838721B3D91942B74] ()
qtl.xml -> C:\Users\Klaus\AppData\Roaming\Mozilla\FireFox\Profiles\lpflhio7.default\searchplugins\qtl.xml -> [2010.01.31 12:56:29 | 000,002,108 | ---- | M | MD5 = 739C3F43D1AC570F0D2C271068D871BB] ()
< FireFox Extensions [Program Folders] > ->
-> C:\Programme\Mozilla Firefox\extensions -> [2010.06.30 00:20:53 | 000,000,000 | ---D | M]
Java Console -> C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} -> [2010.05.02 23:11:18 | 000,000,000 | ---D | M]
< HOSTS File > ([2010.06.30 01:39:46 | 000,000,808 | ---- | M | MD5 = D5962A4B076B66ED16917439FC22123B] - 22 lines) -> C:\Windows\System32\drivers\etc\hosts ->
Reset Hosts
< BHO's [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\ ->
{72853161-30C5-4D22-B7F9-0BBC1D38A37E} [HKLM] -> C:\Programme\Microsoft Office\Office12\GrooveShellExtensions.dll [Groove GFS Browser Helper] -> [2009.02.12 15:19:32 | 002,217,848 | ---- | M | MD5 = A6B5A41C0ED007AB6C43CAD899E533D8] (Microsoft Corporation)
< Internet Explorer ToolBars [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ToolBar ->
"{855F3B16-6D32-4fe6-8A56-BBB695989046}" [HKLM] -> C:\Programme\ICQ6Toolbar\ICQToolBar.dll [ICQToolBar] -> [2010.06.02 16:58:20 | 001,018,616 | ---- | M | MD5 = 2A21B1EBEFE3A69D1E071F93DF95E0AC] (ICQ)
< Run [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run ->
"AppleSyncNotifier" -> C:\Programme\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe [C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe] -> [2010.02.17 19:37:20 | 000,177,472 | ---- | M | MD5 = CB49CA5AAAE86FEAFA5FB0A60ADAB766] (Apple Inc.)
"avgnt" -> C:\Program Files\Avira\AntiVir Desktop\avgnt.exe ["C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min] -> [2009.03.02 14:08:43 | 000,209,153 | ---- | M | MD5 = 29680A793F690EEF4AAA68479D2A6DF8] (Avira GmbH)
"Dr.Web Firewall" -> C:\Program Files\DrWeb\frwl_notify.exe ["C:\Program Files\DrWeb\frwl_notify.exe"] -> [2010.03.15 10:03:22 | 002,600,200 | ---- | M | MD5 = 16DB89EAEB4024116EB72DB5F1A8C0F4] (Doctor Web, Ltd.)
"P17RunE" -> C:\Windows\System32\P17RunE.dll [RunDll32 P17RunE.dll,RunDLLEntry] -> [2008.03.28 08:57:30 | 000,014,848 | ---- | M | MD5 = BC6B92E13EC81DE9C77FA1816CC325D6] (Creative Technology Ltd.)
"PWRISOVM.EXE" -> C:\Programme\PowerISO\PWRISOVM.EXE [C:\Program Files\PowerISO\PWRISOVM.EXE] -> [2010.04.12 10:40:16 | 000,180,224 | ---- | M | MD5 = AA16204FD1F75637E8EAEB593A8FA597] (PowerISO Computing, Inc.)
"SpIDerAgent" -> C:\Program Files\DrWeb\SpIDerAgent.exe ["C:\Program Files\DrWeb\SpIDerAgent.exe"] -> [2010.03.10 18:09:00 | 001,314,032 | ---- | M | MD5 = 5CFDBBFF3E160A9C31BA1AAE19A45178] (Doctor Web, Ltd.)
"SpIDerMail" -> C:\Program Files\DrWeb\spiderml.exe ["C:\Program Files\DrWeb\spiderml.exe" -autorun] -> [2010.06.03 13:49:52 | 001,541,360 | ---- | M | MD5 = 7DFB59C3E7CCE339F64358B2D917E880] (Doctor Web, Ltd.)
"StartCCC" -> C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe ["C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun] -> [2009.07.21 12:00:28 | 000,061,440 | ---- | M | MD5 = F9E9D44FDB0861536E5BBBC4B63FE224] (Advanced Micro Devices, Inc.)
"WinampAgent" -> C:\Program Files\Winamp\winampa.exe ["C:\Program Files\Winamp\winampa.exe"] -> [2009.07.01 18:37:06 | 000,037,888 | ---- | M | MD5 = 64A87C2EFBAF1E03500C73E43E6B505A] ()
< Run [HKEY_USERS\S-1-5-21-1654013148-911664163-2520165974-1001\] > -> HKEY_USERS\S-1-5-21-1654013148-911664163-2520165974-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Run ->
"DAEMON Tools Lite" -> C:\Program Files\DAEMON Tools Lite\DTLite.exe ["C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun] -> [2009.10.30 13:57:08 | 000,369,200 | ---- | M | MD5 = 435F79D364B796A4EA0B5CAF24CA78BD] (DT Soft Ltd)
< Software Policy Settings [HKEY_USERS\S-1-5-21-1654013148-911664163-2520165974-1001] > -> HKEY_USERS\S-1-5-21-1654013148-911664163-2520165974-1001\SOFTWARE\Policies\Microsoft\Internet Explorer ->
< CurrentVersion Policy Settings - Explorer [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer
\\"NoDrives" -> [0] -> File not found
< CurrentVersion Policy Settings - System [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System
\\"ConsentPromptBehaviorAdmin" -> [5] -> File not found
\\"ConsentPromptBehaviorUser" -> [3] -> File not found
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats
< CurrentVersion Policy Settings [HKEY_USERS\.DEFAULT] > -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer ->
< CurrentVersion Policy Settings [HKEY_USERS\.DEFAULT] > -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System ->
< CurrentVersion Policy Settings [HKEY_USERS\S-1-5-18] > -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer ->
< CurrentVersion Policy Settings [HKEY_USERS\S-1-5-18] > -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System ->
< CurrentVersion Policy Settings [HKEY_USERS\S-1-5-21-1654013148-911664163-2520165974-1001] > -> HKEY_USERS\S-1-5-21-1654013148-911664163-2520165974-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer ->
HKEY_USERS\S-1-5-21-1654013148-911664163-2520165974-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer
\\"NoDrives" -> [0] -> File not found
< CurrentVersion Policy Settings [HKEY_USERS\S-1-5-21-1654013148-911664163-2520165974-1001] > -> HKEY_USERS\S-1-5-21-1654013148-911664163-2520165974-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System ->
< Internet Explorer Menu Extensions [HKEY_USERS\S-1-5-19\] > -> HKEY_USERS\S-1-5-19\Software\Microsoft\Internet Explorer\MenuExt\ ->
Add to Google Photos Screensa&ver -> C:\Windows\System32\GPhotos.scr [res://C:\Windows\system32\GPhotos.scr/200] -> [2010.02.20 01:47:50 | 003,604,480 | ---- | M | MD5 = D909DFE8CA0FA8E505B7C6B4621AF745] (Google Inc.)
< Internet Explorer Menu Extensions [HKEY_USERS\S-1-5-20\] > -> HKEY_USERS\S-1-5-20\Software\Microsoft\Internet Explorer\MenuExt\ ->
Add to Google Photos Screensa&ver -> C:\Windows\System32\GPhotos.scr [res://C:\Windows\system32\GPhotos.scr/200] -> [2010.02.20 01:47:50 | 003,604,480 | ---- | M | MD5 = D909DFE8CA0FA8E505B7C6B4621AF745] (Google Inc.)
< Internet Explorer Menu Extensions [HKEY_USERS\S-1-5-21-1654013148-911664163-2520165974-1001\] > -> HKEY_USERS\S-1-5-21-1654013148-911664163-2520165974-1001\Software\Microsoft\Internet Explorer\MenuExt\ ->
Add to Google Photos Screensa&ver -> C:\Windows\System32\GPhotos.scr [res://C:\Windows\system32\GPhotos.scr/200] -> [2010.02.20 01:47:50 | 003,604,480 | ---- | M | MD5 = D909DFE8CA0FA8E505B7C6B4621AF745] (Google Inc.)
Nach Microsoft E&xel exportieren -> C:\Programme\Microsoft Office\Office12\EXCEL.EXE [res://C:\PROGRA~1\MICROS~1\Office12\EXCEL.EXE/3000] -> [2010.04.24 08:25:04 | 018,352,488 | ---- | M | MD5 = 86075C2A59A89A4A9E7427525513AFD6] (Microsoft Corporation)
< Internet Explorer Extensions [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\ ->
{2670000A-7350-4f3c-8081-5663EE0C6C49}:{48E73304-E1D6-4330-914C-F5F514E3486C} [HKLM] -> C:\Programme\Microsoft Office\Office12\ONBttnIE.dll [Button: An OneNote senden] -> [2009.02.26 19:45:52 | 000,603,040 | ---- | M | MD5 = 79F7DB36E67B9E8365FA824AD96DF400] (Microsoft Corporation)
{2670000A-7350-4f3c-8081-5663EE0C6C49}:{48E73304-E1D6-4330-914C-F5F514E3486C} [HKLM] -> C:\Programme\Microsoft Office\Office12\ONBttnIE.dll [Menu: An OneNote s&enden] -> [2009.02.26 19:45:52 | 000,603,040 | ---- | M | MD5 = 79F7DB36E67B9E8365FA824AD96DF400] (Microsoft Corporation)
{72EFBFE4-C74F-4187-AEFD-73EA3BE968D6}:Exec [HKLM] -> C:\Programme\ICQ7.2\ICQ.exe [Button: ICQ7.2] -> [2010.06.23 10:51:23 | 000,133,368 | ---- | M | MD5 = 5C2F10972BECA53D9FBE9F44CD567269] (ICQ, LLC.)
{72EFBFE4-C74F-4187-AEFD-73EA3BE968D6}:Exec [HKLM] -> C:\Programme\ICQ7.2\ICQ.exe [Menu: ICQ7.2] -> [2010.06.23 10:51:23 | 000,133,368 | ---- | M | MD5 = 5C2F10972BECA53D9FBE9F44CD567269] (ICQ, LLC.)
{92780B25-18CC-41C8-B9BE-3C9C571A8263}:{FF059E31-CC5A-4E2E-BF3B-96E929D65503} [HKLM] -> C:\Programme\Microsoft Office\Office12\REFIEBAR.DLL [Button: Research] -> [2009.03.06 04:04:56 | 000,039,464 | ---- | M | MD5 = AEF204E782BFA2C8448CB43A58960744] (Microsoft Corporation)
< Internet Explorer Plugins [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Plugins\ ->
< Default Prefix > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix
"" -> hxxp://
< Trusted Sites Domains [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. ->
< Trusted Sites Ranges [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. ->
< Trusted Sites Domains [HKEY_USERS\.DEFAULT\] > -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ ->
HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. ->
< Trusted Sites Ranges [HKEY_USERS\.DEFAULT\] > -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ ->
HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. ->
< Trusted Sites Domains [HKEY_USERS\S-1-5-18\] > -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ ->
HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. ->
< Trusted Sites Ranges [HKEY_USERS\S-1-5-18\] > -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ ->
HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. ->
< Trusted Sites Domains [HKEY_USERS\S-1-5-19\] > -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ ->
HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. ->
< Trusted Sites Ranges [HKEY_USERS\S-1-5-19\] > -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ ->
HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. ->
< Trusted Sites Domains [HKEY_USERS\S-1-5-20\] > -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ ->
HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. ->
< Trusted Sites Ranges [HKEY_USERS\S-1-5-20\] > -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ ->
HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. ->
< Trusted Sites Domains [HKEY_USERS\S-1-5-21-1654013148-911664163-2520165974-1001\] > -> HKEY_USERS\S-1-5-21-1654013148-911664163-2520165974-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ ->
HKEY_USERS\S-1-5-21-1654013148-911664163-2520165974-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. ->
< Trusted Sites Ranges [HKEY_USERS\S-1-5-21-1654013148-911664163-2520165974-1001\] > -> HKEY_USERS\S-1-5-21-1654013148-911664163-2520165974-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ ->
HKEY_USERS\S-1-5-21-1654013148-911664163-2520165974-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. ->
< Downloaded Program Files > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\ ->
{8AD9C840-044E-11D1-B3E9-00805F499D93} [HKLM] -> hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab [Java Plug-in 1.6.0_20] ->
{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} [HKLM] -> hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab [Java Plug-in 1.6.0_20] ->
{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} [HKLM] -> hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab [Java Plug-in 1.6.0_20] ->
{F6ACF75C-C32C-447B-9BEF-46B766368D29} [HKLM] -> hxxp://ccfiles.creative.com/Web/softwareupdate/su2/ocx/15111/CTPID.cab [Creative Software AutoUpdate Support Package] ->
< Name Servers [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\ ->
DhcpNameServer -> 10.142.0.1 ->
< Name Servers [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Adapters\ ->
{8CD7E3AA-8308-4B05-8708-D52D0BB8F05F}\\DhcpNameServer -> 10.142.0.1 (NVIDIA nForce-Netzwerkcontroller) ->
< Winlogon settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon ->
*Shell* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\Shell ->
Explorer.exe -> C:\Windows\explorer.exe -> [2009.10.31 07:45:39 | 002,614,272 | ---- | M | MD5 = 2626FC9755BE22F805D3CFA0CE3EE727] (Microsoft Corporation)
*MultiFile Done* -> ->
*VMApplet* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\VMApplet ->
SystemPropertiesPerformance.exe -> C:\Windows\System32\SystemPropertiesPerformance.exe -> [2009.07.14 03:14:42 | 000,081,920 | ---- | M | MD5 = 1969A81CA0CFAF3DC732C89B38854997] (Microsoft Corporation)
/pagefile -> -> File not found
*MultiFile Done* -> ->
< ShellExecuteHooks [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks ->
"{AEB6717E-7E19-11d0-97EE-00C04FD91972}" [HKLM] -> Reg Error: Key error. [] -> File not found
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}" [HKLM] -> C:\Programme\Microsoft Office\Office12\GrooveShellExtensions.dll [Groove GFS Stub Execution Hook] -> [2009.02.12 15:19:32 | 002,217,848 | ---- | M | MD5 = A6B5A41C0ED007AB6C43CAD899E533D8] (Microsoft Corporation)
< LSA Security Packages [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\Security Packages ->
*LSA Security Packages* -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\Security Packages ->
pku2u -> C:\Windows\System32\pku2u.dll -> [2009.07.14 03:16:12 | 000,186,880 | ---- | M | MD5 = 37CC990D4E2CDFAE12AC47F6B620FC13] (Microsoft Corporation)
*MultiFile Done* -> ->
< Domain Profile Authorized Applications List > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List ->
< Standard Profile Authorized Applications List > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List ->
< SafeBoot AlternateShell [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot ->
< CDROM Autorun Setting [HKEY_LOCAL_MACHINE]> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom ->
"AutoRun" -> 1 ->
"DisplayName" -> CD-ROM-Laufwerktreiber ->
"ImagePath" -> [system32\DRIVERS\cdrom.sys] -> File not found
< Drives with AutoRun files > -> ->
C:\autoexec.bat [REM Dummy file for NTVDM | ] -> C:\autoexec.bat [ NTFS ] -> [2009.06.10 23:42:20 | 000,000,024 | ---- | M | MD5 = D9EBEC6668A6092FCBD1713C347AA5E0] ()
< MountPoints2 [HKEY_CURRENT_USER] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2 ->
< Registry Shell Spawning - Select to Repair > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command ->
comfile [open] -> "%1" %* ->
exefile [open] -> "%1" %* ->
< File Associations - Select to Repair > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>\ ->
.com [@ = ComFile] -> "%1" %* ->
.exe [@ = exefile] -> "%1" %* ->
[Registry - Additional Scans - Safe List]
< ActiveX StubPath [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\ ->
{08B0E5C0-4FCB-11CF-AAA5-00401C608500} [KeyFileName] -> C:\Programme\Java\jre6\bin\regutils.dll [(default): Java (Sun); IsInstalled: 1] -> [2010.04.12 18:35:02 | 000,270,336 | ---- | M | MD5 = 82CD9719A11D9FEF7CA751DA31651158] (Sun Microsystems, Inc.)
{25FFAAD0-F4A3-4164-95FF-4461E9F35D51} [HKLM] -> Reg Error: Key error. [(default): .NET Framework] -> File not found
{2C7339CF-2B09-4501-B3F3-F3508C9228ED} [StubPath] -> %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll [(default): Themes Setup; IsInstalled: 1] ->
{3af36230-a269-11d1-b5bf-0000f8051515} [HKLM] -> Reg Error: Key error. [(default): Offline Browsing Pack; IsInstalled: 1] -> File not found
{3C3901C5-3455-3E0A-A214-0B093A5070A6} [HKLM] -> Reg Error: Key error. [(default): .NET Framework] -> File not found
{44BBA840-CC51-11CF-AAFA-00AA00B6015C} [StubPath] -> "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE [(default): Microsoft Windows; IsInstalled: 1] ->
{44BBA855-CC51-11CF-AAFA-00AA00B6015F} [HKLM] -> Reg Error: Key error. [(default): DirectDrawEx; IsInstalled: 1] -> File not found
{45ea75a0-a269-11d1-b5bf-0000f8051515} [HKLM] -> Reg Error: Key error. [(default): Internet Explorer Help; IsInstalled: 1] -> File not found
{4f645220-306d-11d2-995d-00c04f98bbc9} [HKLM] -> Reg Error: Key error. [(default): Microsoft Windows Script 5.6; IsInstalled: 1] -> File not found
{5fd399c0-a70a-11d1-9948-00c04f98bbc9} [HKLM] -> Reg Error: Key error. [(default): Internet Explorer Setup Tools; IsInstalled: 1] -> File not found
{6BF52A52-394A-11d3-B153-00C04F79FAA6} [StubPath] -> %SystemRoot%\system32\unregmp2.exe /FirstLogon /Shortcuts /RegBrowsers /ResetMUI [(default): Microsoft Windows Media Player; IsInstalled: 1] ->
{6fab99d0-bab8-11d1-994a-00c04f98bbc9} [HKLM] -> Reg Error: Key error. [(default): MSN Site Access; IsInstalled: 1] -> File not found
{7790769C-0471-11d2-AF11-00C04FA35D02} [HKLM] -> Reg Error: Key error. [(default): Address Book 7; IsInstalled: 1] -> File not found
{7C028AF8-F614-47B3-82DA-BA94E41B1089} [HKLM] -> Reg Error: Key error. [(default): .NET Framework] -> File not found
{89820200-ECBD-11cf-8B85-00AA005B4340} [StubPath] -> regsvr32.exe /s /n /i:U shell32.dll [(default): Windows Desktop Update; IsInstalled: 1] ->
{89820200-ECBD-11cf-8B85-00AA005B4383} [StubPath] -> C:\Windows\System32\ie4uinit.exe -BaseSettings [(default): Web Platform Customizations; IsInstalled: 1] ->
{89B4C1CD-B018-4511-B0A1-5476DBF70820} [StubPath] -> C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install [ComponentID: DOTNETFRAMEWORKS; IsInstalled: 1] ->
{9381D8F2-0288-11D0-9501-00AA00B911A5} [HKLM] -> Reg Error: Key error. [(default): Dynamic HTML Data Binding; IsInstalled: 1] -> File not found
{C9E9A340-D1F1-11D0-821E-444553540600} [HKLM] -> Reg Error: Key error. [(default): Internet Explorer Core Fonts; IsInstalled: 1] -> File not found
{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} [HKLM] -> Reg Error: Key error. [(default): .NET Framework] -> File not found
{D27CDB6E-AE6D-11CF-96B8-444553540000} [HKLM] -> C:\Windows\System32\Macromed\Flash\Flash10a.ocx [(default): Adobe Flash Player; IsInstalled: 01 00 00 00 [binary data]] -> [2008.10.05 05:16:26 | 003,789,728 | R--- | M | MD5 = 466C1355934925768822E380DA6E6E4A] (Adobe Systems, Inc.)
{de5aed00-a4bf-11d1-9948-00c04f98bbc9} [HKLM] -> Reg Error: Key error. [(default): HTML Help; IsInstalled: 1] -> File not found
{E92B03AB-B707-11d2-9CBD-0000F87A369E} [HKLM] -> Reg Error: Key error. [(default): Active Directory Service Interface; IsInstalled: 1] -> File not found
>{22d6f312-b0f6-11d0-94ab-0080c74c7e95} [StubPath] -> %SystemRoot%\system32\unregmp2.exe /ShowWMP [(default): Microsoft Windows Media Player; IsInstalled: 0] ->
>{26923b43-4d38-484f-9b9e-de460746276c} [StubPath] -> C:\Windows\System32\ie4uinit.exe -UserIconConfig [(default): Internet Explorer; IsInstalled: 1] ->
>{60B49E34-C7CC-11D0-8953-00A0C90347FF} [StubPath] -> "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP [(default): Browser Customizations; IsInstalled: 1] ->
< ActiveX StubPath [HKEY_USERS\S-1-5-21-1654013148-911664163-2520165974-1001\] > -> HKEY_USERS\S-1-5-21-1654013148-911664163-2520165974-1001\SOFTWARE\Microsoft\Active Setup\Installed Components\ ->
{2C7339CF-2B09-4501-B3F3-F3508C9228ED} [HKLM] -> Reg Error: Key error. [(no name)] -> File not found
{44BBA840-CC51-11CF-AAFA-00AA00B6015C} [HKLM] -> Reg Error: Key error. [(no name)] -> File not found
{89820200-ECBD-11cf-8B85-00AA005B4340} [HKLM] -> Reg Error: Key error. [(no name)] -> File not found
{89820200-ECBD-11cf-8B85-00AA005B4383} [HKLM] -> Reg Error: Key error. [(no name)] -> File not found
{89B4C1CD-B018-4511-B0A1-5476DBF70820} [HKLM] -> Reg Error: Key error. [(no name)] -> File not found
>{26923b43-4d38-484f-9b9e-de460746276c} [HKLM] -> Reg Error: Key error. [(no name)] -> File not found
>{60B49E34-C7CC-11D0-8953-00A0C90347FF} [HKLM] -> Reg Error: Key error. [(no name)] -> File not found
< App Paths [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\ ->
AcroRd32.exe -> C:\Programme\Adobe\Reader 9.0\Reader\AcroRd32.exe [C:\Program Files\Adobe\Reader 9.0\Reader\AcroRd32.exe] -> [2010.04.04 07:57:52 | 000,349,616 | ---- | M | MD5 = E99B2E72C53E774C57B305661BE5F569] (Adobe Systems Incorporated)
chrome.exe -> C:\Programme\Google\Chrome\Application\chrome.exe [C:\Program Files\Google\Chrome\Application\chrome.exe] -> [2010.06.02 07:57:48 | 000,945,648 | ---- | M | MD5 = EFDD088607E412C5E100E2E5E353955D] (Google Inc.)
cmaple13.exe -> C:\Programme\Maple 13\bin.win\cmaple.exe [C:\Program Files\Maple 13\bin.win\cmaple.exe] -> [2010.02.28 00:20:14 | 000,102,400 | ---- | M | MD5 = 7DF6314F16D9BA4285238CAA8AF9D906] ()
cmmgr32.exe -> Reg Error: Value error. [Reg Error: Value error.] -> File not found
combofix.exe -> C:\Users\Klaus\Desktop\Combo-Fix.exe [C:\Users\Klaus\Desktop\Combo-Fix.exe] -> [2010.06.30 11:23:02 | 003,724,003 | R--- | M | MD5 = 00763D8953E86AE9BF785D2794CFC77F] ()
CTAESvc.dll -> C:\Programme\InstallShield Installation Information\{CC3D3A93-C433-4329-AC3A-7EFC52A332C2}\AudELSvc\CTAESvc.dll [C:\Program Files\InstallShield Installation Information\{CC3D3A93-C433-4329-AC3A-7EFC52A332C2}\AudELSvc\CTAESvc.dll] -> [2008.04.21 18:12:22 | 000,293,888 | ---- | M | MD5 = 0564AE9DB90FC8E7EDA1A5536037A225] (Creative Labs)
CTAudCS.exe -> C:\Programme\Creative\AudioCS\CTAudCS.exe [C:\Program Files\Creative\AudioCS\CTAudCS.exe] -> [2008.10.29 18:31:24 | 000,282,624 | ---- | M | MD5 = 30F46968501652B81F0D9BB592F76122] (Creative Technology Ltd)
Ctcadi.dll -> C:\Programme\Creative\ShareDLL\CADI\ctcadi.dll [C:\Program Files\Creative\ShareDLL\CADI\Ctcadi.dll] -> [2008.05.02 18:37:28 | 000,163,840 | ---- | M | MD5 = FEE5D2D10CBBC25B4A01FD2D5FDC85DE] (Creative Technology Ltd)
CTPPage.dll -> C:\Programme\Creative\SBControl\CTPPage.dll [C:\Program Files\Creative\SBControl\CTPPage.dll] -> [2009.01.04 10:30:16 | 000,237,568 | ---- | M | MD5 = 36C19B86ED974C793E0BB60E7343249C] (Creative Technology Ltd)
DrWeb32W.Exe -> C:\Programme\DrWeb\drweb32w.exe [C:\Program Files\DrWeb\DrWeb32W.Exe] -> [2010.05.14 17:35:42 | 001,973,000 | ---- | M | MD5 = C55CA4489ED568B1EAF90E430F52D1BB] (Doctor Web, Ltd.)
dvdmaker.exe -> C:\Programme\DVD Maker\DVDMaker.exe [%ProgramFiles%\DVD Maker\dvdmaker.exe] -> [2009.07.14 03:14:19 | 001,971,200 | ---- | M | MD5 = 5A8EBF167F36A7C0D6E9BDD027D55EEB] (Microsoft Corporation)
excel.exe -> C:\Programme\Microsoft Office\Office12\EXCEL.EXE [C:\PROGRA~1\MICROS~1\Office12\EXCEL.EXE] -> [2010.04.24 08:25:04 | 018,352,488 | ---- | M | MD5 = 86075C2A59A89A4A9E7427525513AFD6] (Microsoft Corporation)
firefox.exe -> C:\Programme\Mozilla Firefox\firefox.exe [C:\Program Files\Mozilla Firefox\firefox.exe] -> [2010.06.28 01:26:58 | 000,910,296 | ---- | M | MD5 = 8FC4306F0FFAA592BBA29F9273293D22] (Mozilla Corporation)
GROOVE.EXE -> C:\Programme\Microsoft Office\Office12\GROOVE.EXE [C:\PROGRA~1\MICROS~1\Office12\GROOVE.EXE] -> [2009.02.14 06:03:18 | 000,337,264 | ---- | M | MD5 = 47B90FCFE1B89BCEE4458BAD3C1C5C63] (Microsoft Corporation)
HpqApKil.exe -> C:\Programme\HP\Digital Imaging\bin\HpqApKil.exe [C:\Program Files\HP\Digital Imaging\bin\HpqApKil.exe] -> [2007.12.10 10:47:26 | 000,017,408 | ---- | M | MD5 = 525263D2AFE2FA704583CE76AF1E6701] (Hewlett-Packard)
hpqqpawp.exe -> C:\Programme\HP\Digital Imaging\bin\hpqqpawp.exe [C:\Program Files\HP\Digital Imaging\Bin\hpqqpawp.exe] -> [2007.09.13 15:38:46 | 000,348,160 | ---- | M | MD5 = 0D42D4E3CD839E906603FC9513E527C2] (Hewlett-Packard Development Co. L.P.)
hpqSSupply.exe -> C:\Programme\HP\HPSSUPPLY\hpqSSupply.exe [C:\Program Files\HP\HPSSUPPLY\hpqSSupply.exe] -> [2009.05.21 21:46:56 | 000,428,032 | ---- | M | MD5 = A3D9F17E378D66AAF010A0BBAA983D84] (Hewlett-Packard Development Company L.P.)
HpqTrMgr.exe -> C:\Programme\HP\Digital Imaging\bin\HpqTrMgr.exe [C:\Program Files\HP\Digital Imaging\bin\HpqTrMgr.exe] -> [2007.09.13 15:38:48 | 000,163,840 | ---- | M | MD5 = 1C49F10469088801DE3D59E019D70E89] (Hewlett-Packard)
ICQ.exe -> C:\Programme\ICQ7.2\ICQ.exe [C:\Program Files\ICQ7.2\ICQ.exe] -> [2010.06.23 10:51:23 | 000,133,368 | ---- | M | MD5 = 5C2F10972BECA53D9FBE9F44CD567269] (ICQ, LLC.)
IEXPLORE.EXE -> C:\Programme\Internet Explorer\iexplore.exe [C:\Program Files\Internet Explorer\IEXPLORE.EXE] -> [2009.07.14 03:17:29 | 000,673,048 | ---- | M | MD5 = 2C32E3E596CFE660353753EABEFB0540] (Microsoft Corporation)
infopath.exe -> C:\Programme\Microsoft Office\Office12\INFOPATH.EXE [C:\PROGRA~1\MICROS~1\Office12\INFOPATH.EXE] -> [2010.02.04 04:18:10 | 001,459,576 | ---- | M | MD5 = 7194349716B920FAD45F8524214452FF] (Microsoft Corporation)
install.exe -> Reg Error: Value error. [Reg Error: Value error.] -> File not found
iTunes.exe -> C:\Programme\iTunes\iTunes.exe [C:\Program Files\iTunes\iTunes.exe] -> [2010.04.28 15:06:24 | 010,358,568 | ---- | M | MD5 = EE4C97A0769AF343E27C5788A01E63F9] (Apple Inc.)
javaws.exe -> C:\Programme\Java\jre6\bin\javaws.exe [C:\Program Files\Java\jre6\bin\javaws.exe] -> [2010.04.12 17:29:27 | 000,153,376 | ---- | M | MD5 = 9D452D6B1ED99F88C327349A644EB3A2] (Sun Microsystems, Inc.)
Journal.exe -> C:\Programme\Windows Journal\Journal.exe [%ProgramFiles%\Windows Journal\Journal.exe] -> [2009.07.14 03:14:22 | 001,785,344 | ---- | M | MD5 = BFF56F5DD5675C921D0E7E66BBD6DF93] (Microsoft Corporation)
MapletViewer13.exe -> C:\Programme\Maple 13\bin.win\mapletviewer.exe [C:\Program Files\Maple 13\bin.win\MapletViewer.exe] -> [2010.02.28 00:20:14 | 000,106,496 | ---- | M | MD5 = 1001FA2857879C28371603B917BD2007] ()
maplew13.exe -> C:\Programme\Maple 13\bin.win\maplew.exe [C:\Program Files\Maple 13\bin.win\maplew.exe] -> [2010.02.28 00:20:14 | 000,061,440 | ---- | M | MD5 = 6675E7B76D770AB672F37BDE1246D65F] (Maplesoft)
mbam.exe -> C:\Programme\Malwarebytes' Anti-Malware\mbam.exe [C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe] -> [2010.04.29 12:19:18 | 001,090,952 | ---- | M | MD5 = 47EA3CF0F509480554A058C6D7641ED0] (Malwarebytes Corporation)
migwiz.exe -> Reg Error: Value error. [Reg Error: Value error.] -> File not found
mint13.exe -> C:\Programme\Maple 13\bin.win\mint.exe [C:\Program Files\Maple 13\bin.win\mint.exe] -> [2010.02.28 00:20:15 | 000,245,760 | ---- | M | MD5 = 97E5042BC49A7DDF84DF0595AA9569D8] ()
mip.exe -> C:\Programme\Common Files\microsoft shared\ink\mip.exe [%CommonProgramFiles%\Microsoft Shared\Ink\mip.exe] -> [2009.07.14 03:14:24 | 001,221,632 | ---- | M | MD5 = 98EE585737E8EFA903A26E71ADFB1FA0] (Microsoft Corporation)
mplayer2.exe -> C:\Programme\Windows Media Player\wmplayer.exe [%ProgramFiles%\Windows Media Player\wmplayer.exe] -> [2009.08.29 08:56:10 | 000,164,864 | ---- | M | MD5 = 58F2330B4EFD5D0AFB3916059ADED428] (Microsoft Corporation)
MSACCESS.EXE -> C:\Programme\Microsoft Office\Office12\MSACCESS.EXE [C:\PROGRA~1\MICROS~1\Office12\MSACCESS.EXE] -> [2009.03.06 02:37:52 | 010,222,432 | ---- | M | MD5 = F8B686F12ECA4157553C26301A77CF26] (Microsoft Corporation)
MsoHtmEd.exe -> Reg Error: Value error. [Reg Error: Value error.] -> File not found
msoxmled.exe -> C:\Programme\Common Files\microsoft shared\OFFICE12\MSOXMLED.EXE [C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLED.EXE] -> [2006.10.26 21:41:50 | 000,059,152 | ---- | M | MD5 = D62AF8D56065619E3189563099185C45] (Microsoft Corporation)
MSPUB.EXE -> C:\Programme\Microsoft Office\Office12\MSPUB.EXE [C:\PROGRA~1\MICROS~1\Office12\MSPUB.EXE] -> [2010.04.24 08:16:32 | 009,589,104 | ---- | M | MD5 = 51CDBA1881815588CA53AF862D660622] (Microsoft Corporation)
ois.exe -> C:\Programme\Microsoft Office\Office12\OIS.EXE [C:\PROGRA~1\MICROS~1\Office12\OIS.EXE] -> [2008.11.04 01:24:48 | 000,274,808 | ---- | M | MD5 = 35550A6C24528FA2D949D7C52350F7FF] (Microsoft Corporation)
OneNote.exe -> C:\Programme\Microsoft Office\Office12\ONENOTE.EXE [C:\PROGRA~1\MICROS~1\Office12\ONENOTE.EXE] -> [2009.02.26 15:24:50 | 001,001,840 | ---- | M | MD5 = 96F0A88B100A4E2914F1272E35714128] (Microsoft Corporation)
Origin80.Exe -> C:\Program Files\OriginLab\Origin8\Origin80.Exe [C:\Program Files\OriginLab\Origin8\Origin80.Exe] -> File not found
OUTLOOK.EXE -> C:\Programme\Microsoft Office\Office12\OUTLOOK.EXE [C:\PROGRA~1\MICROS~1\Office12\OUTLOOK.EXE] -> [2009.08.17 22:54:54 | 012,957,536 | ---- | M | MD5 = A4C6626DD0833249DFC8224014965E07] (Microsoft Corporation)
pbrush.exe -> C:\Windows\System32\mspaint.exe [%SystemRoot%\System32\mspaint.exe] -> [2009.07.14 03:14:26 | 006,376,960 | ---- | M | MD5 = E97295DE2A9FDE547FEAB4FE41DF16CA] (Microsoft Corporation)
PhotoshopElementsEditor.exe -> C:\Programme\Adobe\Photoshop Elements 8.0\PhotoshopElementsEditor.exe [C:\Program Files\Adobe\Photoshop Elements 8.0\PhotoshopElementsEditor.exe] -> [2009.10.09 08:19:18 | 043,230,560 | ---- | M | MD5 = 3978D0E45CDC05A30064E1C22C292C7F] (Adobe Systems Incorporated)
PictureViewer.exe -> C:\Programme\QuickTime\PictureViewer.exe [C:\Program Files\QuickTime\PictureViewer.exe] -> [2010.03.17 21:53:32 | 000,557,056 | ---- | M | MD5 = DB95D4C263A3264C5CCA90D2FA505824] (Apple Inc.)
powerpnt.exe -> C:\Programme\Microsoft Office\Office12\POWERPNT.EXE [C:\PROGRA~1\MICROS~1\Office12\POWERPNT.EXE] -> [2009.02.26 13:06:28 | 000,521,080 | ---- | M | MD5 = B0D00A88DC8DBC1FBD6A6BAC0E1E5D56] (Microsoft Corporation)
PowerShell.exe -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe [%SystemRoot%\system32\WindowsPowerShell\v1.0\PowerShell.exe] -> [2009.07.14 03:14:24 | 000,452,608 | ---- | M | MD5 = 92F44E405DB16AC55D97E3BFE3B132FA] (Microsoft Corporation)
QuickTimePlayer.exe -> C:\Programme\QuickTime\QuickTimePlayer.exe [C:\Program Files\QuickTime\QuickTimePlayer.exe] -> [2010.03.17 23:28:24 | 001,230,128 | ---- | M | MD5 = 3D75D51FEC3B470B0696CED91EBBC4BC] (Apple Inc.)
Safari.exe -> C:\Programme\Safari\Safari.exe [C:\Program Files\Safari\Safari.exe] -> [2010.03.04 03:33:50 | 001,795,880 | ---- | M | MD5 = 213A8EE745B1AF2A74C3A1573635AB0A] (Apple Inc.)
sbase.exe -> C:\Programme\OpenOffice.org 3\program\sbase.exe [C:\Program Files\OpenOffice.org 3\program\sbase.exe] -> [2009.08.18 17:26:10 | 000,304,128 | ---- | M | MD5 = 74933D9D314ED33342C88297AF6E2554] ()
scalc.exe -> C:\Programme\OpenOffice.org 3\program\scalc.exe [C:\Program Files\OpenOffice.org 3\program\scalc.exe] -> [2009.08.18 17:25:24 | 000,304,128 | ---- | M | MD5 = 6C17E85D0FF5B2B89587650AA4991B94] ()
sdraw.exe -> C:\Programme\OpenOffice.org 3\program\sdraw.exe [C:\Program Files\OpenOffice.org 3\program\sdraw.exe] -> [2009.08.18 17:25:36 | 000,304,128 | ---- | M | MD5 = F595765C13743B866455F15F3552D529] ()
setup.exe -> Reg Error: Value error. [Reg Error: Value error.] -> File not found
simpress.exe -> C:\Programme\OpenOffice.org 3\program\simpress.exe [C:\Program Files\OpenOffice.org 3\program\simpress.exe] -> [2009.08.18 17:25:44 | 000,304,128 | ---- | M | MD5 = 2A29BCC2AAB249D2ADBF7DCEFFC8D8EB] ()
smath.exe -> C:\Programme\OpenOffice.org 3\program\smath.exe [C:\Program Files\OpenOffice.org 3\program\smath.exe] -> [2009.08.18 17:25:54 | 000,304,128 | ---- | M | MD5 = C200484E89795A405D4738A04E52828F] ()
SnippingTool.exe -> C:\Windows\System32\SnippingTool.exe [%SystemRoot%\system32\SnippingTool.exe] -> [2009.07.14 03:14:39 | 000,396,288 | ---- | M | MD5 = 32BE4A1FAFCCD5CA9AB0CE772C43D5E2] (Microsoft Corporation)
soffice.exe -> C:\Programme\OpenOffice.org 3\program\soffice.exe [C:\Program Files\OpenOffice.org 3\program\soffice.exe] -> [2009.08.19 10:52:28 | 007,424,000 | ---- | M | MD5 = 83170B8E03213093B065A9638E146499] (OpenOffice.org)
swriter.exe -> C:\Programme\OpenOffice.org 3\program\swriter.exe [C:\Program Files\OpenOffice.org 3\program\swriter.exe] -> [2009.08.18 17:25:16 | 000,304,128 | ---- | M | MD5 = AD7E6B7FCB50D40A0C0141D6DBCEB8D6] ()
table30.exe -> Reg Error: Value error. [Reg Error: Value error.] -> File not found
TabTip.exe -> C:\Programme\Common Files\microsoft shared\ink\TabTip.exe [%CommonProgramFiles%\microsoft shared\ink\TabTip.exe] -> [2009.07.14 03:14:42 | 000,181,760 | ---- | M | MD5 = 21E01FD4147EA1B952E4CD9928B879B8] (Microsoft Corporation)
unopkg.exe -> C:\Programme\OpenOffice.org 3\program\unopkg.exe [C:\Program Files\OpenOffice.org 3\program\unopkg.exe] -> [2009.08.18 17:23:08 | 000,010,752 | ---- | M | MD5 = 735167EDEEB123A3C1B483C02080475C] ()
wab.exe -> C:\Programme\Windows Mail\wab.exe [%ProgramFiles%\Windows Mail\wab.exe] -> [2009.07.14 03:14:44 | 000,516,096 | ---- | M | MD5 = 8665275D0AB685C4DD4E45E622DE9989] (Microsoft Corporation)
wabmig.exe -> C:\Programme\Windows Mail\wabmig.exe [%ProgramFiles%\Windows Mail\wabmig.exe] -> [2009.07.14 03:14:44 | 000,065,536 | ---- | M | MD5 = 53A5EAFAAB88D5DBB24E6EEB5D9E0E12] (Microsoft Corporation)
winamp.exe -> C:\Programme\Winamp\winamp.exe [C:\Program Files\Winamp\winamp.exe] -> [2009.07.01 18:38:40 | 001,481,056 | ---- | M | MD5 = E2430E58B19E599AE7A29A1B38509EB9] (Nullsoft)
WinRAR.exe -> C:\Programme\WinRAR\WinRAR.exe [C:\Program Files\WinRAR\WinRAR.exe] -> [2009.08.16 18:04:42 | 001,037,312 | ---- | M | MD5 = B6A214BACD0C5BE45C4D093032DD884B] ()
Winword.exe -> C:\Programme\Microsoft Office\Office12\WINWORD.EXE [C:\PROGRA~1\MICROS~1\Office12\WINWORD.EXE] -> [2010.04.09 19:05:06 | 000,408,936 | ---- | M | MD5 = 37572BA12DD6E76184651EC034152341] (Microsoft Corporation)
wmplayer.exe -> C:\Programme\Windows Media Player\wmplayer.exe [%ProgramFiles%\Windows Media Player\wmplayer.exe] -> [2009.08.29 08:56:10 | 000,164,864 | ---- | M | MD5 = 58F2330B4EFD5D0AFB3916059ADED428] (Microsoft Corporation)
WORDPAD.EXE -> C:\Program Files\Windows NT\Accessories\WORDPAD.EXE ["%ProgramFiles%\Windows NT\Accessories\WORDPAD.EXE"] -> [2009.07.14 03:14:49 | 004,243,968 | ---- | M | MD5 = E745BC62FE98CE4DA12D7B18F5DDBA3F] (Microsoft Corporation)
WRITE.EXE -> C:\Program Files\Windows NT\Accessories\WORDPAD.EXE ["%ProgramFiles%\Windows NT\Accessories\WORDPAD.EXE"] -> [2009.07.14 03:14:49 | 004,243,968 | ---- | M | MD5 = E745BC62FE98CE4DA12D7B18F5DDBA3F] (Microsoft Corporation)
Zattoo.exe -> C:\Programme\Zattoo\Zattoo.exe [C:\Program Files\Zattoo\Zattoo.exe] -> [2009.04.21 23:06:16 | 005,713,920 | ---- | M | MD5 = 2E7567B2ECC4EB21DB8841A1569E4B66] ()
Zattoo4.exe -> C:\Program Files\Zattoo4\Zattoo4.exe [C:\Program Files\Zattoo4\Zattoo4.exe] -> File not found
< Approved Shell Extensions [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved ->
"{00020D75-0000-0000-C000-000000000046}" [HKLM] -> C:\Programme\Microsoft Office\Office12\MLSHEXT.DLL [Microsoft Office Outlook Desktop Icon Handler] -> [2009.02.26 12:09:28 | 000,020,352 | ---- | M | MD5 = 44362D363C21BBAABCA8CB42D14B05E2] (Microsoft Corporation)
"{0006F045-0000-0000-C000-000000000046}" [HKLM] -> C:\Programme\Microsoft Office\Office12\OLKFSTUB.DLL [Microsoft Office Outlook Custom Icon Handler] -> [2009.03.11 18:01:24 | 000,253,808 | ---- | M | MD5 = FF2AE2DF0204A8208E26D166E4527CE0] (Microsoft Corporation)
"{087B3AE3-E237-4467-B8DB-5A38AB959AC9}" [HKLM] -> C:\Program Files\OpenOffice.org 3\Basis\program\shlxthdl\shlxthdl.dll [OpenOffice.org Infotip Handler] -> [2009.07.02 16:06:40 | 000,373,248 | ---- | M | MD5 = 3EF2A4BD267AC889CF90D0EC80CC9A11] (Sun Microsystems, Inc.)
"{16F3DD56-1AF5-4347-846D-7C10C4192619}" [HKLM] -> C:\Programme\Microsoft Office\Office12\GrooveShellExtensions.dll [Groove Explorer Icon Overlay 3 (GFS Folder)] -> [2009.02.12 15:19:32 | 002,217,848 | ---- | M | MD5 = A6B5A41C0ED007AB6C43CAD899E533D8] (Microsoft Corporation)
"{2916C86E-86A6-43FE-8112-43ABE6BF8DCC}" [HKLM] -> C:\Programme\Microsoft Office\Office12\GrooveShellExtensions.dll [Groove Explorer Icon Overlay 4 (GFS Unread Mark)] -> [2009.02.12 15:19:32 | 002,217,848 | ---- | M | MD5 = A6B5A41C0ED007AB6C43CAD899E533D8] (Microsoft Corporation)
"{2A541AE1-5BF6-4665-A8A3-CFA9672E4291}" [HKLM] -> C:\Programme\Microsoft Office\Office12\GrooveShellExtensions.dll [Groove GFS Explorer Bar] -> [2009.02.12 15:19:32 | 002,217,848 | ---- | M | MD5 = A6B5A41C0ED007AB6C43CAD899E533D8] (Microsoft Corporation)
"{387E725D-DC16-4D76-B310-2C93ED4752A0}" [HKLM] -> C:\Programme\Microsoft Office\Office12\GrooveShellExtensions.dll [Groove XML Icon Handler] -> [2009.02.12 15:19:32 | 002,217,848 | ---- | M | MD5 = A6B5A41C0ED007AB6C43CAD899E533D8] (Microsoft Corporation)
"{3B092F0C-7696-40E3-A80F-68D74DA84210}" [HKLM] -> C:\Program Files\OpenOffice.org 3\Basis\program\shlxthdl\shlxthdl.dll [OpenOffice.org Thumbnail Viewer] -> [2009.07.02 16:06:40 | 000,373,248 | ---- | M | MD5 = 3EF2A4BD267AC889CF90D0EC80CC9A11] (Sun Microsystems, Inc.)
"{42042206-2D85-11D3-8CFF-005004838597}" [HKLM] -> C:\Programme\Microsoft Office\Office12\MSOHEVI.DLL [Microsoft Office HTML Icon Handler] -> [2008.10.25 06:18:56 | 000,061,816 | ---- | M | MD5 = 269552E0E5BD5BFE0DA7AD42FAC34C37] (Microsoft Corporation)
"{45AC2688-0253-4ED8-97DE-B5370FA7D48A}" [HKLM] -> C:\Programme\Avira\AntiVir Desktop\shlext.dll [Shell Extension for Malware scanning] -> [2009.05.11 11:33:01 | 000,286,977 | ---- | M | MD5 = 318B0D2CF5470F724B217498553D36E6] (Avira GmbH)
"{5858A72C-C2B4-4dd7-B2BF-B76DB1BD9F6C}" [HKLM] -> C:\Programme\Microsoft Office\Office12\ONFILTER.DLL [Microsoft Office OneNote Namespace Extension for Windows Desktop Search] -> [2009.02.26 15:24:50 | 000,071,536 | ---- | M | MD5 = A1CD5CE96F0A5426DB9A2F793854D1B8] (Microsoft Corporation)
"{5E2121EE-0300-11D4-8D3B-444553540000}" [HKLM] -> C:\Programme\ATI Technologies\ATI.ACE\Core-Static\atiacmxx.dll [Catalyst Context Menu extension] -> [2009.07.21 12:01:52 | 000,704,512 | ---- | M | MD5 = 0E74B0DBCCC39F207B573C2E14A3ADF6] (Advanced Micro Devices, Inc.)
"{63542C48-9552-494A-84F7-73AA6A7C99C1}" [HKLM] -> C:\Program Files\OpenOffice.org 3\Basis\program\shlxthdl\shlxthdl.dll [OpenOffice.org Property Sheet Handler] -> [2009.07.02 16:06:40 | 000,373,248 | ---- | M | MD5 = 3EF2A4BD267AC889CF90D0EC80CC9A11] (Sun Microsystems, Inc.)
"{6C467336-8281-4E60-8204-430CED96822D}" [HKLM] -> C:\Programme\Microsoft Office\Office12\GrooveShellExtensions.dll [Groove GFS Context Menu Handler] -> [2009.02.12 15:19:32 | 002,217,848 | ---- | M | MD5 = A6B5A41C0ED007AB6C43CAD899E533D8] (Microsoft Corporation)
"{72853161-30C5-4D22-B7F9-0BBC1D38A37E}" [HKLM] -> C:\Programme\Microsoft Office\Office12\GrooveShellExtensions.dll [Groove GFS Browser Helper] -> [2009.02.12 15:19:32 | 002,217,848 | ---- | M | MD5 = A6B5A41C0ED007AB6C43CAD899E533D8] (Microsoft Corporation)
"{80009818-f38f-4af1-87b5-eadab9433e58}" [HKLM] -> C:\Windows\System32\mf.dll [MF ADTS Property Handler] -> [2009.07.14 03:15:38 | 003,177,984 | ---- | M | MD5 = 80EFBCAFBD26956B69EE9CEFC93423B0] (Microsoft Corporation)
"{920E6DB1-9907-4370-B3A0-BAFC03D81399}" [HKLM] -> C:\Programme\Microsoft Office\Office12\GrooveShellExtensions.dll [Groove Explorer Icon Overlay 2.5 (GFS Unread Folder)] -> [2009.02.12 15:19:32 | 002,217,848 | ---- | M | MD5 = A6B5A41C0ED007AB6C43CAD899E533D8] (Microsoft Corporation)
"{967B2D40-8B7D-4127-9049-61EA0C2C6DCE}" [HKLM] -> C:\Programme\PowerISO\PWRISOSH.DLL [PowerISO] -> [2010.04.23 02:56:08 | 000,163,840 | ---- | M | MD5 = 6690A2E8F40597439749E2046BE68A5B] (PowerISO Computing, Inc.)
"{993BE281-6695-4BA5-8A2A-7AACBFAAB69E}" [HKLM] -> C:\Programme\Common Files\microsoft shared\OFFICE12\msoshext.dll [Microsoft Office Metadata Handler] -> [2008.11.21 00:02:30 | 000,988,040 | ---- | M | MD5 = DCF42695E315D14286CD06251B5EB88D] (Microsoft Corporation)
"{99FD978C-D287-4F50-827F-B2C658EDA8E7}" [HKLM] -> C:\Programme\Microsoft Office\Office12\GrooveShellExtensions.dll [Groove Explorer Icon Overlay 1 (GFS Unread Stub)] -> [2009.02.12 15:19:32 | 002,217,848 | ---- | M | MD5 = A6B5A41C0ED007AB6C43CAD899E533D8] (Microsoft Corporation)
"{A449600E-1DC6-4232-B948-9BD794D62056}" [HKLM] -> C:\Programme\Microsoft Office\Office12\GrooveShellExtensions.dll [Groove GFS Stub Icon Handler] -> [2009.02.12 15:19:32 | 002,217,848 | ---- | M | MD5 = A6B5A41C0ED007AB6C43CAD899E533D8] (Microsoft Corporation)
"{AB5C5600-7E6E-4B06-9197-9ECEF74D31CC}" [HKLM] -> C:\Programme\Microsoft Office\Office12\GrooveShellExtensions.dll [Groove Explorer Icon Overlay 2 (GFS Stub)] -> [2009.02.12 15:19:32 | 002,217,848 | ---- | M | MD5 = A6B5A41C0ED007AB6C43CAD899E533D8] (Microsoft Corporation)
"{B41DB860-8EE4-11D2-9906-E49FADC173CA}" [HKLM] -> C:\Programme\WinRAR\RarExt.dll [WinRAR shell extension] -> [2009.08.16 18:06:02 | 000,141,312 | ---- | M | MD5 = A070B8C38CEB3A30CC18D1B7C433144C] ()
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}" [HKLM] -> C:\Programme\Microsoft Office\Office12\GrooveShellExtensions.dll [Groove GFS Stub Execution Hook] -> [2009.02.12 15:19:32 | 002,217,848 | ---- | M | MD5 = A6B5A41C0ED007AB6C43CAD899E533D8] (Microsoft Corporation)
"{B9E1D2CB-CCFF-4AA6-9579-D7A4754030EF}" [HKLM] -> C:\Programme\iTunes\iTunesMiniPlayer.dll [iTunes] -> [2010.04.28 15:06:30 | 000,124,200 | ---- | M | MD5 = D4CC4AE21D087D24F3B34C9AF6658C15] (Apple Inc.)
"{C41662BB-1FA0-4CE0-8DC5-9B7F8279FF97}" [HKLM] -> C:\Programme\Common Files\microsoft shared\OFFICE12\msoshext.dll [Microsoft Office Thumbnail Handler] -> [2008.11.21 00:02:30 | 000,988,040 | ---- | M | MD5 = DCF42695E315D14286CD06251B5EB88D] (Microsoft Corporation)
"{C52AF81D-F7A0-4AAB-8E87-F80A60CCD396}" [HKLM] -> C:\Program Files\OpenOffice.org 3\Basis\program\shlxthdl\shlxthdl.dll [OpenOffice.org Column Handler] -> [2009.07.02 16:06:40 | 000,373,248 | ---- | M | MD5 = 3EF2A4BD267AC889CF90D0EC80CC9A11] (Sun Microsystems, Inc.)
"{E7593602-124B-47C9-9F73-A69308EDC973}" [HKLM] -> C:\Programme\DrWeb\drwsxtn.dll [Shell Extension for DrWeb] -> [2010.02.27 12:46:00 | 000,087,592 | ---- | M | MD5 = 6D0278599D1344A1ECB19BE5BCA4AF3E] (Doctor Web, Ltd.)
< File Associations - Select to Repair > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>\ ->
.bat [@ = batfile] -> "%1" %* ->
.cmd [@ = cmdfile] -> "%1" %* ->
.com [@ = ComFile] -> "%1" %* ->
.cpl [@ = cplfile] -> C:\Windows\System32\control.exe -> [2009.07.14 03:14:15 | 000,113,152 | ---- | M | MD5 = 9130377F87A2153FEAB900A00EA1EBFF] (Microsoft Corporation)
.exe [@ = exefile] -> "%1" %* ->
.hlp [@ = hlpfile] -> C:\Windows\winhlp32.exe -> [2009.07.14 03:14:45 | 000,009,728 | ---- | M | MD5 = 1D420D66250BCAAAED05724FB34008CF] (Microsoft Corporation)
.pif [@ = piffile] -> "%1" %* ->
.scr [@ = scrfile] -> "%1" /S ->
< File Associations - Select to Repair > -> HKEY_USERS\S-1-5-21-1654013148-911664163-2520165974-1001\SOFTWARE\Classes\<extension>\ ->
.html [@ = FirefoxHTML] -> C:\Program Files\Mozilla Firefox\firefox.exe -> [2010.06.28 01:26:58 | 000,910,296 | ---- | M | MD5 = 8FC4306F0FFAA592BBA29F9273293D22] (Mozilla Corporation)
< Protocol Filters [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Filter\ ->
text/xml:{807563E5-5146-11D5-A672-00B0D022E945} [HKLM] -> C:\Programme\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL[Microsoft Office InfoPath XML Mime Filter] -> [2008.10.25 09:27:54 | 000,044,408 | ---- | M | MD5 = 40F9FC39CCF5445F3075083380BD5421] (Microsoft Corporation)
< Protocol Handlers [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\ ->
grooveLocalGWS:{88FED34C-F0CA-4636-A375-3CB6248B04CD} [HKLM] -> C:\Programme\Microsoft Office\Office12\GrooveSystemServices.dll[Local Groove Web Services Protocol] -> [2009.02.12 15:19:38 | 000,178,040 | ---- | M | MD5 = 68747446F9D982938DB6B110F2908271] (Microsoft Corporation)
ms-help:{314111c7-a502-11d2-bbca-00c04f8ec294} [HKLM] -> C:\Programme\Common Files\microsoft shared\Help\hxds.dll[HxProtocol Class] -> [2006.10.26 13:45:02 | 000,873,216 | ---- | M | MD5 = 9E7370CC3D6A43942433F85D0E2BBDD8] (Microsoft Corporation)
skype4com:{FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} [HKLM] -> C:\Programme\Common Files\Skype\Skype4COM.dll[IEProtocolHandler Class] -> [2009.10.09 14:11:14 | 001,959,208 | R--- | M | MD5 = 1E79B48BC50B99FDC0066860BCEFBC23] (Skype Technologies)
< Security Center Settings > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center
\\"cval" -> [1] -> File not found
\\"FirewallDisableNotify" -> [0] -> File not found
\\"AntiVirusDisableNotify" -> [0] -> File not found
\\"UpdatesDisableNotify" -> [0] -> File not found
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc
\Svc\\"VistaSp1" -> Reg Error: Unknown registry data type [Reg Error: Unknown registry data type] -> File not found
\Svc\\"AntiVirusOverride" -> [0] -> File not found
\Svc\\"AntiSpywareOverride" -> [0] -> File not found
\Svc\\"FirewallOverride" -> [0] -> File not found
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol\ -> ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile
\\"DisableNotifications" -> [0] -> File not found
\\"EnableFirewall" -> [1] -> File not found
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\ -> ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\ -> ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\Logging\ -> ->
< Winsock2 Catalogs [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\ ->
NameSpace_Catalog5\Catalog_Entries\000000000007 [mdnsNSP] -> C:\Programme\Bonjour\mdnsNSP.dll -> [2010.04.08 13:20:00 | 000,152,864 | ---- | M | MD5 = E8C25149A59899D4E06DCEC7C6926103] (Apple Inc.)
Protocol_Catalog9\Catalog_Entries\000000000001 -> C:\Program Files\DrWeb\drwebsp.dll -> [2010.06.07 15:38:50 | 000,136,944 | ---- | M | MD5 = E8E50EFEDD17D055E81A087CBD7A302A] (Doctor Web, Ltd.)
Protocol_Catalog9\Catalog_Entries\000000000002 -> C:\Program Files\DrWeb\drwebsp.dll -> [2010.06.07 15:38:50 | 000,136,944 | ---- | M | MD5 = E8E50EFEDD17D055E81A087CBD7A302A] (Doctor Web, Ltd.)
Protocol_Catalog9\Catalog_Entries\000000000003 -> C:\Program Files\DrWeb\drwebsp.dll -> [2010.06.07 15:38:50 | 000,136,944 | ---- | M | MD5 = E8E50EFEDD17D055E81A087CBD7A302A] (Doctor Web, Ltd.)
Protocol_Catalog9\Catalog_Entries\000000000004 -> C:\Program Files\DrWeb\drwebsp.dll -> [2010.06.07 15:38:50 | 000,136,944 | ---- | M | MD5 = E8E50EFEDD17D055E81A087CBD7A302A] (Doctor Web, Ltd.)
Protocol_Catalog9\Catalog_Entries\000000000005 -> C:\Program Files\DrWeb\drwebsp.dll -> [2010.06.07 15:38:50 | 000,136,944 | ---- | M | MD5 = E8E50EFEDD17D055E81A087CBD7A302A] (Doctor Web, Ltd.)
Protocol_Catalog9\Catalog_Entries\000000000030 -> C:\Program Files\DrWeb\drwebsp.dll -> [2010.06.07 15:38:50 | 000,136,944 | ---- | M | MD5 = E8E50EFEDD17D055E81A087CBD7A302A] (Doctor Web, Ltd.)
< Default Protocols [HKEY_LOCAL_MACHINE\] - Select to Repair > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\ProtocolDefaults ->
ldap -> 4 = Restricted sites (Not a Default Protocol) ->
news -> 4 = Restricted sites (Not a Default Protocol) ->
nntp -> 4 = Restricted sites (Not a Default Protocol) ->
oecmd -> 4 = Restricted sites (Not a Default Protocol) ->
snews -> 4 = Restricted sites (Not a Default Protocol) ->
< Default Protocols [HKEY_USERS\S-1-5-19\] - Select to Repair > -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\ProtocolDefaults ->
@ivt -> @ivt protocol not assigned ->
file -> file protocol not assigned ->
ftp -> ftp protocol not assigned ->
http -> http protocol not assigned ->
https -> https protocol not assigned ->
shell -> shell protocol not assigned ->
< Default Protocols [HKEY_USERS\S-1-5-20\] - Select to Repair > -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\ProtocolDefaults ->
@ivt -> @ivt protocol not assigned ->
file -> file protocol not assigned ->
ftp -> ftp protocol not assigned ->
http -> http protocol not assigned ->
https -> https protocol not assigned ->
shell -> shell protocol not assigned ->
< Uninstall List [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ ->
{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C} -> Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
{048298C9-A4D3-490B-9FF9-AB023A9238F3} -> Steam
{06A1D88C-E102-4527-AF70-29FFD7AF215A} -> Scan
{0AFC55D4-9CDF-B140-2E4F-0B818B9B8C0E} -> CCC Help Italian
{0DE39AB6-D1BF-535C-F342-2F9986801936} -> CCC Help Japanese
{0EF5BEA9-B9D3-46d7-8958-FB69A0BAEACC} -> Status
{104066F4-5897-4067-85D3-4C88B67CCF75} -> AIO_Scan
{13F3917B56CD4C25848BDC69916971BB} -> DivX Converter
{175F0111-2968-4935-8F70-33108C6A4DE3} -> MarketResearch
{17DFE37C-064E-4834-AD8F-A4B2B4DF68F8} -> Adobe Photoshop Elements 8.0
{18D10072035C4515918F7E37EAFAACFC} -> AutoUpdate
{1A0D2EFC-C4FC-446A-8BC3-57A54CE5EADD} -> Opera 10.53
{1E5E2F9A-17D3-45CA-8FF0-B0C2927D4B03} -> MobileMe Control Panel
{1EC71BFB-01A3-4239-B6AF-B1AE656B15C0} -> TrayApp
{226EA3C9-0EAF-9546-46C4-F2FF55F7A6F1} -> CCC Help Dutch
{22980C46-EBB6-C22C-016A-E0CFAC15118B} -> CCC Help Czech
{250755EE-312C-3B38-1BAF-501A71A3851D} -> CCC Help Turkish
{26A24AE4-039D-4CA4-87B4-2F83216017FF} -> Java(TM) 6 Update 20
{283FFB23-8751-4B08-ACB8-5E0F8BCF7727} -> Pro Evolution Soccer 2010
{28BE306E-5DA6-4F9C-BDB0-DBA3C8C6FFFD} -> QuickTime
{29C7B52B-F7C6-4033-93EF-DE4A59AB076C} -> Dr.Web anti-virus for Windows Pro 6.0 (x86)
{2EEA7AA4-C203-4b90-A34F-19FB7EF1C81C} -> BufferChm
{2FF8C687-DB7D-4adc-A5DC-57983EC25046} -> DeviceDiscovery
{30D71FC9-E909-330C-57F9-C649C8837AA5} -> CCC Help Greek
{3154CFC9-2E4F-B839-2944-2A27200B4D64} -> CCC Help Swedish
{361D8754-326D-B7CC-8DC7-95966DD01ED4} -> Catalyst Control Center Graphics Previews Common
{36E89A40-DD04-239B-A69E-532A27547089} -> CCC Help English
{37EC24B2-2E75-0AEB-F8A1-12A0C7EB5EED} -> Catalyst Control Center InstallProxy
{37FD8D84-7B88-6B5A-376A-34E2B7C28816} -> ccc-core-static
{3C3901C5-3455-3E0A-A214-0B093A5070A6} -> Microsoft .NET Framework 4 Client Profile
{3C92B2E6-380D-4fef-B4DF-4A3B4B669771} -> Copy
{3E73E80C-2C31-3CCB-735F-D611C3230893} -> ccc-utility
{3FC7CBBC4C1E11DCA1A752EA55D89593} -> DivX Version Checker
{43CDF946-F5D9-4292-B006-BA0D92013021} -> WebReg
{440B915A-0C85-45DB-92AE-75AE14704A64} -> Fax
{4807FDA4-7AF3-66CA-C167-779A333D6FFC} -> Catalyst Control Center Localization All
{4A03706F-666A-4037-7777-5F2748764D10} -> Java Auto Updater
{4A70EF07-7F88-4434-BB61-D1DE8AE93DD4} -> SolutionCenter
{4BE5D0D1-468A-4438-8477-D8523EEFB3E6} -> Origin8
{4E7C28C7-D5DA-4E9F-A1CA-60490B54AE35} -> UnloadSupport
{541DEAC0-5F3D-45E6-B7CB-94ECF3B96748} -> Skype web features
{553255F3-78FD-40F1-A6F8-6882140265FE} -> Apple Application Support
{5A154586-7AEB-4305-3B12-D73F0886B839} -> Catalyst Control Center HydraVision Full
{5DF79887-598B-DE65-9755-4B7D8C3D87BE} -> CCC Help Chinese Standard
{5ECB3A3C-980B-4D12-9724-25DCB07A1F47} -> iTunes
{5EE7D259-D137-4438-9A5F-42F432EC0421} -> VC80CRTRedist - 8.0.50727.4053
{61A0F92B-89A0-F7AD-4CA2-97991862EB10} -> CCC Help Hungarian
{63FF21C9-A810-464F-B60A-3111747B1A6D} -> GPBaseService2
{687E8557-CBF3-A7FF-33EC-00BE6266BFAA} -> CCC Help Russian
{6956856F-B6B3-4BE0-BA0B-8F495BE32033} -> Apple Software Update
{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4} -> Windows Media Player Firefox Plugin
{6A44A28A-5D79-8100-7BDF-FB637E62715B} -> CCC Help Polish
{6B2FFB21-AC88-45C3-9A7D-4BB3E744EC91} -> HPSSupply
{6BBA26E9-AB03-4FE7-831A-3535584CA002} -> Toolbox
{72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} -> ICQ7.2
{72FA4B28-3A99-1533-0E7C-94E6D20CD1A8} -> CCC Help Chinese Traditional
{73182AC3-5CC3-4161-AE97-F23E09B13147} -> Vallen JPegger
{75247E38-5C9B-45D6-ADF8-E11CB56B4990} -> Network
{770657D0-A123-3C07-8E44-1C83EC895118} -> Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
{7B63B2922B174135AFC0E1377DD81EC2} -> DivX Codec
{7CA26B08-BEFD-D4D2-52E1-24E730284594} -> Catalyst Control Center Graphics Light
{818ABC3C-635C-4651-8183-D0E9640B7DD1} -> HP Update
{837b34e3-7c30-493c-8f6a-2b0f04e2912c} -> Microsoft Visual C++ 2005 Redistributable
{8A253629-0511-4854-8B4E-46E57E66005C} -> Bonjour
{8ADFC4160D694100B5B8A22DE9DCABD9} -> DivX Player
{8E5CDC9B-CB0A-6E78-5BBE-C3D3F67B50E3} -> CCC Help Norwegian
{90120000-0015-0407-0000-0000000FF1CE} -> Microsoft Office Access MUI (German) 2007
{90120000-0015-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B} -> Microsoft Office 2007 Service Pack 2 (SP2)
{90120000-0016-0407-0000-0000000FF1CE} -> Microsoft Office Excel MUI (German) 2007
{90120000-0016-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B} -> Microsoft Office 2007 Service Pack 2 (SP2)
{90120000-0018-0407-0000-0000000FF1CE} -> Microsoft Office PowerPoint MUI (German) 2007
{90120000-0018-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B} -> Microsoft Office 2007 Service Pack 2 (SP2)
{90120000-0019-0407-0000-0000000FF1CE} -> Microsoft Office Publisher MUI (German) 2007
{90120000-0019-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B} -> Microsoft Office 2007 Service Pack 2 (SP2)
{90120000-001A-0407-0000-0000000FF1CE} -> Microsoft Office Outlook MUI (German) 2007
{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B} -> Microsoft Office 2007 Service Pack 2 (SP2)
{90120000-001B-0407-0000-0000000FF1CE} -> Microsoft Office Word MUI (German) 2007
{90120000-001B-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B} -> Microsoft Office 2007 Service Pack 2 (SP2)
{90120000-001F-0407-0000-0000000FF1CE} -> Microsoft Office Proof (German) 2007
{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{A0516415-ED61-419A-981D-93596DA74165} -> Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
{90120000-001F-0409-0000-0000000FF1CE} -> Microsoft Office Proof (English) 2007
{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045} -> Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
{90120000-001F-040C-0000-0000000FF1CE} -> Microsoft Office Proof (French) 2007
{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{F580DDD5-8D37-4998-968E-EBB76BB86787} -> Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
{90120000-001F-0410-0000-0000000FF1CE} -> Microsoft Office Proof (Italian) 2007
{90120000-001F-0410-0000-0000000FF1CE}_ENTERPRISE_{322296D4-1EAE-4030-9FBC-D2787EB25FA2} -> Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
{90120000-002C-0407-0000-0000000FF1CE} -> Microsoft Office Proofing (German) 2007
{90120000-0030-0000-0000-0000000FF1CE} -> Microsoft Office Enterprise 2007
{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B} -> Microsoft Office 2007 Service Pack 2 (SP2)
{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{3D019598-7B59-447A-80AE-815B703B84FF} -> Security Update for Microsoft Office system 2007 (972581)
{90120000-0044-0407-0000-0000000FF1CE} -> Microsoft Office InfoPath MUI (German) 2007
{90120000-0044-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B} -> Microsoft Office 2007 Service Pack 2 (SP2)
{90120000-006E-0407-0000-0000000FF1CE} -> Microsoft Office Shared MUI (German) 2007
{90120000-006E-0407-0000-0000000FF1CE}_ENTERPRISE_{26454C26-D259-4543-AA60-3189E09C5F76} -> Microsoft Office 2007 Service Pack 2 (SP2)
{90120000-00A1-0407-0000-0000000FF1CE} -> Microsoft Office OneNote MUI (German) 2007
{90120000-00A1-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B} -> Microsoft Office 2007 Service Pack 2 (SP2)
{90120000-00BA-0407-0000-0000000FF1CE} -> Microsoft Office Groove MUI (German) 2007
{90120000-00BA-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B} -> Microsoft Office 2007 Service Pack 2 (SP2)
{92127AF5-FDD8-4ADF-BC40-C356C9EE0B7D} -> 32 Bit HP CIO Components Installer
{96A8FABC-AADB-F299-0826-AF2246CE012F} -> CCC Help Danish
{9A25302D-30C0-39D9-BD6F-21E6EC160475} -> Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
{9B0A8A6F-FC9E-796F-CC5D-290161F8E92A} -> ATI Catalyst Install Manager
{9B362566-EC1B-4700-BB9C-EC661BDE2175} -> DocProc
{9D98630B-BD50-3C44-58D2-1571AEA889D3} -> CCC Help Portuguese
{9DE1BE03-AFE2-4CDB-BFEB-D06D736CD01A} -> Apple Mobile Device Support
{9E4EFA2A-4344-4C56-F927-7F7C53845BE2} -> CCC Help German
{9F6B13E2-B93F-4203-9BD4-5DC18C9F9DEB} -> AIO_CDB_Software
{A37CA3F0-B0C6-8256-02BA-B06CEE1E5BEB} -> CCC Help Korean
{A67BB21E-D419-45BB-AB86-7D87D14BBCE2} -> Safari
{A724AEC6-494E-6BD5-C12A-9F51AF6C1123} -> Skins
{A912021A-FEDD-4DA3-8DB4-245EBDA84778} -> OriginPro 8G
{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2} -> Google Update Helper
{A96E97134CA649888820BCDE5E300BBD} -> H.264 Decoder
{AAC389499AEF40428987B3D30CFC76C9} -> MKV Splitter
{AC76BA86-7AD7-1031-7B44-A93000000001} -> Adobe Reader 9.3.2 - Deutsch
{AC814121-74BA-A025-358E-B706354ED7F5} -> Catalyst Control Center Graphics Full New
{AEF9DC35ADDF4825B049ACBFD1C6EB37} -> AAC Decoder
{B13A7C41581B411290FBC0395694E2A9} -> DivX Converter
{B61ED343-0B14-4241-999C-490CB1A20DA4} -> HP Photosmart Officejet and Deskjet All-In-One Driver Software 13.0 Rel. B
{B7050CBDB2504B34BC2A9CA0A692CC29} -> DivX Web Player
{BD7204BA-DD64-499E-9B55-6A282CDF4FA4} -> Destinations
{C43326F5-F135-4551-8270-7F7ABA0462E1} -> HPProductAssistant
{CAE4213F-F797-439D-BD9E-79B71D115BE3} -> HPPhotoGadget
{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} -> Microsoft .NET Framework 1.1
{CC2B3907-3DEA-6E0E-E5A5-C6FCF876ECD5} -> CCC Help French
{D103C4BA-F905-437A-8049-DB24763BBE36} -> Skype™ 4.1
{D1F9CD55-A15A-846F-B2B1-D73F37C65B3E} -> CCC Help Spanish
{D6FBA785-DF2D-48C5-B238-40ABBD8EB780} -> Langenscheidt Vokabeltrainer 4.0 Englisch
{D765F1CE-5AE5-4C47-B134-AE58AC474740} -> OpenOffice.org 3.1
{D9D93D74-107D-4BD3-87D0-AABCF7C98BD5} -> Catalyst Control Center - Branding
{DEAC1EEB-48FD-36A6-B87B-58E365C92EFB} -> Catalyst Control Center Graphics Previews Vista
{E07B7A31-E160-466D-A003-3BB7B8989D52} -> Full Tilt Poker.Net
{E7112940-5F8E-4918-B9FE-251F2F8DC81F} -> AIO_CDB_ProductContext
{E9E871B9-4E1D-38D7-7ECF-4DFD3708CC67} -> Catalyst Control Center Core Implementation
{EF7F8782-0E8D-A566-195F-8FF2360CA6C8} -> CCC Help Thai
{F15DDD54-CA1A-6764-2CF4-1C601725E96C} -> Catalyst Control Center Graphics Full Existing
{F570A3D8-BC0D-408E-BBE3-57E6DEEE5AAA} -> ROOT
{F9A4662C-775D-32CF-4B6B-DEC701FDD516} -> CCC Help Finnish
| |