Zitat:
Sorry, streßiger Tag heute
| Hey, Du brauchst Dich ja wohl nicht zu rechtfertigen! Ich find es super, dass Du Dir so viel Zeit nimmst und diese kilometerlangen Scans durchschaust :applaus:
Was p2p betrifft: eMule hab ich deinstalliert, das hatte ich aber auch schon seit Jahren nicht mehr benutzt. Aber µtorrent werde ich auf jeden Fall auch weiterhin brauchen.
Java ist jetzt aktuell.
Kann ich eigentlich Daemon Tools wieder aktivieren (über den Defogger)?
OTSFix: Zitat:
All Processes Killed
[Registry - Safe List]
HOSTS file reset successfully!
[Files/Folders - Modified Within 30 Days]
C:\WINDOWS\lsrslt.ini moved successfully.
[Custom Scans]
File/Folder not found.
[Empty Temp Folders]
User: Administrator
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->FireFox cache emptied: 0 bytes
User: All Users
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes
User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes
User: Simon
->Temp folder emptied: 416 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Java cache emptied: 11321 bytes
->FireFox cache emptied: 17813064 bytes
->Flash cache emptied: 1120 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 0 bytes
RecycleBin emptied: 0 bytes
Total Files Cleaned = 17,00 mb
< End of fix log >
OTS by OldTimer - Version 3.1.34.0 fix logfile created on 07222010_191903
Files\Folders moved on Reboot...
Registry entries deleted on Reboot...
| JavaRa: Zitat:
JavaRa 1.15 Removal Log.
Report follows after line.
------------------------------------
The JavaRa removal process was started on Thu Jul 22 19:30:23 2010
Found and removed: C:\Windows\System32\jpicpl32.cpl
Found and removed: Software\JavaSoft\Java2D\1.5.0_06
Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA}
Found and removed: SOFTWARE\Classes\Installer\Features\8A0F842331866D117AB7000B0D510006
Found and removed: SOFTWARE\Classes\Installer\Products\8A0F842331866D117AB7000B0D510006
Found and removed: SOFTWARE\Classes\Installer\UpgradeCodes\7A0F842331866D117AB7000B0D510006
Found and removed: SOFTWARE\Classes\JavaPlugin.150_06
Found and removed: SOFTWARE\Classes\JavaWebStart.isInstalled.1.5.0.0
Found and removed: SOFTWARE\JavaSoft\Java Plug-in\1.5.0_06
Found and removed: SOFTWARE\JavaSoft\Java Runtime Environment\1.5
Found and removed: SOFTWARE\JavaSoft\Java Runtime Environment\1.5.0_06
Found and removed: SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA}
Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\ACBB9B2318A96D117A58000B0D510006
Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\8A0F842331866D117AB7000B0D510006
Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{3248F0A8-6813-11D6-A77B-00B0D0150060}
Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.5.0_06
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0000-0003-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0000-0004-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0000-0005-ABCDEFFEDCBA}
Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.0.1
Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.0.1_02
Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.0.1_03
Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.0.1_04
Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.2
Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.2.0_01
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0000-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0001-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0001-ABCDEFFEDCBB}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0002-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0002-ABCDEFFEDCBB}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0003-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0003-ABCDEFFEDCBB}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0004-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0004-ABCDEFFEDCBB}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0005-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0005-ABCDEFFEDCBB}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0006-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0006-ABCDEFFEDCBB}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0007-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0007-ABCDEFFEDCBB}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0008-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0008-ABCDEFFEDCBB}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0009-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0009-ABCDEFFEDCBB}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0010-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0010-ABCDEFFEDCBB}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0011-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0011-ABCDEFFEDCBB}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0012-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0012-ABCDEFFEDCBB}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0013-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0013-ABCDEFFEDCBB}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0014-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0014-ABCDEFFEDCBB}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0015-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0015-ABCDEFFEDCBB}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0016-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0016-ABCDEFFEDCBB}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0017-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0017-ABCDEFFEDCBB}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0018-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0018-ABCDEFFEDCBB}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0019-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0019-ABCDEFFEDCBB}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0020-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0020-ABCDEFFEDCBB}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0021-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0021-ABCDEFFEDCBB}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0022-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0022-ABCDEFFEDCBB}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0023-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0023-ABCDEFFEDCBB}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0024-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0024-ABCDEFFEDCBB}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0025-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0025-ABCDEFFEDCBB}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0026-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0026-ABCDEFFEDCBB}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0027-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0027-ABCDEFFEDCBB}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0028-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0028-ABCDEFFEDCBB}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0029-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0029-ABCDEFFEDCBB}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0030-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0030-ABCDEFFEDCBB}
Found and removed: SOFTWARE\Microsoft\Active Setup\Installed Components\{08B0E5C0-4FCB-11CF-AAA5-00401C608500}
------------------------------------
Finished reporting.
| mbam: Zitat:
Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org
Database version: 4338
Windows 5.1.2600 Service Pack 2
Internet Explorer 6.0.2900.2180
22.07.2010 19:53:19
mbam-log-2010-07-22 (19-53-19).txt
Scan type: Quick scan
Objects scanned: 135706
Time elapsed: 4 minute(s), 49 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 9
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 1
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
HKEY_CLASSES_ROOT\AppID\{84c3c236-f588-4c93-84f4-147b2abbe67b} (Adware.Adrotator) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\AppID\{38061edc-40bb-4618-a8da-e56353347e6d} (Adware.EZlife) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\AppID\{7b6a2552-e65b-4a9e-add4-c45577ffd8fd} (Adware.EZLife) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\adgj.aghlp (Adware.EZLife) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\adgj.aghlp.1 (Adware.EZLife) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\adshothlpr.adshothlpr (Adware.Adrotator) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\adshothlpr.adshothlpr.1.0 (Adware.Adrotator) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Sky-Banners (Adware.Adrotator) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Sky-Banners (Adware.Adrotator) -> Quarantined and deleted successfully.
Registry Values Infected:
(No malicious items detected)
Registry Data Items Infected:
(No malicious items detected)
Folders Infected:
(No malicious items detected)
Files Infected:
C:\Dokumente und Einstellungen\Simon\Startmenü\Antimalware Doctor.lnk (Rogue.AntimalwareDoctor) -> Quarantined and deleted successfully.
| ESET: Zitat:
ESETSmartInstaller@High as downloader log:
all ok
# version=7
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6211
# api_version=3.0.2
# EOSSerial=79d0ce762aaa344d845b49db9e8ca0a5
# end=finished
# remove_checked=true
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2010-07-22 07:16:40
# local_time=2010-07-22 09:16:40 (+0100, Westeuropäische Sommerzeit)
# country="Germany"
# lang=1033
# osver=5.1.2600 NT Service Pack 2
# compatibility_mode=1797 16775145 100 93 348113 38915056 338003 0
# compatibility_mode=8192 67108863 100 0 284 284 0 0
# scanned=114720
# found=8
# cleaned=8
# scan_time=4237
C:\Qoobox\Quarantine\[4]-Submit_2010-07-20_22.43.38.zip Win32/Agent.RKL trojan (deleted - quarantined) 00000000000000000000000000000000 C
C:\Qoobox\Quarantine\C\Dokumente und Einstellungen\Simon\Anwendungsdaten\50E33F74449773EC236437DEBE5623CE\070700Setup.exe.vir a variant of Win32/Kryptik.FOE trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Qoobox\Quarantine\C\WINDOWS\system32\Drivers\netbt.sys.vir Win32/Olmarik.ZC trojan (cleaned - quarantined) 00000000000000000000000000000000 C
C:\Qoobox\Quarantine\C\WINDOWS\system32\Drivers\rihitl.sys.vir Win32/Agent.RKL trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Qoobox\Quarantine\C\WINDOWS\system32\Drivers\_rihitl_.sys.zip Win32/Agent.RKL trojan (deleted - quarantined) 00000000000000000000000000000000 C
C:\System Volume Information\_restore{3655294A-8879-4FE7-9BC4-D0A6FB8EB2C4}\RP1\A0000029.sys Win32/Agent.RKL trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\_OTL\MovedFiles\07192010_221719\C_Dokumente und Einstellungen\Simon\Lokale Einstellungen\Anwendungsdaten\xmcevptgg\atprtiotssd.exe Win32/Adware.SpywareProtect2009 application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
*** probably a variant of Win32/TrojanDropper.Agent trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
| OTL.txt
OTL Logfile:
OTL EXTRAS Logfile: Code:
OTL logfile created on: 22.07.2010 21:20:54 - Run 3
OTL by OldTimer - Version 3.2.9.0 Folder = C:\Dokumente und Einstellungen\*\Desktop
Windows XP Professional Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
511,00 Mb Total Physical Memory | 246,00 Mb Available Physical Memory | 48,00% Memory free
2,00 Gb Paging File | 2,00 Gb Available in Paging File | 87,00% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 19,53 Gb Total Space | 5,98 Gb Free Space | 30,62% Space Free | Partition Type: NTFS
Drive D: | 11,72 Gb Total Space | 1,46 Gb Free Space | 12,48% Space Free | Partition Type: NTFS
Drive E: | 32,16 Gb Total Space | 9,54 Gb Free Space | 29,66% Space Free | Partition Type: FAT32
Drive F: | 32,31 Gb Total Space | 1,64 Gb Free Space | 5,07% Space Free | Partition Type: FAT32
Drive G: | 259,95 Gb Total Space | 6,04 Gb Free Space | 2,32% Space Free | Partition Type: NTFS
H: Drive not present or media not loaded
Drive I: | 1,95 Gb Total Space | 0,49 Gb Free Space | 25,13% Space Free | Partition Type: FAT32
Drive J: | 1,89 Gb Total Space | 0,06 Gb Free Space | 3,40% Space Free | Partition Type: FAT
Drive K: | 7,53 Gb Total Space | 5,34 Gb Free Space | 70,97% Space Free | Partition Type: FAT32
Drive L: | 1397,26 Gb Total Space | 1291,00 Gb Free Space | 92,40% Space Free | Partition Type: NTFS
Computer Name: ***
Current User Name: *
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal
========== Processes (SafeList) ==========
PRC - C:\Dokumente und Einstellungen\*\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)
PRC - C:\Programme\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
PRC - C:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
PRC - C:\Programme\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
PRC - C:\Programme\Avira\AntiVir Desktop\avshadow.exe (Avira GmbH)
PRC - C:\Programme\Adobe\Acrobat 9.0\Acrobat\acrotray.exe (Adobe Systems Inc.)
PRC - C:\WINDOWS\ATKKBService.exe (ASUSTeK COMPUTER INC.)
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
========== Modules (SafeList) ==========
MOD - C:\Dokumente und Einstellungen\*\Desktop\OTL.exe (OldTimer Tools)
MOD - C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll (Microsoft Corporation)
MOD - C:\WINDOWS\system32\msscript.ocx (Microsoft Corporation)
========== Win32 Services (SafeList) ==========
SRV - (AntiVirService) -- C:\Programme\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
SRV - (AntiVirSchedulerService) -- C:\Programme\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
SRV - (DAUpdaterSvc) -- G:\Spiele\Dragon Age\bin_ship\daupdatersvc.service.exe (BioWare)
SRV - (FLEXnet Licensing Service) -- C:\Programme\Gemeinsame Dateien\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Macrovision Europe Ltd.)
SRV - (ATKKeyboardService) -- C:\WINDOWS\ATKKBService.exe (ASUSTeK COMPUTER INC.)
SRV - (ose) -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE (Microsoft Corporation)
========== Driver Services (SafeList) ==========
DRV - (catchme) -- C:\omboFix\catchme.sys File not found
DRV - (avipbb) -- C:\WINDOWS\system32\drivers\avipbb.sys (Avira GmbH)
DRV - (avgntflt) -- C:\WINDOWS\system32\drivers\avgntflt.sys (Avira GmbH)
DRV - (nv) -- C:\WINDOWS\system32\drivers\nv4_mini.sys (NVIDIA Corporation)
DRV - (atksgt) -- C:\WINDOWS\system32\drivers\atksgt.sys ()
DRV - (lirsgt) -- C:\WINDOWS\system32\drivers\lirsgt.sys ()
DRV - (avgio) -- C:\Programme\Avira\AntiVir Desktop\avgio.sys (Avira GmbH)
DRV - (ssmdrv) -- C:\WINDOWS\system32\drivers\ssmdrv.sys (Avira GmbH)
DRV - (gdrv) -- C:\WINDOWS\gdrv.sys ()
DRV - (EIO) -- C:\WINDOWS\system32\drivers\EIO.sys (ASUSTeK Computer Inc.)
DRV - (asuskbnt) -- C:\WINDOWS\system32\drivers\atkkbnt.sys (ASUSTeK COMPUTER INC.)
DRV - (nvraid) NVIDIA nForce(tm) -- C:\WINDOWS\System32\DRIVERS\nvraid.sys (NVIDIA Corporation)
DRV - (nvatabus) -- C:\WINDOWS\System32\DRIVERS\nvatabus.sys (NVIDIA Corporation)
DRV - (nvnetbus) -- C:\WINDOWS\system32\drivers\nvnetbus.sys (NVIDIA Corporation)
DRV - (NVENETFD) -- C:\WINDOWS\system32\drivers\NVENETFD.sys (NVIDIA Corporation)
DRV - (AmdK8) -- C:\WINDOWS\system32\drivers\AmdK8.sys (Advanced Micro Devices)
DRV - (SIS163u) -- C:\WINDOWS\system32\drivers\sis163u.sys (SiS Corporation)
DRV - (ALCXWDM) Service for Realtek AC97 Audio (WDM) -- C:\WINDOWS\system32\drivers\ALCXWDM.SYS (Realtek Semiconductor Corp.)
DRV - (WlanUIB) -- C:\WINDOWS\system32\drivers\MA111nd5.sys ( )
DRV - (d347prt) -- C:\WINDOWS\System32\Drivers\d347prt.sys ( )
DRV - (d347bus) -- C:\WINDOWS\system32\DRIVERS\d347bus.sys ( )
DRV - (usbaudio) USB-Audiotreiber (WDM) -- C:\WINDOWS\system32\drivers\USBAUDIO.sys (Microsoft Corporation)
DRV - (rtl8139) NT-Treiber für Realtek RTL8139(A/B/C) -- C:\WINDOWS\system32\drivers\RTL8139.sys (Realtek Semiconductor Corporation)
DRV - (irsir) -- C:\WINDOWS\system32\drivers\irsir.sys (Microsoft Corporation)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.startup.homepage: "hxxp://www.google.de/"
FF - HKLM\software\mozilla\Mozilla Firefox 1.5.0.12\Extensions\\Components: C:\Programme\Mozilla Firefox\components\ [2010.07.15 21:35:58 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 1.5.0.12\Extensions\\Plugins: C:\Programme\Mozilla Firefox\plugins\ [2010.07.22 19:42:45 | 000,000,000 | ---D | M]
[2010.07.21 21:15:31 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\*\Anwendungsdaten\Mozilla\Firefox\Profiles\bqepw6mf.default\extensions
[2009.09.20 14:00:47 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\*\Anwendungsdaten\Mozilla\Firefox\Profiles\bqepw6mf.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010.07.22 19:42:46 | 000,000,000 | ---D | M] -- C:\Programme\Mozilla Firefox\extensions
[2010.03.13 19:33:52 | 000,000,000 | ---D | M] (Skype extension for Firefox) -- C:\Programme\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}
[2010.07.22 19:42:46 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
[2009.11.22 21:40:20 | 000,061,038 | ---- | M] (Mozilla Foundation) -- C:\Programme\Mozilla Firefox\components\jar50.dll
[2009.11.22 21:40:20 | 000,049,256 | ---- | M] (Mozilla Foundation) -- C:\Programme\Mozilla Firefox\components\jsd3250.dll
[2009.11.22 21:40:20 | 000,166,000 | ---- | M] (Mozilla Foundation) -- C:\Programme\Mozilla Firefox\components\xpinstal.dll
[2010.07.22 19:42:33 | 000,423,656 | ---- | M] (Oracle) -- C:\Programme\Mozilla Firefox\plugins\npdeployJava1.dll
[2006.08.04 20:32:35 | 000,000,680 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\amazon-de.png
[2006.08.04 20:32:35 | 000,000,804 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\amazon-de.src
[2006.08.04 20:32:35 | 000,000,210 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\eBay-de.gif
[2006.08.04 20:32:35 | 000,001,075 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\eBay-de.src
[2006.08.04 20:32:35 | 000,001,076 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\google-de.gif
[2006.08.04 20:32:35 | 000,000,879 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\google-de.src
[2006.08.04 20:32:35 | 000,000,232 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\wikipedia-de.png
[2006.08.04 20:32:35 | 000,001,157 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\wikipedia-de.src
[2006.08.04 20:32:35 | 000,000,088 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\yahoo-de.gif
[2006.08.04 20:32:35 | 000,001,147 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\yahoo-de.src
O1 HOSTS File: ([2010.07.22 19:19:05 | 000,000,050 | RH-- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programme\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll (Google Inc.)
O2 - BHO: (SmartSelect Class) - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKCU\..\Toolbar\ShellBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKCU\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Acrobat Assistant 8.0] C:\Programme\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe (Adobe Systems Inc.)
O4 - HKLM..\Run: [Adobe Acrobat Speed Launcher] C:\Programme\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [avgnt] C:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [DAEMON Tools-1033] C:\Programme\D-Tools\daemon.exe (DAEMON'S HOME)
O4 - HKLM..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe (Ahead Software Gmbh)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)
O4 - HKCU..\Run: [swg] C:\Programme\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\Adobe Reader - Schnellstart.lnk = C:\Programme\Adobe\Acrobat 7.0\Reader\reader_sl.exe (Adobe Systems Incorporated)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: An vorhandene PDF-Datei anfügen - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: In Adobe PDF konvertieren - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Linkziel an vorhandene PDF-Datei anhängen - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Linkziel in Adobe PDF konvertieren - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O16 - DPF: DirectAnimation Java Classes file://C:\WINDOWS\Java\classes\dajava.cab (Reg Error: Key error.)
O16 - DPF: Microsoft XML Parser for Java file://C:\WINDOWS\Java\classes\xmldso.cab (Reg Error: Key error.)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Web Components\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Gemeinsame Dateien\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation)
O20 - AppInit_DLLs: (C:\WINDOWS\system32\acaptuser32.dll) - C:\WINDOWS\system32\acaptuser32.dll (Adobe Systems, Inc.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O24 - Desktop Components:0 (Die derzeitige Homepage) - About:Home
O24 - Desktop WallPaper: C:\Dokumente und Einstellungen\*\Lokale Einstellungen\Anwendungsdaten\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Dokumente und Einstellungen\*\Lokale Einstellungen\Anwendungsdaten\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.08.03 04:21:37 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2006.04.17 19:29:09 | 000,000,000 | ---- | M] () - D:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 30 Days ==========
[2010.07.22 20:01:19 | 000,000,000 | ---D | C] -- C:\Programme\ESET
[2010.07.22 19:43:10 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Sun
[2010.07.22 19:42:45 | 000,423,656 | ---- | C] (Oracle) -- C:\WINDOWS\System32\deployJava1.dll
[2010.07.22 19:42:45 | 000,153,376 | ---- | C] (Oracle) -- C:\WINDOWS\System32\javaws.exe
[2010.07.22 19:42:45 | 000,145,184 | ---- | C] (Oracle) -- C:\WINDOWS\System32\javaw.exe
[2010.07.22 19:42:45 | 000,145,184 | ---- | C] (Oracle) -- C:\WINDOWS\System32\java.exe
[2010.07.22 19:42:45 | 000,073,728 | ---- | C] (Oracle) -- C:\WINDOWS\System32\javacpl.cpl
[2010.07.22 19:41:23 | 000,875,296 | ---- | C] (Oracle) -- C:\Dokumente und Einstellungen\*\Desktop\jre-6u21-windows-i586-iftw-rv.exe
[2010.07.22 19:19:03 | 000,000,000 | ---D | C] -- C:\_OTS
[2010.07.20 23:28:40 | 000,641,536 | ---- | C] (OldTimer Tools) -- C:\Dokumente und Einstellungen\*\Desktop\OTS.exe
[2010.07.20 22:58:34 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2010.07.20 22:53:34 | 000,000,000 | ---D | C] -- C:\WINDOWS\temp
[2010.07.20 18:50:46 | 000,000,000 | --SD | C] -- C:\Dokumente und Einstellungen\*\UserData
[2010.07.19 22:29:37 | 000,000,000 | RHSD | C] -- C:\cmdcons
[2010.07.19 22:26:55 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
[2010.07.19 22:26:55 | 000,161,792 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
[2010.07.19 22:26:55 | 000,136,704 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
[2010.07.19 22:26:55 | 000,031,232 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2010.07.19 22:26:47 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2010.07.19 22:26:47 | 000,000,000 | ---D | C] -- C:\Combo-Fix
[2010.07.19 22:26:09 | 000,000,000 | ---D | C] -- C:\Qoobox
[2010.07.19 22:17:19 | 000,000,000 | ---D | C] -- C:\_OTL
[2010.07.16 22:14:41 | 000,574,976 | ---- | C] (OldTimer Tools) -- C:\Dokumente und Einstellungen\*\Desktop\OTL.exe
[2010.07.16 22:05:28 | 000,000,000 | RH-D | C] -- C:\Dokumente und Einstellungen\*\Recent
[2010.07.16 22:00:37 | 000,000,000 | ---D | C] -- C:\Programme\CCleaner
[2010.07.16 21:58:35 | 003,396,176 | ---- | C] (Piriform Ltd) -- C:\Dokumente und Einstellungen\*\Desktop\ccsetup233.exe
[2010.07.16 21:38:46 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\NtmsData
[2010.07.16 21:10:24 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\*\Anwendungsdaten\Avira
[2010.07.16 21:03:43 | 000,124,784 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avipbb.sys
[2010.07.16 21:03:43 | 000,060,936 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avgntflt.sys
[2010.07.16 21:03:43 | 000,045,416 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avgntdd.sys
[2010.07.16 21:03:43 | 000,028,520 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\ssmdrv.sys
[2010.07.16 21:03:43 | 000,022,360 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avgntmgr.sys
[2010.07.16 21:03:42 | 000,000,000 | ---D | C] -- C:\Programme\Avira
[2010.07.16 21:03:42 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Avira
[2010.07.16 20:48:33 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\*\Anwendungsdaten\Malwarebytes
[2010.07.16 20:12:00 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010.07.16 20:11:58 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2010.07.16 20:11:58 | 000,000,000 | ---D | C] -- C:\Programme\Malwarebytes' Anti-Malware
[2010.07.16 20:11:58 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Malwarebytes
[2010.07.15 20:49:13 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\*\Lokale Einstellungen\Anwendungsdaten\qgdddmeqv
[2010.07.14 10:03:48 | 000,743,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\helpsvc.exe
[2006.11.03 23:05:14 | 000,666,624 | ---- | C] ( ) -- C:\WINDOWS\System32\drivers\MA111nd5.sys
[2006.08.02 22:43:28 | 000,155,136 | ---- | C] ( ) -- C:\WINDOWS\System32\drivers\d347bus.sys
[2006.08.02 22:43:28 | 000,005,248 | ---- | C] ( ) -- C:\WINDOWS\System32\drivers\d347prt.sys
========== Files - Modified Within 30 Days ==========
[2010.07.22 21:19:01 | 008,388,608 | ---- | M] () -- C:\Dokumente und Einstellungen\*\ntuser.dat
[2010.07.22 20:32:01 | 000,001,088 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2010.07.22 20:00:43 | 002,672,312 | ---- | M] () -- C:\Dokumente und Einstellungen\*\Desktop\esetsmartinstaller_enu.exe
[2010.07.22 19:56:05 | 000,001,044 | ---- | M] () -- C:\WINDOWS\tasks\Google Software Updater.job
[2010.07.22 19:54:51 | 000,000,260 | ---- | M] () -- C:\WINDOWS\tasks\WGASetup.job
[2010.07.22 19:54:50 | 000,267,361 | ---- | M] () -- C:\WINDOWS\System32\NvApps.xml
[2010.07.22 19:54:47 | 000,001,084 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2010.07.22 19:54:44 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010.07.22 19:54:40 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010.07.22 19:53:51 | 000,000,190 | -HS- | M] () -- C:\Dokumente und Einstellungen\*\ntuser.ini
[2010.07.22 19:42:33 | 000,153,376 | ---- | M] (Oracle) -- C:\WINDOWS\System32\javaws.exe
[2010.07.22 19:42:33 | 000,145,184 | ---- | M] (Oracle) -- C:\WINDOWS\System32\javaw.exe
[2010.07.22 19:42:33 | 000,145,184 | ---- | M] (Oracle) -- C:\WINDOWS\System32\java.exe
[2010.07.22 19:42:33 | 000,073,728 | ---- | M] (Oracle) -- C:\WINDOWS\System32\javacpl.cpl
[2010.07.22 19:42:32 | 000,423,656 | ---- | M] (Oracle) -- C:\WINDOWS\System32\deployJava1.dll
[2010.07.22 19:41:20 | 000,875,296 | ---- | M] (Oracle) -- C:\Dokumente und Einstellungen\*\Desktop\jre-6u21-windows-i586-iftw-rv.exe
[2010.07.22 19:19:05 | 000,000,050 | RH-- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2010.07.22 11:08:04 | 000,000,049 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2010.07.21 21:54:41 | 000,279,011 | ---- | M] () -- C:\Dokumente und Einstellungen\*\Desktop\Baxter State Park Map.pdf
[2010.07.20 23:28:42 | 000,641,536 | ---- | M] (OldTimer Tools) -- C:\Dokumente und Einstellungen\*\Desktop\OTS.exe
[2010.07.20 22:58:53 | 000,293,376 | ---- | M] () -- C:\Dokumente und Einstellungen\*\Desktop\t5jdz00b.exe
[2010.07.20 22:50:41 | 000,000,227 | ---- | M] () -- C:\WINDOWS\system.ini
[2010.07.20 22:36:38 | 003,739,568 | R--- | M] () -- C:\Dokumente und Einstellungen\*\Desktop\omboFix.exe
[2010.07.19 22:29:42 | 000,000,281 | RHS- | M] () -- C:\boot.ini
[2010.07.19 22:11:46 | 000,000,052 | ---- | M] () -- C:\Dokumente und Einstellungen\*\defogger_reenable
[2010.07.19 22:10:11 | 000,050,477 | ---- | M] () -- C:\Dokumente und Einstellungen\*\Desktop\Defogger.exe
[2010.07.18 22:23:31 | 000,019,968 | ---- | M] () -- C:\Dokumente und Einstellungen\*\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.07.18 19:24:18 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010.07.16 22:14:45 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Dokumente und Einstellungen\*\Desktop\OTL.exe
[2010.07.16 22:13:13 | 000,000,206 | ---- | M] () -- C:\Dokumente und Einstellungen\*\Eigene Dateien\cc_20100716_221309.reg
[2010.07.16 22:13:00 | 000,000,206 | ---- | M] () -- C:\Dokumente und Einstellungen\*\Eigene Dateien\cc_20100716_221255.reg
[2010.07.16 22:12:44 | 000,000,206 | ---- | M] () -- C:\Dokumente und Einstellungen\*\Eigene Dateien\cc_20100716_221241.reg
[2010.07.16 22:12:33 | 000,000,206 | ---- | M] () -- C:\Dokumente und Einstellungen\*\Eigene Dateien\cc_20100716_221230.reg
[2010.07.16 22:12:21 | 000,000,206 | ---- | M] () -- C:\Dokumente und Einstellungen\*\Eigene Dateien\cc_20100716_221218.reg
[2010.07.16 22:12:07 | 000,000,206 | ---- | M] () -- C:\Dokumente und Einstellungen\*\Eigene Dateien\cc_20100716_221204.reg
[2010.07.16 22:11:51 | 000,000,498 | ---- | M] () -- C:\Dokumente und Einstellungen\*\Eigene Dateien\cc_20100716_221144.reg
[2010.07.16 22:11:24 | 000,001,424 | ---- | M] () -- C:\Dokumente und Einstellungen\*\Eigene Dateien\cc_20100716_221118.reg
[2010.07.16 22:10:49 | 000,094,342 | ---- | M] () -- C:\Dokumente und Einstellungen\*\Eigene Dateien\cc_20100716_221015.reg
[2010.07.16 22:00:39 | 000,000,654 | ---- | M] () -- C:\Dokumente und Einstellungen\*\Desktop\CCleaner.lnk
[2010.07.16 21:58:40 | 003,396,176 | ---- | M] (Piriform Ltd) -- C:\Dokumente und Einstellungen\*\Desktop\ccsetup233.exe
[2010.07.16 21:35:27 | 000,363,520 | ---- | M] () -- C:\Dokumente und Einstellungen\*\Desktop\rkill.com
[2010.07.16 21:03:54 | 000,001,671 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Avira AntiVir Control Center.lnk
[2010.07.16 20:58:13 | 004,315,748 | -H-- | M] () -- C:\Dokumente und Einstellungen\*\Lokale Einstellungen\Anwendungsdaten\IconCache.db
[2010.07.01 22:41:29 | 000,088,587 | ---- | M] () -- C:\Dokumente und Einstellungen\*\Desktop\*2.jpg
[2010.07.01 22:41:16 | 000,104,355 | ---- | M] () -- C:\Dokumente und Einstellungen\*\Desktop\*1.jpg
[2010.07.01 22:40:58 | 000,044,679 | ---- | M] () -- C:\Dokumente und Einstellungen\*\Desktop\Route.jpg
[2010.07.01 22:40:03 | 000,085,802 | ---- | M] () -- C:\Dokumente und Einstellungen\*\Desktop\*1.jpg
[2010.07.01 22:39:48 | 000,100,549 | ---- | M] () -- C:\Dokumente und Einstellungen\*\Desktop\*2.jpg
[2010.06.28 21:16:00 | 000,162,434 | ---- | M] () -- C:\Dokumente und Einstellungen\*\Desktop\pdf-preview.png
[2010.06.27 00:11:02 | 001,025,112 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2010.06.27 00:11:02 | 000,459,152 | ---- | M] () -- C:\WINDOWS\System32\perfh007.dat
[2010.06.27 00:11:02 | 000,441,260 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010.06.27 00:11:02 | 000,084,524 | ---- | M] () -- C:\WINDOWS\System32\perfc007.dat
[2010.06.27 00:11:02 | 000,071,196 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010.06.23 14:04:27 | 000,000,169 | ---- | M] () -- C:\WINDOWS\RtlRack.ini
========== Files Created - No Company Name ==========
[2010.07.22 20:00:42 | 002,672,312 | ---- | C] () -- C:\Dokumente und Einstellungen\*\Desktop\esetsmartinstaller_enu.exe
[2010.07.21 21:54:41 | 000,279,011 | ---- | C] () -- C:\Dokumente und Einstellungen\*\Desktop\Baxter State Park Map.pdf
[2010.07.20 22:58:55 | 000,293,376 | ---- | C] () -- C:\Dokumente und Einstellungen\*\Desktop\t5jdz00b.exe
[2010.07.20 22:36:27 | 003,739,568 | R--- | C] () -- C:\Dokumente und Einstellungen\*\Desktop\omboFix.exe
[2010.07.19 22:29:42 | 000,000,211 | ---- | C] () -- C:\Boot.bak
[2010.07.19 22:29:38 | 000,262,448 | ---- | C] () -- C:\cmldr
[2010.07.19 22:26:55 | 000,256,512 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2010.07.19 22:26:55 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2010.07.19 22:26:55 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2010.07.19 22:26:55 | 000,077,312 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2010.07.19 22:26:55 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2010.07.19 22:18:53 | 000,000,000 | R--- | C] () -- C:\Dokumente und Einstellungen\*\Anwendungsdaten\BKCmI.txt
[2010.07.19 22:11:38 | 000,000,052 | ---- | C] () -- C:\Dokumente und Einstellungen\*\defogger_reenable
[2010.07.19 22:10:14 | 000,050,477 | ---- | C] () -- C:\Dokumente und Einstellungen\*\Desktop\Defogger.exe
[2010.07.16 22:13:11 | 000,000,206 | ---- | C] () -- C:\Dokumente und Einstellungen\*\Eigene Dateien\cc_20100716_221309.reg
[2010.07.16 22:12:56 | 000,000,206 | ---- | C] () -- C:\Dokumente und Einstellungen\*\Eigene Dateien\cc_20100716_221255.reg
[2010.07.16 22:12:43 | 000,000,206 | ---- | C] () -- C:\Dokumente und Einstellungen\*\Eigene Dateien\cc_20100716_221241.reg
[2010.07.16 22:12:31 | 000,000,206 | ---- | C] () -- C:\Dokumente und Einstellungen\*\Eigene Dateien\cc_20100716_221230.reg
[2010.07.16 22:12:20 | 000,000,206 | ---- | C] () -- C:\Dokumente und Einstellungen\*\Eigene Dateien\cc_20100716_221218.reg
[2010.07.16 22:12:05 | 000,000,206 | ---- | C] () -- C:\Dokumente und Einstellungen\*\Eigene Dateien\cc_20100716_221204.reg
[2010.07.16 22:11:47 | 000,000,498 | ---- | C] () -- C:\Dokumente und Einstellungen\*\Eigene Dateien\cc_20100716_221144.reg
[2010.07.16 22:11:21 | 000,001,424 | ---- | C] () -- C:\Dokumente und Einstellungen\*\Eigene Dateien\cc_20100716_221118.reg
[2010.07.16 22:10:23 | 000,094,342 | ---- | C] () -- C:\Dokumente und Einstellungen\*\Eigene Dateien\cc_20100716_221015.reg
[2010.07.16 22:00:39 | 000,000,654 | ---- | C] () -- C:\Dokumente und Einstellungen\*\Desktop\CCleaner.lnk
[2010.07.16 21:35:32 | 000,363,520 | ---- | C] () -- C:\Dokumente und Einstellungen\*\Desktop\rkill.com
[2010.07.16 21:03:54 | 000,001,671 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Avira AntiVir Control Center.lnk
[2010.07.01 22:41:29 | 000,088,587 | ---- | C] () -- C:\Dokumente und Einstellungen\*\Desktop\*2.jpg
[2010.07.01 22:41:16 | 000,104,355 | ---- | C] () -- C:\Dokumente und Einstellungen\*\Desktop\*1.jpg
[2010.07.01 22:40:03 | 000,085,802 | ---- | C] () -- C:\Dokumente und Einstellungen\*\Desktop\*1.jpg
[2010.07.01 22:39:47 | 000,100,549 | ---- | C] () -- C:\Dokumente und Einstellungen\*\Desktop\*2.jpg
[2010.06.28 21:16:00 | 000,162,434 | ---- | C] () -- C:\Dokumente und Einstellungen\*\Desktop\pdf-preview.png
[2010.06.23 14:04:27 | 000,000,169 | ---- | C] () -- C:\WINDOWS\RtlRack.ini
[2009.06.26 01:38:16 | 000,281,760 | ---- | C] () -- C:\WINDOWS\System32\drivers\atksgt.sys
[2009.06.26 01:38:16 | 000,025,888 | ---- | C] () -- C:\WINDOWS\System32\drivers\lirsgt.sys
[2008.10.25 21:09:53 | 000,022,328 | ---- | C] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys
[2008.10.07 10:13:30 | 000,197,912 | ---- | C] () -- C:\WINDOWS\System32\physxcudart_20.dll
[2008.10.07 10:13:22 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelTraditionalChinese.dll
[2008.10.07 10:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSwedish.dll
[2008.10.07 10:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSpanish.dll
[2008.10.07 10:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSimplifiedChinese.dll
[2008.10.07 10:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelPortugese.dll
[2008.10.07 10:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelKorean.dll
[2008.10.07 10:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelJapanese.dll
[2008.10.07 10:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelGerman.dll
[2008.10.07 10:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelFrench.dll
[2008.03.14 16:23:57 | 000,000,027 | ---- | C] () -- C:\WINDOWS\sbinet.ini
[2008.03.14 16:23:57 | 000,000,025 | ---- | C] () -- C:\WINDOWS\skat24.ini
[2008.03.14 16:23:09 | 001,201,206 | ---- | C] () -- C:\WINDOWS\System32\KART24GF.DLL
[2008.03.14 16:23:09 | 001,201,206 | ---- | C] () -- C:\WINDOWS\System32\Kart24gd.dll
[2007.11.26 21:56:28 | 000,151,415 | ---- | C] () -- C:\WINDOWS\System32\xlive.dll.cat
[2007.06.27 16:56:12 | 000,001,088 | ---- | C] () -- C:\WINDOWS\UnitConverter.INI
[2007.03.08 02:04:24 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\psfind.dll
[2006.12.19 16:56:38 | 000,000,432 | ---- | C] () -- C:\WINDOWS\BRWMARK.INI
[2006.09.09 20:20:14 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\swunilog.ini
[2006.08.03 04:29:26 | 000,000,164 | ---- | C] () -- C:\WINDOWS\avrack.ini
[2006.08.03 04:29:25 | 000,156,672 | ---- | C] () -- C:\WINDOWS\System32\RTLCPAPI.dll
[2006.08.03 04:27:00 | 000,004,096 | ---- | C] () -- C:\WINDOWS\gdrv.sys
[2006.08.03 00:18:54 | 000,000,049 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2006.08.03 00:15:27 | 000,000,400 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2006.08.02 23:54:46 | 000,000,023 | ---- | C] () -- C:\WINDOWS\BlendSettings.ini
[2006.08.02 22:49:20 | 000,046,592 | ---- | C] () -- C:\WINDOWS\System32\asfrench.dll
[2006.08.02 22:49:20 | 000,046,080 | ---- | C] () -- C:\WINDOWS\System32\asrussian.dll
[2006.08.02 22:49:20 | 000,046,080 | ---- | C] () -- C:\WINDOWS\System32\asgerman.dll
[2006.08.02 22:49:20 | 000,046,080 | ---- | C] () -- C:\WINDOWS\System32\aseng.dll
[2006.08.02 22:49:20 | 000,045,568 | ---- | C] () -- C:\WINDOWS\System32\askorean.dll
[2006.08.02 22:49:20 | 000,045,568 | ---- | C] () -- C:\WINDOWS\System32\asjapan.dll
[2006.08.02 22:49:20 | 000,045,568 | ---- | C] () -- C:\WINDOWS\System32\ASCHT.dll
[2006.08.02 22:49:20 | 000,045,568 | ---- | C] () -- C:\WINDOWS\System32\aschs.dll
[2006.08.02 22:49:20 | 000,010,496 | ---- | C] () -- C:\WINDOWS\System32\ATKOSDMini.DLL
[2006.08.02 22:49:20 | 000,000,018 | ---- | C] () -- C:\WINDOWS\System32\atkid.ini
[2006.03.09 09:29:00 | 000,581,632 | ---- | C] () -- C:\WINDOWS\System32\nvhwvid.dll
[2006.03.09 09:29:00 | 000,286,720 | ---- | C] () -- C:\WINDOWS\System32\nvnt4cpl.dll
[2003.08.07 21:01:50 | 000,237,568 | ---- | C] () -- C:\WINDOWS\System32\lame_enc.dll
[2002.03.25 20:02:14 | 000,027,440 | ---- | C] () -- C:\WINDOWS\System32\drivers\secdrv.sys
< End of report >
--- --- ---
--- --- ---
Extras.txt
OTL EXTRAS Logfile: Code:
OTL Extras logfile created on: 22.07.2010 21:20:54 - Run 3
OTL by OldTimer - Version 3.2.9.0 Folder = C:\Dokumente und Einstellungen\*\Desktop
Windows XP Professional Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
511,00 Mb Total Physical Memory | 246,00 Mb Available Physical Memory | 48,00% Memory free
2,00 Gb Paging File | 2,00 Gb Available in Paging File | 87,00% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 19,53 Gb Total Space | 5,98 Gb Free Space | 30,62% Space Free | Partition Type: NTFS
Drive D: | 11,72 Gb Total Space | 1,46 Gb Free Space | 12,48% Space Free | Partition Type: NTFS
Drive E: | 32,16 Gb Total Space | 9,54 Gb Free Space | 29,66% Space Free | Partition Type: FAT32
Drive F: | 32,31 Gb Total Space | 1,64 Gb Free Space | 5,07% Space Free | Partition Type: FAT32
Drive G: | 259,95 Gb Total Space | 6,04 Gb Free Space | 2,32% Space Free | Partition Type: NTFS
H: Drive not present or media not loaded
Drive I: | 1,95 Gb Total Space | 0,49 Gb Free Space | 25,13% Space Free | Partition Type: FAT32
Drive J: | 1,89 Gb Total Space | 0,06 Gb Free Space | 3,40% Space Free | Partition Type: FAT
Drive K: | 7,53 Gb Total Space | 5,34 Gb Free Space | 70,97% Space Free | Partition Type: FAT32
Drive L: | 1397,26 Gb Total Space | 1291,00 Gb Free Space | 92,40% Space Free | Partition Type: NTFS
Computer Name: ***
Current User Name: *
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Programme\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
htmlfile [edit] -- Reg Error: Key error.
https [open] -- C:\PROGRA~1\MOZILL~1\FIREFOX.EXE -url "%1" (Mozilla Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Winamp.Bookmark] -- "C:\Programme\Winamp\Winamp.exe" /BOOKMARK "%1" (Nullsoft)
Directory [Winamp.Enqueue] -- "C:\Programme\Winamp\Winamp.exe" /ADD "%1" (Nullsoft)
Directory [Winamp.Play] -- "C:\Programme\Winamp\Winamp.exe" "%1" (Nullsoft)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 1
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Programme\eMule\emule.exe" = C:\Programme\eMule\emule.exe:*:Enabled:eMule -- File not found
"C:\Programme\Mozilla Firefox\firefox.exe" = C:\Programme\Mozilla Firefox\firefox.exe:*:Enabled:Firefox -- (Mozilla Corporation)
"C:\Programme\VLC\vlc.exe" = C:\Programme\VLC\vlc.exe:*:Enabled:VLC media player -- ()
"G:\Spiele\unreal\Binaries\UT3.exe" = G:\Spiele\unreal\Binaries\UT3.exe:*:Enabled:Unreal Tournament 3 -- ()
"E:\spiele\Warcraft3\Warcraft III.exe" = E:\spiele\Warcraft3\Warcraft III.exe:*:Disabled:Warcraft III -- (Blizzard Entertainment)
"G:\Spiele\MoM IME\Server\MoMIMEServer.exe" = G:\Spiele\MoM IME\Server\MoMIMEServer.exe:*:Enabled:MoMIMEServer -- ()
"C:\Programme\uTorrent\uTorrent.exe" = C:\Programme\uTorrent\uTorrent.exe:*:Enabled:µTorrent -- (BitTorrent, Inc.)
"G:\Spiele\Anno\tools\Anno4Web.exe" = G:\Spiele\Anno\tools\Anno4Web.exe:*:Disabled:Anno4Web -- ()
"G:\Spiele\Dragon Age\bin_ship\daorigins.exe" = G:\Spiele\Dragon Age\bin_ship\daorigins.exe:*:Enabled:Dragon Age Origins Game -- (BioWare)
"G:\Spiele\Dragon Age\DAOriginsLauncher.exe" = G:\Spiele\Dragon Age\DAOriginsLauncher.exe:*:Enabled:Dragon Age Origins Launcher -- (BioWare)
"G:\Spiele\Dragon Age\bin_ship\daupdatersvc.service.exe" = G:\Spiele\Dragon Age\bin_ship\daupdatersvc.service.exe:*:Enabled:Dragon Age Origins Updater -- (BioWare)
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator
"{09CF6AF5-9206-4FD7-9B08-BA6819FB47E3}" = Anno 1404
"{1C4551A6-4743-4093-91E4-1477CD655043}" = NVIDIA PhysX
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{26A24AE4-039D-4CA4-87B4-2F83216021FF}" = Java(TM) 6 Update 21
"{315ACD04-BCEB-478B-9B1D-5431D0E6CB11}" = ASUS Enhanced Display Driver
"{350C97B3-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3D9CF3CA-3AB0-4A82-9853-D7C43FD1D775}" = ANNO 1404
"{3DED3A72-61A8-4B87-98A5-EF0BC8038AA0}" = DAEMON Tools
"{412B69AF-C352-4F6F-A318-B92B3CB9ACC6}" = Titan Quest
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{82A9EA04-1BF0-4BD3-B622-3FCD9CE0CA8A}" = Master of Magic - Implode's Multiplayer Edition
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90110407-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{929CE49F-1CA7-4CF3-A9A1-6D757443C63F}" = Microsoft Games for Windows - LIVE Redistributable
"{974C4B12-4D02-4879-85E0-61C95CC63E9E}" = Fallout 3
"{981029E0-7FC9-4CF3-AB39-6F133621921A}" = Skype Toolbars
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-1033-F400-7761-000000000004}" = Adobe Acrobat 9 Pro Extended - English, Français, Deutsch
"{AC76BA86-1033-F400-7761-000000000004}{AC76BA86-1033-F400-7761-000000000004}" = Adobe Acrobat 9 Pro Extended - English, Français, Deutsch
"{AC76BA86-7AD7-1031-7B44-A70900000002}" = Adobe Reader 7.0.9 - Deutsch
"{AEC81925-9C76-4707-84A9-40696C613ED3}" = Dragon Age: Origins
"{BFA90209-7AFF-4DB6-8E4B-E57305751AD7}" = Unreal Tournament 3
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C151CE54-E7EA-4804-854B-F515368B0798}" = Athlon 64 Processor Driver
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.2
"{EF581945-BBE9-11D5-A7FE-50275FC10000}" = Capitalism II
"{F7B0939E-58DF-11DF-B3A6-005056806466}" = Google Earth
"{FB08F381-6533-4108-B7DD-039E11FBC27E}" = Realtek AC'97 Audio
"7-Zip" = 7-Zip 4.42
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Age of Wonders Shadow Magic" = Age of Wonders Shadow Magic
"APSys Identifier 1.0" = APSys Identifier 1.0
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"B991B020-2968-11D8-AF23-444553540000_is1" = FreeMind
"CCleaner" = CCleaner
"CDisplay_is1" = CDisplay 1.8
"ESET Online Scanner" = ESET Online Scanner v3
"Google Updater" = Google Updater
"GXTranscoder v2" = GXTranscoder v2
"Hard to be a God_is1" = Hard to be a God
"ImgBurn" = ImgBurn
"InstallShield_{3C3B2C97-0DAB-482F-9C95-6610827210E3}" = ASUS nVIDIA Driver
"IrfanView" = IrfanView (remove only)
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mozilla Firefox (1.5.0.12)" = Mozilla Firefox (1.5.0.12)
"Nero - Burning Rom!UninstallKey" = Nero 6 Ultra Edition
"NVIDIA Drivers" = NVIDIA Drivers
"NVIDIA nView Desktop Manager" = NVIDIA nView Desktop Manager
"PhotoScape" = PhotoScape
"PunkBusterSvc" = PunkBuster Services
"RealAlt_is1" = Real Alternative 1.9.0
"ST5UNST #1" = Skat24sv
"TQVault_is1" = TQVault 2.11
"UltimateZip 2007_is1" = UltimateZip 2007
"VLC media player" = VideoLAN VLC media player 0.8.5
"WIC" = Windows Imaging Component
"Winamp" = Winamp (remove only)
"Windows XP Service Pack" = Windows XP Service Pack 2
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"InstallShield_{BFA90209-7AFF-4DB6-8E4B-E57305751AD7}" = Unreal Tournament 3
"uTorrent" = µTorrent
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 09.07.2010 18:32:05 | Computer Name = *** | Source = Google Update | ID = 20
Description =
Error - 09.07.2010 19:32:05 | Computer Name = *** | Source = Google Update | ID = 20
Description =
Error - 15.07.2010 14:49:41 | Computer Name = *** | Source = Application Hang | ID = 1002
Description = Stillstehende Anwendung vlc.exe, Version 0.8.5.0, Stillstandmodul
hungapp, Version 0.0.0.0, Stillstandadresse 0x00000000.
Error - 16.07.2010 15:38:15 | Computer Name = *** | Source = crypt32 | ID = 131080
Description = Der automatische Aktualisierungsabruf der Drittanbieterstammlisten-Sequenznummer
von <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>
ist fehlgeschlagen mit dem Fehler: Die Serververbindung wurde aufgrund eines Fehlers
beendet. .
Error - 16.07.2010 15:38:16 | Computer Name = *** | Source = crypt32 | ID = 131080
Description = Der automatische Aktualisierungsabruf der Drittanbieterstammlisten-Sequenznummer
von <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>
ist fehlgeschlagen mit dem Fehler: Diese Netzwerkverbindung ist nicht vorhanden.
.
Error - 18.07.2010 13:32:09 | Computer Name = *** | Source = Google Update | ID = 20
Description =
Error - 18.07.2010 13:37:26 | Computer Name = *** | Source = crypt32 | ID = 131080
Description = Der automatische Aktualisierungsabruf der Drittanbieterstammlisten-Sequenznummer
von <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>
ist fehlgeschlagen mit dem Fehler: Die Serververbindung wurde aufgrund eines Fehlers
beendet. .
Error - 18.07.2010 13:37:27 | Computer Name = *** | Source = crypt32 | ID = 131080
Description = Der automatische Aktualisierungsabruf der Drittanbieterstammlisten-Sequenznummer
von <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>
ist fehlgeschlagen mit dem Fehler: Diese Netzwerkverbindung ist nicht vorhanden.
.
Error - 18.07.2010 13:51:57 | Computer Name = *** | Source = crypt32 | ID = 131080
Description = Der automatische Aktualisierungsabruf der Drittanbieterstammlisten-Sequenznummer
von <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>
ist fehlgeschlagen mit dem Fehler: Die Serververbindung wurde aufgrund eines Fehlers
beendet. .
Error - 18.07.2010 13:51:58 | Computer Name = *** | Source = crypt32 | ID = 131080
Description = Der automatische Aktualisierungsabruf der Drittanbieterstammlisten-Sequenznummer
von <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>
ist fehlgeschlagen mit dem Fehler: Diese Netzwerkverbindung ist nicht vorhanden.
.
[ System Events ]
Error - 22.07.2010 13:58:32 | Computer Name = *** | Source = Disk | ID = 262155
Description = Der Treiber hat einen Controllerfehler auf \Device\Harddisk3\D gefunden.
Error - 22.07.2010 13:58:33 | Computer Name = *** | Source = Disk | ID = 262155
Description = Der Treiber hat einen Controllerfehler auf \Device\Harddisk3\D gefunden.
Error - 22.07.2010 13:58:40 | Computer Name = *** | Source = Disk | ID = 262155
Description = Der Treiber hat einen Controllerfehler auf \Device\Harddisk3\D gefunden.
Error - 22.07.2010 15:19:01 | Computer Name = *** | Source = Disk | ID = 262155
Description = Der Treiber hat einen Controllerfehler auf \Device\Harddisk3\D gefunden.
Error - 22.07.2010 15:19:02 | Computer Name = *** | Source = Disk | ID = 262155
Description = Der Treiber hat einen Controllerfehler auf \Device\Harddisk3\D gefunden.
Error - 22.07.2010 15:19:06 | Computer Name = *** | Source = Disk | ID = 262155
Description = Der Treiber hat einen Controllerfehler auf \Device\Harddisk3\D gefunden.
Error - 22.07.2010 15:19:12 | Computer Name = *** | Source = Disk | ID = 262155
Description = Der Treiber hat einen Controllerfehler auf \Device\Harddisk3\D gefunden.
Error - 22.07.2010 15:19:17 | Computer Name = *** | Source = Disk | ID = 262155
Description = Der Treiber hat einen Controllerfehler auf \Device\Harddisk3\D gefunden.
Error - 22.07.2010 15:20:55 | Computer Name = *** | Source = Disk | ID = 262155
Description = Der Treiber hat einen Controllerfehler auf \Device\Harddisk3\D gefunden.
Error - 22.07.2010 15:21:03 | Computer Name = *** | Source = Disk | ID = 262155
Description = Der Treiber hat einen Controllerfehler auf \Device\Harddisk3\D gefunden.
< End of report >
--- --- --- |
