Trojaner-Board

Trojaner-Board (https://www.trojaner-board.de/)
-   Plagegeister aller Art und deren Bekämpfung (https://www.trojaner-board.de/plagegeister-aller-art-deren-bekaempfung/)
-   -   Antimalware Doctor, Security Suit Virus entfernen (https://www.trojaner-board.de/90212-antimalware-doctor-security-suit-virus-entfernen.html)

Dendemann 30.08.2010 10:57
Antimalware Doctor, Security Suit Virus entfernen
 
Hallo,

ich habe mir einen Virus eingefangen und habe keine Ahnung was ich nun machen soll. Mein antivir hat angezeigt, dass es einen Virus oder ein unerwünschtes Programm gibt. Daraufhin habe ich auf "Löschen" geklickt, aber danach kamen 14 weitere Funde und es haben sich die Programme Antimalware Doctor und Security Suite geöffnet. Wie ich im Forum mitbekommen habe sind die Programme die Viren und ich weiß nicht wie ich sie wieder entfernen kann. Mein Laptop ist jetzt viel langsamer und die Programme wie Internet Explorer lassen sich nicht mehr öffnen. Was soll ich nun tun? Sind meine Dateien gelöscht/gefährdet?

Gruß Dom

Swisstreasure 30.08.2010 11:24
:hallo:

Eine Bereinigung ist mitunter mit viel Arbeit für Dich verbunden.
  • Bitte arbeite alle Schritte der Reihe nach ab.
  • Lese die Anleitungen sorgfältig. Sollte es Probleme geben, bitte stoppen und hier so gut es geht beschreiben.
  • Nur Scanns durchführen zu denen Du von einem Helfer aufgefordert wirst.
  • Bitte kein Crossposting ( posten in mehreren Foren).
  • Installiere oder Deinstalliere während der Bereinigung keine Software ausser Du wurdest dazu aufgefordert.
  • Lese Dir die Anleitung zuerst vollständig durch. Sollte etwas unklar sein, frage bevor Du beginnst.
  • Poste die Logfiles direkt in deinen Thread. Nicht anhängen ausser ich fordere Dich dazu auf. Erschwert mir nämlich das auswerten.

Hinweis: Ich kann Dir niemals eine Garantie geben, dass ich auch alles finde. Eine Formatierung ist meist der Schnellere und immer der sicherste Weg.
Solltest Du Dich für eine Bereinigung entscheiden, arbeite solange mit, bis dir jemand vom Team sagt, dass Du clean bist.

Vista und Win7 User
Alle Tools mit Rechtsklick "als Administrator ausführen" starten.

Schritt 1

Gehe in den abgesicherten Modus (Link bitte unbedingt anklicken & lesen!) von windows

Drücke beim Hochfahren des rechners [F8] (bei win xp) solange, bis du eine auswahlmöglichkeit hast.
Wähle hier:Abgesicherter Modus mit Netzwerktreibern

Schritt 2

Proxy deaktivieren

IE => Extras => Internetoptionen => Verbindungen => Lan-Einstellungen
Haken bei Proxyserver für LAN verwenden und Proxyserver für lokale Adressen umgehen entfernen

Firefox => Extras => Einstellungen => Erweitert => Netzwerk => Einstellungen.
Dort unter Verbindungs-Einstellungen => Kein Proxy anhaken.

Schritt 3

Rkill anwenden
  • Download rkill.com auf den Desktop Desktop.
  • Starte per Doppelklick rkill.com und führe das Programm aus (kann etwas dauern)…
  • Am Ende wird das schwarze Fenster von rkill.com automatisch geschlossen.
  • Wenn eine Meldung von Deiner Sicherheitslösung kommt rkill.com sei Malware, erlaube rkill.com als „Ausnahme“.
  • Bitte poste mir das Logfile.

Schritt 4

Downloade Malwarebytes Anti-Malware (ca. 2 MB) von diesen Downloadspiegel:
Malwarebytes
  • Installiere das Programm in den vorgegebenen Pfad.
  • Denke daran, bei Vista das Programm als Admin zu starten, ansonsten per Doppelklick starten.
  • Lasse es online updaten (Reiter Updates), wenn das nicht automatisch passiert (ca. 1 MB).
  • Aktiviere "Komplett Scan durchführen" => Scan.
  • Wähle alle verfügbaren Laufwerke aus und starte den Scan.
  • Wenn der Scan beendet ist, klicke auf "Zeige Resultate".
  • Versichere Dich, dass alle Funde markiert sind und drücke "Löschen".
  • Poste das Logfile, welches sich in Notepad öffnet, hier in den Thread.
  • Nachträglich kannst du den Bericht unter "Scan-Berichte" finden.
  • Berichte, wie der Rechner nun läuft.
Hier findest Du eine ausführliche und bebilderte Anleitung.

Dendemann 30.08.2010 13:22
Ich habe versucht den Computer auszuschalten aber er blieb eine halbe Stunde bei Windows wird heruntergefahren stehen und da hab ich ihn per "Knopf" ausgeschaltet. Beim Hochfahren habe ich F8 gedrückt, aber er zeigt kein Bild mehr an und startet alle 30Sekunden neu.

Swisstreasure 30.08.2010 13:25
Also kommst Du nicht mehr in den abgesicherten Modus?

Wenn nein dann mach folgendes:

Unbootbares System mit OTLPE Network scannen

Mach diese Schritte auf einem sauberen System:
  • Lade OTLPENet.exe von OldTimer herunter und speichere sie auf Deinem Desktop.
    Anmerkung: Die Datei ist ca. 120 MB groß und es wird bei langsamer Internet-Verbindung ein wenig dauern, bis Du sie runtergeladen hast.
  • Wenn der Download fertig ist, mache einen Doppelklick auf die Datei und beantworte die Frage "Do you want to burn the CD?" mit Yes.
  • Lege eine leere CD in Deinen Brenner.
  • ImgBurn (oder Dein Brennprogramm) wird das Archiv extrahieren und OTLPE Network auf die CD brennen.
  • Wenn der Brenn-Vorgang abgeschlossen ist, wirst Du eine Dialogbox sehen => "Operation successfully completed".
  • Du kannst nun die Fenster des Brennprogramms schließen.

Nun wechsle auf das unbootbare System:
  • Starte das unbootbare System neu und boote von der CD, die Du gerade erstellt hast.
    Anmerkung: Wenn Du nicht weißt, wie Du Deinen Computer dazu bringst, von CD zu booten, dann folge diesen Schritten hier.
  • Dein System sollte nach einigen Minuten den REATOGO-X-PE Desktop anzeigen.
  • Mache einen Doppelklick auf das OTLPE Icon.
  • Wenn Du gefragt wirst "Do you wish to load the remote registry", dann wähle Yes.
  • Wenn Du gefragt wirst "Do you wish to load remote user profile(s) for scanning", dann wähle Yes.
  • Vergewissere Dich, dass die Box "Automatically Load All Remaining Users" gewählt ist und drücke OK.
  • OTLpe sollte nun starten.

    http://image.hijackthis.de/upload/hjt1-034.jpg
  • Drücke Run Scan, um den Scan zu starten.
  • Wenn der Scan fertig ist, werden die Dateien C:\OTL.Txt und C:\Extras.Txt gesichert und mit Notepad++ geöffnet.
  • Kopiere diese Datei auf Deinen USB-Stick, wenn Du keine Internetverbindung auf diesem System hast.
  • Bitte poste den Inhalt von C:\OTL.Txt und Extras.Txt in diesen Thread.
Falls Du kein Brennprogramm hast:

ISOBurner
Das Programm wird Dir erlauben, OTLPE auf eine CD zu brennen und sie bootfähig zu machen.
Du brauchst das Tool nur zu installieren, der Rest läuft automatisch => Wie brenne ich eine ISO Datei auf CD/DVD.

Dendemann 30.08.2010 13:40
Aber ich kann doch garnicht booten, da der Bildschirm schwarz bleibt.

Swisstreasure 30.08.2010 14:07
Mit einer Boot_CD gehts auch nicht?

Dendemann 30.08.2010 15:40
Jetzt ging es!OTL EXTRAS Logfile:
Code:
OTL Extras logfile created on: 8/30/2010 4:53:10 PM - Run
OTLPE by OldTimer - Version 3.1.40.0    Folder = X:\Programs\OTLPE
Microsoft Windows XP Service Pack 2 (Version = 5.1.2600) - Type = SYSTEM
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
2.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 87.00% Memory free
2.00 Gb Paging File | 2.00 Gb Available in Paging File | 97.00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 77.63 Gb Total Space | 24.98 Gb Free Space | 32.18% Space Free | Partition Type: NTFS
Drive D: | 77.63 Gb Total Space | 59.77 Gb Free Space | 76.99% Space Free | Partition Type: NTFS
Drive E: | 77.62 Gb Total Space | 55.38 Gb Free Space | 71.34% Space Free | Partition Type: NTFS
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Drive X: | 433.24 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
 
Computer Name: REATOGO
Current User Name: SYSTEM
Logged in as Administrator.
 
Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard
Using ControlSet: ControlSet001
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
 
========== Shell Spawning ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
htmlfile [edit] -- "C:\Programme\Microsoft Office\OFFICE11\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Programme\Microsoft Office\OFFICE11\msohtmed.exe" /p %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Programme\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" File not found
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Programme\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" File not found
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 1
"FirewallDisableNotify" = 1
"UpdatesDisableNotify" = 1
"AntiVirusOverride" = 0
"FirewallOverride" = 0
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
 
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
 
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
 
========== Authorized Applications List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
 
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Programme\CyberLink\PowerDVD\PowerDVD.exe" = C:\Programme\CyberLink\PowerDVD\PowerDVD.exe:*:Enabled:CyberLink PowerDVD -- (CyberLink Corp.)
 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{02570AE0-BEE0-4A6C-BE3F-D806E9F2EA17}" = ScanSoft PaperPort 11
"{0A65A3BD-54B5-4d0d-B084-7688507813F5}" = SlideShow
"{0CB9668D-F979-4F31-B8B8-67FE90F929F8}" = Bonjour
"{13F3917B56CD4C25848BDC69916971BB}" = DivX Converter
"{15C0AF59-4877-49B6-B8C6-A61CE54515F5}" = cp_OnlineProjectsConfig
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{18D10072035C4515918F7E37EAFAACFC}" = AutoUpdate
"{1A2000AF-79DE-47FB-8411-BA22F981917F}" = Tropico 2: Die Pirateninsel
"{1A9DEF19-760C-4e01-958F-D9B8E6C61B90}" = c5100_Help
"{1E06D48E-5448-4BCC-9F87-9FB4EBD59898}" = SA30xx Media Converter
"{2227E1FA-01F5-483C-AB0E-2A308E900B3D}" = InterVideo FilterSDK for Hauppauge
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{2376813B-2E5A-4641-B7B3-A0D5ADB55229}" = HPPhotoSmartExpress
"{26A24AE4-039D-4CA4-87B4-2F83216010FF}" = Java(TM) 6 Update 10
"{289CDCBA-1E82-460A-9DCA-E9FB6BAC1A42}" = SA30xx Device Manager
"{2BC2781A-F7F6-452E-95EB-018A522F1B2C}" = PaperPort Image Printer
"{2E8EAC71-BFE4-417A-88F0-5A1BDFBCF5D3}" = Logitech SetPoint
"{2F58D60D-2BFD-4467-9B4D-64E7355C329D}" = Sonic_PrimoSDK
"{2FFE93F0-BB72-4E52-8761-354D1AAA9387}" = Sony Ericsson PC Suite 6.009.00
"{33BF0960-DBA3-4187-B6CC-C969FCFA2D25}" = SkinsHP1
"{350C97B3-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{363790D2-DA98-41DD-9C9F-69FA36B169DE}" = PanoStandAlone
"{36FDBE6E-6684-462B-AE98-9A39A1B200CC}" = HP Product Assistant
"{3D9892BB-A751-4E48-ADC8-E4289956CE1D}" = QuickTime
"{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}" = Logitech Registration
"{3FC7CBBC4C1E11DCA1A752EA55D89593}" = DivX Version Checker
"{41E776A5-9B12-416D-9A12-B4F7B044EBED}" = CP_Package_Basic1
"{45B8A76B-57EC-4242-B019-066400CD8428}" = BufferChm
"{4B9919E4-6E86-485A-82CC-4E353B221031}" = Nero 7 Essentials
"{4EA2F95F-A537-4d17-9E7F-6B3FF8D9BBE3}" = Microsoft Works
"{4EA684E9-5C81-4033-A696-3019EC57AC3A}" = HPProductAssistant
"{53EE9E42-CECB-4C92-BF76-9CA65DAF8F1C}" = FullDPAppQFolder
"{56918C0C-0D87-4CA6-92BF-4975A43AC719}" = KhalInstallWrapper
"{606BC780-101C-41DB-808D-4539BFA0774A}" = MobileMe Control Panel
"{60DE4033-9503-48D1-A483-7846BD217CA9}" = ICQ6.5
"{66910000-8B30-4973-A159-6371345AFFA5}" = WebReg
"{6696D9A4-28A8-4F5A-8E9A-2E8974C8C39C}" = RandMap
"{66E6CE0C-5A1E-430C-B40A-0C90FF1804A8}" = eSupportQFolder
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD
"{68763C27-235D-4165-A961-FDEA228CE504}" = AiOSoftwareNPI
"{6909F917-5499-482e-9AA1-FAD06A99F231}" = Toolbox
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{6BF66AED-3EA4-4106-B240-5CE96C9B76B0}" = Brother MFL-Pro Suite DCP-375CW
"{6F5E2F4A-377D-4700-B0E3-8F7F7507EA15}" = CustomerResearchQFolder
"{7131646D-CD3C-40F4-97B9-CD9E4E6262EF}" = Microsoft .NET Framework 2.0
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{736C803C-DD3B-4015-BC51-AFB9E67B9076}" = Readme
"{767CC44C-9BBC-438D-BAD3-FD4595DD148B}" = VC80CRTRedist - 8.0.50727.762
"{76E41F43-59D2-4F30-BA42-9A762EE1E8DE}" = Avanquest update
"{7B3F0113-E63C-4D6D-AF19-111A3165CCA2}" = Text-To-Speech-Runtime
"{7B63B2922B174135AFC0E1377DD81EC2}" = DivX Codec
"{7C03270C-4FAB-4F5C-B10D-52FEDA190790}" = DocumentViewerQFolder
"{7E7B7865-6C80-4373-8BC1-C2EB9431F9DE}" = ProductContextNPI
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110111700}" = Zuma Deluxe
"{8331C3EA-0C91-43AA-A4D4-27221C631139}" = Status
"{85991ED2-010C-4930-96FA-52F43C2CE98A}" = Apple Mobile Device Support
"{87E2B986-07E8-477a-93DC-AF0B6758B192}" = DocProcQFolder
"{8937FCB2-2FC6-4FC3-9FB5-DE2C92DB9C38}" = Microsoft .NET Framework 2.0 Language Pack - DEU
"{8A4CE7FD-9657-4B06-9943-E1819F3D5D67}" = DocProc
"{8ADFC4160D694100B5B8A22DE9DCABD9}" = DivX Player
"{8CC990CD-87C8-475C-AC32-8A7984E2FCFA}" = CDDRV_Installer
"{8CE4E6E9-9D55-43FB-9DDB-688C976BFC05}" = Unload
"{8D04F5C2-704D-4DB8-84FF-22300783D7F8}" = capella 2008
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel(R) Matrix Storage Manager
"{90850407-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Word Viewer 2003
"{91E30407-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{981029E0-7FC9-4CF3-AB39-6F133621921A}" = Skype Toolbars
"{98EA51C9-B0B0-45BC-8641-3E119EA47D7B}" = Sony Ericsson Media Manager 1.2
"{996512CF-F35B-48DE-9291-557FA5316967}" = ScannerCopy
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{A29800BA-0BF1-4E63-9F31-DF05A87F4104}" = InstantShareDevices
"{A43BF6A5-D5F0-4AAA-BF41-65995063EC44}" = MSXML 6.0 Parser
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A96E97134CA649888820BCDE5E300BBD}" = H.264 Decoder
"{AAC389499AEF40428987B3D30CFC76C9}" = MKV Splitter
"{AB5D51AE-EBC3-438D-872C-705C7C2084B0}" = DeviceManagementQFolder
"{AC76BA86-7AD7-1031-7B44-A91000000001}" = Adobe Reader 9.1.3 - Deutsch
"{AC76BA86-7AD7-5464-3428-900000000004}" = Spelling Dictionaries Support For Adobe Reader 9
"{AEF9DC35ADDF4825B049ACBFD1C6EB37}" = AAC Decoder
"{AFAC914D-9E83-4A89-8ABE-427521C82CCF}" = Safari
"{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter
"{B2157760-AA3C-4E2E-BFE6-D20BC52495D9}" = cp_PosterPrintConfig
"{B2D328BE-45AD-4D92-96F9-2151490A203E}" = Apple Application Support
"{B3B9BC18-2A09-4728-9B46-12E85FF3F628}" = C5100
"{B6286A44-7505-471A-A72B-04EC2DB2F442}" = CueTour
"{B69CFE29-FD03-4E0A-87A7-6ED97F98E5B3}" = CP_Panorama1Config
"{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Web Player
"{BDBE2F3E-42DB-4d4a-8CB1-19BA765DBC6C}" = HP Photosmart, Officejet and Deskjet 7.0.A
"{C1C6767D-B395-43CB-BF99-051B58B86DA6}" = PhotoGallery
"{C1E11C46-E6EB-4BD2-9ADF-2A98ACBEB216}" = iTunes
"{C7340571-7773-4A8C-9EBC-4E4243B38C76}" = Microsoft XML Parser
"{C7F54CF8-D6FB-4E0A-93A3-E68AE0D6C476}" = SolutionCenter
"{C8753E28-2680-49BF-BD48-DD38FD086EFE}" = AiO_Scan_CDA
"{C99EF05C-A49C-4C8C-902B-BD4B96A6F3A8}" = Keyboard Manager Utility
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CEBB6BFB-D708-4F99-A633-BC2600E01EF6}" = Bluetooth Stack for Windows by Toshiba
"{CF40ACC5-E1BB-4aff-AC72-04C2F616BCA7}" = getPlus(R) for Adobe
"{CFADE4AF-C0CF-4A04-A776-741318F1658F}" = Content Transfer
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.2
"{D16D8A48-65A4-4B19-8A02-DC9A40FB80C4}" = Norton Security Scan
"{DBC20735-34E6-4E97-A9E5-2066B66B243D}" = TrayApp
"{E1B80DEE-A795-4258-8445-074C06AE3AB8}" = MarketResearch
"{E78BFA60-5393-4C38-82AB-E8019E464EB4}" = Microsoft .NET Framework 1.1 German Language Pack
"{ED2C557E-9C18-41FF-B58E-A05EEF0B3B5F}" = CP_CalendarTemplates1
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F157460F-720E-482f-8625-AD7843891E5F}" = InstantShareDevicesMFC
"{F3760724-B29D-465B-BC53-E5D72095BCC4}" = Scan
"{F3BD8E81-C020-44F9-B014-1E0214D23556}" = SA30xx Media Converter
"{F6076EF9-08E1-442F-B6A2-BFB61B295A14}" = Fax_CDA
"{F7B0939E-58DF-11DF-B3A6-005056806466}" = Google Earth
"{FB15E224-67C3-491F-9F5C-F257BC418412}" = Destinations
"{FBB980B0-63F8-4B48-8D65-90F1D9F81D9F}" = NewCopy_CDA
"{FE57DE70-95DE-4B64-9266-84DA811053DB}" = HP Update
"{FE7E1DD7-EBCE-4696-ADE2-22BDBF2372DA}" = DocumentViewer
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11
"Alarm für Cobra 11" = Alarm für Cobra 11
"Album Cover Finder_is1" = Album Cover Finder v.6.5.0
"Ask Toolbar_is1" = Vuze Toolbar
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"AVS Audio Converter 5.1_is1" = AVS Audio Converter version 5.1
"AVS Audio Editor_is1" = AVS Audio Editor version 4.2
"AVS Update Manager_is1" = AVS Update Manager 1.0
"AVS4YOU Software Navigator_is1" = AVS4YOU Software Navigator 1.3
"AVS4YOU Video Converter 6_is1" = AVS Video Converter 6
"CamStudio" = CamStudio
"Cool Edit 2000" = Cool Edit 2000
"DivX Plus DirectShow Filters" = DivX Plus DirectShow Filters
"DriftCity_EU" = Drift City
"DXFSharpViewer 2" = DXF Sharp Viewer 2.0.21
"eMule" = eMule
"Firebird SQL Server D" = Firebird SQL Server - MAGIX Edition (D)
"Free 3GP Video Converter_is1" = Free 3GP Video Converter version 3.1
"Free Audio CD Burner_is1" = Free Audio CD Burner version 1.2
"Free Studio_is1" = Free Studio version 4.2
"Free YouTube Download_is1" = Free YouTube Download 2.2
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.2
"FreeStar Free AMR MP3 Converter" = FreeStar Free AMR MP3 Converter 1.0.1
"Google Chrome" = Google Chrome
"Google Updater" = Google Updater
"Hauppauge German Help Files and Resources" = Hauppauge German Help Files and Resources
"Hauppauge WinTV" = Hauppauge WinTV
"Hauppauge WinTV DVB-T EPG Service" = Hauppauge WinTV DVB-T EPG Service
"Hauppauge WinTV Infrared Remote" = Hauppauge WinTV Infrared Remote
"Hauppauge WinTV Scheduler" = Hauppauge WinTV Scheduler
"Hauppauge WinTV Soft PVR" = Hauppauge WinTV Soft PVR
"HHD Hex Editor 4.x" = HHD Software Free Hex Editor Neo 4.71
"HP Document Viewer" = HP Document Viewer 7.0
"HP Imaging Device Functions" = HP Imaging Device Functions 7.0
"HP Photo & Imaging" = HP Photosmart Premier Software 6.5
"HP Solution Center & Imaging Support Tools" = HP Solution Center 7.0
"HPExtendedCapabilities" = HP Customer Participation Program 7.0
"HPOCR" = OCR Software by I.R.I.S 7.0
"ICQToolbar" = ICQ Toolbar
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie7" = Windows Internet Explorer 7
"ie8" = Windows Internet Explorer 8
"InstallShield_{C99EF05C-A49C-4C8C-902B-BD4B96A6F3A8}" = Keyboard Manager Utility
"InterActual Player" = InterActual Player
"InternetGameBox" = InternetGameBox
"IrfanView" = IrfanView (remove only)
"IsoBuster Toolbar" = IsoBuster Toolbar
"IsoBuster_is1" = IsoBuster 2.4
"LilyPond" = LilyPond
"Luxor" = Luxor
"Magic Ball 2" = Magic Ball 2
"Magic ISO Maker v5.4 (build 0251)" = Magic ISO Maker v5.4 (build 0251)
"MAGIX Foto Manager 2007 D" = MAGIX Foto Manager 2007 (D)
"MAGIX music maker 2006 D" = MAGIX music maker 2006 (D)
"MAGIX Music Manager 2006 D" = MAGIX Music Manager 2006 (D)
"MAGIX Online Druck Service D" = MAGIX Online Druck Service (D)
"Microsoft .NET Framework 1.1  (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 2.0" = Microsoft .NET Framework 2.0
"Microsoft .NET Framework 2.0 Language Pack - DEU" = Microsoft .NET Framework 2.0 Language Pack - DEU
"Mozilla Firefox (3.0.11)" = Mozilla Firefox (3.0.11)
"MSNINST" = MSN
"Multi_Media_Germany Toolbar" = Multi_Media_Germany Toolbar
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"NSSSetup.{D16D8A48-65A4-4B19-8A02-DC9A40FB80C4}" = Norton Security Scan (Symantec Corporation)
"NVIDIA Drivers" = NVIDIA Drivers
"PRIME BACKUP" = PRIME BACKUP
"Radar Sync Bar" = Radar Sync Bar
"Rainbow Web 2" = Rainbow Web 2
"RealPlayer 6.0" = RealPlayer
"RegistryBooster 2_is1" = Uniblue RegistryBooster 2
"RTL Winter Sports 2009 (Demo)" = RTL Winter Sports 2009 (Demo)
"Secured eMule" = Secured eMule
"Share Accelerator MM Toolbar" = Share Accelerator MM Toolbar
"SMSERIAL" = Motorola SM56 Data Fax Modem
"Squash It" = Squash It
"Steam" = Steam
"Streamripper" = Streamripper (Remove only)
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"Uninstall_is1" = Uninstall 1.0.0.1
"Veoh Video Compass" = Veoh Video Compass
"Veoh Web Player Beta" = Veoh Web Player
"VLC media player" = VLC media player 0.9.9
"VTPlus32 für WinTV (German)" = VTPlus32 für WinTV (German)
"Vuze" = Vuze
"Wall Street Guru" = Wall Street Guru Beta 1.0
"Wdf01005" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
"Wild Races_is1" = Wild Races
"Winamp" = Winamp
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"WinGimp-2.0_is1" = GIMP 2.6.6
"WinRAR archiver" = WinRAR
"WMFDist11" = Windows Media Format 11 runtime
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"Xilisoft Video Converter Standard" = Xilisoft Video Converter Standard
"ygekcce" = Favorit
"Zapu - The Share Accelerator" = Zapu - The Share Accelerator
"ZDFsport_Bildschirmschoner" = ZDFsport_Bildschirmschoner Screen Saver
"Zuma Deluxe" = Zuma Deluxe
 
========== HKEY_USERS Uninstall List ==========
 
[HKEY_USERS\***_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Antimalware Doctor" = Antimalware Doctor
"BitTorrent DNA" = DNA
"sc09-DE_SEVENONE_MAIN" = Big Pizza Ski Challenge 2009
"sc10-DE_SEVENONE_MAIN" = Big Pizza Ski Challenge 2010
"tc08-DE_SEVENONE_MAIN" = IKK Direkt Mountainbike Challenge 08
 
< End of report >
--- --- ---

Dendemann 30.08.2010 15:55
OTL Logfile:
Code:
OTL logfile created on: 8/30/2010 4:53:10 PM - Run
OTLPE by OldTimer - Version 3.1.40.0    Folder = X:\Programs\OTLPE
Microsoft Windows XP Service Pack 2 (Version = 5.1.2600) - Type = SYSTEM
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
2.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 87.00% Memory free
2.00 Gb Paging File | 2.00 Gb Available in Paging File | 97.00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 77.63 Gb Total Space | 24.98 Gb Free Space | 32.18% Space Free | Partition Type: NTFS
Drive D: | 77.63 Gb Total Space | 59.77 Gb Free Space | 76.99% Space Free | Partition Type: NTFS
Drive E: | 77.62 Gb Total Space | 55.38 Gb Free Space | 71.34% Space Free | Partition Type: NTFS
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Drive X: | 433.24 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
 
Computer Name: REATOGO
Current User Name: SYSTEM
Logged in as Administrator.
 
Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard
Using ControlSet: ControlSet001
 
========== Win32 Services (SafeList) ==========
 
SRV - File not found [On_Demand] -- C:\Programme\NOS\bin\getPlus_HelperSvc.exe -- (getPlus(R) Helper) getPlus(R)
SRV - [2010/06/10 15:03:08 | 000,144,176 | ---- | M] (Apple Inc.) [Auto] -- C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2009/07/21 08:34:28 | 000,185,089 | ---- | M] (Avira GmbH) [Auto] -- C:\Programme\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2009/06/01 16:20:12 | 000,222,968 | ---- | M] () [Auto] -- C:\Programme\ICQ6Toolbar\ICQ Service.exe -- (ICQ Service)
SRV - [2009/05/13 10:48:18 | 000,108,289 | ---- | M] (Avira GmbH) [Auto] -- C:\Programme\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2009/04/30 07:23:26 | 000,090,112 | ---- | M] () [Auto] -- C:\Programme\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe -- (OMSI download service)
SRV - [2008/11/12 17:37:24 | 000,464,264 | ---- | M] () [Auto] -- C:\Programme\AskBarDis\bar\bin\AskService.exe -- (ASKService)
SRV - [2007/09/05 12:46:02 | 000,374,272 | ---- | M] (Hauppauge Computer Works) [Auto] -- C:\Programme\WinTV\EPG Services\System\EPGService.exe -- (EPGService)
SRV - [2007/08/09 03:27:52 | 000,073,728 | ---- | M] (HP) [Auto] -- C:\Windows\system32\HPZipm12.exe -- (Pml Driver HPZ12)
SRV - [2007/07/12 11:36:12 | 000,354,840 | ---- | M] (Intel Corporation) [Auto] -- C:\Programme\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON) Intel(R)
SRV - [2007/02/25 16:55:18 | 000,125,048 | ---- | M] (TOSHIBA CORPORATION) [Auto] -- c:\Programme\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe -- (TOSHIBA Bluetooth Service)
SRV - [2005/11/17 08:18:52 | 001,527,900 | ---- | M] (MAGIX®) [On_Demand] -- C:\MAGIX\Common\Database\bin\fbserver.exe -- (FirebirdServerMAGIXInstance)
SRV - [2005/04/03 19:41:10 | 000,069,632 | ---- | M] (Macrovision Corporation) [On_Demand] -- C:\Programme\Gemeinsame Dateien\InstallShield\Driver\11\Intel 32\IDriverT.exe -- (IDriverT)
SRV - [2003/07/28 07:28:22 | 000,089,136 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE -- (ose)
SRV - [2003/06/19 18:25:00 | 000,322,120 | ---- | M] (Microsoft Corporation) [Auto] -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7DEBUG\MDM.EXE -- (MDM)
 
 
========== Driver Services (SafeList) ==========
 
DRV - File not found [Kernel | On_Demand] --  -- (WDICA)
DRV - File not found [Kernel | On_Demand] --  -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand] --  -- (PDRELI)
DRV - File not found [Kernel | On_Demand] --  -- (PDFRAME)
DRV - File not found [Kernel | On_Demand] --  -- (PDCOMP)
DRV - File not found [Kernel | System] --  -- (PCIDump)
DRV - File not found [Kernel | System] --  -- (lbrtfdc)
DRV - File not found [Kernel | System] --  -- (i2omgmt)
DRV - File not found [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\EagleNT.sys -- (EagleNT)
DRV - File not found [Kernel | System] --  -- (Changer)
DRV - [2010/08/30 03:55:11 | 000,138,272 | ---- | M] () [Kernel | System] -- C:\WINDOWS\System32\drivers\qcfc8bf.sys -- (qcfc8bf)
DRV - [2009/12/07 15:20:06 | 000,056,816 | ---- | M] (Avira GmbH) [File_System | Auto] -- C:\Windows\system32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2009/05/11 04:12:20 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System] -- C:\Windows\system32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2009/03/30 04:33:03 | 000,096,104 | ---- | M] (Avira GmbH) [Kernel | System] -- C:\Windows\system32\drivers\avipbb.sys -- (avipbb)
DRV - [2009/02/13 06:35:01 | 000,011,608 | ---- | M] (Avira GmbH) [Kernel | System] -- C:\Programme\Avira\AntiVir Desktop\avgio.sys -- (avgio)
DRV - [2008/06/03 20:34:08 | 000,122,024 | ---- | M] (MCCI Corporation) [Kernel | On_Demand] -- C:\Windows\system32\drivers\s1018mdm.sys -- (s1018mdm)
DRV - [2008/06/03 20:34:08 | 000,115,368 | ---- | M] (MCCI Corporation) [Kernel | On_Demand] -- C:\Windows\system32\drivers\s1018mgmt.sys -- (s1018mgmt) Sony Ericsson Device 1018 USB WMC Device Management Drivers (WDM)
DRV - [2008/06/03 20:34:08 | 000,090,408 | ---- | M] (MCCI Corporation) [Kernel | On_Demand] -- C:\Windows\system32\drivers\s1018bus.sys -- (s1018bus) Sony Ericsson Device 1018 driver (WDM)
DRV - [2008/06/03 20:34:08 | 000,025,768 | ---- | M] (MCCI Corporation) [Kernel | On_Demand] -- C:\Windows\system32\drivers\s1018nd5.sys -- (s1018nd5) Sony Ericsson Device 1018 USB Ethernet Emulation (NDIS)
DRV - [2008/06/03 20:34:06 | 000,117,544 | ---- | M] (MCCI Corporation) [Kernel | On_Demand] -- C:\Windows\system32\drivers\s1018unic.sys -- (s1018unic) Sony Ericsson Device 1018 USB Ethernet Emulation (WDM)
DRV - [2008/06/03 20:34:06 | 000,111,784 | ---- | M] (MCCI Corporation) [Kernel | On_Demand] -- C:\Windows\system32\drivers\s1018obex.sys -- (s1018obex)
DRV - [2008/06/03 20:34:06 | 000,015,016 | ---- | M] (MCCI Corporation) [Kernel | On_Demand] -- C:\Windows\system32\drivers\s1018mdfl.sys -- (s1018mdfl)
DRV - [2008/05/26 23:41:46 | 000,122,152 | ---- | M] (MCCI Corporation) [Kernel | On_Demand] -- C:\Windows\system32\drivers\s0017mdm.sys -- (s0017mdm)
DRV - [2008/05/26 23:41:46 | 000,117,672 | ---- | M] (MCCI Corporation) [Kernel | On_Demand] -- C:\Windows\system32\drivers\s0017unic.sys -- (s0017unic) Sony Ericsson Device 0017 USB Ethernet Emulation SEMC0017 (WDM)
DRV - [2008/05/26 23:41:46 | 000,111,912 | ---- | M] (MCCI Corporation) [Kernel | On_Demand] -- C:\Windows\system32\drivers\s0017obex.sys -- (s0017obex)
DRV - [2008/05/26 23:41:46 | 000,090,536 | ---- | M] (MCCI Corporation) [Kernel | On_Demand] -- C:\Windows\system32\drivers\s0017bus.sys -- (s0017bus) Sony Ericsson Device 0017 driver (WDM)
DRV - [2008/05/26 23:41:46 | 000,015,016 | ---- | M] (MCCI Corporation) [Kernel | On_Demand] -- C:\Windows\system32\drivers\s0017mdfl.sys -- (s0017mdfl)
DRV - [2008/05/26 23:41:44 | 000,115,496 | ---- | M] (MCCI Corporation) [Kernel | On_Demand] -- C:\Windows\system32\drivers\s0017mgmt.sys -- (s0017mgmt) Sony Ericsson Device 0017 USB WMC Device Management Drivers (WDM)
DRV - [2008/05/26 23:41:44 | 000,025,768 | ---- | M] (MCCI Corporation) [Kernel | On_Demand] -- C:\Windows\system32\drivers\s0017nd5.sys -- (s0017nd5) Sony Ericsson Device 0017 USB Ethernet Emulation SEMC0017 (NDIS)
DRV - [2008/04/13 05:53:26 | 000,101,376 | ---- | M] (Protect Software GmbH) [Kernel | Auto] -- C:\Windows\system32\drivers\ACEDRV07.sys -- (ACEDRV07)
DRV - [2008/01/09 07:28:34 | 000,027,632 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand] -- C:\Windows\system32\drivers\seehcri.sys -- (seehcri)
DRV - [2007/07/12 11:35:02 | 000,305,176 | ---- | M] (Intel Corporation) [Kernel | Boot] -- C:\Windows\system32\drivers\iaStor.sys -- (IASTOR)
DRV - [2007/07/10 03:56:34 | 004,449,280 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand] -- C:\Windows\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2007/05/22 16:35:00 | 006,346,688 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand] -- C:\Windows\system32\drivers\nv4_mini.sys -- (nv)
DRV - [2007/05/11 05:38:37 | 002,206,976 | ---- | M] (Intel Corporation) [Kernel | On_Demand] -- C:\Windows\system32\drivers\NETw4x32.sys -- (NETw4x32) Intel(R)
DRV - [2007/04/11 09:32:58 | 000,036,112 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand] -- C:\Windows\system32\drivers\LMouFilt.Sys -- (LMouFilt)
DRV - [2007/04/11 09:32:52 | 000,034,832 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand] -- C:\Windows\system32\drivers\LHidFilt.Sys -- (LHidFilt)
DRV - [2007/03/30 12:19:08 | 000,041,856 | ---- | M] (TOSHIBA CORPORATION) [Kernel | On_Demand] -- C:\Windows\system32\drivers\tosrfusb.sys -- (tosrfusb)
DRV - [2007/03/13 04:12:00 | 000,255,232 | ---- | M] (Marvell) [Kernel | On_Demand] -- C:\Windows\system32\drivers\yk51x86.sys -- (yukonwxp)
DRV - [2007/03/01 11:53:12 | 000,073,728 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand] -- C:\Windows\system32\drivers\Tosrfhid.sys -- (Tosrfhid)
DRV - [2007/02/22 14:56:24 | 000,113,920 | ---- | M] (TOSHIBA CORPORATION) [Kernel | On_Demand] -- C:\Windows\system32\drivers\tosrfbd.sys -- (tosrfbd)
DRV - [2007/02/01 03:38:54 | 000,033,792 | ---- | M] (KM Software Team) [Kernel | On_Demand] -- C:\Windows\system32\drivers\qkbfiltr.sys -- (qkbfiltr)
DRV - [2007/01/29 20:20:04 | 000,361,728 | R--- | M] (eMPIA Technology, Inc.) [Kernel | On_Demand] -- C:\Windows\system32\drivers\emBDA.sys -- (USB28xxBGA)
DRV - [2007/01/29 20:19:48 | 000,039,680 | R--- | M] (eMPIA Technology, Inc.) [Kernel | On_Demand] -- C:\Windows\system32\drivers\emOEM.sys -- (USB28xxOEM)
DRV - [2007/01/22 05:43:26 | 000,053,376 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand] -- C:\Windows\system32\drivers\TosRfSnd.sys -- (TosRfSnd)
DRV - [2006/11/22 12:35:00 | 000,982,272 | ---- | M] (Motorola Inc.) [Kernel | On_Demand] -- C:\Windows\system32\drivers\smserial.sys -- (smserial)
DRV - [2006/11/20 12:55:16 | 000,036,480 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand] -- C:\Windows\system32\drivers\tosrfbnp.sys -- (tosrfbnp)
DRV - [2006/10/10 14:33:00 | 000,041,600 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand] -- C:\Windows\system32\drivers\tosporte.sys -- (tosporte)
DRV - [2006/09/19 08:28:00 | 000,036,608 | R--- | M] (Infineon Technologies AG) [Kernel | On_Demand] -- C:\Windows\system32\drivers\ifxtpm.sys -- (IFXTPM)
DRV - [2006/07/06 21:44:00 | 000,168,448 | ---- | M] (Texas Instruments) [Kernel | On_Demand] -- C:\Windows\system32\drivers\tifm21.sys -- (tifm21)
DRV - [2006/06/16 09:40:56 | 000,193,120 | ---- | M] (Synaptics, Inc.) [Kernel | On_Demand] -- C:\Windows\system32\drivers\SynTP.sys -- (SynTP)
DRV - [2006/02/28 08:00:00 | 000,032,640 | ---- | M] (LSI Logic) [Kernel | Boot] -- C:\Windows\system32\drivers\symc8xx.sys -- (symc8xx)
DRV - [2006/02/28 08:00:00 | 000,030,688 | ---- | M] (LSI Logic) [Kernel | Boot] -- C:\Windows\system32\drivers\sym_u3.sys -- (sym_u3)
DRV - [2005/08/01 11:45:00 | 000,064,896 | ---- | M] (TOSHIBA Corporation) [Kernel | System] -- C:\Windows\system32\drivers\tosrfcom.sys -- (Tosrfcom)
DRV - [2005/04/04 10:25:00 | 000,015,340 | ---- | M] (NT Kernel Resources) [Kernel | Boot] -- C:\WINDOWS\System32\drivers\ndisrd.sys -- (ndisrd)
DRV - [2005/01/07 12:07:18 | 000,138,752 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand] -- C:\Windows\system32\drivers\Hdaudbus.sys -- (HDAudBus)
DRV - [2005/01/06 08:42:00 | 000,018,612 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand] -- C:\Windows\system32\drivers\tosrfnds.sys -- (tosrfnds)
DRV - [2004/08/03 18:10:14 | 000,015,360 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\system32\drivers\MPE.sys -- (MPE)
DRV - [2004/08/03 18:07:56 | 000,059,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\system32\drivers\USBAUDIO.sys -- (usbaudio) USB-Audiotreiber (WDM)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
 
 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
IE - HKU\***_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = MSN, Messenger und Hotmail sowie Nachrichten, Unterhaltung, Video, Sport, Lifestyle, Finanzen, Auto uvm. bei MSN
IE - HKU\***_ON_C\..\URLSearchHook:  - Reg Error: Key error. File not found
IE - HKU\***_ON_C\..\URLSearchHook: {266fcdca-7bb3-4da7-b3bf-f845dea2ebd6} - C:\Programme\IsoBuster\tbIso0.dll File not found
IE - HKU\***_ON_C\..\URLSearchHook: {4596013b-6c31-408b-a266-deae5c086dc2} - C:\Programme\Share_Accelerator_MM\tbSha1.dll (Conduit Ltd.)
IE - HKU\***_ON_C\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Programme\ICQ6Toolbar\ICQToolBar.dll (ICQ)
IE - HKU\***_ON_C\..\URLSearchHook: {dac6ed64-8dd1-4ab8-aedf-b97892d28ffe} - C:\Programme\Multi_Media_Germany\tbMult.dll (Conduit Ltd.)
IE - HKU\***_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1
IE - HKU\***_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>
IE - HKU\***_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:6522
 
 
 
IE - HKU\***_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = MSN, Messenger und Hotmail sowie Nachrichten, Unterhaltung, Video, Sport, Lifestyle, Finanzen, Auto uvm. bei MSN
IE - HKU\***_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
IE - HKU\***_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 34 29 93 1C 67 97 CA 01  [binary data]
IE - HKU\***_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
FF - HKLM\software\mozilla\Firefox\extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\Programme\Real\RealPlayer\browserrecord [2009/05/18 04:43:44 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.11\extensions\\Components: C:\Programme\Mozilla Firefox\components [2010/06/23 16:40:48 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.11\extensions\\Plugins: C:\Programme\Mozilla Firefox\plugins [2010/06/23 16:40:48 | 000,000,000 | ---D | M]
 
[2010/08/30 06:36:16 | 000,000,000 | ---D | M] -- C:\Programme\Mozilla Firefox\extensions
[2009/08/15 17:40:43 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
[2008/03/15 09:56:14 | 000,001,392 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\amazondotcom-de.xml
[2008/10/13 14:34:40 | 000,002,344 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\eBay-de.xml
[2008/02/19 10:40:48 | 000,006,805 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\leo_ende_de.xml
[2006/12/03 11:59:22 | 000,000,986 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\wikipedia-de.xml
[2006/11/17 07:19:24 | 000,000,801 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2006/02/28 08:00:00 | 000,000,820 | ---- | M]) - C:\Windows\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1      localhost
O2 - BHO: (XTTBPos00 Class) - {055FD26D-3A88-4e15-963D-DC8493744B1D} - C:\Programme\ICQToolbar\toolbaru.dll (ICQ Inc.)
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (AskBar BHO) - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Programme\AskBarDis\bar\bin\askBar.dll (Ask.com)
O2 - BHO: (IsoBuster Toolbar) - {266fcdca-7bb3-4da7-b3bf-f845dea2ebd6} - C:\Programme\IsoBuster\tbIso0.dll File not found
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Programme\Real\RealPlayer\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (Share Accelerator MM Toolbar) - {4596013b-6c31-408b-a266-deae5c086dc2} - C:\Programme\Share_Accelerator_MM\tbSha1.dll (Conduit Ltd.)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Programme\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O2 - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programme\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll (Google Inc.)
O2 - BHO: (Google Dictionary Compression sdch) - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Programme\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll (Google Inc.)
O2 - BHO: (Multi Media Germany Toolbar) - {dac6ed64-8dd1-4ab8-aedf-b97892d28ffe} - C:\Programme\Multi_Media_Germany\tbMult.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Veoh Web Player Video Finder) - {0FBB9689-D3D7-4f7a-A2E2-585B10099BFC} - C:\Programme\Veoh Networks\VeohWebPlayer\VeohIEToolbar.dll File not found
O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Programme\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (IsoBuster Toolbar) - {266fcdca-7bb3-4da7-b3bf-f845dea2ebd6} - C:\Programme\IsoBuster\tbIso0.dll File not found
O3 - HKLM\..\Toolbar: (Ask Toolbar) - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Programme\AskBarDis\bar\bin\askBar.dll (Ask.com)
O3 - HKLM\..\Toolbar: (Share Accelerator MM Toolbar) - {4596013b-6c31-408b-a266-deae5c086dc2} - C:\Programme\Share_Accelerator_MM\tbSha1.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Veoh Video Compass) - {52836EB0-631A-47B1-94A6-61F9D9112DAE} - C:\Programme\Veoh Networks\Veoh Video Compass\SearchRecsPlugin.dll File not found
O3 - HKLM\..\Toolbar: (ICQToolBar) - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Programme\ICQ6Toolbar\ICQToolBar.dll (ICQ)
O3 - HKLM\..\Toolbar: (Multi Media Germany Toolbar) - {dac6ed64-8dd1-4ab8-aedf-b97892d28ffe} - C:\Programme\Multi_Media_Germany\tbMult.dll (Conduit Ltd.)
O3 - HKU\***_ON_C\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Programme\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKU\***_ON_C\..\Toolbar\WebBrowser: (IsoBuster Toolbar) - {266FCDCA-7BB3-4DA7-B3BF-F845DEA2EBD6} - C:\Programme\IsoBuster\tbIso0.dll File not found
O3 - HKU\***_ON_C\..\Toolbar\WebBrowser: (Share Accelerator MM Toolbar) - {4596013B-6C31-408B-A266-DEAE5C086DC2} - C:\Programme\Share_Accelerator_MM\tbSha1.dll (Conduit Ltd.)
O3 - HKU\***_ON_C\..\Toolbar\WebBrowser: (ICQToolBar) - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Programme\ICQ6Toolbar\ICQToolBar.dll (ICQ)
O3 - HKU\***_ON_C\..\Toolbar\WebBrowser: (Multi Media Germany Toolbar) - {DAC6ED64-8DD1-4AB8-AEDF-B97892D28FFE} - C:\Programme\Multi_Media_Germany\tbMult.dll (Conduit Ltd.)
O3 - HKU\***_ON_C\..\Toolbar\ShellBrowser: (Share Accelerator MM Toolbar) - {4596013B-6C31-408B-A266-DEAE5C086DC2} - C:\Programme\Share_Accelerator_MM\tbSha1.dll (Conduit Ltd.)
O3 - HKU\***_ON_C\..\Toolbar\ShellBrowser: (Multi Media Germany Toolbar) - {DAC6ED64-8DD1-4AB8-AEDF-B97892D28FFE} - C:\Programme\Multi_Media_Germany\tbMult.dll (Conduit Ltd.)
O3 - HKU\***_ON_C\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Programme\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKU\***_ON_C\..\Toolbar\WebBrowser: (IsoBuster Toolbar) - {266FCDCA-7BB3-4DA7-B3BF-F845DEA2EBD6} - C:\Programme\IsoBuster\tbIso0.dll File not found
O3 - HKU\***_ON_C\..\Toolbar\WebBrowser: (Ask Toolbar) - {3041D03E-FD4B-44E0-B742-2D9B88305F98} - C:\Programme\AskBarDis\bar\bin\askBar.dll (Ask.com)
O3 - HKU\***_ON_C\..\Toolbar\WebBrowser: (Share Accelerator MM Toolbar) - {4596013B-6C31-408B-A266-DEAE5C086DC2} - C:\Programme\Share_Accelerator_MM\tbSha1.dll (Conduit Ltd.)
O3 - HKU\***_ON_C\..\Toolbar\WebBrowser: (Multi Media Germany Toolbar) - {DAC6ED64-8DD1-4AB8-AEDF-B97892D28FFE} - C:\Programme\Multi_Media_Germany\tbMult.dll (Conduit Ltd.)
O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\ALCMTR.EXE (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [AppleSyncNotifier] C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\AppleSyncNotifier.exe (Apple Inc.)
O4 - HKLM..\Run: [asmcoxenwr.tmp] C:\DOKUME~1\***\LOKALE~1\Temp\asmcoxenwr.tmp File not found
O4 - HKLM..\Run: [avgnt] C:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [BluetoothAuthenticationAgent] C:\WINDOWS\System32\bthprops.cpl (Microsoft Corporation)
O4 - HKLM..\Run: [BrMfcWnd] C:\Programme\Brother\Brmfcmon\BrMfcWnd.exe (Brother Industries, Ltd.)
O4 - HKLM..\Run: [ContentTransferWMDetector.exe] C:\Programme\Sony\Content Transfer\ContentTransferWMDetector.exe (Sony Corporation)
O4 - HKLM..\Run: [ControlCenter3] C:\Programme\Brother\ControlCenter3\brctrcen.exe (Brother Industries, Ltd.)
O4 - HKLM..\Run: [EPGServiceTool] C:\Programme\WinTV\EPG Services\System\EPGClient.exe (Hauppauge Inc.)
O4 - HKLM..\Run: [HCWemmon] C:\WINDOWS\HCWemmon.exe (eMPIA Technology, Inc.)
O4 - HKLM..\Run: [IAAnotif] C:\Programme\Intel\Intel Matrix Storage Manager\Iaanotif.exe (Intel Corporation)
O4 - HKLM..\Run: [IndexSearch] C:\Programme\ScanSoft\PaperPort\IndexSearch.exe (Nuance Communications, Inc.)
O4 - HKLM..\Run: [Kernel and Hardware Abstraction Layer] C:\WINDOWS\KHALMNPR.Exe (Logitech Inc.)
O4 - HKLM..\Run: [Keyboard Manager Utility] C:\Programme\Keyboard Manager\Manager Utility\KeyboardManager.exe (Quanta Computer, INC.)
O4 - HKLM..\Run: [LanguageShortcut] C:\Programme\CyberLink\PowerDVD\Language\Language.exe ()
O4 - HKLM..\Run: [NeroFilterCheck] C:\Programme\Gemeinsame Dateien\Ahead\Lib\NeroCheck.exe (Nero AG)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe ()
O4 - HKLM..\Run: [PaperPort PTD] C:\Programme\ScanSoft\PaperPort\pptd40nt.exe (Nuance Communications, Inc.)
O4 - HKLM..\Run: [PPort11reminder] C:\Programme\ScanSoft\PaperPort\Ereg\Ereg.exe (Nuance Communications, Inc.)
O4 - HKLM..\Run: [SMSERIAL] C:\Programme\Motorola\SMSERIAL\sm56hlpr.exe (Motorola Inc.)
O4 - HKLM..\Run: [SSBkgdUpdate] C:\Programme\Gemeinsame Dateien\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe (Nuance Communications, Inc.)
O4 - HKLM..\Run: [SynTPEnh] C:\Programme\Synaptics\SynTP\SynTPEnh.exe File not found
O4 - HKLM..\Run: [TkBellExe] C:\Programme\Gemeinsame Dateien\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [vucfcbae] C:\Dokumente und Einstellungen\Dominik\Lokale Einstellungen\Anwendungsdaten\bvuiqndun\cvoooakshdw.exe ()
O4 - HKU\***_ON_C..\Run: [BitTorrent DNA] C:\Programme\DNA\btdna.exe (BitTorrent, Inc.)
O4 - HKU\Dominik_ON_C..\Run: [mediafix70700en02.exe] C:\Dokumente und Einstellungen\Dominik\Anwendungsdaten\12CE49A3EB6D40E91B78314BBC4CE4F6\mediafix70700en02.exe (_ON_C..\Run: [NCLaunch] C:\Windows\NCLAUNCH.EXe (Northcode Inc.)
O4 - HKU\***_ON_C..\Run: [Sony Ericsson PC Suite] C:\Programme\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe (Sony Ericsson Mobile Communications AB)
O4 - HKU\***_ON_C..\Run: [Steam] C:\Programme\Steam\Steam.exe (Valve Corporation)
_ON_C..\Run: [swg] C:\Programme\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
O4 - HKU\***_ON_C..\Run: [VeohPlugin] C:\Programme\Veoh Networks\VeohWebPlayer\veohwebplayer.exe File not found
O4 - HKU***_ON_C..\Run: [vucfcbae] C:\Dokumente und Einstellungen\Dominik\Lokale Einstellungen\Anwendungsdaten\bvuiqndun\cvoooakshdw.exe ()
O4 - HKU\***_ON_C..\Run: [ygekcce] c:\dokumente und einstellungen\dominik\lokale einstellungen\anwendungsdaten\ygekcce.exe File not found
O4 - HKU\***_ON_C..\Run: [swg] C:\Programme\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\AutoStart IR.lnk = C:\Programme\WinTV\Ir.exe (Hauppauge Computer Works)
O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\Bluetooth Manager.lnk = C:\Programme\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe (TOSHIBA CORPORATION.)
O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\HP Photosmart Premier – Schnellstart.lnk = C:\Programme\HP\Digital Imaging\bin\hpqthb08.exe (Hewlett-Packard Development Company, L.P.)
O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\Logitech SetPoint.lnk = C:\Programme\Logitech\SetPoint\SetPoint.exe (Logitech Inc.)
O4 - Startup: C:\Dokumente und Einstellungen\***\Startmenü\Programme\Autostart\Antimalware Doctor.lnk = C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\12CE49A3EB6D40E91B78314BBC4CE4F6\mediafix70700en02.exe File not found
O4 - Startup: C:\Dokumente und Einstellungen\***\Startmenü\Programme\Autostart\Zapu Acceleration Engine.lnk = C:\Programme\Zapu\Zapu\wincm.exe (IPortent)
O4 - Startup: C:\Dokumente und Einstellungen\***\Startmenü\Programme\Autostart\Zapu.lnk = C:\Programme\Zapu\Zapu\wDivi.exe (IPortent)
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\Administrator_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\***_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\LocalService_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\NetworkService_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\***_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9 - Extra Button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Programme\ICQ6.5\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Programme\ICQ6.5\ICQ.exe (ICQ, LLC.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} hxxp://download.microsoft.com/download/C/0/C/C0CBBA88-A6F2-48D9-9B0E-1719D1177202/LegitCheckControl.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} hxxp://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1198241952502 (WUWebControl Class)
O16 - DPF: {7E980B9B-8AE5-466A-B6D6-DA8CF814E78A} hxxp://icq.oberon-media.com/online//online2/luxor/mjolauncher.cab (MJLauncherCtrl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_10-windows-i586.cab (Java Plug-in 1.6.0_10)
O16 - DPF: {CAFEEFAC-0016-0000-0010-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_10-windows-i586.cab (Java Plug-in 1.6.0_10)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_10-windows-i586.cab (Java Plug-in 1.6.0_10)
O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} hxxp://wwwimages.adobe.com/www.adobe.com/products/acrobat/nos/gp.cab (get_atlcom Class)
O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} hxxp://games.icq.com/online/online2/zuma/popcaploader_v6.cab (PopCapLoader Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Web Components\10\OWC10.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Web Components\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Gemeinsame Dateien\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18 - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O24 - Desktop Components:0 (Die derzeitige Homepage) - About:Home
O24 - Desktop WallPaper: C:\Windows\Web\Wallpaper\Grüne Idylle.bmp
O24 - Desktop BackupWallPaper: C:\Windows\Web\Wallpaper\Grüne Idylle.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/03/24 07:06:41 | 000,000,053 | R--- | M] () - X:\AUTORUN.INF -- [ CDFS ]
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
========== Files/Folders - Created Within 30 Days ==========
 
[2010/08/30 03:55:56 | 000,000,000 | R--D | C] -- C:\Dokumente und Einstellungen\LocalService\Favoriten
[2010/08/30 03:53:28 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\***\Lokale Einstellungen\Anwendungsdaten\bvuiqndun
[2010/08/30 03:52:05 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\***\Lokale Einstellungen\Anwendungsdaten\Windows Server
[2010/08/30 03:52:00 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\12CE49A3EB6D40E91B78314BBC4CE4F6
[2010/08/13 18:11:11 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\Anwendungsdaten\Temp
[2008/07/15 15:12:04 | 023,766,320 | ---- | C] (Apple Inc.) -- C:\Programme\QuickTimeInstaller.exe
[2008/04/23 08:28:47 | 059,782,440 | ---- | C] (Apple Inc.) -- C:\Programme\iTunesSetup.exe
[2006/02/18 22:28:56 | 000,012,288 | ---- | C] (Hewlett-Packard Development Company, L.P.) -- C:\Windows\Fonts\RandFont.dll
[3 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[22 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2010/08/30 09:42:15 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010/08/30 09:42:10 | 2145,767,424 | -HS- | M] () -- C:\hiberfil.sys
[2010/08/30 06:48:00 | 000,001,088 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2010/08/30 06:28:00 | 000,001,044 | ---- | M] () -- C:\WINDOWS\tasks\Google Software Updater.job
[2010/08/30 05:04:13 | 000,002,843 | ---- | M] () -- C:\zrpt.xml
[2010/08/30 03:55:11 | 000,138,272 | ---- | M] () -- C:\WINDOWS\System32\drivers\qcfc8bf.sys
[2010/08/30 03:54:44 | 000,159,264 | ---- | M] () -- C:\WINDOWS\System32\_tmpf
[2010/08/30 03:52:59 | 000,001,239 | ---- | M] () -- C:\Dokumente und Einstellungen\***\Startmenü\Programme\Autostart\Antimalware Doctor.lnk
[2010/08/30 03:52:59 | 000,001,227 | ---- | M] () -- C:\Dokumente und Einstellungen\***\Desktop\Antimalware Doctor.lnk
[2010/08/30 03:52:59 | 000,001,207 | ---- | M] () -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Microsoft\Internet Explorer\Quick Launch\Antimalware Doctor.lnk
[2010/08/30 03:18:41 | 000,001,084 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2010/08/30 03:16:50 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010/08/29 18:32:48 | 008,126,464 | -H-- | M] () -- C:\Dokumente und Einstellungen\***\NTUSER.DAT
[2010/08/29 18:32:48 | 000,237,568 | -H-- | M] () -- C:\Dokumente und Einstellungen\NetworkService\NTUSER.DAT
[2010/08/29 18:32:48 | 000,237,568 | -H-- | M] () -- C:\Dokumente und Einstellungen\LocalService\NTUSER.DAT
[2010/08/29 18:32:41 | 000,000,012 | ---- | M] () -- C:\WINDOWS\bthservsdp.dat
[2010/08/29 18:32:00 | 000,024,064 | ---- | M] () -- C:\Dokumente und Einstellungen\***\Eigene Dateien\Apocalyptica end of me.doc
[2010/08/29 12:00:00 | 000,000,396 | ---- | M] () -- C:\WINDOWS\tasks\Norton Security Scan for Dominik.job
[2010/08/29 06:43:10 | 000,002,509 | ---- | M] () -- C:\Dokumente und Einstellungen\***\Desktop\Microsoft Office Word 2003.lnk
[2010/08/29 05:44:37 | 000,002,607 | ---- | M] () -- C:\Dokumente und Einstellungen\***\Desktop\Microsoft Office Outlook 2003.lnk
[2010/08/28 10:19:30 | 000,002,545 | ---- | M] () -- C:\Dokumente und Einstellungen\***\Desktop\Microsoft Office PowerPoint 2003.lnk
[2010/08/28 09:26:50 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[3 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[22 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2010/08/30 03:55:11 | 000,138,272 | ---- | C] () -- C:\WINDOWS\System32\drivers\qcfc8bf.sys
[2010/08/30 03:54:42 | 000,159,264 | ---- | C] () -- C:\WINDOWS\System32\_tmpf
[2010/08/30 03:53:17 | 000,002,843 | ---- | C] () -- C:\zrpt.xml
[2010/08/30 03:52:59 | 000,001,239 | ---- | C] () -- C:\Dokumente und Einstellungen\***\Startmenü\Programme\Autostart\Antimalware Doctor.lnk
[2010/08/30 03:52:59 | 000,001,227 | ---- | C] () -- C:\Dokumente und Einstellungen\***\Desktop\Antimalware Doctor.lnk
[2010/08/30 03:52:59 | 000,001,207 | ---- | C] () -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Microsoft\Internet Explorer\Quick Launch\Antimalware Doctor.lnk
[2010/08/29 18:31:59 | 000,024,064 | ---- | C] () -- C:\Dokumente und Einstellungen\***\Eigene Dateien\Apocalyptica end of me.doc
[2009/12/25 13:19:31 | 000,000,425 | ---- | C] () -- C:\WINDOWS\BRWMARK.INI
[2009/12/25 13:19:04 | 000,106,496 | ---- | C] () -- C:\WINDOWS\System32\BrMuSNMP.dll
[2009/12/25 13:15:27 | 000,031,864 | ---- | C] () -- C:\WINDOWS\maxlink.ini
[2009/10/16 13:34:53 | 000,000,760 | ---- | C] () -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\setup_ldm.iss
[2009/10/12 16:38:30 | 000,000,016 | -H-- | C] () -- C:\Dokumente und Einstellungen\***\mxfilerelatedcache.mxc2
[2009/10/03 12:34:15 | 000,006,144 | ---- | C] () -- C:\Dokumente und Einstellungen\***\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/09/09 15:09:05 | 000,000,143 | ---- | C] () -- C:\Dokumente und Einstellungen\***\Lokale Einstellungen\Anwendungsdaten\fusioncache.dat
[2009/09/09 15:08:51 | 001,572,864 | -H-- | C] () -- C:\Dokumente und Einstellungen\Sono Bello\NTUSER.DAT
[2009/09/09 15:08:51 | 000,008,192 | -H-- | C] () -- C:\Dokumente und Einstellungen\***\ntuser.dat.LOG
[2009/09/09 15:08:51 | 000,000,190 | -HS- | C] () -- C:\Dokumente und Einstellungen\***\ntuser.ini
[2009/06/16 11:05:41 | 000,000,020 | ---- | C] () -- C:\WINDOWS\Crocclip.INI
[2009/05/28 08:07:25 | 000,000,910 | ---- | C] () -- C:\WINDOWS\cdplayer.ini
[2009/05/05 13:24:52 | 000,000,016 | -H-- | C] () -- C:\Programme\mxfilerelatedcache.mxc2
[2009/05/05 13:24:52 | 000,000,016 | -H-- | C] () -- C:\Dokumente und Einstellungen\***\mxfilerelatedcache.mxc2
[2009/05/05 13:24:52 | 000,000,016 | -H-- | C] () -- C:\Dokumente und Einstellungen\Administrator\mxfilerelatedcache.mxc2
[2009/04/04 15:52:05 | 000,313,542 | ---- | C] () -- C:\Dokumente und Einstellungen\***\Lokale Einstellungen\Anwendungsdaten\ygekcce_nav.dat
[2009/04/04 15:52:05 | 000,003,105 | ---- | C] () -- C:\Dokumente und Einstellungen\***\Lokale Einstellungen\Anwendungsdaten\ygekcce.dat
[2009/04/04 15:52:05 | 000,001,266 | ---- | C] () -- C:\Dokumente und Einstellungen\***\Lokale Einstellungen\Anwendungsdaten\ygekcce_navps.dat
[2008/11/04 12:30:52 | 002,100,210 | ---- | C] () -- C:\Dokumente und Einstellungen\***\ProductContextC5100.log
[2008/10/29 18:10:11 | 000,077,824 | R--- | C] () -- C:\WINDOWS\System32\HPZIDS01.dll
[2008/05/12 07:04:37 | 000,000,111 | ---- | C] () -- C:\Dokumente und Einstellungen\***\default.pls
[2008/04/22 12:18:48 | 000,879,872 | ---- | C] () -- C:\Programme\Google_Updater.exe
[2008/04/20 13:16:22 | 000,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2008/04/20 08:07:10 | 001,440,047 | ---- | C] () -- C:\Programme\wrar371d.exe
[2008/04/14 07:35:56 | 000,000,098 | ---- | C] () -- C:\WINDOWS\WirelessFTP.INI
[2008/04/13 17:02:51 | 000,000,029 | ---- | C] () -- C:\WINDOWS\coolacm.ini
[2008/04/13 17:01:18 | 000,000,037 | ---- | C] () -- C:\WINDOWS\coolmp3.ini
[2008/04/13 17:01:18 | 000,000,029 | ---- | C] () -- C:\WINDOWS\wordpad.ini
[2008/04/13 17:01:17 | 000,000,000 | ---- | C] () -- C:\WINDOWS\COOLSYS.INI
[2008/04/13 17:01:16 | 000,010,677 | ---- | C] () -- C:\WINDOWS\coolkb2k.ini
[2008/04/13 17:00:41 | 000,000,029 | ---- | C] () -- C:\WINDOWS\winzip32.ini
[2008/04/13 16:59:28 | 000,007,232 | ---- | C] () -- C:\WINDOWS\COOL.INI
[2008/04/13 05:57:33 | 000,000,000 | ---- | C] () -- C:\WINDOWS\musicmaker.INI
[2008/04/13 05:43:05 | 000,038,912 | ---- | C] () -- C:\WINDOWS\System32\mgxasio.dll
[2008/04/13 05:39:34 | 000,006,642 | ---- | C] () -- C:\WINDOWS\mgxoschk.ini
[2008/04/09 15:58:24 | 000,000,112 | ---- | C] () -- C:\WINDOWS\ActiveSkin.INI
[2008/01/03 15:23:21 | 000,000,030 | ---- | C] () -- C:\WINDOWS\System32\UNWISE.INI
[2008/01/03 15:22:44 | 000,000,399 | ---- | C] () -- C:\WINDOWS\vtplus32.ini
[2008/01/03 15:22:38 | 000,032,135 | ---- | C] () -- C:\WINDOWS\Irremote.ini
[2008/01/03 15:22:30 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\dmcrypto.dll
[2008/01/03 15:22:08 | 000,159,744 | ---- | C] () -- C:\WINDOWS\System32\hcwChDB.dll
[2008/01/03 15:19:44 | 000,002,120 | ---- | C] () -- C:\WINDOWS\HCWPNP.INI
[2008/01/03 15:18:28 | 000,040,960 | R--- | C] () -- C:\WINDOWS\System32\bdadll.dll
[2008/01/03 15:18:18 | 000,363,520 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2007/12/25 11:54:04 | 000,000,864 | ---- | C] () -- C:\Dokumente und Einstellungen\***\reglog.txt
[2007/12/25 08:03:20 | 000,083,968 | ---- | C] () -- C:\Dokumente und Einstellungen\***\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2007/12/24 19:29:39 | 000,000,000 | ---- | C] () -- C:\WINDOWS\iPlayer.INI
[2007/12/23 06:48:12 | 000,000,507 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2007/12/23 06:45:50 | 000,000,000 | ---- | C] () -- C:\WINDOWS\tosOBEX.INI
[2007/12/21 09:17:32 | 000,000,140 | ---- | C] () -- C:\Dokumente und Einstellungen\***\Lokale Einstellungen\Anwendungsdaten\fusioncache.dat
[2007/12/21 08:14:18 | 008,126,464 | -H-- | C] () -- C:\Dokumente und Einstellungen\***\NTUSER.DAT
[2007/12/21 08:14:18 | 000,016,384 | -H-- | C] () -- C:\Dokumente und Einstellungen\***\ntuser.dat.LOG
[2007/12/21 08:14:18 | 000,000,300 | -HS- | C] () -- C:\Dokumente und Einstellungen\***\ntuser.ini
[2007/12/05 09:49:26 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2007/12/05 09:42:47 | 000,000,190 | -HS- | C] () -- C:\Dokumente und Einstellungen\Administrator\ntuser.ini
[2007/12/05 09:42:46 | 000,786,432 | -H-- | C] () -- C:\Dokumente und Einstellungen\Administrator\NTUSER.DAT
[2007/12/05 09:42:46 | 000,106,496 | -H-- | C] () -- C:\Dokumente und Einstellungen\Administrator\ntuser.dat.LOG
[2007/12/05 09:40:56 | 000,237,568 | -H-- | C] () -- C:\Dokumente und Einstellungen\NetworkService\NTUSER.DAT
[2007/12/05 09:40:56 | 000,237,568 | -H-- | C] () -- C:\Dokumente und Einstellungen\LocalService\NTUSER.DAT
[2007/12/05 09:40:56 | 000,008,192 | -H-- | C] () -- C:\Dokumente und Einstellungen\NetworkService\ntuser.dat.LOG
[2007/12/05 09:40:56 | 000,008,192 | -H-- | C] () -- C:\Dokumente und Einstellungen\LocalService\ntuser.dat.LOG
[2007/12/05 09:40:56 | 000,000,020 | -HS- | C] () -- C:\Dokumente und Einstellungen\NetworkService\ntuser.ini
[2007/12/05 09:40:56 | 000,000,020 | -HS- | C] () -- C:\Dokumente und Einstellungen\LocalService\ntuser.ini
[2007/12/05 09:32:28 | 001,019,904 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll
[2007/12/05 09:32:27 | 001,703,936 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll
[2007/12/05 09:32:25 | 000,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll
[2007/12/05 09:32:23 | 001,474,560 | ---- | C] () -- C:\WINDOWS\System32\nview.dll
[2007/12/05 09:31:50 | 000,172,032 | ---- | C] () -- C:\WINDOWS\System32\tifmicon.dll
[2007/12/05 09:31:44 | 000,000,998 | ---- | C] () -- C:\WINDOWS\System32\OemInfo.ini
[2007/12/05 09:31:27 | 000,262,144 | ---- | C] () -- C:\Windows\system32\config\systemprofile\ntuser.dat
[2007/12/05 09:31:27 | 000,008,192 | -H-- | C] () -- C:\Windows\system32\config\systemprofile\ntuser.dat.LOG
[2007/12/05 09:30:53 | 000,000,849 | ---- | C] () -- C:\WINDOWS\orun32.ini
[2006/12/05 08:05:06 | 000,114,688 | ---- | C] () -- C:\WINDOWS\System32\TosBtAcc.dll
[2005/07/22 16:30:20 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\TosCommAPI.dll
[2003/02/20 12:53:42 | 000,005,702 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI
[2001/07/06 22:00:00 | 000,003,254 | ---- | C] () -- C:\WINDOWS\System32\HPTCPMON.INI
 
========== LOP Check ==========
 
[2010/08/30 06:39:38 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\P***\Anwendungsdaten\12CE49A3EB6D40E91B78314BBC4CE4F6
[2010/03/11 14:10:41 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Audacity
[2009/12/05 18:15:21 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Azureus
[2008/08/13 18:22:38 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\capella-software
[2010/08/30 06:38:58 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\DNA
[2008/11/03 07:25:12 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\ICQ
[2008/04/15 03:02:53 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\ICQ Toolbar
[2008/04/11 12:24:47 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Leadertech
[2008/04/13 05:57:40 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\MAGIX
[2009/10/23 09:57:53 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\NPLUTO Corporation
[2009/01/02 09:26:38 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\ProtectDisc
[2009/01/05 13:50:12 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Sony
[2009/05/18 05:50:01 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\streamripper
[2007/12/25 10:25:21 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\TOSHIBA
[2008/04/14 07:44:22 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Uniblue
[2009/10/08 06:39:57 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\ZapSpot
[2009/09/09 15:48:10 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\TOSHIBA
 
========== Purity Check ==========
 
 
< End of report >
--- --- ---

Swisstreasure 30.08.2010 16:55
Schritt 1

Programme deinstallieren

Da einige Programme und Anti-Spy-Programme uns u. U. bei der Bereinigung behindern (z. B. durch ständig laufende Hintergrundwächter), unnötig oder schädlich sind oder einfach nicht mehr gebraucht werden, bitte ich darum, die folgenden Programme über Systemsteuerung => Software komplett zu deinstallieren.
Code:
Antimalware Doctor
Berichte mir, falls sich ein Programm nicht deinstallieren lässt. Nach Beendigung der Bereinigung können wir schauen, welche davon Du wieder installieren kannst/sollest.


Fixen mit OTL
  • Starte die OTLPE.exe.
  • Vista und Windows 7 User: Rechtsklick auf die OTL.exe und "als Administrator ausführen" wählen.
  • Kopiere folgendes Skript:

WICHTIG: Alle XXX durch den richtigen Namen ersetzen im Script!
Code:
:OTL
DRV - [2010/08/30 03:55:11 | 000,138,272 | ---- | M] () [Kernel | System] -- C:\WINDOWS\System32\drivers\qcfc8bf.sys -- (qcfc8bf)
IE - HKU\***_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:6522
O4 - Startup: C:\Dokumente und Einstellungen\***\Startmenü\Programme\Autostart\Antimalware Doctor.lnk = C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\12CE49A3EB6D40E91B78314BBC4CE4F6\mediafix70700en02.exe File not found
[2010/08/30 03:55:11 | 000,138,272 | ---- | C] () -- C:\WINDOWS\System32\drivers\qcfc8bf.sys
[2010/08/30 03:54:42 | 000,159,264 | ---- | C] () -- C:\WINDOWS\System32\_tmpf
[2010/08/30 03:53:17 | 000,002,843 | ---- | C] () -- C:\zrpt.xml
[2010/08/30 03:52:59 | 000,001,239 | ---- | C] () -- C:\Dokumente und Einstellungen\***\Startmenü\Programme\Autostart\Antimalware Doctor.lnk
[2010/08/30 03:52:59 | 000,001,227 | ---- | C] () -- C:\Dokumente und Einstellungen\***\Desktop\Antimalware Doctor.lnk
[2010/08/30 03:52:59 | 000,001,207 | ---- | C] () -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Microsoft\Internet Explorer\Quick Launch\Antimalware Doctor.lnk
:Commands
[purity]
[emptytemp]

Dendemann 30.08.2010 18:20
Ich konnte das Programm nicht deinstallieren und habe es nur gelöscht.
Nachdem ich auf Yes drücke, wenn er frägt, ob ich rebooten will passiert aber nichts. Soll ich selber neustarten?

Swisstreasure 30.08.2010 18:23
Also nach dem fix mit OTLPE?

Ja starte einmal neu und schau ob Du normalstarten kannst.

Dendemann 30.08.2010 19:19
Normal starten kann ich leider immer noch nicht aber ich hab den Bericht.


Code:
========== OTL ==========
Service\Driver key qcfc8bf not found.
File C:\WINDOWS\System32\drivers\qcfc8bf.sys not found.
Unable to set value : HKU\***_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyServer| /E!
File move failed. C:\Dokumente und Einstellungen\***\Startmenü\Programme\Autostart\Antimalware Doctor.lnk scheduled to be moved on reboot.
File C:\WINDOWS\System32\drivers\qcfc8bf.sys not found.
File C:\WINDOWS\System32\_tmpf not found.
File C:\zrpt.xml not found.
File C:\Dokumente und Einstellungen\***\Startmenü\Programme\Autostart\Antimalware Doctor.lnk not found.
File C:\Dokumente und Einstellungen\***\Desktop\Antimalware Doctor.lnk not found.
File C:\Dokumente und Einstellungen\***\Anwendungsdaten\Microsoft\Internet Explorer\Quick Launch\Antimalware Doctor.lnk not found.
========== COMMANDS ==========
 
[EMPTYTEMP]
 
User: Administrator
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
 
User: All Users
 
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes
 
User: ***
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 0 bytes
->Google Chrome cache emptied: 0 bytes
->Apple Safari cache emptied: 0 bytes
->Flash cache emptied: 0 bytes
 
User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
 
User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
 
User: ***
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes
 
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 0 bytes
 
Total Files Cleaned = 0.00 mb
 
 
OTLPE by OldTimer - Version 3.1.40.0 log created on 08302010_201526

Files\Folders moved on Reboot...
File\Folder C:\Dokumente und Einstellungen\***\Startmenü\Programme\Autostart\Antimalware Doctor.lnk not found!
File\Folder C:\Dokumente und Einstellungen\***\Startmenü\Programme\Autostart\Antimalware Doctor.lnk not found!

Registry entries deleted on Reboot...

Swisstreasure 30.08.2010 19:25
Hast Du die XXX vor dem Script ausführen durch den richtigen Namen ersetzt?

Mach einmal einen erneuten OTL Scan mit OTLPE.

Dendemann 30.08.2010 19:35
OTL EXTRAS Logfile:
Code:
OTL Extras logfile created on: 8/30/2010 10:29:18 PM - Run
OTLPE by OldTimer - Version 3.1.40.0    Folder = X:\Programs\OTLPE
Microsoft Windows XP Service Pack 2 (Version = 5.1.2600) - Type = SYSTEM
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
2.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 87.00% Memory free
2.00 Gb Paging File | 2.00 Gb Available in Paging File | 97.00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 77.63 Gb Total Space | 29.78 Gb Free Space | 38.36% Space Free | Partition Type: NTFS
Drive D: | 77.63 Gb Total Space | 59.77 Gb Free Space | 76.99% Space Free | Partition Type: NTFS
Drive E: | 77.62 Gb Total Space | 55.38 Gb Free Space | 71.34% Space Free | Partition Type: NTFS
Drive F: | 15.05 Gb Total Space | 13.96 Gb Free Space | 92.76% Space Free | Partition Type: FAT32
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Drive X: | 433.24 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
 
Computer Name: REATOGO
Current User Name: SYSTEM
Logged in as Administrator.
 
Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard
Using ControlSet: ControlSet001
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
 
========== Shell Spawning ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
htmlfile [edit] -- "C:\Programme\Microsoft Office\OFFICE11\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Programme\Microsoft Office\OFFICE11\msohtmed.exe" /p %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Programme\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" File not found
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Programme\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" File not found
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 1
"FirewallDisableNotify" = 1
"UpdatesDisableNotify" = 1
"AntiVirusOverride" = 0
"FirewallOverride" = 0
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
 
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
 
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
 
========== Authorized Applications List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
 
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Programme\CyberLink\PowerDVD\PowerDVD.exe" = C:\Programme\CyberLink\PowerDVD\PowerDVD.exe:*:Enabled:CyberLink PowerDVD -- (CyberLink Corp.)
 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{02570AE0-BEE0-4A6C-BE3F-D806E9F2EA17}" = ScanSoft PaperPort 11
"{0A65A3BD-54B5-4d0d-B084-7688507813F5}" = SlideShow
"{0CB9668D-F979-4F31-B8B8-67FE90F929F8}" = Bonjour
"{13F3917B56CD4C25848BDC69916971BB}" = DivX Converter
"{15C0AF59-4877-49B6-B8C6-A61CE54515F5}" = cp_OnlineProjectsConfig
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{18D10072035C4515918F7E37EAFAACFC}" = AutoUpdate
"{1A2000AF-79DE-47FB-8411-BA22F981917F}" = Tropico 2: Die Pirateninsel
"{1A9DEF19-760C-4e01-958F-D9B8E6C61B90}" = c5100_Help
"{1E06D48E-5448-4BCC-9F87-9FB4EBD59898}" = SA30xx Media Converter
"{2227E1FA-01F5-483C-AB0E-2A308E900B3D}" = InterVideo FilterSDK for Hauppauge
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{2376813B-2E5A-4641-B7B3-A0D5ADB55229}" = HPPhotoSmartExpress
"{26A24AE4-039D-4CA4-87B4-2F83216010FF}" = Java(TM) 6 Update 10
"{289CDCBA-1E82-460A-9DCA-E9FB6BAC1A42}" = SA30xx Device Manager
"{2BC2781A-F7F6-452E-95EB-018A522F1B2C}" = PaperPort Image Printer
"{2E8EAC71-BFE4-417A-88F0-5A1BDFBCF5D3}" = Logitech SetPoint
"{2F58D60D-2BFD-4467-9B4D-64E7355C329D}" = Sonic_PrimoSDK
"{2FFE93F0-BB72-4E52-8761-354D1AAA9387}" = Sony Ericsson PC Suite 6.009.00
"{33BF0960-DBA3-4187-B6CC-C969FCFA2D25}" = SkinsHP1
"{350C97B3-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{363790D2-DA98-41DD-9C9F-69FA36B169DE}" = PanoStandAlone
"{36FDBE6E-6684-462B-AE98-9A39A1B200CC}" = HP Product Assistant
"{3D9892BB-A751-4E48-ADC8-E4289956CE1D}" = QuickTime
"{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}" = Logitech Registration
"{3FC7CBBC4C1E11DCA1A752EA55D89593}" = DivX Version Checker
"{41E776A5-9B12-416D-9A12-B4F7B044EBED}" = CP_Package_Basic1
"{45B8A76B-57EC-4242-B019-066400CD8428}" = BufferChm
"{4B9919E4-6E86-485A-82CC-4E353B221031}" = Nero 7 Essentials
"{4EA2F95F-A537-4d17-9E7F-6B3FF8D9BBE3}" = Microsoft Works
"{4EA684E9-5C81-4033-A696-3019EC57AC3A}" = HPProductAssistant
"{53EE9E42-CECB-4C92-BF76-9CA65DAF8F1C}" = FullDPAppQFolder
"{56918C0C-0D87-4CA6-92BF-4975A43AC719}" = KhalInstallWrapper
"{606BC780-101C-41DB-808D-4539BFA0774A}" = MobileMe Control Panel
"{60DE4033-9503-48D1-A483-7846BD217CA9}" = ICQ6.5
"{66910000-8B30-4973-A159-6371345AFFA5}" = WebReg
"{6696D9A4-28A8-4F5A-8E9A-2E8974C8C39C}" = RandMap
"{66E6CE0C-5A1E-430C-B40A-0C90FF1804A8}" = eSupportQFolder
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD
"{68763C27-235D-4165-A961-FDEA228CE504}" = AiOSoftwareNPI
"{6909F917-5499-482e-9AA1-FAD06A99F231}" = Toolbox
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{6BF66AED-3EA4-4106-B240-5CE96C9B76B0}" = Brother MFL-Pro Suite DCP-375CW
"{6F5E2F4A-377D-4700-B0E3-8F7F7507EA15}" = CustomerResearchQFolder
"{7131646D-CD3C-40F4-97B9-CD9E4E6262EF}" = Microsoft .NET Framework 2.0
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{736C803C-DD3B-4015-BC51-AFB9E67B9076}" = Readme
"{767CC44C-9BBC-438D-BAD3-FD4595DD148B}" = VC80CRTRedist - 8.0.50727.762
"{76E41F43-59D2-4F30-BA42-9A762EE1E8DE}" = Avanquest update
"{7B3F0113-E63C-4D6D-AF19-111A3165CCA2}" = Text-To-Speech-Runtime
"{7B63B2922B174135AFC0E1377DD81EC2}" = DivX Codec
"{7C03270C-4FAB-4F5C-B10D-52FEDA190790}" = DocumentViewerQFolder
"{7E7B7865-6C80-4373-8BC1-C2EB9431F9DE}" = ProductContextNPI
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110111700}" = Zuma Deluxe
"{8331C3EA-0C91-43AA-A4D4-27221C631139}" = Status
"{85991ED2-010C-4930-96FA-52F43C2CE98A}" = Apple Mobile Device Support
"{87E2B986-07E8-477a-93DC-AF0B6758B192}" = DocProcQFolder
"{8937FCB2-2FC6-4FC3-9FB5-DE2C92DB9C38}" = Microsoft .NET Framework 2.0 Language Pack - DEU
"{8A4CE7FD-9657-4B06-9943-E1819F3D5D67}" = DocProc
"{8ADFC4160D694100B5B8A22DE9DCABD9}" = DivX Player
"{8CC990CD-87C8-475C-AC32-8A7984E2FCFA}" = CDDRV_Installer
"{8CE4E6E9-9D55-43FB-9DDB-688C976BFC05}" = Unload
"{8D04F5C2-704D-4DB8-84FF-22300783D7F8}" = capella 2008
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel(R) Matrix Storage Manager
"{90850407-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Word Viewer 2003
"{91E30407-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{981029E0-7FC9-4CF3-AB39-6F133621921A}" = Skype Toolbars
"{98EA51C9-B0B0-45BC-8641-3E119EA47D7B}" = Sony Ericsson Media Manager 1.2
"{996512CF-F35B-48DE-9291-557FA5316967}" = ScannerCopy
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{A29800BA-0BF1-4E63-9F31-DF05A87F4104}" = InstantShareDevices
"{A43BF6A5-D5F0-4AAA-BF41-65995063EC44}" = MSXML 6.0 Parser
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A96E97134CA649888820BCDE5E300BBD}" = H.264 Decoder
"{AAC389499AEF40428987B3D30CFC76C9}" = MKV Splitter
"{AB5D51AE-EBC3-438D-872C-705C7C2084B0}" = DeviceManagementQFolder
"{AC76BA86-7AD7-1031-7B44-A91000000001}" = Adobe Reader 9.1.3 - Deutsch
"{AC76BA86-7AD7-5464-3428-900000000004}" = Spelling Dictionaries Support For Adobe Reader 9
"{AEF9DC35ADDF4825B049ACBFD1C6EB37}" = AAC Decoder
"{AFAC914D-9E83-4A89-8ABE-427521C82CCF}" = Safari
"{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter
"{B2157760-AA3C-4E2E-BFE6-D20BC52495D9}" = cp_PosterPrintConfig
"{B2D328BE-45AD-4D92-96F9-2151490A203E}" = Apple Application Support
"{B3B9BC18-2A09-4728-9B46-12E85FF3F628}" = C5100
"{B6286A44-7505-471A-A72B-04EC2DB2F442}" = CueTour
"{B69CFE29-FD03-4E0A-87A7-6ED97F98E5B3}" = CP_Panorama1Config
"{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Web Player
"{BDBE2F3E-42DB-4d4a-8CB1-19BA765DBC6C}" = HP Photosmart, Officejet and Deskjet 7.0.A
"{C1C6767D-B395-43CB-BF99-051B58B86DA6}" = PhotoGallery
"{C1E11C46-E6EB-4BD2-9ADF-2A98ACBEB216}" = iTunes
"{C7340571-7773-4A8C-9EBC-4E4243B38C76}" = Microsoft XML Parser
"{C7F54CF8-D6FB-4E0A-93A3-E68AE0D6C476}" = SolutionCenter
"{C8753E28-2680-49BF-BD48-DD38FD086EFE}" = AiO_Scan_CDA
"{C99EF05C-A49C-4C8C-902B-BD4B96A6F3A8}" = Keyboard Manager Utility
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CEBB6BFB-D708-4F99-A633-BC2600E01EF6}" = Bluetooth Stack for Windows by Toshiba
"{CF40ACC5-E1BB-4aff-AC72-04C2F616BCA7}" = getPlus(R) for Adobe
"{CFADE4AF-C0CF-4A04-A776-741318F1658F}" = Content Transfer
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.2
"{D16D8A48-65A4-4B19-8A02-DC9A40FB80C4}" = Norton Security Scan
"{DBC20735-34E6-4E97-A9E5-2066B66B243D}" = TrayApp
"{E1B80DEE-A795-4258-8445-074C06AE3AB8}" = MarketResearch
"{E78BFA60-5393-4C38-82AB-E8019E464EB4}" = Microsoft .NET Framework 1.1 German Language Pack
"{ED2C557E-9C18-41FF-B58E-A05EEF0B3B5F}" = CP_CalendarTemplates1
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F157460F-720E-482f-8625-AD7843891E5F}" = InstantShareDevicesMFC
"{F3760724-B29D-465B-BC53-E5D72095BCC4}" = Scan
"{F3BD8E81-C020-44F9-B014-1E0214D23556}" = SA30xx Media Converter
"{F6076EF9-08E1-442F-B6A2-BFB61B295A14}" = Fax_CDA
"{F7B0939E-58DF-11DF-B3A6-005056806466}" = Google Earth
"{FB15E224-67C3-491F-9F5C-F257BC418412}" = Destinations
"{FBB980B0-63F8-4B48-8D65-90F1D9F81D9F}" = NewCopy_CDA
"{FE57DE70-95DE-4B64-9266-84DA811053DB}" = HP Update
"{FE7E1DD7-EBCE-4696-ADE2-22BDBF2372DA}" = DocumentViewer
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11
"Alarm für Cobra 11" = Alarm für Cobra 11
"Album Cover Finder_is1" = Album Cover Finder v.6.5.0
"Ask Toolbar_is1" = Vuze Toolbar
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"AVS Audio Converter 5.1_is1" = AVS Audio Converter version 5.1
"AVS Audio Editor_is1" = AVS Audio Editor version 4.2
"AVS Update Manager_is1" = AVS Update Manager 1.0
"AVS4YOU Software Navigator_is1" = AVS4YOU Software Navigator 1.3
"AVS4YOU Video Converter 6_is1" = AVS Video Converter 6
"CamStudio" = CamStudio
"Cool Edit 2000" = Cool Edit 2000
"DivX Plus DirectShow Filters" = DivX Plus DirectShow Filters
"DriftCity_EU" = Drift City
"DXFSharpViewer 2" = DXF Sharp Viewer 2.0.21
"eMule" = eMule
"Firebird SQL Server D" = Firebird SQL Server - MAGIX Edition (D)
"Free 3GP Video Converter_is1" = Free 3GP Video Converter version 3.1
"Free Audio CD Burner_is1" = Free Audio CD Burner version 1.2
"Free Studio_is1" = Free Studio version 4.2
"Free YouTube Download_is1" = Free YouTube Download 2.2
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.2
"FreeStar Free AMR MP3 Converter" = FreeStar Free AMR MP3 Converter 1.0.1
"Google Chrome" = Google Chrome
"Google Updater" = Google Updater
"Hauppauge German Help Files and Resources" = Hauppauge German Help Files and Resources
"Hauppauge WinTV" = Hauppauge WinTV
"Hauppauge WinTV DVB-T EPG Service" = Hauppauge WinTV DVB-T EPG Service
"Hauppauge WinTV Infrared Remote" = Hauppauge WinTV Infrared Remote
"Hauppauge WinTV Scheduler" = Hauppauge WinTV Scheduler
"Hauppauge WinTV Soft PVR" = Hauppauge WinTV Soft PVR
"HHD Hex Editor 4.x" = HHD Software Free Hex Editor Neo 4.71
"HP Document Viewer" = HP Document Viewer 7.0
"HP Imaging Device Functions" = HP Imaging Device Functions 7.0
"HP Photo & Imaging" = HP Photosmart Premier Software 6.5
"HP Solution Center & Imaging Support Tools" = HP Solution Center 7.0
"HPExtendedCapabilities" = HP Customer Participation Program 7.0
"HPOCR" = OCR Software by I.R.I.S 7.0
"ICQToolbar" = ICQ Toolbar
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie7" = Windows Internet Explorer 7
"ie8" = Windows Internet Explorer 8
"InstallShield_{C99EF05C-A49C-4C8C-902B-BD4B96A6F3A8}" = Keyboard Manager Utility
"InterActual Player" = InterActual Player
"InternetGameBox" = InternetGameBox
"IrfanView" = IrfanView (remove only)
"IsoBuster Toolbar" = IsoBuster Toolbar
"IsoBuster_is1" = IsoBuster 2.4
"LilyPond" = LilyPond
"Luxor" = Luxor
"Magic Ball 2" = Magic Ball 2
"Magic ISO Maker v5.4 (build 0251)" = Magic ISO Maker v5.4 (build 0251)
"MAGIX Foto Manager 2007 D" = MAGIX Foto Manager 2007 (D)
"MAGIX music maker 2006 D" = MAGIX music maker 2006 (D)
"MAGIX Music Manager 2006 D" = MAGIX Music Manager 2006 (D)
"MAGIX Online Druck Service D" = MAGIX Online Druck Service (D)
"Microsoft .NET Framework 1.1  (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 2.0" = Microsoft .NET Framework 2.0
"Microsoft .NET Framework 2.0 Language Pack - DEU" = Microsoft .NET Framework 2.0 Language Pack - DEU
"Mozilla Firefox (3.0.11)" = Mozilla Firefox (3.0.11)
"MSNINST" = MSN
"Multi_Media_Germany Toolbar" = Multi_Media_Germany Toolbar
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"NSSSetup.{D16D8A48-65A4-4B19-8A02-DC9A40FB80C4}" = Norton Security Scan (Symantec Corporation)
"NVIDIA Drivers" = NVIDIA Drivers
"PRIME BACKUP" = PRIME BACKUP
"Radar Sync Bar" = Radar Sync Bar
"Rainbow Web 2" = Rainbow Web 2
"RealPlayer 6.0" = RealPlayer
"RegistryBooster 2_is1" = Uniblue RegistryBooster 2
"RTL Winter Sports 2009 (Demo)" = RTL Winter Sports 2009 (Demo)
"Secured eMule" = Secured eMule
"Share Accelerator MM Toolbar" = Share Accelerator MM Toolbar
"SMSERIAL" = Motorola SM56 Data Fax Modem
"Squash It" = Squash It
"Steam" = Steam
"Streamripper" = Streamripper (Remove only)
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"Uninstall_is1" = Uninstall 1.0.0.1
"Veoh Video Compass" = Veoh Video Compass
"Veoh Web Player Beta" = Veoh Web Player
"VLC media player" = VLC media player 0.9.9
"VTPlus32 für WinTV (German)" = VTPlus32 für WinTV (German)
"Vuze" = Vuze
"Wall Street Guru" = Wall Street Guru Beta 1.0
"Wdf01005" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
"Wild Races_is1" = Wild Races
"Winamp" = Winamp
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"WinGimp-2.0_is1" = GIMP 2.6.6
"WinRAR archiver" = WinRAR
"WMFDist11" = Windows Media Format 11 runtime
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"Xilisoft Video Converter Standard" = Xilisoft Video Converter Standard
"ygekcce" = Favorit
"Zapu - The Share Accelerator" = Zapu - The Share Accelerator
"ZDFsport_Bildschirmschoner" = ZDFsport_Bildschirmschoner Screen Saver
"Zuma Deluxe" = Zuma Deluxe
 
========== HKEY_USERS Uninstall List ==========
 
[HKEY_USERS\Dominik_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Antimalware Doctor" = Antimalware Doctor
"BitTorrent DNA" = DNA
"sc09-DE_SEVENONE_MAIN" = Big Pizza Ski Challenge 2009
"sc10-DE_SEVENONE_MAIN" = Big Pizza Ski Challenge 2010
"tc08-DE_SEVENONE_MAIN" = IKK Direkt Mountainbike Challenge 08
 
< End of report >
--- --- ---

Dendemann 30.08.2010 19:45
OTL Logfile:
Code:
OTL logfile created on: 8/30/2010 10:29:18 PM - Run
OTLPE by OldTimer - Version 3.1.40.0    Folder = X:\Programs\OTLPE
Microsoft Windows XP Service Pack 2 (Version = 5.1.2600) - Type = SYSTEM
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
2.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 87.00% Memory free
2.00 Gb Paging File | 2.00 Gb Available in Paging File | 97.00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 77.63 Gb Total Space | 29.78 Gb Free Space | 38.36% Space Free | Partition Type: NTFS
Drive D: | 77.63 Gb Total Space | 59.77 Gb Free Space | 76.99% Space Free | Partition Type: NTFS
Drive E: | 77.62 Gb Total Space | 55.38 Gb Free Space | 71.34% Space Free | Partition Type: NTFS
Drive F: | 15.05 Gb Total Space | 13.96 Gb Free Space | 92.76% Space Free | Partition Type: FAT32
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Drive X: | 433.24 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
 
Computer Name: REATOGO
Current User Name: SYSTEM
Logged in as Administrator.
 
Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard
Using ControlSet: ControlSet001
 
========== Win32 Services (SafeList) ==========
 
SRV - File not found [On_Demand] -- C:\Programme\NOS\bin\getPlus_HelperSvc.exe -- (getPlus(R) Helper) getPlus(R)
SRV - [2010/06/10 15:03:08 | 000,144,176 | ---- | M] (Apple Inc.) [Auto] -- C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2009/07/21 08:34:28 | 000,185,089 | ---- | M] (Avira GmbH) [Auto] -- C:\Programme\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2009/06/01 16:20:12 | 000,222,968 | ---- | M] () [Auto] -- C:\Programme\ICQ6Toolbar\ICQ Service.exe -- (ICQ Service)
SRV - [2009/05/13 10:48:18 | 000,108,289 | ---- | M] (Avira GmbH) [Auto] -- C:\Programme\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2009/04/30 07:23:26 | 000,090,112 | ---- | M] () [Auto] -- C:\Programme\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe -- (OMSI download service)
SRV - [2008/11/12 17:37:24 | 000,464,264 | ---- | M] () [Auto] -- C:\Programme\AskBarDis\bar\bin\AskService.exe -- (ASKService)
SRV - [2007/09/05 12:46:02 | 000,374,272 | ---- | M] (Hauppauge Computer Works) [Auto] -- C:\Programme\WinTV\EPG Services\System\EPGService.exe -- (EPGService)
SRV - [2007/08/09 03:27:52 | 000,073,728 | ---- | M] (HP) [Auto] -- C:\Windows\system32\HPZipm12.exe -- (Pml Driver HPZ12)
SRV - [2007/07/12 11:36:12 | 000,354,840 | ---- | M] (Intel Corporation) [Auto] -- C:\Programme\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON) Intel(R)
SRV - [2007/02/25 16:55:18 | 000,125,048 | ---- | M] (TOSHIBA CORPORATION) [Auto] -- c:\Programme\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe -- (TOSHIBA Bluetooth Service)
SRV - [2005/11/17 08:18:52 | 001,527,900 | ---- | M] (MAGIX®) [On_Demand] -- C:\MAGIX\Common\Database\bin\fbserver.exe -- (FirebirdServerMAGIXInstance)
SRV - [2005/04/03 19:41:10 | 000,069,632 | ---- | M] (Macrovision Corporation) [On_Demand] -- C:\Programme\Gemeinsame Dateien\InstallShield\Driver\11\Intel 32\IDriverT.exe -- (IDriverT)
SRV - [2003/07/28 07:28:22 | 000,089,136 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE -- (ose)
SRV - [2003/06/19 18:25:00 | 000,322,120 | ---- | M] (Microsoft Corporation) [Auto] -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7DEBUG\MDM.EXE -- (MDM)
 
 
========== Driver Services (SafeList) ==========
 
DRV - File not found [Kernel | On_Demand] --  -- (WDICA)
DRV - File not found [Kernel | On_Demand] --  -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand] --  -- (PDRELI)
DRV - File not found [Kernel | On_Demand] --  -- (PDFRAME)
DRV - File not found [Kernel | On_Demand] --  -- (PDCOMP)
DRV - File not found [Kernel | System] --  -- (PCIDump)
DRV - File not found [Kernel | System] --  -- (lbrtfdc)
DRV - File not found [Kernel | System] --  -- (i2omgmt)
DRV - File not found [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\EagleNT.sys -- (EagleNT)
DRV - File not found [Kernel | System] --  -- (Changer)
DRV - [2009/12/07 15:20:06 | 000,056,816 | ---- | M] (Avira GmbH) [File_System | Auto] -- C:\Windows\system32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2009/05/11 04:12:20 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System] -- C:\Windows\system32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2009/03/30 04:33:03 | 000,096,104 | ---- | M] (Avira GmbH) [Kernel | System] -- C:\Windows\system32\drivers\avipbb.sys -- (avipbb)
DRV - [2009/02/13 06:35:01 | 000,011,608 | ---- | M] (Avira GmbH) [Kernel | System] -- C:\Programme\Avira\AntiVir Desktop\avgio.sys -- (avgio)
DRV - [2008/06/03 20:34:08 | 000,122,024 | ---- | M] (MCCI Corporation) [Kernel | On_Demand] -- C:\Windows\system32\drivers\s1018mdm.sys -- (s1018mdm)
DRV - [2008/06/03 20:34:08 | 000,115,368 | ---- | M] (MCCI Corporation) [Kernel | On_Demand] -- C:\Windows\system32\drivers\s1018mgmt.sys -- (s1018mgmt) Sony Ericsson Device 1018 USB WMC Device Management Drivers (WDM)
DRV - [2008/06/03 20:34:08 | 000,090,408 | ---- | M] (MCCI Corporation) [Kernel | On_Demand] -- C:\Windows\system32\drivers\s1018bus.sys -- (s1018bus) Sony Ericsson Device 1018 driver (WDM)
DRV - [2008/06/03 20:34:08 | 000,025,768 | ---- | M] (MCCI Corporation) [Kernel | On_Demand] -- C:\Windows\system32\drivers\s1018nd5.sys -- (s1018nd5) Sony Ericsson Device 1018 USB Ethernet Emulation (NDIS)
DRV - [2008/06/03 20:34:06 | 000,117,544 | ---- | M] (MCCI Corporation) [Kernel | On_Demand] -- C:\Windows\system32\drivers\s1018unic.sys -- (s1018unic) Sony Ericsson Device 1018 USB Ethernet Emulation (WDM)
DRV - [2008/06/03 20:34:06 | 000,111,784 | ---- | M] (MCCI Corporation) [Kernel | On_Demand] -- C:\Windows\system32\drivers\s1018obex.sys -- (s1018obex)
DRV - [2008/06/03 20:34:06 | 000,015,016 | ---- | M] (MCCI Corporation) [Kernel | On_Demand] -- C:\Windows\system32\drivers\s1018mdfl.sys -- (s1018mdfl)
DRV - [2008/05/26 23:41:46 | 000,122,152 | ---- | M] (MCCI Corporation) [Kernel | On_Demand] -- C:\Windows\system32\drivers\s0017mdm.sys -- (s0017mdm)
DRV - [2008/05/26 23:41:46 | 000,117,672 | ---- | M] (MCCI Corporation) [Kernel | On_Demand] -- C:\Windows\system32\drivers\s0017unic.sys -- (s0017unic) Sony Ericsson Device 0017 USB Ethernet Emulation SEMC0017 (WDM)
DRV - [2008/05/26 23:41:46 | 000,111,912 | ---- | M] (MCCI Corporation) [Kernel | On_Demand] -- C:\Windows\system32\drivers\s0017obex.sys -- (s0017obex)
DRV - [2008/05/26 23:41:46 | 000,090,536 | ---- | M] (MCCI Corporation) [Kernel | On_Demand] -- C:\Windows\system32\drivers\s0017bus.sys -- (s0017bus) Sony Ericsson Device 0017 driver (WDM)
DRV - [2008/05/26 23:41:46 | 000,015,016 | ---- | M] (MCCI Corporation) [Kernel | On_Demand] -- C:\Windows\system32\drivers\s0017mdfl.sys -- (s0017mdfl)
DRV - [2008/05/26 23:41:44 | 000,115,496 | ---- | M] (MCCI Corporation) [Kernel | On_Demand] -- C:\Windows\system32\drivers\s0017mgmt.sys -- (s0017mgmt) Sony Ericsson Device 0017 USB WMC Device Management Drivers (WDM)
DRV - [2008/05/26 23:41:44 | 000,025,768 | ---- | M] (MCCI Corporation) [Kernel | On_Demand] -- C:\Windows\system32\drivers\s0017nd5.sys -- (s0017nd5) Sony Ericsson Device 0017 USB Ethernet Emulation SEMC0017 (NDIS)
DRV - [2008/04/13 05:53:26 | 000,101,376 | ---- | M] (Protect Software GmbH) [Kernel | Auto] -- C:\Windows\system32\drivers\ACEDRV07.sys -- (ACEDRV07)
DRV - [2008/01/09 07:28:34 | 000,027,632 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand] -- C:\Windows\system32\drivers\seehcri.sys -- (seehcri)
DRV - [2007/07/12 11:35:02 | 000,305,176 | ---- | M] (Intel Corporation) [Kernel | Boot] -- C:\Windows\system32\drivers\iaStor.sys -- (IASTOR)
DRV - [2007/07/10 03:56:34 | 004,449,280 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand] -- C:\Windows\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2007/05/22 16:35:00 | 006,346,688 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand] -- C:\Windows\system32\drivers\nv4_mini.sys -- (nv)
DRV - [2007/05/11 05:38:37 | 002,206,976 | ---- | M] (Intel Corporation) [Kernel | On_Demand] -- C:\Windows\system32\drivers\NETw4x32.sys -- (NETw4x32) Intel(R)
DRV - [2007/04/11 09:32:58 | 000,036,112 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand] -- C:\Windows\system32\drivers\LMouFilt.Sys -- (LMouFilt)
DRV - [2007/04/11 09:32:52 | 000,034,832 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand] -- C:\Windows\system32\drivers\LHidFilt.Sys -- (LHidFilt)
DRV - [2007/03/30 12:19:08 | 000,041,856 | ---- | M] (TOSHIBA CORPORATION) [Kernel | On_Demand] -- C:\Windows\system32\drivers\tosrfusb.sys -- (tosrfusb)
DRV - [2007/03/13 04:12:00 | 000,255,232 | ---- | M] (Marvell) [Kernel | On_Demand] -- C:\Windows\system32\drivers\yk51x86.sys -- (yukonwxp)
DRV - [2007/03/01 11:53:12 | 000,073,728 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand] -- C:\Windows\system32\drivers\Tosrfhid.sys -- (Tosrfhid)
DRV - [2007/02/22 14:56:24 | 000,113,920 | ---- | M] (TOSHIBA CORPORATION) [Kernel | On_Demand] -- C:\Windows\system32\drivers\tosrfbd.sys -- (tosrfbd)
DRV - [2007/02/01 03:38:54 | 000,033,792 | ---- | M] (KM Software Team) [Kernel | On_Demand] -- C:\Windows\system32\drivers\qkbfiltr.sys -- (qkbfiltr)
DRV - [2007/01/29 20:20:04 | 000,361,728 | R--- | M] (eMPIA Technology, Inc.) [Kernel | On_Demand] -- C:\Windows\system32\drivers\emBDA.sys -- (USB28xxBGA)
DRV - [2007/01/29 20:19:48 | 000,039,680 | R--- | M] (eMPIA Technology, Inc.) [Kernel | On_Demand] -- C:\Windows\system32\drivers\emOEM.sys -- (USB28xxOEM)
DRV - [2007/01/22 05:43:26 | 000,053,376 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand] -- C:\Windows\system32\drivers\TosRfSnd.sys -- (TosRfSnd)
DRV - [2006/11/22 12:35:00 | 000,982,272 | ---- | M] (Motorola Inc.) [Kernel | On_Demand] -- C:\Windows\system32\drivers\smserial.sys -- (smserial)
DRV - [2006/11/20 12:55:16 | 000,036,480 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand] -- C:\Windows\system32\drivers\tosrfbnp.sys -- (tosrfbnp)
DRV - [2006/10/10 14:33:00 | 000,041,600 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand] -- C:\Windows\system32\drivers\tosporte.sys -- (tosporte)
DRV - [2006/09/19 08:28:00 | 000,036,608 | R--- | M] (Infineon Technologies AG) [Kernel | On_Demand] -- C:\Windows\system32\drivers\ifxtpm.sys -- (IFXTPM)
DRV - [2006/07/06 21:44:00 | 000,168,448 | ---- | M] (Texas Instruments) [Kernel | On_Demand] -- C:\Windows\system32\drivers\tifm21.sys -- (tifm21)
DRV - [2006/06/16 09:40:56 | 000,193,120 | ---- | M] (Synaptics, Inc.) [Kernel | On_Demand] -- C:\Windows\system32\drivers\SynTP.sys -- (SynTP)
DRV - [2006/02/28 08:00:00 | 000,032,640 | ---- | M] (LSI Logic) [Kernel | Boot] -- C:\Windows\system32\drivers\symc8xx.sys -- (symc8xx)
DRV - [2006/02/28 08:00:00 | 000,030,688 | ---- | M] (LSI Logic) [Kernel | Boot] -- C:\Windows\system32\drivers\sym_u3.sys -- (sym_u3)
DRV - [2005/08/01 11:45:00 | 000,064,896 | ---- | M] (TOSHIBA Corporation) [Kernel | System] -- C:\Windows\system32\drivers\tosrfcom.sys -- (Tosrfcom)
DRV - [2005/04/04 10:25:00 | 000,015,340 | ---- | M] (NT Kernel Resources) [Kernel | Boot] -- C:\WINDOWS\System32\drivers\ndisrd.sys -- (ndisrd)
DRV - [2005/01/07 12:07:18 | 000,138,752 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand] -- C:\Windows\system32\drivers\Hdaudbus.sys -- (HDAudBus)
DRV - [2005/01/06 08:42:00 | 000,018,612 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand] -- C:\Windows\system32\drivers\tosrfnds.sys -- (tosrfnds)
DRV - [2004/08/03 18:10:14 | 000,015,360 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\system32\drivers\MPE.sys -- (MPE)
DRV - [2004/08/03 18:07:56 | 000,059,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\system32\drivers\USBAUDIO.sys -- (usbaudio) USB-Audiotreiber (WDM)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
 
 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
IE - HKU\***_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = MSN, Messenger und Hotmail sowie Nachrichten, Unterhaltung, Video, Sport, Lifestyle, Finanzen, Auto uvm. bei MSN
IE - HKU\***_ON_C\..\URLSearchHook:  - Reg Error: Key error. File not found
IE - HKU\***_ON_C\..\URLSearchHook: {266fcdca-7bb3-4da7-b3bf-f845dea2ebd6} - C:\Programme\IsoBuster\tbIso0.dll File not found
IE - HKU\***_ON_C\..\URLSearchHook: {4596013b-6c31-408b-a266-deae5c086dc2} - C:\Programme\Share_Accelerator_MM\tbSha1.dll (Conduit Ltd.)
IE - HKU\***_ON_C\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Programme\ICQ6Toolbar\ICQToolBar.dll (ICQ)
IE - HKU\***_ON_C\..\URLSearchHook: {dac6ed64-8dd1-4ab8-aedf-b97892d28ffe} - C:\Programme\Multi_Media_Germany\tbMult.dll (Conduit Ltd.)
IE - HKU\***_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1
IE - HKU\***_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>
IE - HKU\***_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" =
 
 
 
IE - HKU\***_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = MSN, Messenger und Hotmail sowie Nachrichten, Unterhaltung, Video, Sport, Lifestyle, Finanzen, Auto uvm. bei MSN
IE - HKU\***_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
IE - HKU\***_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 34 29 93 1C 67 97 CA 01  [binary data]
IE - HKU\***_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
FF - HKLM\software\mozilla\Firefox\extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\Programme\Real\RealPlayer\browserrecord [2009/05/18 04:43:44 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.11\extensions\\Components: C:\Programme\Mozilla Firefox\components [2010/06/23 16:40:48 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.11\extensions\\Plugins: C:\Programme\Mozilla Firefox\plugins [2010/06/23 16:40:48 | 000,000,000 | ---D | M]
 
[2010/08/30 06:36:16 | 000,000,000 | ---D | M] -- C:\Programme\Mozilla Firefox\extensions
[2009/08/15 17:40:43 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
[2008/03/15 09:56:14 | 000,001,392 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\amazondotcom-de.xml
[2008/10/13 14:34:40 | 000,002,344 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\eBay-de.xml
[2008/02/19 10:40:48 | 000,006,805 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\leo_ende_de.xml
[2006/12/03 11:59:22 | 000,000,986 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\wikipedia-de.xml
[2006/11/17 07:19:24 | 000,000,801 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2006/02/28 08:00:00 | 000,000,820 | ---- | M]) - C:\Windows\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1      localhost
O2 - BHO: (XTTBPos00 Class) - {055FD26D-3A88-4e15-963D-DC8493744B1D} - C:\Programme\ICQToolbar\toolbaru.dll (ICQ Inc.)
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (AskBar BHO) - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Programme\AskBarDis\bar\bin\askBar.dll (Ask.com)
O2 - BHO: (IsoBuster Toolbar) - {266fcdca-7bb3-4da7-b3bf-f845dea2ebd6} - C:\Programme\IsoBuster\tbIso0.dll File not found
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Programme\Real\RealPlayer\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (Share Accelerator MM Toolbar) - {4596013b-6c31-408b-a266-deae5c086dc2} - C:\Programme\Share_Accelerator_MM\tbSha1.dll (Conduit Ltd.)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Programme\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O2 - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programme\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll (Google Inc.)
O2 - BHO: (Google Dictionary Compression sdch) - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Programme\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll (Google Inc.)
O2 - BHO: (Multi Media Germany Toolbar) - {dac6ed64-8dd1-4ab8-aedf-b97892d28ffe} - C:\Programme\Multi_Media_Germany\tbMult.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Veoh Web Player Video Finder) - {0FBB9689-D3D7-4f7a-A2E2-585B10099BFC} - C:\Programme\Veoh Networks\VeohWebPlayer\VeohIEToolbar.dll File not found
O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Programme\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (IsoBuster Toolbar) - {266fcdca-7bb3-4da7-b3bf-f845dea2ebd6} - C:\Programme\IsoBuster\tbIso0.dll File not found
O3 - HKLM\..\Toolbar: (Ask Toolbar) - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Programme\AskBarDis\bar\bin\askBar.dll (Ask.com)
O3 - HKLM\..\Toolbar: (Share Accelerator MM Toolbar) - {4596013b-6c31-408b-a266-deae5c086dc2} - C:\Programme\Share_Accelerator_MM\tbSha1.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Veoh Video Compass) - {52836EB0-631A-47B1-94A6-61F9D9112DAE} - C:\Programme\Veoh Networks\Veoh Video Compass\SearchRecsPlugin.dll File not found
O3 - HKLM\..\Toolbar: (ICQToolBar) - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Programme\ICQ6Toolbar\ICQToolBar.dll (ICQ)
O3 - HKLM\..\Toolbar: (Multi Media Germany Toolbar) - {dac6ed64-8dd1-4ab8-aedf-b97892d28ffe} - C:\Programme\Multi_Media_Germany\tbMult.dll (Conduit Ltd.)
O3 - HKU\***_ON_C\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Programme\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKU\***_ON_C\..\Toolbar\WebBrowser: (IsoBuster Toolbar) - {266FCDCA-7BB3-4DA7-B3BF-F845DEA2EBD6} - C:\Programme\IsoBuster\tbIso0.dll File not found
O3 - HKU\***_ON_C\..\Toolbar\WebBrowser: (Share Accelerator MM Toolbar) - {4596013B-6C31-408B-A266-DEAE5C086DC2} - C:\Programme\Share_Accelerator_MM\tbSha1.dll (Conduit Ltd.)
O3 - HKU\***_ON_C\..\Toolbar\WebBrowser: (ICQToolBar) - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Programme\ICQ6Toolbar\ICQToolBar.dll (ICQ)
O3 - HKU\***_ON_C\..\Toolbar\WebBrowser: (Multi Media Germany Toolbar) - {DAC6ED64-8DD1-4AB8-AEDF-B97892D28FFE} - C:\Programme\Multi_Media_Germany\tbMult.dll (Conduit Ltd.)
O3 - HKU\***_ON_C\..\Toolbar\ShellBrowser: (Share Accelerator MM Toolbar) - {4596013B-6C31-408B-A266-DEAE5C086DC2} - C:\Programme\Share_Accelerator_MM\tbSha1.dll (Conduit Ltd.)
O3 - HKU\***_ON_C\..\Toolbar\ShellBrowser: (Multi Media Germany Toolbar) - {DAC6ED64-8DD1-4AB8-AEDF-B97892D28FFE} - C:\Programme\Multi_Media_Germany\tbMult.dll (Conduit Ltd.)
O3 - HKU\***_ON_C\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Programme\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKU\***_ON_C\..\Toolbar\WebBrowser: (IsoBuster Toolbar) - {266FCDCA-7BB3-4DA7-B3BF-F845DEA2EBD6} - C:\Programme\IsoBuster\tbIso0.dll File not found
O3 - HKU\***_ON_C\..\Toolbar\WebBrowser: (Ask Toolbar) - {3041D03E-FD4B-44E0-B742-2D9B88305F98} - C:\Programme\AskBarDis\bar\bin\askBar.dll (Ask.com)
O3 - HKU\***_ON_C\..\Toolbar\WebBrowser: (Share Accelerator MM Toolbar) - {4596013B-6C31-408B-A266-DEAE5C086DC2} - C:\Programme\Share_Accelerator_MM\tbSha1.dll (Conduit Ltd.)
O3 - HKU\***_ON_C\..\Toolbar\WebBrowser: (Multi Media Germany Toolbar) - {DAC6ED64-8DD1-4AB8-AEDF-B97892D28FFE} - C:\Programme\Multi_Media_Germany\tbMult.dll (Conduit Ltd.)
O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\ALCMTR.EXE (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [AppleSyncNotifier] C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\AppleSyncNotifier.exe (Apple Inc.)
O4 - HKLM..\Run: [asmcoxenwr.tmp] C:\DOKUME~1\***\LOKALE~1\Temp\asmcoxenwr.tmp File not found
O4 - HKLM..\Run: [avgnt] C:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [BluetoothAuthenticationAgent] C:\WINDOWS\System32\bthprops.cpl (Microsoft Corporation)
O4 - HKLM..\Run: [BrMfcWnd] C:\Programme\Brother\Brmfcmon\BrMfcWnd.exe (Brother Industries, Ltd.)
O4 - HKLM..\Run: [ContentTransferWMDetector.exe] C:\Programme\Sony\Content Transfer\ContentTransferWMDetector.exe (Sony Corporation)
O4 - HKLM..\Run: [ControlCenter3] C:\Programme\Brother\ControlCenter3\brctrcen.exe (Brother Industries, Ltd.)
O4 - HKLM..\Run: [EPGServiceTool] C:\Programme\WinTV\EPG Services\System\EPGClient.exe (Hauppauge Inc.)
O4 - HKLM..\Run: [HCWemmon] C:\WINDOWS\HCWemmon.exe (eMPIA Technology, Inc.)
O4 - HKLM..\Run: [IAAnotif] C:\Programme\Intel\Intel Matrix Storage Manager\Iaanotif.exe (Intel Corporation)
O4 - HKLM..\Run: [IndexSearch] C:\Programme\ScanSoft\PaperPort\IndexSearch.exe (Nuance Communications, Inc.)
O4 - HKLM..\Run: [Kernel and Hardware Abstraction Layer] C:\WINDOWS\KHALMNPR.Exe (Logitech Inc.)
O4 - HKLM..\Run: [Keyboard Manager Utility] C:\Programme\Keyboard Manager\Manager Utility\KeyboardManager.exe (Quanta Computer, INC.)
O4 - HKLM..\Run: [LanguageShortcut] C:\Programme\CyberLink\PowerDVD\Language\Language.exe ()
O4 - HKLM..\Run: [NeroFilterCheck] C:\Programme\Gemeinsame Dateien\Ahead\Lib\NeroCheck.exe (Nero AG)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe ()
O4 - HKLM..\Run: [PaperPort PTD] C:\Programme\ScanSoft\PaperPort\pptd40nt.exe (Nuance Communications, Inc.)
O4 - HKLM..\Run: [PPort11reminder] C:\Programme\ScanSoft\PaperPort\Ereg\Ereg.exe (Nuance Communications, Inc.)
O4 - HKLM..\Run: [SMSERIAL] C:\Programme\Motorola\SMSERIAL\sm56hlpr.exe (Motorola Inc.)
O4 - HKLM..\Run: [SSBkgdUpdate] C:\Programme\Gemeinsame Dateien\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe (Nuance Communications, Inc.)
O4 - HKLM..\Run: [SynTPEnh] C:\Programme\Synaptics\SynTP\SynTPEnh.exe File not found
O4 - HKLM..\Run: [TkBellExe] C:\Programme\Gemeinsame Dateien\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [vucfcbae] C:\Dokumente und Einstellungen\Dominik\Lokale Einstellungen\Anwendungsdaten\bvuiqndun\cvoooakshdw.exe ()
O4 - HKU\***_ON_C..\Run: [BitTorrent DNA] C:\Programme\DNA\btdna.exe (BitTorrent, Inc.)
O4 - HKU\***_ON_C..\Run: [mediafix70700en02.exe] C:\Dokumente und Einstellungen\***\Anwendungsdaten\12CE49A3EB6D40E91B78314BBC4CE4F6\mediafix70700en02.exe (MS)
O4 - HKU\***_ON_C..\Run: [NCLaunch] C:\Windows\NCLAUNCH.EXe (Northcode Inc.)
O4 - HKU\***_ON_C..\Run: [Sony Ericsson PC Suite] C:\Programme\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe (Sony Ericsson Mobile Communications AB)
O4 - HKU\***_ON_C..\Run: [Steam] C:\Programme\Steam\Steam.exe (Valve Corporation)
O4 - HKU\***_ON_C..\Run: [swg] C:\Programme\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
O4 - HKU\***_ON_C..\Run: [VeohPlugin] C:\Programme\Veoh Networks\VeohWebPlayer\veohwebplayer.exe File not found
O4 - HKU\***_ON_C..\Run: [vucfcbae] C:\Dokumente und Einstellungen\***\Lokale Einstellungen\Anwendungsdaten\bvuiqndun\cvoooakshdw.exe ()
O4 - HKU\***_ON_C..\Run: [ygekcce] c:\dokumente und einstellungen\***\lokale einstellungen\anwendungsdaten\ygekcce.exe File not found
O4 - HKU\***_ON_C..\Run: [swg] C:\Programme\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\AutoStart IR.lnk = C:\Programme\WinTV\Ir.exe (Hauppauge Computer Works)
O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\Bluetooth Manager.lnk = C:\Programme\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe (TOSHIBA CORPORATION.)
O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\HP Photosmart Premier – Schnellstart.lnk = C:\Programme\HP\Digital Imaging\bin\hpqthb08.exe (Hewlett-Packard Development Company, L.P.)
O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\Logitech SetPoint.lnk = C:\Programme\Logitech\SetPoint\SetPoint.exe (Logitech Inc.)
O4 - Startup: C:\Dokumente und Einstellungen\***\Startmenü\Programme\Autostart\Zapu Acceleration Engine.lnk = C:\Programme\Zapu\Zapu\wincm.exe (IPortent)
O4 - Startup: C:\Dokumente und Einstellungen\***\Startmenü\Programme\Autostart\Zapu.lnk = C:\Programme\Zapu\Zapu\wDivi.exe (IPortent)
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\Administrator_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\***_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\LocalService_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\NetworkService_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\Sono_Bello_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9 - Extra Button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Programme\ICQ6.5\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Programme\ICQ6.5\ICQ.exe (ICQ, LLC.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} hxxp://download.microsoft.com/download/C/0/C/C0CBBA88-A6F2-48D9-9B0E-1719D1177202/LegitCheckControl.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} hxxp://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1198241952502 (WUWebControl Class)
O16 - DPF: {7E980B9B-8AE5-466A-B6D6-DA8CF814E78A} hxxp://icq.oberon-media.com/online//online2/luxor/mjolauncher.cab (MJLauncherCtrl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_10-windows-i586.cab (Java Plug-in 1.6.0_10)
O16 - DPF: {CAFEEFAC-0016-0000-0010-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_10-windows-i586.cab (Java Plug-in 1.6.0_10)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_10-windows-i586.cab (Java Plug-in 1.6.0_10)
O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} hxxp://wwwimages.adobe.com/www.adobe.com/products/acrobat/nos/gp.cab (get_atlcom Class)
O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} hxxp://games.icq.com/online/online2/zuma/popcaploader_v6.cab (PopCapLoader Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Web Components\10\OWC10.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Web Components\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Gemeinsame Dateien\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18 - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O24 - Desktop Components:0 (Die derzeitige Homepage) - About:Home
O24 - Desktop WallPaper: C:\Windows\Web\Wallpaper\Grüne Idylle.bmp
O24 - Desktop BackupWallPaper: C:\Windows\Web\Wallpaper\Grüne Idylle.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/03/24 07:06:41 | 000,000,053 | R--- | M] () - X:\AUTORUN.INF -- [ CDFS ]
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
========== Files/Folders - Created Within 30 Days ==========
 
[2010/08/30 20:00:36 | 000,552,960 | R--- | C] (OldTimer Tools) -- C:\OTLPE.exe
[2010/08/30 20:00:35 | 000,000,000 | ---D | C] -- C:\_OTL
[2010/08/30 16:55:08 | 000,000,000 | --SD | C] -- C:\Dokumente und Einstellungen\Administrator\IETldCache
[2010/08/30 03:55:56 | 000,000,000 | R--D | C] -- C:\Dokumente und Einstellungen\LocalService\Favoriten
[2010/08/30 03:53:28 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\***\Lokale Einstellungen\Anwendungsdaten\bvuiqndun
[2010/08/30 03:52:05 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\***\Lokale Einstellungen\Anwendungsdaten\Windows Server
[2010/08/30 03:52:00 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\12CE49A3EB6D40E91B78314BBC4CE4F6
[2010/08/13 18:11:11 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\Anwendungsdaten\Temp
[2008/07/15 15:12:04 | 023,766,320 | ---- | C] (Apple Inc.) -- C:\Programme\QuickTimeInstaller.exe
[2008/04/23 08:28:47 | 059,782,440 | ---- | C] (Apple Inc.) -- C:\Programme\iTunesSetup.exe
[2006/02/18 22:28:56 | 000,012,288 | ---- | C] (Hewlett-Packard Development Company, L.P.) -- C:\Windows\Fonts\RandFont.dll
 
========== Files - Modified Within 30 Days ==========
 
[2010/08/30 22:28:23 | 000,786,432 | -H-- | M] () -- C:\Dokumente und Einstellungen\Administrator\NTUSER.DAT
[2010/08/30 20:32:14 | 008,126,464 | -H-- | M] () -- C:\Dokumente und Einstellungen\***\NTUSER.DAT
[2010/08/30 14:33:16 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010/08/30 14:33:11 | 2145,767,424 | -HS- | M] () -- C:\hiberfil.sys
[2010/08/30 06:48:00 | 000,001,088 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2010/08/30 06:28:00 | 000,001,044 | ---- | M] () -- C:\WINDOWS\tasks\Google Software Updater.job
[2010/08/30 03:18:41 | 000,001,084 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2010/08/30 03:16:50 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010/08/29 18:32:48 | 000,237,568 | -H-- | M] () -- C:\Dokumente und Einstellungen\NetworkService\NTUSER.DAT
[2010/08/29 18:32:48 | 000,237,568 | -H-- | M] () -- C:\Dokumente und Einstellungen\LocalService\NTUSER.DAT
[2010/08/29 18:32:41 | 000,000,012 | ---- | M] () -- C:\WINDOWS\bthservsdp.dat
[2010/08/29 18:32:00 | 000,024,064 | ---- | M] () -- C:\Dokumente und Einstellungen\***\Eigene Dateien\Apocalyptica end of me.doc
[2010/08/29 12:00:00 | 000,000,396 | ---- | M] () -- C:\WINDOWS\tasks\Norton Security Scan for ***.job
[2010/08/29 06:43:10 | 000,002,509 | ---- | M] () -- C:\Dokumente und Einstellungen\***\Desktop\Microsoft Office Word 2003.lnk
[2010/08/29 05:44:37 | 000,002,607 | ---- | M] () -- C:\Dokumente und Einstellungen\***\Desktop\Microsoft Office Outlook 2003.lnk
[2010/08/28 10:19:30 | 000,002,545 | ---- | M] () -- C:\Dokumente und Einstellungen\***\Desktop\Microsoft Office PowerPoint 2003.lnk
[2010/08/28 09:26:50 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
 
========== Files Created - No Company Name ==========
 
[2010/08/29 18:31:59 | 000,024,064 | ---- | C] () -- C:\Dokumente und Einstellungen\***\Eigene Dateien\Apocalyptica end of me.doc
[2009/12/25 13:19:31 | 000,000,425 | ---- | C] () -- C:\WINDOWS\BRWMARK.INI
[2009/12/25 13:19:04 | 000,106,496 | ---- | C] () -- C:\WINDOWS\System32\BrMuSNMP.dll
[2009/12/25 13:15:27 | 000,031,864 | ---- | C] () -- C:\WINDOWS\maxlink.ini
[2009/10/16 13:34:53 | 000,000,760 | ---- | C] () -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\setup_ldm.iss
[2009/10/12 16:38:30 | 000,000,016 | -H-- | C] () -- C:\Dokumente und Einstellungen\***\mxfilerelatedcache.mxc2
[2009/10/03 12:34:15 | 000,006,144 | ---- | C] () -- C:\Dokumente und Einstellungen\***\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/09/09 15:09:05 | 000,000,143 | ---- | C] () -- C:\Dokumente und Einstellungen\***\Lokale Einstellungen\Anwendungsdaten\fusioncache.dat
[2009/09/09 15:08:51 | 001,572,864 | -H-- | C] () -- C:\Dokumente und Einstellungen\***\NTUSER.DAT
[2009/09/09 15:08:51 | 000,008,192 | -H-- | C] () -- C:\Dokumente und Einstellungen\***\ntuser.dat.LOG
[2009/09/09 15:08:51 | 000,000,190 | -HS- | C] () -- C:\Dokumente und Einstellungen\***\ntuser.ini
[2009/06/16 11:05:41 | 000,000,020 | ---- | C] () -- C:\WINDOWS\Crocclip.INI
[2009/05/28 08:07:25 | 000,000,910 | ---- | C] () -- C:\WINDOWS\cdplayer.ini
[2009/05/05 13:24:52 | 000,000,016 | -H-- | C] () -- C:\Programme\mxfilerelatedcache.mxc2
[2009/05/05 13:24:52 | 000,000,016 | -H-- | C] () -- C:\Dokumente und Einstellungen\***\mxfilerelatedcache.mxc2
[2009/05/05 13:24:52 | 000,000,016 | -H-- | C] () -- C:\Dokumente und Einstellungen\Administrator\mxfilerelatedcache.mxc2
[2009/04/04 15:52:05 | 000,313,542 | ---- | C] () -- C:\Dokumente und Einstellungen\***\Lokale Einstellungen\Anwendungsdaten\ygekcce_nav.dat
[2009/04/04 15:52:05 | 000,003,105 | ---- | C] () -- C:\Dokumente und Einstellungen\***\Lokale Einstellungen\Anwendungsdaten\ygekcce.dat
[2009/04/04 15:52:05 | 000,001,266 | ---- | C] () -- C:\Dokumente und Einstellungen\***\Lokale Einstellungen\Anwendungsdaten\ygekcce_navps.dat
[2008/11/04 12:30:52 | 002,100,210 | ---- | C] () -- C:\Dokumente und Einstellungen\***\ProductContextC5100.log
[2008/10/29 18:10:11 | 000,077,824 | R--- | C] () -- C:\WINDOWS\System32\HPZIDS01.dll
[2008/05/12 07:04:37 | 000,000,111 | ---- | C] () -- C:\Dokumente und Einstellungen\***\default.pls
[2008/04/22 12:18:48 | 000,879,872 | ---- | C] () -- C:\Programme\Google_Updater.exe
[2008/04/20 13:16:22 | 000,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2008/04/20 08:07:10 | 001,440,047 | ---- | C] () -- C:\Programme\wrar371d.exe
[2008/04/14 07:35:56 | 000,000,098 | ---- | C] () -- C:\WINDOWS\WirelessFTP.INI
[2008/04/13 17:02:51 | 000,000,029 | ---- | C] () -- C:\WINDOWS\coolacm.ini
[2008/04/13 17:01:18 | 000,000,037 | ---- | C] () -- C:\WINDOWS\coolmp3.ini
[2008/04/13 17:01:18 | 000,000,029 | ---- | C] () -- C:\WINDOWS\wordpad.ini
[2008/04/13 17:01:17 | 000,000,000 | ---- | C] () -- C:\WINDOWS\COOLSYS.INI
[2008/04/13 17:01:16 | 000,010,677 | ---- | C] () -- C:\WINDOWS\coolkb2k.ini
[2008/04/13 17:00:41 | 000,000,029 | ---- | C] () -- C:\WINDOWS\winzip32.ini
[2008/04/13 16:59:28 | 000,007,232 | ---- | C] () -- C:\WINDOWS\COOL.INI
[2008/04/13 05:57:33 | 000,000,000 | ---- | C] () -- C:\WINDOWS\musicmaker.INI
[2008/04/13 05:43:05 | 000,038,912 | ---- | C] () -- C:\WINDOWS\System32\mgxasio.dll
[2008/04/13 05:39:34 | 000,006,642 | ---- | C] () -- C:\WINDOWS\mgxoschk.ini
[2008/04/09 15:58:24 | 000,000,112 | ---- | C] () -- C:\WINDOWS\ActiveSkin.INI
[2008/01/03 15:23:21 | 000,000,030 | ---- | C] () -- C:\WINDOWS\System32\UNWISE.INI
[2008/01/03 15:22:44 | 000,000,399 | ---- | C] () -- C:\WINDOWS\vtplus32.ini
[2008/01/03 15:22:38 | 000,032,135 | ---- | C] () -- C:\WINDOWS\Irremote.ini
[2008/01/03 15:22:30 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\dmcrypto.dll
[2008/01/03 15:22:08 | 000,159,744 | ---- | C] () -- C:\WINDOWS\System32\hcwChDB.dll
[2008/01/03 15:19:44 | 000,002,120 | ---- | C] () -- C:\WINDOWS\HCWPNP.INI
[2008/01/03 15:18:28 | 000,040,960 | R--- | C] () -- C:\WINDOWS\System32\bdadll.dll
[2008/01/03 15:18:18 | 000,363,520 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2007/12/25 11:54:04 | 000,000,864 | ---- | C] () -- C:\Dokumente und Einstellungen\***\reglog.txt
[2007/12/25 08:03:20 | 000,083,968 | ---- | C] () -- C:\Dokumente und Einstellungen\***\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2007/12/24 19:29:39 | 000,000,000 | ---- | C] () -- C:\WINDOWS\iPlayer.INI
[2007/12/23 06:48:12 | 000,000,507 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2007/12/23 06:45:50 | 000,000,000 | ---- | C] () -- C:\WINDOWS\tosOBEX.INI
[2007/12/21 09:17:32 | 000,000,140 | ---- | C] () -- C:\Dokumente und Einstellungen\***\Lokale Einstellungen\Anwendungsdaten\fusioncache.dat
[2007/12/21 08:14:18 | 008,126,464 | -H-- | C] () -- C:\Dokumente und Einstellungen\***\NTUSER.DAT
[2007/12/21 08:14:18 | 000,008,192 | -H-- | C] () -- C:\Dokumente und Einstellungen\***\ntuser.dat.LOG
[2007/12/21 08:14:18 | 000,000,300 | -HS- | C] () -- C:\Dokumente und Einstellungen\***\ntuser.ini
[2007/12/05 09:49:26 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2007/12/05 09:42:47 | 000,000,190 | -HS- | C] () -- C:\Dokumente und Einstellungen\Administrator\ntuser.ini
[2007/12/05 09:42:46 | 000,786,432 | -H-- | C] () -- C:\Dokumente und Einstellungen\Administrator\NTUSER.DAT
[2007/12/05 09:42:46 | 000,024,576 | -H-- | C] () -- C:\Dokumente und Einstellungen\Administrator\ntuser.dat.LOG
[2007/12/05 09:40:56 | 000,237,568 | -H-- | C] () -- C:\Dokumente und Einstellungen\NetworkService\NTUSER.DAT
[2007/12/05 09:40:56 | 000,237,568 | -H-- | C] () -- C:\Dokumente und Einstellungen\LocalService\NTUSER.DAT
[2007/12/05 09:40:56 | 000,008,192 | -H-- | C] () -- C:\Dokumente und Einstellungen\NetworkService\ntuser.dat.LOG
[2007/12/05 09:40:56 | 000,008,192 | -H-- | C] () -- C:\Dokumente und Einstellungen\LocalService\ntuser.dat.LOG
[2007/12/05 09:40:56 | 000,000,020 | -HS- | C] () -- C:\Dokumente und Einstellungen\NetworkService\ntuser.ini
[2007/12/05 09:40:56 | 000,000,020 | -HS- | C] () -- C:\Dokumente und Einstellungen\LocalService\ntuser.ini
[2007/12/05 09:32:28 | 001,019,904 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll
[2007/12/05 09:32:27 | 001,703,936 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll
[2007/12/05 09:32:25 | 000,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll
[2007/12/05 09:32:23 | 001,474,560 | ---- | C] () -- C:\WINDOWS\System32\nview.dll
[2007/12/05 09:31:50 | 000,172,032 | ---- | C] () -- C:\WINDOWS\System32\tifmicon.dll
[2007/12/05 09:31:44 | 000,000,998 | ---- | C] () -- C:\WINDOWS\System32\OemInfo.ini
[2007/12/05 09:31:27 | 000,262,144 | ---- | C] () -- C:\Windows\system32\config\systemprofile\ntuser.dat
[2007/12/05 09:31:27 | 000,008,192 | -H-- | C] () -- C:\Windows\system32\config\systemprofile\ntuser.dat.LOG
[2007/12/05 09:30:53 | 000,000,849 | ---- | C] () -- C:\WINDOWS\orun32.ini
[2006/12/05 08:05:06 | 000,114,688 | ---- | C] () -- C:\WINDOWS\System32\TosBtAcc.dll
[2005/07/22 16:30:20 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\TosCommAPI.dll
[2003/02/20 12:53:42 | 000,005,702 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI
[2001/07/06 22:00:00 | 000,003,254 | ---- | C] () -- C:\WINDOWS\System32\HPTCPMON.INI
 
========== LOP Check ==========
 
[2010/08/30 06:39:38 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\12CE49A3EB6D40E91B78314BBC4CE4F6
[2010/03/11 14:10:41 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Audacity
[2009/12/05 18:15:21 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Azureus
[2008/08/13 18:22:38 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\capella-software
[2010/08/30 06:38:58 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\DNA
[2008/11/03 07:25:12 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\ICQ
[2008/04/15 03:02:53 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\ICQ Toolbar
[2008/04/11 12:24:47 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Leadertech
[2008/04/13 05:57:40 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\MAGIX
[2009/10/23 09:57:53 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\NPLUTO Corporation
[2009/01/02 09:26:38 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\ProtectDisc
[2009/01/05 13:50:12 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Sony
[2009/05/18 05:50:01 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\streamripper
[2007/12/25 10:25:21 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\TOSHIBA
[2008/04/14 07:44:22 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Uniblue
[2009/10/08 06:39:57 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\ZapSpot
[2009/09/09 15:48:10 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\TOSHIBA
 
========== Purity Check ==========
 
 
< End of report >
--- --- ---

Swisstreasure 30.08.2010 20:08
Also wenn du das System un Normal oder abgesicherten modus starten willst geht es nicht?

Dendemann 30.08.2010 20:15
Nein, der Bildschirm bleibt schwarz und alle 30 Sekunden geht der Lüfter kurz aus und dann springt er wieder an.

Swisstreasure 30.08.2010 21:21
Fixen mit OTL
  • Starte die OTLPE.exe.
  • Vista und Windows 7 User: Rechtsklick auf die OTL.exe und "als Administrator ausführen" wählen.
  • Kopiere folgendes Skript:
    XXX ebenfalls wieder ersetzen!!!
Code:
:OTL
O4 - HKLM..\Run: [vucfcbae] C:\Dokumente und Einstellungen\Dominik\Lokale Einstellungen\Anwendungsdaten\bvuiqndun\cvoooakshdw.exe ()
O4 - HKU\***_ON_C..\Run: [vucfcbae] C:\Dokumente und Einstellungen\***\Lokale Einstellungen\Anwendungsdaten\bvuiqndun\cvoooakshdw.exe ()
O4 - HKU\***_ON_C..\Run: [ygekcce] c:\dokumente und einstellungen\***\lokale einstellungen\anwendungsdaten\ygekcce.exe File not found
O4 - Startup: C:\Dokumente und Einstellungen\***\Startmenü\Programme\Autostart\Zapu Acceleration Engine.lnk = C:\Programme\Zapu\Zapu\wincm.exe (IPortent)
O4 - Startup: C:\Dokumente und Einstellungen\***\Startmenü\Programme\Autostart\Zapu.lnk = C:\Programme\Zapu\Zapu\wDivi.exe (IPortent)
O32 - AutoRun File - [2006/03/24 07:06:41 | 000,000,053 | R--- | M] () - X:\AUTORUN.INF -- [ CDFS ]
[2010/08/30 03:52:00 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\12CE49A3EB6D40E91B78314BBC4CE4F6
[2010/08/30 03:55:56 | 000,000,000 | R--D | C] -- C:\Dokumente und Einstellungen\LocalService\Favoriten
[2010/08/30 03:53:28 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\***\Lokale Einstellungen\Anwendungsdaten\bvuiqndun
[2010/08/30 03:52:05 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\***\Lokale Einstellungen\Anwendungsdaten\Windows Server
[2010/08/30 03:52:00 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\12CE49A3EB6D40E91B78314BBC4CE4F6
[2009/04/04 15:52:05 | 000,313,542 | ---- | C] () -- C:\Dokumente und Einstellungen\***\Lokale Einstellungen\Anwendungsdaten\ygekcce_nav.dat
[2009/04/04 15:52:05 | 000,003,105 | ---- | C] () -- C:\Dokumente und Einstellungen\***\Lokale Einstellungen\Anwendungsdaten\ygekcce.dat
[2009/04/04 15:52:05 | 000,001,266 | ---- | C] () -- C:\Dokumente und Einstellungen\***\Lokale Einstellungen\Anwendungsdaten\ygekcce_navps.dat
[2008/04/20 08:07:10 | 001,440,047 | ---- | C] () -- C:\Programme\wrar371d.exe
[2010/08/30 06:39:38 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\12CE49A3EB6D40E91B78314BBC4CE4F6
:Files
C:\Dokumente und Einstellungen\***\Lokale Einstellungen\Anwendungsdaten\bvuiqndun
:Commands
[purity]
[emptytemp]

Dendemann 30.08.2010 22:27
Code:
========== OTL ==========
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\vucfcbae deleted successfully.
C:\Dokumente und Einstellungen\***\Lokale Einstellungen\Anwendungsdaten\bvuiqndun\cvoooakshdw.exe moved successfully.
Registry value HKEY_USERS\***_ON_C\Software\Microsoft\Windows\CurrentVersion\Run\\vucfcbae deleted successfully.
File C:\Dokumente und Einstellungen\***\Lokale Einstellungen\Anwendungsdaten\bvuiqndun\cvoooakshdw.exe not found.
Registry value HKEY_USERS\***_ON_C\Software\Microsoft\Windows\CurrentVersion\Run\\ygekcce deleted successfully.
C:\Dokumente und Einstellungen\***\Startmenü\Programme\Autostart\Zapu Acceleration Engine.lnk moved successfully.
C:\Programme\Zapu\Zapu\wincm.exe moved successfully.
C:\Dokumente und Einstellungen\***\Startmenü\Programme\Autostart\Zapu.lnk moved successfully.
C:\Programme\Zapu\Zapu\wDivi.exe moved successfully.
File move failed. X:\AUTORUN.INF scheduled to be moved on reboot.
C:\Dokumente und Einstellungen\***\Anwendungsdaten\12CE49A3EB6D40E91B78314BBC4CE4F6 folder moved successfully.
C:\Dokumente und Einstellungen\LocalService\Favoriten folder moved successfully.
C:\Dokumente und Einstellungen\***\Lokale Einstellungen\Anwendungsdaten\bvuiqndun folder moved successfully.
C:\Dokumente und Einstellungen\***\Lokale Einstellungen\Anwendungsdaten\Windows Server folder moved successfully.
Folder C:\Dokumente und Einstellungen\***\Anwendungsdaten\12CE49A3EB6D40E91B78314BBC4CE4F6\ not found.
C:\Dokumente und Einstellungen\***\Lokale Einstellungen\Anwendungsdaten\ygekcce_nav.dat moved successfully.
C:\Dokumente und Einstellungen\***\Lokale Einstellungen\Anwendungsdaten\ygekcce.dat moved successfully.
C:\Dokumente und Einstellungen\***\Lokale Einstellungen\Anwendungsdaten\ygekcce_navps.dat moved successfully.
C:\Programme\wrar371d.exe moved successfully.
Folder C:\Dokumente und Einstellungen\***\Anwendungsdaten\12CE49A3EB6D40E91B78314BBC4CE4F6\ not found.
========== FILES ==========
File\Folder C:\Dokumente und Einstellungen\***\Lokale Einstellungen\Anwendungsdaten\bvuiqndun not found.
========== COMMANDS ==========
 
[EMPTYTEMP]
 
User: Administrator
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
 
User: All Users
 
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes
 
User: ***
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 0 bytes
->Google Chrome cache emptied: 0 bytes
->Apple Safari cache emptied: 0 bytes
->Flash cache emptied: 0 bytes
 
User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
 
User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
 
User: ***
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes
 
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 0 bytes
 
Total Files Cleaned = 0.00 mb
 
 
OTLPE by OldTimer - Version 3.1.40.0 log created on 08312010_030245

Files\Folders moved on Reboot...
File move failed. X:\AUTORUN.INF scheduled to be moved on reboot.

Registry entries deleted on Reboot...

Swisstreasure 31.08.2010 06:55
Gib mir immer kurz Bescheid, wie es läuft.

Dendemann 31.08.2010 09:31
Ich konnte den abgesicherten Modus auswählen, jedoch ist er danach abgestürzt.

Swisstreasure 31.08.2010 10:58
Erstelle bitte ein neues OTL Log mit OTLPE und poste es hier.

Dendemann 31.08.2010 12:18
OTL EXTRAS Logfile:
Code:
OTL Extras logfile created on: 8/31/2010 8:07:09 PM - Run
OTLPE by OldTimer - Version 3.1.40.0    Folder = X:\Programs\OTLPE
Microsoft Windows XP Service Pack 2 (Version = 5.1.2600) - Type = SYSTEM
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
2.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 87.00% Memory free
2.00 Gb Paging File | 2.00 Gb Available in Paging File | 97.00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 77.63 Gb Total Space | 31.78 Gb Free Space | 40.93% Space Free | Partition Type: NTFS
Drive D: | 77.63 Gb Total Space | 59.77 Gb Free Space | 76.99% Space Free | Partition Type: NTFS
Drive E: | 77.62 Gb Total Space | 55.38 Gb Free Space | 71.34% Space Free | Partition Type: NTFS
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Drive X: | 433.24 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
 
Computer Name: REATOGO
Current User Name: SYSTEM
Logged in as Administrator.
 
Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard
Using ControlSet: ControlSet001
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
 
========== Shell Spawning ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
htmlfile [edit] -- "C:\Programme\Microsoft Office\OFFICE11\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Programme\Microsoft Office\OFFICE11\msohtmed.exe" /p %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Programme\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" File not found
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Programme\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" File not found
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 1
"FirewallDisableNotify" = 1
"UpdatesDisableNotify" = 1
"AntiVirusOverride" = 0
"FirewallOverride" = 0
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
 
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
 
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
 
========== Authorized Applications List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
 
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Programme\CyberLink\PowerDVD\PowerDVD.exe" = C:\Programme\CyberLink\PowerDVD\PowerDVD.exe:*:Enabled:CyberLink PowerDVD -- (CyberLink Corp.)
 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{02570AE0-BEE0-4A6C-BE3F-D806E9F2EA17}" = ScanSoft PaperPort 11
"{0A65A3BD-54B5-4d0d-B084-7688507813F5}" = SlideShow
"{0CB9668D-F979-4F31-B8B8-67FE90F929F8}" = Bonjour
"{13F3917B56CD4C25848BDC69916971BB}" = DivX Converter
"{15C0AF59-4877-49B6-B8C6-A61CE54515F5}" = cp_OnlineProjectsConfig
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{18D10072035C4515918F7E37EAFAACFC}" = AutoUpdate
"{1A2000AF-79DE-47FB-8411-BA22F981917F}" = Tropico 2: Die Pirateninsel
"{1A9DEF19-760C-4e01-958F-D9B8E6C61B90}" = c5100_Help
"{1E06D48E-5448-4BCC-9F87-9FB4EBD59898}" = SA30xx Media Converter
"{2227E1FA-01F5-483C-AB0E-2A308E900B3D}" = InterVideo FilterSDK for Hauppauge
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{2376813B-2E5A-4641-B7B3-A0D5ADB55229}" = HPPhotoSmartExpress
"{26A24AE4-039D-4CA4-87B4-2F83216010FF}" = Java(TM) 6 Update 10
"{289CDCBA-1E82-460A-9DCA-E9FB6BAC1A42}" = SA30xx Device Manager
"{2BC2781A-F7F6-452E-95EB-018A522F1B2C}" = PaperPort Image Printer
"{2E8EAC71-BFE4-417A-88F0-5A1BDFBCF5D3}" = Logitech SetPoint
"{2F58D60D-2BFD-4467-9B4D-64E7355C329D}" = Sonic_PrimoSDK
"{2FFE93F0-BB72-4E52-8761-354D1AAA9387}" = Sony Ericsson PC Suite 6.009.00
"{33BF0960-DBA3-4187-B6CC-C969FCFA2D25}" = SkinsHP1
"{350C97B3-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{363790D2-DA98-41DD-9C9F-69FA36B169DE}" = PanoStandAlone
"{36FDBE6E-6684-462B-AE98-9A39A1B200CC}" = HP Product Assistant
"{3D9892BB-A751-4E48-ADC8-E4289956CE1D}" = QuickTime
"{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}" = Logitech Registration
"{3FC7CBBC4C1E11DCA1A752EA55D89593}" = DivX Version Checker
"{41E776A5-9B12-416D-9A12-B4F7B044EBED}" = CP_Package_Basic1
"{45B8A76B-57EC-4242-B019-066400CD8428}" = BufferChm
"{4B9919E4-6E86-485A-82CC-4E353B221031}" = Nero 7 Essentials
"{4EA2F95F-A537-4d17-9E7F-6B3FF8D9BBE3}" = Microsoft Works
"{4EA684E9-5C81-4033-A696-3019EC57AC3A}" = HPProductAssistant
"{53EE9E42-CECB-4C92-BF76-9CA65DAF8F1C}" = FullDPAppQFolder
"{56918C0C-0D87-4CA6-92BF-4975A43AC719}" = KhalInstallWrapper
"{606BC780-101C-41DB-808D-4539BFA0774A}" = MobileMe Control Panel
"{60DE4033-9503-48D1-A483-7846BD217CA9}" = ICQ6.5
"{66910000-8B30-4973-A159-6371345AFFA5}" = WebReg
"{6696D9A4-28A8-4F5A-8E9A-2E8974C8C39C}" = RandMap
"{66E6CE0C-5A1E-430C-B40A-0C90FF1804A8}" = eSupportQFolder
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD
"{68763C27-235D-4165-A961-FDEA228CE504}" = AiOSoftwareNPI
"{6909F917-5499-482e-9AA1-FAD06A99F231}" = Toolbox
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{6BF66AED-3EA4-4106-B240-5CE96C9B76B0}" = Brother MFL-Pro Suite DCP-375CW
"{6F5E2F4A-377D-4700-B0E3-8F7F7507EA15}" = CustomerResearchQFolder
"{7131646D-CD3C-40F4-97B9-CD9E4E6262EF}" = Microsoft .NET Framework 2.0
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{736C803C-DD3B-4015-BC51-AFB9E67B9076}" = Readme
"{767CC44C-9BBC-438D-BAD3-FD4595DD148B}" = VC80CRTRedist - 8.0.50727.762
"{76E41F43-59D2-4F30-BA42-9A762EE1E8DE}" = Avanquest update
"{7B3F0113-E63C-4D6D-AF19-111A3165CCA2}" = Text-To-Speech-Runtime
"{7B63B2922B174135AFC0E1377DD81EC2}" = DivX Codec
"{7C03270C-4FAB-4F5C-B10D-52FEDA190790}" = DocumentViewerQFolder
"{7E7B7865-6C80-4373-8BC1-C2EB9431F9DE}" = ProductContextNPI
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110111700}" = Zuma Deluxe
"{8331C3EA-0C91-43AA-A4D4-27221C631139}" = Status
"{85991ED2-010C-4930-96FA-52F43C2CE98A}" = Apple Mobile Device Support
"{87E2B986-07E8-477a-93DC-AF0B6758B192}" = DocProcQFolder
"{8937FCB2-2FC6-4FC3-9FB5-DE2C92DB9C38}" = Microsoft .NET Framework 2.0 Language Pack - DEU
"{8A4CE7FD-9657-4B06-9943-E1819F3D5D67}" = DocProc
"{8ADFC4160D694100B5B8A22DE9DCABD9}" = DivX Player
"{8CC990CD-87C8-475C-AC32-8A7984E2FCFA}" = CDDRV_Installer
"{8CE4E6E9-9D55-43FB-9DDB-688C976BFC05}" = Unload
"{8D04F5C2-704D-4DB8-84FF-22300783D7F8}" = capella 2008
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel(R) Matrix Storage Manager
"{90850407-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Word Viewer 2003
"{91E30407-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{981029E0-7FC9-4CF3-AB39-6F133621921A}" = Skype Toolbars
"{98EA51C9-B0B0-45BC-8641-3E119EA47D7B}" = Sony Ericsson Media Manager 1.2
"{996512CF-F35B-48DE-9291-557FA5316967}" = ScannerCopy
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{A29800BA-0BF1-4E63-9F31-DF05A87F4104}" = InstantShareDevices
"{A43BF6A5-D5F0-4AAA-BF41-65995063EC44}" = MSXML 6.0 Parser
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A96E97134CA649888820BCDE5E300BBD}" = H.264 Decoder
"{AAC389499AEF40428987B3D30CFC76C9}" = MKV Splitter
"{AB5D51AE-EBC3-438D-872C-705C7C2084B0}" = DeviceManagementQFolder
"{AC76BA86-7AD7-1031-7B44-A91000000001}" = Adobe Reader 9.1.3 - Deutsch
"{AC76BA86-7AD7-5464-3428-900000000004}" = Spelling Dictionaries Support For Adobe Reader 9
"{AEF9DC35ADDF4825B049ACBFD1C6EB37}" = AAC Decoder
"{AFAC914D-9E83-4A89-8ABE-427521C82CCF}" = Safari
"{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter
"{B2157760-AA3C-4E2E-BFE6-D20BC52495D9}" = cp_PosterPrintConfig
"{B2D328BE-45AD-4D92-96F9-2151490A203E}" = Apple Application Support
"{B3B9BC18-2A09-4728-9B46-12E85FF3F628}" = C5100
"{B6286A44-7505-471A-A72B-04EC2DB2F442}" = CueTour
"{B69CFE29-FD03-4E0A-87A7-6ED97F98E5B3}" = CP_Panorama1Config
"{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Web Player
"{BDBE2F3E-42DB-4d4a-8CB1-19BA765DBC6C}" = HP Photosmart, Officejet and Deskjet 7.0.A
"{C1C6767D-B395-43CB-BF99-051B58B86DA6}" = PhotoGallery
"{C1E11C46-E6EB-4BD2-9ADF-2A98ACBEB216}" = iTunes
"{C7340571-7773-4A8C-9EBC-4E4243B38C76}" = Microsoft XML Parser
"{C7F54CF8-D6FB-4E0A-93A3-E68AE0D6C476}" = SolutionCenter
"{C8753E28-2680-49BF-BD48-DD38FD086EFE}" = AiO_Scan_CDA
"{C99EF05C-A49C-4C8C-902B-BD4B96A6F3A8}" = Keyboard Manager Utility
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CEBB6BFB-D708-4F99-A633-BC2600E01EF6}" = Bluetooth Stack for Windows by Toshiba
"{CF40ACC5-E1BB-4aff-AC72-04C2F616BCA7}" = getPlus(R) for Adobe
"{CFADE4AF-C0CF-4A04-A776-741318F1658F}" = Content Transfer
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.2
"{D16D8A48-65A4-4B19-8A02-DC9A40FB80C4}" = Norton Security Scan
"{DBC20735-34E6-4E97-A9E5-2066B66B243D}" = TrayApp
"{E1B80DEE-A795-4258-8445-074C06AE3AB8}" = MarketResearch
"{E78BFA60-5393-4C38-82AB-E8019E464EB4}" = Microsoft .NET Framework 1.1 German Language Pack
"{ED2C557E-9C18-41FF-B58E-A05EEF0B3B5F}" = CP_CalendarTemplates1
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F157460F-720E-482f-8625-AD7843891E5F}" = InstantShareDevicesMFC
"{F3760724-B29D-465B-BC53-E5D72095BCC4}" = Scan
"{F3BD8E81-C020-44F9-B014-1E0214D23556}" = SA30xx Media Converter
"{F6076EF9-08E1-442F-B6A2-BFB61B295A14}" = Fax_CDA
"{F7B0939E-58DF-11DF-B3A6-005056806466}" = Google Earth
"{FB15E224-67C3-491F-9F5C-F257BC418412}" = Destinations
"{FBB980B0-63F8-4B48-8D65-90F1D9F81D9F}" = NewCopy_CDA
"{FE57DE70-95DE-4B64-9266-84DA811053DB}" = HP Update
"{FE7E1DD7-EBCE-4696-ADE2-22BDBF2372DA}" = DocumentViewer
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11
"Alarm für Cobra 11" = Alarm für Cobra 11
"Album Cover Finder_is1" = Album Cover Finder v.6.5.0
"Ask Toolbar_is1" = Vuze Toolbar
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"AVS Audio Converter 5.1_is1" = AVS Audio Converter version 5.1
"AVS Audio Editor_is1" = AVS Audio Editor version 4.2
"AVS Update Manager_is1" = AVS Update Manager 1.0
"AVS4YOU Software Navigator_is1" = AVS4YOU Software Navigator 1.3
"AVS4YOU Video Converter 6_is1" = AVS Video Converter 6
"CamStudio" = CamStudio
"Cool Edit 2000" = Cool Edit 2000
"DivX Plus DirectShow Filters" = DivX Plus DirectShow Filters
"DriftCity_EU" = Drift City
"DXFSharpViewer 2" = DXF Sharp Viewer 2.0.21
"eMule" = eMule
"Firebird SQL Server D" = Firebird SQL Server - MAGIX Edition (D)
"Free 3GP Video Converter_is1" = Free 3GP Video Converter version 3.1
"Free Audio CD Burner_is1" = Free Audio CD Burner version 1.2
"Free Studio_is1" = Free Studio version 4.2
"Free YouTube Download_is1" = Free YouTube Download 2.2
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.2
"FreeStar Free AMR MP3 Converter" = FreeStar Free AMR MP3 Converter 1.0.1
"Google Chrome" = Google Chrome
"Google Updater" = Google Updater
"Hauppauge German Help Files and Resources" = Hauppauge German Help Files and Resources
"Hauppauge WinTV" = Hauppauge WinTV
"Hauppauge WinTV DVB-T EPG Service" = Hauppauge WinTV DVB-T EPG Service
"Hauppauge WinTV Infrared Remote" = Hauppauge WinTV Infrared Remote
"Hauppauge WinTV Scheduler" = Hauppauge WinTV Scheduler
"Hauppauge WinTV Soft PVR" = Hauppauge WinTV Soft PVR
"HHD Hex Editor 4.x" = HHD Software Free Hex Editor Neo 4.71
"HP Document Viewer" = HP Document Viewer 7.0
"HP Imaging Device Functions" = HP Imaging Device Functions 7.0
"HP Photo & Imaging" = HP Photosmart Premier Software 6.5
"HP Solution Center & Imaging Support Tools" = HP Solution Center 7.0
"HPExtendedCapabilities" = HP Customer Participation Program 7.0
"HPOCR" = OCR Software by I.R.I.S 7.0
"ICQToolbar" = ICQ Toolbar
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie7" = Windows Internet Explorer 7
"ie8" = Windows Internet Explorer 8
"InstallShield_{C99EF05C-A49C-4C8C-902B-BD4B96A6F3A8}" = Keyboard Manager Utility
"InterActual Player" = InterActual Player
"InternetGameBox" = InternetGameBox
"IrfanView" = IrfanView (remove only)
"IsoBuster Toolbar" = IsoBuster Toolbar
"IsoBuster_is1" = IsoBuster 2.4
"LilyPond" = LilyPond
"Luxor" = Luxor
"Magic Ball 2" = Magic Ball 2
"Magic ISO Maker v5.4 (build 0251)" = Magic ISO Maker v5.4 (build 0251)
"MAGIX Foto Manager 2007 D" = MAGIX Foto Manager 2007 (D)
"MAGIX music maker 2006 D" = MAGIX music maker 2006 (D)
"MAGIX Music Manager 2006 D" = MAGIX Music Manager 2006 (D)
"MAGIX Online Druck Service D" = MAGIX Online Druck Service (D)
"Microsoft .NET Framework 1.1  (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 2.0" = Microsoft .NET Framework 2.0
"Microsoft .NET Framework 2.0 Language Pack - DEU" = Microsoft .NET Framework 2.0 Language Pack - DEU
"Mozilla Firefox (3.0.11)" = Mozilla Firefox (3.0.11)
"MSNINST" = MSN
"Multi_Media_Germany Toolbar" = Multi_Media_Germany Toolbar
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"NSSSetup.{D16D8A48-65A4-4B19-8A02-DC9A40FB80C4}" = Norton Security Scan (Symantec Corporation)
"NVIDIA Drivers" = NVIDIA Drivers
"PRIME BACKUP" = PRIME BACKUP
"Radar Sync Bar" = Radar Sync Bar
"Rainbow Web 2" = Rainbow Web 2
"RealPlayer 6.0" = RealPlayer
"RegistryBooster 2_is1" = Uniblue RegistryBooster 2
"RTL Winter Sports 2009 (Demo)" = RTL Winter Sports 2009 (Demo)
"Secured eMule" = Secured eMule
"Share Accelerator MM Toolbar" = Share Accelerator MM Toolbar
"SMSERIAL" = Motorola SM56 Data Fax Modem
"Squash It" = Squash It
"Steam" = Steam
"Streamripper" = Streamripper (Remove only)
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"Uninstall_is1" = Uninstall 1.0.0.1
"Veoh Video Compass" = Veoh Video Compass
"Veoh Web Player Beta" = Veoh Web Player
"VLC media player" = VLC media player 0.9.9
"VTPlus32 für WinTV (German)" = VTPlus32 für WinTV (German)
"Vuze" = Vuze
"Wall Street Guru" = Wall Street Guru Beta 1.0
"Wdf01005" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
"Wild Races_is1" = Wild Races
"Winamp" = Winamp
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"WinGimp-2.0_is1" = GIMP 2.6.6
"WinRAR archiver" = WinRAR
"WMFDist11" = Windows Media Format 11 runtime
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"Xilisoft Video Converter Standard" = Xilisoft Video Converter Standard
"ygekcce" = Favorit
"Zapu - The Share Accelerator" = Zapu - The Share Accelerator
"ZDFsport_Bildschirmschoner" = ZDFsport_Bildschirmschoner Screen Saver
"Zuma Deluxe" = Zuma Deluxe
 
========== HKEY_USERS Uninstall List ==========
 
[HKEY_USERS\***_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Antimalware Doctor" = Antimalware Doctor
"BitTorrent DNA" = DNA
"sc09-DE_SEVENONE_MAIN" = Big Pizza Ski Challenge 2009
"sc10-DE_SEVENONE_MAIN" = Big Pizza Ski Challenge 2010
"tc08-DE_SEVENONE_MAIN" = IKK Direkt Mountainbike Challenge 08
 
< End of report >
--- --- ---

Dendemann 31.08.2010 12:33
OTL Logfile:
Code:
OTL logfile created on: 8/31/2010 8:07:09 PM - Run
OTLPE by OldTimer - Version 3.1.40.0    Folder = X:\Programs\OTLPE
Microsoft Windows XP Service Pack 2 (Version = 5.1.2600) - Type = SYSTEM
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
2.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 87.00% Memory free
2.00 Gb Paging File | 2.00 Gb Available in Paging File | 97.00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 77.63 Gb Total Space | 31.78 Gb Free Space | 40.93% Space Free | Partition Type: NTFS
Drive D: | 77.63 Gb Total Space | 59.77 Gb Free Space | 76.99% Space Free | Partition Type: NTFS
Drive E: | 77.62 Gb Total Space | 55.38 Gb Free Space | 71.34% Space Free | Partition Type: NTFS
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Drive X: | 433.24 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
 
Computer Name: REATOGO
Current User Name: SYSTEM
Logged in as Administrator.
 
Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard
Using ControlSet: ControlSet001
 
========== Win32 Services (SafeList) ==========
 
SRV - File not found [On_Demand] -- C:\Programme\NOS\bin\getPlus_HelperSvc.exe -- (getPlus(R) Helper) getPlus(R)
SRV - [2010/06/10 15:03:08 | 000,144,176 | ---- | M] (Apple Inc.) [Auto] -- C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2009/07/21 08:34:28 | 000,185,089 | ---- | M] (Avira GmbH) [Auto] -- C:\Programme\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2009/06/01 16:20:12 | 000,222,968 | ---- | M] () [Auto] -- C:\Programme\ICQ6Toolbar\ICQ Service.exe -- (ICQ Service)
SRV - [2009/05/13 10:48:18 | 000,108,289 | ---- | M] (Avira GmbH) [Auto] -- C:\Programme\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2009/04/30 07:23:26 | 000,090,112 | ---- | M] () [Auto] -- C:\Programme\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe -- (OMSI download service)
SRV - [2008/11/12 17:37:24 | 000,464,264 | ---- | M] () [Auto] -- C:\Programme\AskBarDis\bar\bin\AskService.exe -- (ASKService)
SRV - [2007/09/05 12:46:02 | 000,374,272 | ---- | M] (Hauppauge Computer Works) [Auto] -- C:\Programme\WinTV\EPG Services\System\EPGService.exe -- (EPGService)
SRV - [2007/08/09 03:27:52 | 000,073,728 | ---- | M] (HP) [Auto] -- C:\Windows\system32\HPZipm12.exe -- (Pml Driver HPZ12)
SRV - [2007/07/12 11:36:12 | 000,354,840 | ---- | M] (Intel Corporation) [Auto] -- C:\Programme\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON) Intel(R)
SRV - [2007/02/25 16:55:18 | 000,125,048 | ---- | M] (TOSHIBA CORPORATION) [Auto] -- c:\Programme\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe -- (TOSHIBA Bluetooth Service)
SRV - [2005/11/17 08:18:52 | 001,527,900 | ---- | M] (MAGIX®) [On_Demand] -- C:\MAGIX\Common\Database\bin\fbserver.exe -- (FirebirdServerMAGIXInstance)
SRV - [2005/04/03 19:41:10 | 000,069,632 | ---- | M] (Macrovision Corporation) [On_Demand] -- C:\Programme\Gemeinsame Dateien\InstallShield\Driver\11\Intel 32\IDriverT.exe -- (IDriverT)
SRV - [2003/07/28 07:28:22 | 000,089,136 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE -- (ose)
SRV - [2003/06/19 18:25:00 | 000,322,120 | ---- | M] (Microsoft Corporation) [Auto] -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7DEBUG\MDM.EXE -- (MDM)
 
 
========== Driver Services (SafeList) ==========
 
DRV - File not found [Kernel | On_Demand] --  -- (WDICA)
DRV - File not found [Kernel | On_Demand] --  -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand] --  -- (PDRELI)
DRV - File not found [Kernel | On_Demand] --  -- (PDFRAME)
DRV - File not found [Kernel | On_Demand] --  -- (PDCOMP)
DRV - File not found [Kernel | System] --  -- (PCIDump)
DRV - File not found [Kernel | System] --  -- (lbrtfdc)
DRV - File not found [Kernel | System] --  -- (i2omgmt)
DRV - File not found [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\EagleNT.sys -- (EagleNT)
DRV - File not found [Kernel | System] --  -- (Changer)
DRV - [2009/12/07 15:20:06 | 000,056,816 | ---- | M] (Avira GmbH) [File_System | Auto] -- C:\Windows\system32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2009/05/11 04:12:20 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System] -- C:\Windows\system32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2009/03/30 04:33:03 | 000,096,104 | ---- | M] (Avira GmbH) [Kernel | System] -- C:\Windows\system32\drivers\avipbb.sys -- (avipbb)
DRV - [2009/02/13 06:35:01 | 000,011,608 | ---- | M] (Avira GmbH) [Kernel | System] -- C:\Programme\Avira\AntiVir Desktop\avgio.sys -- (avgio)
DRV - [2008/06/03 20:34:08 | 000,122,024 | ---- | M] (MCCI Corporation) [Kernel | On_Demand] -- C:\Windows\system32\drivers\s1018mdm.sys -- (s1018mdm)
DRV - [2008/06/03 20:34:08 | 000,115,368 | ---- | M] (MCCI Corporation) [Kernel | On_Demand] -- C:\Windows\system32\drivers\s1018mgmt.sys -- (s1018mgmt) Sony Ericsson Device 1018 USB WMC Device Management Drivers (WDM)
DRV - [2008/06/03 20:34:08 | 000,090,408 | ---- | M] (MCCI Corporation) [Kernel | On_Demand] -- C:\Windows\system32\drivers\s1018bus.sys -- (s1018bus) Sony Ericsson Device 1018 driver (WDM)
DRV - [2008/06/03 20:34:08 | 000,025,768 | ---- | M] (MCCI Corporation) [Kernel | On_Demand] -- C:\Windows\system32\drivers\s1018nd5.sys -- (s1018nd5) Sony Ericsson Device 1018 USB Ethernet Emulation (NDIS)
DRV - [2008/06/03 20:34:06 | 000,117,544 | ---- | M] (MCCI Corporation) [Kernel | On_Demand] -- C:\Windows\system32\drivers\s1018unic.sys -- (s1018unic) Sony Ericsson Device 1018 USB Ethernet Emulation (WDM)
DRV - [2008/06/03 20:34:06 | 000,111,784 | ---- | M] (MCCI Corporation) [Kernel | On_Demand] -- C:\Windows\system32\drivers\s1018obex.sys -- (s1018obex)
DRV - [2008/06/03 20:34:06 | 000,015,016 | ---- | M] (MCCI Corporation) [Kernel | On_Demand] -- C:\Windows\system32\drivers\s1018mdfl.sys -- (s1018mdfl)
DRV - [2008/05/26 23:41:46 | 000,122,152 | ---- | M] (MCCI Corporation) [Kernel | On_Demand] -- C:\Windows\system32\drivers\s0017mdm.sys -- (s0017mdm)
DRV - [2008/05/26 23:41:46 | 000,117,672 | ---- | M] (MCCI Corporation) [Kernel | On_Demand] -- C:\Windows\system32\drivers\s0017unic.sys -- (s0017unic) Sony Ericsson Device 0017 USB Ethernet Emulation SEMC0017 (WDM)
DRV - [2008/05/26 23:41:46 | 000,111,912 | ---- | M] (MCCI Corporation) [Kernel | On_Demand] -- C:\Windows\system32\drivers\s0017obex.sys -- (s0017obex)
DRV - [2008/05/26 23:41:46 | 000,090,536 | ---- | M] (MCCI Corporation) [Kernel | On_Demand] -- C:\Windows\system32\drivers\s0017bus.sys -- (s0017bus) Sony Ericsson Device 0017 driver (WDM)
DRV - [2008/05/26 23:41:46 | 000,015,016 | ---- | M] (MCCI Corporation) [Kernel | On_Demand] -- C:\Windows\system32\drivers\s0017mdfl.sys -- (s0017mdfl)
DRV - [2008/05/26 23:41:44 | 000,115,496 | ---- | M] (MCCI Corporation) [Kernel | On_Demand] -- C:\Windows\system32\drivers\s0017mgmt.sys -- (s0017mgmt) Sony Ericsson Device 0017 USB WMC Device Management Drivers (WDM)
DRV - [2008/05/26 23:41:44 | 000,025,768 | ---- | M] (MCCI Corporation) [Kernel | On_Demand] -- C:\Windows\system32\drivers\s0017nd5.sys -- (s0017nd5) Sony Ericsson Device 0017 USB Ethernet Emulation SEMC0017 (NDIS)
DRV - [2008/04/13 05:53:26 | 000,101,376 | ---- | M] (Protect Software GmbH) [Kernel | Auto] -- C:\Windows\system32\drivers\ACEDRV07.sys -- (ACEDRV07)
DRV - [2008/01/09 07:28:34 | 000,027,632 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand] -- C:\Windows\system32\drivers\seehcri.sys -- (seehcri)
DRV - [2007/07/12 11:35:02 | 000,305,176 | ---- | M] (Intel Corporation) [Kernel | Boot] -- C:\Windows\system32\drivers\iaStor.sys -- (IASTOR)
DRV - [2007/07/10 03:56:34 | 004,449,280 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand] -- C:\Windows\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2007/05/22 16:35:00 | 006,346,688 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand] -- C:\Windows\system32\drivers\nv4_mini.sys -- (nv)
DRV - [2007/05/11 05:38:37 | 002,206,976 | ---- | M] (Intel Corporation) [Kernel | On_Demand] -- C:\Windows\system32\drivers\NETw4x32.sys -- (NETw4x32) Intel(R)
DRV - [2007/04/11 09:32:58 | 000,036,112 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand] -- C:\Windows\system32\drivers\LMouFilt.Sys -- (LMouFilt)
DRV - [2007/04/11 09:32:52 | 000,034,832 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand] -- C:\Windows\system32\drivers\LHidFilt.Sys -- (LHidFilt)
DRV - [2007/03/30 12:19:08 | 000,041,856 | ---- | M] (TOSHIBA CORPORATION) [Kernel | On_Demand] -- C:\Windows\system32\drivers\tosrfusb.sys -- (tosrfusb)
DRV - [2007/03/13 04:12:00 | 000,255,232 | ---- | M] (Marvell) [Kernel | On_Demand] -- C:\Windows\system32\drivers\yk51x86.sys -- (yukonwxp)
DRV - [2007/03/01 11:53:12 | 000,073,728 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand] -- C:\Windows\system32\drivers\Tosrfhid.sys -- (Tosrfhid)
DRV - [2007/02/22 14:56:24 | 000,113,920 | ---- | M] (TOSHIBA CORPORATION) [Kernel | On_Demand] -- C:\Windows\system32\drivers\tosrfbd.sys -- (tosrfbd)
DRV - [2007/02/01 03:38:54 | 000,033,792 | ---- | M] (KM Software Team) [Kernel | On_Demand] -- C:\Windows\system32\drivers\qkbfiltr.sys -- (qkbfiltr)
DRV - [2007/01/29 20:20:04 | 000,361,728 | R--- | M] (eMPIA Technology, Inc.) [Kernel | On_Demand] -- C:\Windows\system32\drivers\emBDA.sys -- (USB28xxBGA)
DRV - [2007/01/29 20:19:48 | 000,039,680 | R--- | M] (eMPIA Technology, Inc.) [Kernel | On_Demand] -- C:\Windows\system32\drivers\emOEM.sys -- (USB28xxOEM)
DRV - [2007/01/22 05:43:26 | 000,053,376 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand] -- C:\Windows\system32\drivers\TosRfSnd.sys -- (TosRfSnd)
DRV - [2006/11/22 12:35:00 | 000,982,272 | ---- | M] (Motorola Inc.) [Kernel | On_Demand] -- C:\Windows\system32\drivers\smserial.sys -- (smserial)
DRV - [2006/11/20 12:55:16 | 000,036,480 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand] -- C:\Windows\system32\drivers\tosrfbnp.sys -- (tosrfbnp)
DRV - [2006/10/10 14:33:00 | 000,041,600 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand] -- C:\Windows\system32\drivers\tosporte.sys -- (tosporte)
DRV - [2006/09/19 08:28:00 | 000,036,608 | R--- | M] (Infineon Technologies AG) [Kernel | On_Demand] -- C:\Windows\system32\drivers\ifxtpm.sys -- (IFXTPM)
DRV - [2006/07/06 21:44:00 | 000,168,448 | ---- | M] (Texas Instruments) [Kernel | On_Demand] -- C:\Windows\system32\drivers\tifm21.sys -- (tifm21)
DRV - [2006/06/16 09:40:56 | 000,193,120 | ---- | M] (Synaptics, Inc.) [Kernel | On_Demand] -- C:\Windows\system32\drivers\SynTP.sys -- (SynTP)
DRV - [2006/02/28 08:00:00 | 000,032,640 | ---- | M] (LSI Logic) [Kernel | Boot] -- C:\Windows\system32\drivers\symc8xx.sys -- (symc8xx)
DRV - [2006/02/28 08:00:00 | 000,030,688 | ---- | M] (LSI Logic) [Kernel | Boot] -- C:\Windows\system32\drivers\sym_u3.sys -- (sym_u3)
DRV - [2005/08/01 11:45:00 | 000,064,896 | ---- | M] (TOSHIBA Corporation) [Kernel | System] -- C:\Windows\system32\drivers\tosrfcom.sys -- (Tosrfcom)
DRV - [2005/04/04 10:25:00 | 000,015,340 | ---- | M] (NT Kernel Resources) [Kernel | Boot] -- C:\WINDOWS\System32\drivers\ndisrd.sys -- (ndisrd)
DRV - [2005/01/07 12:07:18 | 000,138,752 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand] -- C:\Windows\system32\drivers\Hdaudbus.sys -- (HDAudBus)
DRV - [2005/01/06 08:42:00 | 000,018,612 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand] -- C:\Windows\system32\drivers\tosrfnds.sys -- (tosrfnds)
DRV - [2004/08/03 18:10:14 | 000,015,360 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\system32\drivers\MPE.sys -- (MPE)
DRV - [2004/08/03 18:07:56 | 000,059,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\system32\drivers\USBAUDIO.sys -- (usbaudio) USB-Audiotreiber (WDM)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
 
 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
IE - HKU\***_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = MSN, Messenger und Hotmail sowie Nachrichten, Unterhaltung, Video, Sport, Lifestyle, Finanzen, Auto uvm. bei MSN
IE - HKU\***_ON_C\..\URLSearchHook:  - Reg Error: Key error. File not found
IE - HKU\***_ON_C\..\URLSearchHook: {266fcdca-7bb3-4da7-b3bf-f845dea2ebd6} - C:\Programme\IsoBuster\tbIso0.dll File not found
IE - HKU\***_ON_C\..\URLSearchHook: {4596013b-6c31-408b-a266-deae5c086dc2} - C:\Programme\Share_Accelerator_MM\tbSha1.dll (Conduit Ltd.)
IE - HKU\***_ON_C\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Programme\ICQ6Toolbar\ICQToolBar.dll (ICQ)
IE - HKU\Dominik_ON_C\..\URLSearchHook: {dac6ed64-8dd1-4ab8-aedf-b97892d28ffe} - C:\Programme\Multi_Media_Germany\tbMult.dll (Conduit Ltd.)
IE - HKU\***_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1
IE - HKU\***_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>
IE - HKU\***_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" =
 
 
 
IE - HKU\***_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = MSN, Messenger und Hotmail sowie Nachrichten, Unterhaltung, Video, Sport, Lifestyle, Finanzen, Auto uvm. bei MSN
IE - HKU\***_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
IE - HKU\***_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 34 29 93 1C 67 97 CA 01  [binary data]
IE - HKU\***_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
FF - HKLM\software\mozilla\Firefox\extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\Programme\Real\RealPlayer\browserrecord [2009/05/18 04:43:44 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.11\extensions\\Components: C:\Programme\Mozilla Firefox\components [2010/06/23 16:40:48 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.11\extensions\\Plugins: C:\Programme\Mozilla Firefox\plugins [2010/06/23 16:40:48 | 000,000,000 | ---D | M]
 
[2010/08/30 06:36:16 | 000,000,000 | ---D | M] -- C:\Programme\Mozilla Firefox\extensions
[2009/08/15 17:40:43 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
[2008/03/15 09:56:14 | 000,001,392 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\amazondotcom-de.xml
[2008/10/13 14:34:40 | 000,002,344 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\eBay-de.xml
[2008/02/19 10:40:48 | 000,006,805 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\leo_ende_de.xml
[2006/12/03 11:59:22 | 000,000,986 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\wikipedia-de.xml
[2006/11/17 07:19:24 | 000,000,801 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2006/02/28 08:00:00 | 000,000,820 | ---- | M]) - C:\Windows\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1      localhost
O2 - BHO: (XTTBPos00 Class) - {055FD26D-3A88-4e15-963D-DC8493744B1D} - C:\Programme\ICQToolbar\toolbaru.dll (ICQ Inc.)
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (AskBar BHO) - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Programme\AskBarDis\bar\bin\askBar.dll (Ask.com)
O2 - BHO: (IsoBuster Toolbar) - {266fcdca-7bb3-4da7-b3bf-f845dea2ebd6} - C:\Programme\IsoBuster\tbIso0.dll File not found
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Programme\Real\RealPlayer\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (Share Accelerator MM Toolbar) - {4596013b-6c31-408b-a266-deae5c086dc2} - C:\Programme\Share_Accelerator_MM\tbSha1.dll (Conduit Ltd.)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Programme\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O2 - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programme\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll (Google Inc.)
O2 - BHO: (Google Dictionary Compression sdch) - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Programme\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll (Google Inc.)
O2 - BHO: (Multi Media Germany Toolbar) - {dac6ed64-8dd1-4ab8-aedf-b97892d28ffe} - C:\Programme\Multi_Media_Germany\tbMult.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Veoh Web Player Video Finder) - {0FBB9689-D3D7-4f7a-A2E2-585B10099BFC} - C:\Programme\Veoh Networks\VeohWebPlayer\VeohIEToolbar.dll File not found
O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Programme\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (IsoBuster Toolbar) - {266fcdca-7bb3-4da7-b3bf-f845dea2ebd6} - C:\Programme\IsoBuster\tbIso0.dll File not found
O3 - HKLM\..\Toolbar: (Ask Toolbar) - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Programme\AskBarDis\bar\bin\askBar.dll (Ask.com)
O3 - HKLM\..\Toolbar: (Share Accelerator MM Toolbar) - {4596013b-6c31-408b-a266-deae5c086dc2} - C:\Programme\Share_Accelerator_MM\tbSha1.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Veoh Video Compass) - {52836EB0-631A-47B1-94A6-61F9D9112DAE} - C:\Programme\Veoh Networks\Veoh Video Compass\SearchRecsPlugin.dll File not found
O3 - HKLM\..\Toolbar: (ICQToolBar) - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Programme\ICQ6Toolbar\ICQToolBar.dll (ICQ)
O3 - HKLM\..\Toolbar: (Multi Media Germany Toolbar) - {dac6ed64-8dd1-4ab8-aedf-b97892d28ffe} - C:\Programme\Multi_Media_Germany\tbMult.dll (Conduit Ltd.)
O3 - HKU\***_ON_C\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Programme\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKU\***_ON_C\..\Toolbar\WebBrowser: (IsoBuster Toolbar) - {266FCDCA-7BB3-4DA7-B3BF-F845DEA2EBD6} - C:\Programme\IsoBuster\tbIso0.dll File not found
O3 - HKU\***_ON_C\..\Toolbar\WebBrowser: (Share Accelerator MM Toolbar) - {4596013B-6C31-408B-A266-DEAE5C086DC2} - C:\Programme\Share_Accelerator_MM\tbSha1.dll (Conduit Ltd.)
O3 - HKU\***_ON_C\..\Toolbar\WebBrowser: (ICQToolBar) - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Programme\ICQ6Toolbar\ICQToolBar.dll (ICQ)
O3 - HKU\***ON_C\..\Toolbar\WebBrowser: (Multi Media Germany Toolbar) - {DAC6ED64-8DD1-4AB8-AEDF-B97892D28FFE} - C:\Programme\Multi_Media_Germany\tbMult.dll (Conduit Ltd.)
O3 - HKU\***_ON_C\..\Toolbar\ShellBrowser: (Share Accelerator MM Toolbar) - {4596013B-6C31-408B-A266-DEAE5C086DC2} - C:\Programme\Share_Accelerator_MM\tbSha1.dll (Conduit Ltd.)
O3 - HKU\***_ON_C\..\Toolbar\ShellBrowser: (Multi Media Germany Toolbar) - {DAC6ED64-8DD1-4AB8-AEDF-B97892D28FFE} - C:\Programme\Multi_Media_Germany\tbMult.dll (Conduit Ltd.)
O3 - HKU\***_ON_C\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Programme\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKU\***_ON_C\..\Toolbar\WebBrowser: (IsoBuster Toolbar) - {266FCDCA-7BB3-4DA7-B3BF-F845DEA2EBD6} - C:\Programme\IsoBuster\tbIso0.dll File not found
O3 - HKU\***_ON_C\..\Toolbar\WebBrowser: (Ask Toolbar) - {3041D03E-FD4B-44E0-B742-2D9B88305F98} - C:\Programme\AskBarDis\bar\bin\askBar.dll (Ask.com)
O3 - HKU\***_ON_C\..\Toolbar\WebBrowser: (Share Accelerator MM Toolbar) - {4596013B-6C31-408B-A266-DEAE5C086DC2} - C:\Programme\Share_Accelerator_MM\tbSha1.dll (Conduit Ltd.)
O3 - HKU\***_ON_C\..\Toolbar\WebBrowser: (Multi Media Germany Toolbar) - {DAC6ED64-8DD1-4AB8-AEDF-B97892D28FFE} - C:\Programme\Multi_Media_Germany\tbMult.dll (Conduit Ltd.)
O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\ALCMTR.EXE (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [AppleSyncNotifier] C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\AppleSyncNotifier.exe (Apple Inc.)
O4 - HKLM..\Run: [asmcoxenwr.tmp] C:\DOKUME~1\Dominik\LOKALE~1\Temp\asmcoxenwr.tmp File not found
O4 - HKLM..\Run: [avgnt] C:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [BluetoothAuthenticationAgent] C:\WINDOWS\System32\bthprops.cpl (Microsoft Corporation)
O4 - HKLM..\Run: [BrMfcWnd] C:\Programme\Brother\Brmfcmon\BrMfcWnd.exe (Brother Industries, Ltd.)
O4 - HKLM..\Run: [ContentTransferWMDetector.exe] C:\Programme\Sony\Content Transfer\ContentTransferWMDetector.exe (Sony Corporation)
O4 - HKLM..\Run: [ControlCenter3] C:\Programme\Brother\ControlCenter3\brctrcen.exe (Brother Industries, Ltd.)
O4 - HKLM..\Run: [EPGServiceTool] C:\Programme\WinTV\EPG Services\System\EPGClient.exe (Hauppauge Inc.)
O4 - HKLM..\Run: [HCWemmon] C:\WINDOWS\HCWemmon.exe (eMPIA Technology, Inc.)
O4 - HKLM..\Run: [IAAnotif] C:\Programme\Intel\Intel Matrix Storage Manager\Iaanotif.exe (Intel Corporation)
O4 - HKLM..\Run: [IndexSearch] C:\Programme\ScanSoft\PaperPort\IndexSearch.exe (Nuance Communications, Inc.)
O4 - HKLM..\Run: [Kernel and Hardware Abstraction Layer] C:\WINDOWS\KHALMNPR.Exe (Logitech Inc.)
O4 - HKLM..\Run: [Keyboard Manager Utility] C:\Programme\Keyboard Manager\Manager Utility\KeyboardManager.exe (Quanta Computer, INC.)
O4 - HKLM..\Run: [LanguageShortcut] C:\Programme\CyberLink\PowerDVD\Language\Language.exe ()
O4 - HKLM..\Run: [NeroFilterCheck] C:\Programme\Gemeinsame Dateien\Ahead\Lib\NeroCheck.exe (Nero AG)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe ()
O4 - HKLM..\Run: [PaperPort PTD] C:\Programme\ScanSoft\PaperPort\pptd40nt.exe (Nuance Communications, Inc.)
O4 - HKLM..\Run: [PPort11reminder] C:\Programme\ScanSoft\PaperPort\Ereg\Ereg.exe (Nuance Communications, Inc.)
O4 - HKLM..\Run: [SMSERIAL] C:\Programme\Motorola\SMSERIAL\sm56hlpr.exe (Motorola Inc.)
O4 - HKLM..\Run: [SSBkgdUpdate] C:\Programme\Gemeinsame Dateien\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe (Nuance Communications, Inc.)
O4 - HKLM..\Run: [SynTPEnh] C:\Programme\Synaptics\SynTP\SynTPEnh.exe File not found
O4 - HKLM..\Run: [TkBellExe] C:\Programme\Gemeinsame Dateien\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
O4 - HKU\***_ON_C..\Run: [BitTorrent DNA] C:\Programme\DNA\btdna.exe (BitTorrent, Inc.)
O4 - HKU\***_ON_C..\Run: [mediafix70700en02.exe] C:\Dokumente und Einstellungen\Dominik\Anwendungsdaten\12CE49A3EB6D40E91B78314BBC4CE4F6\mediafix70700en02.exe File not found
O4 - HKU\***_ON_C..\Run: [NCLaunch] C:\Windows\NCLAUNCH.EXe (Northcode Inc.)
O4 - HKU\***_ON_C..\Run: [Sony Ericsson PC Suite] C:\Programme\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe (Sony Ericsson Mobile Communications AB)
O4 - HKU\***_ON_C..\Run: [Steam] C:\Programme\Steam\Steam.exe (Valve Corporation)
O4 - HKU\***_ON_C..\Run: [swg] C:\Programme\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
O4 - HKU\Dominik_ON_C..\Run: [VeohPlugin] C:\Programme\Veoh Networks\VeohWebPlayer\veohwebplayer.exe File not found
O4 - HKU\***_ON_C..\Run: [swg] C:\Programme\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\AutoStart IR.lnk = C:\Programme\WinTV\Ir.exe (Hauppauge Computer Works)
O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\Bluetooth Manager.lnk = C:\Programme\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe (TOSHIBA CORPORATION.)
O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\HP Photosmart Premier – Schnellstart.lnk = C:\Programme\HP\Digital Imaging\bin\hpqthb08.exe (Hewlett-Packard Development Company, L.P.)
O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\Logitech SetPoint.lnk = C:\Programme\Logitech\SetPoint\SetPoint.exe (Logitech Inc.)
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\Administrator_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\***_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\LocalService_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\NetworkService_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\***_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9 - Extra Button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Programme\ICQ6.5\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Programme\ICQ6.5\ICQ.exe (ICQ, LLC.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} hxxp://download.microsoft.com/download/C/0/C/C0CBBA88-A6F2-48D9-9B0E-1719D1177202/LegitCheckControl.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} hxxp://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1198241952502 (WUWebControl Class)
O16 - DPF: {7E980B9B-8AE5-466A-B6D6-DA8CF814E78A} hxxp://icq.oberon-media.com/online//online2/luxor/mjolauncher.cab (MJLauncherCtrl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_10-windows-i586.cab (Java Plug-in 1.6.0_10)
O16 - DPF: {CAFEEFAC-0016-0000-0010-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_10-windows-i586.cab (Java Plug-in 1.6.0_10)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_10-windows-i586.cab (Java Plug-in 1.6.0_10)
O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} hxxp://wwwimages.adobe.com/www.adobe.com/products/acrobat/nos/gp.cab (get_atlcom Class)
O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} hxxp://games.icq.com/online/online2/zuma/popcaploader_v6.cab (PopCapLoader Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Web Components\10\OWC10.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Web Components\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Gemeinsame Dateien\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18 - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O24 - Desktop Components:0 (Die derzeitige Homepage) - About:Home
O24 - Desktop WallPaper: C:\Windows\Web\Wallpaper\Grüne Idylle.bmp
O24 - Desktop BackupWallPaper: C:\Windows\Web\Wallpaper\Grüne Idylle.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/03/24 07:06:41 | 000,000,053 | R--- | M] () - X:\AUTORUN.INF -- [ CDFS ]
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
========== Files/Folders - Created Within 30 Days ==========
 
[2010/08/30 20:00:36 | 000,552,960 | R--- | C] (OldTimer Tools) -- C:\OTLPE.exe
[2010/08/30 20:00:35 | 000,000,000 | ---D | C] -- C:\_OTL
[2010/08/30 16:55:08 | 000,000,000 | --SD | C] -- C:\Dokumente und Einstellungen\Administrator\IETldCache
[2010/08/13 18:11:11 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\Anwendungsdaten\Temp
[2008/07/15 15:12:04 | 023,766,320 | ---- | C] (Apple Inc.) -- C:\Programme\QuickTimeInstaller.exe
[2008/04/23 08:28:47 | 059,782,440 | ---- | C] (Apple Inc.) -- C:\Programme\iTunesSetup.exe
[2006/02/18 22:28:56 | 000,012,288 | ---- | C] (Hewlett-Packard Development Company, L.P.) -- C:\Windows\Fonts\RandFont.dll
 
========== Files - Modified Within 30 Days ==========
 
[2010/08/31 11:24:45 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010/08/31 04:24:56 | 000,786,432 | -H-- | M] () -- C:\Dokumente und Einstellungen\Administrator\NTUSER.DAT
[2010/08/31 03:09:24 | 008,126,464 | -H-- | M] () -- C:\Dokumente und Einstellungen\***\NTUSER.DAT
[2010/08/30 06:48:00 | 000,001,088 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2010/08/30 06:28:00 | 000,001,044 | ---- | M] () -- C:\WINDOWS\tasks\Google Software Updater.job
[2010/08/30 03:18:41 | 000,001,084 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2010/08/30 03:16:50 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010/08/29 18:32:48 | 000,237,568 | -H-- | M] () -- C:\Dokumente und Einstellungen\NetworkService\NTUSER.DAT
[2010/08/29 18:32:48 | 000,237,568 | -H-- | M] () -- C:\Dokumente und Einstellungen\LocalService\NTUSER.DAT
[2010/08/29 18:32:41 | 000,000,012 | ---- | M] () -- C:\WINDOWS\bthservsdp.dat
[2010/08/29 18:32:00 | 000,024,064 | ---- | M] () -- C:\Dokumente und Einstellungen\***\Eigene Dateien\Apocalyptica end of me.doc
[2010/08/29 12:00:00 | 000,000,396 | ---- | M] () -- C:\WINDOWS\tasks\Norton Security Scan for ***.job
[2010/08/29 06:43:10 | 000,002,509 | ---- | M] () -- C:\Dokumente und Einstellungen\***\Desktop\Microsoft Office Word 2003.lnk
[2010/08/29 05:44:37 | 000,002,607 | ---- | M] () -- C:\Dokumente und Einstellungen\***\Desktop\Microsoft Office Outlook 2003.lnk
[2010/08/28 10:19:30 | 000,002,545 | ---- | M] () -- C:\Dokumente und Einstellungen\***\Desktop\Microsoft Office PowerPoint 2003.lnk
[2010/08/28 09:26:50 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
 
========== Files Created - No Company Name ==========
 
[2010/08/29 18:31:59 | 000,024,064 | ---- | C] () -- C:\Dokumente und Einstellungen\***\Eigene Dateien\Apocalyptica end of me.doc
[2009/12/25 13:19:31 | 000,000,425 | ---- | C] () -- C:\WINDOWS\BRWMARK.INI
[2009/12/25 13:19:04 | 000,106,496 | ---- | C] () -- C:\WINDOWS\System32\BrMuSNMP.dll
[2009/12/25 13:15:27 | 000,031,864 | ---- | C] () -- C:\WINDOWS\maxlink.ini
[2009/10/16 13:34:53 | 000,000,760 | ---- | C] () -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\setup_ldm.iss
[2009/10/12 16:38:30 | 000,000,016 | -H-- | C] () -- C:\Dokumente und Einstellungen\***\mxfilerelatedcache.mxc2
[2009/10/03 12:34:15 | 000,006,144 | ---- | C] () -- C:\Dokumente und Einstellungen\***\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/09/09 15:09:05 | 000,000,143 | ---- | C] () -- C:\Dokumente und Einstellungen\***\Lokale Einstellungen\Anwendungsdaten\fusioncache.dat
[2009/09/09 15:08:51 | 001,572,864 | -H-- | C] () -- C:\Dokumente und Einstellungen\***\NTUSER.DAT
[2009/09/09 15:08:51 | 000,008,192 | -H-- | C] () -- C:\Dokumente und Einstellungen\***\ntuser.dat.LOG
[2009/09/09 15:08:51 | 000,000,190 | -HS- | C] () -- C:\Dokumente und Einstellungen\***\ntuser.ini
[2009/06/16 11:05:41 | 000,000,020 | ---- | C] () -- C:\WINDOWS\Crocclip.INI
[2009/05/28 08:07:25 | 000,000,910 | ---- | C] () -- C:\WINDOWS\cdplayer.ini
[2009/05/05 13:24:52 | 000,000,016 | -H-- | C] () -- C:\Programme\mxfilerelatedcache.mxc2
[2009/05/05 13:24:52 | 000,000,016 | -H-- | C] () -- C:\Dokumente und Einstellungen\***\mxfilerelatedcache.mxc2
[2009/05/05 13:24:52 | 000,000,016 | -H-- | C] () -- C:\Dokumente und Einstellungen\Administrator\mxfilerelatedcache.mxc2
[2008/11/04 12:30:52 | 002,100,210 | ---- | C] () -- C:\Dokumente und Einstellungen\***\ProductContextC5100.log
[2008/10/29 18:10:11 | 000,077,824 | R--- | C] () -- C:\WINDOWS\System32\HPZIDS01.dll
[2008/05/12 07:04:37 | 000,000,111 | ---- | C] () -- C:\Dokumente und Einstellungen\***\default.pls
[2008/04/22 12:18:48 | 000,879,872 | ---- | C] () -- C:\Programme\Google_Updater.exe
[2008/04/20 13:16:22 | 000,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2008/04/14 07:35:56 | 000,000,098 | ---- | C] () -- C:\WINDOWS\WirelessFTP.INI
[2008/04/13 17:02:51 | 000,000,029 | ---- | C] () -- C:\WINDOWS\coolacm.ini
[2008/04/13 17:01:18 | 000,000,037 | ---- | C] () -- C:\WINDOWS\coolmp3.ini
[2008/04/13 17:01:18 | 000,000,029 | ---- | C] () -- C:\WINDOWS\wordpad.ini
[2008/04/13 17:01:17 | 000,000,000 | ---- | C] () -- C:\WINDOWS\COOLSYS.INI
[2008/04/13 17:01:16 | 000,010,677 | ---- | C] () -- C:\WINDOWS\coolkb2k.ini
[2008/04/13 17:00:41 | 000,000,029 | ---- | C] () -- C:\WINDOWS\winzip32.ini
[2008/04/13 16:59:28 | 000,007,232 | ---- | C] () -- C:\WINDOWS\COOL.INI
[2008/04/13 05:57:33 | 000,000,000 | ---- | C] () -- C:\WINDOWS\musicmaker.INI
[2008/04/13 05:43:05 | 000,038,912 | ---- | C] () -- C:\WINDOWS\System32\mgxasio.dll
[2008/04/13 05:39:34 | 000,006,642 | ---- | C] () -- C:\WINDOWS\mgxoschk.ini
[2008/04/09 15:58:24 | 000,000,112 | ---- | C] () -- C:\WINDOWS\ActiveSkin.INI
[2008/01/03 15:23:21 | 000,000,030 | ---- | C] () -- C:\WINDOWS\System32\UNWISE.INI
[2008/01/03 15:22:44 | 000,000,399 | ---- | C] () -- C:\WINDOWS\vtplus32.ini
[2008/01/03 15:22:38 | 000,032,135 | ---- | C] () -- C:\WINDOWS\Irremote.ini
[2008/01/03 15:22:30 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\dmcrypto.dll
[2008/01/03 15:22:08 | 000,159,744 | ---- | C] () -- C:\WINDOWS\System32\hcwChDB.dll
[2008/01/03 15:19:44 | 000,002,120 | ---- | C] () -- C:\WINDOWS\HCWPNP.INI
[2008/01/03 15:18:28 | 000,040,960 | R--- | C] () -- C:\WINDOWS\System32\bdadll.dll
[2008/01/03 15:18:18 | 000,363,520 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2007/12/25 11:54:04 | 000,000,864 | ---- | C] () -- C:\Dokumente und Einstellungen\***\reglog.txt
[2007/12/25 08:03:20 | 000,083,968 | ---- | C] () -- C:\Dokumente und Einstellungen\***\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2007/12/24 19:29:39 | 000,000,000 | ---- | C] () -- C:\WINDOWS\iPlayer.INI
[2007/12/23 06:48:12 | 000,000,507 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2007/12/23 06:45:50 | 000,000,000 | ---- | C] () -- C:\WINDOWS\tosOBEX.INI
[2007/12/21 09:17:32 | 000,000,140 | ---- | C] () -- C:\Dokumente und Einstellungen\***\Lokale Einstellungen\Anwendungsdaten\fusioncache.dat
[2007/12/21 08:14:18 | 008,126,464 | -H-- | C] () -- C:\Dokumente und Einstellungen\***\NTUSER.DAT
[2007/12/21 08:14:18 | 000,008,192 | -H-- | C] () -- C:\Dokumente und Einstellungen\***\ntuser.dat.LOG
[2007/12/21 08:14:18 | 000,000,300 | -HS- | C] () -- C:\Dokumente und Einstellungen\***\ntuser.ini
[2007/12/05 09:49:26 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2007/12/05 09:42:47 | 000,000,190 | -HS- | C] () -- C:\Dokumente und Einstellungen\Administrator\ntuser.ini
[2007/12/05 09:42:46 | 000,786,432 | -H-- | C] () -- C:\Dokumente und Einstellungen\Administrator\NTUSER.DAT
[2007/12/05 09:42:46 | 000,024,576 | -H-- | C] () -- C:\Dokumente und Einstellungen\Administrator\ntuser.dat.LOG
[2007/12/05 09:40:56 | 000,237,568 | -H-- | C] () -- C:\Dokumente und Einstellungen\NetworkService\NTUSER.DAT
[2007/12/05 09:40:56 | 000,237,568 | -H-- | C] () -- C:\Dokumente und Einstellungen\LocalService\NTUSER.DAT
[2007/12/05 09:40:56 | 000,008,192 | -H-- | C] () -- C:\Dokumente und Einstellungen\NetworkService\ntuser.dat.LOG
[2007/12/05 09:40:56 | 000,008,192 | -H-- | C] () -- C:\Dokumente und Einstellungen\LocalService\ntuser.dat.LOG
[2007/12/05 09:40:56 | 000,000,020 | -HS- | C] () -- C:\Dokumente und Einstellungen\NetworkService\ntuser.ini
[2007/12/05 09:40:56 | 000,000,020 | -HS- | C] () -- C:\Dokumente und Einstellungen\LocalService\ntuser.ini
[2007/12/05 09:32:28 | 001,019,904 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll
[2007/12/05 09:32:27 | 001,703,936 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll
[2007/12/05 09:32:25 | 000,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll
[2007/12/05 09:32:23 | 001,474,560 | ---- | C] () -- C:\WINDOWS\System32\nview.dll
[2007/12/05 09:31:50 | 000,172,032 | ---- | C] () -- C:\WINDOWS\System32\tifmicon.dll
[2007/12/05 09:31:44 | 000,000,998 | ---- | C] () -- C:\WINDOWS\System32\OemInfo.ini
[2007/12/05 09:31:27 | 000,262,144 | ---- | C] () -- C:\Windows\system32\config\systemprofile\ntuser.dat
[2007/12/05 09:31:27 | 000,008,192 | -H-- | C] () -- C:\Windows\system32\config\systemprofile\ntuser.dat.LOG
[2007/12/05 09:30:53 | 000,000,849 | ---- | C] () -- C:\WINDOWS\orun32.ini
[2006/12/05 08:05:06 | 000,114,688 | ---- | C] () -- C:\WINDOWS\System32\TosBtAcc.dll
[2005/07/22 16:30:20 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\TosCommAPI.dll
[2003/02/20 12:53:42 | 000,005,702 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI
[2001/07/06 22:00:00 | 000,003,254 | ---- | C] () -- C:\WINDOWS\System32\HPTCPMON.INI
 
========== LOP Check ==========
 
[2010/03/11 14:10:41 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Audacity
[2009/12/05 18:15:21 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Azureus
[2008/08/13 18:22:38 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\capella-software
[2010/08/30 06:38:58 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\DNA
[2008/11/03 07:25:12 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\ICQ
[2008/04/15 03:02:53 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\ICQ Toolbar
[2008/04/11 12:24:47 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Leadertech
[2008/04/13 05:57:40 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\MAGIX
[2009/10/23 09:57:53 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\NPLUTO Corporation
[2009/01/02 09:26:38 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\ProtectDisc
[2009/01/05 13:50:12 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Sony
[2009/05/18 05:50:01 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\streamripper
[2007/12/25 10:25:21 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\TOSHIBA
[2008/04/14 07:44:22 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Uniblue
[2009/10/08 06:39:57 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\ZapSpot
[2009/09/09 15:48:10 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\TOSHIBA
 
========== Purity Check ==========
 
 
< End of report >
--- --- ---

Swisstreasure 31.08.2010 17:52
Schritt 1

Fixen mit OTLPE
  • Starte die OTLPE.exe.
  • Vista und Windows 7 User: Rechtsklick auf die OTLPE.exe und "als Administrator ausführen" wählen.
  • Kopiere folgendes Skript:
Code:
:OTL
SRV - [2008/11/12 17:37:24 | 000,464,264 | ---- | M] () [Auto] -- C:\Programme\AskBarDis\bar\bin\AskService.exe -- (ASKService)
O4 - HKU\***_ON_C..\Run: [mediafix70700en02.exe] C:\Dokumente und Einstellungen\Dominik\Anwendungsdaten\12CE49A3EB6D40E91B78314BBC4CE4F6\mediafix70700en02.exe File not found
O2 - BHO: (AskBar BHO) - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Programme\AskBarDis\bar\bin\askBar.dll (Ask.com)
O3 - HKLM\..\Toolbar: (Ask Toolbar) - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Programme\AskBarDis\bar\bin\askBar.dll (Ask.com)
O3 - HKU\***_ON_C\..\Toolbar\WebBrowser: (Ask Toolbar) - {3041D03E-FD4B-44E0-B742-2D9B88305F98} - C:\Programme\AskBarDis\bar\bin\askBar.dll (Ask.com)
:Files
C:\Dokumente und Einstellungen\Dominik\Anwendungsdaten\12CE49A3EB6D40E91B78314BBC4CE4F6
:Commands
[purity]
[emptytemp]

Schritt 2

Nun sollte der Normalmodus oder zumindest der abgesicherte Modus wieder gehen. Falls dies so ist dann machen einne Fullscan mit Malwarebytes Anti-Malware.

Dendemann 31.08.2010 19:46
Der "Abgesicherte Modus" geht noch nicht.

Code:
========== OTL ==========
Registry key HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\ASKService deleted successfully.
C:\Programme\AskBarDis\bar\bin\AskService.exe moved successfully.
Registry value HKEY_USERS\Dominik_ON_C\Software\Microsoft\Windows\CurrentVersion\Run\\mediafix70700en02.exe deleted successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{201f27d4-3704-41d6-89c1-aa35e39143ed}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{201f27d4-3704-41d6-89c1-aa35e39143ed}\ deleted successfully.
C:\Programme\AskBarDis\bar\bin\askBar.dll moved successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{3041d03e-fd4b-44e0-b742-2d9b88305f98} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3041d03e-fd4b-44e0-b742-2d9b88305f98}\ deleted successfully.
File C:\Programme\AskBarDis\bar\bin\askBar.dll not found.
Registry value HKEY_USERS\Dominik_ON_C\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{3041D03E-FD4B-44E0-B742-2D9B88305F98} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3041D03E-FD4B-44E0-B742-2D9B88305F98}\ not found.
File C:\Programme\AskBarDis\bar\bin\askBar.dll not found.
========== FILES ==========
File\Folder C:\Dokumente und Einstellungen\Dominik\Anwendungsdaten\12CE49A3EB6D40E91B78314BBC4CE4F6 not found.
========== COMMANDS ==========
 
[EMPTYTEMP]
 
User: Administrator
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
 
User: All Users
 
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes
 
User: Dominik
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 0 bytes
->Google Chrome cache emptied: 0 bytes
->Apple Safari cache emptied: 0 bytes
->Flash cache emptied: 0 bytes
 
User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
 
User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
 
User: Sono Bello
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes
 
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 0 bytes
 
Total Files Cleaned = 0.00 mb
 
 
OTLPE by OldTimer - Version 3.1.40.0 log created on 09012010_031325

Swisstreasure 01.09.2010 11:37
Dürfte ich nochmals zwei neue OTL logs sehen :)

Dendemann 01.09.2010 11:49
OTL EXTRAS Logfile:
Code:
OTL Extras logfile created on: 9/1/2010 8:30:44 PM - Run
OTLPE by OldTimer - Version 3.1.40.0    Folder = X:\Programs\OTLPE
Microsoft Windows XP Service Pack 2 (Version = 5.1.2600) - Type = SYSTEM
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
2.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 85.00% Memory free
2.00 Gb Paging File | 2.00 Gb Available in Paging File | 95.00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 77.63 Gb Total Space | 29.78 Gb Free Space | 38.36% Space Free | Partition Type: NTFS
Drive D: | 77.63 Gb Total Space | 59.77 Gb Free Space | 76.99% Space Free | Partition Type: NTFS
Drive E: | 77.62 Gb Total Space | 55.38 Gb Free Space | 71.34% Space Free | Partition Type: NTFS
Drive F: | 15.05 Gb Total Space | 13.96 Gb Free Space | 92.76% Space Free | Partition Type: FAT32
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Drive X: | 433.24 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
 
Computer Name: REATOGO
Current User Name: SYSTEM
Logged in as Administrator.
 
Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard
Using ControlSet: ControlSet001
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
 
========== Shell Spawning ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
htmlfile [edit] -- "C:\Programme\Microsoft Office\OFFICE11\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Programme\Microsoft Office\OFFICE11\msohtmed.exe" /p %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Programme\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" File not found
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Programme\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" File not found
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 1
"FirewallDisableNotify" = 1
"UpdatesDisableNotify" = 1
"AntiVirusOverride" = 0
"FirewallOverride" = 0
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
 
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
 
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
 
========== Authorized Applications List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
 
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Programme\CyberLink\PowerDVD\PowerDVD.exe" = C:\Programme\CyberLink\PowerDVD\PowerDVD.exe:*:Enabled:CyberLink PowerDVD -- (CyberLink Corp.)
 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{02570AE0-BEE0-4A6C-BE3F-D806E9F2EA17}" = ScanSoft PaperPort 11
"{0A65A3BD-54B5-4d0d-B084-7688507813F5}" = SlideShow
"{0CB9668D-F979-4F31-B8B8-67FE90F929F8}" = Bonjour
"{13F3917B56CD4C25848BDC69916971BB}" = DivX Converter
"{15C0AF59-4877-49B6-B8C6-A61CE54515F5}" = cp_OnlineProjectsConfig
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{18D10072035C4515918F7E37EAFAACFC}" = AutoUpdate
"{1A2000AF-79DE-47FB-8411-BA22F981917F}" = Tropico 2: Die Pirateninsel
"{1A9DEF19-760C-4e01-958F-D9B8E6C61B90}" = c5100_Help
"{1E06D48E-5448-4BCC-9F87-9FB4EBD59898}" = SA30xx Media Converter
"{2227E1FA-01F5-483C-AB0E-2A308E900B3D}" = InterVideo FilterSDK for Hauppauge
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{2376813B-2E5A-4641-B7B3-A0D5ADB55229}" = HPPhotoSmartExpress
"{26A24AE4-039D-4CA4-87B4-2F83216010FF}" = Java(TM) 6 Update 10
"{289CDCBA-1E82-460A-9DCA-E9FB6BAC1A42}" = SA30xx Device Manager
"{2BC2781A-F7F6-452E-95EB-018A522F1B2C}" = PaperPort Image Printer
"{2E8EAC71-BFE4-417A-88F0-5A1BDFBCF5D3}" = Logitech SetPoint
"{2F58D60D-2BFD-4467-9B4D-64E7355C329D}" = Sonic_PrimoSDK
"{2FFE93F0-BB72-4E52-8761-354D1AAA9387}" = Sony Ericsson PC Suite 6.009.00
"{33BF0960-DBA3-4187-B6CC-C969FCFA2D25}" = SkinsHP1
"{350C97B3-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{363790D2-DA98-41DD-9C9F-69FA36B169DE}" = PanoStandAlone
"{36FDBE6E-6684-462B-AE98-9A39A1B200CC}" = HP Product Assistant
"{3D9892BB-A751-4E48-ADC8-E4289956CE1D}" = QuickTime
"{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}" = Logitech Registration
"{3FC7CBBC4C1E11DCA1A752EA55D89593}" = DivX Version Checker
"{41E776A5-9B12-416D-9A12-B4F7B044EBED}" = CP_Package_Basic1
"{45B8A76B-57EC-4242-B019-066400CD8428}" = BufferChm
"{4B9919E4-6E86-485A-82CC-4E353B221031}" = Nero 7 Essentials
"{4EA2F95F-A537-4d17-9E7F-6B3FF8D9BBE3}" = Microsoft Works
"{4EA684E9-5C81-4033-A696-3019EC57AC3A}" = HPProductAssistant
"{53EE9E42-CECB-4C92-BF76-9CA65DAF8F1C}" = FullDPAppQFolder
"{56918C0C-0D87-4CA6-92BF-4975A43AC719}" = KhalInstallWrapper
"{606BC780-101C-41DB-808D-4539BFA0774A}" = MobileMe Control Panel
"{60DE4033-9503-48D1-A483-7846BD217CA9}" = ICQ6.5
"{66910000-8B30-4973-A159-6371345AFFA5}" = WebReg
"{6696D9A4-28A8-4F5A-8E9A-2E8974C8C39C}" = RandMap
"{66E6CE0C-5A1E-430C-B40A-0C90FF1804A8}" = eSupportQFolder
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD
"{68763C27-235D-4165-A961-FDEA228CE504}" = AiOSoftwareNPI
"{6909F917-5499-482e-9AA1-FAD06A99F231}" = Toolbox
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{6BF66AED-3EA4-4106-B240-5CE96C9B76B0}" = Brother MFL-Pro Suite DCP-375CW
"{6F5E2F4A-377D-4700-B0E3-8F7F7507EA15}" = CustomerResearchQFolder
"{7131646D-CD3C-40F4-97B9-CD9E4E6262EF}" = Microsoft .NET Framework 2.0
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{736C803C-DD3B-4015-BC51-AFB9E67B9076}" = Readme
"{767CC44C-9BBC-438D-BAD3-FD4595DD148B}" = VC80CRTRedist - 8.0.50727.762
"{76E41F43-59D2-4F30-BA42-9A762EE1E8DE}" = Avanquest update
"{7B3F0113-E63C-4D6D-AF19-111A3165CCA2}" = Text-To-Speech-Runtime
"{7B63B2922B174135AFC0E1377DD81EC2}" = DivX Codec
"{7C03270C-4FAB-4F5C-B10D-52FEDA190790}" = DocumentViewerQFolder
"{7E7B7865-6C80-4373-8BC1-C2EB9431F9DE}" = ProductContextNPI
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110111700}" = Zuma Deluxe
"{8331C3EA-0C91-43AA-A4D4-27221C631139}" = Status
"{85991ED2-010C-4930-96FA-52F43C2CE98A}" = Apple Mobile Device Support
"{87E2B986-07E8-477a-93DC-AF0B6758B192}" = DocProcQFolder
"{8937FCB2-2FC6-4FC3-9FB5-DE2C92DB9C38}" = Microsoft .NET Framework 2.0 Language Pack - DEU
"{8A4CE7FD-9657-4B06-9943-E1819F3D5D67}" = DocProc
"{8ADFC4160D694100B5B8A22DE9DCABD9}" = DivX Player
"{8CC990CD-87C8-475C-AC32-8A7984E2FCFA}" = CDDRV_Installer
"{8CE4E6E9-9D55-43FB-9DDB-688C976BFC05}" = Unload
"{8D04F5C2-704D-4DB8-84FF-22300783D7F8}" = capella 2008
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel(R) Matrix Storage Manager
"{90850407-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Word Viewer 2003
"{91E30407-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{981029E0-7FC9-4CF3-AB39-6F133621921A}" = Skype Toolbars
"{98EA51C9-B0B0-45BC-8641-3E119EA47D7B}" = Sony Ericsson Media Manager 1.2
"{996512CF-F35B-48DE-9291-557FA5316967}" = ScannerCopy
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{A29800BA-0BF1-4E63-9F31-DF05A87F4104}" = InstantShareDevices
"{A43BF6A5-D5F0-4AAA-BF41-65995063EC44}" = MSXML 6.0 Parser
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A96E97134CA649888820BCDE5E300BBD}" = H.264 Decoder
"{AAC389499AEF40428987B3D30CFC76C9}" = MKV Splitter
"{AB5D51AE-EBC3-438D-872C-705C7C2084B0}" = DeviceManagementQFolder
"{AC76BA86-7AD7-1031-7B44-A91000000001}" = Adobe Reader 9.1.3 - Deutsch
"{AC76BA86-7AD7-5464-3428-900000000004}" = Spelling Dictionaries Support For Adobe Reader 9
"{AEF9DC35ADDF4825B049ACBFD1C6EB37}" = AAC Decoder
"{AFAC914D-9E83-4A89-8ABE-427521C82CCF}" = Safari
"{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter
"{B2157760-AA3C-4E2E-BFE6-D20BC52495D9}" = cp_PosterPrintConfig
"{B2D328BE-45AD-4D92-96F9-2151490A203E}" = Apple Application Support
"{B3B9BC18-2A09-4728-9B46-12E85FF3F628}" = C5100
"{B6286A44-7505-471A-A72B-04EC2DB2F442}" = CueTour
"{B69CFE29-FD03-4E0A-87A7-6ED97F98E5B3}" = CP_Panorama1Config
"{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Web Player
"{BDBE2F3E-42DB-4d4a-8CB1-19BA765DBC6C}" = HP Photosmart, Officejet and Deskjet 7.0.A
"{C1C6767D-B395-43CB-BF99-051B58B86DA6}" = PhotoGallery
"{C1E11C46-E6EB-4BD2-9ADF-2A98ACBEB216}" = iTunes
"{C7340571-7773-4A8C-9EBC-4E4243B38C76}" = Microsoft XML Parser
"{C7F54CF8-D6FB-4E0A-93A3-E68AE0D6C476}" = SolutionCenter
"{C8753E28-2680-49BF-BD48-DD38FD086EFE}" = AiO_Scan_CDA
"{C99EF05C-A49C-4C8C-902B-BD4B96A6F3A8}" = Keyboard Manager Utility
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CEBB6BFB-D708-4F99-A633-BC2600E01EF6}" = Bluetooth Stack for Windows by Toshiba
"{CF40ACC5-E1BB-4aff-AC72-04C2F616BCA7}" = getPlus(R) for Adobe
"{CFADE4AF-C0CF-4A04-A776-741318F1658F}" = Content Transfer
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.2
"{D16D8A48-65A4-4B19-8A02-DC9A40FB80C4}" = Norton Security Scan
"{DBC20735-34E6-4E97-A9E5-2066B66B243D}" = TrayApp
"{E1B80DEE-A795-4258-8445-074C06AE3AB8}" = MarketResearch
"{E78BFA60-5393-4C38-82AB-E8019E464EB4}" = Microsoft .NET Framework 1.1 German Language Pack
"{ED2C557E-9C18-41FF-B58E-A05EEF0B3B5F}" = CP_CalendarTemplates1
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F157460F-720E-482f-8625-AD7843891E5F}" = InstantShareDevicesMFC
"{F3760724-B29D-465B-BC53-E5D72095BCC4}" = Scan
"{F3BD8E81-C020-44F9-B014-1E0214D23556}" = SA30xx Media Converter
"{F6076EF9-08E1-442F-B6A2-BFB61B295A14}" = Fax_CDA
"{F7B0939E-58DF-11DF-B3A6-005056806466}" = Google Earth
"{FB15E224-67C3-491F-9F5C-F257BC418412}" = Destinations
"{FBB980B0-63F8-4B48-8D65-90F1D9F81D9F}" = NewCopy_CDA
"{FE57DE70-95DE-4B64-9266-84DA811053DB}" = HP Update
"{FE7E1DD7-EBCE-4696-ADE2-22BDBF2372DA}" = DocumentViewer
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11
"Alarm für Cobra 11" = Alarm für Cobra 11
"Album Cover Finder_is1" = Album Cover Finder v.6.5.0
"Ask Toolbar_is1" = Vuze Toolbar
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"AVS Audio Converter 5.1_is1" = AVS Audio Converter version 5.1
"AVS Audio Editor_is1" = AVS Audio Editor version 4.2
"AVS Update Manager_is1" = AVS Update Manager 1.0
"AVS4YOU Software Navigator_is1" = AVS4YOU Software Navigator 1.3
"AVS4YOU Video Converter 6_is1" = AVS Video Converter 6
"CamStudio" = CamStudio
"Cool Edit 2000" = Cool Edit 2000
"DivX Plus DirectShow Filters" = DivX Plus DirectShow Filters
"DriftCity_EU" = Drift City
"DXFSharpViewer 2" = DXF Sharp Viewer 2.0.21
"eMule" = eMule
"Firebird SQL Server D" = Firebird SQL Server - MAGIX Edition (D)
"Free 3GP Video Converter_is1" = Free 3GP Video Converter version 3.1
"Free Audio CD Burner_is1" = Free Audio CD Burner version 1.2
"Free Studio_is1" = Free Studio version 4.2
"Free YouTube Download_is1" = Free YouTube Download 2.2
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.2
"FreeStar Free AMR MP3 Converter" = FreeStar Free AMR MP3 Converter 1.0.1
"Google Chrome" = Google Chrome
"Google Updater" = Google Updater
"Hauppauge German Help Files and Resources" = Hauppauge German Help Files and Resources
"Hauppauge WinTV" = Hauppauge WinTV
"Hauppauge WinTV DVB-T EPG Service" = Hauppauge WinTV DVB-T EPG Service
"Hauppauge WinTV Infrared Remote" = Hauppauge WinTV Infrared Remote
"Hauppauge WinTV Scheduler" = Hauppauge WinTV Scheduler
"Hauppauge WinTV Soft PVR" = Hauppauge WinTV Soft PVR
"HHD Hex Editor 4.x" = HHD Software Free Hex Editor Neo 4.71
"HP Document Viewer" = HP Document Viewer 7.0
"HP Imaging Device Functions" = HP Imaging Device Functions 7.0
"HP Photo & Imaging" = HP Photosmart Premier Software 6.5
"HP Solution Center & Imaging Support Tools" = HP Solution Center 7.0
"HPExtendedCapabilities" = HP Customer Participation Program 7.0
"HPOCR" = OCR Software by I.R.I.S 7.0
"ICQToolbar" = ICQ Toolbar
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie7" = Windows Internet Explorer 7
"ie8" = Windows Internet Explorer 8
"InstallShield_{C99EF05C-A49C-4C8C-902B-BD4B96A6F3A8}" = Keyboard Manager Utility
"InterActual Player" = InterActual Player
"InternetGameBox" = InternetGameBox
"IrfanView" = IrfanView (remove only)
"IsoBuster Toolbar" = IsoBuster Toolbar
"IsoBuster_is1" = IsoBuster 2.4
"LilyPond" = LilyPond
"Luxor" = Luxor
"Magic Ball 2" = Magic Ball 2
"Magic ISO Maker v5.4 (build 0251)" = Magic ISO Maker v5.4 (build 0251)
"MAGIX Foto Manager 2007 D" = MAGIX Foto Manager 2007 (D)
"MAGIX music maker 2006 D" = MAGIX music maker 2006 (D)
"MAGIX Music Manager 2006 D" = MAGIX Music Manager 2006 (D)
"MAGIX Online Druck Service D" = MAGIX Online Druck Service (D)
"Microsoft .NET Framework 1.1  (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 2.0" = Microsoft .NET Framework 2.0
"Microsoft .NET Framework 2.0 Language Pack - DEU" = Microsoft .NET Framework 2.0 Language Pack - DEU
"Mozilla Firefox (3.0.11)" = Mozilla Firefox (3.0.11)
"MSNINST" = MSN
"Multi_Media_Germany Toolbar" = Multi_Media_Germany Toolbar
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"NSSSetup.{D16D8A48-65A4-4B19-8A02-DC9A40FB80C4}" = Norton Security Scan (Symantec Corporation)
"NVIDIA Drivers" = NVIDIA Drivers
"PRIME BACKUP" = PRIME BACKUP
"Radar Sync Bar" = Radar Sync Bar
"Rainbow Web 2" = Rainbow Web 2
"RealPlayer 6.0" = RealPlayer
"RegistryBooster 2_is1" = Uniblue RegistryBooster 2
"RTL Winter Sports 2009 (Demo)" = RTL Winter Sports 2009 (Demo)
"Secured eMule" = Secured eMule
"Share Accelerator MM Toolbar" = Share Accelerator MM Toolbar
"SMSERIAL" = Motorola SM56 Data Fax Modem
"Squash It" = Squash It
"Steam" = Steam
"Streamripper" = Streamripper (Remove only)
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"Uninstall_is1" = Uninstall 1.0.0.1
"Veoh Video Compass" = Veoh Video Compass
"Veoh Web Player Beta" = Veoh Web Player
"VLC media player" = VLC media player 0.9.9
"VTPlus32 für WinTV (German)" = VTPlus32 für WinTV (German)
"Vuze" = Vuze
"Wall Street Guru" = Wall Street Guru Beta 1.0
"Wdf01005" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
"Wild Races_is1" = Wild Races
"Winamp" = Winamp
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"WinGimp-2.0_is1" = GIMP 2.6.6
"WinRAR archiver" = WinRAR
"WMFDist11" = Windows Media Format 11 runtime
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"Xilisoft Video Converter Standard" = Xilisoft Video Converter Standard
"ygekcce" = Favorit
"Zapu - The Share Accelerator" = Zapu - The Share Accelerator
"ZDFsport_Bildschirmschoner" = ZDFsport_Bildschirmschoner Screen Saver
"Zuma Deluxe" = Zuma Deluxe
 
========== HKEY_USERS Uninstall List ==========
 
[HKEY_USERS\Dominik_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Antimalware Doctor" = Antimalware Doctor
"BitTorrent DNA" = DNA
"sc09-DE_SEVENONE_MAIN" = Big Pizza Ski Challenge 2009
"sc10-DE_SEVENONE_MAIN" = Big Pizza Ski Challenge 2010
"tc08-DE_SEVENONE_MAIN" = IKK Direkt Mountainbike Challenge 08
 
< End of report >
--- --- ---

Dendemann 01.09.2010 11:50
OTL Logfile:
Code:
OTL logfile created on: 9/1/2010 8:30:44 PM - Run
OTLPE by OldTimer - Version 3.1.40.0    Folder = X:\Programs\OTLPE
Microsoft Windows XP Service Pack 2 (Version = 5.1.2600) - Type = SYSTEM
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
2.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 85.00% Memory free
2.00 Gb Paging File | 2.00 Gb Available in Paging File | 95.00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 77.63 Gb Total Space | 29.78 Gb Free Space | 38.36% Space Free | Partition Type: NTFS
Drive D: | 77.63 Gb Total Space | 59.77 Gb Free Space | 76.99% Space Free | Partition Type: NTFS
Drive E: | 77.62 Gb Total Space | 55.38 Gb Free Space | 71.34% Space Free | Partition Type: NTFS
Drive F: | 15.05 Gb Total Space | 13.96 Gb Free Space | 92.76% Space Free | Partition Type: FAT32
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Drive X: | 433.24 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
 
Computer Name: REATOGO
Current User Name: SYSTEM
Logged in as Administrator.
 
Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard
Using ControlSet: ControlSet001
 
========== Win32 Services (SafeList) ==========
 
SRV - File not found [On_Demand] -- C:\Programme\NOS\bin\getPlus_HelperSvc.exe -- (getPlus(R) Helper) getPlus(R)
SRV - [2010/06/10 15:03:08 | 000,144,176 | ---- | M] (Apple Inc.) [Auto] -- C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2009/07/21 08:34:28 | 000,185,089 | ---- | M] (Avira GmbH) [Auto] -- C:\Programme\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2009/06/01 16:20:12 | 000,222,968 | ---- | M] () [Auto] -- C:\Programme\ICQ6Toolbar\ICQ Service.exe -- (ICQ Service)
SRV - [2009/05/13 10:48:18 | 000,108,289 | ---- | M] (Avira GmbH) [Auto] -- C:\Programme\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2009/04/30 07:23:26 | 000,090,112 | ---- | M] () [Auto] -- C:\Programme\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe -- (OMSI download service)
SRV - [2007/09/05 12:46:02 | 000,374,272 | ---- | M] (Hauppauge Computer Works) [Auto] -- C:\Programme\WinTV\EPG Services\System\EPGService.exe -- (EPGService)
SRV - [2007/08/09 03:27:52 | 000,073,728 | ---- | M] (HP) [Auto] -- C:\Windows\system32\HPZipm12.exe -- (Pml Driver HPZ12)
SRV - [2007/07/12 11:36:12 | 000,354,840 | ---- | M] (Intel Corporation) [Auto] -- C:\Programme\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON) Intel(R)
SRV - [2007/02/25 16:55:18 | 000,125,048 | ---- | M] (TOSHIBA CORPORATION) [Auto] -- c:\Programme\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe -- (TOSHIBA Bluetooth Service)
SRV - [2005/11/17 08:18:52 | 001,527,900 | ---- | M] (MAGIX®) [On_Demand] -- C:\MAGIX\Common\Database\bin\fbserver.exe -- (FirebirdServerMAGIXInstance)
SRV - [2005/04/03 19:41:10 | 000,069,632 | ---- | M] (Macrovision Corporation) [On_Demand] -- C:\Programme\Gemeinsame Dateien\InstallShield\Driver\11\Intel 32\IDriverT.exe -- (IDriverT)
SRV - [2003/07/28 07:28:22 | 000,089,136 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE -- (ose)
SRV - [2003/06/19 18:25:00 | 000,322,120 | ---- | M] (Microsoft Corporation) [Auto] -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7DEBUG\MDM.EXE -- (MDM)
 
 
========== Driver Services (SafeList) ==========
 
DRV - File not found [Kernel | On_Demand] --  -- (WDICA)
DRV - File not found [Kernel | On_Demand] --  -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand] --  -- (PDRELI)
DRV - File not found [Kernel | On_Demand] --  -- (PDFRAME)
DRV - File not found [Kernel | On_Demand] --  -- (PDCOMP)
DRV - File not found [Kernel | System] --  -- (PCIDump)
DRV - File not found [Kernel | System] --  -- (lbrtfdc)
DRV - File not found [Kernel | System] --  -- (i2omgmt)
DRV - File not found [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\EagleNT.sys -- (EagleNT)
DRV - File not found [Kernel | System] --  -- (Changer)
DRV - [2009/12/07 15:20:06 | 000,056,816 | ---- | M] (Avira GmbH) [File_System | Auto] -- C:\Windows\system32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2009/05/11 04:12:20 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System] -- C:\Windows\system32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2009/03/30 04:33:03 | 000,096,104 | ---- | M] (Avira GmbH) [Kernel | System] -- C:\Windows\system32\drivers\avipbb.sys -- (avipbb)
DRV - [2009/02/13 06:35:01 | 000,011,608 | ---- | M] (Avira GmbH) [Kernel | System] -- C:\Programme\Avira\AntiVir Desktop\avgio.sys -- (avgio)
DRV - [2008/06/03 20:34:08 | 000,122,024 | ---- | M] (MCCI Corporation) [Kernel | On_Demand] -- C:\Windows\system32\drivers\s1018mdm.sys -- (s1018mdm)
DRV - [2008/06/03 20:34:08 | 000,115,368 | ---- | M] (MCCI Corporation) [Kernel | On_Demand] -- C:\Windows\system32\drivers\s1018mgmt.sys -- (s1018mgmt) Sony Ericsson Device 1018 USB WMC Device Management Drivers (WDM)
DRV - [2008/06/03 20:34:08 | 000,090,408 | ---- | M] (MCCI Corporation) [Kernel | On_Demand] -- C:\Windows\system32\drivers\s1018bus.sys -- (s1018bus) Sony Ericsson Device 1018 driver (WDM)
DRV - [2008/06/03 20:34:08 | 000,025,768 | ---- | M] (MCCI Corporation) [Kernel | On_Demand] -- C:\Windows\system32\drivers\s1018nd5.sys -- (s1018nd5) Sony Ericsson Device 1018 USB Ethernet Emulation (NDIS)
DRV - [2008/06/03 20:34:06 | 000,117,544 | ---- | M] (MCCI Corporation) [Kernel | On_Demand] -- C:\Windows\system32\drivers\s1018unic.sys -- (s1018unic) Sony Ericsson Device 1018 USB Ethernet Emulation (WDM)
DRV - [2008/06/03 20:34:06 | 000,111,784 | ---- | M] (MCCI Corporation) [Kernel | On_Demand] -- C:\Windows\system32\drivers\s1018obex.sys -- (s1018obex)
DRV - [2008/06/03 20:34:06 | 000,015,016 | ---- | M] (MCCI Corporation) [Kernel | On_Demand] -- C:\Windows\system32\drivers\s1018mdfl.sys -- (s1018mdfl)
DRV - [2008/05/26 23:41:46 | 000,122,152 | ---- | M] (MCCI Corporation) [Kernel | On_Demand] -- C:\Windows\system32\drivers\s0017mdm.sys -- (s0017mdm)
DRV - [2008/05/26 23:41:46 | 000,117,672 | ---- | M] (MCCI Corporation) [Kernel | On_Demand] -- C:\Windows\system32\drivers\s0017unic.sys -- (s0017unic) Sony Ericsson Device 0017 USB Ethernet Emulation SEMC0017 (WDM)
DRV - [2008/05/26 23:41:46 | 000,111,912 | ---- | M] (MCCI Corporation) [Kernel | On_Demand] -- C:\Windows\system32\drivers\s0017obex.sys -- (s0017obex)
DRV - [2008/05/26 23:41:46 | 000,090,536 | ---- | M] (MCCI Corporation) [Kernel | On_Demand] -- C:\Windows\system32\drivers\s0017bus.sys -- (s0017bus) Sony Ericsson Device 0017 driver (WDM)
DRV - [2008/05/26 23:41:46 | 000,015,016 | ---- | M] (MCCI Corporation) [Kernel | On_Demand] -- C:\Windows\system32\drivers\s0017mdfl.sys -- (s0017mdfl)
DRV - [2008/05/26 23:41:44 | 000,115,496 | ---- | M] (MCCI Corporation) [Kernel | On_Demand] -- C:\Windows\system32\drivers\s0017mgmt.sys -- (s0017mgmt) Sony Ericsson Device 0017 USB WMC Device Management Drivers (WDM)
DRV - [2008/05/26 23:41:44 | 000,025,768 | ---- | M] (MCCI Corporation) [Kernel | On_Demand] -- C:\Windows\system32\drivers\s0017nd5.sys -- (s0017nd5) Sony Ericsson Device 0017 USB Ethernet Emulation SEMC0017 (NDIS)
DRV - [2008/04/13 05:53:26 | 000,101,376 | ---- | M] (Protect Software GmbH) [Kernel | Auto] -- C:\Windows\system32\drivers\ACEDRV07.sys -- (ACEDRV07)
DRV - [2008/01/09 07:28:34 | 000,027,632 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand] -- C:\Windows\system32\drivers\seehcri.sys -- (seehcri)
DRV - [2007/07/12 11:35:02 | 000,305,176 | ---- | M] (Intel Corporation) [Kernel | Boot] -- C:\Windows\system32\drivers\iaStor.sys -- (IASTOR)
DRV - [2007/07/10 03:56:34 | 004,449,280 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand] -- C:\Windows\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2007/05/22 16:35:00 | 006,346,688 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand] -- C:\Windows\system32\drivers\nv4_mini.sys -- (nv)
DRV - [2007/05/11 05:38:37 | 002,206,976 | ---- | M] (Intel Corporation) [Kernel | On_Demand] -- C:\Windows\system32\drivers\NETw4x32.sys -- (NETw4x32) Intel(R)
DRV - [2007/04/11 09:32:58 | 000,036,112 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand] -- C:\Windows\system32\drivers\LMouFilt.Sys -- (LMouFilt)
DRV - [2007/04/11 09:32:52 | 000,034,832 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand] -- C:\Windows\system32\drivers\LHidFilt.Sys -- (LHidFilt)
DRV - [2007/03/30 12:19:08 | 000,041,856 | ---- | M] (TOSHIBA CORPORATION) [Kernel | On_Demand] -- C:\Windows\system32\drivers\tosrfusb.sys -- (tosrfusb)
DRV - [2007/03/13 04:12:00 | 000,255,232 | ---- | M] (Marvell) [Kernel | On_Demand] -- C:\Windows\system32\drivers\yk51x86.sys -- (yukonwxp)
DRV - [2007/03/01 11:53:12 | 000,073,728 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand] -- C:\Windows\system32\drivers\Tosrfhid.sys -- (Tosrfhid)
DRV - [2007/02/22 14:56:24 | 000,113,920 | ---- | M] (TOSHIBA CORPORATION) [Kernel | On_Demand] -- C:\Windows\system32\drivers\tosrfbd.sys -- (tosrfbd)
DRV - [2007/02/01 03:38:54 | 000,033,792 | ---- | M] (KM Software Team) [Kernel | On_Demand] -- C:\Windows\system32\drivers\qkbfiltr.sys -- (qkbfiltr)
DRV - [2007/01/29 20:20:04 | 000,361,728 | R--- | M] (eMPIA Technology, Inc.) [Kernel | On_Demand] -- C:\Windows\system32\drivers\emBDA.sys -- (USB28xxBGA)
DRV - [2007/01/29 20:19:48 | 000,039,680 | R--- | M] (eMPIA Technology, Inc.) [Kernel | On_Demand] -- C:\Windows\system32\drivers\emOEM.sys -- (USB28xxOEM)
DRV - [2007/01/22 05:43:26 | 000,053,376 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand] -- C:\Windows\system32\drivers\TosRfSnd.sys -- (TosRfSnd)
DRV - [2006/11/22 12:35:00 | 000,982,272 | ---- | M] (Motorola Inc.) [Kernel | On_Demand] -- C:\Windows\system32\drivers\smserial.sys -- (smserial)
DRV - [2006/11/20 12:55:16 | 000,036,480 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand] -- C:\Windows\system32\drivers\tosrfbnp.sys -- (tosrfbnp)
DRV - [2006/10/10 14:33:00 | 000,041,600 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand] -- C:\Windows\system32\drivers\tosporte.sys -- (tosporte)
DRV - [2006/09/19 08:28:00 | 000,036,608 | R--- | M] (Infineon Technologies AG) [Kernel | On_Demand] -- C:\Windows\system32\drivers\ifxtpm.sys -- (IFXTPM)
DRV - [2006/07/06 21:44:00 | 000,168,448 | ---- | M] (Texas Instruments) [Kernel | On_Demand] -- C:\Windows\system32\drivers\tifm21.sys -- (tifm21)
DRV - [2006/06/16 09:40:56 | 000,193,120 | ---- | M] (Synaptics, Inc.) [Kernel | On_Demand] -- C:\Windows\system32\drivers\SynTP.sys -- (SynTP)
DRV - [2006/02/28 08:00:00 | 000,032,640 | ---- | M] (LSI Logic) [Kernel | Boot] -- C:\Windows\system32\drivers\symc8xx.sys -- (symc8xx)
DRV - [2006/02/28 08:00:00 | 000,030,688 | ---- | M] (LSI Logic) [Kernel | Boot] -- C:\Windows\system32\drivers\sym_u3.sys -- (sym_u3)
DRV - [2005/08/01 11:45:00 | 000,064,896 | ---- | M] (TOSHIBA Corporation) [Kernel | System] -- C:\Windows\system32\drivers\tosrfcom.sys -- (Tosrfcom)
DRV - [2005/04/04 10:25:00 | 000,015,340 | ---- | M] (NT Kernel Resources) [Kernel | Boot] -- C:\WINDOWS\System32\drivers\ndisrd.sys -- (ndisrd)
DRV - [2005/01/07 12:07:18 | 000,138,752 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand] -- C:\Windows\system32\drivers\Hdaudbus.sys -- (HDAudBus)
DRV - [2005/01/06 08:42:00 | 000,018,612 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand] -- C:\Windows\system32\drivers\tosrfnds.sys -- (tosrfnds)
DRV - [2004/08/03 18:10:14 | 000,015,360 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\system32\drivers\MPE.sys -- (MPE)
DRV - [2004/08/03 18:07:56 | 000,059,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\system32\drivers\USBAUDIO.sys -- (usbaudio) USB-Audiotreiber (WDM)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
 
 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
IE - HKU\Dominik_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = MSN, Messenger und Hotmail sowie Nachrichten, Unterhaltung, Video, Sport, Lifestyle, Finanzen, Auto uvm. bei MSN
IE - HKU\Dominik_ON_C\..\URLSearchHook:  - Reg Error: Key error. File not found
IE - HKU\Dominik_ON_C\..\URLSearchHook: {266fcdca-7bb3-4da7-b3bf-f845dea2ebd6} - C:\Programme\IsoBuster\tbIso0.dll File not found
IE - HKU\Dominik_ON_C\..\URLSearchHook: {4596013b-6c31-408b-a266-deae5c086dc2} - C:\Programme\Share_Accelerator_MM\tbSha1.dll (Conduit Ltd.)
IE - HKU\Dominik_ON_C\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Programme\ICQ6Toolbar\ICQToolBar.dll (ICQ)
IE - HKU\Dominik_ON_C\..\URLSearchHook: {dac6ed64-8dd1-4ab8-aedf-b97892d28ffe} - C:\Programme\Multi_Media_Germany\tbMult.dll (Conduit Ltd.)
IE - HKU\Dominik_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1
IE - HKU\Dominik_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>
IE - HKU\Dominik_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" =
 
 
 
IE - HKU\Sono_Bello_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = MSN, Messenger und Hotmail sowie Nachrichten, Unterhaltung, Video, Sport, Lifestyle, Finanzen, Auto uvm. bei MSN
IE - HKU\Sono_Bello_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
IE - HKU\Sono_Bello_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 34 29 93 1C 67 97 CA 01  [binary data]
IE - HKU\Sono_Bello_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
FF - HKLM\software\mozilla\Firefox\extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\Programme\Real\RealPlayer\browserrecord [2009/05/18 04:43:44 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.11\extensions\\Components: C:\Programme\Mozilla Firefox\components [2010/06/23 16:40:48 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.11\extensions\\Plugins: C:\Programme\Mozilla Firefox\plugins [2010/06/23 16:40:48 | 000,000,000 | ---D | M]
 
[2010/08/30 06:36:16 | 000,000,000 | ---D | M] -- C:\Programme\Mozilla Firefox\extensions
[2009/08/15 17:40:43 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
[2008/03/15 09:56:14 | 000,001,392 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\amazondotcom-de.xml
[2008/10/13 14:34:40 | 000,002,344 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\eBay-de.xml
[2008/02/19 10:40:48 | 000,006,805 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\leo_ende_de.xml
[2006/12/03 11:59:22 | 000,000,986 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\wikipedia-de.xml
[2006/11/17 07:19:24 | 000,000,801 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2006/02/28 08:00:00 | 000,000,820 | ---- | M]) - C:\Windows\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1      localhost
O2 - BHO: (XTTBPos00 Class) - {055FD26D-3A88-4e15-963D-DC8493744B1D} - C:\Programme\ICQToolbar\toolbaru.dll (ICQ Inc.)
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (IsoBuster Toolbar) - {266fcdca-7bb3-4da7-b3bf-f845dea2ebd6} - C:\Programme\IsoBuster\tbIso0.dll File not found
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Programme\Real\RealPlayer\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (Share Accelerator MM Toolbar) - {4596013b-6c31-408b-a266-deae5c086dc2} - C:\Programme\Share_Accelerator_MM\tbSha1.dll (Conduit Ltd.)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Programme\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O2 - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programme\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll (Google Inc.)
O2 - BHO: (Google Dictionary Compression sdch) - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Programme\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll (Google Inc.)
O2 - BHO: (Multi Media Germany Toolbar) - {dac6ed64-8dd1-4ab8-aedf-b97892d28ffe} - C:\Programme\Multi_Media_Germany\tbMult.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Veoh Web Player Video Finder) - {0FBB9689-D3D7-4f7a-A2E2-585B10099BFC} - C:\Programme\Veoh Networks\VeohWebPlayer\VeohIEToolbar.dll File not found
O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Programme\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (IsoBuster Toolbar) - {266fcdca-7bb3-4da7-b3bf-f845dea2ebd6} - C:\Programme\IsoBuster\tbIso0.dll File not found
O3 - HKLM\..\Toolbar: (Share Accelerator MM Toolbar) - {4596013b-6c31-408b-a266-deae5c086dc2} - C:\Programme\Share_Accelerator_MM\tbSha1.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Veoh Video Compass) - {52836EB0-631A-47B1-94A6-61F9D9112DAE} - C:\Programme\Veoh Networks\Veoh Video Compass\SearchRecsPlugin.dll File not found
O3 - HKLM\..\Toolbar: (ICQToolBar) - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Programme\ICQ6Toolbar\ICQToolBar.dll (ICQ)
O3 - HKLM\..\Toolbar: (Multi Media Germany Toolbar) - {dac6ed64-8dd1-4ab8-aedf-b97892d28ffe} - C:\Programme\Multi_Media_Germany\tbMult.dll (Conduit Ltd.)
O3 - HKU\Dominik_ON_C\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Programme\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKU\Dominik_ON_C\..\Toolbar\WebBrowser: (IsoBuster Toolbar) - {266FCDCA-7BB3-4DA7-B3BF-F845DEA2EBD6} - C:\Programme\IsoBuster\tbIso0.dll File not found
O3 - HKU\Dominik_ON_C\..\Toolbar\WebBrowser: (Share Accelerator MM Toolbar) - {4596013B-6C31-408B-A266-DEAE5C086DC2} - C:\Programme\Share_Accelerator_MM\tbSha1.dll (Conduit Ltd.)
O3 - HKU\Dominik_ON_C\..\Toolbar\WebBrowser: (ICQToolBar) - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Programme\ICQ6Toolbar\ICQToolBar.dll (ICQ)
O3 - HKU\Dominik_ON_C\..\Toolbar\WebBrowser: (Multi Media Germany Toolbar) - {DAC6ED64-8DD1-4AB8-AEDF-B97892D28FFE} - C:\Programme\Multi_Media_Germany\tbMult.dll (Conduit Ltd.)
O3 - HKU\Sono_Bello_ON_C\..\Toolbar\ShellBrowser: (Share Accelerator MM Toolbar) - {4596013B-6C31-408B-A266-DEAE5C086DC2} - C:\Programme\Share_Accelerator_MM\tbSha1.dll (Conduit Ltd.)
O3 - HKU\Sono_Bello_ON_C\..\Toolbar\ShellBrowser: (Multi Media Germany Toolbar) - {DAC6ED64-8DD1-4AB8-AEDF-B97892D28FFE} - C:\Programme\Multi_Media_Germany\tbMult.dll (Conduit Ltd.)
O3 - HKU\Sono_Bello_ON_C\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Programme\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKU\Sono_Bello_ON_C\..\Toolbar\WebBrowser: (IsoBuster Toolbar) - {266FCDCA-7BB3-4DA7-B3BF-F845DEA2EBD6} - C:\Programme\IsoBuster\tbIso0.dll File not found
O3 - HKU\Sono_Bello_ON_C\..\Toolbar\WebBrowser: (Share Accelerator MM Toolbar) - {4596013B-6C31-408B-A266-DEAE5C086DC2} - C:\Programme\Share_Accelerator_MM\tbSha1.dll (Conduit Ltd.)
O3 - HKU\Sono_Bello_ON_C\..\Toolbar\WebBrowser: (Multi Media Germany Toolbar) - {DAC6ED64-8DD1-4AB8-AEDF-B97892D28FFE} - C:\Programme\Multi_Media_Germany\tbMult.dll (Conduit Ltd.)
O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\ALCMTR.EXE (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [AppleSyncNotifier] C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\AppleSyncNotifier.exe (Apple Inc.)
O4 - HKLM..\Run: [asmcoxenwr.tmp] C:\DOKUME~1\Dominik\LOKALE~1\Temp\asmcoxenwr.tmp File not found
O4 - HKLM..\Run: [avgnt] C:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [BluetoothAuthenticationAgent] C:\WINDOWS\System32\bthprops.cpl (Microsoft Corporation)
O4 - HKLM..\Run: [BrMfcWnd] C:\Programme\Brother\Brmfcmon\BrMfcWnd.exe (Brother Industries, Ltd.)
O4 - HKLM..\Run: [ContentTransferWMDetector.exe] C:\Programme\Sony\Content Transfer\ContentTransferWMDetector.exe (Sony Corporation)
O4 - HKLM..\Run: [ControlCenter3] C:\Programme\Brother\ControlCenter3\brctrcen.exe (Brother Industries, Ltd.)
O4 - HKLM..\Run: [EPGServiceTool] C:\Programme\WinTV\EPG Services\System\EPGClient.exe (Hauppauge Inc.)
O4 - HKLM..\Run: [HCWemmon] C:\WINDOWS\HCWemmon.exe (eMPIA Technology, Inc.)
O4 - HKLM..\Run: [IAAnotif] C:\Programme\Intel\Intel Matrix Storage Manager\Iaanotif.exe (Intel Corporation)
O4 - HKLM..\Run: [IndexSearch] C:\Programme\ScanSoft\PaperPort\IndexSearch.exe (Nuance Communications, Inc.)
O4 - HKLM..\Run: [Kernel and Hardware Abstraction Layer] C:\WINDOWS\KHALMNPR.Exe (Logitech Inc.)
O4 - HKLM..\Run: [Keyboard Manager Utility] C:\Programme\Keyboard Manager\Manager Utility\KeyboardManager.exe (Quanta Computer, INC.)
O4 - HKLM..\Run: [LanguageShortcut] C:\Programme\CyberLink\PowerDVD\Language\Language.exe ()
O4 - HKLM..\Run: [NeroFilterCheck] C:\Programme\Gemeinsame Dateien\Ahead\Lib\NeroCheck.exe (Nero AG)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe ()
O4 - HKLM..\Run: [PaperPort PTD] C:\Programme\ScanSoft\PaperPort\pptd40nt.exe (Nuance Communications, Inc.)
O4 - HKLM..\Run: [PPort11reminder] C:\Programme\ScanSoft\PaperPort\Ereg\Ereg.exe (Nuance Communications, Inc.)
O4 - HKLM..\Run: [SMSERIAL] C:\Programme\Motorola\SMSERIAL\sm56hlpr.exe (Motorola Inc.)
O4 - HKLM..\Run: [SSBkgdUpdate] C:\Programme\Gemeinsame Dateien\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe (Nuance Communications, Inc.)
O4 - HKLM..\Run: [SynTPEnh] C:\Programme\Synaptics\SynTP\SynTPEnh.exe File not found
O4 - HKLM..\Run: [TkBellExe] C:\Programme\Gemeinsame Dateien\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
O4 - HKU\Dominik_ON_C..\Run: [BitTorrent DNA] C:\Programme\DNA\btdna.exe (BitTorrent, Inc.)
O4 - HKU\Dominik_ON_C..\Run: [NCLaunch] C:\Windows\NCLAUNCH.EXe (Northcode Inc.)
O4 - HKU\Dominik_ON_C..\Run: [Sony Ericsson PC Suite] C:\Programme\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe (Sony Ericsson Mobile Communications AB)
O4 - HKU\Dominik_ON_C..\Run: [Steam] C:\Programme\Steam\Steam.exe (Valve Corporation)
O4 - HKU\Dominik_ON_C..\Run: [swg] C:\Programme\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
O4 - HKU\Dominik_ON_C..\Run: [VeohPlugin] C:\Programme\Veoh Networks\VeohWebPlayer\veohwebplayer.exe File not found
O4 - HKU\Sono_Bello_ON_C..\Run: [swg] C:\Programme\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\AutoStart IR.lnk = C:\Programme\WinTV\Ir.exe (Hauppauge Computer Works)
O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\Bluetooth Manager.lnk = C:\Programme\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe (TOSHIBA CORPORATION.)
O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\HP Photosmart Premier – Schnellstart.lnk = C:\Programme\HP\Digital Imaging\bin\hpqthb08.exe (Hewlett-Packard Development Company, L.P.)
O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\Logitech SetPoint.lnk = C:\Programme\Logitech\SetPoint\SetPoint.exe (Logitech Inc.)
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\Administrator_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\Dominik_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\LocalService_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\NetworkService_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\Sono_Bello_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9 - Extra Button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Programme\ICQ6.5\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Programme\ICQ6.5\ICQ.exe (ICQ, LLC.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} hxxp://download.microsoft.com/download/C/0/C/C0CBBA88-A6F2-48D9-9B0E-1719D1177202/LegitCheckControl.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} hxxp://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1198241952502 (WUWebControl Class)
O16 - DPF: {7E980B9B-8AE5-466A-B6D6-DA8CF814E78A} hxxp://icq.oberon-media.com/online//online2/luxor/mjolauncher.cab (MJLauncherCtrl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_10-windows-i586.cab (Java Plug-in 1.6.0_10)
O16 - DPF: {CAFEEFAC-0016-0000-0010-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_10-windows-i586.cab (Java Plug-in 1.6.0_10)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_10-windows-i586.cab (Java Plug-in 1.6.0_10)
O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} hxxp://wwwimages.adobe.com/www.adobe.com/products/acrobat/nos/gp.cab (get_atlcom Class)
O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} hxxp://games.icq.com/online/online2/zuma/popcaploader_v6.cab (PopCapLoader Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Web Components\10\OWC10.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Web Components\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Gemeinsame Dateien\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18 - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O24 - Desktop Components:0 (Die derzeitige Homepage) - About:Home
O24 - Desktop WallPaper: C:\Windows\Web\Wallpaper\Grüne Idylle.bmp
O24 - Desktop BackupWallPaper: C:\Windows\Web\Wallpaper\Grüne Idylle.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/03/24 07:06:41 | 000,000,053 | R--- | M] () - X:\AUTORUN.INF -- [ CDFS ]
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
========== Files/Folders - Created Within 30 Days ==========
 
[2010/08/30 20:00:36 | 000,552,960 | R--- | C] (OldTimer Tools) -- C:\OTLPE.exe
[2010/08/30 20:00:35 | 000,000,000 | ---D | C] -- C:\_OTL
[2010/08/30 16:55:08 | 000,000,000 | --SD | C] -- C:\Dokumente und Einstellungen\Administrator\IETldCache
[2010/08/13 18:11:11 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\Anwendungsdaten\Temp
[2008/07/15 15:12:04 | 023,766,320 | ---- | C] (Apple Inc.) -- C:\Programme\QuickTimeInstaller.exe
[2008/04/23 08:28:47 | 059,782,440 | ---- | C] (Apple Inc.) -- C:\Programme\iTunesSetup.exe
[2006/02/18 22:28:56 | 000,012,288 | ---- | C] (Hewlett-Packard Development Company, L.P.) -- C:\Windows\Fonts\RandFont.dll
 
========== Files - Modified Within 30 Days ==========
 
[2010/09/01 12:36:10 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010/09/01 12:36:06 | 2145,767,424 | -HS- | M] () -- C:\hiberfil.sys
[2010/09/01 03:34:50 | 008,126,464 | -H-- | M] () -- C:\Dokumente und Einstellungen\Dominik\NTUSER.DAT
[2010/09/01 03:34:50 | 000,786,432 | -H-- | M] () -- C:\Dokumente und Einstellungen\Administrator\NTUSER.DAT
[2010/08/30 06:48:00 | 000,001,088 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2010/08/30 06:28:00 | 000,001,044 | ---- | M] () -- C:\WINDOWS\tasks\Google Software Updater.job
[2010/08/30 03:18:41 | 000,001,084 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2010/08/30 03:16:50 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010/08/29 18:32:48 | 000,237,568 | -H-- | M] () -- C:\Dokumente und Einstellungen\NetworkService\NTUSER.DAT
[2010/08/29 18:32:48 | 000,237,568 | -H-- | M] () -- C:\Dokumente und Einstellungen\LocalService\NTUSER.DAT
[2010/08/29 18:32:41 | 000,000,012 | ---- | M] () -- C:\WINDOWS\bthservsdp.dat
[2010/08/29 18:32:00 | 000,024,064 | ---- | M] () -- C:\Dokumente und Einstellungen\Dominik\Eigene Dateien\Apocalyptica end of me.doc
[2010/08/29 12:00:00 | 000,000,396 | ---- | M] () -- C:\WINDOWS\tasks\Norton Security Scan for Dominik.job
[2010/08/29 06:43:10 | 000,002,509 | ---- | M] () -- C:\Dokumente und Einstellungen\Dominik\Desktop\Microsoft Office Word 2003.lnk
[2010/08/29 05:44:37 | 000,002,607 | ---- | M] () -- C:\Dokumente und Einstellungen\Dominik\Desktop\Microsoft Office Outlook 2003.lnk
[2010/08/28 10:19:30 | 000,002,545 | ---- | M] () -- C:\Dokumente und Einstellungen\Dominik\Desktop\Microsoft Office PowerPoint 2003.lnk
[2010/08/28 09:26:50 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
 
========== Files Created - No Company Name ==========
 
[2010/09/01 12:31:27 | 2145,767,424 | -HS- | C] () -- C:\hiberfil.sys
[2010/08/29 18:31:59 | 000,024,064 | ---- | C] () -- C:\Dokumente und Einstellungen\Dominik\Eigene Dateien\Apocalyptica end of me.doc
[2009/12/25 13:19:31 | 000,000,425 | ---- | C] () -- C:\WINDOWS\BRWMARK.INI
[2009/12/25 13:19:04 | 000,106,496 | ---- | C] () -- C:\WINDOWS\System32\BrMuSNMP.dll
[2009/12/25 13:15:27 | 000,031,864 | ---- | C] () -- C:\WINDOWS\maxlink.ini
[2009/10/16 13:34:53 | 000,000,760 | ---- | C] () -- C:\Dokumente und Einstellungen\Dominik\Anwendungsdaten\setup_ldm.iss
[2009/10/12 16:38:30 | 000,000,016 | -H-- | C] () -- C:\Dokumente und Einstellungen\Sono Bello\mxfilerelatedcache.mxc2
[2009/10/03 12:34:15 | 000,006,144 | ---- | C] () -- C:\Dokumente und Einstellungen\Sono Bello\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/09/09 15:09:05 | 000,000,143 | ---- | C] () -- C:\Dokumente und Einstellungen\Sono Bello\Lokale Einstellungen\Anwendungsdaten\fusioncache.dat
[2009/09/09 15:08:51 | 001,572,864 | -H-- | C] () -- C:\Dokumente und Einstellungen\Sono Bello\NTUSER.DAT
[2009/09/09 15:08:51 | 000,008,192 | -H-- | C] () -- C:\Dokumente und Einstellungen\Sono Bello\ntuser.dat.LOG
[2009/09/09 15:08:51 | 000,000,190 | -HS- | C] () -- C:\Dokumente und Einstellungen\Sono Bello\ntuser.ini
[2009/06/16 11:05:41 | 000,000,020 | ---- | C] () -- C:\WINDOWS\Crocclip.INI
[2009/05/28 08:07:25 | 000,000,910 | ---- | C] () -- C:\WINDOWS\cdplayer.ini
[2009/05/05 13:24:52 | 000,000,016 | -H-- | C] () -- C:\Programme\mxfilerelatedcache.mxc2
[2009/05/05 13:24:52 | 000,000,016 | -H-- | C] () -- C:\Dokumente und Einstellungen\Dominik\mxfilerelatedcache.mxc2
[2009/05/05 13:24:52 | 000,000,016 | -H-- | C] () -- C:\Dokumente und Einstellungen\Administrator\mxfilerelatedcache.mxc2
[2008/11/04 12:30:52 | 002,100,210 | ---- | C] () -- C:\Dokumente und Einstellungen\Dominik\ProductContextC5100.log
[2008/10/29 18:10:11 | 000,077,824 | R--- | C] () -- C:\WINDOWS\System32\HPZIDS01.dll
[2008/05/12 07:04:37 | 000,000,111 | ---- | C] () -- C:\Dokumente und Einstellungen\Dominik\default.pls
[2008/04/22 12:18:48 | 000,879,872 | ---- | C] () -- C:\Programme\Google_Updater.exe
[2008/04/20 13:16:22 | 000,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2008/04/14 07:35:56 | 000,000,098 | ---- | C] () -- C:\WINDOWS\WirelessFTP.INI
[2008/04/13 17:02:51 | 000,000,029 | ---- | C] () -- C:\WINDOWS\coolacm.ini
[2008/04/13 17:01:18 | 000,000,037 | ---- | C] () -- C:\WINDOWS\coolmp3.ini
[2008/04/13 17:01:18 | 000,000,029 | ---- | C] () -- C:\WINDOWS\wordpad.ini
[2008/04/13 17:01:17 | 000,000,000 | ---- | C] () -- C:\WINDOWS\COOLSYS.INI
[2008/04/13 17:01:16 | 000,010,677 | ---- | C] () -- C:\WINDOWS\coolkb2k.ini
[2008/04/13 17:00:41 | 000,000,029 | ---- | C] () -- C:\WINDOWS\winzip32.ini
[2008/04/13 16:59:28 | 000,007,232 | ---- | C] () -- C:\WINDOWS\COOL.INI
[2008/04/13 05:57:33 | 000,000,000 | ---- | C] () -- C:\WINDOWS\musicmaker.INI
[2008/04/13 05:43:05 | 000,038,912 | ---- | C] () -- C:\WINDOWS\System32\mgxasio.dll
[2008/04/13 05:39:34 | 000,006,642 | ---- | C] () -- C:\WINDOWS\mgxoschk.ini
[2008/04/09 15:58:24 | 000,000,112 | ---- | C] () -- C:\WINDOWS\ActiveSkin.INI
[2008/01/03 15:23:21 | 000,000,030 | ---- | C] () -- C:\WINDOWS\System32\UNWISE.INI
[2008/01/03 15:22:44 | 000,000,399 | ---- | C] () -- C:\WINDOWS\vtplus32.ini
[2008/01/03 15:22:38 | 000,032,135 | ---- | C] () -- C:\WINDOWS\Irremote.ini
[2008/01/03 15:22:30 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\dmcrypto.dll
[2008/01/03 15:22:08 | 000,159,744 | ---- | C] () -- C:\WINDOWS\System32\hcwChDB.dll
[2008/01/03 15:19:44 | 000,002,120 | ---- | C] () -- C:\WINDOWS\HCWPNP.INI
[2008/01/03 15:18:28 | 000,040,960 | R--- | C] () -- C:\WINDOWS\System32\bdadll.dll
[2008/01/03 15:18:18 | 000,363,520 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2007/12/25 11:54:04 | 000,000,864 | ---- | C] () -- C:\Dokumente und Einstellungen\Dominik\reglog.txt
[2007/12/25 08:03:20 | 000,083,968 | ---- | C] () -- C:\Dokumente und Einstellungen\Dominik\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2007/12/24 19:29:39 | 000,000,000 | ---- | C] () -- C:\WINDOWS\iPlayer.INI
[2007/12/23 06:48:12 | 000,000,507 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2007/12/23 06:45:50 | 000,000,000 | ---- | C] () -- C:\WINDOWS\tosOBEX.INI
[2007/12/21 09:17:32 | 000,000,140 | ---- | C] () -- C:\Dokumente und Einstellungen\Dominik\Lokale Einstellungen\Anwendungsdaten\fusioncache.dat
[2007/12/21 08:14:18 | 008,126,464 | -H-- | C] () -- C:\Dokumente und Einstellungen\Dominik\NTUSER.DAT
[2007/12/21 08:14:18 | 000,008,192 | -H-- | C] () -- C:\Dokumente und Einstellungen\Dominik\ntuser.dat.LOG
[2007/12/21 08:14:18 | 000,000,300 | -HS- | C] () -- C:\Dokumente und Einstellungen\Dominik\ntuser.ini
[2007/12/05 09:49:26 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2007/12/05 09:42:47 | 000,000,190 | -HS- | C] () -- C:\Dokumente und Einstellungen\Administrator\ntuser.ini
[2007/12/05 09:42:46 | 000,786,432 | -H-- | C] () -- C:\Dokumente und Einstellungen\Administrator\NTUSER.DAT
[2007/12/05 09:42:46 | 000,024,576 | -H-- | C] () -- C:\Dokumente und Einstellungen\Administrator\ntuser.dat.LOG
[2007/12/05 09:40:56 | 000,237,568 | -H-- | C] () -- C:\Dokumente und Einstellungen\NetworkService\NTUSER.DAT
[2007/12/05 09:40:56 | 000,237,568 | -H-- | C] () -- C:\Dokumente und Einstellungen\LocalService\NTUSER.DAT
[2007/12/05 09:40:56 | 000,008,192 | -H-- | C] () -- C:\Dokumente und Einstellungen\NetworkService\ntuser.dat.LOG
[2007/12/05 09:40:56 | 000,008,192 | -H-- | C] () -- C:\Dokumente und Einstellungen\LocalService\ntuser.dat.LOG
[2007/12/05 09:40:56 | 000,000,020 | -HS- | C] () -- C:\Dokumente und Einstellungen\NetworkService\ntuser.ini
[2007/12/05 09:40:56 | 000,000,020 | -HS- | C] () -- C:\Dokumente und Einstellungen\LocalService\ntuser.ini
[2007/12/05 09:32:28 | 001,019,904 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll
[2007/12/05 09:32:27 | 001,703,936 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll
[2007/12/05 09:32:25 | 000,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll
[2007/12/05 09:32:23 | 001,474,560 | ---- | C] () -- C:\WINDOWS\System32\nview.dll
[2007/12/05 09:31:50 | 000,172,032 | ---- | C] () -- C:\WINDOWS\System32\tifmicon.dll
[2007/12/05 09:31:44 | 000,000,998 | ---- | C] () -- C:\WINDOWS\System32\OemInfo.ini
[2007/12/05 09:31:27 | 000,262,144 | ---- | C] () -- C:\Windows\system32\config\systemprofile\ntuser.dat
[2007/12/05 09:31:27 | 000,008,192 | -H-- | C] () -- C:\Windows\system32\config\systemprofile\ntuser.dat.LOG
[2007/12/05 09:30:53 | 000,000,849 | ---- | C] () -- C:\WINDOWS\orun32.ini
[2006/12/05 08:05:06 | 000,114,688 | ---- | C] () -- C:\WINDOWS\System32\TosBtAcc.dll
[2005/07/22 16:30:20 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\TosCommAPI.dll
[2003/02/20 12:53:42 | 000,005,702 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI
[2001/07/06 22:00:00 | 000,003,254 | ---- | C] () -- C:\WINDOWS\System32\HPTCPMON.INI
 
========== LOP Check ==========
 
[2010/03/11 14:10:41 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Dominik\Anwendungsdaten\Audacity
[2009/12/05 18:15:21 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Dominik\Anwendungsdaten\Azureus
[2008/08/13 18:22:38 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Dominik\Anwendungsdaten\capella-software
[2010/08/30 06:38:58 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Dominik\Anwendungsdaten\DNA
[2008/11/03 07:25:12 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Dominik\Anwendungsdaten\ICQ
[2008/04/15 03:02:53 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Dominik\Anwendungsdaten\ICQ Toolbar
[2008/04/11 12:24:47 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Dominik\Anwendungsdaten\Leadertech
[2008/04/13 05:57:40 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Dominik\Anwendungsdaten\MAGIX
[2009/10/23 09:57:53 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Dominik\Anwendungsdaten\NPLUTO Corporation
[2009/01/02 09:26:38 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Dominik\Anwendungsdaten\ProtectDisc
[2009/01/05 13:50:12 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Dominik\Anwendungsdaten\Sony
[2009/05/18 05:50:01 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Dominik\Anwendungsdaten\streamripper
[2007/12/25 10:25:21 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Dominik\Anwendungsdaten\TOSHIBA
[2008/04/14 07:44:22 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Dominik\Anwendungsdaten\Uniblue
[2009/10/08 06:39:57 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Dominik\Anwendungsdaten\ZapSpot
[2009/09/09 15:48:10 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Sono Bello\Anwendungsdaten\TOSHIBA
 
========== Purity Check ==========
 
 
< End of report >
--- --- ---

Swisstreasure 01.09.2010 15:01
Schritt 1

Fixen mit OTL
  • Starte die OTL.exe.
  • Vista und Windows 7 User: Rechtsklick auf die OTL.exe und "als Administrator ausführen" wählen.
  • Kopiere folgendes Skript:
Code:
:OTL
IE - HKU\Dominik_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" =
O4 - HKLM..\Run: [asmcoxenwr.tmp] C:\DOKUME~1\Dominik\LOKALE~1\Temp\asmcoxenwr.tmp File not found
:Commands
[purity]
[emptytemp]

Schritt 2

CustomScan mit OTLPE
  • Mache einen doppel Klick auf das OTLPE Icon.
  • Wenn du gefragt wirst "Do you wish to load the remote registry", dann wähle Yes
  • Wenn du gefragt wirst "Do you wish to load remote user profile(s) for scanning", dann wähle Yes
  • Entsichere die Box "Automatically Load All Remaining Users" wenn sie gewählt ist und drücke OK
  • Kopiere nun den Inhalt in die http://billy-oneal.com/Canned%20Spee.../customFix.png Textbox.
Code:
netsvcs
%SYSTEMDRIVE%\*.exe
/md5start
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
sceclt.dll
ntelogon.dll
logevent.dll
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
ahcix86s.sys
nvrd32.sys
symmpi.sys
adp3132.sys
mv61xx.sys
/md5stop
%systemroot%\*. /mp /s
CREATERESTOREPOINT
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemdrive%\*.sys /90 /md5

Dendemann 02.09.2010 09:50
Schritt 1 konnte nicht ausgeführt werden da sich der Pc beim ausführen aufhängt.

Schritt 2

Code:
OTL logfile created on: 9/2/2010 8:18:14 PM - Run
OTLPE by OldTimer - Version 3.1.40.0    Folder = X:\Programs\OTLPE
Microsoft Windows XP Service Pack 2 (Version = 5.1.2600) - Type = SYSTEM
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
2.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 87.00% Memory free
2.00 Gb Paging File | 2.00 Gb Available in Paging File | 97.00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 77.63 Gb Total Space | 29.78 Gb Free Space | 38.36% Space Free | Partition Type: NTFS
Drive D: | 77.63 Gb Total Space | 59.77 Gb Free Space | 76.99% Space Free | Partition Type: NTFS
Drive E: | 77.62 Gb Total Space | 55.38 Gb Free Space | 71.34% Space Free | Partition Type: NTFS
Drive F: | 15.05 Gb Total Space | 13.96 Gb Free Space | 92.76% Space Free | Partition Type: FAT32
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Drive X: | 433.24 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
 
Computer Name: REATOGO
Current User Name: SYSTEM
Logged in as Administrator.
 
Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 90 Days
Output = Standard
Quick Scan
Using ControlSet: ControlSet001
 
========== Win32 Services (SafeList) ==========
 
SRV - File not found [On_Demand] -- C:\Programme\NOS\bin\getPlus_HelperSvc.exe -- (getPlus(R) Helper) getPlus(R)
SRV - [2010/06/10 15:03:08 | 000,144,176 | ---- | M] (Apple Inc.) [Auto] -- C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2009/07/21 08:34:28 | 000,185,089 | ---- | M] (Avira GmbH) [Auto] -- C:\Programme\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2009/06/01 16:20:12 | 000,222,968 | ---- | M] () [Auto] -- C:\Programme\ICQ6Toolbar\ICQ Service.exe -- (ICQ Service)
SRV - [2009/05/13 10:48:18 | 000,108,289 | ---- | M] (Avira GmbH) [Auto] -- C:\Programme\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2009/04/30 07:23:26 | 000,090,112 | ---- | M] () [Auto] -- C:\Programme\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe -- (OMSI download service)
SRV - [2007/09/05 12:46:02 | 000,374,272 | ---- | M] (Hauppauge Computer Works) [Auto] -- C:\Programme\WinTV\EPG Services\System\EPGService.exe -- (EPGService)
SRV - [2007/08/09 03:27:52 | 000,073,728 | ---- | M] (HP) [Auto] -- C:\Windows\system32\HPZipm12.exe -- (Pml Driver HPZ12)
SRV - [2007/07/12 11:36:12 | 000,354,840 | ---- | M] (Intel Corporation) [Auto] -- C:\Programme\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON) Intel(R)
SRV - [2007/02/25 16:55:18 | 000,125,048 | ---- | M] (TOSHIBA CORPORATION) [Auto] -- c:\Programme\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe -- (TOSHIBA Bluetooth Service)
SRV - [2005/11/17 08:18:52 | 001,527,900 | ---- | M] (MAGIX®) [On_Demand] -- C:\MAGIX\Common\Database\bin\fbserver.exe -- (FirebirdServerMAGIXInstance)
SRV - [2005/04/03 19:41:10 | 000,069,632 | ---- | M] (Macrovision Corporation) [On_Demand] -- C:\Programme\Gemeinsame Dateien\InstallShield\Driver\11\Intel 32\IDriverT.exe -- (IDriverT)
SRV - [2003/07/28 07:28:22 | 000,089,136 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE -- (ose)
SRV - [2003/06/19 18:25:00 | 000,322,120 | ---- | M] (Microsoft Corporation) [Auto] -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7DEBUG\MDM.EXE -- (MDM)
 
 
========== Driver Services (SafeList) ==========
 
DRV - File not found [Kernel | On_Demand] --  -- (WDICA)
DRV - File not found [Kernel | On_Demand] --  -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand] --  -- (PDRELI)
DRV - File not found [Kernel | On_Demand] --  -- (PDFRAME)
DRV - File not found [Kernel | On_Demand] --  -- (PDCOMP)
DRV - File not found [Kernel | System] --  -- (PCIDump)
DRV - File not found [Kernel | System] --  -- (lbrtfdc)
DRV - File not found [Kernel | System] --  -- (i2omgmt)
DRV - File not found [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\EagleNT.sys -- (EagleNT)
DRV - File not found [Kernel | System] --  -- (Changer)
DRV - [2009/12/07 15:20:06 | 000,056,816 | ---- | M] (Avira GmbH) [File_System | Auto] -- C:\Windows\system32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2009/05/11 04:12:20 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System] -- C:\Windows\system32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2009/03/30 04:33:03 | 000,096,104 | ---- | M] (Avira GmbH) [Kernel | System] -- C:\Windows\system32\drivers\avipbb.sys -- (avipbb)
DRV - [2009/02/13 06:35:01 | 000,011,608 | ---- | M] (Avira GmbH) [Kernel | System] -- C:\Programme\Avira\AntiVir Desktop\avgio.sys -- (avgio)
DRV - [2008/06/03 20:34:08 | 000,122,024 | ---- | M] (MCCI Corporation) [Kernel | On_Demand] -- C:\Windows\system32\drivers\s1018mdm.sys -- (s1018mdm)
DRV - [2008/06/03 20:34:08 | 000,115,368 | ---- | M] (MCCI Corporation) [Kernel | On_Demand] -- C:\Windows\system32\drivers\s1018mgmt.sys -- (s1018mgmt) Sony Ericsson Device 1018 USB WMC Device Management Drivers (WDM)
DRV - [2008/06/03 20:34:08 | 000,090,408 | ---- | M] (MCCI Corporation) [Kernel | On_Demand] -- C:\Windows\system32\drivers\s1018bus.sys -- (s1018bus) Sony Ericsson Device 1018 driver (WDM)
DRV - [2008/06/03 20:34:08 | 000,025,768 | ---- | M] (MCCI Corporation) [Kernel | On_Demand] -- C:\Windows\system32\drivers\s1018nd5.sys -- (s1018nd5) Sony Ericsson Device 1018 USB Ethernet Emulation (NDIS)
DRV - [2008/06/03 20:34:06 | 000,117,544 | ---- | M] (MCCI Corporation) [Kernel | On_Demand] -- C:\Windows\system32\drivers\s1018unic.sys -- (s1018unic) Sony Ericsson Device 1018 USB Ethernet Emulation (WDM)
DRV - [2008/06/03 20:34:06 | 000,111,784 | ---- | M] (MCCI Corporation) [Kernel | On_Demand] -- C:\Windows\system32\drivers\s1018obex.sys -- (s1018obex)
DRV - [2008/06/03 20:34:06 | 000,015,016 | ---- | M] (MCCI Corporation) [Kernel | On_Demand] -- C:\Windows\system32\drivers\s1018mdfl.sys -- (s1018mdfl)
DRV - [2008/05/26 23:41:46 | 000,122,152 | ---- | M] (MCCI Corporation) [Kernel | On_Demand] -- C:\Windows\system32\drivers\s0017mdm.sys -- (s0017mdm)
DRV - [2008/05/26 23:41:46 | 000,117,672 | ---- | M] (MCCI Corporation) [Kernel | On_Demand] -- C:\Windows\system32\drivers\s0017unic.sys -- (s0017unic) Sony Ericsson Device 0017 USB Ethernet Emulation SEMC0017 (WDM)
DRV - [2008/05/26 23:41:46 | 000,111,912 | ---- | M] (MCCI Corporation) [Kernel | On_Demand] -- C:\Windows\system32\drivers\s0017obex.sys -- (s0017obex)
DRV - [2008/05/26 23:41:46 | 000,090,536 | ---- | M] (MCCI Corporation) [Kernel | On_Demand] -- C:\Windows\system32\drivers\s0017bus.sys -- (s0017bus) Sony Ericsson Device 0017 driver (WDM)
DRV - [2008/05/26 23:41:46 | 000,015,016 | ---- | M] (MCCI Corporation) [Kernel | On_Demand] -- C:\Windows\system32\drivers\s0017mdfl.sys -- (s0017mdfl)
DRV - [2008/05/26 23:41:44 | 000,115,496 | ---- | M] (MCCI Corporation) [Kernel | On_Demand] -- C:\Windows\system32\drivers\s0017mgmt.sys -- (s0017mgmt) Sony Ericsson Device 0017 USB WMC Device Management Drivers (WDM)
DRV - [2008/05/26 23:41:44 | 000,025,768 | ---- | M] (MCCI Corporation) [Kernel | On_Demand] -- C:\Windows\system32\drivers\s0017nd5.sys -- (s0017nd5) Sony Ericsson Device 0017 USB Ethernet Emulation SEMC0017 (NDIS)
DRV - [2008/04/13 05:53:26 | 000,101,376 | ---- | M] (Protect Software GmbH) [Kernel | Auto] -- C:\Windows\system32\drivers\ACEDRV07.sys -- (ACEDRV07)
DRV - [2008/01/09 07:28:34 | 000,027,632 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand] -- C:\Windows\system32\drivers\seehcri.sys -- (seehcri)
DRV - [2007/07/12 11:35:02 | 000,305,176 | ---- | M] (Intel Corporation) [Kernel | Boot] -- C:\Windows\system32\drivers\iaStor.sys -- (IASTOR)
DRV - [2007/07/10 03:56:34 | 004,449,280 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand] -- C:\Windows\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2007/05/22 16:35:00 | 006,346,688 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand] -- C:\Windows\system32\drivers\nv4_mini.sys -- (nv)
DRV - [2007/05/11 05:38:37 | 002,206,976 | ---- | M] (Intel Corporation) [Kernel | On_Demand] -- C:\Windows\system32\drivers\NETw4x32.sys -- (NETw4x32) Intel(R)
DRV - [2007/04/11 09:32:58 | 000,036,112 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand] -- C:\Windows\system32\drivers\LMouFilt.Sys -- (LMouFilt)
DRV - [2007/04/11 09:32:52 | 000,034,832 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand] -- C:\Windows\system32\drivers\LHidFilt.Sys -- (LHidFilt)
DRV - [2007/03/30 12:19:08 | 000,041,856 | ---- | M] (TOSHIBA CORPORATION) [Kernel | On_Demand] -- C:\Windows\system32\drivers\tosrfusb.sys -- (tosrfusb)
DRV - [2007/03/13 04:12:00 | 000,255,232 | ---- | M] (Marvell) [Kernel | On_Demand] -- C:\Windows\system32\drivers\yk51x86.sys -- (yukonwxp)
DRV - [2007/03/01 11:53:12 | 000,073,728 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand] -- C:\Windows\system32\drivers\Tosrfhid.sys -- (Tosrfhid)
DRV - [2007/02/22 14:56:24 | 000,113,920 | ---- | M] (TOSHIBA CORPORATION) [Kernel | On_Demand] -- C:\Windows\system32\drivers\tosrfbd.sys -- (tosrfbd)
DRV - [2007/02/01 03:38:54 | 000,033,792 | ---- | M] (KM Software Team) [Kernel | On_Demand] -- C:\Windows\system32\drivers\qkbfiltr.sys -- (qkbfiltr)
DRV - [2007/01/29 20:20:04 | 000,361,728 | R--- | M] (eMPIA Technology, Inc.) [Kernel | On_Demand] -- C:\Windows\system32\drivers\emBDA.sys -- (USB28xxBGA)
DRV - [2007/01/29 20:19:48 | 000,039,680 | R--- | M] (eMPIA Technology, Inc.) [Kernel | On_Demand] -- C:\Windows\system32\drivers\emOEM.sys -- (USB28xxOEM)
DRV - [2007/01/22 05:43:26 | 000,053,376 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand] -- C:\Windows\system32\drivers\TosRfSnd.sys -- (TosRfSnd)
DRV - [2006/11/22 12:35:00 | 000,982,272 | ---- | M] (Motorola Inc.) [Kernel | On_Demand] -- C:\Windows\system32\drivers\smserial.sys -- (smserial)
DRV - [2006/11/20 12:55:16 | 000,036,480 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand] -- C:\Windows\system32\drivers\tosrfbnp.sys -- (tosrfbnp)
DRV - [2006/10/10 14:33:00 | 000,041,600 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand] -- C:\Windows\system32\drivers\tosporte.sys -- (tosporte)
DRV - [2006/09/19 08:28:00 | 000,036,608 | R--- | M] (Infineon Technologies AG) [Kernel | On_Demand] -- C:\Windows\system32\drivers\ifxtpm.sys -- (IFXTPM)
DRV - [2006/07/06 21:44:00 | 000,168,448 | ---- | M] (Texas Instruments) [Kernel | On_Demand] -- C:\Windows\system32\drivers\tifm21.sys -- (tifm21)
DRV - [2006/06/16 09:40:56 | 000,193,120 | ---- | M] (Synaptics, Inc.) [Kernel | On_Demand] -- C:\Windows\system32\drivers\SynTP.sys -- (SynTP)
DRV - [2006/02/28 08:00:00 | 000,032,640 | ---- | M] (LSI Logic) [Kernel | Boot] -- C:\Windows\system32\drivers\symc8xx.sys -- (symc8xx)
DRV - [2006/02/28 08:00:00 | 000,030,688 | ---- | M] (LSI Logic) [Kernel | Boot] -- C:\Windows\system32\drivers\sym_u3.sys -- (sym_u3)
DRV - [2005/08/01 11:45:00 | 000,064,896 | ---- | M] (TOSHIBA Corporation) [Kernel | System] -- C:\Windows\system32\drivers\tosrfcom.sys -- (Tosrfcom)
DRV - [2005/04/04 10:25:00 | 000,015,340 | ---- | M] (NT Kernel Resources) [Kernel | Boot] -- C:\WINDOWS\System32\drivers\ndisrd.sys -- (ndisrd)
DRV - [2005/01/07 12:07:18 | 000,138,752 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand] -- C:\Windows\system32\drivers\Hdaudbus.sys -- (HDAudBus)
DRV - [2005/01/06 08:42:00 | 000,018,612 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand] -- C:\Windows\system32\drivers\tosrfnds.sys -- (tosrfnds)
DRV - [2004/08/03 18:10:14 | 000,015,360 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\system32\drivers\MPE.sys -- (MPE)
DRV - [2004/08/03 18:07:56 | 000,059,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\system32\drivers\USBAUDIO.sys -- (usbaudio) USB-Audiotreiber (WDM)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
 
 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
IE - HKU\Dominik_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://de.msn.com/default.aspx
IE - HKU\Dominik_ON_C\..\URLSearchHook:  - Reg Error: Key error. File not found
IE - HKU\Dominik_ON_C\..\URLSearchHook: {266fcdca-7bb3-4da7-b3bf-f845dea2ebd6} - C:\Programme\IsoBuster\tbIso0.dll File not found
IE - HKU\Dominik_ON_C\..\URLSearchHook: {4596013b-6c31-408b-a266-deae5c086dc2} - C:\Programme\Share_Accelerator_MM\tbSha1.dll (Conduit Ltd.)
IE - HKU\Dominik_ON_C\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Programme\ICQ6Toolbar\ICQToolBar.dll (ICQ)
IE - HKU\Dominik_ON_C\..\URLSearchHook: {dac6ed64-8dd1-4ab8-aedf-b97892d28ffe} - C:\Programme\Multi_Media_Germany\tbMult.dll (Conduit Ltd.)
IE - HKU\Dominik_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1
IE - HKU\Dominik_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>
IE - HKU\Dominik_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" =
 
 
 
IE - HKU\Sono_Bello_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
IE - HKU\Sono_Bello_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
IE - HKU\Sono_Bello_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 34 29 93 1C 67 97 CA 01  [binary data]
IE - HKU\Sono_Bello_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
FF - HKLM\software\mozilla\Firefox\extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\Programme\Real\RealPlayer\browserrecord [2009/05/18 04:43:44 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.11\extensions\\Components: C:\Programme\Mozilla Firefox\components [2010/06/23 16:40:48 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.11\extensions\\Plugins: C:\Programme\Mozilla Firefox\plugins [2010/06/23 16:40:48 | 000,000,000 | ---D | M]
 
[2010/08/30 06:36:16 | 000,000,000 | ---D | M] -- C:\Programme\Mozilla Firefox\extensions
[2009/08/15 17:40:43 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
[2008/03/15 09:56:14 | 000,001,392 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\amazondotcom-de.xml
[2008/10/13 14:34:40 | 000,002,344 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\eBay-de.xml
[2008/02/19 10:40:48 | 000,006,805 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\leo_ende_de.xml
[2006/12/03 11:59:22 | 000,000,986 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\wikipedia-de.xml
[2006/11/17 07:19:24 | 000,000,801 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2006/02/28 08:00:00 | 000,000,820 | ---- | M]) - C:\Windows\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1      localhost
O2 - BHO: (XTTBPos00 Class) - {055FD26D-3A88-4e15-963D-DC8493744B1D} - C:\Programme\ICQToolbar\toolbaru.dll (ICQ Inc.)
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (IsoBuster Toolbar) - {266fcdca-7bb3-4da7-b3bf-f845dea2ebd6} - C:\Programme\IsoBuster\tbIso0.dll File not found
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Programme\Real\RealPlayer\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (Share Accelerator MM Toolbar) - {4596013b-6c31-408b-a266-deae5c086dc2} - C:\Programme\Share_Accelerator_MM\tbSha1.dll (Conduit Ltd.)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Programme\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O2 - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programme\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll (Google Inc.)
O2 - BHO: (Google Dictionary Compression sdch) - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Programme\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll (Google Inc.)
O2 - BHO: (Multi Media Germany Toolbar) - {dac6ed64-8dd1-4ab8-aedf-b97892d28ffe} - C:\Programme\Multi_Media_Germany\tbMult.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Veoh Web Player Video Finder) - {0FBB9689-D3D7-4f7a-A2E2-585B10099BFC} - C:\Programme\Veoh Networks\VeohWebPlayer\VeohIEToolbar.dll File not found
O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Programme\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (IsoBuster Toolbar) - {266fcdca-7bb3-4da7-b3bf-f845dea2ebd6} - C:\Programme\IsoBuster\tbIso0.dll File not found
O3 - HKLM\..\Toolbar: (Share Accelerator MM Toolbar) - {4596013b-6c31-408b-a266-deae5c086dc2} - C:\Programme\Share_Accelerator_MM\tbSha1.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Veoh Video Compass) - {52836EB0-631A-47B1-94A6-61F9D9112DAE} - C:\Programme\Veoh Networks\Veoh Video Compass\SearchRecsPlugin.dll File not found
O3 - HKLM\..\Toolbar: (ICQToolBar) - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Programme\ICQ6Toolbar\ICQToolBar.dll (ICQ)
O3 - HKLM\..\Toolbar: (Multi Media Germany Toolbar) - {dac6ed64-8dd1-4ab8-aedf-b97892d28ffe} - C:\Programme\Multi_Media_Germany\tbMult.dll (Conduit Ltd.)
O3 - HKU\Dominik_ON_C\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Programme\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKU\Dominik_ON_C\..\Toolbar\WebBrowser: (IsoBuster Toolbar) - {266FCDCA-7BB3-4DA7-B3BF-F845DEA2EBD6} - C:\Programme\IsoBuster\tbIso0.dll File not found
O3 - HKU\Dominik_ON_C\..\Toolbar\WebBrowser: (Share Accelerator MM Toolbar) - {4596013B-6C31-408B-A266-DEAE5C086DC2} - C:\Programme\Share_Accelerator_MM\tbSha1.dll (Conduit Ltd.)
O3 - HKU\Dominik_ON_C\..\Toolbar\WebBrowser: (ICQToolBar) - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Programme\ICQ6Toolbar\ICQToolBar.dll (ICQ)
O3 - HKU\Dominik_ON_C\..\Toolbar\WebBrowser: (Multi Media Germany Toolbar) - {DAC6ED64-8DD1-4AB8-AEDF-B97892D28FFE} - C:\Programme\Multi_Media_Germany\tbMult.dll (Conduit Ltd.)
O3 - HKU\Sono_Bello_ON_C\..\Toolbar\ShellBrowser: (Share Accelerator MM Toolbar) - {4596013B-6C31-408B-A266-DEAE5C086DC2} - C:\Programme\Share_Accelerator_MM\tbSha1.dll (Conduit Ltd.)
O3 - HKU\Sono_Bello_ON_C\..\Toolbar\ShellBrowser: (Multi Media Germany Toolbar) - {DAC6ED64-8DD1-4AB8-AEDF-B97892D28FFE} - C:\Programme\Multi_Media_Germany\tbMult.dll (Conduit Ltd.)
O3 - HKU\Sono_Bello_ON_C\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Programme\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKU\Sono_Bello_ON_C\..\Toolbar\WebBrowser: (IsoBuster Toolbar) - {266FCDCA-7BB3-4DA7-B3BF-F845DEA2EBD6} - C:\Programme\IsoBuster\tbIso0.dll File not found
O3 - HKU\Sono_Bello_ON_C\..\Toolbar\WebBrowser: (Share Accelerator MM Toolbar) - {4596013B-6C31-408B-A266-DEAE5C086DC2} - C:\Programme\Share_Accelerator_MM\tbSha1.dll (Conduit Ltd.)
O3 - HKU\Sono_Bello_ON_C\..\Toolbar\WebBrowser: (Multi Media Germany Toolbar) - {DAC6ED64-8DD1-4AB8-AEDF-B97892D28FFE} - C:\Programme\Multi_Media_Germany\tbMult.dll (Conduit Ltd.)
O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\ALCMTR.EXE (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [AppleSyncNotifier] C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\AppleSyncNotifier.exe (Apple Inc.)
O4 - HKLM..\Run: [asmcoxenwr.tmp] C:\DOKUME~1\Dominik\LOKALE~1\Temp\asmcoxenwr.tmp File not found
O4 - HKLM..\Run: [avgnt] C:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [BluetoothAuthenticationAgent] C:\WINDOWS\System32\bthprops.cpl (Microsoft Corporation)
O4 - HKLM..\Run: [BrMfcWnd] C:\Programme\Brother\Brmfcmon\BrMfcWnd.exe (Brother Industries, Ltd.)
O4 - HKLM..\Run: [ContentTransferWMDetector.exe] C:\Programme\Sony\Content Transfer\ContentTransferWMDetector.exe (Sony Corporation)
O4 - HKLM..\Run: [ControlCenter3] C:\Programme\Brother\ControlCenter3\brctrcen.exe (Brother Industries, Ltd.)
O4 - HKLM..\Run: [EPGServiceTool] C:\Programme\WinTV\EPG Services\System\EPGClient.exe (Hauppauge Inc.)
O4 - HKLM..\Run: [HCWemmon] C:\WINDOWS\HCWemmon.exe (eMPIA Technology, Inc.)
O4 - HKLM..\Run: [IAAnotif] C:\Programme\Intel\Intel Matrix Storage Manager\Iaanotif.exe (Intel Corporation)
O4 - HKLM..\Run: [IndexSearch] C:\Programme\ScanSoft\PaperPort\IndexSearch.exe (Nuance Communications, Inc.)
O4 - HKLM..\Run: [Kernel and Hardware Abstraction Layer] C:\WINDOWS\KHALMNPR.Exe (Logitech Inc.)
O4 - HKLM..\Run: [Keyboard Manager Utility] C:\Programme\Keyboard Manager\Manager Utility\KeyboardManager.exe (Quanta Computer, INC.)
O4 - HKLM..\Run: [LanguageShortcut] C:\Programme\CyberLink\PowerDVD\Language\Language.exe ()
O4 - HKLM..\Run: [NeroFilterCheck] C:\Programme\Gemeinsame Dateien\Ahead\Lib\NeroCheck.exe (Nero AG)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe ()
O4 - HKLM..\Run: [PaperPort PTD] C:\Programme\ScanSoft\PaperPort\pptd40nt.exe (Nuance Communications, Inc.)
O4 - HKLM..\Run: [PPort11reminder] C:\Programme\ScanSoft\PaperPort\Ereg\Ereg.exe (Nuance Communications, Inc.)
O4 - HKLM..\Run: [SMSERIAL] C:\Programme\Motorola\SMSERIAL\sm56hlpr.exe (Motorola Inc.)
O4 - HKLM..\Run: [SSBkgdUpdate] C:\Programme\Gemeinsame Dateien\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe (Nuance Communications, Inc.)
O4 - HKLM..\Run: [SynTPEnh] C:\Programme\Synaptics\SynTP\SynTPEnh.exe File not found
O4 - HKLM..\Run: [TkBellExe] C:\Programme\Gemeinsame Dateien\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
O4 - HKU\Dominik_ON_C..\Run: [BitTorrent DNA] C:\Programme\DNA\btdna.exe (BitTorrent, Inc.)
O4 - HKU\Dominik_ON_C..\Run: [NCLaunch] C:\Windows\NCLAUNCH.EXe (Northcode Inc.)
O4 - HKU\Dominik_ON_C..\Run: [Sony Ericsson PC Suite] C:\Programme\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe (Sony Ericsson Mobile Communications AB)
O4 - HKU\Dominik_ON_C..\Run: [Steam] C:\Programme\Steam\Steam.exe (Valve Corporation)
O4 - HKU\Dominik_ON_C..\Run: [swg] C:\Programme\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
O4 - HKU\Dominik_ON_C..\Run: [VeohPlugin] C:\Programme\Veoh Networks\VeohWebPlayer\veohwebplayer.exe File not found
O4 - HKU\Sono_Bello_ON_C..\Run: [swg] C:\Programme\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\AutoStart IR.lnk = C:\Programme\WinTV\Ir.exe (Hauppauge Computer Works)
O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\Bluetooth Manager.lnk = C:\Programme\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe (TOSHIBA CORPORATION.)
O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\HP Photosmart Premier – Schnellstart.lnk = C:\Programme\HP\Digital Imaging\bin\hpqthb08.exe (Hewlett-Packard Development Company, L.P.)
O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\Logitech SetPoint.lnk = C:\Programme\Logitech\SetPoint\SetPoint.exe (Logitech Inc.)
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\Administrator_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\Dominik_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\LocalService_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\NetworkService_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\Sono_Bello_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9 - Extra Button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Programme\ICQ6.5\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Programme\ICQ6.5\ICQ.exe (ICQ, LLC.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} hxxp://download.microsoft.com/download/C/0/C/C0CBBA88-A6F2-48D9-9B0E-1719D1177202/LegitCheckControl.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} hxxp://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1198241952502 (WUWebControl Class)
O16 - DPF: {7E980B9B-8AE5-466A-B6D6-DA8CF814E78A} hxxp://icq.oberon-media.com/online//online2/luxor/mjolauncher.cab (MJLauncherCtrl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_10-windows-i586.cab (Java Plug-in 1.6.0_10)
O16 - DPF: {CAFEEFAC-0016-0000-0010-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_10-windows-i586.cab (Java Plug-in 1.6.0_10)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_10-windows-i586.cab (Java Plug-in 1.6.0_10)
O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} hxxp://wwwimages.adobe.com/www.adobe.com/products/acrobat/nos/gp.cab (get_atlcom Class)
O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} hxxp://games.icq.com/online/online2/zuma/popcaploader_v6.cab (PopCapLoader Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Web Components\10\OWC10.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Web Components\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Gemeinsame Dateien\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18 - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O24 - Desktop Components:0 (Die derzeitige Homepage) - About:Home
O24 - Desktop WallPaper: C:\Windows\Web\Wallpaper\Grüne Idylle.bmp
O24 - Desktop BackupWallPaper: C:\Windows\Web\Wallpaper\Grüne Idylle.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/03/24 07:06:41 | 000,000,053 | R--- | M] () - X:\AUTORUN.INF -- [ CDFS ]
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
NetSvcs: 6to4 -  File not found
NetSvcs: Ias -  File not found
NetSvcs: Iprip -  File not found
NetSvcs: NWCWorkstation -  File not found
NetSvcs: Nwsapagent -  File not found
NetSvcs: WmdmPmSp -  File not found
 
========== Files/Folders - Created Within 90 Days ==========
 
[2010/08/30 20:00:36 | 000,552,960 | R--- | C] (OldTimer Tools) -- C:\OTLPE.exe
[2010/08/30 20:00:35 | 000,000,000 | ---D | C] -- C:\_OTL
[2010/08/30 16:55:08 | 000,000,000 | --SD | C] -- C:\Dokumente und Einstellungen\Administrator\IETldCache
[2010/08/13 18:11:11 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\Anwendungsdaten\Temp
[2010/07/21 14:27:22 | 000,000,000 | ---D | C] -- C:\Programme\iTunes
[2010/06/23 16:40:20 | 000,000,000 | ---D | C] -- C:\Programme\QuickTime
[2010/06/23 16:37:29 | 000,000,000 | ---D | C] -- C:\Programme\Bonjour
[2008/07/15 15:12:04 | 023,766,320 | ---- | C] (Apple Inc.) -- C:\Programme\QuickTimeInstaller.exe
[2008/04/23 08:28:47 | 059,782,440 | ---- | C] (Apple Inc.) -- C:\Programme\iTunesSetup.exe
[2006/02/18 22:28:56 | 000,012,288 | ---- | C] (Hewlett-Packard Development Company, L.P.) -- C:\Windows\Fonts\RandFont.dll
 
========== Files - Modified Within 90 Days ==========
 
[2010/09/02 04:29:23 | 000,786,432 | -H-- | M] () -- C:\Dokumente und Einstellungen\Administrator\NTUSER.DAT
[2010/09/01 12:36:10 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010/09/01 12:36:06 | 2145,767,424 | -HS- | M] () -- C:\hiberfil.sys
[2010/09/01 03:34:50 | 008,126,464 | -H-- | M] () -- C:\Dokumente und Einstellungen\Dominik\NTUSER.DAT
[2010/08/30 06:48:00 | 000,001,088 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2010/08/30 06:28:00 | 000,001,044 | ---- | M] () -- C:\WINDOWS\tasks\Google Software Updater.job
[2010/08/30 03:18:41 | 000,001,084 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2010/08/30 03:16:50 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010/08/29 18:32:48 | 000,237,568 | -H-- | M] () -- C:\Dokumente und Einstellungen\NetworkService\NTUSER.DAT
[2010/08/29 18:32:48 | 000,237,568 | -H-- | M] () -- C:\Dokumente und Einstellungen\LocalService\NTUSER.DAT
[2010/08/29 18:32:41 | 000,000,012 | ---- | M] () -- C:\WINDOWS\bthservsdp.dat
[2010/08/29 18:32:00 | 000,024,064 | ---- | M] () -- C:\Dokumente und Einstellungen\Dominik\Eigene Dateien\Apocalyptica end of me.doc
[2010/08/29 12:00:00 | 000,000,396 | ---- | M] () -- C:\WINDOWS\tasks\Norton Security Scan for Dominik.job
[2010/08/29 06:43:10 | 000,002,509 | ---- | M] () -- C:\Dokumente und Einstellungen\Dominik\Desktop\Microsoft Office Word 2003.lnk
[2010/08/29 05:44:37 | 000,002,607 | ---- | M] () -- C:\Dokumente und Einstellungen\Dominik\Desktop\Microsoft Office Outlook 2003.lnk
[2010/08/28 10:19:30 | 000,002,545 | ---- | M] () -- C:\Dokumente und Einstellungen\Dominik\Desktop\Microsoft Office PowerPoint 2003.lnk
[2010/08/28 09:26:50 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010/07/28 14:20:03 | 000,000,276 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2010/07/26 18:19:56 | 000,025,600 | ---- | M] () -- C:\Dokumente und Einstellungen\Dominik\Eigene Dateien\Packliste.doc
[2010/07/18 00:07:56 | 000,552,960 | R--- | M] (OldTimer Tools) -- C:\OTLPE.exe
[2010/07/17 15:16:56 | 000,002,537 | ---- | M] () -- C:\Dokumente und Einstellungen\Dominik\Desktop\Microsoft Office Excel 2003.lnk
[2010/07/09 01:36:15 | 006,092,918 | ---- | M] () -- C:\Dokumente und Einstellungen\Dominik\Eigene Dateien\123123.nrg
[2010/07/08 16:46:55 | 031,895,762 | ---- | M] () -- C:\Dokumente und Einstellungen\Dominik\Eigene Dateien\Kathi Satelite.nrg
[2010/06/30 12:48:58 | 000,001,755 | ---- | M] () -- C:\Dokumente und Einstellungen\Dominik\Anwendungsdaten\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2010/06/27 16:57:18 | 000,000,069 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2010/06/26 08:58:59 | 038,809,951 | ---- | M] () -- C:\Memo (41).mp3
[2010/06/26 08:56:48 | 004,259,551 | ---- | M] () -- C:\Memo (40).mp3
[2010/06/26 08:56:33 | 039,154,015 | ---- | M] () -- C:\Memo (39).mp3
[2010/06/26 08:54:29 | 036,745,951 | ---- | M] () -- C:\Memo (42).mp3
[2010/06/23 14:24:03 | 000,001,846 | ---- | M] () -- C:\Dokumente und Einstellungen\Dominik\Anwendungsdaten\Microsoft\Internet Explorer\Quick Launch\Apple Safari.lnk
[2010/06/22 10:43:42 | 001,572,864 | -H-- | M] () -- C:\Dokumente und Einstellungen\Sono Bello\NTUSER.DAT
 
========== Files Created - No Company Name ==========
 
[2010/09/01 12:31:27 | 2145,767,424 | -HS- | C] () -- C:\hiberfil.sys
[2010/08/29 18:31:59 | 000,024,064 | ---- | C] () -- C:\Dokumente und Einstellungen\Dominik\Eigene Dateien\Apocalyptica end of me.doc
[2010/07/26 18:19:55 | 000,025,600 | ---- | C] () -- C:\Dokumente und Einstellungen\Dominik\Eigene Dateien\Packliste.doc
[2010/07/09 01:36:14 | 006,092,918 | ---- | C] () -- C:\Dokumente und Einstellungen\Dominik\Eigene Dateien\123123.nrg
[2010/07/08 16:46:45 | 031,895,762 | ---- | C] () -- C:\Dokumente und Einstellungen\Dominik\Eigene Dateien\Kathi Satelite.nrg
[2010/06/26 08:56:48 | 038,809,951 | ---- | C] () -- C:\Memo (41).mp3
[2010/06/26 08:56:34 | 004,259,551 | ---- | C] () -- C:\Memo (40).mp3
[2010/06/26 08:54:29 | 039,154,015 | ---- | C] () -- C:\Memo (39).mp3
[2010/06/26 08:52:32 | 036,745,951 | ---- | C] () -- C:\Memo (42).mp3
[2009/12/25 13:19:31 | 000,000,425 | ---- | C] () -- C:\WINDOWS\BRWMARK.INI
[2009/12/25 13:19:04 | 000,106,496 | ---- | C] () -- C:\WINDOWS\System32\BrMuSNMP.dll
[2009/12/25 13:15:27 | 000,031,864 | ---- | C] () -- C:\WINDOWS\maxlink.ini
[2009/10/16 13:34:53 | 000,000,760 | ---- | C] () -- C:\Dokumente und Einstellungen\Dominik\Anwendungsdaten\setup_ldm.iss
[2009/10/12 16:38:30 | 000,000,016 | -H-- | C] () -- C:\Dokumente und Einstellungen\Sono Bello\mxfilerelatedcache.mxc2
[2009/10/03 12:34:15 | 000,006,144 | ---- | C] () -- C:\Dokumente und Einstellungen\Sono Bello\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/09/09 15:09:05 | 000,000,143 | ---- | C] () -- C:\Dokumente und Einstellungen\Sono Bello\Lokale Einstellungen\Anwendungsdaten\fusioncache.dat
[2009/09/09 15:08:51 | 001,572,864 | -H-- | C] () -- C:\Dokumente und Einstellungen\Sono Bello\NTUSER.DAT
[2009/09/09 15:08:51 | 000,008,192 | -H-- | C] () -- C:\Dokumente und Einstellungen\Sono Bello\ntuser.dat.LOG
[2009/09/09 15:08:51 | 000,000,190 | -HS- | C] () -- C:\Dokumente und Einstellungen\Sono Bello\ntuser.ini
[2009/06/16 11:05:41 | 000,000,020 | ---- | C] () -- C:\WINDOWS\Crocclip.INI
[2009/05/28 08:07:25 | 000,000,910 | ---- | C] () -- C:\WINDOWS\cdplayer.ini
[2009/05/05 13:24:52 | 000,000,016 | -H-- | C] () -- C:\Programme\mxfilerelatedcache.mxc2
[2009/05/05 13:24:52 | 000,000,016 | -H-- | C] () -- C:\Dokumente und Einstellungen\Dominik\mxfilerelatedcache.mxc2
[2009/05/05 13:24:52 | 000,000,016 | -H-- | C] () -- C:\Dokumente und Einstellungen\Administrator\mxfilerelatedcache.mxc2
[2008/11/04 12:30:52 | 002,100,210 | ---- | C] () -- C:\Dokumente und Einstellungen\Dominik\ProductContextC5100.log
[2008/10/29 18:10:11 | 000,077,824 | R--- | C] () -- C:\WINDOWS\System32\HPZIDS01.dll
[2008/05/12 07:04:37 | 000,000,111 | ---- | C] () -- C:\Dokumente und Einstellungen\Dominik\default.pls
[2008/04/22 12:18:48 | 000,879,872 | ---- | C] () -- C:\Programme\Google_Updater.exe
[2008/04/20 13:16:22 | 000,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2008/04/14 07:35:56 | 000,000,098 | ---- | C] () -- C:\WINDOWS\WirelessFTP.INI
[2008/04/13 17:02:51 | 000,000,029 | ---- | C] () -- C:\WINDOWS\coolacm.ini
[2008/04/13 17:01:18 | 000,000,037 | ---- | C] () -- C:\WINDOWS\coolmp3.ini
[2008/04/13 17:01:18 | 000,000,029 | ---- | C] () -- C:\WINDOWS\wordpad.ini
[2008/04/13 17:01:17 | 000,000,000 | ---- | C] () -- C:\WINDOWS\COOLSYS.INI
[2008/04/13 17:01:16 | 000,010,677 | ---- | C] () -- C:\WINDOWS\coolkb2k.ini
[2008/04/13 17:00:41 | 000,000,029 | ---- | C] () -- C:\WINDOWS\winzip32.ini
[2008/04/13 16:59:28 | 000,007,232 | ---- | C] () -- C:\WINDOWS\COOL.INI
[2008/04/13 05:57:33 | 000,000,000 | ---- | C] () -- C:\WINDOWS\musicmaker.INI
[2008/04/13 05:43:05 | 000,038,912 | ---- | C] () -- C:\WINDOWS\System32\mgxasio.dll
[2008/04/13 05:39:34 | 000,006,642 | ---- | C] () -- C:\WINDOWS\mgxoschk.ini
[2008/04/09 15:58:24 | 000,000,112 | ---- | C] () -- C:\WINDOWS\ActiveSkin.INI
[2008/01/03 15:23:21 | 000,000,030 | ---- | C] () -- C:\WINDOWS\System32\UNWISE.INI
[2008/01/03 15:22:44 | 000,000,399 | ---- | C] () -- C:\WINDOWS\vtplus32.ini
[2008/01/03 15:22:38 | 000,032,135 | ---- | C] () -- C:\WINDOWS\Irremote.ini
[2008/01/03 15:22:30 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\dmcrypto.dll
[2008/01/03 15:22:08 | 000,159,744 | ---- | C] () -- C:\WINDOWS\System32\hcwChDB.dll
[2008/01/03 15:19:44 | 000,002,120 | ---- | C] () -- C:\WINDOWS\HCWPNP.INI
[2008/01/03 15:18:28 | 000,040,960 | R--- | C] () -- C:\WINDOWS\System32\bdadll.dll
[2008/01/03 15:18:18 | 000,363,520 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2007/12/25 11:54:04 | 000,000,864 | ---- | C] () -- C:\Dokumente und Einstellungen\Dominik\reglog.txt
[2007/12/25 08:03:20 | 000,083,968 | ---- | C] () -- C:\Dokumente und Einstellungen\Dominik\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2007/12/24 19:29:39 | 000,000,000 | ---- | C] () -- C:\WINDOWS\iPlayer.INI
[2007/12/23 06:48:12 | 000,000,507 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2007/12/23 06:45:50 | 000,000,000 | ---- | C] () -- C:\WINDOWS\tosOBEX.INI
[2007/12/21 09:17:32 | 000,000,140 | ---- | C] () -- C:\Dokumente und Einstellungen\Dominik\Lokale Einstellungen\Anwendungsdaten\fusioncache.dat
[2007/12/21 08:14:18 | 008,126,464 | -H-- | C] () -- C:\Dokumente und Einstellungen\Dominik\NTUSER.DAT
[2007/12/21 08:14:18 | 000,008,192 | -H-- | C] () -- C:\Dokumente und Einstellungen\Dominik\ntuser.dat.LOG
[2007/12/21 08:14:18 | 000,000,300 | -HS- | C] () -- C:\Dokumente und Einstellungen\Dominik\ntuser.ini
[2007/12/05 09:49:26 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2007/12/05 09:42:47 | 000,000,190 | -HS- | C] () -- C:\Dokumente und Einstellungen\Administrator\ntuser.ini
[2007/12/05 09:42:46 | 000,786,432 | -H-- | C] () -- C:\Dokumente und Einstellungen\Administrator\NTUSER.DAT
[2007/12/05 09:42:46 | 000,008,192 | -H-- | C] () -- C:\Dokumente und Einstellungen\Administrator\ntuser.dat.LOG
[2007/12/05 09:40:56 | 000,237,568 | -H-- | C] () -- C:\Dokumente und Einstellungen\NetworkService\NTUSER.DAT
[2007/12/05 09:40:56 | 000,237,568 | -H-- | C] () -- C:\Dokumente und Einstellungen\LocalService\NTUSER.DAT
[2007/12/05 09:40:56 | 000,008,192 | -H-- | C] () -- C:\Dokumente und Einstellungen\NetworkService\ntuser.dat.LOG
[2007/12/05 09:40:56 | 000,008,192 | -H-- | C] () -- C:\Dokumente und Einstellungen\LocalService\ntuser.dat.LOG
[2007/12/05 09:40:56 | 000,000,020 | -HS- | C] () -- C:\Dokumente und Einstellungen\NetworkService\ntuser.ini
[2007/12/05 09:40:56 | 000,000,020 | -HS- | C] () -- C:\Dokumente und Einstellungen\LocalService\ntuser.ini
[2007/12/05 09:32:28 | 001,019,904 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll
[2007/12/05 09:32:27 | 001,703,936 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll
[2007/12/05 09:32:25 | 000,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll
[2007/12/05 09:32:23 | 001,474,560 | ---- | C] () -- C:\WINDOWS\System32\nview.dll
[2007/12/05 09:31:50 | 000,172,032 | ---- | C] () -- C:\WINDOWS\System32\tifmicon.dll
[2007/12/05 09:31:44 | 000,000,998 | ---- | C] () -- C:\WINDOWS\System32\OemInfo.ini
[2007/12/05 09:31:27 | 000,262,144 | ---- | C] () -- C:\Windows\system32\config\systemprofile\ntuser.dat
[2007/12/05 09:31:27 | 000,008,192 | -H-- | C] () -- C:\Windows\system32\config\systemprofile\ntuser.dat.LOG
[2007/12/05 09:30:53 | 000,000,849 | ---- | C] () -- C:\WINDOWS\orun32.ini
[2006/12/05 08:05:06 | 000,114,688 | ---- | C] () -- C:\WINDOWS\System32\TosBtAcc.dll
[2005/07/22 16:30:20 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\TosCommAPI.dll
[2003/02/20 12:53:42 | 000,005,702 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI
[2001/07/06 22:00:00 | 000,003,254 | ---- | C] () -- C:\WINDOWS\System32\HPTCPMON.INI
 
========== LOP Check ==========
 
[2010/03/11 14:10:41 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Dominik\Anwendungsdaten\Audacity
[2009/12/05 18:15:21 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Dominik\Anwendungsdaten\Azureus
[2008/08/13 18:22:38 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Dominik\Anwendungsdaten\capella-software
[2010/08/30 06:38:58 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Dominik\Anwendungsdaten\DNA
[2008/11/03 07:25:12 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Dominik\Anwendungsdaten\ICQ
[2008/04/15 03:02:53 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Dominik\Anwendungsdaten\ICQ Toolbar
[2008/04/11 12:24:47 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Dominik\Anwendungsdaten\Leadertech
[2008/04/13 05:57:40 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Dominik\Anwendungsdaten\MAGIX
[2009/10/23 09:57:53 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Dominik\Anwendungsdaten\NPLUTO Corporation
[2009/01/02 09:26:38 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Dominik\Anwendungsdaten\ProtectDisc
[2009/01/05 13:50:12 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Dominik\Anwendungsdaten\Sony
[2009/05/18 05:50:01 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Dominik\Anwendungsdaten\streamripper
[2007/12/25 10:25:21 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Dominik\Anwendungsdaten\TOSHIBA
[2008/04/14 07:44:22 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Dominik\Anwendungsdaten\Uniblue
[2009/10/08 06:39:57 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Dominik\Anwendungsdaten\ZapSpot
[2009/09/09 15:48:10 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Sono Bello\Anwendungsdaten\TOSHIBA
 
========== Purity Check ==========
 
 
 
========== Custom Scans ==========
 
 
< %SYSTEMDRIVE%\*.exe >
[2010/07/18 00:07:56 | 000,552,960 | R--- | M] (OldTimer Tools) -- C:\OTLPE.exe
 
 
< MD5 for: AGP440.SYS  >
[2006/02/28 08:00:00 | 018,782,319 | ---- | M] () .cab file -- C:\Windows\i386\sp2.cab:AGP440.sys
 
< MD5 for: ATAPI.SYS  >
[2006/02/28 08:00:00 | 018,782,319 | ---- | M] () .cab file -- C:\Windows\i386\sp2.cab:atapi.sys
[2006/02/28 08:00:00 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\Windows\system32\dllcache\atapi.sys
[2006/02/28 08:00:00 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\Windows\system32\drivers\atapi.sys
 
< MD5 for: EVENTLOG.DLL  >
[2006/02/28 08:00:00 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=B932C077D5A65B71B4512544AC404CB4 -- C:\Windows\system32\eventlog.dll
 
< MD5 for: IASTOR.SYS  >
[2007/07/12 11:35:02 | 000,305,176 | ---- | M] (Intel Corporation) MD5=2358C53F30CB9DCD1D3843C4E2F299B2 -- C:\Programme\Intel\Intel Matrix Storage Manager\Driver\IaStor.sys
[2007/07/12 11:35:02 | 000,305,176 | ---- | M] (Intel Corporation) MD5=2358C53F30CB9DCD1D3843C4E2F299B2 -- C:\Windows\oemdrv\IaStor.sys
[2007/07/12 11:35:02 | 000,305,176 | ---- | M] (Intel Corporation) MD5=2358C53F30CB9DCD1D3843C4E2F299B2 -- C:\Windows\system32\drivers\iaStor.sys
[2007/07/12 11:35:02 | 000,305,176 | ---- | M] (Intel Corporation) MD5=2358C53F30CB9DCD1D3843C4E2F299B2 -- C:\Windows\system32\ReinstallBackups\0001\DriverFiles\iaStor.sys
[2007/07/12 11:35:44 | 000,381,976 | ---- | M] (Intel Corporation) MD5=CEB53BB804B41C52AB0782505C8E2994 -- C:\Programme\Intel\Intel Matrix Storage Manager\Driver64\IaStor.sys
 
< MD5 for: NETLOGON.DLL  >
[2006/02/28 08:00:00 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=D27395EDCD3416AFD125A9370DCB585C -- C:\Windows\system32\netlogon.dll
 
< MD5 for: SCECLI.DLL  >
[2006/02/28 08:00:00 | 000,186,880 | ---- | M] (Microsoft Corporation) MD5=64DC26B3CF7BCCAD431CE360A4C625D5 -- C:\Windows\system32\scecli.dll
 
< %systemroot%\*. /mp /s >
 
< CREATERESTOREPOINT >
 
< %systemroot%\system32\*.dll /lockedfiles >
[2006/06/26 13:40:34 | 000,148,480 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\system32\dnsapi.dll
[2009/07/19 12:41:10 | 011,067,392 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\system32\ieframe.dll
[2009/07/03 12:55:14 | 001,985,536 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\system32\iertutil.dll
[2006/02/28 08:00:00 | 000,280,064 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\system32\mstask.dll
[2006/02/28 08:00:00 | 000,067,072 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\system32\ntdsapi.dll
[2007/10/25 12:42:48 | 008,501,248 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\system32\shell32.dll
< End of report >

Swisstreasure 02.09.2010 14:55
Und wenn Du dieses Script verwendest:

Zitat:
:OTL
O4 - HKLM..\Run: [asmcoxenwr.tmp] C:\DOKUME~1\Dominik\LOKALE~1\Temp\asmcoxenwr.tmp File not found
:Files
C:\DOKUME~1\Dominik\LOKALE~1\Temp\asmcoxenwr.tmp
:Commands
[purity]
[emptytemp]

Dendemann 02.09.2010 19:57
Hat geklappt.

========== OTL ==========
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\asmcoxenwr.tmp deleted successfully.
========== FILES ==========
File\Folder C:\DOKUME~1\Dominik\LOKALE~1\Temp\asmcoxenwr.tmp not found.
========== COMMANDS ==========

[EMPTYTEMP]

User: Administrator
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: All Users

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Dominik
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 0 bytes
->Google Chrome cache emptied: 0 bytes
->Apple Safari cache emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Sono Bello
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 0 bytes

Total Files Cleaned = 0.00 mb


OTLPE by OldTimer - Version 3.1.40.0 log created on 09032010_075312

Swisstreasure 02.09.2010 21:32
Geht immer nocht kein abgesicherter Modus?

Dendemann 02.09.2010 22:04
Nein er geht leider immer noch nicht.

Swisstreasure 02.09.2010 22:14
Wir geben hier nicht auf :)
Morgen gehts weiter. Muss mal ins Bett.

Dendemann 03.09.2010 17:36
Soll ich nochmal scannen???

Swisstreasure 03.09.2010 17:57
Sag mir einmal genau wie weit Du im Normalmodus kommst und was dann genau passiert?

Hättest Du eine WIndows CD zur Hand?

Dendemann 03.09.2010 18:07
Wenn ich in ganz normal starte bekomme ich kein Bild und nach 30 sek geht der Lüfter aus und dann fängt er wieder neu an zu starten

Wenn ich F8 drücke kommt der Bildschirm zur Auswahl der verschiedenen Modi und dann muss ich "Abgesicherter Modus" und Betriebssystem Windows auswählen. Dann läd er kurz und man erkennt in weißer Schrift "Anweisungen" oder sowas. Dann wird der Bildschirm kurz blau und dann wird der Bildschirm blau und alles geht aus.

Swisstreasure 03.09.2010 18:18
Zitat:
Wenn ich in ganz normal starte bekomme ich kein Bild und nach 30 sek geht der Lüfter aus und dann fängt er wieder neu an zu starten
Also von Anfang an bleibt es schwarz?
Keine Pieptöne?

Hast Du eine Windows CD (Microsoft Windows XP Service Pack 2) zur Hand?

Dendemann 03.09.2010 18:27
Ja ich hab halt einen externen Bildschirm an mienem Laptop, aber es gibt schon ein paar Pieptöne.

Muss noch schauen.

Swisstreasure 03.09.2010 18:30
Ein paar?? wäre genau wichtig wie viele? lange oder kurze?
Und wenn Du ohne externen Bildschirm arbeitest? genau das gleiche?

Dendemann 03.09.2010 18:38
Es sind kurze hohe (ziemlich leise). Ich kann nur mit externem Bildschirm arbeitet, da der "Normale" defekt ist.

Ich hab die Microsoft Office Professional Edition 2003 Service Pack 2 CD

Swisstreasure 03.09.2010 19:56
Zitat:
Es sind kurze hohe (ziemlich leise)
Wie viele?

Microsoft Office ist nicht was wir brauchen :)
Wir benötigen die SystemCD von Windows. Hast zum Laptop keine bekommen?

Dendemann 05.09.2010 21:21
Ich werde formatieren.

Ich habe im Forum gelesen, dass einer seine Passwörter ändern sollte. (ebay,...)
Besteht bei mir auch die gefahr dass sie ausgespäht wurden???

Swisstreasure 05.09.2010 22:14
Das wäre dann auch der Schritt gewesen wenn das System wieder läuft. Also ich gehe davon aus dass irgendwelche Systemdateien zerschossen wurden und das booten dannn nicht mehr funktionierte.
Wenn Du formatierst würde ich dir dann auch gleich empfehlen diese Passwörter zu wechseln.


Alle Zeitangaben in WEZ +1. Es ist jetzt 13:25 Uhr.

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131