Trojaner-Board - Ist Trojaner Trojan.Agent jemals aktiv geworden?

Trojaner-Board (https://www.trojaner-board.de/)

- Plagegeister aller Art und deren Bekämpfung (https://www.trojaner-board.de/plagegeister-aller-art-deren-bekaempfung/)

- - Ist Trojaner Trojan.Agent jemals aktiv geworden? (https://www.trojaner-board.de/91205-trojaner-trojan-agent-jemals-aktiv-geworden.html)

Ist Trojaner Trojan.Agent jemals aktiv geworden?

Hallo,

erstmals im Board habe ich nun eine Frage:

Wie kann ich feststellen, ob der Trojaner Trojan.Agent jemals aktiv geworden ist, oder die verdächtige Datei nur dumm rum gelegen hat?
Die von Malwarebytes gefundene Datei befindet sich nämlich auch schon auf einem Backup, welches ich vor ca. 1 Jahr mal angefertigt habe, und habe bisher keine Ausspähungen bemerken können.

Hab schon einiges rumgegoogelt, konnte mir aber noch keine wirkliche Meinung bilden, ob nun mit dem Löschen der Datei schon alles getan ist.
Mir ist auch nicht so ganz klar, welche Art von Tätigkeit denn von dem Trojan.Agent so zu erwarten ist. Wenn ich richtig verstanden habe, soll das ja eine Java-Malware sein, die ohne laufendes Java ja dann harmlos sein müßte.
Die gleiche Frage auch wegen des Worm.Autorun.B.
Der war übrigens weg, nachdem ich Avast installiert hatte, und im Sicherheitscenter die AntiVirus-Überwachung wieder eingestellt hatte.
Da hatte meine bis dato installierte und upgedatete Version von NortonAV prof. 2004 wohl reingefunkt.

Drauf gekommen bin ich, weil ein bestimmter Browser-Plugin-Test Zicken macht.
Im Firefox-Forum gab es widersprüchliche Meinungen, ob das beobachtete Phänomen (2 plugin-container.exe Instanzen) auf aktive Malware hindeutet.

Malwarebytes log:

Code:

    Malwarebytes' Anti-Malware 1.46

    www.malwarebytes.org
 

    Datenbank Version: 4629
 

    Windows 5.1.2600 Service Pack 3

    Internet Explorer 6.0.2900.5512
 

    16.09.2010 18:58:14

    mbam-log-2010-09-16 (18-58-14).txt
 

    Art des Suchlaufs: Quick-Scan

    Durchsuchte Objekte: 159142

    Laufzeit: 18 Minute(n), 17 Sekunde(n)
 

    Infizierte Speicherprozesse: 0

    Infizierte Speichermodule: 0

    Infizierte Registrierungsschlüssel: 0

    Infizierte Registrierungswerte: 0

    Infizierte Dateiobjekte der Registrierung: 0

    Infizierte Verzeichnisse: 0

    Infizierte Dateien: 3
 

    Infizierte Speicherprozesse:

    (Keine bösartigen Objekte gefunden)
 

    Infizierte Speichermodule:

    (Keine bösartigen Objekte gefunden)
 

    Infizierte Registrierungsschlüssel:

    (Keine bösartigen Objekte gefunden)
 

    Infizierte Registrierungswerte:

    (Keine bösartigen Objekte gefunden)
 

    Infizierte Dateiobjekte der Registrierung:

    (Keine bösartigen Objekte gefunden)
 

    Infizierte Verzeichnisse:

    (Keine bösartigen Objekte gefunden)
 

    Infizierte Dateien:

    C:\RECYCLER\S-1-5-21-999901472-3601035388-3065584919-1005\Dc12892\HELP.exe (Worm.Autorun.B) -> No action taken.

    C:\Dokumente und Einstellungen\***\Cookies\MM2048.DAT (Trojan.Agent) -> No action taken.

    C:\Dokumente und Einstellungen\***\Cookies\MM256.DAT (Trojan.Agent) -> No action taken.

Hallo und :hallo:

Bitte routinemäßig einen Vollscan mit malwarebytes machen und Log posten.
Denk daran, dass Malwarebytes vor jedem Scan manuell aktualisiert werden muss!

Danach OTL:

Systemscan mit OTL

Lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop

Doppelklick auf die OTL.exe
Vista User: Rechtsklick auf die OTL.exe und "als Administrator ausführen" wählen
Oben findest Du ein Kästchen mit Output. Wähle bitte Minimal Output
Unter Extra Registry, wähle bitte Use SafeList
Klicke nun auf Run Scan links oben
Wenn der Scan beendet wurde werden 2 Logfiles erstellt
Poste die Logfiles hier in den Thread.

Code:

Malwarebytes' Anti-Malware 1.46

www.malwarebytes.org
 

Datenbank Version: 4666
 

Windows 5.1.2600 Service Pack 3

Internet Explorer 6.0.2900.5512
 

22.09.2010 01:46:39

mbam-log-2010-09-22 (01-46-39).txt
 

Art des Suchlaufs: Vollständiger Suchlauf (C:\|E:\|F:\|G:\|H:\|)

Durchsuchte Objekte: 724995

Laufzeit: 1 Stunde(n), 42 Minute(n), 44 Sekunde(n)
 

Infizierte Speicherprozesse: 0

Infizierte Speichermodule: 0

Infizierte Registrierungsschlüssel: 0

Infizierte Registrierungswerte: 0

Infizierte Dateiobjekte der Registrierung: 0

Infizierte Verzeichnisse: 0

Infizierte Dateien: 0
 

Infizierte Speicherprozesse:

(Keine bösartigen Objekte gefunden)
 

Infizierte Speichermodule:

(Keine bösartigen Objekte gefunden)
 

Infizierte Registrierungsschlüssel:

(Keine bösartigen Objekte gefunden)
 

Infizierte Registrierungswerte:

(Keine bösartigen Objekte gefunden)
 

Infizierte Dateiobjekte der Registrierung:

(Keine bösartigen Objekte gefunden)
 

Infizierte Verzeichnisse:

(Keine bösartigen Objekte gefunden)
 

Infizierte Dateien:

(Keine bösartigen Objekte gefunden)

OTL-Log (unter eingeschränktem Benutzer ausgeführt, hoffentlich OK so)

Code:

OTL logfile created on: 28.09.2010 16:39:54 - Run 1

OTL by OldTimer - Version 3.2.14.1     Folder = E:\Software\Ab 17.04.2009\Download\Sicherheit

Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation

Internet Explorer (Version = 6.0.2900.5512)

Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

 

2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 44,00% Memory free

3,00 Gb Paging File | 2,00 Gb Available in Paging File | 62,00% Paging File free

Paging file location(s): C:\pagefile.sys 1024 1536 [binary data]

 

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme

Drive C: | 59,53 Gb Total Space | 5,43 Gb Free Space | 9,12% Space Free | Partition Type: NTFS

D: Drive not present or media not loaded

Drive E: | 46,18 Gb Total Space | 0,08 Gb Free Space | 0,18% Space Free | Partition Type: FAT32

Drive F: | 4,00 Gb Total Space | 0,45 Gb Free Space | 11,32% Space Free | Partition Type: FAT32

Drive G: | 4,01 Gb Total Space | 0,46 Gb Free Space | 11,49% Space Free | Partition Type: FAT32

Drive H: | 25,27 Gb Total Space | 4,47 Gb Free Space | 17,68% Space Free | Partition Type: NTFS

I: Drive not present or media not loaded

 

Computer Name: MOBI

Current User Name: ***

NOT logged in as Administrator.

 

Current Boot Mode: Normal

Scan Mode: Current user

Company Name Whitelist: Off

Skip Microsoft Files: Off

File Age = 30 Days

Output = Minimal

 
 ========== Processes (SafeList) ==========

 

PRC - E:\Software\Ab 17.04.2009\Download\Sicherheit\OTL.exe (OldTimer Tools)

PRC - C:\Programme\Mozilla Thunderbird\thunderbird.exe (Mozilla Messaging)

PRC - C:\Programme\Mozilla\Firefox\plugin-container.exe (Mozilla Corporation)

PRC - C:\Programme\Mozilla\Firefox\firefox.exe (Mozilla Corporation)

PRC - C:\Programme\Alwil Software\Avast5\AvastUI.exe (AVAST Software)

PRC - C:\Programme\Gemeinsame Dateien\Real\Update_OB\realsched.exe (RealNetworks, Inc.)

PRC - C:\Programme\TortoiseHg\TortoiseHgOverlayServer.exe ()

PRC - C:\Programme\TortoiseSVN\bin\TSVNCache.exe (hxxp://tortoisesvn.net)

PRC - C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)

PRC - C:\WINDOWS\system32\TpShocks.exe (Lenovo.)

PRC - C:\Programme\ThinkPad\ConnectUtilities\ACWLIcon.exe (Lenovo )

PRC - C:\Programme\ThinkPad\ConnectUtilities\ACTray.exe (Lenovo )

PRC - C:\Programme\Synaptics\SynTP\SynTPLpr.exe (Synaptics Incorporated)

PRC - C:\Programme\Lenovo\Message Center Plus\MCPLaunch.exe ()

PRC - C:\Dokumente und Einstellungen\***\Lokale Einstellungen\Apps\2.0\CDYO31ZO.VG2\OEZVKJ02.55X\frit..tion_f8d772dfbb3f7453_0002.0001_0db5bf169ed5c0c1\fritzbox-usb-fernanschluss.exe (AVM Berlin)

PRC - C:\Programme\ThinkPad\Utilities\EZEJMNAP.EXE (Lenovo Group Ltd.)

PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)

PRC - C:\Programme\Gemeinsame Dateien\Lenovo\Scheduler\scheduler_proxy.exe (Lenovo Group Limited)

PRC - C:\Programme\ThinkPad\Bluetooth Software\BTTray.exe (Broadcom Corporation.)

PRC - C:\Programme\FRITZ!DSL\StCenter.exe (AVM Berlin)

PRC - C:\Programme\FRITZ!DSL\FwebProt.exe (AVM Berlin)

PRC - C:\Programme\Lenovo\HOTKEY\TPOSDSVC.exe (Lenovo Group Limited)

PRC - C:\Programme\Lenovo\HOTKEY\TPONSCR.exe (Lenovo Group Limited)

PRC - C:\Programme\Logitech\QuickCam10\QuickCam10.exe ()

PRC - C:\Programme\Gemeinsame Dateien\logishrd\LComMgr\Communications_Helper.exe (Logitech Inc.)

PRC - C:\Programme\Gemeinsame Dateien\logishrd\LQCVFX\COCIManager.exe (Logitech Inc.)

PRC - C:\Programme\Gemeinsame Dateien\logishrd\LComMgr\LVComSX.exe (Logitech Inc.)

PRC - C:\WINDOWS\tsnp2std.exe (SONIX)

PRC - C:\WINDOWS\vsnp2std.exe (Sonix)

PRC - C:\Program Files\ThinkPad\UltraNav Wizard\UNavTray.exe (Lenovo Group Limited)

PRC - C:\Programme\ThinkPad\PkgMgr\HOTKEY_1\TpScrex.exe (Lenovo Group Limited)

PRC - C:\WINDOWS\system32\dla\DLACTRLW.EXE (Sonic Solutions)

PRC - C:\IBMTOOLS\utils\ibmprc.exe (IBM Corp.)

PRC - C:\Programme\Home Cinema\PowerDVD\PDVDServ.exe (Cyberlink Corp.)

PRC - C:\Programme\Analog Devices\SoundMAX\SMax4PNP.exe (Analog Devices, Inc.)

PRC - C:\Programme\Sony Ericsson\Mobile\audevicemgr.exe (Teleca Software Solutions AB)

PRC - C:\Programme\Analog Devices\SoundMAX\SMax4.exe (Analog Devices, Inc.)

PRC - C:\Programme\IBM\Messages By IBM\ibmmessages.exe (IBM)

PRC - C:\Programme\Gemeinsame Dateien\InstallShield\UpdateService\issch.exe (InstallShield Software Corporation)

PRC - C:\Programme\Sony Ericsson\Mobile\Connectivity Pack\ConnMngMntBox.exe (Symbian Ltd.)

PRC - c:\Programme\Intuwave Ltd\Shared\mRouterRunTime\mRouterRuntime.exe (Intuwave Ltd.)

PRC - C:\Program Files\Digital Line Detect\DLG.exe (BVRP Software)

PRC - C:\Programme\Palm\Handspring\HOTSYNC.EXE (Palm, Inc.)

PRC - C:\WINDOWS\system32\TpScrLk.exe ()

PRC - C:\WINDOWS\system32\spool\drivers\w32x86\2\fpdisp4.exe (FinePrint Software, LLC)

PRC - C:\WINDOWS\system32\TaskSwitch.exe ()

PRC - C:\WINDOWS\tppaldr.exe (In-System Design, Inc.)

PRC - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Works Shared\WkCalRem.exe (Microsoft® Corporation)

PRC - C:\Programme\EPSON\SMART PANEL\SmaPanel.exe (NewSoft)

 

 
 ========== Modules (SafeList) ==========

 

MOD - E:\Software\Ab 17.04.2009\Download\Sicherheit\OTL.exe (OldTimer Tools)

MOD - C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Real\RealPlayer\BrowserRecordPlugin\Chrome\Hook\rpchromebrowserrecordhelper.dll ()

MOD - C:\WINDOWS\system32\msvcr71.dll (Microsoft Corporation)

MOD - C:\WINDOWS\system32\msscript.ocx (Microsoft Corporation)

MOD - C:\WINDOWS\system32\BtMmHook.dll (Broadcom Corporation.)

MOD - C:\Programme\Gemeinsame Dateien\logishrd\LVMVFM\LVPrcInj.dll (Logitech Inc.)

MOD - C:\WINDOWS\system32\msvcp71.dll (Microsoft Corporation)

 

 
 ========== Win32 Services (SafeList) ==========

 

 
 ========== Driver Services (SafeList) ==========

 

 
 ========== Standard Registry (SafeList) ==========

 

 
 ========== Internet Explorer ==========

 

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm

 

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

 
 ========== FireFox ==========

 

FF - prefs.js..browser.search.openintab: true

FF - prefs.js..browser.search.selectedEngine: "Google Deutschland - auf Deutsch"

FF - prefs.js..browser.search.useDBForOrder: true

FF - prefs.js..browser.startup.homepage: "hxxp://www.taz.de/|hxxp://www.oya-online.de/"

FF - prefs.js..extensions.enabledItems: en-GB@dictionaries.addons.mozilla.org:1.19

FF - prefs.js..extensions.enabledItems: {e1170235-2845-420c-acc3-42261a29dd46}:4.0.1

FF - prefs.js..extensions.enabledItems: pt-PT@dictionaries.addons.mozilla.org:9.10.13.6

FF - prefs.js..extensions.enabledItems: es-es@dictionaries.addons.mozilla.org:1.3.0

FF - prefs.js..extensions.enabledItems: {a0faa0a4-f1a7-4098-9a74-21efc3a92372}:4.0.0

FF - prefs.js..extensions.enabledItems: it-IT@dictionaries.addons.mozilla.org:3.1

FF - prefs.js..extensions.enabledItems: {DDC359D1-844A-42a7-9AA1-88A850A938A8}:1.1.10

FF - prefs.js..extensions.enabledItems: {D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}:0.9.7.1

FF - prefs.js..extensions.enabledItems: fb_add_on@avm.de:1.5.5

FF - prefs.js..extensions.enabledItems: {a7c6cf7f-112c-4500-a7ea-39801a327e5f}:1.0.9

FF - prefs.js..extensions.enabledItems: {0b457cAA-602d-484a-8fe7-c1d894a011ba}:0.85

FF - prefs.js..extensions.enabledItems: firebug@software.joehewitt.com:1.5.4

FF - prefs.js..extensions.enabledItems: {0538E3E3-7E9B-4d49-8831-A227C80A7AD3}:2.0.1

FF - prefs.js..extensions.enabledItems: {e4a8a97b-f2ed-450b-b12d-ee082ba24781}:0.8.20100408.6

FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0

FF - prefs.js..extensions.enabledItems: {28FAD68E-4001-48d5-B994-68069F7CFB1D}:0.4.7

FF - prefs.js..extensions.enabledItems: pagecompare_abk0680@yahoo.com:1.5

FF - prefs.js..extensions.enabledItems: {B17C1C5A-04B1-11DB-9804-B622A1EF5492}:1.2.1

FF - prefs.js..extensions.enabledItems: savecomplete@perlprogrammer.com:1.0.1

FF - prefs.js..extensions.enabledItems: {53A03D43-5363-4669-8190-99061B2DEBA5}:1.3.7

FF - prefs.js..extensions.enabledItems: {02450954-cdd9-410f-b1da-db804e18c671}:0.96.3

FF - prefs.js..extensions.enabledItems: {29c4afe1-db19-4298-8785-fcc94d1d6c1d}:0.6.2009110501

FF - prefs.js..extensions.enabledItems: {dc572301-7619-498c-a57d-39143191b318}:0.3.8.4

FF - prefs.js..extensions.enabledItems: tsvnmenu@pumacode.org:0.2.5

FF - prefs.js..extensions.enabledItems: {139a120b-c2ea-41d2-bf70-542d9f063dfd}:2.03.3

FF - prefs.js..extensions.enabledItems: {eecba28f-b68b-4b3a-b501-6ce12e6b8696}:0.7.2

FF - prefs.js..extensions.enabledItems: {c45c406e-ab73-11d8-be73-000a95be3b12}:1.1.8

FF - prefs.js..extensions.enabledItems: {ABDE892B-13A8-4d1b-88E6-365A6E755758}:1.1.5

FF - prefs.js..extensions.enabledItems: ietab@ip.cn:1.94.20100904

FF - prefs.js..extensions.enabledItems: metatags@porton.ex-code.com:2.3.5.2

FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21

FF - prefs.js..extensions.enabledItems: {398e77b8-2304-11dc-8314-0800200c9a66}:0.3.13

FF - prefs.js..extensions.enabledItems: de_DE@dicts.j3e.de:20100720

FF - prefs.js..extensions.enabledItems: fr-moderne@dictionaries.addons.mozilla.org:3.8

 

 

FF - HKLM\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2010.09.07 00:35:46 | 000,000,000 | ---D | M]

FF - HKLM\software\mozilla\Mozilla Firefox 3.6.10\extensions\\Components: C:\Programme\Mozilla\Firefox\components [2010.09.17 12:18:07 | 000,000,000 | ---D | M]

FF - HKLM\software\mozilla\Mozilla Firefox 3.6.10\extensions\\Plugins: C:\Programme\Mozilla\Firefox\plugins [2010.09.17 12:24:17 | 000,000,000 | ---D | M]

FF - HKLM\software\mozilla\Mozilla Thunderbird 3.1.4\extensions\\Components: C:\Programme\Mozilla Thunderbird\components [2010.09.17 12:18:07 | 000,000,000 | ---D | M]

FF - HKLM\software\mozilla\Mozilla Thunderbird 3.1.4\extensions\\Plugins: C:\Programme\Mozilla Thunderbird\plugins

 

[2010.01.19 19:43:44 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Extensions

[2010.01.19 19:43:44 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}

[2010.09.27 19:47:49 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Firefox\Profiles\dv1sjd5g.default\extensions

[2010.03.28 01:15:31 | 000,000,000 | ---D | M] (Screengrab) -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Firefox\Profiles\dv1sjd5g.default\extensions\{02450954-cdd9-410f-b1da-db804e18c671}

[2010.09.16 14:28:25 | 000,000,000 | ---D | M] (Forecastfox Weather) -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Firefox\Profiles\dv1sjd5g.default\extensions\{0538E3E3-7E9B-4d49-8831-A227C80A7AD3}

[2010.08.18 22:54:02 | 000,000,000 | ---D | M] (FireShot) -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Firefox\Profiles\dv1sjd5g.default\extensions\{0b457cAA-602d-484a-8fe7-c1d894a011ba}

[2009.11.04 11:06:03 | 000,000,000 | ---D | M] (URL Link) -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Firefox\Profiles\dv1sjd5g.default\extensions\{139a120b-c2ea-41d2-bf70-542d9f063dfd}

[2007.03.31 01:03:40 | 000,000,000 | ---D | M] (FlashGot) -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Firefox\Profiles\dv1sjd5g.default\extensions\{19503e42-ca3c-4c27-b1e2-9cdb2170ee34}(2)

[2008.03.13 21:48:21 | 000,000,000 | ---D | M] (Image Zoom) -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Firefox\Profiles\dv1sjd5g.default\extensions\{1A2D0EC4-75F5-4c91-89C4-3656F6E44B68}(2)

[2010.04.30 19:39:30 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Firefox\Profiles\dv1sjd5g.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}

[2010.01.29 15:55:11 | 000,000,000 | ---D | M] (MouseZoom) -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Firefox\Profiles\dv1sjd5g.default\extensions\{28FAD68E-4001-48d5-B994-68069F7CFB1D}

[2009.11.12 19:20:16 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Firefox\Profiles\dv1sjd5g.default\extensions\{29c4afe1-db19-4298-8785-fcc94d1d6c1d}

[2010.09.08 12:27:24 | 000,000,000 | ---D | M] (Minimap Addon) -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Firefox\Profiles\dv1sjd5g.default\extensions\{398e77b8-2304-11dc-8314-0800200c9a66}

[2010.03.28 01:15:33 | 000,000,000 | ---D | M] (ScrapBook) -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Firefox\Profiles\dv1sjd5g.default\extensions\{53A03D43-5363-4669-8190-99061B2DEBA5}

[2008.10.10 23:42:45 | 000,000,000 | ---D | M] (NoScript) -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Firefox\Profiles\dv1sjd5g.default\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}(2)

[2010.08.12 23:42:20 | 000,000,000 | ---D | M] (DictionarySearch) -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Firefox\Profiles\dv1sjd5g.default\extensions\{a0faa0a4-f1a7-4098-9a74-21efc3a92372}

[2008.03.02 22:09:45 | 000,000,000 | ---D | M] (DictionarySearch) -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Firefox\Profiles\dv1sjd5g.default\extensions\{a0faa0a4-f1a7-4098-9a74-21efc3a92372}(2)

[2010.06.07 15:22:21 | 000,000,000 | ---D | M] (FireFTP) -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Firefox\Profiles\dv1sjd5g.default\extensions\{a7c6cf7f-112c-4500-a7ea-39801a327e5f}

[2010.09.01 13:54:51 | 000,000,000 | ---D | M] (Password Exporter) -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Firefox\Profiles\dv1sjd5g.default\extensions\{B17C1C5A-04B1-11DB-9804-B622A1EF5492}

[2008.03.13 21:48:20 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Firefox\Profiles\dv1sjd5g.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}(2)

[2010.03.12 18:02:26 | 000,000,000 | ---D | M] (Web Developer) -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Firefox\Profiles\dv1sjd5g.default\extensions\{c45c406e-ab73-11d8-be73-000a95be3b12}

[2010.09.01 13:54:50 | 000,000,000 | ---D | M] (Download Statusbar) -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Firefox\Profiles\dv1sjd5g.default\extensions\{D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}

[2010.06.23 19:06:15 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Firefox\Profiles\dv1sjd5g.default\extensions\{dc572301-7619-498c-a57d-39143191b318}

[2008.10.10 23:42:43 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Firefox\Profiles\dv1sjd5g.default\extensions\{dc572301-7619-498c-a57d-39143191b318}(2)

[2010.06.07 15:22:23 | 000,000,000 | ---D | M] (DownThemAll!) -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Firefox\Profiles\dv1sjd5g.default\extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}

[2010.01.23 20:58:38 | 000,000,000 | ---D | M] (Clipmarks) -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Firefox\Profiles\dv1sjd5g.default\extensions\{e1170235-2845-420c-acc3-42261a29dd46}

[2010.04.09 17:27:54 | 000,000,000 | ---D | M] (Greasemonkey) -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Firefox\Profiles\dv1sjd5g.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}

[2010.08.18 22:54:05 | 000,000,000 | ---D | M] (ViewSourceWith) -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Firefox\Profiles\dv1sjd5g.default\extensions\{eecba28f-b68b-4b3a-b501-6ce12e6b8696}

[2010.09.08 17:56:48 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Firefox\Profiles\dv1sjd5g.default\extensions\de_DE@dicts.j3e.de

[2010.02.19 13:03:13 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Firefox\Profiles\dv1sjd5g.default\extensions\de-DE@dictionaries.addons.mozilla.org

[2007.10.23 10:03:51 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Firefox\Profiles\dv1sjd5g.default\extensions\en-GB@dictionaries.addons.mozilla.org

[2008.03.13 21:48:21 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Firefox\Profiles\dv1sjd5g.default\extensions\en-US@dictionaries.addons.mozilla(2).org

[2009.12.11 23:12:00 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Firefox\Profiles\dv1sjd5g.default\extensions\es-es@dictionaries.addons.mozilla.org

[2010.01.14 21:47:19 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Firefox\Profiles\dv1sjd5g.default\extensions\fb_add_on@avm.de

[2010.05.07 13:38:37 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Firefox\Profiles\dv1sjd5g.default\extensions\firebug@software.joehewitt.com

[2010.02.10 22:21:17 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Firefox\Profiles\dv1sjd5g.default\extensions\fr-FR@dictionaries.addons.mozilla.org

[2010.09.08 17:56:48 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Firefox\Profiles\dv1sjd5g.default\extensions\fr-moderne@dictionaries.addons.mozilla.org

[2010.09.16 14:28:31 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Firefox\Profiles\dv1sjd5g.default\extensions\ietab@ip.cn

[2007.10.23 10:03:52 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Firefox\Profiles\dv1sjd5g.default\extensions\it-IT@dictionaries.addons.mozilla.org

[2010.09.06 22:42:48 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Firefox\Profiles\dv1sjd5g.default\extensions\metatags@porton.ex-code.com

[2010.01.29 15:55:11 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Firefox\Profiles\dv1sjd5g.default\extensions\pagecompare_abk0680@yahoo.com

[2010.09.24 19:14:46 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Firefox\Profiles\dv1sjd5g.default\extensions\pt-PT@dictionaries.addons.mozilla.org

[2009.04.11 23:26:34 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Firefox\Profiles\dv1sjd5g.default\extensions\savecomplete@perlprogrammer.com

[2006.12.11 16:37:49 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Firefox\Profiles\dv1sjd5g.default\extensions\temp

[2010.02.10 22:21:16 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Firefox\Profiles\dv1sjd5g.default\extensions\tsvnmenu@pumacode.org

[2010.09.24 19:25:08 | 000,001,089 | ---- | M] () -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Firefox\Profiles\dv1sjd5g.default\searchplugins\astalavista.xml

[2010.03.05 17:18:24 | 000,002,058 | ---- | M] () -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Firefox\Profiles\dv1sjd5g.default\searchplugins\astalavistams.xml

[2006.11.17 20:43:24 | 000,002,088 | ---- | M] () -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Firefox\Profiles\dv1sjd5g.default\searchplugins\flickr-tags.xml

[2009.07.02 10:25:13 | 000,001,157 | ---- | M] () -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Firefox\Profiles\dv1sjd5g.default\searchplugins\freedict.xml

[2008.05.27 10:18:53 | 000,002,161 | ---- | M] () -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Firefox\Profiles\dv1sjd5g.default\searchplugins\google-deutschland.xml

[2006.11.17 20:45:13 | 000,001,679 | ---- | M] () -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Firefox\Profiles\dv1sjd5g.default\searchplugins\imdb.xml

[2010.09.24 19:25:08 | 000,002,008 | ---- | M] () -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Firefox\Profiles\dv1sjd5g.default\searchplugins\leo-de-en.xml

[2010.09.24 19:25:08 | 000,002,016 | ---- | M] () -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Firefox\Profiles\dv1sjd5g.default\searchplugins\leo-de-es.xml

[2010.09.24 19:25:08 | 000,002,020 | ---- | M] () -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Firefox\Profiles\dv1sjd5g.default\searchplugins\leo-de-fr.xml

[2008.06.03 11:49:07 | 000,001,082 | ---- | M] () -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Firefox\Profiles\dv1sjd5g.default\searchplugins\lonely-planet-online.xml

[2010.09.24 19:25:08 | 000,001,481 | ---- | M] () -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Firefox\Profiles\dv1sjd5g.default\searchplugins\map24de.xml

[2008.06.03 11:49:06 | 000,001,317 | ---- | M] () -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Firefox\Profiles\dv1sjd5g.default\searchplugins\wikipedia-en.xml

[2010.08.15 16:04:13 | 000,004,140 | ---- | M] () -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Firefox\Profiles\dv1sjd5g.default\searchplugins\youtube.xml

 

O1 HOSTS File: ([2004.08.04 05:00:00 | 000,000,820 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts

O1 - Hosts: 127.0.0.1       localhost

O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)

O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)

O2 - BHO: (DriveLetterAccess) - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\DLASHX_W.DLL (Sonic Solutions)

O2 - BHO: (no name) - {BDF3E430-B101-42AD-A544-FADC6B084872} - No CLSID value found.

O3 - HKCU\..\Toolbar\ShellBrowser: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No CLSID value found.

O4 - HKLM..\Run: []  File not found

O4 - HKLM..\Run: [ACTray] C:\Programme\ThinkPad\ConnectUtilities\ACTray.exe (Lenovo )

O4 - HKLM..\Run: [ACWLIcon] C:\Programme\ThinkPad\ConnectUtilities\ACWLIcon.exe (Lenovo )

O4 - HKLM..\Run: [Adobe ARM] C:\Programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)

O4 - HKLM..\Run: [AppleSyncNotifier] C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe (Apple Inc.)

O4 - HKLM..\Run: [avast5] C:\Programme\Alwil Software\Avast5\avastUI.exe (AVAST Software)

O4 - HKLM..\Run: [BLOG] C:\Programme\ThinkPad\Utilities\BATLOGEX.DLL ()

O4 - HKLM..\Run: [BluetoothAuthenticationAgent] C:\WINDOWS\System32\bthprops.cpl (Microsoft Corporation)

O4 - HKLM..\Run: [CoolSwitch] C:\WINDOWS\system32\TaskSwitch.exe ()

O4 - HKLM..\Run: [DLA] C:\WINDOWS\system32\dla\DLACTRLW.EXE (Sonic Solutions)

O4 - HKLM..\Run: [EZEJMNAP] C:\Programme\ThinkPad\Utilities\EZEJMNAP.EXE (Lenovo Group Ltd.)

O4 - HKLM..\Run: [FinePrint Dispatcher v4] C:\WINDOWS\system32\spool\drivers\w32x86\2\fpdisp4.exe (FinePrint Software, LLC)

O4 - HKLM..\Run: [ibmmessages] C:\Programme\IBM\Messages By IBM\ibmmessages.exe (IBM)

O4 - HKLM..\Run: [IBMPRC] C:\IBMTOOLS\utils\ibmprc.exe (IBM Corp.)

O4 - HKLM..\Run: [ISUSPM Startup] C:\Programme\Gemeinsame Dateien\InstallShield\UpdateService\ISUSPM.exe (InstallShield Software Corporation)

O4 - HKLM..\Run: [ISUSScheduler] C:\Programme\Gemeinsame Dateien\InstallShield\UpdateService\issch.exe (InstallShield Software Corporation)

O4 - HKLM..\Run: [KernelFaultCheck]  File not found

O4 - HKLM..\Run: [LogitechCommunicationsManager] C:\Programme\Gemeinsame Dateien\LogiShrd\LComMgr\Communications_Helper.exe (Logitech Inc.)

O4 - HKLM..\Run: [LogitechQuickCamRibbon] C:\Programme\Logitech\QuickCam10\QuickCam10.exe ()

O4 - HKLM..\Run: [Message Center Plus] C:\Programme\LENOVO\Message Center Plus\MCPLaunch.exe ()

O4 - HKLM..\Run: [Microsoft Works Portfolio] C:\Programme\Microsoft Works\WksSb.exe (Microsoft® Corporation)

O4 - HKLM..\Run: [Microsoft Works Update Detection] C:\Programme\Gemeinsame Dateien\Microsoft Shared\Works Shared\WkUFind.exe (Microsoft® Corporation)

O4 - HKLM..\Run: [PWRMGRTR] C:\Programme\ThinkPad\Utilities\PWRMGRTR.DLL (Lenovo Group Limited)

O4 - HKLM..\Run: [RemoteControl] C:\Programme\Home Cinema\PowerDVD\PDVDServ.exe (Cyberlink Corp.)

O4 - HKLM..\Run: [SmcService] C:\Programme\Sygate\SPF\Smc.exe (Sygate Technologies, Inc.)

O4 - HKLM..\Run: [snp2std] C:\WINDOWS\vsnp2std.exe (Sonix)

O4 - HKLM..\Run: [SoundMAX] C:\Programme\Analog Devices\SoundMAX\Smax4.exe (Analog Devices, Inc.)

O4 - HKLM..\Run: [SoundMAXPnP] C:\Programme\Analog Devices\SoundMAX\SMax4PNP.exe (Analog Devices, Inc.)

O4 - HKLM..\Run: [StartCCC] C:\Programme\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)

O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)

O4 - HKLM..\Run: [SynTPLpr] C:\Programme\Synaptics\SynTP\SynTPLpr.exe (Synaptics Incorporated)

O4 - HKLM..\Run: [TkBellExe] C:\Programme\Gemeinsame Dateien\Real\Update_OB\realsched.exe (RealNetworks, Inc.)

O4 - HKLM..\Run: [TortoiseHgOverlayIconServer] C:\Programme\TortoiseHg\TortoiseHgOverlayServer.exe ()

O4 - HKLM..\Run: [TP4EX] C:\WINDOWS\System32\TP4EX.exe (Lenovo Group Limited)

O4 - HKLM..\Run: [TPHOTKEY] C:\Programme\Lenovo\HOTKEY\TPOSDSVC.exe (Lenovo Group Limited)

O4 - HKLM..\Run: [TPKBDLED] C:\WINDOWS\system32\TpScrLk.exe ()

O4 - HKLM..\Run: [TPKMAPHELPER] C:\Programme\ThinkPad\Utilities\TpKmapAp.exe (IBM Corp.)

O4 - HKLM..\Run: [TPP Auto Loader] C:\WINDOWS\tppaldr.exe (In-System Design, Inc.)

O4 - HKLM..\Run: [TpShocks] C:\WINDOWS\System32\TpShocks.exe (Lenovo.)

O4 - HKLM..\Run: [tsnp2std] C:\WINDOWS\tsnp2std.exe (SONIX)

O4 - HKLM..\Run: [TVT Scheduler Proxy] C:\Programme\Gemeinsame Dateien\Lenovo\Scheduler\scheduler_proxy.exe (Lenovo Group Limited)

O4 - HKCU..\Run: [AVMUSBFernanschluss] C:\Dokumente und Einstellungen\***\Lokale Einstellungen\Apps\2.0\CDYO31ZO.VG2\OEZVKJ02.55X\frit..tion_f8d772dfbb3f7453_0002.0001_0db5bf169ed5c0c1\AVMAutoStart.exe (AVM Berlin)

O4 - HKCU..\Run: [IBM RecordNow!] C:\Programme\IBM\Messages By IBM\ibmmessages.exe (IBM)

O4 - HKCU..\Run: [ibmmessages] C:\Programme\IBM\Messages By IBM\ibmmessages.exe (IBM)

O4 - HKCU..\Run: [Microsoft Works Update Detection] C:\Programme\Microsoft Works\WkDetect.exe File not found

O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\BTTray.lnk = C:\Programme\ThinkPad\Bluetooth Software\BTTray.exe (Broadcom Corporation.)

O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\Digital Line Detect.lnk = C:\Program Files\Digital Line Detect\DLG.exe (BVRP Software)

O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\EPSON SMART PANEL.lnk = C:\Programme\EPSON\SMART PANEL\SmaPanel.exe (NewSoft)

O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\EPSON Status Monitor 3 Environment Check.lnk = C:\WINDOWS\system32\spool\drivers\w32x86\3\E_SRCV03.EXE (SEIKO EPSON CORPORATION)

O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\Erinnerungen in Microsoft Works-Kalender.lnk = C:\Programme\Gemeinsame Dateien\Microsoft Shared\Works Shared\WkCalRem.exe (Microsoft® Corporation)

O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\Fax-Controller.lnk = C:\Programme\EPSON\SMART PANEL\faxicore.exe (NewSoft Technology Corporation)

O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\Telefonverbindungsmonitor.lnk = C:\Programme\Sony Ericsson\Mobile\audevicemgr.exe (Teleca Software Solutions AB)

O4 - Startup: C:\Dokumente und Einstellungen\***\Startmenü\Programme\Autostart\FRITZ!DSL Protect.lnk = C:\Programme\FRITZ!DSL\FwebProt.exe (AVM Berlin)

O4 - Startup: C:\Dokumente und Einstellungen\***\Startmenü\Programme\Autostart\FRITZ!DSL Startcenter.lnk = C:\Programme\FRITZ!DSL\StCenter.exe (AVM Berlin)

O4 - Startup: C:\Dokumente und Einstellungen\***\Startmenü\Programme\Autostart\HotSync Manager.lnk = C:\Programme\Palm\Handspring\HOTSYNC.EXE (Palm, Inc.)

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0

O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145

O8 - Extra context menu item: Senden an &Bluetooth-Gerät... - C:\Programme\ThinkPad\Bluetooth Software\btsendto_ie_ctx.htm ()

O8 - Extra context menu item: Senden an Bluetooth - C:\Programme\ThinkPad\Bluetooth Software\btsendto_ie.htm ()

O9 - Extra Button: Run WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Programme\WinHTTrack\WinHTTrackIEBar.dll ()

O9 - Extra 'Tools' menuitem : Launch WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Programme\WinHTTrack\WinHTTrackIEBar.dll ()

O9 - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\ThinkPad\Bluetooth Software\btsendto_ie.htm ()

O9 - Extra 'Tools' menuitem : @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\ThinkPad\Bluetooth Software\btsendto_ie.htm ()

O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Programme\FRITZ!DSL\\sarah.dll ()

O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Programme\FRITZ!DSL\sarah.dll (AVM Berlin)

O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Programme\FRITZ!DSL\sarah.dll (AVM Berlin)

O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Programme\FRITZ!DSL\sarah.dll (AVM Berlin)

O10 - Protocol_Catalog9\Catalog_Entries\000000000037 - C:\Programme\FRITZ!DSL\sarah.dll (AVM Berlin)

O15 - HKCU\..Trusted Domains: fritz.box ([]* in Lokales Intranet)

O15 - HKCU\..Trusted Ranges: Range1 ([*] in Lokales Intranet)

O16 - DPF: {106E49CF-797A-11D2-81A2-00E02C015623} hxxp://www.alternatiff.com/install-ie/alttiff.cab (AlternaTIFF ActiveX)

O16 - DPF: {15A7CF10-CB3E-4265-8779-9FD22619E8ED} hxxp://192.168.1.205/XPanel.cab (XPanel Class)

O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} hxxp://go.microsoft.com/fwlink/?linkid=39204 (Windows Genuine Advantage Validation Tool)

O16 - DPF: {2DAD3559-2923-4935-AD49-B673D2539944} hxxp://www-307.ibm.com/pc/support/acpir.cab (IASRunner Class)

O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} hxxp://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1164927521531 (MUWebControl Class)

O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)

O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} hxxp://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab (Reg Error: Key error.)

O16 - DPF: {CAFEEFAC-0014-0002-0000-ABCDEFFEDCBA} hxxp://java.sun.com/products/plugin/1.4.2/jinstall-142-win.cab (Reg Error: Key error.)

O16 - DPF: {CAFEEFAC-0015-0000-0010-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_10-windows-i586.cab (Reg Error: Key error.)

O16 - DPF: {CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0-windows-i586.cab (Reg Error: Key error.)

O16 - DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)

O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)

O16 - DPF: {F74959B0-1779-472E-BE6E-3023E1DBEC73} hxxp://192.168.1.205/XInit.cab (Reg Error: Key error.)

O16 - DPF: Microsoft XML Parser for Java file://C:\WINDOWS\Java\classes\xmldso.cab (Reg Error: Key error.)

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1

O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll (Microsoft Corporation)

O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll (Microsoft Corporation)

O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll (Microsoft Corporation)

O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll (Microsoft Corporation)

O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll (Microsoft Corporation)

O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll (Microsoft Corporation)

O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll (Microsoft Corporation)

O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)

O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Gemeinsame Dateien\Skype\Skype4COM.dll (Skype Technologies)

O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)

O20 - Winlogon\Notify\ACNotify: DllName - ACNotify.dll - C:\Programme\ThinkPad\ConnectUtilities\ACNotify.dll (Lenovo )

O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)

O20 - Winlogon\Notify\tpfnf2: DllName - C:\Programme\Lenovo\HOTKEY\notifyf2.dll - C:\Programme\Lenovo\HOTKEY\notifyf2.dll ()

O20 - Winlogon\Notify\tphotkey: DllName - C:\Programme\Lenovo\HOTKEY\tphklock.dll - C:\Programme\Lenovo\HOTKEY\tphklock.dll ()

O24 - Desktop Components:0 (Die derzeitige Homepage) - About:Home

O24 - Desktop WallPaper: C:\Dokumente und Einstellungen\***\Lokale Einstellungen\Anwendungsdaten\Microsoft\Wallpaper1.bmp

O24 - Desktop BackupWallPaper: C:\Dokumente und Einstellungen\***\Lokale Einstellungen\Anwendungsdaten\Microsoft\Wallpaper1.bmp

O32 - HKLM CDRom: AutoRun - 1

O32 - AutoRun File - [2006.09.27 10:02:05 | 000,000,000 | -H-- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]

O32 - AutoRun File - [2003.10.20 15:35:04 | 000,000,042 | ---- | M] () - F:\autoexec.rod -- [ FAT32 ]

O32 - AutoRun File - [2003.10.20 15:35:04 | 000,000,042 | ---- | M] () - F:\AUTOEXEC.BAT -- [ FAT32 ]

O32 - AutoRun File - [2003.10.20 15:35:04 | 000,000,042 | ---- | M] () - F:\AUTOEXEC.ICR -- [ FAT32 ]

O32 - AutoRun File - [2003.10.20 15:35:04 | 000,000,042 | ---- | M] () - G:\autoexec.rod -- [ FAT32 ]

O32 - AutoRun File - [2003.10.20 15:35:04 | 000,000,042 | ---- | M] () - G:\AUTOEXEC.BAT -- [ FAT32 ]

O32 - AutoRun File - [2003.10.20 15:35:04 | 000,000,042 | ---- | M] () - G:\AUTOEXEC.ICR -- [ FAT32 ]

O33 - MountPoints2\{12570190-b56a-11dc-ab3d-000e9bda3b35}\Shell - "" = AutoRun

O33 - MountPoints2\{12570190-b56a-11dc-ab3d-000e9bda3b35}\Shell\AutoRun - "" = Auto&Play

O33 - MountPoints2\{12570190-b56a-11dc-ab3d-000e9bda3b35}\Shell\AutoRun\command - "" = F:\pushinst.exe -- File not found

O33 - MountPoints2\{91a2d536-d712-11db-aaea-000e9bda3b35}\Shell - "" = AutoRun

O33 - MountPoints2\{91a2d536-d712-11db-aaea-000e9bda3b35}\Shell\AutoRun - "" = Auto&Play

O33 - MountPoints2\{91a2d536-d712-11db-aaea-000e9bda3b35}\Shell\AutoRun\command - "" = F:\LaunchU3.exe -- File not found

O33 - MountPoints2\{91a2d537-d712-11db-aaea-000e9bda3b35}\Shell\AutoRun\command - "" = G:\PortableApps\PortableAppsMenu\PortableAppsMenu.exe -- File not found

O33 - MountPoints2\{f4f57244-35da-11de-9605-00505b002aa8}\Shell - "" = AutoRun

O33 - MountPoints2\{f4f57244-35da-11de-9605-00505b002aa8}\Shell\AutoRun - "" = Auto&Play

O33 - MountPoints2\{f4f57244-35da-11de-9605-00505b002aa8}\Shell\AutoRun\command - "" = H:\LaunchU3.exe -- File not found

O34 - HKLM BootExecute: (autocheck autochk *) -  File not found

O34 - HKLM BootExecute: (pgdfgsvc c 1) - C:\WINDOWS\System32\pgdfgsvc.exe (Sysinternals - www.sysinternals.com)

O34 - HKLM BootExecute: (lsdelete) - C:\WINDOWS\System32\lsdelete.exe ()

O35 - HKLM\..comfile [open] -- "%1" %*

O35 - HKLM\..exefile [open] -- "%1" %*

O37 - HKLM\...com [@ = comfile] -- "%1" %*

O37 - HKLM\...exe [@ = exefile] -- "%1" %*

 
 ========== Files/Folders - Created Within 30 Days ==========

 

[2010.09.16 18:36:50 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Malwarebytes

[2010.09.16 18:36:33 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys

[2010.09.16 18:36:31 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys

[2010.09.16 18:36:31 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Malwarebytes

[2010.09.16 18:36:30 | 000,000,000 | ---D | C] -- C:\Programme\Malwarebytes' Anti-Malware

[2010.09.09 01:36:21 | 000,165,584 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSP.sys

[2010.09.09 01:36:21 | 000,017,744 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys

[2010.09.09 01:36:20 | 000,023,376 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys

[2010.09.09 01:36:19 | 000,046,672 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys

[2010.09.09 01:36:18 | 000,100,176 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys

[2010.09.09 01:36:18 | 000,094,544 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon.sys

[2010.09.09 01:36:17 | 000,028,880 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys

[2010.09.09 01:36:05 | 000,167,592 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\aswBoot.exe

[2010.09.09 01:36:05 | 000,038,848 | ---- | C] (AVAST Software) -- C:\WINDOWS\avastSS.scr

[2010.09.09 01:35:57 | 000,000,000 | ---D | C] -- C:\Programme\Alwil Software

[2010.09.09 01:35:57 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Alwil Software

[2010.09.08 11:17:46 | 000,094,208 | ---- | C] (Apple Inc.) -- C:\WINDOWS\System32\QuickTimeVR.qtx

[2010.09.08 11:17:46 | 000,069,632 | ---- | C] (Apple Inc.) -- C:\WINDOWS\System32\QuickTime.qts

[2010.09.07 00:34:37 | 000,000,000 | ---D | C] -- C:\Programme\Gemeinsame Dateien\xing shared

[2010.09.07 00:01:40 | 000,153,376 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe

[2010.09.07 00:01:40 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe

[2010.09.07 00:01:40 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe

[2010.08.30 20:28:30 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\vlc

[2007.12.13 22:41:16 | 000,151,552 | ---- | C] ( ) -- C:\WINDOWS\System32\rsnp2std.dll

[2007.12.13 22:41:14 | 000,077,824 | ---- | C] ( ) -- C:\WINDOWS\System32\csnp2std.dll

[2006.11.14 01:13:40 | 000,021,866 | ---- | C] (In-System Design, Inc.) -- C:\Programme\Gemeinsame Dateien\tppupd2k.dll

[2004.11.24 21:25:52 | 000,335,872 | ---- | C] ( ) -- C:\WINDOWS\System32\drvc.dll

[7 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

[4 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

 
 ========== Files - Modified Within 30 Days ==========

 

[2010.09.28 15:52:54 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT

[2010.09.28 15:50:51 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat

[2010.09.28 15:50:41 | 2145,832,960 | -HS- | M] () -- C:\hiberfil.sys

[2010.09.28 14:21:51 | 015,990,784 | ---- | M] () -- C:\Dokumente und Einstellungen\***\ntuser.dat

[2010.09.28 14:21:46 | 000,000,300 | -HS- | M] () -- C:\Dokumente und Einstellungen\***\ntuser.ini

[2010.09.28 14:21:31 | 006,291,456 | -H-- | M] () -- C:\Dokumente und Einstellungen\***\Lokale Einstellungen\Anwendungsdaten\IconCache.db

[2010.09.28 14:20:05 | 000,000,266 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-999901472-3601035388-3065584919-1005.job

[2010.09.28 14:19:54 | 000,001,078 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job

[2010.09.28 13:59:04 | 000,000,274 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-999901472-3601035388-3065584919-1005.job

[2010.09.28 13:47:00 | 000,001,082 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job

[2010.09.27 18:44:41 | 000,000,296 | ---- | M] () -- C:\WINDOWS\tasks\PMTask.job

[2010.09.27 18:44:09 | 000,002,278 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl

[2010.09.20 19:45:17 | 000,001,797 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Logitech QuickCam.lnk

[2010.09.16 20:09:02 | 000,000,276 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job

[2010.09.15 23:05:26 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK

[2010.09.09 01:36:22 | 000,001,672 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\avast! Free Antivirus.lnk

[2010.09.09 01:36:18 | 000,003,002 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT

[2010.09.08 11:17:46 | 000,094,208 | ---- | M] (Apple Inc.) -- C:\WINDOWS\System32\QuickTimeVR.qtx

[2010.09.08 11:17:46 | 000,069,632 | ---- | M] (Apple Inc.) -- C:\WINDOWS\System32\QuickTime.qts

[2010.09.07 17:12:17 | 000,038,848 | ---- | M] (AVAST Software) -- C:\WINDOWS\avastSS.scr

[2010.09.07 17:11:54 | 000,167,592 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\aswBoot.exe

[2010.09.07 16:52:25 | 000,046,672 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys

[2010.09.07 16:52:03 | 000,165,584 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSP.sys

[2010.09.07 16:47:46 | 000,023,376 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys

[2010.09.07 16:47:19 | 000,100,176 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys

[2010.09.07 16:47:16 | 000,094,544 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon.sys

[2010.09.07 16:47:07 | 000,017,744 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys

[2010.09.07 16:46:51 | 000,028,880 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys

[2010.09.07 00:35:47 | 000,000,821 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\RealPlayer SP.lnk

[2010.09.07 00:35:17 | 000,185,920 | ---- | M] (RealNetworks, Inc.) -- C:\WINDOWS\System32\rmoc3260.dll

[2010.09.07 00:34:54 | 000,006,656 | ---- | M] (RealNetworks, Inc.) -- C:\WINDOWS\System32\pndx5016.dll

[2010.09.07 00:34:54 | 000,005,632 | ---- | M] (RealNetworks, Inc.) -- C:\WINDOWS\System32\pndx5032.dll

[2010.09.07 00:33:10 | 000,278,528 | ---- | M] (Real Networks, Inc) -- C:\WINDOWS\System32\pncrt.dll

[2010.09.07 00:10:45 | 000,001,717 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Adobe Reader 9.lnk

[2010.09.02 00:07:28 | 000,168,088 | ---- | M] () -- C:\Dokumente und Einstellungen\***\Lokale Einstellungen\Anwendungsdaten\GDIPFONTCACHEV1.DAT

[2010.09.02 00:04:08 | 000,505,008 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT

[2010.09.01 22:37:21 | 000,000,699 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\VLC media player.lnk

[7 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

[4 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

 
 ========== Files Created - No Company Name ==========

 

[2010.09.09 01:36:22 | 000,001,672 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\avast! Free Antivirus.lnk

[2010.09.07 00:35:47 | 000,000,821 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\RealPlayer SP.lnk

[2010.09.01 22:37:21 | 000,000,699 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\VLC media player.lnk

[2010.04.13 21:40:03 | 000,014,848 | ---- | C] () -- C:\WINDOWS\System32\EuEpmGdi.dll

[2010.04.13 21:40:03 | 000,013,192 | ---- | C] () -- C:\WINDOWS\System32\epmntdrv.sys

[2010.04.13 21:40:03 | 000,008,456 | ---- | C] () -- C:\WINDOWS\System32\EuGdiDrv.sys

[2010.04.12 01:17:54 | 000,000,600 | ---- | C] () -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\winscp.rnd

[2009.10.21 03:54:22 | 000,007,168 | ---- | C] () -- C:\WINDOWS\System32\drivers\StarOpen.sys

[2009.10.17 01:55:02 | 000,000,000 | ---- | C] () -- C:\WINDOWS\QuickInstall.INI

[2009.10.06 09:11:50 | 000,091,648 | ---- | C] () -- C:\WINDOWS\System32\lua5.1a.dll

[2009.04.11 21:25:54 | 000,721,904 | ---- | C] () -- C:\WINDOWS\System32\drivers\sptd.sys

[2008.12.19 18:51:56 | 000,000,734 | ---- | C] () -- C:\WINDOWS\wiso.ini

[2008.11.19 17:39:26 | 000,000,011 | ---- | C] () -- C:\WINDOWS\cmvpt32.ini

[2008.11.19 17:38:46 | 000,884,736 | ---- | C] () -- C:\WINDOWS\System32\libeay32.dll

[2008.11.19 17:38:46 | 000,163,840 | ---- | C] () -- C:\WINDOWS\System32\SSLeay32.dll

[2008.11.19 10:53:59 | 000,109,568 | ---- | C] () -- C:\WINDOWS\System32\GCL52FW.DLL

[2008.11.19 10:48:43 | 000,204,800 | ---- | C] () -- C:\WINDOWS\System32\Cmpnl32.dll

[2008.11.19 10:48:43 | 000,118,784 | ---- | C] () -- C:\WINDOWS\System32\GCL52FWZ.DLL

[2008.11.19 10:48:42 | 000,102,400 | ---- | C] () -- C:\WINDOWS\System32\CMUpdate.dll

[2008.03.20 23:39:08 | 000,000,030 | ---- | C] () -- C:\Programme\Exiferupdate.ini

[2008.03.03 00:55:21 | 000,661,504 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll

[2008.03.03 00:55:21 | 000,221,184 | ---- | C] () -- C:\WINDOWS\System32\ff_kernelDeint.dll

[2008.03.03 00:55:21 | 000,200,704 | ---- | C] () -- C:\WINDOWS\System32\TomsMoComp_ff.dll

[2008.03.03 00:55:21 | 000,126,976 | ---- | C] () -- C:\WINDOWS\System32\libmpeg2_ff.dll

[2008.03.03 00:55:21 | 000,006,656 | ---- | C] () -- C:\WINDOWS\System32\ffavisynth.dll

[2008.03.03 00:55:20 | 000,397,312 | ---- | C] () -- C:\WINDOWS\System32\ff_libfaad2.dll

[2008.03.03 00:55:20 | 000,172,032 | ---- | C] () -- C:\WINDOWS\System32\ff_libdts.dll

[2008.03.03 00:55:20 | 000,143,360 | ---- | C] () -- C:\WINDOWS\System32\ff_libmad.dll

[2008.03.03 00:55:20 | 000,135,168 | ---- | C] () -- C:\WINDOWS\System32\ff_samplerate.dll

[2008.03.03 00:55:20 | 000,118,784 | ---- | C] () -- C:\WINDOWS\System32\ff_realaac.dll

[2008.03.03 00:55:20 | 000,102,912 | ---- | C] () -- C:\WINDOWS\System32\ff_tremor.dll

[2008.03.03 00:55:20 | 000,056,832 | ---- | C] () -- C:\WINDOWS\System32\ff_unrar.dll

[2008.03.03 00:55:20 | 000,054,784 | ---- | C] () -- C:\WINDOWS\System32\ff_liba52.dll

[2008.02.14 14:55:42 | 000,000,032 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\ezsid.dat

[2008.01.14 20:50:44 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\ZSubTimer.dll

[2008.01.10 13:40:29 | 000,015,360 | ---- | C] () -- C:\WINDOWS\System32\evntmsg.dll

[2008.01.04 16:13:58 | 000,073,728 | ---- | C] () -- C:\WINDOWS\System32\DEVMAN.DLL

[2007.12.24 13:47:52 | 000,007,680 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll

[2007.12.24 13:40:26 | 000,405,504 | ---- | C] () -- C:\WINDOWS\System32\libmplayer.dll

[2007.12.23 14:00:00 | 000,147,456 | ---- | C] () -- C:\WINDOWS\System32\Merge7z444.dll

[2007.12.23 14:00:00 | 000,147,456 | ---- | C] () -- C:\WINDOWS\System32\Merge7z443.dll

[2007.12.23 14:00:00 | 000,147,456 | ---- | C] () -- C:\WINDOWS\System32\Merge7z442.dll

[2007.12.23 14:00:00 | 000,147,456 | ---- | C] () -- C:\WINDOWS\System32\Merge7z440.dll

[2007.12.23 14:00:00 | 000,147,456 | ---- | C] () -- C:\WINDOWS\System32\Merge7z439.dll

[2007.12.23 14:00:00 | 000,147,456 | ---- | C] () -- C:\WINDOWS\System32\Merge7z438.dll

[2007.12.23 14:00:00 | 000,147,456 | ---- | C] () -- C:\WINDOWS\System32\Merge7z437.dll

[2007.12.23 14:00:00 | 000,147,456 | ---- | C] () -- C:\WINDOWS\System32\Merge7z436.dll

[2007.12.23 14:00:00 | 000,147,456 | ---- | C] () -- C:\WINDOWS\System32\Merge7z435.dll

[2007.12.23 14:00:00 | 000,147,456 | ---- | C] () -- C:\WINDOWS\System32\Merge7z434.dll

[2007.12.23 14:00:00 | 000,147,456 | ---- | C] () -- C:\WINDOWS\System32\Merge7z433.dll

[2007.12.23 14:00:00 | 000,147,456 | ---- | C] () -- C:\WINDOWS\System32\Merge7z432.dll

[2007.12.23 14:00:00 | 000,143,360 | ---- | C] () -- C:\WINDOWS\System32\Merge7z444U.dll

[2007.12.23 14:00:00 | 000,143,360 | ---- | C] () -- C:\WINDOWS\System32\Merge7z443U.dll

[2007.12.23 14:00:00 | 000,143,360 | ---- | C] () -- C:\WINDOWS\System32\Merge7z442U.dll

[2007.12.23 14:00:00 | 000,143,360 | ---- | C] () -- C:\WINDOWS\System32\Merge7z440U.dll

[2007.12.23 14:00:00 | 000,143,360 | ---- | C] () -- C:\WINDOWS\System32\Merge7z439U.dll

[2007.12.23 14:00:00 | 000,143,360 | ---- | C] () -- C:\WINDOWS\System32\Merge7z438U.dll

[2007.12.23 14:00:00 | 000,143,360 | ---- | C] () -- C:\WINDOWS\System32\Merge7z437U.dll

[2007.12.23 14:00:00 | 000,143,360 | ---- | C] () -- C:\WINDOWS\System32\Merge7z436U.dll

[2007.12.23 14:00:00 | 000,143,360 | ---- | C] () -- C:\WINDOWS\System32\Merge7z435U.dll

[2007.12.23 14:00:00 | 000,143,360 | ---- | C] () -- C:\WINDOWS\System32\Merge7z434U.dll

[2007.12.23 14:00:00 | 000,143,360 | ---- | C] () -- C:\WINDOWS\System32\Merge7z433U.dll

[2007.12.23 14:00:00 | 000,143,360 | ---- | C] () -- C:\WINDOWS\System32\Merge7z432U.dll

[2007.12.22 22:02:50 | 000,188,416 | ---- | C] () -- C:\WINDOWS\System32\ff_theora.dll

[2007.12.22 21:27:22 | 003,138,048 | ---- | C] () -- C:\WINDOWS\System32\libavcodec.dll

[2007.12.13 22:41:22 | 000,015,497 | ---- | C] () -- C:\WINDOWS\snp2std.ini

[2007.12.13 22:41:20 | 000,025,472 | ---- | C] () -- C:\WINDOWS\System32\drivers\sncamd.sys

[2007.12.13 22:41:19 | 012,039,552 | ---- | C] () -- C:\WINDOWS\System32\drivers\snp2sxp.sys

[2007.12.13 19:18:03 | 000,000,719 | R--- | C] () -- C:\WINDOWS\System32\InstExec.ini

[2007.12.13 19:17:25 | 000,057,126 | ---- | C] () -- C:\WINDOWS\System32\lvcoinst.ini

[2007.12.07 16:15:39 | 000,001,260 | ---- | C] () -- C:\WINDOWS\_delis32.ini

[2007.12.03 16:34:32 | 000,026,624 | ---- | C] () -- C:\WINDOWS\System32\ff_wmv9.dll

[2007.12.01 13:43:30 | 000,541,696 | ---- | C] () -- C:\WINDOWS\System32\ff_x264.dll

[2007.11.29 12:52:36 | 000,000,547 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll.manifest

[2007.11.26 16:56:04 | 002,842,624 | ---- | C] () -- C:\WINDOWS\System32\btwicons.dll

[2007.11.26 16:43:48 | 000,077,824 | ---- | C] () -- C:\WINDOWS\System32\btprn2k.dll

[2007.09.04 23:56:09 | 000,363,520 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll

[2007.09.04 23:44:27 | 000,198,144 | ---- | C] () -- C:\WINDOWS\System32\_psisdecd.dll

[2007.02.27 18:12:06 | 000,143,360 | ---- | C] () -- C:\WINDOWS\System32\USBaccess.dll

[2007.02.06 18:45:04 | 000,025,632 | ---- | C] () -- C:\WINDOWS\System32\drivers\LVPr2Mon.sys

[2007.02.06 18:42:40 | 001,691,808 | ---- | C] () -- C:\WINDOWS\System32\drivers\Lvckap.sys

[2007.01.29 00:03:03 | 000,000,000 | ---- | C] () -- C:\WINDOWS\IROTVIEW.INI

[2007.01.28 21:23:40 | 000,000,275 | ---- | C] () -- C:\WINDOWS\ddespy.ini

[2007.01.10 14:00:41 | 000,001,571 | ---- | C] () -- C:\WINDOWS\Faxcpp1.ini

[2007.01.10 14:00:41 | 000,000,422 | ---- | C] () -- C:\WINDOWS\Faxcpp.ini

[2007.01.10 12:52:58 | 000,000,029 | ---- | C] () -- C:\WINDOWS\DEBUGSM.INI

[2006.12.30 20:09:45 | 000,000,240 | ---- | C] () -- C:\WINDOWS\BUHL.INI

[2006.12.24 23:39:33 | 000,000,040 | ---- | C] () -- C:\WINDOWS\iltwain.ini

[2006.12.24 22:11:08 | 000,000,754 | ---- | C] () -- C:\WINDOWS\WORDPAD.INI

[2006.12.21 02:21:58 | 000,144,656 | ---- | C] () -- C:\WINDOWS\System32\FAMCOM.dll

[2006.12.20 22:10:03 | 000,044,544 | ---- | C] () -- C:\WINDOWS\System32\Gif89.dll

[2006.12.19 18:39:09 | 000,110,642 | ---- | C] () -- C:\WINDOWS\System32\pdfmona.dll

[2006.12.19 18:39:09 | 000,043,252 | ---- | C] () -- C:\WINDOWS\System32\pdfmon.dll

[2006.12.09 02:04:03 | 000,000,687 | ---- | C] () -- C:\WINDOWS\cdplayer.ini

[2006.11.30 22:27:01 | 000,000,000 | ---- | C] () -- C:\WINDOWS\FoneSync.INI

[2006.11.30 18:30:30 | 000,000,126 | ---- | C] () -- C:\WINDOWS\mdm.ini

[2006.11.30 17:45:46 | 000,000,037 | ---- | C] () -- C:\WINDOWS\Viewer.ini

[2006.11.30 17:38:48 | 000,000,151 | ---- | C] () -- C:\WINDOWS\ccard100.ini

[2006.11.30 17:37:13 | 000,007,901 | ---- | C] () -- C:\WINDOWS\MSACC20.INI

[2006.11.30 17:30:38 | 000,001,245 | ---- | C] () -- C:\WINDOWS\ODBC.INI

[2006.11.30 17:30:38 | 000,000,061 | ---- | C] () -- C:\WINDOWS\odbcisam.ini

[2006.11.30 17:30:37 | 000,000,914 | ---- | C] () -- C:\WINDOWS\MSOFFICE.INI

[2006.11.30 17:30:29 | 000,000,124 | ---- | C] () -- C:\WINDOWS\GRAPH5.INI

[2006.11.30 17:30:21 | 000,002,640 | ---- | C] () -- C:\WINDOWS\WINWORD6.INI

[2006.11.30 17:30:18 | 000,000,329 | ---- | C] () -- C:\WINDOWS\EXCEL5.INI

[2006.11.30 17:30:17 | 000,000,239 | ---- | C] () -- C:\WINDOWS\Winhelp.ini

[2006.11.30 17:30:17 | 000,000,110 | ---- | C] () -- C:\WINDOWS\msquery.ini

[2006.11.30 17:30:08 | 000,000,535 | ---- | C] () -- C:\WINDOWS\MSTXTCNV.INI

[2006.11.30 17:30:06 | 000,002,122 | ---- | C] () -- C:\WINDOWS\MSFNTMAP.INI

[2006.11.30 17:30:06 | 000,000,280 | ---- | C] () -- C:\WINDOWS\TTEMBED.INI

[2006.11.30 15:01:49 | 000,000,266 | ---- | C] () -- C:\WINDOWS\VISITE.INI

[2006.11.30 15:00:13 | 000,005,230 | ---- | C] () -- C:\WINDOWS\TOPDRAW.INI

[2006.11.30 14:26:24 | 000,112,688 | ---- | C] () -- C:\WINDOWS\System32\shw32.dll

[2006.11.29 18:34:56 | 000,000,044 | ---- | C] () -- C:\WINDOWS\SMWizard.INI

[2006.11.16 23:01:57 | 000,003,776 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini

[2006.11.14 02:05:27 | 000,000,038 | ---- | C] () -- C:\WINDOWS\AviSplitter.INI

[2006.11.13 00:24:27 | 000,015,576 | R--- | C] () -- C:\WINDOWS\System32\drivers\usbbc.sys

[2006.11.13 00:24:27 | 000,003,953 | R--- | C] () -- C:\WINDOWS\System32\coinst.dll

[2006.11.10 23:55:40 | 000,096,768 | ---- | C] () -- C:\WINDOWS\SlantAdj.dll

[2006.10.11 12:18:40 | 000,078,336 | ---- | C] () -- C:\Dokumente und Einstellungen\***\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[2006.10.10 09:46:17 | 000,003,252 | ---- | C] () -- C:\WINDOWS\System32\drivers\PQNTDRV.SYS

[2006.10.10 04:14:04 | 000,000,092 | ---- | C] () -- C:\WINDOWS\System32\ftdiun2k.ini

[2006.09.27 10:01:53 | 000,000,136 | ---- | C] () -- C:\Dokumente und Einstellungen\***\Lokale Einstellungen\Anwendungsdaten\fusioncache.dat

[2006.09.26 01:14:35 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini

[2006.09.26 01:13:47 | 000,004,442 | ---- | C] () -- C:\WINDOWS\System32\drivers\TPPWRIF.SYS

[2006.09.26 01:10:01 | 000,028,672 | ---- | C] () -- C:\WINDOWS\System32\JAWTAccessBridge.dll

[2006.09.26 01:09:38 | 000,086,016 | ---- | C] () -- C:\WINDOWS\System32\PcdrKernelModeServices.dll

[2006.09.26 01:09:38 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\ProgressTrace.dll

[2006.09.26 01:09:10 | 000,004,224 | ---- | C] () -- C:\WINDOWS\System32\drivers\IBMBLDID.sys

[2006.09.26 01:02:33 | 000,204,800 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeW7.dll

[2006.09.26 01:02:33 | 000,200,704 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeA6.dll

[2006.09.26 01:02:33 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeP6.dll

[2006.09.26 01:02:33 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeM6.dll

[2006.09.26 01:02:33 | 000,188,416 | ---- | C] () -- C:\WINDOWS\System32\IVIresizePX.dll

[2006.09.26 01:02:33 | 000,020,480 | ---- | C] () -- C:\WINDOWS\System32\IVIresize.dll

[2006.09.26 01:02:00 | 000,000,642 | ---- | C] () -- C:\WINDOWS\wininit.ini

[2006.09.26 00:53:24 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\FPCALL.dll

[2006.09.26 00:53:07 | 000,007,168 | ---- | C] () -- C:\WINDOWS\System32\drivers\TSMAPIP.SYS

[2006.09.26 00:50:44 | 000,009,343 | ---- | C] () -- C:\WINDOWS\System32\drivers\TDSMAPI.SYS

[2006.09.26 00:39:34 | 000,002,458 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI

[2006.09.26 00:32:23 | 000,024,576 | ---- | C] () -- C:\WINDOWS\System32\tphklock.dll

[2006.06.09 11:43:28 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini

[2005.09.01 14:11:52 | 000,016,768 | ---- | C] () -- C:\WINDOWS\System32\drivers\LVPrcMon.sys

[2005.07.06 00:45:08 | 000,028,672 | ---- | C] () -- C:\WINDOWS\System32\notifyf2.dll

[2005.02.17 12:41:32 | 000,000,603 | ---- | C] () -- C:\WINDOWS\System32\BTNeighborhood.dll.manifest

[2005.02.17 12:41:30 | 000,000,593 | ---- | C] () -- C:\WINDOWS\System32\btcss.dll.manifest

[2004.12.16 03:41:58 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\pwdmon.dll

[2004.12.16 03:41:58 | 000,019,853 | ---- | C] () -- C:\WINDOWS\ibmprc.ini

[2004.10.15 19:31:56 | 000,218,264 | ---- | C] () -- C:\WINDOWS\System32\SetAid.dll

[2004.10.03 19:50:54 | 000,129,024 | ---- | C] () -- C:\WINDOWS\System32\ff_mpeg2enc.dll

[2004.08.10 13:48:32 | 000,000,849 | ---- | C] () -- C:\WINDOWS\orun32.ini

[2004.01.09 06:10:32 | 000,143,360 | ---- | C] () -- C:\WINDOWS\System32\AIBMRUNL.dll

[2001.11.14 13:56:00 | 001,802,240 | ---- | C] () -- C:\WINDOWS\System32\lcppn21.dll

[1999.04.29 22:00:00 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\MSRTEDIT.DLL

[1998.04.24 01:00:00 | 000,000,218 | ---- | C] () -- C:\WINDOWS\FRONTPG.INI

[1996.04.03 21:33:26 | 000,005,248 | ---- | C] () -- C:\WINDOWS\System32\giveio.sys

< End of report >

--- --- ---
Danke für die schnelle Anwort

Zitat:

Datenbank Version: 4666

Du hast Malwarebytes vorher nicht aktualisiert. Wir müssten jetzt bei DB-Version 4710 oder höher sein. Bitte updaten und einen Vollscan machen.

Doch, hatte ich. Am 22.09.2010, wo der Scan lief, war das die aktuelle.

Da die betreffenden Dateien sich schon seit ca. 1 Jahr oder mehr auf dem Rechner vorhanden sind (kann ich durch ein früheres Backup erkennen), dachte ich, es käme auf 5 Tage dann auch nicht mehr an.
Deswegen bin ich ja auch recht zuversichtlich, daß der Trojaner nie aktiv geworden ist, denn alle meine Online-Konten sind nach wie vor in Ordnung, und auch sonst hatte ich nie was Verdächtiges bemerkt, und Norton AV auch nicht (der hätte doch meckern müssen, wenn irgend ein Programm da drauf zugegriffen hätte?).

Zitat:

Doch, hatte ich. Am 22.09.2010, wo der Scan lief, war das die aktuelle.

Ja am 22.09. ich wollte noch einen aktuellen Vollscan sehen ;)

Zitat:

Zitat von cosinus (Beitrag 573003)

Ja am 22.09. ich wollte noch einen aktuellen Vollscan sehen ;)

OK, laß ich heute Nacht laufen.

Der Vollscan hat nochwas entdeckt. (Bei genauerem Hinsehen: Der Scan vom 22.9. dauerte nur 1:45 Std., das war der, den ich vorzeitig abgebrochen hatte.)

Der heutige brachte noch einen Adware.ADON zum Vorschein. Den hatte ich übrigens auch schon auf meiner ca. 1 Jahr unbenutzten Backup-Platte gefunden.
Malwarebytes fror ein, als ich auf Löschen geklickt hatten. Ich mußte das Programm dann nach 10 Min. abschießen. Log war dann leider auch weg. Glücklicherweise hatte Malwarebytes den Schädling aber wenigstens in Quarantäne geschickt. Nach "Wiederherstellen" konnte ich dann über den Ordner noch einen Quicktest machen, sodaß folgendes Protokoll entstand. Erneutes Löschen ging wieder schief.
Mögliche Gründe:
- Ich hatte gleichzeitig den betreffenden Ordner im Windows-Ordner offen.
- parallel zum Admin-Benutzer, von welchem der Scan gestartet war, hatte ich per Benutzerwechsel noch einen 2. eingeschränkten Benutzer aktiv.

Code:

Malwarebytes' Anti-Malware 1.46

www.malwarebytes.org
 

Datenbank Version: 4715
 

Windows 5.1.2600 Service Pack 3

Internet Explorer 6.0.2900.5512
 

29.09.2010 14:37:43

mbam-log-2010-09-29 (14-37-43).txt
 

Art des Suchlaufs: Quick-Scan

Durchsuchte Objekte: 1

Laufzeit: 13 Sekunde(n)
 

Infizierte Speicherprozesse: 0

Infizierte Speichermodule: 0

Infizierte Registrierungsschlüssel: 0

Infizierte Registrierungswerte: 0

Infizierte Dateiobjekte der Registrierung: 0

Infizierte Verzeichnisse: 0

Infizierte Dateien: 1
 

Infizierte Speicherprozesse:

(Keine bösartigen Objekte gefunden)
 

Infizierte Speichermodule:

(Keine bösartigen Objekte gefunden)
 

Infizierte Registrierungsschlüssel:

(Keine bösartigen Objekte gefunden)
 

Infizierte Registrierungswerte:

(Keine bösartigen Objekte gefunden)
 

Infizierte Dateiobjekte der Registrierung:

(Keine bösartigen Objekte gefunden)
 

Infizierte Verzeichnisse:

(Keine bösartigen Objekte gefunden)
 

Infizierte Dateien:

C:\Dokumente und Einstellungen\***\Anwendungsdaten\Desktopicon\eBayShortcuts.exe (Adware.ADON) -> No action taken.

Auch im Vollscan wurde nur dieser Eintrag (...eBayShortcuts.exe (Adware.ADON)) entdeckt?

Zitat:

Zitat von cosinus (Beitrag 573561)

Auch im Vollscan wurde nur dieser Eintrag (...eBayShortcuts.exe (Adware.ADON)) entdeckt?

Ja!

Allerdings dauerte dieser Vollscan während laufendem Betrieb auf 2. eingeschränkten Benutzer merkwürdigerweise nur ca. 5 Stunden auf meiner aktuellen 160 GB 2,5" Platte.
Auf meiner alten 80 GB 2,5" Platte (Inhalt wurde vor ca. 1 Jahr auf die neue geklont) dauerte er über Nacht über 8 Stunden.
Möglicherweise ist die alte Platte aber einfach nur langsamer.

Poste bitte nochmal ein frisches OTL.txt, im letzten fehlen einige Passagen...

Zitat:

Zitat von cosinus (Beitrag 573646)

Poste bitte nochmal ein frisches OTL.txt, im letzten fehlen einige Passagen...

Meintest Du die Extras.txt (ich mache heute auch noch mal einen neuen)? :

Code:

OTL Extras logfile created on: 28.09.2010 16:39:54 - Run 1

OTL by OldTimer - Version 3.2.14.1     Folder = E:\Software\Ab 17.04.2009\Download\Sicherheit

Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation

Internet Explorer (Version = 6.0.2900.5512)

Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

 

2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 44,00% Memory free

3,00 Gb Paging File | 2,00 Gb Available in Paging File | 62,00% Paging File free

Paging file location(s): C:\pagefile.sys 1024 1536 [binary data]

 

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme

Drive C: | 59,53 Gb Total Space | 5,43 Gb Free Space | 9,12% Space Free | Partition Type: NTFS

D: Drive not present or media not loaded

Drive E: | 46,18 Gb Total Space | 0,08 Gb Free Space | 0,18% Space Free | Partition Type: FAT32

Drive F: | 4,00 Gb Total Space | 0,45 Gb Free Space | 11,32% Space Free | Partition Type: FAT32

Drive G: | 4,01 Gb Total Space | 0,46 Gb Free Space | 11,49% Space Free | Partition Type: FAT32

Drive H: | 25,27 Gb Total Space | 4,47 Gb Free Space | 17,68% Space Free | Partition Type: NTFS

I: Drive not present or media not loaded

 

Computer Name: XXX

Current User Name: ***

NOT logged in as Administrator.

 

Current Boot Mode: Normal

Scan Mode: Current user

Company Name Whitelist: Off

Skip Microsoft Files: Off

File Age = 30 Days

Output = Minimal

 
 ========== Extra Registry (SafeList) ==========

 

 
 ========== File Associations ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

.html [@ = FirefoxHTML] -- C:\Programme\Mozilla\Firefox\firefox.exe (Mozilla Corporation)

.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l

 
 ========== Shell Spawning ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]

batfile [open] -- "%1" %*

cmdfile [open] -- "%1" %*

comfile [open] -- "%1" %*

exefile [open] -- "%1" %*

htmlfile [edit] -- Reg Error: Key error.

http [open] -- "C:\Programme\Mozilla\Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)

https [open] -- "C:\Programme\Mozilla\Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)

InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l

piffile [open] -- "%1" %*

regfile [merge] -- Reg Error: Key error.

scrfile [config] -- "%1"

scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)

scrfile [open] -- "%1" /S

txtfile [edit] -- Reg Error: Key error.

Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1

Directory [AddToPlaylistVLC] -- "C:\Programme\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()

Directory [Durchsuchen mit &IrfanView] -- "C:\Programme\IrfanView\i_view32.exe" "%1 /thumbs" (Irfan Skiljan)

Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Directory [PlayWithVLC] -- "C:\Programme\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()

Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)

Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)

Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

 
 ========== Security Center Settings ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

"FirstRunDisabled" = 1

"AntiVirusDisableNotify" = 0

"FirewallDisableNotify" = 0

"UpdatesDisableNotify" = 0

"AntiVirusOverride" = 0

"FirewallOverride" = 0

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

 
 ========== System Restore Settings ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]

"DisableSR" = 0

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]

"Start" = 0

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]

"Start" = 2

 
 ========== Firewall Settings ==========

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007

"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008

"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004

"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005

"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001

"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002

"10243:TCP" = 10243:TCP:LocalSubNet:Enabled:Windows Media Player-Netzwerkfreigabedienst

"10280:UDP" = 10280:UDP:LocalSubNet:Enabled:Windows Media Player-Netzwerkfreigabedienst

"10281:UDP" = 10281:UDP:LocalSubNet:Enabled:Windows Media Player-Netzwerkfreigabedienst

"10282:UDP" = 10282:UDP:LocalSubNet:Enabled:Windows Media Player-Netzwerkfreigabedienst

"10283:UDP" = 10283:UDP:LocalSubNet:Enabled:Windows Media Player-Netzwerkfreigabedienst

"10284:UDP" = 10284:UDP:LocalSubNet:Enabled:Windows Media Player-Netzwerkfreigabedienst

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]

"EnableFirewall" = 1

"DoNotAllowExceptions" = 0

"DisableNotifications" = 0

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007

"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008

"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004

"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005

"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001

"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002

"6198:TCP" = 6198:TCP:*:Enabled:freenetSPEED

"3126:TCP" = 3126:TCP:*:Enabled:freenetSPEED

"3128:TCP" = 3128:TCP:*:Enabled:freenetSPEED

"10243:TCP" = 10243:TCP:LocalSubNet:Enabled:Windows Media Player-Netzwerkfreigabedienst

"10280:UDP" = 10280:UDP:LocalSubNet:Enabled:Windows Media Player-Netzwerkfreigabedienst

"10281:UDP" = 10281:UDP:LocalSubNet:Enabled:Windows Media Player-Netzwerkfreigabedienst

"10282:UDP" = 10282:UDP:LocalSubNet:Enabled:Windows Media Player-Netzwerkfreigabedienst

"10283:UDP" = 10283:UDP:LocalSubNet:Enabled:Windows Media Player-Netzwerkfreigabedienst

"10284:UDP" = 10284:UDP:LocalSubNet:Enabled:Windows Media Player-Netzwerkfreigabedienst

 
 ========== Authorized Applications List ==========

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

"C:\Programme\IBM\Updater\jre\bin\java.exe" = C:\Programme\IBM\Updater\jre\bin\java.exe:*:Enabled:IBM Update Connector -- File not found

"C:\Programme\IBM\Updater\jre\bin\javaw.exe" = C:\Programme\IBM\Updater\jre\bin\javaw.exe:*:Enabled:IBM Update Connector -- File not found

"C:\Programme\IBM\Updater\ucsmb.exe" = C:\Programme\IBM\Updater\ucsmb.exe:*:Enabled:IBM Update Connector -- File not found

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]

"C:\Programme\IBM\Updater\jre\bin\java.exe" = C:\Programme\IBM\Updater\jre\bin\java.exe:*:Enabled:IBM Update Connector -- File not found

"C:\Programme\IBM\Updater\jre\bin\javaw.exe" = C:\Programme\IBM\Updater\jre\bin\javaw.exe:*:Enabled:IBM Update Connector -- File not found

"C:\Programme\IBM\Updater\ucsmb.exe" = C:\Programme\IBM\Updater\ucsmb.exe:*:Enabled:IBM Update Connector -- File not found

"D:\fsetup.exe" = D:\fsetup.exe:*:Enabled:AVM FSetup Application -- File not found

"C:\Programme\freenet\PxClient.exe" = C:\Programme\freenet\PxClient.exe:*:Enabled:freenetSPEED -- File not found

"C:\Programme\VoipDiscount.com\VoipDiscount\VoipDiscount.exe" = C:\Programme\VoipDiscount.com\VoipDiscount\VoipDiscount.exe:*:Enabled:VoipDiscount -- (VoipDiscount)

"C:\Programme\Mozilla Thunderbird\thunderbird.exe" = C:\Programme\Mozilla Thunderbird\thunderbird.exe:*:Enabled:Mozilla Thunderbird -- (Mozilla Messaging)

"C:\Programme\Intuwave Ltd\Shared\mRouterRunTime\mRouterRuntime.exe" = C:\Programme\Intuwave Ltd\Shared\mRouterRunTime\mRouterRuntime.exe:*:Enabled:mRouterRuntime -- (Intuwave Ltd.)

"C:\WINDOWS\system32\fxsclnt.exe" = C:\WINDOWS\system32\fxsclnt.exe:*:Enabled:Microsoft  Fax Console -- (Microsoft Corporation)

"C:\Programme\Java\jdk1.6.0_01\jre\bin\java.exe" = C:\Programme\Java\jdk1.6.0_01\jre\bin\java.exe:*:Enabled:Java(TM) Platform SE binary -- File not found

"C:\Programme\MySQL\MySQL Server 5.0\bin\mysqld-nt.exe" = C:\Programme\MySQL\MySQL Server 5.0\bin\mysqld-nt.exe:*:Enabled:mysqld-nt -- ()

"C:\Programme\Java\jdk1.6.0_01\bin\java.exe" = C:\Programme\Java\jdk1.6.0_01\bin\java.exe:*:Enabled:Java(TM) Platform SE binary -- File not found

"C:\Programme\Java\jdk1.6.0\bin\java.exe" = C:\Programme\Java\jdk1.6.0\bin\java.exe:*:Enabled:Java(TM) Platform SE binary -- File not found

"C:\Programme\FRITZ!DSL\FBOXUPD.EXE" = C:\Programme\FRITZ!DSL\FBOXUPD.EXE:*:Enabled:AVM FRITZ!Box Firmware-Update -- (AVM Berlin)

"C:\Programme\Java\jdk1.6.0_02\jre\bin\java.exe" = C:\Programme\Java\jdk1.6.0_02\jre\bin\java.exe:*:Enabled:Java(TM) Platform SE binary -- File not found

"C:\Programme\Home Cinema\PowerCinema\PowerCinema.exe" = C:\Programme\Home Cinema\PowerCinema\PowerCinema.exe:*:Enabled:PowerCinema -- File not found

"C:\Dokumente und Einstellungen\***\Lokale Einstellungen\Apps\2.0\CDYO31ZO.VG2\OEZVKJ02.55X\frit..tion_f8d772dfbb3f7453_0002.0001_147a792107b9f781\fritzbox-usb-fernanschluss.exe" = C:\Dokumente und Einstellungen\***\Lokale Einstellungen\Apps\2.0\CDYO31ZO.VG2\OEZVKJ02.55X\frit..tion_f8d772dfbb3f7453_0002.0001_147a792107b9f781\fritzbox-usb-fernanschluss.exe:*:Enabled:FRITZ!Box USB-Fernanschluss -- File not found

"C:\Programme\WS_FTP\WS_FTP95.exe" = C:\Programme\WS_FTP\WS_FTP95.exe:*:Enabled:WS_FTP 95 -- (Ipswitch, Inc. 81 Hartwell Ave. Lexington, MA)

"C:\Programme\Java\jdk1.6.0_03\bin\java.exe" = C:\Programme\Java\jdk1.6.0_03\bin\java.exe:*:Enabled:Java(TM) Platform SE binary -- (Sun Microsystems, Inc.)

"C:\Programme\Java\jdk1.6.0_03\jre\bin\java.exe" = C:\Programme\Java\jdk1.6.0_03\jre\bin\java.exe:*:Enabled:Java(TM) Platform SE binary -- (Sun Microsystems, Inc.)

"C:\Programme\Java\jre1.6.0_03\bin\java.exe" = C:\Programme\Java\jre1.6.0_03\bin\java.exe:*:Enabled:Java(TM) Platform SE binary -- File not found

"C:\Programme\Java\NetBeans 6.0 RC2\mobility8\WTK2.5.2\bin\emulator.exe" = C:\Programme\Java\NetBeans 6.0 RC2\mobility8\WTK2.5.2\bin\emulator.exe:*:Enabled:emulator -- File not found

"C:\Programme\Java\WTK22\bin\emulator.exe" = C:\Programme\Java\WTK22\bin\emulator.exe:*:Enabled:emulator -- ()

"C:\Programme\Java\NetBeans 6.0\mobility8\WTK2.5.2\bin\emulator.exe" = C:\Programme\Java\NetBeans 6.0\mobility8\WTK2.5.2\bin\emulator.exe:*:Enabled:emulator -- File not found

"C:\Programme\FRITZ!DSL\IGDCTRL.EXE" = C:\Programme\FRITZ!DSL\IGDCTRL.EXE:*:Enabled:AVM FRITZ!DSL - igdctrl.exe -- (AVM Berlin)

"C:\Programme\FRITZ!DSL\WebwaIgd.exe" = C:\Programme\FRITZ!DSL\WebwaIgd.exe:*:Enabled:AVM FRITZ!DSL - webwaigd.exe -- (AVM Berlin)

"C:\Programme\uTorrent\uTorrent.exe" = C:\Programme\uTorrent\uTorrent.exe:*:Enabled:µTorrent -- File not found

"C:\Programme\Sony Ericsson\Update Service\ma3platform.exe" = C:\Programme\Sony Ericsson\Update Service\ma3platform.exe:*:Enabled:ma3platform -- File not found

"C:\Programme\Sony Ericsson\Update Service\Update Service.exe" = C:\Programme\Sony Ericsson\Update Service\Update Service.exe:*:Enabled:Update Service -- File not found

"C:\Programme\Sony Ericsson\Sony Ericsson Media Manager 1.0\MediaManager.exe" = C:\Programme\Sony Ericsson\Sony Ericsson Media Manager 1.0\MediaManager.exe:*:Enabled:Sony Ericsson Media Manager 1.0 -- (Sony Creative Software Inc.)

"C:\Programme\Java\jdk1.6.0_04\jre\bin\java.exe" = C:\Programme\Java\jdk1.6.0_04\jre\bin\java.exe:*:Enabled:Java(TM) Platform SE binary -- File not found

"C:\Dokumente und Einstellungen\***\Lokale Einstellungen\Apps\2.0\CDYO31ZO.VG2\OEZVKJ02.55X\frit..tion_f8d772dfbb3f7453_0002.0001_0db5bf0e9add42c1\fritzbox-usb-fernanschluss.exe" = C:\Dokumente und Einstellungen\***\Lokale Einstellungen\Apps\2.0\CDYO31ZO.VG2\OEZVKJ02.55X\frit..tion_f8d772dfbb3f7453_0002.0001_0db5bf0e9add42c1\fritzbox-usb-fernanschluss.exe:*:Enabled:FRITZ!Box USB-Fernanschluss -- File not found

"C:\Programme\Java\jre1.6.0_04\bin\javaw.exe" = C:\Programme\Java\jre1.6.0_04\bin\javaw.exe:*:Enabled:Java(TM) Platform SE binary -- File not found

"C:\Program Files\IBM\Java142\jre\bin\javaw.exe" = C:\Program Files\IBM\Java142\jre\bin\javaw.exe:*:Enabled:Java launcher -- (IBM)

"C:\Programme\Mozilla\Firefox\firefox.exe" = C:\Programme\Mozilla\Firefox\firefox.exe:*:Enabled:Firefox -- (Mozilla Corporation)

"C:\Programme\Java\jdk1.6.0_06\jre\bin\java.exe" = C:\Programme\Java\jdk1.6.0_06\jre\bin\java.exe:*:Enabled:Java(TM) Platform SE binary -- File not found

"C:\Dokumente und Einstellungen\***\Lokale Einstellungen\Apps\2.0\CDYO31ZO.VG2\OEZVKJ02.55X\frit..tion_f8d772dfbb3f7453_0002.0001_0db5bf0f9b5c5281\fritzbox-usb-fernanschluss.exe" = C:\Dokumente und Einstellungen\***\Lokale Einstellungen\Apps\2.0\CDYO31ZO.VG2\OEZVKJ02.55X\frit..tion_f8d772dfbb3f7453_0002.0001_0db5bf0f9b5c5281\fritzbox-usb-fernanschluss.exe:*:Enabled:FRITZ!Box USB-Fernanschluss -- File not found

"C:\Programme\Java\jdk1.6.0_07\jre\bin\java.exe" = C:\Programme\Java\jdk1.6.0_07\jre\bin\java.exe:*:Enabled:Java(TM) Platform SE binary -- File not found

"C:\Programme\Real\RealPlayer\realplay.exe" = C:\Programme\Real\RealPlayer\realplay.exe:*:Enabled:RealPlayer -- File not found

"C:\Dokumente und Einstellungen\***\Lokale Einstellungen\Apps\2.0\CDYO31ZO.VG2\OEZVKJ02.55X\frit..tion_f8d772dfbb3f7453_0002.0001_0db5bf139d589181\fritzbox-usb-fernanschluss.exe" = C:\Dokumente und Einstellungen\***\Lokale Einstellungen\Apps\2.0\CDYO31ZO.VG2\OEZVKJ02.55X\frit..tion_f8d772dfbb3f7453_0002.0001_0db5bf139d589181\fritzbox-usb-fernanschluss.exe:*:Enabled:FRITZ!Box USB-Fernanschluss -- File not found

"C:\Dokumente und Einstellungen\***\Lokale Einstellungen\Apps\2.0\CDYO31ZO.VG2\OEZVKJ02.55X\frit..tion_f8d772dfbb3f7453_0002.0001_0db5bf149dd7a141\fritzbox-usb-fernanschluss.exe" = C:\Dokumente und Einstellungen\***\Lokale Einstellungen\Apps\2.0\CDYO31ZO.VG2\OEZVKJ02.55X\frit..tion_f8d772dfbb3f7453_0002.0001_0db5bf149dd7a141\fritzbox-usb-fernanschluss.exe:*:Enabled:FRITZ!Box USB-Fernanschluss -- (AVM Berlin)

"C:\Programme\Java\jre6\bin\java.exe" = C:\Programme\Java\jre6\bin\java.exe:*:Enabled:Java(TM) Platform SE binary -- (Sun Microsystems, Inc.)

"C:\Program Files\Real\RealPlayer\realplay.exe" = C:\Program Files\Real\RealPlayer\realplay.exe:*:Enabled:RealPlayer -- (RealNetworks, Inc.)

"C:\Programme\Java\jre6\bin\javaw.exe" = C:\Programme\Java\jre6\bin\javaw.exe:*:Enabled:Java(TM) Platform SE binary -- (Sun Microsystems, Inc.)

"C:\Dokumente und Einstellungen\***\Lokale Einstellungen\Apps\2.0\CDYO31ZO.VG2\OEZVKJ02.55X\frit..tion_f8d772dfbb3f7453_0002.0001_0db5bf169ed5c0c1\fritzbox-usb-fernanschluss.exe" = C:\Dokumente und Einstellungen\***\Lokale Einstellungen\Apps\2.0\CDYO31ZO.VG2\OEZVKJ02.55X\frit..tion_f8d772dfbb3f7453_0002.0001_0db5bf169ed5c0c1\fritzbox-usb-fernanschluss.exe:*:Enabled:FRITZ!Box USB-Fernanschluss -- (AVM Berlin)

"C:\WINDOWS\LMI35.tmp\lmi_rescue.exe" = C:\WINDOWS\LMI35.tmp\lmi_rescue.exe:*:Enabled:LogMeIn Rescue -- File not found

"C:\WINDOWS\LMI60.tmp\lmi_rescue.exe" = C:\WINDOWS\LMI60.tmp\lmi_rescue.exe:*:Enabled:LogMeIn Rescue -- File not found

"C:\WINDOWS\LMI33D.tmp\lmi_rescue.exe" = C:\WINDOWS\LMI33D.tmp\lmi_rescue.exe:*:Enabled:LogMeIn Rescue -- File not found

"C:\WINDOWS\LMI3B2.tmp\lmi_rescue.exe" = C:\WINDOWS\LMI3B2.tmp\lmi_rescue.exe:*:Enabled:LogMeIn Rescue -- File not found

"C:\WINDOWS\LMI3B7.tmp\lmi_rescue.exe" = C:\WINDOWS\LMI3B7.tmp\lmi_rescue.exe:*:Enabled:LogMeIn Rescue -- File not found

"C:\Programme\BitTorrent\bittorrent.exe" = C:\Programme\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent -- (BitTorrent, Inc.)

"C:\Programme\FRITZ!Box Monitor\FRITZBoxMonitor.exe" = C:\Programme\FRITZ!Box Monitor\FRITZBoxMonitor.exe:*:Enabled:FRITZ!Box Monitor -- (AVM Berlin)

"C:\Programme\FRITZ!vox\Fritz!vox.exe" = C:\Programme\FRITZ!vox\Fritz!vox.exe:*:Enabled:Fritz!vox -- (AVM Berlin)

"C:\CYGWIN\bin\rsync.exe" = C:\CYGWIN\bin\rsync.exe:*:Enabled:rsync -- ()

 

 
 ========== HKEY_LOCAL_MACHINE Uninstall List ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"{00000407-78E1-11D2-B60F-006097C998E7}" = Microsoft Office 2000 SR-1 Premium

"{00170407-78E1-11D2-B60F-006097C998E7}" = Microsoft Word 2000 SR-1

"{00BA866C-F2A2-4BB9-A308-3DFA695B6F7C}" = Java DB 10.5.3.0

"{01008202-823E-46CD-A70E-BEE818F97169}" = Microsoft Encarta Enzyklopädie 2002

"{01DA3FC4-CF94-4AAD-9127-C8F2E09F6E69}" = PowerArchiver 2010

"{024D73F0-1C49-2340-8AC3-5234AAA560C0}" = ccc-core-static

"{03B1BBDC-7FAA-4A03-9988-A85428BAD382}" = Sun ODF Plugin for Microsoft Office 3.0

"{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu

"{055EE59D-217B-43A7-ABFF-507B966405D8}" = ATI Catalyst Control Center

"{05E9F134-07C9-4249-9B80-EE5D975F201B}" = Sony Ericsson Image Editor

"{0873B1A3-00A9-40D6-BACE-3DB4BC5DA840}" = ThinkPad SATA Power Management Driver

"{0BEDBD4E-2D34-47B5-9973-57E62B29307C}" = ATI Systemsteuerung

"{0D05C1D4-BB4C-4545-86DC-F5EA7D04121A}" = Vtpro-e Themes v1.3

"{0E0DF90C-D0BA-4C89-9262-AD78D1A3DE51}" = HP USB Disk Storage Format Tool

"{1007F41F-7D69-468E-8017-3849A5A973C2}" = IBM ThinkVantage Technologies Welcome Message

"{11783F13-C3A9-44A8-929B-21A476F65272}" = IBM Rescue and Recovery with Rapid Restore

"{1206EF92-2E83-4859-ACCB-2048C3CB7DA6}" = Sonic DLA

"{1297C681-92D7-40EF-93BF-03F66EC5105C}" = ThinkPad-Dienstprogramm 'EasyEject'

"{13EDFFFE-DCF2-448A-A653-3C4CD60D99B4}" = Palm Desktop and Synchronization Software

"{1649C93D-C661-4C53-B8AE-DB3592150B34}" = Buhl finance - tax 2006 Professional

"{17CBC505-D1AE-459D-B445-3D2000A85842}" = ThinkPad UltraNav Utility

"{1E5007FA-DA5E-4EDD-BDE5-14D128D66887}" = PowerQuest PartitionMagic 7.0

"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

"{2111B23F-7FDA-4A41-8309-E5A1663CA296}" = Dienstprogramm 'IBM ThinkPad-Tastaturanpassung'

"{23170F69-40C1-2701-0465-000001000000}" = 7-Zip 4.65

"{23FB368F-1399-4EAC-817C-4B83ECBE3D83}" = mProSafe

"{2457326B-C110-40C3-89B0-889CC913871A}" = AVM FRITZ!DSL

"{24F9E04D-4CD5-3979-76F9-C1C6E78471AB}" = CCC Help Italian

"{25F60491-F5AB-4985-9354-37C146783F35}" = Microsoft Works Suite-Add-Ins für Microsoft Word

"{2604C0F9-BFD3-4BA0-9EB5-22537C648F03}" = MobileMe Control Panel

"{26A24AE4-039D-4CA4-87B4-2F83216014FF}" = Java(TM) 6 Update 21

"{2D230139-69DA-4CE8-83FB-EE5F522D2FF5}" = Praesideo Logging Server V2.32.1757

"{2FCE4FC5-6930-40E7-A4F1-F862207424EF}" = InterVideo WinDVD Creator

"{2FEB25F8-C3CB-49A2-AE79-DE17FFAFB5D9}" = MySQL Server 5.0

"{2FFE93F0-BB72-4E52-8761-354D1AAA9387}" = Sony Ericsson PC Suite 3.108.00

"{30465B6C-B53F-49A1-9EBA-A3F187AD502E}" = Sonic Update Manager

"{31E1050B-F69F-4A16-8F5A-E44D31901250}" = Ulead DVD DiskRecorder 2.1.1

"{3248F0A8-6813-11D6-A77B-00B0D0150100}" = J2SE Runtime Environment 5.0 Update 10

"{32A3A4F4-B792-11D6-A78A-00B0D0150100}" = J2SE Development Kit 5.0 Update 10

"{32A3A4F4-B792-11D6-A78A-00B0D0160030}" = Java(TM) SE Development Kit 6 Update 3

"{32A3A4F4-B792-11D6-A78A-00B0D0160180}" = Java(TM) SE Development Kit 6 Update 18

"{32A3A4F4-B792-11D6-A78A-00B0D0160200}" = Java(TM) SE Development Kit 6 Update 20

"{32A3A4F4-B792-11D6-A78A-00B0D0170000}" = Java(TM) SE Development Kit 7

"{3305E24F-1192-0424-8A25-39713FD92728}" = Skins

"{34F0D55F-C386-4195-9A5B-961D3F6ACD46}" = InterVideo MediaOne Gallery

"{350C97B3-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP

"{3B94A56F-9FDA-46CC-A3B6-07613A84200B}" = Buhl finance - tax 2007 Professional

"{3D289CAC-AD9F-45d9-9D36-524EB7B6C958}" = Lenovo Hard Drive Quick Test

"{3DA7A736-0B03-565C-1139-83FE890F0AF3}" = CCC Help French

"{3EA9D975-BFDC-4E8E-B88B-0446FBC8CA66}" = ATI HYDRAVISION

"{3F71721C-E73D-481C-B926-C56B68D8F388}" = Praesideo Open Interface Library V2.32.1757

"{437C19B3-7E20-4E39-B868-CA6BAA820E1C}" = Microsoft Rechner-Plus

"{43A1FE83-D39F-3779-8D48-D6D19EE7AC48}" = CCC Help Chinese Traditional

"{443CBE24-0679-4027-9C36-66F129E009C5}" = Crestron Database

"{448AB2CB-C94A-47DE-80B8-9D7824DEFA57}" = Ulead FilmBrennerei 4.0

"{44B32F92-5A96-43D9-BCBE-0AD2CDC409E7}" = TortoiseHg 1.1.3 (x86)

"{46A84694-59EC-48F0-964C-7E76E9F8A2ED}" = ThinkVantage System für aktiven Festplattenschutz

"{47CF8B92-4083-4F43-9680-6EDE10F812BD}" = Praesideo Logging Viewer V2.32.1757

"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater

"{4A7FDA4D-F4D7-4A49-934A-066D59A43C7E}" = SmartSound Quicktracks Plugin

"{55C28EF3-2EA3-46AB-B1E7-54B96C5A6921}" = Viewport v3.99.01

"{57FA0525-01F9-4051-8DE9-CBF43CAC68D9}" = Catalyst Control Center - Branding

"{5C72622B-643D-4296-B57D-5D53D0C68509}" = Sony Ericsson Media Manager 1.0

"{5D73F169-DD54-4C74-AEB0-CE72A4ED95E6}" = Algo Vision LuraTech Browser Plug-ins

"{5DE1B7CF-7429-40CA-987F-6BEE09B63787}" = Prime95

"{5F71EB81-C72E-4B28-8D90-FDEECFEBC2DE}" = Drive Image

"{61A17AE1-B4C3-4FC0-8563-684C23CBFA0F}" = SW-Entwicklung\Sun Java (TM) Wireless Toolkit 2.5.2 for CLDC

"{63F817ED-F710-481B-B332-7A356CE04E10}" = TortoiseOverlays

"{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}" = Sonic Express Labeler

"{6686F38D-1A32-4A8C-94D7-A2AA9C5F3C9B}" = Crestron Device Database

"{66CA5E58-0D03-A75D-16EF-68258DE0DFC3}" = CCC Help English

"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD

"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update

"{6BC292E6-5C85-4620-C1D0-A2FEAFD5D135}" = CCC Help Japanese

"{6C31E111-96BB-4ADC-9C81-E6D3EEDDD8D3}" = Powertoys For Windows XP

"{6CE96A14-61E2-48CC-837E-22710A953ADE}" = IBM Themes

"{7005C601-B415-4D77-B2ED-FF40E3DACDED}" = DEAL for Windows v4.00

"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable

"{735DEB9C-61BD-4D31-994B-92395BBB4E45}" = Microsoft XML Parser

"{75438C0E-9925-412E-AD85-D0E71C6CE2ED}" = USB2.0 PC Camera (SN9C201&202)

"{7579A17B-0E6C-9EF3-D022-30729A24B399}" = CCC Help Chinese Standard

"{76E41F43-59D2-4F30-BA42-9A762EE1E8DE}" = Avanquest update

"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053

"{7BAA2000-5B8D-66DD-DBE7-089671AC118B}" = ccc-utility

"{7C2BD022-2B09-1F6D-D6C1-AD2A591E7537}" = Catalyst Control Center Core Implementation

"{7D2370AC-D8E6-4996-986A-19824F8A167C}" = Logitech QuickCam

"{7E265513-8CDA-4631-B696-F40D983F3B07}_is1" = CDBurnerXP

"{7EB114D8-207F-45AE-BABD-1669715F2630}" = ThinkVantage Access Connections

"{806DB796-7082-C63F-284E-62245284A417}" = CCC Help Dutch

"{808FAA20-4C3A-11D4-8A57-00201853C903}" = PC-Linq

"{82512BC9-BD5D-4C50-BE4D-B98E7DF78687}" = ThinkPad-UltraNav-Assistent

"{8398B542-3CC4-44D9-83DF-696CCE70124B}" = Windows Support Tools

"{84814E6B-2581-46EC-926A-823BD1C670F6}" = ThinkPad Bluetooth with Enhanced Data Rate Software

"{8675339C-128C-44DD-83BF-0A5D6ABD8297}" = System Update

"{8745DEAB-1126-42F5-9585-C66D5497B47B}" = EMEA Wallpaper

"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight

"{8D0E26CF-AA2F-48FF-A533-6207DE50B1C4}_is1" = Agendus for Windows Palm Desktop Edition

"{8D1E61D1-1395-4E97-997F-D002DB3A5074}" = OpenOffice.org 3.2

"{8EAB2384-C794-40ED-A9DD-3270A0D2BB76}" = Ulead VideoStudio 9.0

"{91810AFC-A4F8-4EBA-A5AA-B198BBC81144}" = InterVideo WinDVD

"{91AF774D-8506-4194-9B77-9D803CBF5AC1}" = SIMPL Windows v2.10

"{925936AC-9C9A-4897-874B-60961AAB6D52}" = Disc2Phone

"{9541FED0-327F-4DF0-8B96-EF57EF622F19}" = Sonic RecordNow!

"{984E0622-29E5-44EA-A075-A0CE91B2CF13}" = TortoiseOverlays

"{A0E64EBA-8BF0-49FB-90C0-BB3D781A2016}" = ThinkPad Energie-Manager

"{A1A903C9-35DE-4770-9264-5F831E0A3A2E}" = SIMPL Windows Library v565

"{A2092B2A-A4FB-4464-A4C0-023D2C9993F8}" = 

"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2

"{A3E23D97-145F-29BF-81DE-DAEC1E5AB237}" = Catalyst Control Center Graphics Full New

"{A8FA2AC0-3875-B59F-917F-719982FB1BE8}" = CCC Help Portuguese

"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper

"{AA3983BF-9B72-484E-972A-E47BBAFA9CCA}" = VisionTools Pro-e v3.8

"{AC76BA86-7AD7-1031-7B44-A93000000001}" = Adobe Reader 9.3.4 - Deutsch

"{AC76BA86-7AD7-5464-3428-800000000003}" = Spelling Dictionaries Support For Adobe Reader 8

"{AC849092-6F19-4395-8860-BC3B82CAFE51}" = funScreenScraping Microsoft Systemdateien

"{AE1A0B0E-2EC7-656A-711A-0E7E8D4AB5CF}" = CCC Help Spanish

"{B016DE7B-CA2D-5EFD-9591-A109E67119BD}" = CCC Help Swedish

"{B214C3C8-FC16-42EC-B7BB-703A1BB9C790}" = Lenovo Battery Program

"{B5FDA445-CAC4-4BA6-A8FB-A7212BD439DE}" = Microsoft XML Parser

"{B5FE8184-DB90-4642-826C-096C6369B3DA}" = J2ME Wireless Toolkit 2.2

"{B6826FA8-04C8-4147-AA3C-5B900AB887A1}" = PowerArchiver 2007

"{B7A0CE06-068E-11D6-97FD-0050BACBF861}" = PowerProducer

"{BAF78226-3200-4DB4-BE33-4D922A799840}" = Windows Presentation Foundation

"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2

"{C2C284D2-6BD7-3B34-B0C5-B2CAED168DF7}" = Microsoft .NET Framework 3.0 Service Pack 2 Language Pack - DEU

"{C314CE45-3392-3B73-B4E1-139CD41CA933}" = Microsoft .NET Framework 2.0 Service Pack 2 Language Pack - DEU

"{C4A92EF9-D14C-937F-742E-D272938DC590}" = CCC Help Korean

"{C769A271-7E1C-48F9-B331-474600DD4C06}" = Microsoft Picture It! Foto 2002

"{C7B8E06E-EBBC-4210-93AB-DFC8760E3FC9}" = Works Suite-Betriebssystem-Pack

"{C9A87D86-FDFD-418B-BF96-EF09320973B3}" = PC Inspector smart recovery

"{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector

"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1

"{CC016F21-3970-11DE-B878-005056806466}" = Google Earth

"{CD6EB005-957A-4191-93ED-6ECD5F7F931E}" = SKTimeStamp

"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1

"{CFEDA22F-435D-4891-913A-75B80D8159B8}" = Crestron Toolbox v1.12

"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.2

"{D121161E-AD64-4438-97A0-66A1AB7FFDE3}" = Works Suite-Betriebssystem-Pack

"{D2FEBD11-E587-4C41-AD33-0CD90D26A964}" = Client für die Windows-Rechteverwaltung mit Service Pack 2

"{D36DD326-7280-11D8-97C8-000129760CBE}" = PhotoNow! 1.0

"{D5881E4A-0764-11D6-9D93-DECCF2B3F57C}" = Praesideo Core V2.32.1757

"{D5A9B7C0-8751-11D8-9D75-000129760D75}" = MediaShow 3.0

"{D6DE02C7-1F47-11D4-9515-00105AE4B89A}" = Paint Shop Pro 7 Anniversary Edition

"{D702172D-8D17-D9EC-B661-42FA268575AF}" = Catalyst Control Center Localization All

"{DAA3F236-CEEC-C6CC-12C2-AB1B75C8BC09}" = CCC Help German

"{DAEAFD68-BB4A-4507-A241-C8804D2EA66D}" = Apple Application Support

"{DEC2C123-3CE0-4669-B119-61519130CACD}" = TortoiseSVN 1.6.10.19898 (32 bit)

"{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF}" = Ad-Aware

"{E09CEE8B-1DCD-C628-A8EA-2B56D61DDEFA}" = ccc-core-preinstall

"{E258A840-7E9A-443A-B156-67102C48BF17}" = TPP Storage Driver Installation

"{E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}" = Windows Media Encoder 9-Reihe

"{E7004147-2CCA-431C-AA05-2AB166B9785D}" = QuickTime

"{E78BFA60-5393-4C38-82AB-E8019E464EB4}" = Microsoft .NET Framework 1.1 German Language Pack

"{E922961C-6DB6-41DE-9FEA-426DF3E9F81C}" = IBM 32-bit Runtime Environment for Java 2, v1.4.2

"{EA664480-3844-11D5-8C25-444553540000}" = Funktion "TrackPoint-Eingabehilfen"

"{EC6AF20D-4376-4070-BEE4-D3A0DFF7E140}" = Access IBM

"{EC905264-BCFE-423B-9C42-C3A106266790}" = Rückwärtskompatibilität des Clients für die Windows-Rechteverwaltung SP2

"{ED5EDCD0-5745-4B13-8061-58C9833FD06D}" = Microsoft Works 6.0

"{F0A37341-D692-11D4-A984-009027EC0A9C}" = SoundMAX

"{F18B31E4-E2E3-4F4F-A2C9-BA579D6AF400}" = TortoiseOverlays

"{F2260E94-80F2-4CB1-B6B1-6043D9BFFA47}" = Works-Synchronisierung

"{F22FD942-651D-4EE8-BD6F-7E0AF5E17625}" = Intel(R) PROSet/Wireless WiFi-Software

"{F3439243-1BAC-7250-D346-2642655F95ED}" = Catalyst Control Center Graphics Full Existing

"{F34D9A5F-484A-4E31-A9D3-908CB265B289}" = Sygate Personal Firewall

"{F3FAE3D8-A91D-4D11-90C1-27581C2C23B9}" = Sony Ericsson MMS Home Studio

"{F413B3A4-EE5D-457C-BAE5-6E58D9589ED5}" = Access IBM Message Center

"{F4F4F84E-804F-4E9A-84D7-C34283F0088F}" = RealUpgrade 1.0

"{F63E8666-0F10-11D3-8258-00C04F6843FE}" = Microsoft Visual Keyboard

"{F705E3E1-A471-426B-9A09-73429F3418EE}" = System Migration Assistant

"{F7F2DC0A-C22E-49AD-AD37-797309A54E7B}" = Microsoft AutoRoute 2002

"{FB97A745-D1E6-435D-B942-264E94F89938}" = SIMPL+ Cross Compiler

"{FC081D4D-DF1B-4CF1-B530-027E4118D846}" = ThinkPad-Konfiguration

"{FC18114B-05A0-11D6-8140-000102E745A6}" = PC Suite for P800

"{FCA651F3-5BDA-4DDA-9E4A-5D87D6914CC4}" = mWlsSafe

"{FD331A3B-F7A5-4C31-B8D4-DF413C85AF7A}" = Message Center Plus

"{FD9D4CA5-8F97-44A0-B17E-C2C77C824FA4}" = funScreenScraping Client Version

"{FF2AFF73-099E-0BB5-AE87-B044D3D7DE78}" = Catalyst Control Center Graphics Light

"1&1 Upload-Manager" = 1&1 Upload-Manager

"274c5407c4fa26908310cb5c1c5500001224356439" = NetBeans IDE 5.5

"312f77fc8b5965949add215dd8550000-1163196496" = NetBeans Profiler 5.5

"Adobe Flash Player ActiveX" = Adobe Flash Player ActiveX

"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin

"Adobe Shockwave Player" = Adobe Shockwave Player 11.5

"Adobe SVG Viewer" = Adobe SVG Viewer 3.0

"All ATI Software" = ATI - Dienstprogramm zur Deinstallation der Software

"Any Video Converter_is1" = Any Video Converter 3.0.3

"ATI Display Driver" = ATI Display Driver

"Attribute Manager_is1" = Attribute Manager 2.35

"Audacity 1.3 Beta (Unicode)_is1" = Audacity 1.3.9 (Unicode)

"Audacity_is1" = Audacity 1.2.6

"avast5" = avast! Free Antivirus

"AVIcodec" = AVIcodec (remove only)

"Avira UnErase Personal" = Avira UnErase Personal

"AVMFBox" = AVM FRITZ!Box Dokumentation

"AVMFBoxAnswerMachine" = AVM FRITZ!vox

"AVMFBoxMonitor" = AVM FRITZ!Box Monitor

"BitTorrent" = BitTorrent

"CCleaner" = CCleaner

"CD Audio Reader Filter" = CD Audio Reader Filter (remove only)

"CDCheck" = CDCheck

"CNXT_MODEM_PCI_VEN_8086&DEV_24C6&SUBSYS_05591014" = ThinkPad Integrated 56K Modem

"CollabNet Automatic Update" = CollabNet Automatic Update 1.2

"CollabNet Subversion Client" = CollabNet Subversion Client 1.6.12

"Corel Applications" = Corel Applications

"CvsConflictEditor_is1" = CvsConflictEditor 1.2.0

"CVSNT_is1" = CVSNT

"D2D77DC2-8299-11D1-8949-444553540000_is1" = WinCvs 2.0

"Defraggler" = Defraggler

"DiffUtils-2.8.7_is1" = GnuWin32: DiffUtils version 2.8.7

"Digital Image Recovery_is1" = Digital Image Recovery 1.47

"DirectVobSub" = DirectVobSub (remove only)

"doPDF 7 printer_is1" = doPDF 7.1 printer

"EASEUS Partition Master Home Edition_is1" = EASEUS Partition Master 5.5.1 Home Edition

"EPSON SMART PANEL" = EPSON SMART PANEL

"EPSON Stylus Scan" = EPSON Stylus Scan FB TWAIN

"EPSON-Drucker und Utilities" = EPSON-Drucker-Software

"Exact Audio Copy" = Exact Audio Copy 0.99pb5

"Exifer_is1" = Exifer

"fcd569e3a3b8ade0f9366fc6625500001796351737" = NetBeans Mobility Pack 5.5

"Feurio" = Feurio! CD-Writer

"ffdshow_is1" = ffdshow [rev 1868] [2008-02-22]

"FFmpeg for Audacity on Windows_is1" = FFmpeg for Audacity on Windows

"FinePrint 2000" = FinePrint 2000

"FinePrint2000" = FinePrint 2000

"FolderSizes_is1" = FolderSizes 1.0

"frndial" = freenet.de

"FTDICOMM" = SEMC DSS-20 SyncStation Driver

"GMX Upload-Manager" = GMX Upload-Manager

"IE7 Standalone_is1" = Internet Explorer 7 Standalone

"InstallShield für Microsoft Visual C++ 6" = InstallShield für Microsoft Visual C++ 6

"InstallShield_{4A7FDA4D-F4D7-4A49-934A-066D59A43C7E}" = SmartSound Quicktracks Plugin

"InstallShield_{5D73F169-DD54-4C74-AEB0-CE72A4ED95E6}" = Algo Vision LuraTech Browser Plug-ins

"InstallShield_{E922961C-6DB6-41DE-9FEA-426DF3E9F81C}" = IBM 32-bit Runtime Environment for Java 2, v1.4.2

"IrfanView" = IrfanView (remove only)

"ISO Commander" = ISO Commander 1.6 (remove only)

"IsoBuster_is1" = IsoBuster 2.7

"jclasslib bytecode viewer 3.0" = jclasslib bytecode viewer 3.0

"KompoZer_is1" = KompoZer 0.77

"LAME for Audacity_is1" = LAME v3.98.2 for Audacity

"Lavasoft VX2 Cleaner" = Lavasoft VX2 Cleaner

"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware

"MediaInfo" = MediaInfo 0.7.29

"Microsoft .NET Framework 1.1  (1033)" = Microsoft .NET Framework 1.1

"Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU

"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1

"Microsoft Developer Network - Visual Studio 6.0a (deu)" = MSDN Library - Visual Studio 6.0a (Deutsch)

"Mozilla Firefox (3.6.10)" = Mozilla Firefox (3.6.10)

"Mozilla Thunderbird (3.1.4)" = Mozilla Thunderbird (3.1.4)

"Mp3tag" = Mp3tag v2.46a

"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP

"MyDefrag v4.2.5_is1" = MyDefrag v4.2.5

"MyDefrag v4.2.9_is1" = MyDefrag v4.2.9

"nbi-nb-base-6.0.0.0.200711201000" = NetBeans IDE 6.0 RC2

"nbi-nb-base-6.1.0.0.200804211638" = NetBeans IDE 6.1

"nbi-nb-base-6.5.0.0.200811100001" = NetBeans IDE 6.5

"nbi-nb-base-6.7.1.0.0" = NetBeans IDE 6.7.1

"nbi-nb-base-6.9.0.0.0" = NetBeans IDE 6.9

"nbi-nb-base-6.9.1.0.201006282301" = NetBeans IDE 6.9.1 Build 201006282301

"Nero - Burning Rom!UninstallKey" = Ahead Nero - Burning Rom

"Notepad++" = Notepad++

"NTFSRatio_is1" = NTFSRatio V1.3

"Nvu_is1" = Nvu 1.0

"OnScreenDisplay" = Anzeige am Bildschirm

"PC-Doctor 5 for Windows" = PC-Doctor 5 für Windows

"PFrank_is1" = Peter's Flexible RenAmiNg Kit (PFrank) 2.13

"Power Management Driver" = ThinkPad Power Management Driver

"Praesideo PC Callstation" = Praesideo PC Callstation

"Presentation Director" = ThinkPad-Präsentationsdirektor

"ProInst" = Intel PROSet Wireless

"QcDrv" = Logitech® Camera-Treiber

"RealPlayer 12.0" = RealPlayer

"RealVNC_is1" = VNC Free Edition 4.1.2

"Rename-It!" = Rename-It!

"ReNamer_is1" = ReNamer

"Secunia PSI" = Secunia PSI

"SequoiaView" = SequoiaView

"SpeedFan" = SpeedFan (remove only)

"SynTPDeinstKey" = ThinkPad UltraNav Driver

"ThinkPad FullScreen Magnifier" = ThinkPad FullScreen Magnifier

"ThinkPadSoftwareInstaller" = Installationsprogramm für ThinkPad-Software

"TPKBDLED" = Scroll Lock Indicator Utility

"TPP200" = USB Storage Adapter V2 (TPP)

"TPP300" = USB Storage Adapter V3 (TPP)

"TPP725" = USB Storage Adapter (TPP)

"TreeSize Free_is1" = TreeSize Free V2.2.1

"UltraDefrag" = Ultra Defragmenter

"Unlocker" = Unlocker 1.8.7

"VLC media player" = VLC media player 1.1.4

"VoipDiscount_is1" = VoipDiscount

"Wdf01005" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.5

"Wdf01009" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.9

"WebPost" = Microsoft Web Publishing Wizard 1.53

"WIC" = Windows Imaging Component

"Windows Media Encoder 9" = Windows Media Encoder 9-Reihe

"Windows Media Format Runtime" = Windows Media Format 11 runtime

"Windows Media Player" = Windows Media Player 11

"Windows XP Service Pack" = Windows XP Service Pack 3

"WinHex" = WinHex

"WinHTTrack Website Copier_is1" = WinHTTrack Website Copier 3.43

"WinMerge_is1" = WinMerge 2.12.4

"WinRAR archiver" = WinRAR

"winscp3_is1" = WinSCP 4.2.7

"WinZip" = WinZip

"WinZip Self-Extractor" = WinZip Self-Extractor

"WMFDist11" = Windows Media Format 11 runtime

"wmp11" = Windows Media Player 11

"Works2002Setup" = Microsoft Works 2002-Setup-Start

"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0

"X10Hardware" = X10 Hardware(TM)

"xdocdiff" = xdocdiff

"XP Codec Pack" = XP Codec Pack

"XpsEPSC" = XML Paper Specification Shared Components Pack 1.0

"XPSEPSCLP" = XML Paper Specification Shared Components Language Pack 1.0

"Z-DBackup" = Z-DBackup

"ZoomPlayer" = Zoom Player (remove only)

"ZoomPlayerLang" = Zoom Player deutsche Sprachdateien (entfernen)

 
 ========== HKEY_CURRENT_USER Uninstall List ==========

 

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"{01D5859C-5207-4183-B88D-3DCD2022BC54}" = t@x 2008 Professional

"{40030378-9EB9-482A-AC10-195097CA624D}" = t@x 2009 Professional

"f6791b188d8f3ff8" = AVM FRITZ!Box USB-Fernanschluss

"InstallShield_{5F71EB81-C72E-4B28-8D90-FDEECFEBC2DE}" = PowerQuest Drive Image 2002

"jIRCii" = jIRCii

"muCommander" = muCommander

"StackTrace" = StackTrace

 
 ========== Last 10 Event Log Errors ==========

 

Error: Unable to start EventLog service!

 

< End of report >

OTL.txt:

Code:

OTL logfile created on: 01.10.2010 13:50:42 - Run 2

OTL by OldTimer - Version 3.2.14.1     Folder = E:\Software\Ab 17.04.2009\Download\Sicherheit

Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation

Internet Explorer (Version = 6.0.2900.5512)

Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

 

2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 45,00% Memory free

3,00 Gb Paging File | 2,00 Gb Available in Paging File | 61,00% Paging File free

Paging file location(s): C:\pagefile.sys 1024 1536 [binary data]

 

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme

Drive C: | 59,53 Gb Total Space | 5,38 Gb Free Space | 9,04% Space Free | Partition Type: NTFS

D: Drive not present or media not loaded

Drive E: | 46,18 Gb Total Space | 2,20 Gb Free Space | 4,77% Space Free | Partition Type: FAT32

Drive F: | 4,00 Gb Total Space | 0,45 Gb Free Space | 11,32% Space Free | Partition Type: FAT32

Drive G: | 4,01 Gb Total Space | 0,46 Gb Free Space | 11,49% Space Free | Partition Type: FAT32

Drive H: | 25,27 Gb Total Space | 4,47 Gb Free Space | 17,68% Space Free | Partition Type: NTFS

I: Drive not present or media not loaded

 

Computer Name: XXX

Current User Name: ***

NOT logged in as Administrator.

 

Current Boot Mode: Normal

Scan Mode: All users

Company Name Whitelist: Off

Skip Microsoft Files: Off

File Age = 30 Days

Output = Minimal

 
 ========== Processes (SafeList) ==========

 

PRC - E:\Software\Ab 17.04.2009\Download\Sicherheit\OTL.exe (OldTimer Tools)

PRC - C:\Programme\Mozilla\Firefox\plugin-container.exe (Mozilla Corporation)

PRC - C:\Programme\Mozilla\Firefox\firefox.exe (Mozilla Corporation)

PRC - C:\Programme\Alwil Software\Avast5\AvastUI.exe (AVAST Software)

PRC - C:\Programme\Gemeinsame Dateien\Real\Update_OB\realsched.exe (RealNetworks, Inc.)

PRC - C:\Programme\TortoiseHg\TortoiseHgOverlayServer.exe ()

PRC - C:\Programme\TortoiseSVN\bin\TSVNCache.exe (hxxp://tortoisesvn.net)

PRC - C:\Programme\TortoiseSVN\bin\TortoiseProc.exe (hxxp://tortoisesvn.net)

PRC - C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)

PRC - C:\WINDOWS\system32\TpShocks.exe (Lenovo.)

PRC - C:\Programme\ThinkPad\ConnectUtilities\ACWLIcon.exe (Lenovo )

PRC - C:\Programme\ThinkPad\ConnectUtilities\ACTray.exe (Lenovo )

PRC - C:\Programme\Synaptics\SynTP\SynTPLpr.exe (Synaptics Incorporated)

PRC - C:\Programme\WinMerge\WinMergeU.exe (hxxp://winmerge.org)

PRC - C:\Programme\Lenovo\Message Center Plus\MCPLaunch.exe ()

PRC - C:\Dokumente und Einstellungen\***\Lokale Einstellungen\Apps\2.0\CDYO31ZO.VG2\OEZVKJ02.55X\frit..tion_f8d772dfbb3f7453_0002.0001_0db5bf169ed5c0c1\fritzbox-usb-fernanschluss.exe (AVM Berlin)

PRC - C:\Programme\ThinkPad\Utilities\EZEJMNAP.EXE (Lenovo Group Ltd.)

PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)

PRC - C:\Programme\Gemeinsame Dateien\Lenovo\Scheduler\scheduler_proxy.exe (Lenovo Group Limited)

PRC - C:\Programme\ThinkPad\Bluetooth Software\BTTray.exe (Broadcom Corporation.)

PRC - C:\Programme\FRITZ!DSL\StCenter.exe (AVM Berlin)

PRC - C:\Programme\FRITZ!DSL\FwebProt.exe (AVM Berlin)

PRC - C:\Programme\Lenovo\HOTKEY\TPOSDSVC.exe (Lenovo Group Limited)

PRC - C:\Programme\Lenovo\HOTKEY\TPONSCR.exe (Lenovo Group Limited)

PRC - C:\Programme\Logitech\QuickCam10\QuickCam10.exe ()

PRC - C:\Programme\Gemeinsame Dateien\logishrd\LComMgr\Communications_Helper.exe (Logitech Inc.)

PRC - C:\Programme\Gemeinsame Dateien\logishrd\LQCVFX\COCIManager.exe (Logitech Inc.)

PRC - C:\Programme\Gemeinsame Dateien\logishrd\LComMgr\LVComSX.exe (Logitech Inc.)

PRC - C:\WINDOWS\tsnp2std.exe (SONIX)

PRC - C:\WINDOWS\vsnp2std.exe (Sonix)

PRC - C:\Program Files\ThinkPad\UltraNav Wizard\UNavTray.exe (Lenovo Group Limited)

PRC - C:\Programme\ThinkPad\PkgMgr\HOTKEY_1\TpScrex.exe (Lenovo Group Limited)

PRC - C:\WINDOWS\system32\dla\DLACTRLW.EXE (Sonic Solutions)

PRC - C:\IBMTOOLS\utils\ibmprc.exe (IBM Corp.)

PRC - C:\Programme\Home Cinema\PowerDVD\PDVDServ.exe (Cyberlink Corp.)

PRC - C:\Programme\Analog Devices\SoundMAX\SMax4PNP.exe (Analog Devices, Inc.)

PRC - C:\Programme\Sony Ericsson\Mobile\audevicemgr.exe (Teleca Software Solutions AB)

PRC - C:\Programme\Analog Devices\SoundMAX\SMax4.exe (Analog Devices, Inc.)

PRC - C:\Programme\IBM\Messages By IBM\ibmmessages.exe (IBM)

PRC - C:\Programme\Gemeinsame Dateien\InstallShield\UpdateService\issch.exe (InstallShield Software Corporation)

PRC - C:\Programme\Sony Ericsson\Mobile\Connectivity Pack\ConnMngMntBox.exe (Symbian Ltd.)

PRC - c:\Programme\Intuwave Ltd\Shared\mRouterRunTime\mRouterRuntime.exe (Intuwave Ltd.)

PRC - C:\Program Files\Digital Line Detect\DLG.exe (BVRP Software)

PRC - C:\Programme\Palm\Handspring\HOTSYNC.EXE (Palm, Inc.)

PRC - C:\WINDOWS\system32\TpScrLk.exe ()

PRC - C:\WINDOWS\system32\spool\drivers\w32x86\2\fpdisp4.exe (FinePrint Software, LLC)

PRC - C:\WINDOWS\system32\TaskSwitch.exe ()

PRC - C:\WINDOWS\tppaldr.exe (In-System Design, Inc.)

PRC - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Works Shared\WkCalRem.exe (Microsoft® Corporation)

PRC - C:\Programme\EPSON\SMART PANEL\SmaPanel.exe (NewSoft)

 

 
 ========== Modules (SafeList) ==========

 

MOD - E:\Software\Ab 17.04.2009\Download\Sicherheit\OTL.exe (OldTimer Tools)

MOD - C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Real\RealPlayer\BrowserRecordPlugin\Chrome\Hook\rpchromebrowserrecordhelper.dll ()

MOD - C:\WINDOWS\system32\msvcr71.dll (Microsoft Corporation)

MOD - C:\WINDOWS\system32\msscript.ocx (Microsoft Corporation)

MOD - C:\WINDOWS\system32\BtMmHook.dll (Broadcom Corporation.)

MOD - C:\Programme\Gemeinsame Dateien\logishrd\LVMVFM\LVPrcInj.dll (Logitech Inc.)

MOD - C:\WINDOWS\system32\msvcp71.dll (Microsoft Corporation)

 

 
 ========== Win32 Services (SafeList) ==========

 

 
 ========== Driver Services (SafeList) ==========

 

 
 ========== Standard Registry (SafeList) ==========

 

 
 ========== Internet Explorer ==========

 

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm

 

 

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

 

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

 

 

 

IE - HKU\S-1-5-21-999901472-3601035388-3065584919-1005\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

 
 ========== FireFox ==========

 

FF - prefs.js..browser.search.openintab: true

FF - prefs.js..browser.search.selectedEngine: "LEO de<->en"

FF - prefs.js..browser.search.useDBForOrder: true

FF - prefs.js..browser.startup.homepage: "hxxp://www.taz.de/|hxxp://www.oya-online.de/"

FF - prefs.js..extensions.enabledItems: en-GB@dictionaries.addons.mozilla.org:1.19

FF - prefs.js..extensions.enabledItems: {e1170235-2845-420c-acc3-42261a29dd46}:4.0.1

FF - prefs.js..extensions.enabledItems: pt-PT@dictionaries.addons.mozilla.org:9.10.13.6

FF - prefs.js..extensions.enabledItems: es-es@dictionaries.addons.mozilla.org:1.3.1

FF - prefs.js..extensions.enabledItems: {a0faa0a4-f1a7-4098-9a74-21efc3a92372}:4.0.0

FF - prefs.js..extensions.enabledItems: it-IT@dictionaries.addons.mozilla.org:3.1

FF - prefs.js..extensions.enabledItems: {DDC359D1-844A-42a7-9AA1-88A850A938A8}:1.1.10

FF - prefs.js..extensions.enabledItems: {D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}:0.9.7.1

FF - prefs.js..extensions.enabledItems: fb_add_on@avm.de:1.5.5

FF - prefs.js..extensions.enabledItems: {a7c6cf7f-112c-4500-a7ea-39801a327e5f}:1.0.9

FF - prefs.js..extensions.enabledItems: {0b457cAA-602d-484a-8fe7-c1d894a011ba}:0.85

FF - prefs.js..extensions.enabledItems: firebug@software.joehewitt.com:1.5.4

FF - prefs.js..extensions.enabledItems: {0538E3E3-7E9B-4d49-8831-A227C80A7AD3}:2.0.2

FF - prefs.js..extensions.enabledItems: {e4a8a97b-f2ed-450b-b12d-ee082ba24781}:0.8.20100408.6

FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0

FF - prefs.js..extensions.enabledItems: {28FAD68E-4001-48d5-B994-68069F7CFB1D}:0.4.7

FF - prefs.js..extensions.enabledItems: pagecompare_abk0680@yahoo.com:1.5

FF - prefs.js..extensions.enabledItems: {B17C1C5A-04B1-11DB-9804-B622A1EF5492}:1.2.1

FF - prefs.js..extensions.enabledItems: savecomplete@perlprogrammer.com:1.0.1

FF - prefs.js..extensions.enabledItems: {53A03D43-5363-4669-8190-99061B2DEBA5}:1.3.7

FF - prefs.js..extensions.enabledItems: {02450954-cdd9-410f-b1da-db804e18c671}:0.96.3

FF - prefs.js..extensions.enabledItems: {29c4afe1-db19-4298-8785-fcc94d1d6c1d}:0.6.2009110501

FF - prefs.js..extensions.enabledItems: {dc572301-7619-498c-a57d-39143191b318}:0.3.8.4

FF - prefs.js..extensions.enabledItems: tsvnmenu@pumacode.org:0.2.5

FF - prefs.js..extensions.enabledItems: {139a120b-c2ea-41d2-bf70-542d9f063dfd}:2.03.3

FF - prefs.js..extensions.enabledItems: {eecba28f-b68b-4b3a-b501-6ce12e6b8696}:0.7.2

FF - prefs.js..extensions.enabledItems: {c45c406e-ab73-11d8-be73-000a95be3b12}:1.1.8

FF - prefs.js..extensions.enabledItems: {ABDE892B-13A8-4d1b-88E6-365A6E755758}:1.1.5

FF - prefs.js..extensions.enabledItems: ietab@ip.cn:1.94.20100904

FF - prefs.js..extensions.enabledItems: metatags@porton.ex-code.com:2.3.5.2

FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21

FF - prefs.js..extensions.enabledItems: {398e77b8-2304-11dc-8314-0800200c9a66}:0.3.13

FF - prefs.js..extensions.enabledItems: de_DE@dicts.j3e.de:20100720

FF - prefs.js..extensions.enabledItems: fr-moderne@dictionaries.addons.mozilla.org:3.8

 

 

FF - HKLM\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2010.09.07 00:35:46 | 000,000,000 | ---D | M]

FF - HKLM\software\mozilla\Mozilla Firefox 3.6.10\extensions\\Components: C:\Programme\Mozilla\Firefox\components [2010.09.17 12:18:07 | 000,000,000 | ---D | M]

FF - HKLM\software\mozilla\Mozilla Firefox 3.6.10\extensions\\Plugins: C:\Programme\Mozilla\Firefox\plugins [2010.09.17 12:24:17 | 000,000,000 | ---D | M]

FF - HKLM\software\mozilla\Mozilla Thunderbird 3.1.4\extensions\\Components: C:\Programme\Mozilla Thunderbird\components [2010.09.17 12:18:07 | 000,000,000 | ---D | M]

FF - HKLM\software\mozilla\Mozilla Thunderbird 3.1.4\extensions\\Plugins: C:\Programme\Mozilla Thunderbird\plugins

 

[2010.01.19 19:43:44 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Extensions

[2010.01.19 19:43:44 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}

[2010.10.01 13:39:51 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Firefox\Profiles\dv1sjd5g.default\extensions

[2010.03.28 01:15:31 | 000,000,000 | ---D | M] (Screengrab) -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Firefox\Profiles\dv1sjd5g.default\extensions\{02450954-cdd9-410f-b1da-db804e18c671}

[2010.10.01 13:39:51 | 000,000,000 | ---D | M] (Forecastfox Weather) -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Firefox\Profiles\dv1sjd5g.default\extensions\{0538E3E3-7E9B-4d49-8831-A227C80A7AD3}

[2010.08.18 22:54:02 | 000,000,000 | ---D | M] (FireShot) -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Firefox\Profiles\dv1sjd5g.default\extensions\{0b457cAA-602d-484a-8fe7-c1d894a011ba}

[2009.11.04 11:06:03 | 000,000,000 | ---D | M] (URL Link) -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Firefox\Profiles\dv1sjd5g.default\extensions\{139a120b-c2ea-41d2-bf70-542d9f063dfd}

[2007.03.31 01:03:40 | 000,000,000 | ---D | M] (FlashGot) -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Firefox\Profiles\dv1sjd5g.default\extensions\{19503e42-ca3c-4c27-b1e2-9cdb2170ee34}(2)

[2008.03.13 21:48:21 | 000,000,000 | ---D | M] (Image Zoom) -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Firefox\Profiles\dv1sjd5g.default\extensions\{1A2D0EC4-75F5-4c91-89C4-3656F6E44B68}(2)

[2010.04.30 19:39:30 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Firefox\Profiles\dv1sjd5g.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}

[2010.01.29 15:55:11 | 000,000,000 | ---D | M] (MouseZoom) -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Firefox\Profiles\dv1sjd5g.default\extensions\{28FAD68E-4001-48d5-B994-68069F7CFB1D}

[2009.11.12 19:20:16 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Firefox\Profiles\dv1sjd5g.default\extensions\{29c4afe1-db19-4298-8785-fcc94d1d6c1d}

[2010.09.08 12:27:24 | 000,000,000 | ---D | M] (Minimap Addon) -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Firefox\Profiles\dv1sjd5g.default\extensions\{398e77b8-2304-11dc-8314-0800200c9a66}

[2010.03.28 01:15:33 | 000,000,000 | ---D | M] (ScrapBook) -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Firefox\Profiles\dv1sjd5g.default\extensions\{53A03D43-5363-4669-8190-99061B2DEBA5}

[2008.10.10 23:42:45 | 000,000,000 | ---D | M] (NoScript) -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Firefox\Profiles\dv1sjd5g.default\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}(2)

[2010.08.12 23:42:20 | 000,000,000 | ---D | M] (DictionarySearch) -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Firefox\Profiles\dv1sjd5g.default\extensions\{a0faa0a4-f1a7-4098-9a74-21efc3a92372}

[2008.03.02 22:09:45 | 000,000,000 | ---D | M] (DictionarySearch) -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Firefox\Profiles\dv1sjd5g.default\extensions\{a0faa0a4-f1a7-4098-9a74-21efc3a92372}(2)

[2010.06.07 15:22:21 | 000,000,000 | ---D | M] (FireFTP) -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Firefox\Profiles\dv1sjd5g.default\extensions\{a7c6cf7f-112c-4500-a7ea-39801a327e5f}

[2010.09.01 13:54:51 | 000,000,000 | ---D | M] (Password Exporter) -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Firefox\Profiles\dv1sjd5g.default\extensions\{B17C1C5A-04B1-11DB-9804-B622A1EF5492}

[2008.03.13 21:48:20 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Firefox\Profiles\dv1sjd5g.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}(2)

[2010.03.12 18:02:26 | 000,000,000 | ---D | M] (Web Developer) -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Firefox\Profiles\dv1sjd5g.default\extensions\{c45c406e-ab73-11d8-be73-000a95be3b12}

[2010.09.01 13:54:50 | 000,000,000 | ---D | M] (Download Statusbar) -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Firefox\Profiles\dv1sjd5g.default\extensions\{D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}

[2010.06.23 19:06:15 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Firefox\Profiles\dv1sjd5g.default\extensions\{dc572301-7619-498c-a57d-39143191b318}

[2008.10.10 23:42:43 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Firefox\Profiles\dv1sjd5g.default\extensions\{dc572301-7619-498c-a57d-39143191b318}(2)

[2010.06.07 15:22:23 | 000,000,000 | ---D | M] (DownThemAll!) -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Firefox\Profiles\dv1sjd5g.default\extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}

[2010.01.23 20:58:38 | 000,000,000 | ---D | M] (Clipmarks) -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Firefox\Profiles\dv1sjd5g.default\extensions\{e1170235-2845-420c-acc3-42261a29dd46}

[2010.04.09 17:27:54 | 000,000,000 | ---D | M] (Greasemonkey) -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Firefox\Profiles\dv1sjd5g.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}

[2010.08.18 22:54:05 | 000,000,000 | ---D | M] (ViewSourceWith) -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Firefox\Profiles\dv1sjd5g.default\extensions\{eecba28f-b68b-4b3a-b501-6ce12e6b8696}

[2010.09.08 17:56:48 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Firefox\Profiles\dv1sjd5g.default\extensions\de_DE@dicts.j3e.de

[2010.02.19 13:03:13 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Firefox\Profiles\dv1sjd5g.default\extensions\de-DE@dictionaries.addons.mozilla.org

[2007.10.23 10:03:51 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Firefox\Profiles\dv1sjd5g.default\extensions\en-GB@dictionaries.addons.mozilla.org

[2008.03.13 21:48:21 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Firefox\Profiles\dv1sjd5g.default\extensions\en-US@dictionaries.addons.mozilla(2).org

[2010.10.01 13:39:51 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Firefox\Profiles\dv1sjd5g.default\extensions\es-es@dictionaries.addons.mozilla.org

[2010.01.14 21:47:19 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Firefox\Profiles\dv1sjd5g.default\extensions\fb_add_on@avm.de

[2010.05.07 13:38:37 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Firefox\Profiles\dv1sjd5g.default\extensions\firebug@software.joehewitt.com

[2010.02.10 22:21:17 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Firefox\Profiles\dv1sjd5g.default\extensions\fr-FR@dictionaries.addons.mozilla.org

[2010.09.08 17:56:48 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Firefox\Profiles\dv1sjd5g.default\extensions\fr-moderne@dictionaries.addons.mozilla.org

[2010.09.16 14:28:31 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Firefox\Profiles\dv1sjd5g.default\extensions\ietab@ip.cn

[2007.10.23 10:03:52 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Firefox\Profiles\dv1sjd5g.default\extensions\it-IT@dictionaries.addons.mozilla.org

[2010.09.06 22:42:48 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Firefox\Profiles\dv1sjd5g.default\extensions\metatags@porton.ex-code.com

[2010.01.29 15:55:11 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Firefox\Profiles\dv1sjd5g.default\extensions\pagecompare_abk0680@yahoo.com

[2010.09.24 19:14:46 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Firefox\Profiles\dv1sjd5g.default\extensions\pt-PT@dictionaries.addons.mozilla.org

[2009.04.11 23:26:34 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Firefox\Profiles\dv1sjd5g.default\extensions\savecomplete@perlprogrammer.com

[2006.12.11 16:37:49 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Firefox\Profiles\dv1sjd5g.default\extensions\temp

[2010.02.10 22:21:16 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Firefox\Profiles\dv1sjd5g.default\extensions\tsvnmenu@pumacode.org

[2010.09.24 19:25:08 | 000,001,089 | ---- | M] () -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Firefox\Profiles\dv1sjd5g.default\searchplugins\astalavista.xml

[2010.03.05 17:18:24 | 000,002,058 | ---- | M] () -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Firefox\Profiles\dv1sjd5g.default\searchplugins\astalavistams.xml

[2006.11.17 20:43:24 | 000,002,088 | ---- | M] () -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Firefox\Profiles\dv1sjd5g.default\searchplugins\flickr-tags.xml

[2009.07.02 10:25:13 | 000,001,157 | ---- | M] () -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Firefox\Profiles\dv1sjd5g.default\searchplugins\freedict.xml

[2008.05.27 10:18:53 | 000,002,161 | ---- | M] () -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Firefox\Profiles\dv1sjd5g.default\searchplugins\google-deutschland.xml

[2006.11.17 20:45:13 | 000,001,679 | ---- | M] () -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Firefox\Profiles\dv1sjd5g.default\searchplugins\imdb.xml

[2010.09.24 19:25:08 | 000,002,008 | ---- | M] () -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Firefox\Profiles\dv1sjd5g.default\searchplugins\leo-de-en.xml

[2010.09.24 19:25:08 | 000,002,016 | ---- | M] () -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Firefox\Profiles\dv1sjd5g.default\searchplugins\leo-de-es.xml

[2010.09.24 19:25:08 | 000,002,020 | ---- | M] () -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Firefox\Profiles\dv1sjd5g.default\searchplugins\leo-de-fr.xml

[2008.06.03 11:49:07 | 000,001,082 | ---- | M] () -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Firefox\Profiles\dv1sjd5g.default\searchplugins\lonely-planet-online.xml

[2010.09.24 19:25:08 | 000,001,481 | ---- | M] () -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Firefox\Profiles\dv1sjd5g.default\searchplugins\map24de.xml

[2008.06.03 11:49:06 | 000,001,317 | ---- | M] () -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Firefox\Profiles\dv1sjd5g.default\searchplugins\wikipedia-en.xml

[2010.08.15 16:04:13 | 000,004,140 | ---- | M] () -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Firefox\Profiles\dv1sjd5g.default\searchplugins\youtube.xml

 

O1 HOSTS File: ([2004.08.04 05:00:00 | 000,000,820 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts

O1 - Hosts: 127.0.0.1       localhost

O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)

O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)

O2 - BHO: (DriveLetterAccess) - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\DLASHX_W.DLL (Sonic Solutions)

O2 - BHO: (no name) - {BDF3E430-B101-42AD-A544-FADC6B084872} - No CLSID value found.

O3 - HKU\S-1-5-21-999901472-3601035388-3065584919-1005\..\Toolbar\ShellBrowser: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No CLSID value found.

O4 - HKLM..\Run: []  File not found

O4 - HKLM..\Run: [ACTray] C:\Programme\ThinkPad\ConnectUtilities\ACTray.exe (Lenovo )

O4 - HKLM..\Run: [ACWLIcon] C:\Programme\ThinkPad\ConnectUtilities\ACWLIcon.exe (Lenovo )

O4 - HKLM..\Run: [Adobe ARM] C:\Programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)

O4 - HKLM..\Run: [AppleSyncNotifier] C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe (Apple Inc.)

O4 - HKLM..\Run: [avast5] C:\Programme\Alwil Software\Avast5\avastUI.exe (AVAST Software)

O4 - HKLM..\Run: [BLOG] C:\Programme\ThinkPad\Utilities\BATLOGEX.DLL ()

O4 - HKLM..\Run: [BluetoothAuthenticationAgent] C:\WINDOWS\System32\bthprops.cpl (Microsoft Corporation)

O4 - HKLM..\Run: [CoolSwitch] C:\WINDOWS\system32\TaskSwitch.exe ()

O4 - HKLM..\Run: [DLA] C:\WINDOWS\system32\dla\DLACTRLW.EXE (Sonic Solutions)

O4 - HKLM..\Run: [EZEJMNAP] C:\Programme\ThinkPad\Utilities\EZEJMNAP.EXE (Lenovo Group Ltd.)

O4 - HKLM..\Run: [FinePrint Dispatcher v4] C:\WINDOWS\system32\spool\drivers\w32x86\2\fpdisp4.exe (FinePrint Software, LLC)

O4 - HKLM..\Run: [ibmmessages] C:\Programme\IBM\Messages By IBM\ibmmessages.exe (IBM)

O4 - HKLM..\Run: [IBMPRC] C:\IBMTOOLS\utils\ibmprc.exe (IBM Corp.)

O4 - HKLM..\Run: [ISUSPM Startup] C:\Programme\Gemeinsame Dateien\InstallShield\UpdateService\ISUSPM.exe (InstallShield Software Corporation)

O4 - HKLM..\Run: [ISUSScheduler] C:\Programme\Gemeinsame Dateien\InstallShield\UpdateService\issch.exe (InstallShield Software Corporation)

O4 - HKLM..\Run: [KernelFaultCheck]  File not found

O4 - HKLM..\Run: [LogitechCommunicationsManager] C:\Programme\Gemeinsame Dateien\LogiShrd\LComMgr\Communications_Helper.exe (Logitech Inc.)

O4 - HKLM..\Run: [LogitechQuickCamRibbon] C:\Programme\Logitech\QuickCam10\QuickCam10.exe ()

O4 - HKLM..\Run: [Message Center Plus] C:\Programme\LENOVO\Message Center Plus\MCPLaunch.exe ()

O4 - HKLM..\Run: [Microsoft Works Portfolio] C:\Programme\Microsoft Works\WksSb.exe (Microsoft® Corporation)

O4 - HKLM..\Run: [Microsoft Works Update Detection] C:\Programme\Gemeinsame Dateien\Microsoft Shared\Works Shared\WkUFind.exe (Microsoft® Corporation)

O4 - HKLM..\Run: [PWRMGRTR] C:\Programme\ThinkPad\Utilities\PWRMGRTR.DLL (Lenovo Group Limited)

O4 - HKLM..\Run: [RemoteControl] C:\Programme\Home Cinema\PowerDVD\PDVDServ.exe (Cyberlink Corp.)

O4 - HKLM..\Run: [SmcService] C:\Programme\Sygate\SPF\Smc.exe (Sygate Technologies, Inc.)

O4 - HKLM..\Run: [snp2std] C:\WINDOWS\vsnp2std.exe (Sonix)

O4 - HKLM..\Run: [SoundMAX] C:\Programme\Analog Devices\SoundMAX\Smax4.exe (Analog Devices, Inc.)

O4 - HKLM..\Run: [SoundMAXPnP] C:\Programme\Analog Devices\SoundMAX\SMax4PNP.exe (Analog Devices, Inc.)

O4 - HKLM..\Run: [StartCCC] C:\Programme\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)

O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)

O4 - HKLM..\Run: [SynTPLpr] C:\Programme\Synaptics\SynTP\SynTPLpr.exe (Synaptics Incorporated)

O4 - HKLM..\Run: [TkBellExe] C:\Programme\Gemeinsame Dateien\Real\Update_OB\realsched.exe (RealNetworks, Inc.)

O4 - HKLM..\Run: [TortoiseHgOverlayIconServer] C:\Programme\TortoiseHg\TortoiseHgOverlayServer.exe ()

O4 - HKLM..\Run: [TP4EX] C:\WINDOWS\System32\TP4EX.exe (Lenovo Group Limited)

O4 - HKLM..\Run: [TPHOTKEY] C:\Programme\Lenovo\HOTKEY\TPOSDSVC.exe (Lenovo Group Limited)

O4 - HKLM..\Run: [TPKBDLED] C:\WINDOWS\system32\TpScrLk.exe ()

O4 - HKLM..\Run: [TPKMAPHELPER] C:\Programme\ThinkPad\Utilities\TpKmapAp.exe (IBM Corp.)

O4 - HKLM..\Run: [TPP Auto Loader] C:\WINDOWS\tppaldr.exe (In-System Design, Inc.)

O4 - HKLM..\Run: [TpShocks] C:\WINDOWS\System32\TpShocks.exe (Lenovo.)

O4 - HKLM..\Run: [tsnp2std] C:\WINDOWS\tsnp2std.exe (SONIX)

O4 - HKLM..\Run: [TVT Scheduler Proxy] C:\Programme\Gemeinsame Dateien\Lenovo\Scheduler\scheduler_proxy.exe (Lenovo Group Limited)

O4 - HKU\S-1-5-21-999901472-3601035388-3065584919-1005..\Run: [AVMUSBFernanschluss] C:\Dokumente und Einstellungen\***\Lokale Einstellungen\Apps\2.0\CDYO31ZO.VG2\OEZVKJ02.55X\frit..tion_f8d772dfbb3f7453_0002.0001_0db5bf169ed5c0c1\AVMAutoStart.exe (AVM Berlin)

O4 - HKU\S-1-5-21-999901472-3601035388-3065584919-1005..\Run: [IBM RecordNow!] C:\Programme\IBM\Messages By IBM\ibmmessages.exe (IBM)

O4 - HKU\S-1-5-21-999901472-3601035388-3065584919-1005..\Run: [ibmmessages] C:\Programme\IBM\Messages By IBM\ibmmessages.exe (IBM)

O4 - HKU\S-1-5-21-999901472-3601035388-3065584919-1005..\Run: [Microsoft Works Update Detection] C:\Programme\Microsoft Works\WkDetect.exe File not found

O4 - HKU\.DEFAULT..\RunOnce: [IETI] C:\Programme\Skype\Phone\IEPlugin\unins000.exe File not found

O4 - HKU\.DEFAULT..\RunOnce: [WUAppSetup] C:\Programme\Gemeinsame Dateien\logishrd\WUApp32.exe -v 0x046d -p 0x08c3 -f video -m logitech -d 11.0.0.1217 File not found

O4 - HKU\S-1-5-18..\RunOnce: [IETI] C:\Programme\Skype\Phone\IEPlugin\unins000.exe File not found

O4 - HKU\S-1-5-18..\RunOnce: [WUAppSetup] C:\Programme\Gemeinsame Dateien\logishrd\WUApp32.exe -v 0x046d -p 0x08c3 -f video -m logitech -d 11.0.0.1217 File not found

O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\BTTray.lnk = C:\Programme\ThinkPad\Bluetooth Software\BTTray.exe (Broadcom Corporation.)

O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\Digital Line Detect.lnk = C:\Program Files\Digital Line Detect\DLG.exe (BVRP Software)

O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\EPSON SMART PANEL.lnk = C:\Programme\EPSON\SMART PANEL\SmaPanel.exe (NewSoft)

O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\EPSON Status Monitor 3 Environment Check.lnk = C:\WINDOWS\system32\spool\drivers\w32x86\3\E_SRCV03.EXE (SEIKO EPSON CORPORATION)

O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\Erinnerungen in Microsoft Works-Kalender.lnk = C:\Programme\Gemeinsame Dateien\Microsoft Shared\Works Shared\WkCalRem.exe (Microsoft® Corporation)

O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\Fax-Controller.lnk = C:\Programme\EPSON\SMART PANEL\faxicore.exe (NewSoft Technology Corporation)

O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\Telefonverbindungsmonitor.lnk = C:\Programme\Sony Ericsson\Mobile\audevicemgr.exe (Teleca Software Solutions AB)

O4 - Startup: C:\Dokumente und Einstellungen\***\Startmenü\Programme\Autostart\FRITZ!DSL Protect.lnk = C:\Programme\FRITZ!DSL\FwebProt.exe (AVM Berlin)

O4 - Startup: C:\Dokumente und Einstellungen\***\Startmenü\Programme\Autostart\FRITZ!DSL Startcenter.lnk = C:\Programme\FRITZ!DSL\StCenter.exe (AVM Berlin)

O4 - Startup: C:\Dokumente und Einstellungen\***\Startmenü\Programme\Autostart\HotSync Manager.lnk = C:\Programme\Palm\Handspring\HOTSYNC.EXE (Palm, Inc.)

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0

O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 91 00 00 00  [binary data]

O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 91 00 00 00  [binary data]

O7 - HKU\S-1-5-21-999901472-3601035388-3065584919-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145

O8 - Extra context menu item: Senden an &Bluetooth-Gerät... - C:\Programme\ThinkPad\Bluetooth Software\btsendto_ie_ctx.htm ()

O8 - Extra context menu item: Senden an Bluetooth - C:\Programme\ThinkPad\Bluetooth Software\btsendto_ie.htm ()

O9 - Extra Button: Run WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Programme\WinHTTrack\WinHTTrackIEBar.dll ()

O9 - Extra 'Tools' menuitem : Launch WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Programme\WinHTTrack\WinHTTrackIEBar.dll ()

O9 - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\ThinkPad\Bluetooth Software\btsendto_ie.htm ()

O9 - Extra 'Tools' menuitem : @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\ThinkPad\Bluetooth Software\btsendto_ie.htm ()

O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Programme\FRITZ!DSL\\sarah.dll ()

O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Programme\FRITZ!DSL\sarah.dll (AVM Berlin)

O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Programme\FRITZ!DSL\sarah.dll (AVM Berlin)

O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Programme\FRITZ!DSL\sarah.dll (AVM Berlin)

O10 - Protocol_Catalog9\Catalog_Entries\000000000037 - C:\Programme\FRITZ!DSL\sarah.dll (AVM Berlin)

O15 - HKU\S-1-5-21-999901472-3601035388-3065584919-1005\..Trusted Domains: fritz.box ([]* in Lokales Intranet)

O15 - HKU\S-1-5-21-999901472-3601035388-3065584919-1005\..Trusted Ranges: Range1 ([*] in Lokales Intranet)

O16 - DPF: {106E49CF-797A-11D2-81A2-00E02C015623} hxxp://www.alternatiff.com/install-ie/alttiff.cab (AlternaTIFF ActiveX)

O16 - DPF: {15A7CF10-CB3E-4265-8779-9FD22619E8ED} hxxp://192.168.1.205/XPanel.cab (XPanel Class)

O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} hxxp://go.microsoft.com/fwlink/?linkid=39204 (Windows Genuine Advantage Validation Tool)

O16 - DPF: {2DAD3559-2923-4935-AD49-B673D2539944} hxxp://www-307.ibm.com/pc/support/acpir.cab (IASRunner Class)

O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} hxxp://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1164927521531 (MUWebControl Class)

O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)

O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} hxxp://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab (Reg Error: Key error.)

O16 - DPF: {CAFEEFAC-0014-0002-0000-ABCDEFFEDCBA} hxxp://java.sun.com/products/plugin/1.4.2/jinstall-142-win.cab (Reg Error: Key error.)

O16 - DPF: {CAFEEFAC-0015-0000-0010-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_10-windows-i586.cab (Reg Error: Key error.)

O16 - DPF: {CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0-windows-i586.cab (Reg Error: Key error.)

O16 - DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)

O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)

O16 - DPF: {F74959B0-1779-472E-BE6E-3023E1DBEC73} hxxp://192.168.1.205/XInit.cab (Reg Error: Key error.)

O16 - DPF: Microsoft XML Parser for Java file://C:\WINDOWS\Java\classes\xmldso.cab (Reg Error: Key error.)

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1

O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll (Microsoft Corporation)

O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll (Microsoft Corporation)

O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll (Microsoft Corporation)

O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll (Microsoft Corporation)

O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll (Microsoft Corporation)

O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll (Microsoft Corporation)

O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll (Microsoft Corporation)

O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)

O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Gemeinsame Dateien\Skype\Skype4COM.dll (Skype Technologies)

O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)

O20 - Winlogon\Notify\ACNotify: DllName - ACNotify.dll - C:\Programme\ThinkPad\ConnectUtilities\ACNotify.dll (Lenovo )

O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)

O20 - Winlogon\Notify\tpfnf2: DllName - C:\Programme\Lenovo\HOTKEY\notifyf2.dll - C:\Programme\Lenovo\HOTKEY\notifyf2.dll ()

O20 - Winlogon\Notify\tphotkey: DllName - C:\Programme\Lenovo\HOTKEY\tphklock.dll - C:\Programme\Lenovo\HOTKEY\tphklock.dll ()

O24 - Desktop Components:0 (Die derzeitige Homepage) - About:Home

O24 - Desktop WallPaper: C:\Dokumente und Einstellungen\***\Lokale Einstellungen\Anwendungsdaten\Microsoft\Wallpaper1.bmp

O24 - Desktop BackupWallPaper: C:\Dokumente und Einstellungen\***\Lokale Einstellungen\Anwendungsdaten\Microsoft\Wallpaper1.bmp

O32 - HKLM CDRom: AutoRun - 1

O32 - AutoRun File - [2006.09.27 10:02:05 | 000,000,000 | -H-- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]

O32 - AutoRun File - [2003.10.20 15:35:04 | 000,000,042 | ---- | M] () - F:\autoexec.rod -- [ FAT32 ]

O32 - AutoRun File - [2003.10.20 15:35:04 | 000,000,042 | ---- | M] () - F:\AUTOEXEC.BAT -- [ FAT32 ]

O32 - AutoRun File - [2003.10.20 15:35:04 | 000,000,042 | ---- | M] () - F:\AUTOEXEC.ICR -- [ FAT32 ]

O32 - AutoRun File - [2003.10.20 15:35:04 | 000,000,042 | ---- | M] () - G:\autoexec.rod -- [ FAT32 ]

O32 - AutoRun File - [2003.10.20 15:35:04 | 000,000,042 | ---- | M] () - G:\AUTOEXEC.BAT -- [ FAT32 ]

O32 - AutoRun File - [2003.10.20 15:35:04 | 000,000,042 | ---- | M] () - G:\AUTOEXEC.ICR -- [ FAT32 ]

O33 - MountPoints2\{12570190-b56a-11dc-ab3d-000e9bda3b35}\Shell - "" = AutoRun

O33 - MountPoints2\{12570190-b56a-11dc-ab3d-000e9bda3b35}\Shell\AutoRun - "" = Auto&Play

O33 - MountPoints2\{12570190-b56a-11dc-ab3d-000e9bda3b35}\Shell\AutoRun\command - "" = F:\pushinst.exe -- File not found

O33 - MountPoints2\{91a2d536-d712-11db-aaea-000e9bda3b35}\Shell - "" = AutoRun

O33 - MountPoints2\{91a2d536-d712-11db-aaea-000e9bda3b35}\Shell\AutoRun - "" = Auto&Play

O33 - MountPoints2\{91a2d536-d712-11db-aaea-000e9bda3b35}\Shell\AutoRun\command - "" = F:\LaunchU3.exe -- File not found

O33 - MountPoints2\{91a2d537-d712-11db-aaea-000e9bda3b35}\Shell\AutoRun\command - "" = G:\PortableApps\PortableAppsMenu\PortableAppsMenu.exe -- File not found

O33 - MountPoints2\{f4f57244-35da-11de-9605-00505b002aa8}\Shell - "" = AutoRun

O33 - MountPoints2\{f4f57244-35da-11de-9605-00505b002aa8}\Shell\AutoRun - "" = Auto&Play

O33 - MountPoints2\{f4f57244-35da-11de-9605-00505b002aa8}\Shell\AutoRun\command - "" = H:\LaunchU3.exe -- File not found

O34 - HKLM BootExecute: (autocheck autochk *) -  File not found

O34 - HKLM BootExecute: (pgdfgsvc c 1) - C:\WINDOWS\System32\pgdfgsvc.exe (Sysinternals - www.sysinternals.com)

O34 - HKLM BootExecute: (lsdelete) - C:\WINDOWS\System32\lsdelete.exe ()

O35 - HKLM\..comfile [open] -- "%1" %*

O35 - HKLM\..exefile [open] -- "%1" %*

O37 - HKLM\...com [@ = comfile] -- "%1" %*

O37 - HKLM\...exe [@ = exefile] -- "%1" %*

 
 ========== Files/Folders - Created Within 30 Days ==========

 

[2010.09.16 18:36:50 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Malwarebytes

[2010.09.16 18:36:33 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys

[2010.09.16 18:36:31 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys

[2010.09.16 18:36:31 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Malwarebytes

[2010.09.16 18:36:30 | 000,000,000 | ---D | C] -- C:\Programme\Malwarebytes' Anti-Malware

[2010.09.09 01:36:21 | 000,165,584 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSP.sys

[2010.09.09 01:36:21 | 000,017,744 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys

[2010.09.09 01:36:20 | 000,023,376 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys

[2010.09.09 01:36:19 | 000,046,672 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys

[2010.09.09 01:36:18 | 000,100,176 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys

[2010.09.09 01:36:18 | 000,094,544 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon.sys

[2010.09.09 01:36:17 | 000,028,880 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys

[2010.09.09 01:36:05 | 000,167,592 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\aswBoot.exe

[2010.09.09 01:36:05 | 000,038,848 | ---- | C] (AVAST Software) -- C:\WINDOWS\avastSS.scr

[2010.09.09 01:35:57 | 000,000,000 | ---D | C] -- C:\Programme\Alwil Software

[2010.09.09 01:35:57 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Alwil Software

[2010.09.08 11:17:46 | 000,094,208 | ---- | C] (Apple Inc.) -- C:\WINDOWS\System32\QuickTimeVR.qtx

[2010.09.08 11:17:46 | 000,069,632 | ---- | C] (Apple Inc.) -- C:\WINDOWS\System32\QuickTime.qts

[2010.09.07 00:34:37 | 000,000,000 | ---D | C] -- C:\Programme\Gemeinsame Dateien\xing shared

[2010.09.07 00:01:40 | 000,153,376 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe

[2010.09.07 00:01:40 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe

[2010.09.07 00:01:40 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe

[2007.12.13 22:41:16 | 000,151,552 | ---- | C] ( ) -- C:\WINDOWS\System32\rsnp2std.dll

[2007.12.13 22:41:14 | 000,077,824 | ---- | C] ( ) -- C:\WINDOWS\System32\csnp2std.dll

[2006.11.14 01:13:40 | 000,021,866 | ---- | C] (In-System Design, Inc.) -- C:\Programme\Gemeinsame Dateien\tppupd2k.dll

[2004.11.24 21:25:52 | 000,335,872 | ---- | C] ( ) -- C:\WINDOWS\System32\drvc.dll

[7 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

[4 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

 
 ========== Files - Modified Within 30 Days ==========

 

[2010.10.01 13:47:00 | 000,001,082 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job

[2010.09.30 22:49:19 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT

[2010.09.30 22:47:16 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat

[2010.09.30 22:47:06 | 2145,832,960 | -HS- | M] () -- C:\hiberfil.sys

[2010.09.30 20:31:58 | 000,000,300 | -HS- | M] () -- C:\Dokumente und Einstellungen\***\ntuser.ini

[2010.09.30 20:31:34 | 001,445,318 | -H-- | M] () -- C:\Dokumente und Einstellungen\***\Lokale Einstellungen\Anwendungsdaten\IconCache.db

[2010.09.30 20:09:02 | 000,000,276 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job

[2010.09.30 20:01:24 | 000,000,296 | ---- | M] () -- C:\WINDOWS\tasks\PMTask.job

[2010.09.30 20:00:58 | 000,002,278 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl

[2010.09.29 22:47:00 | 000,001,078 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job

[2010.09.29 10:09:09 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat

[2010.09.28 21:47:58 | 015,990,784 | ---- | M] () -- C:\Dokumente und Einstellungen\***\ntuser.dat

[2010.09.28 21:46:38 | 000,000,266 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-999901472-3601035388-3065584919-1005.job

[2010.09.28 21:46:37 | 000,000,274 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-999901472-3601035388-3065584919-1005.job

[2010.09.20 19:45:17 | 000,001,797 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Logitech QuickCam.lnk

[2010.09.15 23:05:35 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK

[2010.09.09 01:36:22 | 000,001,672 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\avast! Free Antivirus.lnk

[2010.09.09 01:36:18 | 000,003,002 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT

[2010.09.08 11:17:46 | 000,094,208 | ---- | M] (Apple Inc.) -- C:\WINDOWS\System32\QuickTimeVR.qtx

[2010.09.08 11:17:46 | 000,069,632 | ---- | M] (Apple Inc.) -- C:\WINDOWS\System32\QuickTime.qts

[2010.09.07 17:12:17 | 000,038,848 | ---- | M] (AVAST Software) -- C:\WINDOWS\avastSS.scr

[2010.09.07 17:11:54 | 000,167,592 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\aswBoot.exe

[2010.09.07 16:52:25 | 000,046,672 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys

[2010.09.07 16:52:03 | 000,165,584 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSP.sys

[2010.09.07 16:47:46 | 000,023,376 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys

[2010.09.07 16:47:19 | 000,100,176 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys

[2010.09.07 16:47:16 | 000,094,544 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon.sys

[2010.09.07 16:47:07 | 000,017,744 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys

[2010.09.07 16:46:51 | 000,028,880 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys

[2010.09.07 00:35:47 | 000,000,821 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\RealPlayer SP.lnk

[2010.09.07 00:35:17 | 000,185,920 | ---- | M] (RealNetworks, Inc.) -- C:\WINDOWS\System32\rmoc3260.dll

[2010.09.07 00:34:54 | 000,006,656 | ---- | M] (RealNetworks, Inc.) -- C:\WINDOWS\System32\pndx5016.dll

[2010.09.07 00:34:54 | 000,005,632 | ---- | M] (RealNetworks, Inc.) -- C:\WINDOWS\System32\pndx5032.dll

[2010.09.07 00:33:10 | 000,278,528 | ---- | M] (Real Networks, Inc) -- C:\WINDOWS\System32\pncrt.dll

[2010.09.07 00:10:45 | 000,001,717 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Adobe Reader 9.lnk

[2010.09.02 00:07:28 | 000,168,088 | ---- | M] () -- C:\Dokumente und Einstellungen\***\Lokale Einstellungen\Anwendungsdaten\GDIPFONTCACHEV1.DAT

[2010.09.02 00:04:08 | 000,505,008 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT

[2010.09.01 22:37:21 | 000,000,699 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\VLC media player.lnk

[7 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

[4 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

 
 ========== Files Created - No Company Name ==========

 

[2010.09.09 01:36:22 | 000,001,672 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\avast! Free Antivirus.lnk

[2010.09.07 00:35:47 | 000,000,821 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\RealPlayer SP.lnk

[2010.09.01 22:37:21 | 000,000,699 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\VLC media player.lnk

[2010.04.13 21:40:03 | 000,014,848 | ---- | C] () -- C:\WINDOWS\System32\EuEpmGdi.dll

[2010.04.13 21:40:03 | 000,013,192 | ---- | C] () -- C:\WINDOWS\System32\epmntdrv.sys

[2010.04.13 21:40:03 | 000,008,456 | ---- | C] () -- C:\WINDOWS\System32\EuGdiDrv.sys

[2010.04.12 01:17:54 | 000,000,600 | ---- | C] () -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\winscp.rnd

[2009.10.21 03:54:22 | 000,007,168 | ---- | C] () -- C:\WINDOWS\System32\drivers\StarOpen.sys

[2009.10.17 01:55:02 | 000,000,000 | ---- | C] () -- C:\WINDOWS\QuickInstall.INI

[2009.10.06 09:11:50 | 000,091,648 | ---- | C] () -- C:\WINDOWS\System32\lua5.1a.dll

[2009.04.11 21:25:54 | 000,721,904 | ---- | C] () -- C:\WINDOWS\System32\drivers\sptd.sys

[2008.12.19 18:51:56 | 000,000,734 | ---- | C] () -- C:\WINDOWS\wiso.ini

[2008.11.19 17:39:26 | 000,000,011 | ---- | C] () -- C:\WINDOWS\cmvpt32.ini

[2008.11.19 17:38:46 | 000,884,736 | ---- | C] () -- C:\WINDOWS\System32\libeay32.dll

[2008.11.19 17:38:46 | 000,163,840 | ---- | C] () -- C:\WINDOWS\System32\SSLeay32.dll

[2008.11.19 10:53:59 | 000,109,568 | ---- | C] () -- C:\WINDOWS\System32\GCL52FW.DLL

[2008.11.19 10:48:43 | 000,204,800 | ---- | C] () -- C:\WINDOWS\System32\Cmpnl32.dll

[2008.11.19 10:48:43 | 000,118,784 | ---- | C] () -- C:\WINDOWS\System32\GCL52FWZ.DLL

[2008.11.19 10:48:42 | 000,102,400 | ---- | C] () -- C:\WINDOWS\System32\CMUpdate.dll

[2008.03.20 23:39:08 | 000,000,030 | ---- | C] () -- C:\Programme\Exiferupdate.ini

[2008.03.03 00:55:21 | 000,661,504 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll

[2008.03.03 00:55:21 | 000,221,184 | ---- | C] () -- C:\WINDOWS\System32\ff_kernelDeint.dll

[2008.03.03 00:55:21 | 000,200,704 | ---- | C] () -- C:\WINDOWS\System32\TomsMoComp_ff.dll

[2008.03.03 00:55:21 | 000,126,976 | ---- | C] () -- C:\WINDOWS\System32\libmpeg2_ff.dll

[2008.03.03 00:55:21 | 000,006,656 | ---- | C] () -- C:\WINDOWS\System32\ffavisynth.dll

[2008.03.03 00:55:20 | 000,397,312 | ---- | C] () -- C:\WINDOWS\System32\ff_libfaad2.dll

[2008.03.03 00:55:20 | 000,172,032 | ---- | C] () -- C:\WINDOWS\System32\ff_libdts.dll

[2008.03.03 00:55:20 | 000,143,360 | ---- | C] () -- C:\WINDOWS\System32\ff_libmad.dll

[2008.03.03 00:55:20 | 000,135,168 | ---- | C] () -- C:\WINDOWS\System32\ff_samplerate.dll

[2008.03.03 00:55:20 | 000,118,784 | ---- | C] () -- C:\WINDOWS\System32\ff_realaac.dll

[2008.03.03 00:55:20 | 000,102,912 | ---- | C] () -- C:\WINDOWS\System32\ff_tremor.dll

[2008.03.03 00:55:20 | 000,056,832 | ---- | C] () -- C:\WINDOWS\System32\ff_unrar.dll

[2008.03.03 00:55:20 | 000,054,784 | ---- | C] () -- C:\WINDOWS\System32\ff_liba52.dll

[2008.02.14 14:55:42 | 000,000,032 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\ezsid.dat

[2008.01.14 20:50:44 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\ZSubTimer.dll

[2008.01.10 13:40:29 | 000,015,360 | ---- | C] () -- C:\WINDOWS\System32\evntmsg.dll

[2008.01.04 16:13:58 | 000,073,728 | ---- | C] () -- C:\WINDOWS\System32\DEVMAN.DLL

[2007.12.24 13:47:52 | 000,007,680 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll

[2007.12.24 13:40:26 | 000,405,504 | ---- | C] () -- C:\WINDOWS\System32\libmplayer.dll

[2007.12.23 14:00:00 | 000,147,456 | ---- | C] () -- C:\WINDOWS\System32\Merge7z444.dll

[2007.12.23 14:00:00 | 000,147,456 | ---- | C] () -- C:\WINDOWS\System32\Merge7z443.dll

[2007.12.23 14:00:00 | 000,147,456 | ---- | C] () -- C:\WINDOWS\System32\Merge7z442.dll

[2007.12.23 14:00:00 | 000,147,456 | ---- | C] () -- C:\WINDOWS\System32\Merge7z440.dll

[2007.12.23 14:00:00 | 000,147,456 | ---- | C] () -- C:\WINDOWS\System32\Merge7z439.dll

[2007.12.23 14:00:00 | 000,147,456 | ---- | C] () -- C:\WINDOWS\System32\Merge7z438.dll

[2007.12.23 14:00:00 | 000,147,456 | ---- | C] () -- C:\WINDOWS\System32\Merge7z437.dll

[2007.12.23 14:00:00 | 000,147,456 | ---- | C] () -- C:\WINDOWS\System32\Merge7z436.dll

[2007.12.23 14:00:00 | 000,147,456 | ---- | C] () -- C:\WINDOWS\System32\Merge7z435.dll

[2007.12.23 14:00:00 | 000,147,456 | ---- | C] () -- C:\WINDOWS\System32\Merge7z434.dll

[2007.12.23 14:00:00 | 000,147,456 | ---- | C] () -- C:\WINDOWS\System32\Merge7z433.dll

[2007.12.23 14:00:00 | 000,147,456 | ---- | C] () -- C:\WINDOWS\System32\Merge7z432.dll

[2007.12.23 14:00:00 | 000,143,360 | ---- | C] () -- C:\WINDOWS\System32\Merge7z444U.dll

[2007.12.23 14:00:00 | 000,143,360 | ---- | C] () -- C:\WINDOWS\System32\Merge7z443U.dll

[2007.12.23 14:00:00 | 000,143,360 | ---- | C] () -- C:\WINDOWS\System32\Merge7z442U.dll

[2007.12.23 14:00:00 | 000,143,360 | ---- | C] () -- C:\WINDOWS\System32\Merge7z440U.dll

[2007.12.23 14:00:00 | 000,143,360 | ---- | C] () -- C:\WINDOWS\System32\Merge7z439U.dll

[2007.12.23 14:00:00 | 000,143,360 | ---- | C] () -- C:\WINDOWS\System32\Merge7z438U.dll

[2007.12.23 14:00:00 | 000,143,360 | ---- | C] () -- C:\WINDOWS\System32\Merge7z437U.dll

[2007.12.23 14:00:00 | 000,143,360 | ---- | C] () -- C:\WINDOWS\System32\Merge7z436U.dll

[2007.12.23 14:00:00 | 000,143,360 | ---- | C] () -- C:\WINDOWS\System32\Merge7z435U.dll

[2007.12.23 14:00:00 | 000,143,360 | ---- | C] () -- C:\WINDOWS\System32\Merge7z434U.dll

[2007.12.23 14:00:00 | 000,143,360 | ---- | C] () -- C:\WINDOWS\System32\Merge7z433U.dll

[2007.12.23 14:00:00 | 000,143,360 | ---- | C] () -- C:\WINDOWS\System32\Merge7z432U.dll

[2007.12.22 22:02:50 | 000,188,416 | ---- | C] () -- C:\WINDOWS\System32\ff_theora.dll

[2007.12.22 21:27:22 | 003,138,048 | ---- | C] () -- C:\WINDOWS\System32\libavcodec.dll

[2007.12.13 22:41:22 | 000,015,497 | ---- | C] () -- C:\WINDOWS\snp2std.ini

[2007.12.13 22:41:20 | 000,025,472 | ---- | C] () -- C:\WINDOWS\System32\drivers\sncamd.sys

[2007.12.13 22:41:19 | 012,039,552 | ---- | C] () -- C:\WINDOWS\System32\drivers\snp2sxp.sys

[2007.12.13 19:18:03 | 000,000,719 | R--- | C] () -- C:\WINDOWS\System32\InstExec.ini

[2007.12.13 19:17:25 | 000,057,126 | ---- | C] () -- C:\WINDOWS\System32\lvcoinst.ini

[2007.12.07 16:15:39 | 000,001,260 | ---- | C] () -- C:\WINDOWS\_delis32.ini

[2007.12.03 16:34:32 | 000,026,624 | ---- | C] () -- C:\WINDOWS\System32\ff_wmv9.dll

[2007.12.01 13:43:30 | 000,541,696 | ---- | C] () -- C:\WINDOWS\System32\ff_x264.dll

[2007.11.29 12:52:36 | 000,000,547 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll.manifest

[2007.11.26 16:56:04 | 002,842,624 | ---- | C] () -- C:\WINDOWS\System32\btwicons.dll

[2007.11.26 16:43:48 | 000,077,824 | ---- | C] () -- C:\WINDOWS\System32\btprn2k.dll

[2007.09.04 23:56:09 | 000,363,520 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll

[2007.09.04 23:44:27 | 000,198,144 | ---- | C] () -- C:\WINDOWS\System32\_psisdecd.dll

[2007.02.27 18:12:06 | 000,143,360 | ---- | C] () -- C:\WINDOWS\System32\USBaccess.dll

[2007.02.06 18:45:04 | 000,025,632 | ---- | C] () -- C:\WINDOWS\System32\drivers\LVPr2Mon.sys

[2007.02.06 18:42:40 | 001,691,808 | ---- | C] () -- C:\WINDOWS\System32\drivers\Lvckap.sys

[2007.01.29 00:03:03 | 000,000,000 | ---- | C] () -- C:\WINDOWS\IROTVIEW.INI

[2007.01.28 21:23:40 | 000,000,275 | ---- | C] () -- C:\WINDOWS\ddespy.ini

[2007.01.10 14:00:41 | 000,001,571 | ---- | C] () -- C:\WINDOWS\Faxcpp1.ini

[2007.01.10 14:00:41 | 000,000,422 | ---- | C] () -- C:\WINDOWS\Faxcpp.ini

[2007.01.10 12:52:58 | 000,000,029 | ---- | C] () -- C:\WINDOWS\DEBUGSM.INI

[2006.12.30 20:09:45 | 000,000,240 | ---- | C] () -- C:\WINDOWS\BUHL.INI

[2006.12.24 23:39:33 | 000,000,040 | ---- | C] () -- C:\WINDOWS\iltwain.ini

[2006.12.24 22:11:08 | 000,000,754 | ---- | C] () -- C:\WINDOWS\WORDPAD.INI

[2006.12.21 02:21:58 | 000,144,656 | ---- | C] () -- C:\WINDOWS\System32\FAMCOM.dll

[2006.12.20 22:10:03 | 000,044,544 | ---- | C] () -- C:\WINDOWS\System32\Gif89.dll

[2006.12.19 18:39:09 | 000,110,642 | ---- | C] () -- C:\WINDOWS\System32\pdfmona.dll

[2006.12.19 18:39:09 | 000,043,252 | ---- | C] () -- C:\WINDOWS\System32\pdfmon.dll

[2006.12.09 02:04:03 | 000,000,687 | ---- | C] () -- C:\WINDOWS\cdplayer.ini

[2006.11.30 22:27:01 | 000,000,000 | ---- | C] () -- C:\WINDOWS\FoneSync.INI

[2006.11.30 18:30:30 | 000,000,126 | ---- | C] () -- C:\WINDOWS\mdm.ini

[2006.11.30 17:45:46 | 000,000,037 | ---- | C] () -- C:\WINDOWS\Viewer.ini

[2006.11.30 17:38:48 | 000,000,151 | ---- | C] () -- C:\WINDOWS\ccard100.ini

[2006.11.30 17:37:13 | 000,007,901 | ---- | C] () -- C:\WINDOWS\MSACC20.INI

[2006.11.30 17:30:38 | 000,001,245 | ---- | C] () -- C:\WINDOWS\ODBC.INI

[2006.11.30 17:30:38 | 000,000,061 | ---- | C] () -- C:\WINDOWS\odbcisam.ini

[2006.11.30 17:30:37 | 000,000,914 | ---- | C] () -- C:\WINDOWS\MSOFFICE.INI

[2006.11.30 17:30:29 | 000,000,124 | ---- | C] () -- C:\WINDOWS\GRAPH5.INI

[2006.11.30 17:30:21 | 000,002,640 | ---- | C] () -- C:\WINDOWS\WINWORD6.INI

[2006.11.30 17:30:18 | 000,000,329 | ---- | C] () -- C:\WINDOWS\EXCEL5.INI

[2006.11.30 17:30:17 | 000,000,239 | ---- | C] () -- C:\WINDOWS\Winhelp.ini

[2006.11.30 17:30:17 | 000,000,110 | ---- | C] () -- C:\WINDOWS\msquery.ini

[2006.11.30 17:30:08 | 000,000,535 | ---- | C] () -- C:\WINDOWS\MSTXTCNV.INI

[2006.11.30 17:30:06 | 000,002,122 | ---- | C] () -- C:\WINDOWS\MSFNTMAP.INI

[2006.11.30 17:30:06 | 000,000,280 | ---- | C] () -- C:\WINDOWS\TTEMBED.INI

[2006.11.30 15:01:49 | 000,000,266 | ---- | C] () -- C:\WINDOWS\VISITE.INI

[2006.11.30 15:00:13 | 000,005,230 | ---- | C] () -- C:\WINDOWS\TOPDRAW.INI

[2006.11.30 14:26:24 | 000,112,688 | ---- | C] () -- C:\WINDOWS\System32\shw32.dll

[2006.11.29 18:34:56 | 000,000,044 | ---- | C] () -- C:\WINDOWS\SMWizard.INI

[2006.11.16 23:01:57 | 000,003,776 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini

[2006.11.14 02:05:27 | 000,000,038 | ---- | C] () -- C:\WINDOWS\AviSplitter.INI

[2006.11.13 00:24:27 | 000,015,576 | R--- | C] () -- C:\WINDOWS\System32\drivers\usbbc.sys

[2006.11.13 00:24:27 | 000,003,953 | R--- | C] () -- C:\WINDOWS\System32\coinst.dll

[2006.11.10 23:55:40 | 000,096,768 | ---- | C] () -- C:\WINDOWS\SlantAdj.dll

[2006.10.11 12:18:40 | 000,078,336 | ---- | C] () -- C:\Dokumente und Einstellungen\***\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[2006.10.10 09:46:17 | 000,003,252 | ---- | C] () -- C:\WINDOWS\System32\drivers\PQNTDRV.SYS

[2006.10.10 04:14:04 | 000,000,092 | ---- | C] () -- C:\WINDOWS\System32\ftdiun2k.ini

[2006.09.27 10:01:53 | 000,000,136 | ---- | C] () -- C:\Dokumente und Einstellungen\***\Lokale Einstellungen\Anwendungsdaten\fusioncache.dat

[2006.09.26 01:14:35 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini

[2006.09.26 01:13:47 | 000,004,442 | ---- | C] () -- C:\WINDOWS\System32\drivers\TPPWRIF.SYS

[2006.09.26 01:10:01 | 000,028,672 | ---- | C] () -- C:\WINDOWS\System32\JAWTAccessBridge.dll

[2006.09.26 01:09:38 | 000,086,016 | ---- | C] () -- C:\WINDOWS\System32\PcdrKernelModeServices.dll

[2006.09.26 01:09:38 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\ProgressTrace.dll

[2006.09.26 01:09:10 | 000,004,224 | ---- | C] () -- C:\WINDOWS\System32\drivers\IBMBLDID.sys

[2006.09.26 01:02:33 | 000,204,800 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeW7.dll

[2006.09.26 01:02:33 | 000,200,704 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeA6.dll

[2006.09.26 01:02:33 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeP6.dll

[2006.09.26 01:02:33 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeM6.dll

[2006.09.26 01:02:33 | 000,188,416 | ---- | C] () -- C:\WINDOWS\System32\IVIresizePX.dll

[2006.09.26 01:02:33 | 000,020,480 | ---- | C] () -- C:\WINDOWS\System32\IVIresize.dll

[2006.09.26 01:02:00 | 000,000,642 | ---- | C] () -- C:\WINDOWS\wininit.ini

[2006.09.26 00:53:24 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\FPCALL.dll

[2006.09.26 00:53:07 | 000,007,168 | ---- | C] () -- C:\WINDOWS\System32\drivers\TSMAPIP.SYS

[2006.09.26 00:50:44 | 000,009,343 | ---- | C] () -- C:\WINDOWS\System32\drivers\TDSMAPI.SYS

[2006.09.26 00:39:34 | 000,002,458 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI

[2006.09.26 00:32:23 | 000,024,576 | ---- | C] () -- C:\WINDOWS\System32\tphklock.dll

[2006.06.09 11:43:28 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini

[2005.09.01 14:11:52 | 000,016,768 | ---- | C] () -- C:\WINDOWS\System32\drivers\LVPrcMon.sys

[2005.07.06 00:45:08 | 000,028,672 | ---- | C] () -- C:\WINDOWS\System32\notifyf2.dll

[2005.02.17 12:41:32 | 000,000,603 | ---- | C] () -- C:\WINDOWS\System32\BTNeighborhood.dll.manifest

[2005.02.17 12:41:30 | 000,000,593 | ---- | C] () -- C:\WINDOWS\System32\btcss.dll.manifest

[2004.12.16 03:41:58 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\pwdmon.dll

[2004.12.16 03:41:58 | 000,019,853 | ---- | C] () -- C:\WINDOWS\ibmprc.ini

[2004.10.15 19:31:56 | 000,218,264 | ---- | C] () -- C:\WINDOWS\System32\SetAid.dll

[2004.10.03 19:50:54 | 000,129,024 | ---- | C] () -- C:\WINDOWS\System32\ff_mpeg2enc.dll

[2004.08.10 13:48:32 | 000,000,849 | ---- | C] () -- C:\WINDOWS\orun32.ini

[2004.01.09 06:10:32 | 000,143,360 | ---- | C] () -- C:\WINDOWS\System32\AIBMRUNL.dll

[2001.11.14 13:56:00 | 001,802,240 | ---- | C] () -- C:\WINDOWS\System32\lcppn21.dll

[1999.04.29 22:00:00 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\MSRTEDIT.DLL

[1998.04.24 01:00:00 | 000,000,218 | ---- | C] () -- C:\WINDOWS\FRONTPG.INI

[1996.04.03 21:33:26 | 000,005,248 | ---- | C] () -- C:\WINDOWS\System32\giveio.sys

< End of report >

Extras.txt:
[CODE]14:00 01.10.2010OTL EXTRAS Logfile:

Code:

OTL Extras logfile created on: 01.10.2010 13:50:42 - Run 2

OTL by OldTimer - Version 3.2.14.1     Folder = E:\Software\Ab 17.04.2009\Download\Sicherheit

Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation

Internet Explorer (Version = 6.0.2900.5512)

Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

 

2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 45,00% Memory free

3,00 Gb Paging File | 2,00 Gb Available in Paging File | 61,00% Paging File free

Paging file location(s): C:\pagefile.sys 1024 1536 [binary data]

 

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme

Drive C: | 59,53 Gb Total Space | 5,38 Gb Free Space | 9,04% Space Free | Partition Type: NTFS

D: Drive not present or media not loaded

Drive E: | 46,18 Gb Total Space | 2,20 Gb Free Space | 4,77% Space Free | Partition Type: FAT32

Drive F: | 4,00 Gb Total Space | 0,45 Gb Free Space | 11,32% Space Free | Partition Type: FAT32

Drive G: | 4,01 Gb Total Space | 0,46 Gb Free Space | 11,49% Space Free | Partition Type: FAT32

Drive H: | 25,27 Gb Total Space | 4,47 Gb Free Space | 17,68% Space Free | Partition Type: NTFS

I: Drive not present or media not loaded

 

Computer Name: XXX

Current User Name: ***

NOT logged in as Administrator.

 

Current Boot Mode: Normal

Scan Mode: All users

Company Name Whitelist: Off

Skip Microsoft Files: Off

File Age = 30 Days

Output = Minimal

 
 ========== Extra Registry (SafeList) ==========

 

 
 ========== File Associations ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

.html [@ = FirefoxHTML] -- C:\Programme\Mozilla\Firefox\firefox.exe (Mozilla Corporation)

.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l

 
 ========== Shell Spawning ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]

batfile [open] -- "%1" %*

cmdfile [open] -- "%1" %*

comfile [open] -- "%1" %*

exefile [open] -- "%1" %*

htmlfile [edit] -- Reg Error: Key error.

http [open] -- "C:\Programme\Mozilla\Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)

https [open] -- "C:\Programme\Mozilla\Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)

InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l

piffile [open] -- "%1" %*

regfile [merge] -- Reg Error: Key error.

scrfile [config] -- "%1"

scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)

scrfile [open] -- "%1" /S

txtfile [edit] -- Reg Error: Key error.

Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1

Directory [AddToPlaylistVLC] -- "C:\Programme\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()

Directory [Durchsuchen mit &IrfanView] -- "C:\Programme\IrfanView\i_view32.exe" "%1 /thumbs" (Irfan Skiljan)

Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Directory [PlayWithVLC] -- "C:\Programme\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()

Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)

Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)

Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

 
 ========== Security Center Settings ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

"FirstRunDisabled" = 1

"AntiVirusDisableNotify" = 0

"FirewallDisableNotify" = 0

"UpdatesDisableNotify" = 0

"AntiVirusOverride" = 0

"FirewallOverride" = 0

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

 
 ========== System Restore Settings ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]

"DisableSR" = 0

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]

"Start" = 0

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]

"Start" = 2

 
 ========== Firewall Settings ==========

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007

"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008

"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004

"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005

"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001

"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002

"10243:TCP" = 10243:TCP:LocalSubNet:Enabled:Windows Media Player-Netzwerkfreigabedienst

"10280:UDP" = 10280:UDP:LocalSubNet:Enabled:Windows Media Player-Netzwerkfreigabedienst

"10281:UDP" = 10281:UDP:LocalSubNet:Enabled:Windows Media Player-Netzwerkfreigabedienst

"10282:UDP" = 10282:UDP:LocalSubNet:Enabled:Windows Media Player-Netzwerkfreigabedienst

"10283:UDP" = 10283:UDP:LocalSubNet:Enabled:Windows Media Player-Netzwerkfreigabedienst

"10284:UDP" = 10284:UDP:LocalSubNet:Enabled:Windows Media Player-Netzwerkfreigabedienst

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]

"EnableFirewall" = 1

"DoNotAllowExceptions" = 0

"DisableNotifications" = 0

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007

"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008

"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004

"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005

"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001

"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002

"6198:TCP" = 6198:TCP:*:Enabled:freenetSPEED

"3126:TCP" = 3126:TCP:*:Enabled:freenetSPEED

"3128:TCP" = 3128:TCP:*:Enabled:freenetSPEED

"10243:TCP" = 10243:TCP:LocalSubNet:Enabled:Windows Media Player-Netzwerkfreigabedienst

"10280:UDP" = 10280:UDP:LocalSubNet:Enabled:Windows Media Player-Netzwerkfreigabedienst

"10281:UDP" = 10281:UDP:LocalSubNet:Enabled:Windows Media Player-Netzwerkfreigabedienst

"10282:UDP" = 10282:UDP:LocalSubNet:Enabled:Windows Media Player-Netzwerkfreigabedienst

"10283:UDP" = 10283:UDP:LocalSubNet:Enabled:Windows Media Player-Netzwerkfreigabedienst

"10284:UDP" = 10284:UDP:LocalSubNet:Enabled:Windows Media Player-Netzwerkfreigabedienst

 
 ========== Authorized Applications List ==========

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

"C:\Programme\IBM\Updater\jre\bin\java.exe" = C:\Programme\IBM\Updater\jre\bin\java.exe:*:Enabled:IBM Update Connector -- File not found

"C:\Programme\IBM\Updater\jre\bin\javaw.exe" = C:\Programme\IBM\Updater\jre\bin\javaw.exe:*:Enabled:IBM Update Connector -- File not found

"C:\Programme\IBM\Updater\ucsmb.exe" = C:\Programme\IBM\Updater\ucsmb.exe:*:Enabled:IBM Update Connector -- File not found

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]

"C:\Programme\IBM\Updater\jre\bin\java.exe" = C:\Programme\IBM\Updater\jre\bin\java.exe:*:Enabled:IBM Update Connector -- File not found

"C:\Programme\IBM\Updater\jre\bin\javaw.exe" = C:\Programme\IBM\Updater\jre\bin\javaw.exe:*:Enabled:IBM Update Connector -- File not found

"C:\Programme\IBM\Updater\ucsmb.exe" = C:\Programme\IBM\Updater\ucsmb.exe:*:Enabled:IBM Update Connector -- File not found

"D:\fsetup.exe" = D:\fsetup.exe:*:Enabled:AVM FSetup Application -- File not found

"C:\Programme\freenet\PxClient.exe" = C:\Programme\freenet\PxClient.exe:*:Enabled:freenetSPEED -- File not found

"C:\Programme\VoipDiscount.com\VoipDiscount\VoipDiscount.exe" = C:\Programme\VoipDiscount.com\VoipDiscount\VoipDiscount.exe:*:Enabled:VoipDiscount -- (VoipDiscount)

"C:\Programme\Mozilla Thunderbird\thunderbird.exe" = C:\Programme\Mozilla Thunderbird\thunderbird.exe:*:Enabled:Mozilla Thunderbird -- (Mozilla Messaging)

"C:\Programme\Intuwave Ltd\Shared\mRouterRunTime\mRouterRuntime.exe" = C:\Programme\Intuwave Ltd\Shared\mRouterRunTime\mRouterRuntime.exe:*:Enabled:mRouterRuntime -- (Intuwave Ltd.)

"C:\WINDOWS\system32\fxsclnt.exe" = C:\WINDOWS\system32\fxsclnt.exe:*:Enabled:Microsoft  Fax Console -- (Microsoft Corporation)

"C:\Programme\Java\jdk1.6.0_01\jre\bin\java.exe" = C:\Programme\Java\jdk1.6.0_01\jre\bin\java.exe:*:Enabled:Java(TM) Platform SE binary -- File not found

"C:\Programme\MySQL\MySQL Server 5.0\bin\mysqld-nt.exe" = C:\Programme\MySQL\MySQL Server 5.0\bin\mysqld-nt.exe:*:Enabled:mysqld-nt -- ()

"C:\Programme\Java\jdk1.6.0_01\bin\java.exe" = C:\Programme\Java\jdk1.6.0_01\bin\java.exe:*:Enabled:Java(TM) Platform SE binary -- File not found

"C:\Programme\Java\jdk1.6.0\bin\java.exe" = C:\Programme\Java\jdk1.6.0\bin\java.exe:*:Enabled:Java(TM) Platform SE binary -- File not found

"C:\Programme\FRITZ!DSL\FBOXUPD.EXE" = C:\Programme\FRITZ!DSL\FBOXUPD.EXE:*:Enabled:AVM FRITZ!Box Firmware-Update -- (AVM Berlin)

"C:\Programme\Java\jdk1.6.0_02\jre\bin\java.exe" = C:\Programme\Java\jdk1.6.0_02\jre\bin\java.exe:*:Enabled:Java(TM) Platform SE binary -- File not found

"C:\Programme\Home Cinema\PowerCinema\PowerCinema.exe" = C:\Programme\Home Cinema\PowerCinema\PowerCinema.exe:*:Enabled:PowerCinema -- File not found

"C:\Dokumente und Einstellungen\***\Lokale Einstellungen\Apps\2.0\CDYO31ZO.VG2\OEZVKJ02.55X\frit..tion_f8d772dfbb3f7453_0002.0001_147a792107b9f781\fritzbox-usb-fernanschluss.exe" = C:\Dokumente und Einstellungen\***\Lokale Einstellungen\Apps\2.0\CDYO31ZO.VG2\OEZVKJ02.55X\frit..tion_f8d772dfbb3f7453_0002.0001_147a792107b9f781\fritzbox-usb-fernanschluss.exe:*:Enabled:FRITZ!Box USB-Fernanschluss -- File not found

"C:\Programme\WS_FTP\WS_FTP95.exe" = C:\Programme\WS_FTP\WS_FTP95.exe:*:Enabled:WS_FTP 95 -- (Ipswitch, Inc. 81 Hartwell Ave. Lexington, MA)

"C:\Programme\Java\jdk1.6.0_03\bin\java.exe" = C:\Programme\Java\jdk1.6.0_03\bin\java.exe:*:Enabled:Java(TM) Platform SE binary -- (Sun Microsystems, Inc.)

"C:\Programme\Java\jdk1.6.0_03\jre\bin\java.exe" = C:\Programme\Java\jdk1.6.0_03\jre\bin\java.exe:*:Enabled:Java(TM) Platform SE binary -- (Sun Microsystems, Inc.)

"C:\Programme\Java\jre1.6.0_03\bin\java.exe" = C:\Programme\Java\jre1.6.0_03\bin\java.exe:*:Enabled:Java(TM) Platform SE binary -- File not found

"C:\Programme\Java\NetBeans 6.0 RC2\mobility8\WTK2.5.2\bin\emulator.exe" = C:\Programme\Java\NetBeans 6.0 RC2\mobility8\WTK2.5.2\bin\emulator.exe:*:Enabled:emulator -- File not found

"C:\Programme\Java\WTK22\bin\emulator.exe" = C:\Programme\Java\WTK22\bin\emulator.exe:*:Enabled:emulator -- ()

"C:\Programme\Java\NetBeans 6.0\mobility8\WTK2.5.2\bin\emulator.exe" = C:\Programme\Java\NetBeans 6.0\mobility8\WTK2.5.2\bin\emulator.exe:*:Enabled:emulator -- File not found

"C:\Programme\FRITZ!DSL\IGDCTRL.EXE" = C:\Programme\FRITZ!DSL\IGDCTRL.EXE:*:Enabled:AVM FRITZ!DSL - igdctrl.exe -- (AVM Berlin)

"C:\Programme\FRITZ!DSL\WebwaIgd.exe" = C:\Programme\FRITZ!DSL\WebwaIgd.exe:*:Enabled:AVM FRITZ!DSL - webwaigd.exe -- (AVM Berlin)

"C:\Programme\uTorrent\uTorrent.exe" = C:\Programme\uTorrent\uTorrent.exe:*:Enabled:µTorrent -- File not found

"C:\Programme\Sony Ericsson\Update Service\ma3platform.exe" = C:\Programme\Sony Ericsson\Update Service\ma3platform.exe:*:Enabled:ma3platform -- File not found

"C:\Programme\Sony Ericsson\Update Service\Update Service.exe" = C:\Programme\Sony Ericsson\Update Service\Update Service.exe:*:Enabled:Update Service -- File not found

"C:\Programme\Sony Ericsson\Sony Ericsson Media Manager 1.0\MediaManager.exe" = C:\Programme\Sony Ericsson\Sony Ericsson Media Manager 1.0\MediaManager.exe:*:Enabled:Sony Ericsson Media Manager 1.0 -- (Sony Creative Software Inc.)

"C:\Programme\Java\jdk1.6.0_04\jre\bin\java.exe" = C:\Programme\Java\jdk1.6.0_04\jre\bin\java.exe:*:Enabled:Java(TM) Platform SE binary -- File not found

"C:\Dokumente und Einstellungen\***\Lokale Einstellungen\Apps\2.0\CDYO31ZO.VG2\OEZVKJ02.55X\frit..tion_f8d772dfbb3f7453_0002.0001_0db5bf0e9add42c1\fritzbox-usb-fernanschluss.exe" = C:\Dokumente und Einstellungen\***\Lokale Einstellungen\Apps\2.0\CDYO31ZO.VG2\OEZVKJ02.55X\frit..tion_f8d772dfbb3f7453_0002.0001_0db5bf0e9add42c1\fritzbox-usb-fernanschluss.exe:*:Enabled:FRITZ!Box USB-Fernanschluss -- File not found

"C:\Programme\Java\jre1.6.0_04\bin\javaw.exe" = C:\Programme\Java\jre1.6.0_04\bin\javaw.exe:*:Enabled:Java(TM) Platform SE binary -- File not found

"C:\Program Files\IBM\Java142\jre\bin\javaw.exe" = C:\Program Files\IBM\Java142\jre\bin\javaw.exe:*:Enabled:Java launcher -- (IBM)

"C:\Programme\Mozilla\Firefox\firefox.exe" = C:\Programme\Mozilla\Firefox\firefox.exe:*:Enabled:Firefox -- (Mozilla Corporation)

"C:\Programme\Java\jdk1.6.0_06\jre\bin\java.exe" = C:\Programme\Java\jdk1.6.0_06\jre\bin\java.exe:*:Enabled:Java(TM) Platform SE binary -- File not found

"C:\Dokumente und Einstellungen\***\Lokale Einstellungen\Apps\2.0\CDYO31ZO.VG2\OEZVKJ02.55X\frit..tion_f8d772dfbb3f7453_0002.0001_0db5bf0f9b5c5281\fritzbox-usb-fernanschluss.exe" = C:\Dokumente und Einstellungen\***\Lokale Einstellungen\Apps\2.0\CDYO31ZO.VG2\OEZVKJ02.55X\frit..tion_f8d772dfbb3f7453_0002.0001_0db5bf0f9b5c5281\fritzbox-usb-fernanschluss.exe:*:Enabled:FRITZ!Box USB-Fernanschluss -- File not found

"C:\Programme\Java\jdk1.6.0_07\jre\bin\java.exe" = C:\Programme\Java\jdk1.6.0_07\jre\bin\java.exe:*:Enabled:Java(TM) Platform SE binary -- File not found

"C:\Programme\Real\RealPlayer\realplay.exe" = C:\Programme\Real\RealPlayer\realplay.exe:*:Enabled:RealPlayer -- File not found

"C:\Dokumente und Einstellungen\***\Lokale Einstellungen\Apps\2.0\CDYO31ZO.VG2\OEZVKJ02.55X\frit..tion_f8d772dfbb3f7453_0002.0001_0db5bf139d589181\fritzbox-usb-fernanschluss.exe" = C:\Dokumente und Einstellungen\***\Lokale Einstellungen\Apps\2.0\CDYO31ZO.VG2\OEZVKJ02.55X\frit..tion_f8d772dfbb3f7453_0002.0001_0db5bf139d589181\fritzbox-usb-fernanschluss.exe:*:Enabled:FRITZ!Box USB-Fernanschluss -- File not found

"C:\Dokumente und Einstellungen\***\Lokale Einstellungen\Apps\2.0\CDYO31ZO.VG2\OEZVKJ02.55X\frit..tion_f8d772dfbb3f7453_0002.0001_0db5bf149dd7a141\fritzbox-usb-fernanschluss.exe" = C:\Dokumente und Einstellungen\***\Lokale Einstellungen\Apps\2.0\CDYO31ZO.VG2\OEZVKJ02.55X\frit..tion_f8d772dfbb3f7453_0002.0001_0db5bf149dd7a141\fritzbox-usb-fernanschluss.exe:*:Enabled:FRITZ!Box USB-Fernanschluss -- (AVM Berlin)

"C:\Programme\Java\jre6\bin\java.exe" = C:\Programme\Java\jre6\bin\java.exe:*:Enabled:Java(TM) Platform SE binary -- (Sun Microsystems, Inc.)

"C:\Program Files\Real\RealPlayer\realplay.exe" = C:\Program Files\Real\RealPlayer\realplay.exe:*:Enabled:RealPlayer -- (RealNetworks, Inc.)

"C:\Programme\Java\jre6\bin\javaw.exe" = C:\Programme\Java\jre6\bin\javaw.exe:*:Enabled:Java(TM) Platform SE binary -- (Sun Microsystems, Inc.)

"C:\Dokumente und Einstellungen\***\Lokale Einstellungen\Apps\2.0\CDYO31ZO.VG2\OEZVKJ02.55X\frit..tion_f8d772dfbb3f7453_0002.0001_0db5bf169ed5c0c1\fritzbox-usb-fernanschluss.exe" = C:\Dokumente und Einstellungen\***\Lokale Einstellungen\Apps\2.0\CDYO31ZO.VG2\OEZVKJ02.55X\frit..tion_f8d772dfbb3f7453_0002.0001_0db5bf169ed5c0c1\fritzbox-usb-fernanschluss.exe:*:Enabled:FRITZ!Box USB-Fernanschluss -- (AVM Berlin)

"C:\WINDOWS\LMI35.tmp\lmi_rescue.exe" = C:\WINDOWS\LMI35.tmp\lmi_rescue.exe:*:Enabled:LogMeIn Rescue -- File not found

"C:\WINDOWS\LMI60.tmp\lmi_rescue.exe" = C:\WINDOWS\LMI60.tmp\lmi_rescue.exe:*:Enabled:LogMeIn Rescue -- File not found

"C:\WINDOWS\LMI33D.tmp\lmi_rescue.exe" = C:\WINDOWS\LMI33D.tmp\lmi_rescue.exe:*:Enabled:LogMeIn Rescue -- File not found

"C:\WINDOWS\LMI3B2.tmp\lmi_rescue.exe" = C:\WINDOWS\LMI3B2.tmp\lmi_rescue.exe:*:Enabled:LogMeIn Rescue -- File not found

"C:\WINDOWS\LMI3B7.tmp\lmi_rescue.exe" = C:\WINDOWS\LMI3B7.tmp\lmi_rescue.exe:*:Enabled:LogMeIn Rescue -- File not found

"C:\Programme\BitTorrent\bittorrent.exe" = C:\Programme\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent -- (BitTorrent, Inc.)

"C:\Programme\FRITZ!Box Monitor\FRITZBoxMonitor.exe" = C:\Programme\FRITZ!Box Monitor\FRITZBoxMonitor.exe:*:Enabled:FRITZ!Box Monitor -- (AVM Berlin)

"C:\Programme\FRITZ!vox\Fritz!vox.exe" = C:\Programme\FRITZ!vox\Fritz!vox.exe:*:Enabled:Fritz!vox -- (AVM Berlin)

"C:\CYGWIN\bin\rsync.exe" = C:\CYGWIN\bin\rsync.exe:*:Enabled:rsync -- ()

 

 
 ========== HKEY_LOCAL_MACHINE Uninstall List ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"{00000407-78E1-11D2-B60F-006097C998E7}" = Microsoft Office 2000 SR-1 Premium

"{00170407-78E1-11D2-B60F-006097C998E7}" = Microsoft Word 2000 SR-1

"{00BA866C-F2A2-4BB9-A308-3DFA695B6F7C}" = Java DB 10.5.3.0

"{01008202-823E-46CD-A70E-BEE818F97169}" = Microsoft Encarta Enzyklopädie 2002

"{01DA3FC4-CF94-4AAD-9127-C8F2E09F6E69}" = PowerArchiver 2010

"{024D73F0-1C49-2340-8AC3-5234AAA560C0}" = ccc-core-static

"{03B1BBDC-7FAA-4A03-9988-A85428BAD382}" = Sun ODF Plugin for Microsoft Office 3.0

"{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu

"{055EE59D-217B-43A7-ABFF-507B966405D8}" = ATI Catalyst Control Center

"{05E9F134-07C9-4249-9B80-EE5D975F201B}" = Sony Ericsson Image Editor

"{0873B1A3-00A9-40D6-BACE-3DB4BC5DA840}" = ThinkPad SATA Power Management Driver

"{0BEDBD4E-2D34-47B5-9973-57E62B29307C}" = ATI Systemsteuerung

"{0D05C1D4-BB4C-4545-86DC-F5EA7D04121A}" = Vtpro-e Themes v1.3

"{0E0DF90C-D0BA-4C89-9262-AD78D1A3DE51}" = HP USB Disk Storage Format Tool

"{1007F41F-7D69-468E-8017-3849A5A973C2}" = IBM ThinkVantage Technologies Welcome Message

"{11783F13-C3A9-44A8-929B-21A476F65272}" = IBM Rescue and Recovery with Rapid Restore

"{1206EF92-2E83-4859-ACCB-2048C3CB7DA6}" = Sonic DLA

"{1297C681-92D7-40EF-93BF-03F66EC5105C}" = ThinkPad-Dienstprogramm 'EasyEject'

"{13EDFFFE-DCF2-448A-A653-3C4CD60D99B4}" = Palm Desktop and Synchronization Software

"{1649C93D-C661-4C53-B8AE-DB3592150B34}" = Buhl finance - tax 2006 Professional

"{17CBC505-D1AE-459D-B445-3D2000A85842}" = ThinkPad UltraNav Utility

"{1E5007FA-DA5E-4EDD-BDE5-14D128D66887}" = PowerQuest PartitionMagic 7.0

"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

"{2111B23F-7FDA-4A41-8309-E5A1663CA296}" = Dienstprogramm 'IBM ThinkPad-Tastaturanpassung'

"{23170F69-40C1-2701-0465-000001000000}" = 7-Zip 4.65

"{23FB368F-1399-4EAC-817C-4B83ECBE3D83}" = mProSafe

"{2457326B-C110-40C3-89B0-889CC913871A}" = AVM FRITZ!DSL

"{24F9E04D-4CD5-3979-76F9-C1C6E78471AB}" = CCC Help Italian

"{25F60491-F5AB-4985-9354-37C146783F35}" = Microsoft Works Suite-Add-Ins für Microsoft Word

"{2604C0F9-BFD3-4BA0-9EB5-22537C648F03}" = MobileMe Control Panel

"{26A24AE4-039D-4CA4-87B4-2F83216014FF}" = Java(TM) 6 Update 21

"{2D230139-69DA-4CE8-83FB-EE5F522D2FF5}" = Praesideo Logging Server V2.32.1757

"{2FCE4FC5-6930-40E7-A4F1-F862207424EF}" = InterVideo WinDVD Creator

"{2FEB25F8-C3CB-49A2-AE79-DE17FFAFB5D9}" = MySQL Server 5.0

"{2FFE93F0-BB72-4E52-8761-354D1AAA9387}" = Sony Ericsson PC Suite 3.108.00

"{30465B6C-B53F-49A1-9EBA-A3F187AD502E}" = Sonic Update Manager

"{31E1050B-F69F-4A16-8F5A-E44D31901250}" = Ulead DVD DiskRecorder 2.1.1

"{3248F0A8-6813-11D6-A77B-00B0D0150100}" = J2SE Runtime Environment 5.0 Update 10

"{32A3A4F4-B792-11D6-A78A-00B0D0150100}" = J2SE Development Kit 5.0 Update 10

"{32A3A4F4-B792-11D6-A78A-00B0D0160030}" = Java(TM) SE Development Kit 6 Update 3

"{32A3A4F4-B792-11D6-A78A-00B0D0160180}" = Java(TM) SE Development Kit 6 Update 18

"{32A3A4F4-B792-11D6-A78A-00B0D0160200}" = Java(TM) SE Development Kit 6 Update 20

"{32A3A4F4-B792-11D6-A78A-00B0D0170000}" = Java(TM) SE Development Kit 7

"{3305E24F-1192-0424-8A25-39713FD92728}" = Skins

"{34F0D55F-C386-4195-9A5B-961D3F6ACD46}" = InterVideo MediaOne Gallery

"{350C97B3-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP

"{3B94A56F-9FDA-46CC-A3B6-07613A84200B}" = Buhl finance - tax 2007 Professional

"{3D289CAC-AD9F-45d9-9D36-524EB7B6C958}" = Lenovo Hard Drive Quick Test

"{3DA7A736-0B03-565C-1139-83FE890F0AF3}" = CCC Help French

"{3EA9D975-BFDC-4E8E-B88B-0446FBC8CA66}" = ATI HYDRAVISION

"{3F71721C-E73D-481C-B926-C56B68D8F388}" = Praesideo Open Interface Library V2.32.1757

"{437C19B3-7E20-4E39-B868-CA6BAA820E1C}" = Microsoft Rechner-Plus

"{43A1FE83-D39F-3779-8D48-D6D19EE7AC48}" = CCC Help Chinese Traditional

"{443CBE24-0679-4027-9C36-66F129E009C5}" = Crestron Database

"{448AB2CB-C94A-47DE-80B8-9D7824DEFA57}" = Ulead FilmBrennerei 4.0

"{44B32F92-5A96-43D9-BCBE-0AD2CDC409E7}" = TortoiseHg 1.1.3 (x86)

"{46A84694-59EC-48F0-964C-7E76E9F8A2ED}" = ThinkVantage System für aktiven Festplattenschutz

"{47CF8B92-4083-4F43-9680-6EDE10F812BD}" = Praesideo Logging Viewer V2.32.1757

"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater

"{4A7FDA4D-F4D7-4A49-934A-066D59A43C7E}" = SmartSound Quicktracks Plugin

"{55C28EF3-2EA3-46AB-B1E7-54B96C5A6921}" = Viewport v3.99.01

"{57FA0525-01F9-4051-8DE9-CBF43CAC68D9}" = Catalyst Control Center - Branding

"{5C72622B-643D-4296-B57D-5D53D0C68509}" = Sony Ericsson Media Manager 1.0

"{5D73F169-DD54-4C74-AEB0-CE72A4ED95E6}" = Algo Vision LuraTech Browser Plug-ins

"{5DE1B7CF-7429-40CA-987F-6BEE09B63787}" = Prime95

"{5F71EB81-C72E-4B28-8D90-FDEECFEBC2DE}" = Drive Image

"{61A17AE1-B4C3-4FC0-8563-684C23CBFA0F}" = SW-Entwicklung\Sun Java (TM) Wireless Toolkit 2.5.2 for CLDC

"{63F817ED-F710-481B-B332-7A356CE04E10}" = TortoiseOverlays

"{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}" = Sonic Express Labeler

"{6686F38D-1A32-4A8C-94D7-A2AA9C5F3C9B}" = Crestron Device Database

"{66CA5E58-0D03-A75D-16EF-68258DE0DFC3}" = CCC Help English

"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD

"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update

"{6BC292E6-5C85-4620-C1D0-A2FEAFD5D135}" = CCC Help Japanese

"{6C31E111-96BB-4ADC-9C81-E6D3EEDDD8D3}" = Powertoys For Windows XP

"{6CE96A14-61E2-48CC-837E-22710A953ADE}" = IBM Themes

"{7005C601-B415-4D77-B2ED-FF40E3DACDED}" = DEAL for Windows v4.00

"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable

"{735DEB9C-61BD-4D31-994B-92395BBB4E45}" = Microsoft XML Parser

"{75438C0E-9925-412E-AD85-D0E71C6CE2ED}" = USB2.0 PC Camera (SN9C201&202)

"{7579A17B-0E6C-9EF3-D022-30729A24B399}" = CCC Help Chinese Standard

"{76E41F43-59D2-4F30-BA42-9A762EE1E8DE}" = Avanquest update

"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053

"{7BAA2000-5B8D-66DD-DBE7-089671AC118B}" = ccc-utility

"{7C2BD022-2B09-1F6D-D6C1-AD2A591E7537}" = Catalyst Control Center Core Implementation

"{7D2370AC-D8E6-4996-986A-19824F8A167C}" = Logitech QuickCam

"{7E265513-8CDA-4631-B696-F40D983F3B07}_is1" = CDBurnerXP

"{7EB114D8-207F-45AE-BABD-1669715F2630}" = ThinkVantage Access Connections

"{806DB796-7082-C63F-284E-62245284A417}" = CCC Help Dutch

"{808FAA20-4C3A-11D4-8A57-00201853C903}" = PC-Linq

"{82512BC9-BD5D-4C50-BE4D-B98E7DF78687}" = ThinkPad-UltraNav-Assistent

"{8398B542-3CC4-44D9-83DF-696CCE70124B}" = Windows Support Tools

"{84814E6B-2581-46EC-926A-823BD1C670F6}" = ThinkPad Bluetooth with Enhanced Data Rate Software

"{8675339C-128C-44DD-83BF-0A5D6ABD8297}" = System Update

"{8745DEAB-1126-42F5-9585-C66D5497B47B}" = EMEA Wallpaper

"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight

"{8D0E26CF-AA2F-48FF-A533-6207DE50B1C4}_is1" = Agendus for Windows Palm Desktop Edition

"{8D1E61D1-1395-4E97-997F-D002DB3A5074}" = OpenOffice.org 3.2

"{8EAB2384-C794-40ED-A9DD-3270A0D2BB76}" = Ulead VideoStudio 9.0

"{91810AFC-A4F8-4EBA-A5AA-B198BBC81144}" = InterVideo WinDVD

"{91AF774D-8506-4194-9B77-9D803CBF5AC1}" = SIMPL Windows v2.10

"{925936AC-9C9A-4897-874B-60961AAB6D52}" = Disc2Phone

"{9541FED0-327F-4DF0-8B96-EF57EF622F19}" = Sonic RecordNow!

"{984E0622-29E5-44EA-A075-A0CE91B2CF13}" = TortoiseOverlays

"{A0E64EBA-8BF0-49FB-90C0-BB3D781A2016}" = ThinkPad Energie-Manager

"{A1A903C9-35DE-4770-9264-5F831E0A3A2E}" = SIMPL Windows Library v565

"{A2092B2A-A4FB-4464-A4C0-023D2C9993F8}" = 

"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2

"{A3E23D97-145F-29BF-81DE-DAEC1E5AB237}" = Catalyst Control Center Graphics Full New

"{A8FA2AC0-3875-B59F-917F-719982FB1BE8}" = CCC Help Portuguese

"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper

"{AA3983BF-9B72-484E-972A-E47BBAFA9CCA}" = VisionTools Pro-e v3.8

"{AC76BA86-7AD7-1031-7B44-A93000000001}" = Adobe Reader 9.3.4 - Deutsch

"{AC76BA86-7AD7-5464-3428-800000000003}" = Spelling Dictionaries Support For Adobe Reader 8

"{AC849092-6F19-4395-8860-BC3B82CAFE51}" = funScreenScraping Microsoft Systemdateien

"{AE1A0B0E-2EC7-656A-711A-0E7E8D4AB5CF}" = CCC Help Spanish

"{B016DE7B-CA2D-5EFD-9591-A109E67119BD}" = CCC Help Swedish

"{B214C3C8-FC16-42EC-B7BB-703A1BB9C790}" = Lenovo Battery Program

"{B5FDA445-CAC4-4BA6-A8FB-A7212BD439DE}" = Microsoft XML Parser

"{B5FE8184-DB90-4642-826C-096C6369B3DA}" = J2ME Wireless Toolkit 2.2

"{B6826FA8-04C8-4147-AA3C-5B900AB887A1}" = PowerArchiver 2007

"{B7A0CE06-068E-11D6-97FD-0050BACBF861}" = PowerProducer

"{BAF78226-3200-4DB4-BE33-4D922A799840}" = Windows Presentation Foundation

"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2

"{C2C284D2-6BD7-3B34-B0C5-B2CAED168DF7}" = Microsoft .NET Framework 3.0 Service Pack 2 Language Pack - DEU

"{C314CE45-3392-3B73-B4E1-139CD41CA933}" = Microsoft .NET Framework 2.0 Service Pack 2 Language Pack - DEU

"{C4A92EF9-D14C-937F-742E-D272938DC590}" = CCC Help Korean

"{C769A271-7E1C-48F9-B331-474600DD4C06}" = Microsoft Picture It! Foto 2002

"{C7B8E06E-EBBC-4210-93AB-DFC8760E3FC9}" = Works Suite-Betriebssystem-Pack

"{C9A87D86-FDFD-418B-BF96-EF09320973B3}" = PC Inspector smart recovery

"{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector

"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1

"{CC016F21-3970-11DE-B878-005056806466}" = Google Earth

"{CD6EB005-957A-4191-93ED-6ECD5F7F931E}" = SKTimeStamp

"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1

"{CFEDA22F-435D-4891-913A-75B80D8159B8}" = Crestron Toolbox v1.12

"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.2

"{D121161E-AD64-4438-97A0-66A1AB7FFDE3}" = Works Suite-Betriebssystem-Pack

"{D2FEBD11-E587-4C41-AD33-0CD90D26A964}" = Client für die Windows-Rechteverwaltung mit Service Pack 2

"{D36DD326-7280-11D8-97C8-000129760CBE}" = PhotoNow! 1.0

"{D5881E4A-0764-11D6-9D93-DECCF2B3F57C}" = Praesideo Core V2.32.1757

"{D5A9B7C0-8751-11D8-9D75-000129760D75}" = MediaShow 3.0

"{D6DE02C7-1F47-11D4-9515-00105AE4B89A}" = Paint Shop Pro 7 Anniversary Edition

"{D702172D-8D17-D9EC-B661-42FA268575AF}" = Catalyst Control Center Localization All

"{DAA3F236-CEEC-C6CC-12C2-AB1B75C8BC09}" = CCC Help German

"{DAEAFD68-BB4A-4507-A241-C8804D2EA66D}" = Apple Application Support

"{DEC2C123-3CE0-4669-B119-61519130CACD}" = TortoiseSVN 1.6.10.19898 (32 bit)

"{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF}" = Ad-Aware

"{E09CEE8B-1DCD-C628-A8EA-2B56D61DDEFA}" = ccc-core-preinstall

"{E258A840-7E9A-443A-B156-67102C48BF17}" = TPP Storage Driver Installation

"{E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}" = Windows Media Encoder 9-Reihe

"{E7004147-2CCA-431C-AA05-2AB166B9785D}" = QuickTime

"{E78BFA60-5393-4C38-82AB-E8019E464EB4}" = Microsoft .NET Framework 1.1 German Language Pack

"{E922961C-6DB6-41DE-9FEA-426DF3E9F81C}" = IBM 32-bit Runtime Environment for Java 2, v1.4.2

"{EA664480-3844-11D5-8C25-444553540000}" = Funktion "TrackPoint-Eingabehilfen"

"{EC6AF20D-4376-4070-BEE4-D3A0DFF7E140}" = Access IBM

"{EC905264-BCFE-423B-9C42-C3A106266790}" = Rückwärtskompatibilität des Clients für die Windows-Rechteverwaltung SP2

"{ED5EDCD0-5745-4B13-8061-58C9833FD06D}" = Microsoft Works 6.0

"{F0A37341-D692-11D4-A984-009027EC0A9C}" = SoundMAX

"{F18B31E4-E2E3-4F4F-A2C9-BA579D6AF400}" = TortoiseOverlays

"{F2260E94-80F2-4CB1-B6B1-6043D9BFFA47}" = Works-Synchronisierung

"{F22FD942-651D-4EE8-BD6F-7E0AF5E17625}" = Intel(R) PROSet/Wireless WiFi-Software

"{F3439243-1BAC-7250-D346-2642655F95ED}" = Catalyst Control Center Graphics Full Existing

"{F34D9A5F-484A-4E31-A9D3-908CB265B289}" = Sygate Personal Firewall

"{F3FAE3D8-A91D-4D11-90C1-27581C2C23B9}" = Sony Ericsson MMS Home Studio

"{F413B3A4-EE5D-457C-BAE5-6E58D9589ED5}" = Access IBM Message Center

"{F4F4F84E-804F-4E9A-84D7-C34283F0088F}" = RealUpgrade 1.0

"{F63E8666-0F10-11D3-8258-00C04F6843FE}" = Microsoft Visual Keyboard

"{F705E3E1-A471-426B-9A09-73429F3418EE}" = System Migration Assistant

"{F7F2DC0A-C22E-49AD-AD37-797309A54E7B}" = Microsoft AutoRoute 2002

"{FB97A745-D1E6-435D-B942-264E94F89938}" = SIMPL+ Cross Compiler

"{FC081D4D-DF1B-4CF1-B530-027E4118D846}" = ThinkPad-Konfiguration

"{FC18114B-05A0-11D6-8140-000102E745A6}" = PC Suite for P800

"{FCA651F3-5BDA-4DDA-9E4A-5D87D6914CC4}" = mWlsSafe

"{FD331A3B-F7A5-4C31-B8D4-DF413C85AF7A}" = Message Center Plus

"{FD9D4CA5-8F97-44A0-B17E-C2C77C824FA4}" = funScreenScraping Client Version

"{FF2AFF73-099E-0BB5-AE87-B044D3D7DE78}" = Catalyst Control Center Graphics Light

"1&1 Upload-Manager" = 1&1 Upload-Manager

"274c5407c4fa26908310cb5c1c5500001224356439" = NetBeans IDE 5.5

"312f77fc8b5965949add215dd8550000-1163196496" = NetBeans Profiler 5.5

"Adobe Flash Player ActiveX" = Adobe Flash Player ActiveX

"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin

"Adobe Shockwave Player" = Adobe Shockwave Player 11.5

"Adobe SVG Viewer" = Adobe SVG Viewer 3.0

"All ATI Software" = ATI - Dienstprogramm zur Deinstallation der Software

"Any Video Converter_is1" = Any Video Converter 3.0.3

"ATI Display Driver" = ATI Display Driver

"Attribute Manager_is1" = Attribute Manager 2.35

"Audacity 1.3 Beta (Unicode)_is1" = Audacity 1.3.9 (Unicode)

"Audacity_is1" = Audacity 1.2.6

"avast5" = avast! Free Antivirus

"AVIcodec" = AVIcodec (remove only)

"Avira UnErase Personal" = Avira UnErase Personal

"AVMFBox" = AVM FRITZ!Box Dokumentation

"AVMFBoxAnswerMachine" = AVM FRITZ!vox

"AVMFBoxMonitor" = AVM FRITZ!Box Monitor

"BitTorrent" = BitTorrent

"CCleaner" = CCleaner

"CD Audio Reader Filter" = CD Audio Reader Filter (remove only)

"CDCheck" = CDCheck

"CNXT_MODEM_PCI_VEN_8086&DEV_24C6&SUBSYS_05591014" = ThinkPad Integrated 56K Modem

"CollabNet Automatic Update" = CollabNet Automatic Update 1.2

"CollabNet Subversion Client" = CollabNet Subversion Client 1.6.12

"Corel Applications" = Corel Applications

"CvsConflictEditor_is1" = CvsConflictEditor 1.2.0

"CVSNT_is1" = CVSNT

"D2D77DC2-8299-11D1-8949-444553540000_is1" = WinCvs 2.0

"Defraggler" = Defraggler

"DiffUtils-2.8.7_is1" = GnuWin32: DiffUtils version 2.8.7

"Digital Image Recovery_is1" = Digital Image Recovery 1.47

"DirectVobSub" = DirectVobSub (remove only)

"doPDF 7 printer_is1" = doPDF 7.1 printer

"EASEUS Partition Master Home Edition_is1" = EASEUS Partition Master 5.5.1 Home Edition

"EPSON SMART PANEL" = EPSON SMART PANEL

"EPSON Stylus Scan" = EPSON Stylus Scan FB TWAIN

"EPSON-Drucker und Utilities" = EPSON-Drucker-Software

"Exact Audio Copy" = Exact Audio Copy 0.99pb5

"Exifer_is1" = Exifer

"fcd569e3a3b8ade0f9366fc6625500001796351737" = NetBeans Mobility Pack 5.5

"Feurio" = Feurio! CD-Writer

"ffdshow_is1" = ffdshow [rev 1868] [2008-02-22]

"FFmpeg for Audacity on Windows_is1" = FFmpeg for Audacity on Windows

"FinePrint 2000" = FinePrint 2000

"FinePrint2000" = FinePrint 2000

"FolderSizes_is1" = FolderSizes 1.0

"frndial" = freenet.de

"FTDICOMM" = SEMC DSS-20 SyncStation Driver

"GMX Upload-Manager" = GMX Upload-Manager

"IE7 Standalone_is1" = Internet Explorer 7 Standalone

"InstallShield für Microsoft Visual C++ 6" = InstallShield für Microsoft Visual C++ 6

"InstallShield_{4A7FDA4D-F4D7-4A49-934A-066D59A43C7E}" = SmartSound Quicktracks Plugin

"InstallShield_{5D73F169-DD54-4C74-AEB0-CE72A4ED95E6}" = Algo Vision LuraTech Browser Plug-ins

"InstallShield_{E922961C-6DB6-41DE-9FEA-426DF3E9F81C}" = IBM 32-bit Runtime Environment for Java 2, v1.4.2

"IrfanView" = IrfanView (remove only)

"ISO Commander" = ISO Commander 1.6 (remove only)

"IsoBuster_is1" = IsoBuster 2.7

"jclasslib bytecode viewer 3.0" = jclasslib bytecode viewer 3.0

"KompoZer_is1" = KompoZer 0.77

"LAME for Audacity_is1" = LAME v3.98.2 for Audacity

"Lavasoft VX2 Cleaner" = Lavasoft VX2 Cleaner

"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware

"MediaInfo" = MediaInfo 0.7.29

"Microsoft .NET Framework 1.1  (1033)" = Microsoft .NET Framework 1.1

"Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU

"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1

"Microsoft Developer Network - Visual Studio 6.0a (deu)" = MSDN Library - Visual Studio 6.0a (Deutsch)

"Mozilla Firefox (3.6.10)" = Mozilla Firefox (3.6.10)

"Mozilla Thunderbird (3.1.4)" = Mozilla Thunderbird (3.1.4)

"Mp3tag" = Mp3tag v2.46a

"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP

"MyDefrag v4.2.5_is1" = MyDefrag v4.2.5

"MyDefrag v4.2.9_is1" = MyDefrag v4.2.9

"nbi-nb-base-6.0.0.0.200711201000" = NetBeans IDE 6.0 RC2

"nbi-nb-base-6.1.0.0.200804211638" = NetBeans IDE 6.1

"nbi-nb-base-6.5.0.0.200811100001" = NetBeans IDE 6.5

"nbi-nb-base-6.7.1.0.0" = NetBeans IDE 6.7.1

"nbi-nb-base-6.9.0.0.0" = NetBeans IDE 6.9

"nbi-nb-base-6.9.1.0.201006282301" = NetBeans IDE 6.9.1 Build 201006282301

"Nero - Burning Rom!UninstallKey" = Ahead Nero - Burning Rom

"Notepad++" = Notepad++

"NTFSRatio_is1" = NTFSRatio V1.3

"Nvu_is1" = Nvu 1.0

"OnScreenDisplay" = Anzeige am Bildschirm

"PC-Doctor 5 for Windows" = PC-Doctor 5 für Windows

"PFrank_is1" = Peter's Flexible RenAmiNg Kit (PFrank) 2.13

"Power Management Driver" = ThinkPad Power Management Driver

"Praesideo PC Callstation" = Praesideo PC Callstation

"Presentation Director" = ThinkPad-Präsentationsdirektor

"ProInst" = Intel PROSet Wireless

"QcDrv" = Logitech® Camera-Treiber

"RealPlayer 12.0" = RealPlayer

"RealVNC_is1" = VNC Free Edition 4.1.2

"Rename-It!" = Rename-It!

"ReNamer_is1" = ReNamer

"Secunia PSI" = Secunia PSI

"SequoiaView" = SequoiaView

"SpeedFan" = SpeedFan (remove only)

"SynTPDeinstKey" = ThinkPad UltraNav Driver

"ThinkPad FullScreen Magnifier" = ThinkPad FullScreen Magnifier

"ThinkPadSoftwareInstaller" = Installationsprogramm für ThinkPad-Software

"TPKBDLED" = Scroll Lock Indicator Utility

"TPP200" = USB Storage Adapter V2 (TPP)

"TPP300" = USB Storage Adapter V3 (TPP)

"TPP725" = USB Storage Adapter (TPP)

"TreeSize Free_is1" = TreeSize Free V2.2.1

"UltraDefrag" = Ultra Defragmenter

"Unlocker" = Unlocker 1.8.7

"VLC media player" = VLC media player 1.1.4

"VoipDiscount_is1" = VoipDiscount

"Wdf01005" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.5

"Wdf01009" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.9

"WebPost" = Microsoft Web Publishing Wizard 1.53

"WIC" = Windows Imaging Component

"Windows Media Encoder 9" = Windows Media Encoder 9-Reihe

"Windows Media Format Runtime" = Windows Media Format 11 runtime

"Windows Media Player" = Windows Media Player 11

"Windows XP Service Pack" = Windows XP Service Pack 3

"WinHex" = WinHex

"WinHTTrack Website Copier_is1" = WinHTTrack Website Copier 3.43

"WinMerge_is1" = WinMerge 2.12.4

"WinRAR archiver" = WinRAR

"winscp3_is1" = WinSCP 4.2.7

"WinZip" = WinZip

"WinZip Self-Extractor" = WinZip Self-Extractor

"WMFDist11" = Windows Media Format 11 runtime

"wmp11" = Windows Media Player 11

"Works2002Setup" = Microsoft Works 2002-Setup-Start

"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0

"X10Hardware" = X10 Hardware(TM)

"xdocdiff" = xdocdiff

"XP Codec Pack" = XP Codec Pack

"XpsEPSC" = XML Paper Specification Shared Components Pack 1.0

"XPSEPSCLP" = XML Paper Specification Shared Components Language Pack 1.0

"Z-DBackup" = Z-DBackup

"ZoomPlayer" = Zoom Player (remove only)

"ZoomPlayerLang" = Zoom Player deutsche Sprachdateien (entfernen)

 
 ========== HKEY_USERS Uninstall List ==========

 

[HKEY_USERS\S-1-5-21-999901472-3601035388-3065584919-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"{01D5859C-5207-4183-B88D-3DCD2022BC54}" = t@x 2008 Professional

"{40030378-9EB9-482A-AC10-195097CA624D}" = t@x 2009 Professional

"f6791b188d8f3ff8" = AVM FRITZ!Box USB-Fernanschluss

"InstallShield_{5F71EB81-C72E-4B28-8D90-FDEECFEBC2DE}" = PowerQuest Drive Image 2002

"jIRCii" = jIRCii

"muCommander" = muCommander

"StackTrace" = StackTrace

 
 ========== Last 10 Event Log Errors ==========

 

Error: Unable to start EventLog service!

 

< End of report >

--- --- ---

Zitat:

========== Win32 Services (SafeList) ==========

========== Driver Services (SafeList) ==========

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

Da fehlen schon wieder Passagen!!
Bist Du sicher, dass Du OTL direkt nach der Anleitung ausführst? :wtf: