Hallo ein alter log:
Malwarebytes' Anti-Malware 1.46
Malwarebytes
Datenbank Version: 5204
Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702
28.11.2010 14:59:27
mbam-log-2010-11-28 (14-59-27).txt
Art des Suchlaufs: Quick-Scan
Durchsuchte Objekte: 153649
Laufzeit: 8 Minute(n), 44 Sekunde(n)
Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 5
Infizierte Registrierungswerte: 2
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 0
Infizierte Dateien: 8
Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)
Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)
Infizierte Registrierungsschlüssel:
HKEY_CURRENT_USER\SOFTWARE\6BTOP2GA8A (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Handle (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\NtWqIVLZEWZU (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\SSHNAS (Trojan.Renos) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\ (Hijack.Zones) -> Quarantined and deleted successfully.
Infizierte Registrierungswerte:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\shell (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\{c8a63845-a088-5afd-33ba-15218d0c0cc9} (Trojan.ZbotR.Gen) -> Quarantined and deleted successfully.
Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)
Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)
Infizierte Dateien:
C:\Dokumente und Einstellungen\All Users\Desktop\Control Center.lnk (Rogue.ControlCenter) -> Quarantined and deleted successfully.
C:\Dokumente und Einstellungen\martin\Startmenü\Programme\Security Tool.LNK (Rogue.SecurityTool) -> Quarantined and deleted successfully.
C:\WINDOWS\Tasks\{62C40AA6-4406-467a-A5A5-DFDF1B559B7A}.job (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\WINDOWS\Tasks\{BBAEAEAF-1275-40e2-BD6C-BC8F88BD114A}.job (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Dokumente und Einstellungen\martin\Desktop\ThinkPoint.lnk (Rogue.ThinkPoint) -> Quarantined and deleted successfully.
C:\Dokumente und Einstellungen\martin\Startmenü\Programme\ThinkPoint.lnk (Rogue.ThinkPoint) -> Quarantined and deleted successfully.
C:\Dokumente und Einstellungen\martin\Anwendungsdaten\skvkfd.bat (Malware.Trace) -> Quarantined and deleted successfully.
C:\Dokumente und Einstellungen\martin\Anwendungsdaten\shire.bat (Malware.Trace) -> Quarantined and deleted successfully.
Aktueller Log:
Malwarebytes' Anti-Malware 1.50
Malwarebytes
Datenbank Version: 5251
Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702
05.12.2010 23:24:30
mbam-log-2010-12-05 (23-24-30).txt
Art des Suchlaufs: Vollständiger Suchlauf (C:\|)
Durchsuchte Objekte: 278035
Laufzeit: 56 Minute(n), 53 Sekunde(n)
Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 0
Infizierte Registrierungswerte: 0
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 0
Infizierte Dateien: 0
Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)
Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)
Infizierte Registrierungsschlüssel:
(Keine bösartigen Objekte gefunden)
Infizierte Registrierungswerte:
(Keine bösartigen Objekte gefunden)
Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)
Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)
Infizierte Dateien:
(Keine bösartigen Objekte gefunden)
OTL Logfile:OTL Logfile: Code:
OTL logfile created on: 05.12.2010 23:30:26 - Run 2
OTL by OldTimer - Version 3.2.17.3 Folder = C:\!Virus
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
1.015,00 Mb Total Physical Memory | 474,00 Mb Available Physical Memory | 47,00% Memory free
2,00 Gb Paging File | 2,00 Gb Available in Paging File | 80,00% Paging File free
Paging file location(s): C:\pagefile.sys 1524 3048 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 117,19 Gb Total Space | 77,17 Gb Free Space | 65,85% Space Free | Partition Type: NTFS
Drive D: | 107,42 Gb Total Space | 16,19 Gb Free Space | 15,08% Space Free | Partition Type: NTFS
Drive E: | 8,27 Gb Total Space | 3,68 Gb Free Space | 44,57% Space Free | Partition Type: FAT32
Computer Name: PM740 | User Name: martin | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - C:\!Virus\OTL.exe (OldTimer Tools)
PRC - C:\Programme\Uniblue\RegistryBooster\rbmonitor.exe (Uniblue Systems Limited)
PRC - C:\WINDOWS\system32\dgdersvc.exe (Devguru Co., Ltd.)
PRC - C:\WINDOWS\system32\FsUsbExService.Exe (Teruten)
PRC - C:\Programme\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
PRC - C:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
PRC - C:\Programme\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
PRC - C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)
PRC - C:\Programme\Avira\AntiVir Desktop\avshadow.exe (Avira GmbH)
PRC - C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe (Apple Inc.)
PRC - C:\Programme\Sony Ericsson\Mobile2\Mobile Phone Monitor\epmworker.exe (Sony Ericsson Mobile Communications AB)
PRC - C:\Programme\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe ()
PRC - C:\Programme\Gemeinsame Dateien\Teleca Shared\Generic.exe (Teleca AB)
PRC - C:\Programme\Browser MOUSE\mouse32a.exe ()
PRC - C:\Programme\Home Cinema\PowerDVD\PDVDServ.exe (Cyberlink Corp.)
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\Program Files\common files\Siemens\S7IEPG\s7oiehsx.exe (SIEMENS AG)
PRC - C:\Programme\CA\Etrust Antivirus\InoTask.exe (Computer Associates International, Inc.)
PRC - C:\Programme\CA\Etrust Antivirus\InoRT.exe (Computer Associates International, Inc.)
PRC - C:\Programme\CA\Etrust Antivirus\InoRpc.exe (Computer Associates International, Inc.)
========== Modules (SafeList) ==========
MOD - C:\!Virus\OTL.exe (OldTimer Tools)
MOD - C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll (Microsoft Corporation)
MOD - C:\Programme\Browser MOUSE\mouDL32A.dll ()
========== Win32 Services (SafeList) ==========
SRV - (MySql) -- C:\xampp\mysql\bin\mysqld-nt.exe File not found
SRV - (AppMgmt) -- C:\WINDOWS\System32\appmgmts.dll File not found
SRV - (dgdersvc) -- C:\WINDOWS\system32\dgdersvc.exe (Devguru Co., Ltd.)
SRV - (FsUsbExService) -- C:\WINDOWS\system32\FsUsbExService.Exe (Teruten)
SRV - (AntiVirSchedulerService) -- C:\Programme\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
SRV - (AntiVirService) -- C:\Programme\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
SRV - (WPFFontCache_v0400) -- C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe (Microsoft Corporation)
SRV - (clr_optimization_v4.0.30319_32) -- C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (Apple Mobile Device) -- C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe (Apple Inc.)
SRV - (Adobe LM Service) -- C:\Programme\Gemeinsame Dateien\Adobe Systems Shared\Service\Adobelmsvc.exe (Adobe Systems)
SRV - (FirebirdServerMAGIXInstance) -- C:\Programme\Common\Database\bin\fbserver.exe (MAGIX®)
SRV - (UPnPService) -- C:\Programme\Gemeinsame Dateien\MAGIX Shared\UPnPService\UPnPService.exe ()
SRV - (s7oiehsx) -- C:\Program Files\common files\Siemens\S7IEPG\s7oiehsx.exe (SIEMENS AG)
SRV - (InoTask) -- C:\Programme\CA\eTrust Antivirus\InoTask.exe (Computer Associates International, Inc.)
SRV - (InoRT) -- C:\Programme\CA\eTrust Antivirus\InoRT.exe (Computer Associates International, Inc.)
SRV - (InoRPC) -- C:\Programme\CA\eTrust Antivirus\InoRpc.exe (Computer Associates International, Inc.)
========== Driver Services (SafeList) ==========
DRV - (evvrbtd) -- C:\WINDOWS\System32\drivers\amgrse.sys File not found
DRV - (bDMusicb) -- C:\DOKUME~1\martin\LOKALE~1\Temp\bDMusicb.sys File not found
DRV - (avgntflt) -- C:\WINDOWS\system32\drivers\avgntflt.sys (Avira GmbH)
DRV - (dgderdrv) -- C:\WINDOWS\system32\drivers\dgderdrv.sys (Devguru Co., Ltd)
DRV - (FsUsbExDisk) -- C:\WINDOWS\system32\FsUsbExDisk.Sys ()
DRV - (avipbb) -- C:\WINDOWS\system32\drivers\avipbb.sys (Avira GmbH)
DRV - (ssmdrv) -- C:\WINDOWS\system32\drivers\ssmdrv.sys (Avira GmbH)
DRV - (avgio) -- C:\Programme\Avira\AntiVir Desktop\avgio.sys (Avira GmbH)
DRV - (STEC3) -- C:\WINDOWS\system32\STEC3.sys (AntiCracking)
DRV - (MPE) -- C:\WINDOWS\system32\drivers\mpe.sys (Microsoft Corporation)
DRV - (HDAudBus) -- C:\WINDOWS\system32\drivers\hdaudbus.sys (Windows (R) Server 2003 DDK provider)
DRV - (TTCinergyT2) TerraTec Cinergy T² (BDA) -- C:\WINDOWS\system32\drivers\TTCinergyT2BDA.sys (TerraTec Electronic GmbH)
DRV - (s115mgmt) Sony Ericsson Device 115 USB WMC Device Management Drivers (WDM) -- C:\WINDOWS\system32\drivers\s115mgmt.sys (MCCI Corporation)
DRV - (s115obex) -- C:\WINDOWS\system32\drivers\s115obex.sys (MCCI Corporation)
DRV - (s115mdm) -- C:\WINDOWS\system32\drivers\s115mdm.sys (MCCI Corporation)
DRV - (s115mdfl) -- C:\WINDOWS\system32\drivers\s115mdfl.sys (MCCI Corporation)
DRV - (s115bus) Sony Ericsson Device 115 driver (WDM) -- C:\WINDOWS\system32\drivers\s115bus.sys (MCCI Corporation)
DRV - (oxser) -- C:\WINDOWS\system32\drivers\oxser.sys (OEM)
DRV - (Navcar) -- C:\WINDOWS\system32\drivers\Navcar.sys (NAVMAN)
DRV - (usbsermpt) -- C:\WINDOWS\system32\drivers\usbsermpt.sys (Microsoft Corporation)
DRV - (MxlW2k) -- C:\WINDOWS\System32\drivers\MxlW2k.sys (MusicMatch, Inc.)
DRV - (IntcAzAudAddService) Service for Realtek HD Audio (WDM) -- C:\WINDOWS\system32\drivers\RtkHDAud.sys (Realtek Semiconductor Corp.)
DRV - (BALU) -- C:\WINDOWS\system32\drivers\balu.sys ()
DRV - (SynTP) -- C:\WINDOWS\system32\drivers\SynTP.sys (Synaptics, Inc.)
DRV - (w800obex) -- C:\WINDOWS\system32\drivers\w800obex.sys (MCCI)
DRV - (w800mgmt) -- C:\WINDOWS\system32\drivers\w800mgmt.sys (MCCI)
DRV - (w800mdm) -- C:\WINDOWS\system32\drivers\w800mdm.sys (MCCI)
DRV - (w800mdfl) -- C:\WINDOWS\system32\drivers\w800mdfl.sys (MCCI)
DRV - (w800bus) Sony Ericsson W800 driver (WDM) -- C:\WINDOWS\system32\drivers\w800bus.sys (MCCI)
DRV - (w29n51) Intel(R) -- C:\WINDOWS\system32\drivers\w29n51.sys (Intel® Corporation)
DRV - (HSF_DPV) -- C:\WINDOWS\system32\drivers\HSF_DPV.sys (Conexant Systems, Inc.)
DRV - (HSFHWAZL) -- C:\WINDOWS\system32\drivers\HSFHWAZL.sys (Conexant Systems, Inc.)
DRV - (winachsf) -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys (Conexant Systems, Inc.)
DRV - (RTL8023xp) -- C:\WINDOWS\system32\drivers\Rtlnicxp.sys (Realtek Semiconductor Corporation )
DRV - (HdAudAddService) -- C:\WINDOWS\system32\drivers\Hdaudio.sys (Windows (R) Server 2003 DDK provider)
DRV - (INO_FLTR) -- C:\WINDOWS\system32\drivers\ino_fltr.sys (Computer Associates)
DRV - (rtl8139) NT-Treiber für Realtek RTL8139(A/B/C) -- C:\WINDOWS\system32\drivers\RTL8139.sys (Realtek Semiconductor Corporation)
DRV - (Ser2pl) -- C:\WINDOWS\system32\drivers\ser2pl.sys (Prolific Technology Inc.)
DRV - (INO_FLPY) -- C:\WINDOWS\system32\Drivers\ino_flpy.sys (Computer Associates)
DRV - (S7oppilx) -- C:\WINDOWS\system32\drivers\s7oppilx.sys (SIEMENS AG)
DRV - (s7otranx) -- C:\WINDOWS\System32\Drivers\S7otranx.sys (SIEMENS AG)
DRV - (s7oppitx) -- C:\WINDOWS\System32\Drivers\S7oppitx.sys (SIEMENS AG)
DRV - (CBEN5) -- C:\WINDOWS\system32\drivers\cben5.sys (Xircom, Inc.)
DRV - (ASPI32) -- C:\WINDOWS\System32\drivers\ASPI32.sys (Adaptec)
DRV - (DirectNT) -- C:\WINDOWS\System32\drivers\DirectNT.sys (c't)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,First Home Page = about:blank
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = about:blank
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = Google Toolbar
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = Google Toolbar
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = about:blank
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = Google Toolbar
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.10\extensions\\Components: C:\Programme\Mozilla Firefox\components [2010.12.03 08:32:06 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.10\extensions\\Plugins: C:\Programme\Mozilla Firefox\plugins [2010.09.19 22:28:02 | 000,000,000 | ---D | M]
[2009.02.12 19:46:54 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\martin\Anwendungsdaten\Mozilla\Extensions
[2008.09.10 20:26:43 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\martin\Anwendungsdaten\Mozilla\Extensions\songbird@songbirdnest.com
[2010.12.02 18:54:36 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\martin\Anwendungsdaten\Mozilla\Firefox\Profiles\11tihfxtrz11defaul11t\extensions
[2010.11.10 18:12:48 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Dokumente und Einstellungen\martin\Anwendungsdaten\Mozilla\Firefox\Profiles\11tihfxtrz11defaul11t\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2010.12.03 21:02:33 | 000,000,000 | ---D | M] -- C:\Programme\Mozilla Firefox\extensions
[2010.05.11 12:15:21 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010.08.10 22:51:01 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
[2010.11.10 13:14:21 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
[2010.09.15 04:50:38 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Programme\Mozilla Firefox\plugins\npdeployJava1.dll
[2010.08.10 22:49:22 | 000,001,392 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\amazondotcom-de.xml
[2010.08.10 22:49:22 | 000,002,344 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\eBay-de.xml
[2010.08.10 22:49:22 | 000,006,805 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\leo_ende_de.xml
[2010.08.10 22:49:22 | 000,001,178 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\wikipedia-de.xml
[2010.08.10 22:49:22 | 000,001,105 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\yahoo-de.xml
O1 HOSTS File: ([2010.12.03 16:34:43 | 000,000,736 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Programme\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (no name) - {68F9551E-0411-48E4-9AAF-4BC42A6A46BE} - No CLSID value found.
O2 - BHO: (no name) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - No CLSID value found.
O2 - BHO: (no name) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - No CLSID value found.
O2 - BHO: (no name) - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - No CLSID value found.
O3 - HKLM\..\Toolbar: (Easy-WebPrint) - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Programme\Canon\Easy-WebPrint\Toolband.dll ()
O3 - HKLM\..\Toolbar: (&TerraTec Home Cinema) - {AD6E6555-FB2C-47D4-8339-3E2965509877} - C:\Programme\TerraTec\TerraTec Home Cinema\THCDeskBand.dll (TerraTec Electronic GmbH)
O3 - HKCU\..\Toolbar\ShellBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O4 - HKLM..\Run: [AntivirusRegistration] C:\Programme\CA\Etrust Antivirus\Register.exe ()
O4 - HKLM..\Run: [AppleSyncNotifier] C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe (Apple Inc.)
O4 - HKLM..\Run: [avgnt] C:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [FLMOFFICE4DMOUSE] C:\Programme\Browser MOUSE\mouse32a.exe ()
O4 - HKLM..\Run: [High Definition Audio Property Page Shortcut] C:\WINDOWS\System32\HdAShCut.exe (Windows (R) Server 2003 DDK provider)
O4 - HKLM..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe (Ahead Software Gmbh)
O4 - HKLM..\Run: [RemoteControl] C:\Programme\Home Cinema\PowerDVD\PDVDServ.exe (Cyberlink Corp.)
O4 - HKLM..\Run: [Sony Ericsson PC Suite] C:\Programme\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe ()
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)
O4 - HKCU..\Run: [KiesTrayAgent] File not found
O4 - HKCU..\Run: [RegistryBooster] C:\Programme\Uniblue\RegistryBooster\launcher.exe (Uniblue Systems Limited)
O4 - HKCU..\Run: [SpybotSD TeaTimer] C:\Programme\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
O4 - HKLM..\RunOnce: [Malwarebytes' Anti-Malware] C:\Programme\Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - Startup: C:\Dokumente und Einstellungen\martin\Startmenü\Programme\Autostart\Adobe Gamma.lnk = C:\Programme\Gemeinsame Dateien\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9 - Extra Button: IE-Spuren löschen - {6C7C0C9A-B51D-4ADB-A74D-C4E33744F866} - C:\Programme\TraXEx\Integration\TraXEx Internet Explorer.lnk ()
O9 - Extra Button: Löschautomat - {8DA7743F-9274-4BE8-899E-C0FF6ED61B00} - C:\Programme\TraXEx\Integration\TraXEx Löschautomat.lnk ()
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Programme\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\WINDOWS\system32\nwprovau.dll (Microsoft Corporation)
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} hxxp://www.apple.com/qtactivex/qtplugin.cab (QuickTime Object)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} hxxp://fpdownload.macromedia.com/get/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} hxxp://go.microsoft.com/fwlink/?linkid=39204 (Windows Genuine Advantage Validation Tool)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} hxxp://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1134055363296 (WUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-0014-0002-0000-ABCDEFFEDCBA} Java Plug-in Technology (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0015-0000-0003-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_03-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_01-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_02-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Gemeinsame Dateien\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\WINDOWS\System32\igfxdev.dll (Intel Corporation)
O24 - Desktop Components:0 (Die derzeitige Homepage) - About:Home
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2005.12.08 12:41:24 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{dd36fa4a-ce56-11df-81e8-0040d086a225}\Shell\AutoRun\command - "" = H:\Get_Started_for_Win.exe -- File not found
O33 - MountPoints2\{fa57a275-c709-11da-803f-806d6172696f}\Shell - "" = AutoRun
O33 - MountPoints2\{fa57a275-c709-11da-803f-806d6172696f}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{fa57a275-c709-11da-803f-806d6172696f}\Shell\AutoRun\command - "" = F:\tools\shelexec.exe html\index.htm -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 30 Days ==========
[2010.12.04 13:13:31 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\martin\Anwendungsdaten\Uniblue
[2010.12.04 13:13:23 | 000,000,000 | -H-D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\{F03307B7-E779-4F5E-A32E-9A73D8D6E0F2}
[2010.12.04 13:13:20 | 000,000,000 | ---D | C] -- C:\Programme\Uniblue
[2010.12.04 13:13:10 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\martin\Lokale Einstellungen\Anwendungsdaten\PackageAware
[2010.12.04 13:12:13 | 000,000,000 | ---D | C] -- C:\Qoobox
[2010.12.04 10:16:03 | 000,000,000 | ---D | C] -- C:\!Virus2
[2010.12.04 10:13:07 | 000,000,000 | -HSD | C] -- C:\Dokumente und Einstellungen\martin\IECompatCache
[2010.12.04 00:11:27 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\martin\Eigene Dateien\NeroVision
[2010.12.03 16:40:45 | 000,000,000 | ---D | C] -- C:\Programme\TraXEx
[2010.12.02 23:51:03 | 000,000,000 | RH-D | C] -- C:\Dokumente und Einstellungen\martin\Recent
[2010.12.02 21:18:30 | 000,000,000 | ---D | C] -- C:\.Trash-500
[2010.12.02 17:52:43 | 000,000,000 | ---D | C] -- C:\Programme\trend micro
[2010.12.02 17:52:42 | 000,000,000 | ---D | C] -- C:\rsit
[2010.12.02 17:28:49 | 000,000,000 | ---D | C] -- C:\Programme\CCleaner
[2010.12.01 23:58:20 | 000,000,000 | ---D | C] -- C:\!Virus
[2010.12.01 18:00:40 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\martin\Anwendungsdaten\Avira
[2010.12.01 13:11:55 | 000,126,856 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avipbb.sys
[2010.12.01 13:11:55 | 000,061,960 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avgntflt.sys
[2010.12.01 13:11:55 | 000,045,416 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avgntdd.sys
[2010.12.01 13:11:55 | 000,028,520 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\ssmdrv.sys
[2010.12.01 13:11:55 | 000,022,360 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avgntmgr.sys
[2010.12.01 13:11:54 | 000,000,000 | ---D | C] -- C:\Programme\Avira
[2010.12.01 13:11:54 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Avira
[2010.12.01 00:06:12 | 000,000,000 | ---D | C] -- C:\Programme\Spybot - Search & Destroy
[2010.12.01 00:06:12 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Spybot - Search & Destroy
[2010.11.30 23:37:28 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\martin\Eigene Dateien\Downloads
[2010.11.30 18:41:10 | 001,035,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
[2010.11.30 18:35:17 | 000,000,000 | ---D | C] -- C:\WINDOWS\pss
[2010.11.30 18:33:14 | 000,000,000 | ---D | C] -- C:\Programme\RunAlyzer
[2010.11.30 18:16:41 | 000,000,000 | ---D | C] -- C:\Programme\Trojancheck 6
[2010.11.29 12:57:02 | 000,000,000 | ---D | C] -- C:\INFECTED
[2010.11.28 14:42:06 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\martin\Anwendungsdaten\Malwarebytes
[2010.11.28 14:41:41 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010.11.28 14:41:39 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2010.11.28 14:41:39 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Malwarebytes
[2010.11.28 14:41:39 | 000,000,000 | ---D | C] -- C:\Programme\Anti-Malware
[2010.11.28 08:36:14 | 006,153,648 | ---- | C] (Malwarebytes Corporation ) -- C:\mbam-setup.exe
[2010.11.26 19:28:17 | 000,000,000 | ---D | C] -- C:\INFECTED2
[2010.11.26 18:45:40 | 000,000,000 | ---D | C] -- C:\Programme\win
[2010.11.26 18:45:20 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\martin\Anwendungsdaten\Ydxae
[2010.11.26 18:45:17 | 000,000,000 | -H-D | C] -- C:\Dokumente und Einstellungen\All Users\Dokumente\Server
[2010.11.23 18:12:22 | 000,000,000 | ---D | C] -- C:\Programme\Free DVD MP3 Ripper
[2010.11.15 18:19:28 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\System32
[2010.11.15 18:12:18 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\martin\Eigene Dateien\Samsung
[2010.11.15 18:12:13 | 000,217,088 | ---- | C] (Teruten) -- C:\WINDOWS\System32\FsUsbExService.Exe
[2010.11.15 18:03:36 | 000,000,000 | ---D | C] -- C:\Programme\REALTEK Semiconductor Corporation
[2010.11.15 18:01:49 | 000,000,000 | ---D | C] -- C:\Programme\PC Connectivity Solution
[2010.11.15 18:00:55 | 000,000,000 | ---D | C] -- C:\Programme\Common Files
[2010.11.15 18:00:47 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\martin\Anwendungsdaten\Samsung
[2010.11.15 18:00:46 | 000,000,000 | ---D | C] -- C:\Programme\MarkAny
[2010.11.15 18:00:45 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Samsung
[2010.11.15 17:56:30 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\en-US
[2010.11.15 17:56:15 | 000,000,000 | ---D | C] -- C:\Programme\Microsoft.NET
[2010.11.15 17:56:06 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2010.11.15 17:32:56 | 000,000,000 | ---D | C] -- C:\Programme\Gemeinsame Dateien\Samsung
[2010.11.10 13:14:19 | 000,153,376 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe
[2010.11.10 13:14:19 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe
[2010.11.10 13:14:19 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe
[5 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2010.12.05 22:14:57 | 000,000,662 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2010.12.05 22:10:15 | 000,061,960 | ---- | M] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avgntflt.sys
[2010.12.05 22:09:02 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010.12.05 22:08:02 | 000,000,258 | ---- | M] () -- C:\WINDOWS\tasks\RegistryBooster.job
[2010.12.05 22:07:54 | 1064,812,544 | -HS- | M] () -- C:\hiberfil.sys
[2010.12.05 22:07:54 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010.12.04 22:38:53 | 000,000,041 | ---- | M] () -- C:\WINDOWS\Filzip.ini
[2010.12.04 13:13:27 | 000,001,685 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Uniblue RegistryBooster.lnk
[2010.12.03 22:07:25 | 000,000,229 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2010.12.03 21:14:36 | 000,000,255 | ---- | M] () -- C:\boot.ini
[2010.12.03 16:40:50 | 000,001,626 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\TraXEx-Löschautomat.lnk
[2010.12.03 16:40:50 | 000,001,588 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\TraXEx-Schredder.lnk
[2010.12.03 16:40:50 | 000,000,738 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\TraXEx 3.3.lnk
[2010.12.03 16:34:43 | 000,000,736 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2010.12.02 20:42:33 | 000,171,008 | ---- | M] () -- C:\Dokumente und Einstellungen\martin\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.12.02 19:06:57 | 000,121,336 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010.12.01 20:00:31 | 000,001,521 | ---- | M] () -- C:\WINDOWS\Citamis.str
[2010.12.01 20:00:23 | 000,000,183 | ---- | M] () -- C:\WINDOWS\Microwin.ini
[2010.11.30 17:17:08 | 000,000,041 | ---- | M] () -- C:\WINDOWS\System32\Filzip.ini
[2010.11.29 17:42:18 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010.11.29 17:42:06 | 000,020,952 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2010.11.28 13:23:33 | 000,467,148 | ---- | M] () -- C:\WINDOWS\System32\perfh007.dat
[2010.11.28 13:23:33 | 000,448,000 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010.11.28 13:23:33 | 000,088,656 | ---- | M] () -- C:\WINDOWS\System32\perfc007.dat
[2010.11.28 13:23:33 | 000,072,920 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010.11.28 08:40:13 | 000,036,660 | ---- | M] () -- C:\tasklist.zip
[2010.11.28 08:35:44 | 006,153,648 | ---- | M] (Malwarebytes Corporation ) -- C:\mbam-setup.exe
[2010.11.27 00:30:26 | 000,000,006 | ---- | M] () -- C:\Dokumente und Einstellungen\martin\Anwendungsdaten\start
[2010.11.26 23:50:11 | 000,000,006 | ---- | M] () -- C:\Dokumente und Einstellungen\martin\Anwendungsdaten\completescan
[2010.11.26 19:11:31 | 000,000,010 | ---- | M] () -- C:\Dokumente und Einstellungen\martin\Anwendungsdaten\install
[2010.11.23 21:05:20 | 002,364,701 | ---- | M] () -- C:\Dokumente und Einstellungen\martin\Eigene Dateien\5_8_Anleitung_Netzwerk_File_Manager.pdf
[2010.11.19 22:55:35 | 000,267,463 | ---- | M] () -- C:\WINDOWS\cdplayer.ini
[2010.11.15 18:07:28 | 000,001,592 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Samsung Kies.lnk
[2010.11.15 17:52:26 | 000,002,006 | ---- | M] () -- C:\aqua_bitmap.cpp
[2010.11.07 23:36:43 | 000,787,555 | ---- | M] () -- C:\Dokumente und Einstellungen\martin\Desktop\Samsung C3300.pdf
[5 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
========== Files Created - No Company Name ==========
[2010.12.05 22:14:57 | 000,000,662 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2010.12.04 21:49:06 | 1064,812,544 | -HS- | C] () -- C:\hiberfil.sys
[2010.12.04 13:13:35 | 000,000,258 | ---- | C] () -- C:\WINDOWS\tasks\RegistryBooster.job
[2010.12.04 13:13:21 | 000,001,685 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Uniblue RegistryBooster.lnk
[2010.12.03 16:40:50 | 000,001,626 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\TraXEx-Löschautomat.lnk
[2010.12.03 16:40:50 | 000,001,588 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\TraXEx-Schredder.lnk
[2010.12.03 16:40:50 | 000,000,738 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\TraXEx 3.3.lnk
[2010.11.29 23:57:46 | 000,000,041 | ---- | C] () -- C:\WINDOWS\System32\Filzip.ini
[2010.11.28 08:40:28 | 000,036,660 | ---- | C] () -- C:\tasklist.zip
[2010.11.27 00:30:26 | 000,000,006 | ---- | C] () -- C:\Dokumente und Einstellungen\martin\Anwendungsdaten\start
[2010.11.26 23:50:11 | 000,000,006 | ---- | C] () -- C:\Dokumente und Einstellungen\martin\Anwendungsdaten\completescan
[2010.11.26 19:11:31 | 000,000,010 | ---- | C] () -- C:\Dokumente und Einstellungen\martin\Anwendungsdaten\install
[2010.11.25 19:23:31 | 000,011,807 | ---- | C] () -- C:\SoftcamMotor.key
[2010.11.23 21:05:19 | 002,364,701 | ---- | C] () -- C:\Dokumente und Einstellungen\martin\Eigene Dateien\5_8_Anleitung_Netzwerk_File_Manager.pdf
[2010.11.15 18:25:47 | 000,118,898 | ---- | C] () -- C:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\Anwendungsdaten\WPFFontCache_v0400-System.dat
[2010.11.15 18:12:13 | 000,110,592 | ---- | C] () -- C:\WINDOWS\System32\FsUsbExDevice.Dll
[2010.11.15 18:12:13 | 000,036,640 | ---- | C] () -- C:\WINDOWS\System32\FsUsbExDisk.Sys
[2010.11.15 18:07:28 | 000,001,592 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Samsung Kies.lnk
[2010.11.15 17:31:33 | 000,002,006 | ---- | C] () -- C:\aqua_bitmap.cpp
[2010.11.07 23:36:43 | 000,787,555 | ---- | C] () -- C:\Dokumente und Einstellungen\martin\Desktop\Samsung C3300.pdf
[2010.09.22 18:48:44 | 000,000,264 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2010.09.15 09:41:54 | 000,974,848 | ---- | C] () -- C:\WINDOWS\System32\cis-2.4.dll
[2010.09.15 09:41:54 | 000,081,920 | ---- | C] () -- C:\WINDOWS\System32\issacapi_bs-2.3.dll
[2010.09.15 09:41:54 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\issacapi_pe-2.3.dll
[2010.09.15 09:41:54 | 000,057,344 | ---- | C] () -- C:\WINDOWS\System32\issacapi_se-2.3.dll
[2009.05.17 11:52:59 | 000,000,029 | ---- | C] () -- C:\WINDOWS\AlphaPlayer.INI
[2009.04.01 18:33:12 | 000,000,000 | ---- | C] () -- C:\WINDOWS\ETEST32.INI
[2009.04.01 18:29:39 | 000,000,082 | ---- | C] () -- C:\WINDOWS\teof.ini
[2009.04.01 18:29:25 | 000,000,666 | ---- | C] () -- C:\WINDOWS\TOOLSET.INI
[2009.04.01 18:28:47 | 000,001,210 | ---- | C] () -- C:\WINDOWS\TOOL32.INI
[2009.02.21 00:19:35 | 000,000,205 | ---- | C] () -- C:\WINDOWS\inpa_ist.ini
[2008.06.16 22:52:09 | 000,000,000 | ---- | C] () -- C:\WINDOWS\mngui.INI
[2008.02.13 23:32:22 | 000,000,183 | ---- | C] () -- C:\WINDOWS\Microwin.ini
[2007.12.03 19:45:26 | 000,363,520 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2007.04.10 21:26:16 | 000,028,060 | ---- | C] () -- C:\Dokumente und Einstellungen\martin\Anwendungsdaten\mdb.bin
[2007.03.08 23:44:35 | 000,000,240 | ---- | C] () -- C:\Dokumente und Einstellungen\martin\Anwendungsdaten\Solve Elec 2.0 Prefs
[2007.03.08 23:34:41 | 000,000,918 | ---- | C] () -- C:\WINDOWS\cPVAS.INI
[2007.02.06 23:58:00 | 000,000,956 | ---- | C] () -- C:\WINDOWS\xxclone.ini
[2006.12.18 18:12:49 | 000,000,058 | ---- | C] () -- C:\WINDOWS\my.ini
[2006.10.11 22:27:55 | 000,000,000 | ---- | C] () -- C:\WINDOWS\stduser.ini
[2006.10.03 15:06:16 | 000,000,056 | RHS- | C] () -- C:\WINDOWS\System32\672D2202E2.sys
[2006.09.27 21:27:55 | 000,579,602 | ---- | C] () -- C:\WINDOWS\System32\x264vfw.dll
[2006.09.25 23:49:34 | 000,171,008 | ---- | C] () -- C:\Dokumente und Einstellungen\martin\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2006.08.27 21:27:17 | 000,000,957 | ---- | C] () -- C:\WINDOWS\PVAStrumento.ini
[2006.05.09 08:44:10 | 000,003,237 | ---- | C] () -- C:\WINDOWS\mgxoschk.ini
[2006.05.04 21:54:45 | 000,008,704 | ---- | C] () -- C:\WINDOWS\System32\CNMVS78.DLL
[2006.04.21 21:09:17 | 000,000,112 | ---- | C] () -- C:\WINDOWS\ActiveSkin.INI
[2006.04.10 23:42:09 | 000,267,463 | ---- | C] () -- C:\WINDOWS\cdplayer.ini
[2006.04.10 11:19:28 | 000,037,888 | ---- | C] () -- C:\WINDOWS\System32\setupnt.dll
[2006.04.09 22:04:44 | 000,000,041 | ---- | C] () -- C:\WINDOWS\Filzip.ini
[2006.04.09 08:17:54 | 000,000,229 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2006.04.08 15:22:22 | 000,000,139 | ---- | C] () -- C:\Dokumente und Einstellungen\martin\Lokale Einstellungen\Anwendungsdaten\fusioncache.dat
[2006.04.08 15:22:22 | 000,000,078 | ---- | C] () -- C:\Dokumente und Einstellungen\martin\Anwendungsdaten\sversion.ini
[2005.12.19 13:28:00 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2005.12.16 08:39:15 | 000,003,776 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini
[2005.12.16 07:56:51 | 000,010,856 | -HS- | C] () -- C:\WINDOWS\System32\KGyGaAvL.sys
[2005.12.16 07:56:51 | 000,000,008 | RHS- | C] () -- C:\WINDOWS\System32\065F44A906.sys
[2005.12.08 12:45:54 | 000,000,863 | ---- | C] () -- C:\WINDOWS\orun32.ini
[2005.12.08 12:33:01 | 000,004,346 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2005.12.08 12:25:31 | 000,000,896 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini
[2005.07.15 10:47:44 | 000,010,240 | ---- | C] () -- C:\WINDOWS\System32\drivers\balu.sys
[2005.07.14 11:31:20 | 000,027,648 | RHS- | C] () -- C:\WINDOWS\System32\AVSredirect.dll
[2005.06.21 21:37:42 | 000,045,568 | RHS- | C] () -- C:\WINDOWS\System32\cygz.dll
[2004.09.28 22:54:30 | 003,375,104 | ---- | C] () -- C:\WINDOWS\System32\qt-mt331.dll
[2003.08.07 20:01:50 | 000,237,568 | ---- | C] () -- C:\WINDOWS\System32\lame_enc.dll
[2002.06.11 08:08:00 | 000,023,180 | ---- | C] () -- C:\WINDOWS\System32\evgainit.sys
[2002.05.13 10:16:19 | 000,356,352 | ---- | C] () -- C:\WINDOWS\System32\xvid.dll
< End of report > --- --- ---
OTL extra logfileOTL Logfile: Code:
OTL Extras logfile created on: 05.12.2010 23:30:26 - Run 2
OTL by OldTimer - Version 3.2.17.3 Folder = C:\!Virus
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
1.015,00 Mb Total Physical Memory | 474,00 Mb Available Physical Memory | 47,00% Memory free
2,00 Gb Paging File | 2,00 Gb Available in Paging File | 80,00% Paging File free
Paging file location(s): C:\pagefile.sys 1524 3048 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 117,19 Gb Total Space | 77,17 Gb Free Space | 65,85% Space Free | Partition Type: NTFS
Drive D: | 107,42 Gb Total Space | 16,19 Gb Free Space | 15,08% Space Free | Partition Type: NTFS
Drive E: | 8,27 Gb Total Space | 3,68 Gb Free Space | 44,57% Space Free | Partition Type: FAT32
Computer Name: PM740 | User Name: martin | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Programme\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
htmlfile [edit] -- "C:\Programme\Adobe\Adobe GoLive CS2\GoLive.exe" "%1" ()
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [ID3-TagIT] -- "C:\Programme\ID3-TagIT 3\ID3-TagIT.exe" "/P=%1" ( )
Directory [MediaMonkey.1Play] -- "C:\Programme\MediaMonkey\MediaMonkey.exe" "%1" (Ventis Media Inc.)
Directory [MediaMonkey.2PlayNext] -- "C:\Programme\MediaMonkey\MediaMonkey.exe" /NEXT "%1" (Ventis Media Inc.)
Directory [MediaMonkey.3Enqueue] -- "C:\Programme\MediaMonkey\MediaMonkey.exe" /ADD "%1" (Ventis Media Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows NT\SystemRestore]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 4
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002
"10243:TCP" = 10243:TCP:LocalSubNet:Enabled:Windows Media Player-Netzwerkfreigabedienst
"10280:UDP" = 10280:UDP:LocalSubNet:Enabled:Windows Media Player-Netzwerkfreigabedienst
"10281:UDP" = 10281:UDP:LocalSubNet:Enabled:Windows Media Player-Netzwerkfreigabedienst
"10282:UDP" = 10282:UDP:LocalSubNet:Enabled:Windows Media Player-Netzwerkfreigabedienst
"10283:UDP" = 10283:UDP:LocalSubNet:Enabled:Windows Media Player-Netzwerkfreigabedienst
"10284:UDP" = 10284:UDP:LocalSubNet:Enabled:Windows Media Player-Netzwerkfreigabedienst
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002
"10243:TCP" = 10243:TCP:LocalSubNet:Enabled:Windows Media Player-Netzwerkfreigabedienst
"10280:UDP" = 10280:UDP:LocalSubNet:Enabled:Windows Media Player-Netzwerkfreigabedienst
"10281:UDP" = 10281:UDP:LocalSubNet:Enabled:Windows Media Player-Netzwerkfreigabedienst
"10282:UDP" = 10282:UDP:LocalSubNet:Enabled:Windows Media Player-Netzwerkfreigabedienst
"10283:UDP" = 10283:UDP:LocalSubNet:Enabled:Windows Media Player-Netzwerkfreigabedienst
"10284:UDP" = 10284:UDP:LocalSubNet:Enabled:Windows Media Player-Netzwerkfreigabedienst
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Programme\Skype\Phone\Skype.exe" = C:\Programme\Skype\Phone\Skype.exe:*:Enabled:Skype -- File not found
"C:\Dokumente und Einstellungen\martin\Lokale Einstellungen\Temp\{96473658-49EE-46D6-8858-1D7DBE17162C}\{63B9BAB5-F36A-4A3B-9E5C-68A7F212BFB9}\CinergyDvrHelper.exe" = C:\Dokumente und Einstellungen\martin\Lokale Einstellungen\Temp\{96473658-49EE-46D6-8858-1D7DBE17162C}\{63B9BAB5-F36A-4A3B-9E5C-68A7F212BFB9}\CinergyDvrHelper.exe:*:Enabled:TerraTec Home Cinema (Setup) -- File not found
"C:\Programme\TerraTec\TerraTec Home Cinema\CinergyDvrHelper.exe" = C:\Programme\TerraTec\TerraTec Home Cinema\CinergyDvrHelper.exe:*:Enabled:TerraTec Home Cinema (Setup) -- (TerraTec Electronic GmbH)
"C:\Programme\TerraTec\TerraTec Home Cinema\tvtvSetup\tvtv_Wizard.exe" = C:\Programme\TerraTec\TerraTec Home Cinema\tvtvSetup\tvtv_Wizard.exe:*:Enabled:TerraTec tvtv Setup -- (TerraTec Electronic GmbH)
"C:\Programme\TerraTec\TerraTec Home Cinema\CinergyDvr.exe" = C:\Programme\TerraTec\TerraTec Home Cinema\CinergyDvr.exe:*:Enabled:TerraTec Home Cinema -- (TerraTec Electronic GmbH)
"C:\Programme\TerraTec\TerraTec Home Cinema\CinergyDvrUpdate\CinergyDvrUp_date.exe" = C:\Programme\TerraTec\TerraTec Home Cinema\CinergyDvrUpdate\CinergyDvrUp_date.exe:*:Enabled:TerraTec Auto Update -- (TerraTec Electronic GmbH)
"C:\Programme\iTunes\iTunes.exe" = C:\Programme\iTunes\iTunes.exe:*:Enabled:iTunes -- (Apple Inc.)
"C:\WINDOWS\system32\muzapp.exe" = C:\WINDOWS\system32\muzapp.exe:*:Enabled:MUZ AOD APP player -- (Musiccity Co.Ltd.)
"C:\Dokumente und Einstellungen\martin\Lokale Einstellungen\Temp\RarSFX0\AutoRunSource\Tools\STBDaemon_102.exe" = C:\Dokumente und Einstellungen\martin\Lokale Einstellungen\Temp\RarSFX0\AutoRunSource\Tools\STBDaemon_102.exe:*:Enabled:TODO: <File description> -- File not found
"C:\Programme\Mozilla Firefox\firefox.exe" = C:\Programme\Mozilla Firefox\firefox.exe:*:Disabled:Firefox -- (Mozilla Corporation)
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{09FF4DB8-7DE9-4D47-B7DB-915DB7D9A8CA}" = Uniblue RegistryBooster
"{0D93041A-03EC-11DA-BFBD-00065BBDC0B5}" = MSN Messenger 7.5
"{12A9A77A-C9DA-4576-A8D0-ADF1D3E8A314}" = Großer Reiseplaner 2006/2007
"{18D10072035C4515918F7E37EAFAACFC}" = AutoUpdate
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{219BB7DF-83BA-44C6-A362-D17981FBD285}" = GPS Information
"{25BEC3AB-5CD4-481D-9143-215C1BBB189E}" = Sony Ericsson PC Suite
"{26A24AE4-039D-4CA4-87B4-2F83216010FF}" = Java(TM) 6 Update 22
"{3248F0A8-6813-11D6-A77B-00B0D0150030}" = J2SE Runtime Environment 5.0 Update 3
"{3248F0A8-6813-11D6-A77B-00B0D0160010}" = Java(TM) SE Runtime Environment 6 Update 1
"{3248F0A8-6813-11D6-A77B-00B0D0160020}" = Java(TM) 6 Update 2
"{3248F0A8-6813-11D6-A77B-00B0D0160030}" = Java(TM) 6 Update 3
"{3248F0A8-6813-11D6-A77B-00B0D0160050}" = Java(TM) 6 Update 5
"{3248F0A8-6813-11D6-A77B-00B0D0160070}" = Java(TM) 6 Update 7
"{350C97B3-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{38EE230F-F631-451F-8800-E29F5E5C9E7D}" = iTunes Library Updater
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3D5E5C0A-5B36-4F98-99A7-287F7DBDCE03}" = Skype Plugin Manager
"{46548E80-0407-0000-7E8A-45000F855001}" = Adobe GoLive CS2
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{5D5E101E-6E25-4497-944E-373D9DB20A07}" = Cuttermaran 1.67
"{5E977DEC-5BB4-44C7-9FE5-9357D2DB4FCB}" = Disc2Phone
"{63569CE9-FA00-469C-AF5C-E5D4D93ACF91}" = Windows Genuine Advantage v1.3.0254.0
"{63B9BAB5-F36A-4A3B-9E5C-68A7F212BFB9}" = TerraTec Home Cinema
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{6BFF4534-7608-41F0-85F7-31A0569D8960}" = eTrust Registration
"{6C8F5E8A-616B-4309-9F4B-21DAF3C05CAA}" = RADIOandDJ
"{6DA9102E-199F-43A0-A36B-6EF48081A658}" = Systemsteuerung "MobileMe"
"{7148F0A8-6813-11D6-A77B-00B0D0142000}" = Java 2 Runtime Environment, SE v1.4.2
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{754AFD82-CDB9-4DED-9192-BA39D47589BC}" = PsychicMP3 v2.00
"{76EFFC7C-17A6-479D-9E47-8E658C1695AE}" = Windows-Sicherungsprogramm
"{786C5747-0C40-4930-9AFE-113BCE553101}" = Adobe Stock Photos 1.0
"{7B63B2922B174135AFC0E1377DD81EC2}" = DivX Pro
"{8A708DD8-A5E6-11D4-A706-000629E95E20}" = Intel(R) Graphics Media Accelerator Driver for Mobile
"{8ADFC4160D694100B5B8A22DE9DCABD9}" = DivX Player
"{8DC42D05-680B-41B0-8878-6C14D24602DB}" = QuickTime
"{8EDBA74D-0686-4C99-BFDD-F894678E5101}" = Adobe Common File Installer
"{8EF1122E-E90C-4EE9-AB0C-7FDE2BA42C26}" = Musicmatch® Jukebox
"{94FB906A-CF42-4128-A509-D353026A607E}" = REALTEK Gigabit and Fast Ethernet NIC Driver
"{965E0437-A82D-4683-B1E8-3C93DBBDCB46}" = Cuttermaran 1.68a
"{976C2B2A-CE59-4AB3-83FB-BF895E28F2E6}" = Apple Mobile Device Support
"{A5181519-9F3D-4372-ABC6-C333C2F3A816}_is1" = RunAlyzer
"{AC76BA86-7AD7-1031-7B44-A71000000002}" = Adobe Reader 7.1.0 - Deutsch
"{AD88355B-A4E0-4DA1-BAC3-EA4FEA930691}" = Ipswitch WS_FTP Pro
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B508B3F1-A24A-32C0-B310-85786919EF28}" = Microsoft .NET Framework 2.0 Service Pack 1
"{B5688129-7595-4E5B-9990-CEF981A31264}" = SyncToy
"{B74D4E10-6884-0000-0000-000000000103}" = Adobe Bridge 1.0
"{C60BA916-9E44-4DA4-B11A-9E27B7624EF5}" = Sony Ericsson Drivers
"{C7340571-7773-4A8C-9EBC-4E4243B38C76}" = Microsoft XML Parser
"{C92E7DF1-624A-4D95-A4C4-18CB491B44A4}" = Sony Ericsson Device Data
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CC55BD24-C1A6-4397-8EA3-2F30E74BDA2B}" = CA eTrust Antivirus
"{CCC01ADD-3A54-11D6-92A8-00A0245B3AC6}" = SIMATIC Device Drivers
"{CCC18ADD-3A54-11D6-92A8-00A0245B3AC6}" = SIMATIC Industrial Ethernet PG
"{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}" = SAMSUNG USB Driver for Mobile Phones
"{D6BF6477-8369-489F-8DE6-3731F4B88560}" = Sony Ericsson PC Suite
"{D6CD26FD-CD7F-4C86-96A3-EEBFABE5FE47}" = Kies
"{DDDE0BE3-0CBE-4BF6-B75A-E3F69C947843}" = iTunes
"{E78BFA60-5393-4C38-82AB-E8019E464EB4}" = Microsoft .NET Framework 1.1 German Language Pack
"{E9787678-119F-4D52-B551-6739B2B22101}" = Adobe Help Center 1.0
"{ECC3713C-08A4-40E3-95F1-7D0704F1CE5E}" = PL-2303 USB-to-Serial
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{FCE65C4E-B0E8-4FBD-AD16-EDCBE6CD591F}" = HighMAT-Erweiterung für den Microsoft Windows XP-Assistenten zum Schreiben von CDs
"79B08B825D0B6F029183E3C04190D86AEE93AF12" = Windows Driver Package - Texas Instruments (usbser) Ports (05/01/2009 1.1.0.0)
"7-Zip" = 7-Zip 4.32
"AC3Filter_is1" = AC3Filter 1.63b
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe GoLive CS2 Deutsch" = Adobe GoLive CS2 Deutsch
"Audacity_is1" = Audacity 1.2.3
"Audiograbber" = Audiograbber 1.83 SE
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"AviSynth" = AviSynth 2.5
"BrettspielWelt" = BrettspielWelt
"Bridge_Base_Online" = Bridge Base Online
"Browser MOUSE" = Browser MOUSE
"CANONBJ_Deinstall_CNMCP78.DLL" = Canon iP4200
"CCleaner" = CCleaner
"CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2BFA&SUBSYS_14F10001" = HDAUDIO Soft Data Fax Modem with SmartCP
"DC-Bass Source" = DC-Bass Source 1.1.1
"DirectVobSub" = DirectVobSub (remove only)
"DScaler 5 Mpeg Decoders_is1" = DScaler 5 Mpeg Decoders
"Easy-WebPrint" = Easy-WebPrint
"ffdshow_is1" = ffdshow [rev 2527] [2008-12-19]
"Filzip 3.0.4.66_is1" = Filzip 3.04
"Firebird SQL Server D" = Firebird SQL Server - MAGIX Edition (D)
"FLV Player" = FLV Player 2.0 (build 25)
"Free DVD MP3 Ripper_is1" = Free DVD MP3 Ripper 1.12
"GXTranscoder v2" = GXTranscoder v2
"HaaliMkx" = Haali Media Splitter
"ID3-TagIT 3_is1" = ID3-TagIT 3
"ie8" = Windows Internet Explorer 8
"InstallShield_{D6CD26FD-CD7F-4C86-96A3-EEBFABE5FE47}" = Kies
"IrfanView" = IrfanView (remove only)
"KiCad" = KiCad 2007.07.09
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"MediaMonkey_is1" = MediaMonkey 3.2
"MeGUI modern media encoder" = MeGUI modern media encoder (remove only)
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"MONOGRAM AMR Splitter/Decoder" = MONOGRAM AMR Splitter/Decoder (remove only)
"Mozilla Firefox (3.6.10)" = Mozilla Firefox (3.6.10)
"MPE" = MyPhoneExplorer
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"NeroMultiInstaller!UninstallKey" = Nero Suite
"OpenSource DTS/AC3/DD+ Source Filter" = OpenSource DTS/AC3/DD+ Source Filter (remove only)
"OpenSource Flash Video Splitter" = OpenSource Flash Video Splitter (remove only)
"SHOUTcast Source" = SHOUTcast Source (remove only)
"Songbird 20080819" = Songbird 0.7.0 (20080819)
"SpeedCommander 9" = SpeedCommander 9
"SUPER ©" = SUPER © Version 2006.19 (FIX)
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"SysadmV10" = Sysadm
"TraXEx_is1" = TraXEx 3.3
"Trojancheck_is1" = Trojancheck 6
"Uniblue RegistryBooster" = Uniblue RegistryBooster
"Vidomi" = Vidomi (remove only)
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WMCSetup" = Windows Media Connect
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"x264 Revision 527 x264.nl" = x264 Revision 527 x264.nl (remove only)
"XXClone" = XXClone ver 0.58.0
"ZoomPlayer" = Zoom Player (remove only)
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"StarOffice 7" = StarOffice 7
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 03.12.2010 18:44:10 | Computer Name = PM740 | Source = MSDTC | ID = 4112
Description = Der Transaktions-Manager von MS DTC konnte nicht gestartet werde
Error - 03.12.2010 18:44:10 | Computer Name = PM740 | Source = MSDTC | ID = 4407
Description = Infrastruktur der MS DTC-Ablaufverfolgung: Fehler beim Leeren der
vorhandenen Ablaufverfolgungsdaten. Interne Informationen: msdtc_trace : File: d:\comxp_sp3\com\com1x\dtc\dtc\trace\src\tracelib.cpp,
Line: 1715, QueryTrace Failed, hr=0x80071069
Error - 03.12.2010 18:44:11 | Computer Name = PM740 | Source = VSS | ID = 12289
Description = Volumeschattenkopie-Dienstfehler: Unerwarteter Fehler "CreateFileW(\\?\Volume{fa57a275-c709-11da-803f-806d6172696f},0xc0000000,0x00000003,...)".
hr = 0x80070005.
Error - 04.12.2010 04:45:26 | Computer Name = PM740 | Source = MSDTC | ID = 4404
Description = Infrastruktur der MS DTC-Ablaufverfolgung: Fehler beim Initialisieren
der Infrastruktur der Ablaufverfolgung. Interne Informationen: msdtc_trace : File:
d:\comxp_sp3\com\com1x\dtc\dtc\trace\src\tracelib.cpp, Line: 1115, StartTrace Failed,
hr=0x800700a1
Error - 04.12.2010 04:45:26 | Computer Name = PM740 | Source = MSDTC | ID = 4163
Description = Die MS DTC-Protokolldatei wurde nicht gefunden. Stellen Sie sicher,
dass alle von MS DTC koordinierten Ressourcen-Manager frei von unsicheren Transaktionen
sind, und führen Sie dann "msdtc -resetlog" aus, um die Protokolldatei zu erstelle
Error - 04.12.2010 04:45:26 | Computer Name = PM740 | Source = MSDTC | ID = 4185
Description = Der Transaktions-Manager von MS DTC konnte nicht gestartet werden.
'LogInit' hat den Fehler 0x5 zurückgegebe
Error - 04.12.2010 04:45:26 | Computer Name = PM740 | Source = MSDTC | ID = 4112
Description = Der Transaktions-Manager von MS DTC konnte nicht gestartet werde
Error - 04.12.2010 04:45:26 | Computer Name = PM740 | Source = MSDTC | ID = 4407
Description = Infrastruktur der MS DTC-Ablaufverfolgung: Fehler beim Leeren der
vorhandenen Ablaufverfolgungsdaten. Interne Informationen: msdtc_trace : File: d:\comxp_sp3\com\com1x\dtc\dtc\trace\src\tracelib.cpp,
Line: 1715, QueryTrace Failed, hr=0x80071069
Error - 04.12.2010 08:08:53 | Computer Name = PM740 | Source = ESENT | ID = 490
Description = svchost (888) Versuch, Datei "C:\WINDOWS\system32\CatRoot2\{127D0A1D-4EF2-11D1-8608-00C04FC295EE}\catdb"
für den Lese-/Schreibzugriff zu öffnen, ist mit Systemfehler 32 (0x00000020): "Der
Prozess kann nicht auf die Datei zugreifen, da sie von einem anderen Prozess verwendet
wird. " fehlgeschlagen. Fehler -1032 (0xfffffbf8) beim Öffnen von Dateien.
Error - 05.12.2010 17:08:46 | Computer Name = PM740 | Source = ESENT | ID = 490
Description = svchost (900) Versuch, Datei "C:\WINDOWS\system32\CatRoot2\{127D0A1D-4EF2-11D1-8608-00C04FC295EE}\catdb"
für den Lese-/Schreibzugriff zu öffnen, ist mit Systemfehler 32 (0x00000020): "Der
Prozess kann nicht auf die Datei zugreifen, da sie von einem anderen Prozess verwendet
wird. " fehlgeschlagen. Fehler -1032 (0xfffffbf8) beim Öffnen von Dateien.
[ System Events ]
Error - 04.12.2010 08:36:20 | Computer Name = PM740 | Source = DCOM | ID = 10005
Description = Bei DCOM ist der Fehler "%1084" aufgetreten, als der Dienst "EventSystem"
mit den Argumenten "" gestartet wurde, um den folgenden Server zu verwenden: {1BE1F766-5536-11D1-B726-00C04FB926AF}
Error - 04.12.2010 08:37:38 | Computer Name = PM740 | Source = Service Control Manager | ID = 7023
Description = Der Dienst "Systemwiederherstellungsdienst" wurde mit folgendem Fehler
beendet: %%2
Error - 04.12.2010 08:37:38 | Computer Name = PM740 | Source = Service Control Manager | ID = 7026
Description = Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
avgio avipbb Fips intelppm ssmdrv
Error - 04.12.2010 12:02:25 | Computer Name = PM740 | Source = atapi | ID = 262153
Description = Das Gerät \Device\Ide\IdePort0 hat innerhalb der Fehlerwartezeit nicht
geantwortet.
Error - 04.12.2010 14:27:17 | Computer Name = PM740 | Source = DCOM | ID = 10005
Description = Bei DCOM ist der Fehler "%1084" aufgetreten, als der Dienst "EventSystem"
mit den Argumenten "" gestartet wurde, um den folgenden Server zu verwenden: {1BE1F766-5536-11D1-B726-00C04FB926AF}
Error - 04.12.2010 16:49:15 | Computer Name = PM740 | Source = SRService | ID = 104
Description = Die Initialisierung der Systemwiederherstellung ist fehlgeschlagen.
Error - 04.12.2010 16:49:20 | Computer Name = PM740 | Source = Service Control Manager | ID = 7023
Description = Der Dienst "Systemwiederherstellungsdienst" wurde mit folgendem Fehler
beendet: %%2
Error - 05.12.2010 17:08:11 | Computer Name = PM740 | Source = SRService | ID = 104
Description = Die Initialisierung der Systemwiederherstellung ist fehlgeschlagen.
Error - 05.12.2010 17:08:15 | Computer Name = PM740 | Source = Service Control Manager | ID = 7023
Description = Der Dienst "Systemwiederherstellungsdienst" wurde mit folgendem Fehler
beendet: %%2
Error - 05.12.2010 17:15:46 | Computer Name = PM740 | Source = HTTP | ID = 15006
Description = Der Besitzer von Protokolldatei oder -verzeichnis "\SystemRoot\System32\LogFiles\HTTPERR"
ist ungültig. Möglicherweise hat ein anderer Benutzer die Protokolldatei bzw. das
-verzeichnis bereits erstellt.
< End of report > --- --- ---
Martin
War gestern mit Windows online. Habe neues malware und neue Virussignatur für Avira runtergeladen. Hatte nicht den Eindruck als würde mein Rechner Fremdgehen. Das passiert erst wenn ich Explorer bzw Mozilla lade. Habe aber Mozilla inzwischen irgendwie totgelegt weil ich seine splice Dateien in Verdacht hatte unfug zu machen. |