viele Viren/Trojaner-Funde in letzter Zeit
In letzter Zeit haben sich leider die Viren/Trojaner-Funde auf meinem Rechner gehäuft. Bis jetzt gab es noch keine anderen Auffälligkeiten auf meinem Rechner.
Der AviraGuard fand in den letzten Tagen das:
GEN/PwdZIP(WinMuollo)
TR/PSW.Zbot.290
TR/Crypt.XPACK.Gen2
TR/Dldr.Agent....(verschiedene Varianten)
Ein Vollscan mit Avira fand gestern das:
C:\Dokumente und Einstellungen\karsten66\Anwendungsdaten\Sun\Java\Deployment\cache\6.0\54\424d6b36-3a3aacdc
[0] Archivtyp: ZIP
[FUND] Enthält Erkennungsmuster des Java-Virus JAVA/OpenConnect.DD
--> direct/bear.class
[FUND] Enthält Erkennungsmuster des Java-Virus JAVA/OpenConnect.DD
Ein heutiger Vollscan fand nichts. Ein Quickscan mit Malwarebytes fand ebenfalls nichts.
Ein Vollscan mit Superantspyware fand leider das: Code:
SUPERAntiSpyware Scan Log
hxxp://www.superantispyware.com
Generated 02/24/2011 at 01:10 PM
Application Version : 4.49.1000
Core Rules Database Version : 6465
Trace Rules Database Version: 4277
Scan type : Complete Scan
Total Scan Time : 00:57:54
Memory items scanned : 287
Memory threats detected : 0
Registry items scanned : 6471
Registry threats detected : 0
File items scanned : 66010
File threats detected : 11
Adware.Tracking Cookie
C:\Dokumente und Einstellungen\karsten66\Cookies\karsten66@content.yieldmanager[1].txt
C:\Dokumente und Einstellungen\karsten66\Cookies\karsten66@invitemedia[1].txt
C:\Dokumente und Einstellungen\karsten66\Cookies\karsten66@ads.adk2[2].txt
C:\Dokumente und Einstellungen\karsten66\Cookies\karsten66@adply.plymedia[1].txt
C:\Dokumente und Einstellungen\karsten66\Cookies\karsten66@atdmt[1].txt
C:\Dokumente und Einstellungen\karsten66\Cookies\karsten66@kaspersky.122.2o7[1].txt
C:\Dokumente und Einstellungen\karsten66\Cookies\karsten66@ads.nba[1].txt
C:\Dokumente und Einstellungen\karsten66\Cookies\karsten66@ad2.adfarm1.adition[1].txt
C:\Dokumente und Einstellungen\karsten66\Cookies\karsten66@adfarm1.adition[2].txt
Trojan.Agent/Gen-FakeAV
C:\PROGRAMME\WINRAR\DEFAULT.SFX
Trojan.Agent/Gen-Hack
C:\SYSTEM VOLUME INFORMATION\_RESTORE{85D6A6E6-0790-4D0D-8D6E-934F37B14645}\RP457\A0190487.EXE
Hier die OTL-Logfiles: Code:
OTL logfile created on: 24.02.2011 13:36:55 - Run 3
OTL by OldTimer - Version 3.2.21.0 Folder = C:\Dokumente und Einstellungen\karsten66\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 67,00% Memory free
4,00 Gb Paging File | 3,00 Gb Available in Paging File | 85,00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 29,29 Gb Total Space | 5,88 Gb Free Space | 20,09% Space Free | Partition Type: NTFS
Drive D: | 9,87 Gb Total Space | 9,81 Gb Free Space | 99,47% Space Free | Partition Type: NTFS
Drive E: | 88,83 Gb Total Space | 54,44 Gb Free Space | 61,28% Space Free | Partition Type: NTFS
Drive G: | 170,10 Gb Total Space | 167,73 Gb Free Space | 98,61% Space Free | Partition Type: NTFS
Computer Name: KARSTEN | User Name: karsten66 | NOT logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - C:\Dokumente und Einstellungen\***\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Programme\FlashGet Network\FlashGet 3\Flashget3.exe (Trend Media Corporation Limited)
PRC - C:\Programme\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
PRC - C:\Programme\DivX\DivX Update\DivXUpdate.exe ()
PRC - C:\Programme\Zone Labs\ZoneAlarm\zlclient.exe (Check Point Software Technologies LTD)
PRC - C:\Programme\CheckPoint\ZAForceField\ForceField.exe (Check Point Software Technologies)
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\Programme\Gemeinsame Dateien\InstallShield\UpdateService\issch.exe (InstallShield Software Corporation)
========== Modules (SafeList) ==========
MOD - C:\Dokumente und Einstellungen\***\Desktop\OTL.exe (OldTimer Tools)
MOD - C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll (Microsoft Corporation)
MOD - C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (Check Point Software Technologies)
MOD - C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_e6967989\msvcr80.dll (Microsoft Corporation)
MOD - C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_e6967989\msvcp80.dll (Microsoft Corporation)
========== Win32 Services (SafeList) ==========
========== Driver Services (SafeList) ==========
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = local
========== FireFox ==========
FF - prefs.js..extensions.enabledItems: {097d3191-e6fa-4728-9826-b533d755359d}:0.7.12
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: firefox@tvunetworks.com:2
FF - prefs.js..extensions.enabledItems: 5
FF - prefs.js..extensions.enabledItems: 2
FF - prefs.js..extensions.enabledItems: 2
FF - prefs.js..extensions.enabledItems: {37fa1426-b82d-11db-8314-0800200c9a66}:2.7.4
FF - prefs.js..extensions.enabledItems: {FFB96CC1-7EB3-449D-B827-DB661701C6BB}:1.5.232.0
FF - prefs.js..extensions.enabledItems: vshare@toolbar:1.0.0
FF - prefs.js..extensions.enabledItems: {e001c731-5e37-4538-a5cb-8168736a2360}:0.9.9.68
FF - prefs.js..extensions.enabledItems: {DB9127A2-3381-41ec-82B3-1B6ED4C6F29A}:1.1
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.3
FF - prefs.js..extensions.enabledItems: {73a6fe31-595d-460b-a920-fcc0f8843232}:2.0.9.8
FF - HKLM\software\mozilla\Firefox\extensions\\{FFB96CC1-7EB3-449D-B827-DB661701C6BB}: C:\Programme\CheckPoint\ZAForceField\TrustChecker [2011.02.11 11:03:10 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Components: C:\Programme\Mozilla Firefox\components [2011.02.01 19:47:14 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Plugins: C:\Programme\Mozilla Firefox\plugins [2011.02.09 12:31:56 | 000,000,000 | ---D | M]
[2008.11.18 20:52:00 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\karsten66\Anwendungsdaten\Mozilla\Extensions
[2011.02.24 13:17:41 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\karsten66\Anwendungsdaten\Mozilla\Firefox\Profiles\as3xe6sq.default\extensions
[2010.11.19 00:13:57 | 000,000,000 | ---D | M] (All-in-One Sidebar) -- C:\Dokumente und Einstellungen\karsten66\Anwendungsdaten\Mozilla\Firefox\Profiles\as3xe6sq.default\extensions\{097d3191-e6fa-4728-9826-b533d755359d}
[2010.10.13 07:25:55 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Dokumente und Einstellungen\karsten66\Anwendungsdaten\Mozilla\Firefox\Profiles\as3xe6sq.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2011.02.18 09:40:07 | 000,000,000 | ---D | M] (WebMail Notifier) -- C:\Dokumente und Einstellungen\karsten66\Anwendungsdaten\Mozilla\Firefox\Profiles\as3xe6sq.default\extensions\{37fa1426-b82d-11db-8314-0800200c9a66}
[2011.02.21 22:52:04 | 000,000,000 | ---D | M] (NoScript) -- C:\Dokumente und Einstellungen\karsten66\Anwendungsdaten\Mozilla\Firefox\Profiles\as3xe6sq.default\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}
[2011.02.21 22:47:31 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Dokumente und Einstellungen\karsten66\Anwendungsdaten\Mozilla\Firefox\Profiles\as3xe6sq.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2011.02.19 16:39:53 | 000,000,000 | ---D | M] (flashget3 Extension) -- C:\Dokumente und Einstellungen\karsten66\Anwendungsdaten\Mozilla\Firefox\Profiles\as3xe6sq.default\extensions\{DB9127A2-3381-41ec-82B3-1B6ED4C6F29A}
[2011.02.18 09:39:57 | 000,000,000 | ---D | M] ("BitDefender QuickScan") -- C:\Dokumente und Einstellungen\karsten66\Anwendungsdaten\Mozilla\Firefox\Profiles\as3xe6sq.default\extensions\{e001c731-5e37-4538-a5cb-8168736a2360}
[2010.04.11 13:57:58 | 000,000,000 | ---D | M] (TVU Web Player) -- C:\Dokumente und Einstellungen\karsten66\Anwendungsdaten\Mozilla\Firefox\Profiles\as3xe6sq.default\extensions\firefox@tvunetworks.com
[2010.12.12 22:15:45 | 000,000,000 | ---D | M] (vShare) -- C:\Dokumente und Einstellungen\karsten66\Anwendungsdaten\Mozilla\Firefox\Profiles\as3xe6sq.default\extensions\vshare@toolbar
[2011.02.24 09:11:58 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
[2011.02.11 11:03:10 | 000,000,000 | ---D | M] (ZoneAlarm Security Engine) -- C:\PROGRAMME\CHECKPOINT\ZAFORCEFIELD\TRUSTCHECKER
[2008.11.19 17:17:22 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAMME\JAVA\JRE6\LIB\DEPLOY\JQS\FF
[2010.03.11 23:43:38 | 000,001,392 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\amazondotcom-de.xml
[2010.03.11 23:43:38 | 000,002,344 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\eBay-de.xml
[2010.03.11 23:43:38 | 000,006,805 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\leo_ende_de.xml
[2010.03.11 23:43:38 | 000,001,178 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\wikipedia-de.xml
[2010.03.11 23:43:38 | 000,001,105 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\yahoo-de.xml
O1 HOSTS File: ([2001.08.23 13:00:00 | 000,000,820 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (vShare Plugin) - {043C5167-00BB-4324-AF7E-62013FAEDACF} - C:\Programme\vShare\vshare_toolbar.dll ()
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Programme\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (ZoneAlarm Security Engine Registrar) - {8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3} - C:\Programme\CheckPoint\ZAForceField\Trustchecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies)
O2 - BHO: (Windows Live Anmelde-Hilfsprogramm) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (Easy Photo Print) - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Programme\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
O2 - BHO: (FlashGetBHO) - {b070d3e3-fec0-47d9-8e8a-99d4eeb3d3b0} - C:\Dokumente und Einstellungen\karsten66\Anwendungsdaten\FlashGetBHO\FlashGetBHO3.dll (Trend Media Group)
O2 - BHO: (EpsonToolBandKicker Class) - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Programme\epson\EPSON Web-To-Page\EPSON Web-To-Page.dll (SEIKO EPSON CORPORATION)
O2 - BHO: (ZoneAlarm-Sicherheit Toolbar) - {fc2b76fc-2132-4d80-a9a3-1f5c6e49066b} - C:\Programme\ZoneAlarm-Sicherheit\tbZone.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (vShare Plugin) - {043C5167-00BB-4324-AF7E-62013FAEDACF} - C:\Programme\vShare\vshare_toolbar.dll ()
O3 - HKLM\..\Toolbar: (Easy Photo Print) - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Programme\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
O3 - HKLM\..\Toolbar: (ZoneAlarm Security Engine) - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Programme\CheckPoint\ZAForceField\Trustchecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies)
O3 - HKLM\..\Toolbar: (EPSON Web-To-Page) - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Programme\epson\EPSON Web-To-Page\EPSON Web-To-Page.dll (SEIKO EPSON CORPORATION)
O3 - HKLM\..\Toolbar: (ZoneAlarm-Sicherheit Toolbar) - {fc2b76fc-2132-4d80-a9a3-1f5c6e49066b} - C:\Programme\ZoneAlarm-Sicherheit\tbZone.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (vShare Plugin) - {043C5167-00BB-4324-AF7E-62013FAEDACF} - C:\Programme\vShare\vshare_toolbar.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (ZoneAlarm Security Engine) - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Programme\CheckPoint\ZAForceField\Trustchecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies)
O3 - HKCU\..\Toolbar\WebBrowser: (ZoneAlarm-Sicherheit Toolbar) - {FC2B76FC-2132-4D80-A9A3-1F5C6E49066B} - C:\Programme\ZoneAlarm-Sicherheit\tbZone.dll (Conduit Ltd.)
O4 - HKLM..\Run: [Adobe ARM] C:\Programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [avgnt] C:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [DivXUpdate] C:\Programme\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [ISUSPM Startup] C:\Programme\Gemeinsame Dateien\InstallShield\UpdateService\ISUSPM.exe (InstallShield Software Corporation)
O4 - HKLM..\Run: [ISUSScheduler] C:\Programme\Gemeinsame Dateien\InstallShield\UpdateService\issch.exe (InstallShield Software Corporation)
O4 - HKLM..\Run: [ISW] C:\Programme\CheckPoint\ZAForceField\ForceField.exe (Check Point Software Technologies)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [ZoneAlarm Client] C:\Programme\Zone Labs\ZoneAlarm\zlclient.exe (Check Point Software Technologies LTD)
O4 - HKCU..\Run: [Ashampoo AntiSpyWare 2 Guard] File not found
O4 - HKCU..\Run: [FlashGet] File not found
O4 - HKCU..\Run: [FlashGet 3] C:\Programme\FlashGet Network\FlashGet 3\FlashGet3.exe (Trend Media Corporation Limited)
O4 - HKCU..\Run: [Guiloc] C:\Dokumente und Einstellungen\karsten66\Anwendungsdaten\Adobe\Update\dxfor.exe ()
O4 - HKCU..\Run: [Padcsc] C:\Dokumente und Einstellungen\karsten66\Anwendungsdaten\Realxml\freereg.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: Download all by FlashGet3 - C:\Dokumente und Einstellungen\karsten66\Anwendungsdaten\FlashGetBHO\GetAllUrl.htm ()
O8 - Extra context menu item: Download by FlashGet3 - C:\Dokumente und Einstellungen\karsten66\Anwendungsdaten\FlashGetBHO\GetUrl.htm ()
O8 - Extra context menu item: 使用快车3下载 - C:\Dokumente und Einstellungen\karsten66\Anwendungsdaten\FlashGetBHO\GetUrl.htm ()
O8 - Extra context menu item: 使用快车3下载全部链接 - C:\Dokumente und Einstellungen\karsten66\Anwendungsdaten\FlashGetBHO\GetAllUrl.htm ()
O9 - Extra 'Tools' menuitem : Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Programme\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O16 - DPF: Microsoft XML Parser for Java file://C:\WINDOWS\Java\classes\xmldso.cab (Reg Error: Key error.)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\vsharechrome {3F3A4B8A-86FC-43A4-BB00-6D7EBE9D4484} - C:\Programme\vShare\vshare_toolbar.dll ()
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Programme\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O24 - Desktop Components:0 (Die derzeitige Homepage) - About:Home
O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Grüne Idylle.bmp
O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Grüne Idylle.bmp
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Programme\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2008.11.18 16:07:44 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 30 Days ==========
[2011.02.24 13:35:15 | 000,577,024 | ---- | C] (OldTimer Tools) -- C:\Dokumente und Einstellungen\karsten66\Desktop\OTL.exe
[2011.02.23 15:10:15 | 000,000,000 | ---D | C] -- C:\Programme\Spybot - Search & Destroy
[2011.02.23 15:10:15 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Spybot - Search & Destroy
[2011.02.19 18:29:31 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\karsten66\Anwendungsdaten\Lyezo
[2011.02.19 15:46:09 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\karsten66\Startmenü\Programme\FlashGet 3.7
[2011.02.19 15:19:59 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\karsten66\Anwendungsdaten\FlashGet
[2011.02.19 15:19:50 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\karsten66\Anwendungsdaten\FlashGetBHO
[2011.02.09 12:09:23 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\karsten66\Anwendungsdaten\QuickScan
[2011.02.01 17:27:08 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\karsten66\Anwendungsdaten\SUPERAntiSpyware.com
[2011.02.01 17:27:08 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\SUPERAntiSpyware.com
[2011.02.01 17:26:51 | 000,000,000 | ---D | C] -- C:\Programme\SUPERAntiSpyware
[2011.02.01 16:33:25 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\karsten66\Anwendungsdaten\Realxml
[11 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\*.tmp files -> C:\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2011.02.24 13:35:17 | 000,015,541 | ---- | M] () -- C:\WINDOWS\System32\secushr.dat
[2011.02.24 13:34:38 | 000,577,024 | ---- | M] (OldTimer Tools) -- C:\Dokumente und Einstellungen\karsten66\Desktop\OTL.exe
[2011.02.24 13:16:41 | 000,199,213 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
[2011.02.24 13:16:38 | 000,000,260 | ---- | M] () -- C:\WINDOWS\tasks\WGASetup.job
[2011.02.24 13:16:20 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011.02.24 01:11:08 | 000,002,492 | ---- | M] () -- C:\WINDOWS\System32\secustat.dat
[2011.02.23 15:32:39 | 000,000,245 | RHS- | M] () -- C:\boot.ini
[2011.02.20 09:35:49 | 000,013,916 | ---- | M] () -- C:\Dokumente und Einstellungen\karsten66\20110220093548.torrent.filelist
[2011.02.20 09:33:28 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011.02.19 21:37:17 | 000,001,124 | ---- | M] () -- C:\WINDOWS\wininit.ini
[2011.02.19 15:20:03 | 000,000,025 | ---- | M] () -- C:\WINDOWS\libem.INI
[2011.02.19 15:12:00 | 000,017,146 | ---- | M] () -- C:\Dokumente und Einstellungen\karsten66\20110220093548.torrent
[2011.02.09 12:41:38 | 000,215,264 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2011.02.09 12:14:54 | 000,000,036 | ---- | M] () -- C:\Dokumente und Einstellungen\karsten66\Lokale Einstellungen\Anwendungsdaten\housecall.guid.cache
[11 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\*.tmp files -> C:\*.tmp -> ]
========== Files Created - No Company Name ==========
[2011.02.24 13:35:17 | 000,015,541 | ---- | C] () -- C:\WINDOWS\System32\secushr.dat
[2011.02.20 09:35:49 | 000,013,916 | ---- | C] () -- C:\Dokumente und Einstellungen\karsten66\20110220093548.torrent.filelist
[2011.02.20 09:35:48 | 000,017,146 | ---- | C] () -- C:\Dokumente und Einstellungen\karsten66\20110220093548.torrent
[2011.02.19 16:39:09 | 000,002,492 | ---- | C] () -- C:\WINDOWS\System32\secustat.dat
[2011.02.19 15:20:03 | 000,000,025 | ---- | C] () -- C:\WINDOWS\libem.INI
[2011.02.09 12:14:54 | 000,000,036 | ---- | C] () -- C:\Dokumente und Einstellungen\karsten66\Lokale Einstellungen\Anwendungsdaten\housecall.guid.cache
[2010.04.07 12:18:35 | 000,000,097 | ---- | C] () -- C:\WINDOWS\System32\PICSDK.ini
[2009.09.05 18:42:41 | 000,000,130 | ---- | C] () -- C:\WINDOWS\cfplogvw.INI
[2009.03.15 17:37:31 | 000,001,124 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2008.12.20 18:46:43 | 000,180,224 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2008.12.14 23:10:37 | 000,000,204 | ---- | C] () -- C:\WINDOWS\struct~.ini
[2008.12.10 01:37:59 | 000,000,349 | ---- | C] () -- C:\WINDOWS\vtplus32.ini
[2008.12.10 01:37:56 | 000,004,434 | ---- | C] () -- C:\WINDOWS\irremote.ini
[2008.12.01 11:00:42 | 000,116,224 | ---- | C] () -- C:\WINDOWS\System32\pdfcmnnt.dll
[2008.11.22 09:55:17 | 000,000,088 | RHS- | C] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\53CBE39A31.sys
[2008.11.22 09:55:11 | 000,002,516 | -HS- | C] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\KGyGaAvL.sys
[2008.11.21 15:04:17 | 000,013,824 | ---- | C] () -- C:\Dokumente und Einstellungen\karsten66\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008.11.20 19:55:31 | 000,152,064 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2008.11.20 19:55:31 | 000,019,968 | ---- | C] () -- C:\WINDOWS\System32\cpuinf32.dll
[2008.11.20 19:55:29 | 000,815,104 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2008.11.19 18:05:49 | 000,155,384 | ---- | C] () -- C:\WINDOWS\System32\guard32.dll1
[2008.11.19 06:08:36 | 000,011,568 | ---- | C] () -- C:\WINDOWS\System32\drivers\UimFIO.sys
[2008.11.19 06:08:21 | 004,244,744 | ---- | C] () -- C:\WINDOWS\System32\qtp-mt334.dll
[2008.11.19 06:08:21 | 000,247,560 | ---- | C] () -- C:\WINDOWS\System32\prgiso.dll
[2008.11.19 06:08:21 | 000,013,576 | ---- | C] () -- C:\WINDOWS\System32\wnaspi32.dll
[2008.11.18 23:38:48 | 000,000,846 | ---- | C] () -- C:\WINDOWS\HCWPNP.INI
[2008.11.18 23:38:48 | 000,000,032 | ---- | C] () -- C:\WINDOWS\HCWBTDLG.INI
[2008.11.18 16:13:51 | 000,002,996 | ---- | C] () -- C:\WINDOWS\Ascd_tmp.ini
[2008.11.18 16:13:50 | 000,005,824 | ---- | C] () -- C:\WINDOWS\System32\drivers\ASUSHWIO.SYS
[2008.11.18 15:57:46 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2007.10.04 09:14:00 | 001,724,416 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll
[2007.10.04 09:14:00 | 001,507,328 | ---- | C] () -- C:\WINDOWS\System32\nview.dll
[2007.10.04 09:14:00 | 001,101,824 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll
[2007.10.04 09:14:00 | 000,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll
[2007.10.04 09:14:00 | 000,286,720 | ---- | C] () -- C:\WINDOWS\System32\nvnt4cpl.dll
[2007.08.16 05:23:28 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\gpyapi.dll
[2006.09.13 12:06:10 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\gtapi.dll
========== LOP Check ==========
[2008.11.19 07:00:10 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\ashampoo
[2010.04.07 12:26:07 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\EPSON
[2010.10.18 07:22:04 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\F-Secure
[2008.12.08 17:21:38 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\SecTaskMan
[2010.10.17 18:46:17 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TEMP
[2010.04.07 12:24:39 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\UDL
[2008.11.19 06:12:18 | 000,000,000 | -H-D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\{F7580713-8151-4F6D-8535-6B0CC9878743}
[2008.11.24 14:14:38 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\karsten66\Anwendungsdaten\Ashampoo
[2011.02.24 01:11:08 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\karsten66\Anwendungsdaten\BITS
[2008.12.02 09:17:39 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\karsten66\Anwendungsdaten\Bitstream
[2010.06.26 09:41:42 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\karsten66\Anwendungsdaten\CheckPoint
[2008.12.08 15:12:01 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\karsten66\Anwendungsdaten\Desktop Maestro
[2011.02.19 15:19:59 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\karsten66\Anwendungsdaten\FlashGet
[2011.02.19 15:46:05 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\karsten66\Anwendungsdaten\FlashGetBHO
[2008.11.24 13:38:52 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\karsten66\Anwendungsdaten\GetRightToGo
[2011.02.23 13:59:25 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\karsten66\Anwendungsdaten\Lyezo
[2008.11.29 17:40:31 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\karsten66\Anwendungsdaten\OpenOffice.org
[2010.12.11 11:47:24 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\karsten66\Anwendungsdaten\Powyog
[2011.02.21 21:08:00 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\karsten66\Anwendungsdaten\QuickScan
[2010.12.11 12:06:09 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\karsten66\Anwendungsdaten\Uviq
[2010.11.06 23:49:04 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\karsten66\Anwendungsdaten\vShare
[2011.02.24 13:16:38 | 000,000,260 | ---- | M] () -- C:\WINDOWS\Tasks\WGASetup.job
========== Purity Check ==========
========== Alternate Data Streams ==========
@Alternate Data Stream - 135 bytes -> C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TEMP:1048AE9D
< End of report >
Code:
OTL Extras logfile created on: 24.02.2011 13:36:55 - Run 3
OTL by OldTimer - Version 3.2.21.0 Folder = C:\Dokumente und Einstellungen\karsten66\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 67,00% Memory free
4,00 Gb Paging File | 3,00 Gb Available in Paging File | 85,00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 29,29 Gb Total Space | 5,88 Gb Free Space | 20,09% Space Free | Partition Type: NTFS
Drive D: | 9,87 Gb Total Space | 9,81 Gb Free Space | 99,47% Space Free | Partition Type: NTFS
Drive E: | 88,83 Gb Total Space | 54,44 Gb Free Space | 61,28% Space Free | Partition Type: NTFS
Drive G: | 170,10 Gb Total Space | 167,73 Gb Free Space | 98,61% Space Free | Partition Type: NTFS
Computer Name: *** | User Name: *** | NOT logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Programme\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Programme\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Programme\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
"DisableMonitoring" = 1
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0
"DoNotAllowExceptions" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Programme\TVUPlayer\TVUPlayer.exe" = C:\Programme\TVUPlayer\TVUPlayer.exe:*:Enabled:TVUPlayer Component -- (TVU networks)
"C:\Programme\SopCast\adv\SopAdver.exe" = C:\Programme\SopCast\adv\SopAdver.exe:*:Enabled:SopCast Adver -- (www.sopcast.com)
"C:\Programme\SopCast\SopCast.exe" = C:\Programme\SopCast\SopCast.exe:*:Enabled:SopCast Main Application -- (www.sopcast.com)
"C:\Programme\Steam\steamapps\kamitt\half-life 2 deathmatch\hl2.exe" = C:\Programme\Steam\steamapps\kamitt\half-life 2 deathmatch\hl2.exe:*:Enabled:hl2 -- ()
"C:\Programme\TVAnts\Tvants.exe" = C:\Programme\TVAnts\Tvants.exe:*:Enabled:TVAnts
"C:\Programme\FlashGet Network\FlashGet universal\FlashGet.exe" = C:\Programme\FlashGet Network\FlashGet universal\FlashGet.exe:*:Enabled:Flashget2
"C:\Programme\FlashGet Network\FlashGet universal\LiveUpdate.exe" = C:\Programme\FlashGet Network\FlashGet universal\LiveUpdate.exe:*:Enabled:FGLiveUpdate
"C:\Programme\FlashGet Network\FlashGet universal\LiveUpdateEx.exe" = C:\Programme\FlashGet Network\FlashGet universal\LiveUpdateEx.exe:*:Enabled:FGLiveUpdateEx
"C:\WINDOWS\system32\ZoneLabs\vsmon.exe" = C:\WINDOWS\system32\ZoneLabs\vsmon.exe:*:Enabled:vsmon -- (Check Point Software Technologies LTD)
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"_{7F05E704-30A6-421A-97A7-8EEB1C7FF010}" = CorelDRAW(R) Graphics Suite X4
"_{CE2DA11A-917F-4CF5-AB55-755EC115DD10}" = CorelDRAW(R) Graphics Suite X4 - Windows Shell Extension
"{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{13F3917B56CD4C25848BDC69916971BB}" = DivX Converter
"{1D14373E-7970-4F2F-A467-ACA4F0EA21E3}" = Google Earth
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{26A24AE4-039D-4CA4-87B4-2F83216010FF}" = Java(TM) 6 Update 17
"{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}" = Windows Live Communications Platform
"{350C97B3-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3FC7CBBC4C1E11DCA1A752EA55D89593}" = DivX Version Checker
"{44A27085-0616-4181-A0C3-81C7ECA17F73}" = CorelDRAW Graphics Suite X4
"{49CC1A6A-3A1A-4EE7-913F-8106B51B59D1}" = Paragon Partition Manager 9.0 Personal
"{52B97218-98CB-4B8B-9283-D213C85E1AA4}" = Windows Live Anmelde-Assistent
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{708C3C8B-A637-4AF5-9749-8F2914CA6B23}" = HARDiNFO 2008 Professional
"{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK
"{7B63B2922B174135AFC0E1377DD81EC2}" =
"{7F05E704-30A6-421A-97A7-8EEB1C7FF010}" = CorelDRAW Graphics SUite X4 - ICA
"{7F05E704-30A6-421A-97A7-8EEB1C7FF012}" = CorelDRAW Graphics Suite X4 - Capture
"{7F05E704-30A6-421A-97A7-8EEB1C7FF013}" = CorelDRAW Graphics Suite X4 - Draw
"{7F05E704-30A6-421A-97A7-8EEB1C7FF014}" = CorelDRAW Graphics Suite X4 - PP
"{7F05E704-30A6-421A-97A7-8EEB1C7FF016}" = CorelDRAW Graphics Suite X4 - Content
"{7F05E704-30A6-421A-97A7-8EEB1C7FF017}" = CorelDRAW Graphics Suite X4 - Filters
"{7F05E704-30A6-421A-97A7-8EEB1C7FF019}" = CorelDRAW Graphics Suite X4 - FontNav
"{7F14F68C-17FA-4F88-B3FD-7F449C1EBF32}" = EPSON Web-To-Page
"{87C2248A-C7DD-49ED-9BCD-B312A9D0819E}" = Epson Easy Photo Print 2
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8E5233E1-7495-44FB-8DEB-4BE906D59619}" = Junk Mail filter update
"{90120000-0010-0407-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (German) 12
"{90120000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2007
"{90120000-0015-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2007
"{90120000-0019-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2007
"{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_ENTERPRISE_{322296D4-1EAE-4030-9FBC-D2787EB25FA2}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{90120000-0044-0407-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2007
"{90120000-0044-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_ENTERPRISE_{26454C26-D259-4543-AA60-3189E09C5F76}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00BA-0407-0000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2007
"{90120000-00BA-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90850407-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Word Viewer 2003
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{989112B0-74DB-4A40-932F-580049CD0B97}" = Visual Basic for Applications (R) Core - German
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9A4D182C-35C7-4791-8484-4304EBC9101A}" = Windows 7 Upgrade Advisor
"{9D0798D0-AF6C-4E62-94B1-AEBF1A43E00A}" = CorelDRAW Graphics Suite X4 - IPM
"{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}" = Segoe UI
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{AC76BA86-7AD7-1031-7B44-A94000000001}" = Adobe Reader 9.4.2 - Deutsch
"{AEB9948B-4FF2-47C9-990E-47014492A0FE}" = MSXML 6.0 Parser
"{AED2DD42-9853-407E-A6BC-8A1D6B715909}" = Windows Live Messenger
"{AEFBAC58-2DDD-4CEF-BDFD-52A5A5F432ED}" = CorelDRAW Graphics Suite X4 - Lang DE
"{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B61D21B6-469D-4423-B161-62DB20B8A70E}" = Visual Basic for Applications (R) Core - English
"{BF439B41-0252-48DE-8B8B-0430CB26A181}" = CorelDRAW Graphics Suite X4 - VBA
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C4D738F7-996A-4C81-B8FA-C4E26D767E41}" = Windows Live Mail
"{CAFA57E8-8927-4912-AFCF-B0AA3837E989}" = Windows Live Essentials
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CE2DA11A-917F-4CF5-AB55-755EC115DD10}" = CorelDRAW(R) Graphics Suite X4 - Windows Shell Extension
"{CE94D3CF-8435-42E6-B1A3-D13917ABCF04}" = TOM Live Player
"{D155D300-C235-44FC-981C-F7B34683439C}" = Paragon Drive Backup 8.51 Professional Trial
"{D2041A37-5FEC-49F0-AE5C-3F2FFDFAA4F4}" = Windows Live Call
"{DB81779E-7CC5-4630-BCFC-754004956444}" = Visual Basic for Applications (R) Core
"{E2883E8F-472F-4fb0-9522-AC9BF37916A7}" = Adobe Download Manager
"{EDF3EEF2-F0B9-440B-B8B9-A61F2DA8C78A}" = fortePivot
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F958CA02-BB40-4007-894B-258729456EE4}" = QuickTime
"{FAF88B432344413595BB2DED98385684}" = DivX User Guide
"{FFFF6D5C-E2F1-4B40-BC89-8923312E89EB}}_is1" = ACE Mega CoDecS Pack
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Ashampoo Burning Studio 2008 Advanced_is1" = Ashampoo Burning Studio 2008 Advanced
"Ashampoo Magical Defrag 2_is1" = Ashampoo Magical Defrag 2
"Ashampoo Magical Security 2_is1" = Ashampoo Magical Security 2.01
"Ashampoo Magical Snap 2_is1" = Ashampoo Magical Snap 2.30
"Ashampoo UnInstaller Platinum 2_is1" = Ashampoo UnInstaller Platinum 2.81
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"CCleaner" = CCleaner
"Desktop Maestro_is1" = Desktop Maestro 3.0
"DivX Plus DirectShow Filters" = DivX Plus DirectShow Filters
"DivX Setup.divx.com" = DivX-Setup
"Driver Magician_is1" = Driver Magician 3.32
"ENTERPRISE" = Microsoft Office Enterprise 2007
"EPSON Scanner" = EPSON Scan
"Epson Stylus SX210_SX410_TX210_TX410 Benutzerhandbuch" = Epson Stylus SX210_SX410_TX210_TX410 Handbuch
"EPSON SX410 Series" = EPSON SX410 Series Printer Uninstall
"Eusing Free Registry Cleaner" = Eusing Free Registry Cleaner
"Exterminate It!" = Exterminate It!
"FlashGet 3.7" = FlashGet 3.7
"Fraps" = Fraps
"HARDiNFO 2008 Professional" = HARDiNFO 2008 Professional
"Hauppauge SnapShot and WinTVCap" = Hauppauge SnapShot and WinTVCap
"Hauppauge WinTV2000" = Hauppauge WinTV2000
"HDD Health_is1" = HDD Health v3.3 Beta
"ie8" = Windows Internet Explorer 8
"IrfanView" = IrfanView (remove only)
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mozilla Firefox (3.6.13)" = Mozilla Firefox (3.6.13)
"No One Lives Forever Demo" = No One Lives Forever Demo
"NVIDIA Drivers" = NVIDIA Drivers
"Online Manuals for WinTV (German)" = Online Manuals for WinTV (German)
"RADVideo" = RAD Video Tools
"RealAlt_is1" = Real Alternative 2.0.1
"SereneScreen Marine Aquarium Crystal_is1" = SereneScreen Marine Aquarium Crystal
"SopCast" = SopCast 3.3.2
"ST6UNST #1" = NG Center
"ST6UNST #2" = NG Center (C:\Programme\NG_CENTER\)
"ST6UNST #3" = NG Center (C:\Programme\NG_CENTER\) #3
"ST6UNST #4" = NG Center (C:\Programme\NG_CENTER\) #4
"ST6UNST #5" = NG Center (C:\Programme\NG_CENTER\) #5
"SystemRequirementsLab" = System Requirements Lab
"Tomb Raider Level Editor" = Tomb Raider Level Editor
"TVUPlayer" = TVUPlayer 2.5.2.2
"Veetle TV" = Veetle TV 0.9.18
"VirtualCloneDrive" = VirtualCloneDrive
"VLC media player" = VLC media player 1.0.1
"vShare" = vShare Plugin
"VTPlus32 für WinTV (German)" = VTPlus32 für WinTV (German)
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinRAR archiver" = WinRAR
"wm8eutil" = Windows Media 8 Encoding Utility
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Xvid_is1" = Xvid 1.2.1 final uninstall
"ZoneAlarm" = ZoneAlarm
"ZoneAlarm Toolbar" = ZoneAlarm Toolbar
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Audacity_is1" = Audacity 1.2.6
"Octoshape add-in for Adobe Flash Player" = Octoshape add-in for Adobe Flash Player
========== Last 10 Event Log Errors ==========
Error: Unable to start EventLog service!
< End of report >
|
