OTL Logfile: Code:
OTL logfile created on: 18.05.2011 22:15:42 - Run 3
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Dokumente und Einstellungen\xxx\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
2,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 85,00% Memory free
4,00 Gb Paging File | 3,00 Gb Available in Paging File | 91,00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 67,05 Gb Total Space | 36,34 Gb Free Space | 54,20% Space Free | Partition Type: FAT32
Drive D: | 42,84 Gb Total Space | 42,83 Gb Free Space | 99,98% Space Free | Partition Type: FAT32
Computer Name: MATTHIASFÖRSTER | User Name: Matthias Förster | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - C:\WINDOWS\system32\acovcnt.exe ()
PRC - C:\Dokumente und Einstellungen\xxx\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.)
PRC - C:\Programme\DivX\DivX Update\DivXUpdate.exe ()
PRC - C:\Programme\DivX\DivX Plus Web Player\DDMService.exe (DivX, LLC)
PRC - C:\Programme\Alwil Software\Avast5\AvastUI.exe (AVAST Software)
PRC - C:\Programme\Alwil Software\Avast5\AvastSvc.exe (AVAST Software)
PRC - C:\Programme\Winamp\winampa.exe (Nullsoft, Inc.)
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\Programme\T-Mobile\web'n'walk Manager\web'n'walk Manager.exe (T-Mobile)
PRC - C:\WINDOWS\ASScrPro.exe ()
PRC - C:\Programme\T-Mobile\web'n'walk Manager\GtDetectSc.exe (Option)
PRC - C:\Programme\ASUS\ASUS Live Update\ALU.exe ()
PRC - C:\Programme\Wireless Console 2\wcourier.exe ()
PRC - C:\Programme\ASUS\Splendid\ACMON.exe (ATK)
PRC - C:\Programme\PowerForPhone\PowerForPhone.exe ()
PRC - C:\Programme\Toshiba\Bluetooth Toshiba Stack\TosAVRC.exe (TOSHIBA CORPORATION.)
PRC - C:\Programme\Intel\Wireless\Bin\ZCfgSvc.exe (Intel Corporation)
PRC - C:\Programme\Intel\Wireless\Bin\iFrmewrk.exe (Intel Corporation)
PRC - C:\Programme\Intel\Wireless\Bin\Dot1XCfg.exe (Intel Corporation)
PRC - C:\Programme\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe (TOSHIBA CORPORATION.)
PRC - C:\Programme\Toshiba\Bluetooth Toshiba Stack\TosBtProc.exe (TOSHIBA CORPORATION.)
PRC - C:\Programme\Toshiba\Bluetooth Toshiba Stack\TosBtHSP.exe (TOSHIBA CORPORATION.)
PRC - C:\WINDOWS\system32\StkCSrv.exe (Syntek America Inc.)
PRC - C:\Programme\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe (TOSHIBA CORPORATION.)
PRC - C:\Programme\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe (TOSHIBA CORPORATION)
PRC - C:\Programme\ASUS Security Center\ASUS Security Protect Manager\Bin\asghost.exe (Cognizance Corporation)
PRC - C:\Programme\Toshiba\Bluetooth Toshiba Stack\TosOBEX.exe (TOSHIBA CORPORATION.)
PRC - C:\WINDOWS\system32\ASUSTPE.exe (ASUS)
PRC - C:\Programme\ASUS\NB Probe\SPM\spmgr.exe ()
PRC - C:\Programme\Motorola\SMSERIAL\sm56hlpr.exe (Motorola Inc.)
PRC - c:\Programme\Gemeinsame Dateien\LightScribe\LSSrvc.exe (Hewlett-Packard Company)
PRC - C:\Programme\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe (TOSHIBA CORPORATION.)
PRC - C:\WINDOWS\system32\ACEngSvr.exe (ASUSTeK)
PRC - C:\Programme\ASUSTek\ASUSDVD\PDVDServ.exe (Cyberlink Corp.)
========== Modules (SafeList) ==========
MOD - C:\Dokumente und Einstellungen\xxx\Desktop\OTL.exe (OldTimer Tools)
MOD - C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll (Microsoft Corporation)
MOD - C:\WINDOWS\system32\APSHook.dll (Cognizance Corporation)
========== Win32 Services (SafeList) ==========
SRV - (RoxLiveShare9) -- File not found
SRV - (AppMgmt) -- File not found
SRV - (Apple Mobile Device) -- C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.)
SRV - (avast! Web Scanner) -- C:\Programme\Alwil Software\Avast5\AvastSvc.exe (AVAST Software)
SRV - (avast! Mail Scanner) -- C:\Programme\Alwil Software\Avast5\AvastSvc.exe (AVAST Software)
SRV - (avast! Antivirus) -- C:\Programme\Alwil Software\Avast5\AvastSvc.exe (AVAST Software)
SRV - (GtDetectSc) -- C:\Programme\T-Mobile\web'n'walk Manager\GtDetectSc.exe (Option)
SRV - (StkSSrv) -- C:\WINDOWS\system32\StkCSrv.exe (Syntek America Inc.)
SRV - (TOSHIBA Bluetooth Service) -- C:\Programme\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe (TOSHIBA CORPORATION)
SRV - (ASBroker) -- C:\Programme\ASUS Security Center\ASUS Security Protect Manager\Bin\ASWLNPkg.dll (Cognizance Corporation)
SRV - (spmgr) -- C:\Programme\ASUS\NB Probe\SPM\spmgr.exe ()
SRV - (ASChannel) -- C:\Programme\ASUS Security Center\ASUS Security Protect Manager\Bin\ASChnl.dll (Cognizance Corporation)
SRV - (LightScribeService) -- c:\Programme\Gemeinsame Dateien\LightScribe\LSSrvc.exe (Hewlett-Packard Company)
SRV - (IDriverT) -- C:\Programme\Gemeinsame Dateien\InstallShield\Driver\1050\Intel 32\IDriverT.exe (Macrovision Corporation)
SRV - (ose) -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE (Microsoft Corporation)
========== Driver Services (SafeList) ==========
DRV - (aswTdi) -- C:\WINDOWS\System32\drivers\aswTdi.sys (AVAST Software)
DRV - (aswSP) -- C:\WINDOWS\System32\drivers\aswSP.sys (AVAST Software)
DRV - (aswRdr) -- C:\WINDOWS\System32\drivers\aswRdr.sys (AVAST Software)
DRV - (aswMon2) -- C:\WINDOWS\System32\drivers\aswmon2.sys (AVAST Software)
DRV - (aswFsBlk) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys (AVAST Software)
DRV - (Aavmker4) -- C:\WINDOWS\System32\drivers\aavmker4.sys (AVAST Software)
DRV - (npf) -- C:\WINDOWS\system32\drivers\npf.sys (CACE Technologies, Inc.)
DRV - (sptd) -- C:\WINDOWS\System32\Drivers\sptd.sys (Duplex Secure Ltd.)
DRV - (GT72NDISIPXP) -- C:\WINDOWS\system32\drivers\Gt51Ip.sys (Option NV)
DRV - (GT72UBUS) -- C:\WINDOWS\system32\drivers\gt72ubus.sys (Option N.V.)
DRV - (NETw4x32) Intel(R) -- C:\WINDOWS\system32\drivers\NETw4x32.sys (Intel Corporation)
DRV - (tosrfusb) -- C:\WINDOWS\system32\drivers\tosrfusb.sys (TOSHIBA CORPORATION)
DRV - (StkCMini) -- C:\WINDOWS\system32\drivers\StkCMini.sys (Syntek)
DRV - (RTLE8023xp) -- C:\WINDOWS\system32\drivers\Rtenicxp.sys (Realtek Semiconductor Corporation )
DRV - (s24trans) -- C:\WINDOWS\system32\drivers\s24trans.sys (Intel Corporation)
DRV - (IntcAzAudAddService) Service for Realtek HD Audio (WDM) -- C:\WINDOWS\system32\drivers\RtkHDAud.sys (Realtek Semiconductor Corp.)
DRV - (Tosrfcom) -- C:\WINDOWS\system32\drivers\tosrfcom.sys (TOSHIBA Corporation)
DRV - (tosrfbd) -- C:\WINDOWS\system32\drivers\tosrfbd.sys (TOSHIBA CORPORATION)
DRV - (GTPTSER) -- C:\WINDOWS\system32\drivers\gtptser.sys (Option N.V.)
DRV - (ATSWPDRV) AuthenTec TruePrint USB Driver (SwipeSensor) -- C:\WINDOWS\system32\drivers\atswpdrv.sys (AuthenTec, Inc.)
DRV - (Tosrfhid) -- C:\WINDOWS\system32\drivers\Tosrfhid.sys (TOSHIBA Corporation.)
DRV - (kbfiltr) -- C:\WINDOWS\system32\drivers\kbfiltr.sys ( )
DRV - (ghaio) -- C:\Programme\ASUS\NB Probe\SPM\ghaio.sys ()
DRV - (MTsensor) -- C:\WINDOWS\system32\drivers\ATKACPI.sys (ATK0100)
DRV - (IntcHdmiAddService) Intel(R) -- C:\WINDOWS\system32\drivers\IntcHdmi.sys (Intel(R) Corporation)
DRV - (smserial) -- C:\WINDOWS\system32\drivers\smserial.sys (Motorola Inc.)
DRV - (tosrfbnp) -- C:\WINDOWS\system32\drivers\tosrfbnp.sys (TOSHIBA Corporation)
DRV - (tosporte) -- C:\WINDOWS\system32\drivers\tosporte.sys (TOSHIBA Corporation)
DRV - (ItSDisk) -- C:\WINDOWS\system32\drivers\itsdisk.sys (Cognizance Corporation)
DRV - (sfvfs02) StarForce Protection VFS Driver (version 2.x) -- C:\WINDOWS\System32\drivers\sfvfs02.sys (Protection Technology)
DRV - (sfdrv01) StarForce Protection Environment Driver (version 1.x) -- C:\WINDOWS\System32\drivers\sfdrv01.sys (Protection Technology)
DRV - (sfhlp02) StarForce Protection Helper Driver (version 2.x) -- C:\WINDOWS\System32\drivers\sfhlp02.sys (Protection Technology)
DRV - (tosrfnds) -- C:\WINDOWS\system32\drivers\tosrfnds.sys (TOSHIBA Corporation.)
DRV - (sfsync02) StarForce Protection Synchronization Driver (version 2.x) -- C:\WINDOWS\System32\drivers\sfsync02.sys (Protection Technology)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,First Home Page = about:blank
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = about:blank
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = hxxp://www.google.com/ie
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = about:blank
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://www.google.com/ie
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
========== FireFox ==========
FF - prefs.js..browser.startup.homepage: "hxxp://www.google.de/"
FF - prefs.js..extensions.enabledItems: firefox@tvunetworks.com:2
FF - prefs.js..extensions.enabledItems: 5
FF - prefs.js..extensions.enabledItems: 3
FF - prefs.js..extensions.enabledItems: 1
FF - prefs.js..extensions.enabledItems: vshare@toolbar:1.0.0
FF - prefs.js..extensions.enabledItems: {635abd67-4fe9-1b23-4f01-e679fa7484c1}:2.1.3.20100310105313
FF - prefs.js..extensions.enabledItems: {23fcfd51-4958-4f00-80a3-ae97e717ed8b}:2.1.0.900
FF - prefs.js..extensions.enabledItems: {6904342A-8307-11DF-A508-4AE2DFD72085}:2.1.0.900
FF - HKLM\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Programme\DivX\DivX Plus Web Player\firefox\html5video [2010.12.21 02:26:26 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{6904342A-8307-11DF-A508-4AE2DFD72085}: C:\Programme\DivX\DivX Plus Web Player\firefox\wpa [2010.12.21 02:26:26 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.17\extensions\\Components: C:\Programme\Mozilla Firefox\components [2008.02.05 20:00:16 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.17\extensions\\Plugins: C:\Programme\Mozilla Firefox\plugins [2008.02.05 20:00:16 | 000,000,000 | ---D | M]
[2008.09.08 14:34:34 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\xxx\Anwendungsdaten\Mozilla\Extensions
[2008.02.05 20:00:26 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\xxx\Anwendungsdaten\Mozilla\Firefox\Profiles\o6il5tni.default\extensions
[2010.03.30 21:15:24 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Dokumente und Einstellungen\xxx\Anwendungsdaten\Mozilla\Firefox\Profiles\o6il5tni.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2010.09.20 15:50:14 | 000,000,000 | ---D | M] (TVU Web Player) -- C:\Dokumente und Einstellungen\xxx\Anwendungsdaten\Mozilla\Firefox\Profiles\o6il5tni.default\extensions\firefox@tvunetworks.com
[2010.10.25 15:56:54 | 000,000,000 | ---D | M] (vShare Plugin) -- C:\Dokumente und Einstellungen\xxx\Anwendungsdaten\Mozilla\Firefox\Profiles\o6il5tni.default\extensions\vshare@toolbar
[2008.02.05 20:00:16 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
File not found (No name found) -- C:\DOKUMENTE UND EINSTELLUNGEN\xxx\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\O6IL5TNI.DEFAULT\EXTENSIONS\{635ABD67-4FE9-1B23-4F01-E679FA7484C1}
File not found (No name found) -- C:\DOKUMENTE UND EINSTELLUNGEN\xxx\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\O6IL5TNI.DEFAULT\EXTENSIONS\FIREFOX@TVUNETWORKS.COM
File not found (No name found) -- C:\DOKUMENTE UND EINSTELLUNGEN\xxx\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\O6IL5TNI.DEFAULT\EXTENSIONS\VSHARE@TOOLBAR
[2010.12.21 02:26:26 | 000,000,000 | ---D | M] (DivX Plus Web Player HTML5 <video>) -- C:\PROGRAMME\DIVX\DIVX PLUS WEB PLAYER\FIREFOX\HTML5VIDEO
[2010.12.21 02:26:26 | 000,000,000 | ---D | M] (DivX HiQ) -- C:\PROGRAMME\DIVX\DIVX PLUS WEB PLAYER\FIREFOX\WPA
[2010.06.29 06:01:22 | 000,012,800 | ---- | M] (Nullsoft, Inc.) -- C:\Programme\Mozilla Firefox\plugins\npwachk.dll
[2010.11.12 18:53:06 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Programme\Mozilla Firefox\plugins\npdeployJava1.dll
[2010.11.22 23:58:44 | 000,001,392 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\amazondotcom-de.xml
[2010.11.22 23:58:44 | 000,002,344 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\eBay-de.xml
[2010.11.22 23:58:44 | 000,006,805 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\leo_ende_de.xml
[2010.11.22 23:58:44 | 000,001,178 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\wikipedia-de.xml
[2010.11.22 23:58:44 | 000,001,105 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\yahoo-de.xml
O1 HOSTS File: ([2004.08.04 14:00:00 | 000,000,820 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Programme\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
O2 - BHO: (DivX HiQ) - {593DDEC6-7468-4cdd-90E1-42DADAA222E9} - C:\Programme\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
O2 - BHO: (ASUS Security Protect Manager) - {DF21F1DB-80C6-11D3-9483-B03D0EC10000} - C:\Programme\ASUS Security Center\ASUS Security Protect Manager\Bin\ItIEAddIn.dll (Bioscrypt Inc.)
O4 - HKLM..\Run: [ACMON] C:\Programme\ASUS\Splendid\ACMON.exe (ATK)
O4 - HKLM..\Run: [Adobe ARM] C:\Programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Programme\Adobe\Reader 10.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\Alcmtr.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [Arcor Online] File not found
O4 - HKLM..\Run: [ASUS Camera ScreenSaver] C:\WINDOWS\ASScrProlog.exe ()
O4 - HKLM..\Run: [ASUS Live Update] C:\Programme\ASUS\ASUS Live Update\ALU.exe ()
O4 - HKLM..\Run: [ASUS Screen Saver Protector] C:\WINDOWS\ASScrPro.exe ()
O4 - HKLM..\Run: [ASUSTPE] C:\WINDOWS\system32\ASUSTPE.exe (ASUS)
O4 - HKLM..\Run: [avast5] C:\Programme\Alwil Software\Avast5\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [ccApp] File not found
O4 - HKLM..\Run: [CognizanceTS] C:\Programme\ASUS Security Center\ASUS Security Protect Manager\Bin\ASTSVCC.dll (Cognizance Corporation)
O4 - HKLM..\Run: [DivX Download Manager] C:\Programme\DivX\DivX Plus Web Player\DDmService.exe (DivX, LLC)
O4 - HKLM..\Run: [DivXUpdate] C:\Programme\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [IntelWireless] C:\Programme\Intel\Wireless\Bin\ifrmewrk.exe (Intel Corporation)
O4 - HKLM..\Run: [IntelZeroConfig] C:\Programme\Intel\Wireless\bin\ZCfgSvc.exe (Intel Corporation)
O4 - HKLM..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe (Nero AG)
O4 - HKLM..\Run: [PowerForPhone] C:\Programme\PowerForPhone\PowerForPhone.exe ()
O4 - HKLM..\Run: [RemoteControl] C:\Programme\ASUSTek\ASUSDVD\PDVDServ.exe (Cyberlink Corp.)
O4 - HKLM..\Run: [SMSERIAL] C:\Programme\Motorola\SMSERIAL\sm56hlpr.exe (Motorola Inc.)
O4 - HKLM..\Run: [WinampAgent] C:\Programme\Winamp\winampa.exe (Nullsoft, Inc.)
O4 - HKLM..\Run: [Wireless Console 2] C:\Programme\Wireless Console 2\wcourier.exe ()
O4 - HKCU..\Run: [MsnMsgr] File not found
O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\Bluetooth Manager.lnk = C:\Programme\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe (TOSHIBA CORPORATION.)
O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\web'n'walk Manager.lnk = C:\Programme\T-Mobile\web'n'walk Manager\web'n'walk Manager.exe (T-Mobile)
O4 - Startup: C:\Dokumente und Einstellungen\Matthias Förster\Startmenü\Programme\Autostart\ERUNT AutoBackup.lnk = C:\Programme\ERUNT\AUTOBACK.EXE ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Reg Error: Key error.)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Web Components\10\OWC10.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Web Components\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation)
O20 - AppInit_DLLs: (APSHook.dll) - C:\WINDOWS\System32\APSHook.dll (Cognizance Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\OneCard: DllName - C:\Programme\ASUS Security Center\ASUS Security Protect Manager\Bin\ASWLNPkg.dll - C:\Programme\ASUS Security Center\ASUS Security Protect Manager\Bin\ASWLNPkg.dll (Cognizance Corporation)
O24 - Desktop Components:0 (Die derzeitige Homepage) - About:Home
O24 - Desktop WallPaper: C:\Dokumente und Einstellungen\xxx\Lokale Einstellungen\Anwendungsdaten\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Dokumente und Einstellungen\xxx\Lokale Einstellungen\Anwendungsdaten\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2007.11.05 20:30:48 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ FAT32 ]
O33 - MountPoints2\{5d7ef986-6c5d-11dd-b5e2-001d60c6b485}\Shell - "" = AutoRun
O33 - MountPoints2\{5d7ef986-6c5d-11dd-b5e2-001d60c6b485}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{5d7ef986-6c5d-11dd-b5e2-001d60c6b485}\Shell\AutoRun\command - "" = H:\setup.exe AUTORUN=1
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
ActiveX: {10072CEC-8CC1-11D1-986E-00A0C955B42F} - Vektorgrafik-Rendering (VML)
ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - NetShow
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 6.4
ActiveX: {283807B5-2C60-11D0-A31D-00AA00B92C03} - DirectAnimation
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {36f8ec70-c29a-11d1-b5c7-0000f8051515} - Dynamic HTML-Datenbindung für Java
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {3bf42070-b3b1-11d1-b5c5-0000f8051515} - Uniscribe
ActiveX: {4278c270-a269-11d1-b5bf-0000f8051515} - Erweitertes Authoring
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install
ActiveX: {44BBA842-CC51-11CF-AAFA-00AA00B6015B} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT
ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - DirectShow
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f216970-c90c-11d1-b5c7-0000f8051515} - DirectAnimation Java Classes
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5056b317-8d4c-43ee-8543-b9d1e234b8f4} - Sicherheitsupdate für Windows XP (KB923789)
ActiveX: {5945c046-1e7d-11d1-bc44-00c04fd912be} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser
ActiveX: {5A8D6EE0-3E18-11D0-821E-444553540000} - ICW
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {73FA19D0-2D75-11D2-995D-00C04F98BBC9} - Webordner
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\WINDOWS\system32\ie4uinit.exe -BaseSettings
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {CC2A9BA0-3BDD-11D0-821E-444553540000} - Taskplaner
ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1
ActiveX: {D27CDB6E-AE6D-11cf-96B8-444553540000} - Adobe Flash Player
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: <{12d0ed0d-0ee0-4f90-8827-78cefb8f4988} - C:\WINDOWS\system32\ieudinit.exe
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\WINDOWS\INF\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\WINDOWS\system32\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
ActiveX: >{881dd1c5-3dcf-431b-b061-f3f88e8be88a} - %systemroot%\system32\shmgrate.exe OCInstallUserConfigOE
NetSvcs: 6to4 - File not found
NetSvcs: AppMgmt - File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found
MsConfig - StartUpFolder: C:^Dokumente und Einstellungen^All Users^Startmenü^Programme^Autostart^Adobe Reader Speed Launch.lnk - C:\Programme\Adobe\Reader 10.0\Reader\reader_sl.exe - (Adobe Systems Incorporated)
MsConfig - StartUpFolder: C:^Dokumente und Einstellungen^All Users^Startmenü^Programme^Autostart^Adobe Reader Synchronizer.lnk - C:\Programme\Adobe\Reader 10.0\Reader\AdobeCollabSync.exe - (Adobe Systems Incorporated)
MsConfig - StartUpFolder: C:^Dokumente und Einstellungen^All Users^Startmenü^Programme^Autostart^Google Updater.lnk - - File not found
MsConfig - StartUpReg: Arcor Online - hkey= - key= - File not found
MsConfig - StartUpReg: ASUS Camera ScreenSaver - hkey= - key= - C:\WINDOWS\ASScrProlog.exe ()
MsConfig - StartUpReg: ASUS Live Update - hkey= - key= - C:\Programme\ASUS\ASUS Live Update\ALU.exe ()
MsConfig - StartUpReg: ASUS Screen Saver Protector - hkey= - key= - C:\WINDOWS\ASScrPro.exe ()
MsConfig - StartUpReg: ASUSTPE - hkey= - key= - File not found
MsConfig - StartUpReg: ATKOSD2 - hkey= - key= - File not found
MsConfig - StartUpReg: ccApp - hkey= - key= - File not found
MsConfig - StartUpReg: CognizanceTS - hkey= - key= - File not found
MsConfig - StartUpReg: CTFMON.EXE - hkey= - key= - File not found
MsConfig - StartUpReg: IntelWireless - hkey= - key= - C:\Programme\Intel\Wireless\Bin\ifrmewrk.exe (Intel Corporation)
MsConfig - StartUpReg: NeroFilterCheck - hkey= - key= - File not found
MsConfig - StartUpReg: PowerForPhone - hkey= - key= - C:\Programme\PowerForPhone\PowerForPhone.exe ()
MsConfig - StartUpReg: RemoteControl - hkey= - key= - C:\Programme\ASUSTek\ASUSDVD\PDVDServ.exe (Cyberlink Corp.)
MsConfig - StartUpReg: Skype - hkey= - key= - File not found
MsConfig - StartUpReg: SkyTel - hkey= - key= - C:\WINDOWS\SkyTel.exe (Realtek Semiconductor Corp.)
MsConfig - StartUpReg: SMSERIAL - hkey= - key= - C:\Programme\Motorola\SMSERIAL\sm56hlpr.exe (Motorola Inc.)
MsConfig - StartUpReg: SunJavaUpdateSched - hkey= - key= - File not found
MsConfig - StartUpReg: swg - hkey= - key= - File not found
MsConfig - StartUpReg: TkBellExe - hkey= - key= - File not found
MsConfig - StartUpReg: Wireless Console 2 - hkey= - key= - C:\Programme\Wireless Console 2\wcourier.exe ()
MsConfig - State: "system.ini" - 0
MsConfig - State: "win.ini" - 0
MsConfig - State: "bootini" - 0
MsConfig - State: "services" - 0
MsConfig - State: "startup" - 2
CREATERESTOREPOINT
Restore point Set: OTL Restore Point (17183584330711040)
========== Files/Folders - Created Within 30 Days ==========
[2011.05.18 21:06:28 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2011.05.18 21:05:05 | 000,000,000 | ---D | C] -- C:\Programme\ERUNT
[2011.05.18 21:05:05 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\ERUNT
[2011.05.18 21:04:23 | 000,791,393 | ---- | C] (Lars Hederer ) -- C:\Dokumente und Einstellungen\xxx\Desktop\erunt-setup.exe
[2011.05.18 20:41:40 | 000,580,608 | ---- | C] (OldTimer Tools) -- C:\Dokumente und Einstellungen\xxx\Desktop\OTL.exe
[2011.05.18 19:26:21 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\xxx\Anwendungsdaten\Malwarebytes
[2011.05.18 19:26:10 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2011.05.18 19:26:10 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Malwarebytes' Anti-Malware
[2011.05.18 19:26:09 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Malwarebytes
[2011.05.18 19:26:05 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2011.05.18 19:26:04 | 000,000,000 | ---D | C] -- C:\Programme\Malwarebytes' Anti-Malware
[2011.05.18 19:24:43 | 007,734,208 | ---- | C] (Malwarebytes Corporation ) -- C:\Dokumente und Einstellungen\xxx\Desktop\mbam-setup.exe
[2011.05.16 00:07:40 | 000,000,000 | -HSD | C] -- C:\FOUND.007
[2011.05.10 03:58:46 | 000,000,000 | -HSD | C] -- C:\FOUND.006
[2011.05.04 22:51:29 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Everest Poker
[2011.05.04 22:48:50 | 000,000,000 | ---D | C] -- C:\Programme\Everest Poker
[2011.04.28 23:07:24 | 000,000,000 | -HSD | C] -- C:\FOUND.005
[2011.04.20 11:17:27 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\iTunes
[2011.04.20 11:17:24 | 000,107,368 | ---- | C] (GEAR Software Inc.) -- C:\WINDOWS\System32\GEARAspi.dll
[2011.04.20 11:16:42 | 000,000,000 | ---D | C] -- C:\Programme\iPod
[2011.04.20 11:16:40 | 000,000,000 | ---D | C] -- C:\Programme\iTunes
[2011.04.20 11:16:19 | 000,000,000 | ---D | C] -- C:\Programme\Apple Software Update
[2011.04.20 11:16:16 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2011.04.20 11:16:06 | 004,184,352 | ---- | C] (Apple, Inc.) -- C:\WINDOWS\System32\usbaaplrc.dll
[2011.04.20 11:15:51 | 000,000,000 | ---D | C] -- C:\Programme\Bonjour
[2011.04.20 11:10:40 | 080,873,256 | ---- | C] (Apple Inc.) -- C:\Dokumente und Einstellungen\xxx\Desktop\iTunesSetup.exe
[2010.07.02 20:05:24 | 011,798,656 | ---- | C] (Nullsoft, Inc.) -- C:\Programme\winamp558_full_emusic-7plus_de-de.exe
[2010.06.14 01:57:32 | 000,986,904 | ---- | C] (DivX, Inc. ) -- C:\Programme\DivXInstaller8.exe
[2007.01.24 20:08:00 | 000,005,632 | ---- | C] ( ) -- C:\WINDOWS\System32\drivers\kbfiltr.sys
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2011.05.18 21:51:56 | 000,045,056 | ---- | M] () -- C:\WINDOWS\System32\acovcnt.exe
[2011.05.18 21:49:38 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011.05.18 21:49:32 | 2138,296,320 | -HS- | M] () -- C:\hiberfil.sys
[2011.05.18 21:33:04 | 000,302,080 | ---- | M] () -- C:\Dokumente und Einstellungen\xxx\Desktop\7i7o25bt.exe
[2011.05.18 21:08:08 | 000,000,020 | ---- | M] () -- C:\Dokumente und Einstellungen\xxx\defogger_reenable
[2011.05.18 21:07:00 | 000,050,477 | ---- | M] () -- C:\Dokumente und Einstellungen\xxx\Desktop\Defogger.exe
[2011.05.18 21:05:26 | 000,000,651 | ---- | M] () -- C:\Dokumente und Einstellungen\xxx\Startmenü\Programme\Autostart\ERUNT AutoBackup.lnk
[2011.05.18 21:05:06 | 000,000,495 | ---- | M] () -- C:\Dokumente und Einstellungen\xxx\Desktop\NTREGOPT.lnk
[2011.05.18 21:05:06 | 000,000,476 | ---- | M] () -- C:\Dokumente und Einstellungen\xxx\Desktop\ERUNT.lnk
[2011.05.18 21:04:14 | 000,791,393 | ---- | M] (Lars Hederer ) -- C:\Dokumente und Einstellungen\xxx\Desktop\erunt-setup.exe
[2011.05.18 20:49:20 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Dokumente und Einstellungen\xxx\Desktop\OTL.exe
[2011.05.18 19:26:12 | 000,000,660 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2011.05.18 19:24:58 | 007,734,208 | ---- | M] (Malwarebytes Corporation ) -- C:\Dokumente und Einstellungen\Matthias Förster\Desktop\mbam-setup.exe
[2011.05.16 00:07:54 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011.05.05 13:31:04 | 000,002,607 | ---- | M] () -- C:\Dokumente und Einstellungen\xxx\Desktop\Microsoft Office Outlook 2011.lnk
[2011.05.04 22:51:30 | 000,001,489 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Everest Poker.lnk
[2011.05.04 22:48:30 | 001,188,688 | ---- | M] () -- C:\Dokumente und Einstellungen\xxx\Desktop\Everest Poker.exe
[2011.04.26 11:56:24 | 000,338,054 | ---- | M] () -- C:\Dokumente und Einstellungen\xxx\Desktop\CASHANTRAG_20110426_115154_D0B179983A9DEBA33B7AA242642EF2A7cash_23648.pdf
[2011.04.20 11:17:28 | 000,001,426 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\iTunes.lnk
[2011.04.20 11:16:22 | 000,000,276 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2011.04.20 11:12:44 | 080,873,256 | ---- | M] (Apple Inc.) -- C:\Dokumente und Einstellungen\xxx\Desktop\iTunesSetup.exe
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
========== Files Created - No Company Name ==========
[2011.05.18 21:33:06 | 000,302,080 | ---- | C] () -- C:\Dokumente und Einstellungen\xxx\Desktop\7i7o25bt.exe
[2011.05.18 21:07:51 | 000,000,020 | ---- | C] () -- C:\Dokumente und Einstellungen\xxx\defogger_reenable
[2011.05.18 21:07:04 | 000,050,477 | ---- | C] () -- C:\Dokumente und Einstellungen\xxx\Desktop\Defogger.exe
[2011.05.18 21:05:25 | 000,000,651 | ---- | C] () -- C:\Dokumente und Einstellungen\xxx\Startmenü\Programme\Autostart\ERUNT AutoBackup.lnk
[2011.05.18 21:05:05 | 000,000,495 | ---- | C] () -- C:\Dokumente und Einstellungen\xxx\Desktop\NTREGOPT.lnk
[2011.05.18 21:05:05 | 000,000,476 | ---- | C] () -- C:\Dokumente und Einstellungen\xxx\Desktop\ERUNT.lnk
[2011.05.18 19:26:10 | 000,000,660 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2011.05.04 22:51:29 | 000,001,489 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Everest Poker.lnk
[2011.05.04 22:48:34 | 001,188,688 | ---- | C] () -- C:\Dokumente und Einstellungen\xxx\Desktop\Everest Poker.exe
[2011.04.26 11:56:22 | 000,338,054 | ---- | C] () -- C:\Dokumente und Einstellungen\xxx\Desktop\CASHANTRAG_20110426_115154_D0B179983A9DEBA33B7AA242642EF2A7cash_23648.pdf
[2011.04.20 11:17:27 | 000,001,426 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\iTunes.lnk
[2011.03.21 22:50:37 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\acovcnt.exe
[2010.12.09 09:40:53 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2010.12.08 13:16:46 | 000,044,104 | -H-- | C] () -- C:\WINDOWS\System32\mlfcache.dat
[2010.08.30 14:09:13 | 000,000,056 | -H-- | C] () -- C:\WINDOWS\System32\ezsidmv.dat
[2010.07.03 21:09:45 | 003,389,035 | ---- | C] () -- C:\Programme\eMule0.50a-Installer.exe
[2010.06.13 03:37:40 | 000,172,032 | ---- | C] () -- C:\WINDOWS\WsBtn.dll
[2009.11.16 18:33:38 | 000,053,299 | ---- | C] () -- C:\WINDOWS\System32\pthreadVC.dll
[2009.06.07 13:27:20 | 000,073,728 | ---- | C] () -- C:\WINDOWS\System32\vbzlib1.dll
[2008.11.10 00:50:06 | 000,000,256 | ---- | C] () -- C:\WINDOWS\System32\pool.bin
[2008.07.16 17:27:34 | 000,000,440 | ---- | C] () -- C:\WINDOWS\cdplayer.ini
[2008.03.30 16:30:36 | 000,000,074 | ---- | C] () -- C:\WINDOWS\tm.ini
[2008.03.29 13:50:53 | 000,024,064 | ---- | C] () -- C:\Dokumente und Einstellungen\xxx\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008.03.28 19:46:12 | 000,000,400 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2008.02.19 14:34:07 | 000,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2008.02.06 00:41:07 | 000,000,099 | ---- | C] () -- C:\WINDOWS\WirelessFTP.INI
[2008.02.05 22:46:19 | 000,001,142 | ---- | C] () -- C:\WINDOWS\mozver.dat
[2008.02.05 22:35:13 | 000,000,032 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\ezsid.dat
[2008.02.05 21:43:14 | 000,000,024 | ---- | C] () -- C:\WINDOWS\ATKPF.ini
[2008.02.05 20:00:27 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2007.11.05 21:26:30 | 000,037,232 | ---- | C] () -- C:\WINDOWS\ASScrProlog.exe
[2007.11.05 21:26:28 | 000,012,288 | ---- | C] () -- C:\WINDOWS\impborl.dll
[2007.11.05 21:26:22 | 000,033,136 | ---- | C] () -- C:\WINDOWS\ASScrPro.exe
[2007.11.05 21:03:45 | 000,356,352 | ---- | C] () -- C:\WINDOWS\System32\AegisI5Installer.exe
[2007.11.05 20:48:50 | 000,049,152 | R--- | C] () -- C:\WINDOWS\System32\ChCfg.exe
[2007.11.05 20:41:36 | 000,910,464 | R--- | C] () -- C:\WINDOWS\System32\igmedkrn.dll
[2007.11.05 20:41:36 | 000,204,800 | R--- | C] () -- C:\WINDOWS\System32\igfxCoIn_v4837.dll
[2007.11.05 20:32:56 | 000,000,849 | ---- | C] () -- C:\WINDOWS\orun32.ini
[2007.11.05 20:32:06 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2007.11.05 20:29:19 | 000,021,740 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2007.11.05 20:24:59 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2007.11.05 20:24:22 | 000,198,552 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2007.11.05 14:31:17 | 000,000,000 | ---- | C] () -- C:\WINDOWS\tosOBEX.INI
[2007.11.05 14:31:10 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2007.05.30 10:51:00 | 000,073,728 | ---- | C] () -- C:\WINDOWS\StkUnist.exe
[2006.12.05 13:05:04 | 000,114,688 | ---- | C] () -- C:\WINDOWS\System32\TosBtAcc.dll
[2006.01.03 05:16:32 | 000,000,010 | ---- | C] () -- C:\WINDOWS\System32\ABLKSR.ini
[2005.07.22 21:30:18 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\TosCommAPI.dll
[2005.04.03 10:30:00 | 000,110,592 | R--- | C] () -- C:\WINDOWS\System32\scardsyn.dll
[2004.09.07 16:34:59 | 000,007,424 | ---- | C] () -- C:\WINDOWS\System32\drivers\MMIOPORT.SYS
[2004.09.07 16:34:59 | 000,002,538 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI
[2004.09.07 16:34:17 | 000,320,668 | ---- | C] () -- C:\WINDOWS\System32\perfh007.dat
[2004.09.07 16:34:17 | 000,269,480 | ---- | C] () -- C:\WINDOWS\System32\perfi007.dat
[2004.09.07 16:34:17 | 000,049,570 | ---- | C] () -- C:\WINDOWS\System32\perfc007.dat
[2004.09.07 16:34:17 | 000,034,478 | ---- | C] () -- C:\WINDOWS\System32\perfd007.dat
[2004.09.07 16:34:02 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2004.09.07 16:34:00 | 000,314,842 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2004.09.07 16:34:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2004.09.07 16:34:00 | 000,041,170 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2004.09.07 16:34:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2004.09.07 16:33:59 | 000,004,487 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2004.09.07 16:33:57 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2004.09.07 16:33:56 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2004.09.07 16:33:51 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2004.09.07 16:33:51 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2004.09.07 16:33:45 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2004.09.07 16:33:36 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\Dcache.bin
[2003.02.20 17:53:42 | 000,005,702 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI
[1998.05.06 15:10:00 | 000,069,632 | R--- | C] () -- C:\WINDOWS\System32\ODMA32.dll
========== LOP Check ==========
[2008.03.30 16:30:38 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\AAV
[2010.09.15 16:43:20 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Alwil Software
[2010.11.23 15:47:28 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2010.12.23 01:15:10 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Screentime
[2008.02.05 20:48:58 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\xxx\Anwendungsdaten\LimeWire
[2008.03.28 19:36:04 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungenxxx\Anwendungsdaten\DAEMON Tools
[2008.03.29 13:54:22 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\xxx\Anwendungsdaten\Azureus
[2010.06.24 03:37:30 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\xxx
\Anwendungsdaten\OpenCandy
[2010.06.24 12:47:54 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\xxx\Anwendungsdaten\Uniblue
[2010.12.21 02:26:32 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\xxx\Anwendungsdaten\Local
[2011.03.23 23:45:12 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\xxx\Anwendungsdaten\MSNInstaller
========== Purity Check ==========
========== Custom Scans ==========
< %SYSTEMDRIVE%\*. >
[2010.12.20 00:52:54 | 000,000,000 | -HSD | M] -- C:\FOUND.000
[2010.12.20 01:05:22 | 000,000,000 | -HSD | M] -- C:\FOUND.001
[2010.12.24 00:57:10 | 000,000,000 | -HSD | M] -- C:\FOUND.002
[2010.12.24 12:25:46 | 000,000,000 | -HSD | M] -- C:\FOUND.003
[2011.02.04 22:12:54 | 000,000,000 | -HSD | M] -- C:\FOUND.004
[2011.04.20 11:16:18 | 000,000,000 | -HSD | M] -- C:\Config.Msi
[2011.04.28 23:07:24 | 000,000,000 | -HSD | M] -- C:\FOUND.005
[2011.05.10 03:58:46 | 000,000,000 | -HSD | M] -- C:\FOUND.006
[2011.05.16 00:07:40 | 000,000,000 | -HSD | M] -- C:\FOUND.007
[2007.11.05 20:20:06 | 000,000,000 | ---D | M] -- C:\WINDOWS
[2007.11.05 20:23:54 | 000,000,000 | ---D | M] -- C:\SUPPORT
[2007.11.05 20:23:54 | 000,000,000 | ---D | M] -- C:\VALUEADD
[2007.11.05 20:24:24 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen
[2007.11.05 20:29:56 | 000,000,000 | R--D | M] -- C:\Programme
[2007.11.05 20:32:44 | 000,000,000 | -HSD | M] -- C:\System Volume Information
[2007.11.05 20:41:32 | 000,000,000 | ---D | M] -- C:\Intel
[2007.11.05 14:31:16 | 000,000,000 | -HSD | M] -- C:\Recycled
[2008.03.28 19:41:50 | 000,000,000 | RH-D | M] -- C:\MSOCache
< %PROGRAMFILES%\*.exe >
[2010.06.14 02:02:12 | 000,986,904 | ---- | M] (DivX, Inc. ) -- C:\Programme\DivXInstaller8.exe
[2010.07.02 20:06:06 | 011,798,656 | ---- | M] (Nullsoft, Inc.) -- C:\Programme\winamp558_full_emusic-7plus_de-de.exe
[2010.07.03 21:09:52 | 003,389,035 | ---- | M] () -- C:\Programme\eMule0.50a-Installer.exe
< %PROGRAMFILES%\*. >
[2007.11.05 20:25:00 | 000,000,000 | ---D | M] -- C:\Programme\Gemeinsame Dateien
[2007.11.05 20:28:22 | 000,000,000 | ---D | M] -- C:\Programme\Windows NT
[2007.11.05 20:28:22 | 000,000,000 | ---D | M] -- C:\Programme\MSN
[2007.11.05 20:28:30 | 000,000,000 | ---D | M] -- C:\Programme\MSN Gaming Zone
[2007.11.05 20:28:30 | 000,000,000 | ---D | M] -- C:\Programme\Messenger
[2007.11.05 20:28:34 | 000,000,000 | ---D | M] -- C:\Programme\Windows Media Player
[2007.11.05 20:28:34 | 000,000,000 | ---D | M] -- C:\Programme\Online Services
[2007.11.05 20:29:04 | 000,000,000 | ---D | M] -- C:\Programme\ComPlus Applications
[2007.11.05 20:29:22 | 000,000,000 | ---D | M] -- C:\Programme\Internet Explorer
[2007.11.05 20:29:24 | 000,000,000 | ---D | M] -- C:\Programme\Outlook Express
[2007.11.05 20:29:24 | 000,000,000 | ---D | M] -- C:\Programme\NetMeeting
[2007.11.05 20:29:26 | 000,000,000 | ---D | M] -- C:\Programme\Movie Maker
[2007.11.05 20:29:42 | 000,000,000 | ---D | M] -- C:\Programme\Online-Dienste
[2007.11.05 20:29:46 | 000,000,000 | -H-D | M] -- C:\Programme\WindowsUpdate
[2007.11.05 20:30:54 | 000,000,000 | ---D | M] -- C:\Programme\microsoft frontpage
[2007.11.05 20:30:54 | 000,000,000 | ---D | M] -- C:\Programme\xerox
[2007.11.05 20:36:34 | 000,000,000 | ---D | M] -- C:\Programme\Motorola
[2007.11.05 20:37:42 | 000,000,000 | -H-D | M] -- C:\Programme\Uninstall Information
[2007.11.05 20:43:52 | 000,000,000 | ---D | M] -- C:\Programme\Intel
[2007.11.05 20:48:32 | 000,000,000 | -H-D | M] -- C:\Programme\InstallShield Installation Information
[2007.11.05 20:48:32 | 000,000,000 | ---D | M] -- C:\Programme\Realtek
[2007.11.05 21:00:34 | 000,000,000 | ---D | M] -- C:\Programme\Fingerprint Sensor
[2007.11.05 21:00:42 | 000,000,000 | ---D | M] -- C:\Programme\ASUS Security Center
[2007.11.05 21:02:20 | 000,000,000 | ---D | M] -- C:\Programme\Wireless Console 2
[2007.11.05 21:05:46 | 000,000,000 | ---D | M] -- C:\Programme\ASUS
[2007.11.05 21:13:20 | 000,000,000 | ---D | M] -- C:\Programme\PowerForPhone
[2007.11.05 21:14:02 | 000,000,000 | ---D | M] -- C:\Programme\Toshiba
[2007.11.05 21:17:44 | 000,000,000 | ---D | M] -- C:\Programme\ASUSTek
[2007.11.05 21:17:44 | 000,000,000 | ---D | M] -- C:\Programme\CyberLink
[2007.11.05 21:18:54 | 000,000,000 | ---D | M] -- C:\Programme\Ahead
[2008.02.05 19:57:54 | 000,000,000 | ---D | M] -- C:\Programme\Google
[2008.02.05 20:00:16 | 000,000,000 | ---D | M] -- C:\Programme\Mozilla Firefox
[2008.02.05 20:46:38 | 000,000,000 | ---D | M] -- C:\Programme\LimeWire
[2008.02.05 20:47:58 | 000,000,000 | ---D | M] -- C:\Programme\Java
[2008.02.05 22:19:34 | 000,000,000 | ---D | M] -- C:\Programme\Real
[2008.02.05 23:31:58 | 000,000,000 | ---D | M] -- C:\Programme\Alwil Software
[2008.02.06 01:34:24 | 000,000,000 | ---D | M] -- C:\Programme\MSXML 6.0
[2008.02.09 03:13:18 | 000,000,000 | ---D | M] -- C:\Programme\PokerStars.NET
[2008.02.19 14:31:12 | 000,000,000 | ---D | M] -- C:\Programme\VideoLAN
[2008.03.02 02:33:46 | 000,000,000 | ---D | M] -- C:\Programme\Full Tilt Poker
[2008.03.19 13:18:24 | 000,000,000 | ---D | M] -- C:\Programme\OpenOffice.org 2.3
[2008.03.28 19:43:56 | 000,000,000 | ---D | M] -- C:\Programme\Microsoft Office
[2008.03.28 19:45:06 | 000,000,000 | ---D | M] -- C:\Programme\Microsoft.NET
[2008.03.29 13:53:22 | 000,000,000 | ---D | M] -- C:\Programme\Azureus
[2008.03.30 16:29:54 | 000,000,000 | ---D | M] -- C:\Programme\Akademische Arbeitsgemeinschaft
[2008.03.31 20:49:36 | 000,000,000 | ---D | M] -- C:\Programme\WinRAR
[2008.08.17 15:07:24 | 000,000,000 | ---D | M] -- C:\Programme\T-Mobile
[2008.11.11 02:15:18 | 000,000,000 | ---D | M] -- C:\Programme\MSXML 4.0
[2009.05.25 17:43:58 | 000,000,000 | ---D | M] -- C:\Programme\Full Tilt Poker.Net
[2010.06.14 02:03:00 | 000,000,000 | ---D | M] -- C:\Programme\DivX
[2010.06.24 03:37:04 | 000,000,000 | ---D | M] -- C:\Programme\DsNET Corp
[2010.06.24 03:37:36 | 000,000,000 | ---D | M] -- C:\Programme\WinPcap
[2010.07.02 20:07:04 | 000,000,000 | ---D | M] -- C:\Programme\Winamp
[2010.07.02 20:07:18 | 000,000,000 | ---D | M] -- C:\Programme\Winamp Detect
[2008.02.05 20:01:16 | 000,000,000 | ---D | M] -- C:\Programme\Matze Programme
[2010.07.03 21:10:20 | 000,000,000 | ---D | M] -- C:\Programme\eMule
[2010.08.25 22:55:12 | 000,000,000 | ---D | M] -- C:\Programme\Microids
[2010.11.23 15:46:12 | 000,000,000 | ---D | M] -- C:\Programme\QuickTime
[2011.04.17 19:23:30 | 000,000,000 | ---D | M] -- C:\Programme\Adobe
[2011.04.20 11:15:52 | 000,000,000 | ---D | M] -- C:\Programme\Bonjour
[2011.04.20 11:16:20 | 000,000,000 | ---D | M] -- C:\Programme\Apple Software Update
[2011.04.20 11:16:42 | 000,000,000 | ---D | M] -- C:\Programme\iTunes
[2011.04.20 11:16:44 | 000,000,000 | ---D | M] -- C:\Programme\iPod
[2011.05.04 22:48:52 | 000,000,000 | ---D | M] -- C:\Programme\Everest Poker
[2011.05.18 19:26:06 | 000,000,000 | ---D | M] -- C:\Programme\Malwarebytes' Anti-Malware
[2011.05.18 21:05:06 | 000,000,000 | ---D | M] -- C:\Programme\ERUNT
Invalid Environment Variable: LOCALAPPDATA
< %systemroot%\*. /mp /s >
< MD5 for: EXPLORER.EXE >
[2004.08.04 14:00:00 | 001,035,264 | ---- | M] (Microsoft Corporation) MD5=22FE1BE02EADDE1632E478E4125639E0 -- C:\WINDOWS\$NtUninstallKB938828$\explorer.exe
[2007.06.13 14:10:08 | 001,036,288 | ---- | M] (Microsoft Corporation) MD5=331ED93570BAF3CFE30340298762CD56 -- C:\WINDOWS\$hf_mig$\KB938828\SP2QFE\explorer.exe
[2008.04.14 04:22:46 | 001,036,800 | ---- | M] (Microsoft Corporation) MD5=418045A93CD87A352098AB7DABE1B53E -- C:\WINDOWS\explorer.exe
[2008.04.14 04:22:46 | 001,036,800 | ---- | M] (Microsoft Corporation) MD5=418045A93CD87A352098AB7DABE1B53E -- C:\WINDOWS\ServicePackFiles\i386\explorer.exe
[2007.06.13 14:21:46 | 001,036,288 | ---- | M] (Microsoft Corporation) MD5=64D320C0E301EEDC5A4ADBBDC5024F7F -- C:\WINDOWS\$NtServicePackUninstall$\explorer.exe
< MD5 for: REGEDIT.EXE >
[2004.08.04 14:00:00 | 000,153,600 | ---- | M] (Microsoft Corporation) MD5=8193CE5FB09E83F2699FD65BBCBE2FD2 -- C:\WINDOWS\$NtServicePackUninstall$\regedit.exe
[2004.08.04 14:00:00 | 000,153,600 | ---- | M] (Microsoft Corporation) MD5=8193CE5FB09E83F2699FD65BBCBE2FD2 -- C:\WINDOWS\I386\REGEDIT.EXE
[2008.04.14 04:22:58 | 000,153,600 | ---- | M] (Microsoft Corporation) MD5=AD9226BF3CED13636083BB9C76E9D2A2 -- C:\WINDOWS\regedit.exe
[2008.04.14 04:22:58 | 000,153,600 | ---- | M] (Microsoft Corporation) MD5=AD9226BF3CED13636083BB9C76E9D2A2 -- C:\WINDOWS\ServicePackFiles\i386\regedit.exe
< MD5 for: USERINIT.EXE >
[2008.04.14 04:23:04 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=788F95312E26389D596C0FA55834E106 -- C:\WINDOWS\ServicePackFiles\i386\userinit.exe
[2008.04.14 04:23:04 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=788F95312E26389D596C0FA55834E106 -- C:\WINDOWS\system32\userinit.exe
[2004.08.04 14:00:00 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=D1E53DC57143F2584B1DD53B036C0633 -- C:\WINDOWS\$NtServicePackUninstall$\userinit.exe
< MD5 for: WINLOGON.EXE >
[2004.08.04 14:00:00 | 000,507,392 | ---- | M] (Microsoft Corporation) MD5=2B6A0BAF33A9918F09442D873848FF72 -- C:\WINDOWS\$NtServicePackUninstall$\winlogon.exe
[2008.04.14 04:23:06 | 000,513,024 | ---- | M] (Microsoft Corporation) MD5=F09A527B422E25C478E38CAA0E44417A -- C:\WINDOWS\ServicePackFiles\i386\winlogon.exe
[2008.04.14 04:23:06 | 000,513,024 | ---- | M] (Microsoft Corporation) MD5=F09A527B422E25C478E38CAA0E44417A -- C:\WINDOWS\system32\winlogon.exe
< HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU >
< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs >
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install\\LastSuccessTime: 2011-05-12 01:02:35
< >
< End of report > --- --- --- |