[code] OTScanIt2 logfile created on: 14.12.2008 23:14:21 - Run 1 OTScanIt2 by OldTimer - Version 1.0.3.1 Folder = C:\Dokumente und Einstellungen\Administrator\Desktop\OTScanIt2 Windows XP Professional Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 7.0.5730.13) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 1022,42 Mb Total Physical Memory | 593,33 Mb Available Physical Memory | 58,03% Memory free 2,40 Gb Paging File | 1,75 Gb Available in Paging File | 72,96% Paging File free Paging file location(s): C:\pagefile.sys 1536 3072; %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme Drive C: | 34,93 Gb Total Space | 11,81 Gb Free Space | 33,80% Space Free | Partition Type: NTFS Drive D: | 39,60 Gb Total Space | 4,86 Gb Free Space | 12,27% Space Free | Partition Type: NTFS E: Drive not present or media not loaded F: Drive not present or media not loaded G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: NOTE2006 Current User Name: Administrator Logged in as Administrator. Current Boot Mode: Normal Scan Mode: Current user Whitelist: On File Age = 30 Days [Processes - Safe List] avgnt.exe -> %ProgramFiles%\Avira\AntiVir PersonalEdition Classic\avgnt.exe -> [2008.06.12 13:28:40 | 00,266,497 | ---- | M] (Avira GmbH) avguard.exe -> %ProgramFiles%\Avira\AntiVir PersonalEdition Classic\avguard.exe -> [2008.10.15 13:29:58 | 00,151,297 | ---- | M] (Avira GmbH) avgwdsvc.exe -> %ProgramFiles%\AVG\AVG8\avgwdsvc.exe -> [2008.12.14 03:20:09 | 00,231,704 | ---- | M] (AVG Technologies CZ, s.r.o.) googleupdaterservice.exe -> %ProgramFiles%\Google\Common\Google Updater\GoogleUpdaterService.exe -> [2008.10.29 17:06:22 | 00,168,432 | ---- | M] (Google) hphipm11.exe -> %SystemRoot%\system32\hphipm11.exe -> [2002.05.24 13:46:13 | 00,077,824 | ---- | M] (HP) iexplore.exe -> %ProgramFiles%\Internet Explorer\iexplore.exe -> [2008.08.23 06:56:15 | 00,635,848 | ---- | M] (Microsoft Corporation) isbmgr.exe -> %ProgramFiles%\Sony\ISB Utility\ISBMgr.exe -> [2004.02.20 14:12:34 | 00,032,768 | ---- | M] (Sony Corporation) msmsgs.exe -> %ProgramFiles%\Messenger\msmsgs.exe -> [2003.04.14 20:05:18 | 01,498,032 | ---- | M] (Microsoft Corporation) msnmsgr.exe -> %ProgramFiles%\Windows Live\Messenger\msnmsgr.exe -> [2007.10.18 11:34:34 | 05,724,184 | ---- | M] (Microsoft Corporation) nmbgmonitor.exe -> %CommonProgramFiles%\Ahead\Lib\NMBgMonitor.exe -> [2006.04.21 17:03:34 | 00,094,208 | ---- | M] (Nero AG) otscanit2.exe -> %UserProfile%\Desktop\OTScanIt2\OTScanIt2.exe -> [2008.12.12 09:24:20 | 00,477,184 | ---- | M] (OldTimer Tools) pctsauxs.exe -> %ProgramFiles%\Spyware Doctor\pctsAuxs.exe -> [2008.06.13 15:29:14 | 00,356,920 | ---- | M] (PC Tools) pctssvc.exe -> %ProgramFiles%\Spyware Doctor\pctsSvc.exe -> [2008.08.07 12:12:38 | 01,073,544 | ---- | M] (PC Tools) pdvdserv.exe -> %ProgramFiles%\CyberLink\PowerDVD\PDVDServ.exe -> [2004.11.02 20:24:46 | 00,032,768 | ---- | M] (Cyberlink Corp.) regsrvc.exe -> %ProgramFiles%\Intel\Wireless\Bin\RegSrvc.exe -> [2004.08.06 16:42:36 | 00,139,264 | ---- | M] (Intel Corporation) runservice.exe -> %SystemRoot%\Runservice.exe -> [2008.09.29 17:03:38 | 00,002,560 | ---- | M] () sched.exe -> %ProgramFiles%\Avira\AntiVir PersonalEdition Classic\sched.exe -> [2008.10.15 13:31:50 | 00,068,865 | ---- | M] (Avira GmbH) spmgr.exe -> %ProgramFiles%\Sony\VAIO Power Management\SPMgr.exe -> [2004.10.21 19:12:48 | 00,184,320 | ---- | M] (Sony Corporation) usnsvc.exe -> %ProgramFiles%\Windows Live\Messenger\usnsvc.exe -> [2007.10.18 11:31:54 | 00,098,328 | ---- | M] (Microsoft Corporation) vesmgr.exe -> %ProgramFiles%\Sony\VAIO Event Service\VESMgr.exe -> [2004.09.30 10:54:20 | 00,150,016 | ---- | M] (Sony Corporation) vsmon.exe -> %SystemRoot%\system32\ZoneLabs\vsmon.exe -> [2008.07.09 09:05:18 | 00,075,304 | ---- | M] (Zone Labs, LLC) winstylerthemesvc.exe -> %ProgramFiles%\TuneUpUtilities2006\WinStylerThemeSvc.exe -> [2005.08.24 02:29:52 | 00,118,272 | ---- | M] (TuneUp Software GmbH) wlanutil.exe -> %ProgramFiles%\IEEE 802.11g USB Wireless LAN\IEEE 802.11g USB Wireless LAN\WlanUtil.exe -> [2004.04.23 11:26:50 | 00,364,544 | ---- | M] () wlloginproxy.exe -> %CommonProgramFiles%\Microsoft Shared\Windows Live\WLLoginProxy.exe -> [2007.09.20 10:35:36 | 00,118,336 | ---- | M] (Microsoft Corporation) zlclient.exe -> %ProgramFiles%\Zone Labs\ZoneAlarm\zlclient.exe -> [2008.07.09 09:05:20 | 00,919,016 | ---- | M] (Zone Labs, LLC) [Win32 Services - Safe List] (6to4) IPv6-Hilfsdienst [Win32_Shared | Auto | Running] -> %SystemRoot%\system32\6to4svc.dll -> [2006.08.16 12:58:06 | 00,100,352 | ---- | M] (Microsoft Corporation) (Adobe LM Service) Adobe LM Service [Win32_Own | On_Demand | Stopped] -> %CommonProgramFiles%\Adobe Systems Shared\Service\Adobelmsvc.exe -> [2006.12.21 23:23:22 | 00,072,704 | ---- | M] (Adobe Systems) (AntiVirScheduler) Avira AntiVir Personal - Free Antivirus Planer [Win32_Own | Auto | Running] -> %ProgramFiles%\Avira\AntiVir PersonalEdition Classic\sched.exe -> [2008.10.15 13:31:50 | 00,068,865 | ---- | M] (Avira GmbH) (AntiVirService) Avira AntiVir Personal - Free Antivirus Guard [Win32_Own | Auto | Running] -> %ProgramFiles%\Avira\AntiVir PersonalEdition Classic\avguard.exe -> [2008.10.15 13:29:58 | 00,151,297 | ---- | M] (Avira GmbH) (aspnet_state) ASP.NET-Zustandsdienst [Win32_Own | On_Demand | Stopped] -> %SystemRoot%\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe -> [2007.10.24 00:47:22 | 00,033,800 | ---- | M] (Microsoft Corporation) (avg8wd) AVG Free8 WatchDog [Win32_Own | Auto | Running] -> %ProgramFiles%\AVG\AVG8\avgwdsvc.exe -> [2008.12.14 03:20:09 | 00,231,704 | ---- | M] (AVG Technologies CZ, s.r.o.) (clr_optimization_v2.0.50727_32) .NET Runtime Optimization Service v2.0.50727_X86 [Win32_Own | On_Demand | Stopped] -> %SystemRoot%\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -> [2007.10.24 00:47:40 | 00,070,144 | ---- | M] (Microsoft Corporation) (EvtEng) EvtEng [Win32_Own | Auto | Stopped] -> %ProgramFiles%\Intel\Wireless\Bin\EvtEng.exe -> [2004.08.06 16:43:12 | 00,086,016 | ---- | M] (Intel Corporation) (GoogleDesktopManager-061008-081103) Google Desktop Manager 5.7.806.10245 [Win32_Own | On_Demand | Stopped] -> %ProgramFiles%\Google\Google Desktop Search\GoogleDesktop.exe -> [2008.09.23 15:14:39 | 00,029,744 | ---- | M] (Google) (gusvc) Google Updater Service [Win32_Own | Auto | Running] -> %ProgramFiles%\Google\Common\Google Updater\GoogleUpdaterService.exe -> [2008.10.29 17:06:22 | 00,168,432 | ---- | M] (Google) (helpsvc) Hilfe und Support [Win32_Shared | Auto | Running] -> %SystemRoot%\pchealth\helpctr\binaries\pchsvc.dll -> [2006.06.01 20:06:00 | 00,038,912 | ---- | M] (Microsoft Corporation) (IDriverT) InstallDriver Table Manager [Win32_Own | On_Demand | Stopped] -> %CommonProgramFiles%\InstallShield\Driver\1150\Intel 32\IDriverT.exe -> [2005.11.14 01:06:04 | 00,069,632 | ---- | M] (Macrovision Corporation) (kavsvc) kavsvc [Win32_Own | Auto | Stopped] -> %ProgramFiles%\Kaspersky Lab\Kaspersky Anti-Virus Personal Pro\kavsvc.exe -> [2005.08.04 15:00:54 | 00,958,570 | ---- | M] (Kaspersky Lab) (LicCtrlService) LicCtrl Service [Win32_Own | Auto | Running] -> %SystemRoot%\Runservice.exe -> [2008.09.29 17:03:38 | 00,002,560 | ---- | M] () (NVSvc) NVIDIA Display Driver Service [Win32_Own | Auto | Stopped] -> %SystemRoot%\system32\nvsvc32.exe -> [2004.11.05 13:05:00 | 00,127,043 | ---- | M] (NVIDIA Corporation) (NWCWorkstation) Client Service für NetWare [Win32_Shared | Auto | Running] -> %SystemRoot%\system32\nwwks.dll -> [2006.10.13 13:35:14 | 00,065,536 | ---- | M] (Microsoft Corporation) (O&O Defrag) O&O Defrag [Win32_Own | Auto | Stopped] -> %SystemRoot%\system32\oodag.exe -> [2005.05.11 03:09:54 | 00,225,280 | ---- | M] (O&O Software GmbH) (ose) Office Source Engine [Win32_Own | On_Demand | Stopped] -> %CommonProgramFiles%\Microsoft Shared\Source Engine\OSE.EXE -> [2003.07.28 11:28:22 | 00,089,136 | ---- | M] (Microsoft Corporation) (Pml Driver HPH11) Pml Driver HPH11 [Win32_Own | On_Demand | Running] -> %SystemRoot%\system32\hphipm11.exe -> [2002.05.24 13:46:13 | 00,077,824 | ---- | M] (HP) (Pml Driver HPZ12) Pml Driver HPZ12 [Win32_Own | Auto | Stopped] -> %SystemRoot%\system32\HPZipm12.exe -> [2004.09.29 12:14:36 | 00,069,632 | ---- | M] (HP) (PnkBstrA) PnkBstrA [Win32_Own | Auto | Stopped] -> %SystemRoot%\system32\PnkBstrA.exe -> [2007.10.21 11:17:15 | 00,066,872 | ---- | M] () (RegSrvc) RegSrvc [Win32_Own | Auto | Running] -> %ProgramFiles%\Intel\Wireless\Bin\RegSrvc.exe -> [2004.08.06 16:42:36 | 00,139,264 | ---- | M] (Intel Corporation) (S24EventMonitor) Spectrum24 Event Monitor [Win32_Own | Auto | Stopped] -> %ProgramFiles%\Intel\Wireless\Bin\S24EvMon.exe -> [2004.08.06 16:45:44 | 00,360,521 | ---- | M] (Intel Corporation ) (sdAuxService) PC Tools Auxiliary Service [Win32_Own | Auto | Running] -> %ProgramFiles%\Spyware Doctor\pctsAuxs.exe -> [2008.06.13 15:29:14 | 00,356,920 | ---- | M] (PC Tools) (sdCoreService) PC Tools Security Service [Win32_Own | Auto | Running] -> %ProgramFiles%\Spyware Doctor\pctsSvc.exe -> [2008.08.07 12:12:38 | 01,073,544 | ---- | M] (PC Tools) (TUWinStylerThemeSvc) TuneUp WinStyler Theme Service [Win32_Own | Auto | Running] -> %ProgramFiles%\TuneUpUtilities2006\WinStylerThemeSvc.exe -> [2005.08.24 02:29:52 | 00,118,272 | ---- | M] (TuneUp Software GmbH) (usnjsvc) Messenger USN Journal Reader-Service für freigegebene Ordner [Win32_Own | On_Demand | Running] -> %ProgramFiles%\Windows Live\Messenger\usnsvc.exe -> [2007.10.18 11:31:54 | 00,098,328 | ---- | M] (Microsoft Corporation) (VAIO Event Service) VAIO Event Service [Win32_Own | Auto | Running] -> %ProgramFiles%\Sony\VAIO Event Service\VESMgr.exe -> [2004.09.30 10:54:20 | 00,150,016 | ---- | M] (Sony Corporation) (vsmon) TrueVector Internet Monitor [Win32_Own | Auto | Running] -> %SystemRoot%\system32\ZoneLabs\vsmon.exe -> [2008.07.09 09:05:18 | 00,075,304 | ---- | M] (Zone Labs, LLC) (WLSetupSvc) Windows Live Setup Service [Win32_Own | On_Demand | Stopped] -> %ProgramFiles%\Windows Live\installer\WLSetupSvc.exe -> [2007.10.25 15:27:54 | 00,266,240 | ---- | M] (Microsoft Corporation) (WMPNetworkSvc) Windows Media Player-Netzwerkfreigabedienst [Win32_Own | On_Demand | Stopped] -> %ProgramFiles%\Windows Media Player\wmpnetwk.exe -> [2006.11.03 08:56:28 | 00,920,576 | ---- | M] (Microsoft Corporation) (WudfSvc) Windows Driver Foundation - User-mode Driver Framework [Win32_Shared | Auto | Running] -> %SystemRoot%\system32\WudfSvc.dll -> [2006.09.28 18:56:14 | 00,055,808 | ---- | M] (Microsoft Corporation) [Driver Services - Safe List] (ACEDRV07) ACEDRV07 [Kernel | Auto | Running] -> %SystemRoot%\system32\drivers\ACEDRV07.sys -> [2007.10.19 10:52:47 | 00,101,376 | ---- | M] (Protect Software GmbH) (ACEDRV08) ACEDRV08 [Kernel | Auto | Running] -> %SystemRoot%\system32\drivers\ACEDRV08.sys -> [2007.03.06 13:25:00 | 00,108,768 | ---- | M] (Protect Software GmbH) (AegisP) AEGIS Protocol (IEEE 802.1x) v3.1.0.1 [Kernel | Auto | Running] -> %SystemRoot%\system32\drivers\AegisP.sys -> [2006.12.22 00:40:36 | 00,017,056 | ---- | M] (Meetinghouse Data Communications) (AFS2K) AFS2K [Kernel | System | Running] -> %SystemRoot%\System32\drivers\AFS2K.SYS -> [2008.01.10 20:01:09 | 00,082,380 | ---- | M] (Oak Technology Inc.) (Am772) IEEE 802.11b Wireless LAN Cardbus Card Driver [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\WLANNDS.sys -> [2003.08.20 08:20:28 | 00,152,878 | R--- | M] (Advanced Micro Devices Inc.) (atksgt) atksgt [Kernel | Auto | Running] -> %SystemRoot%\system32\drivers\atksgt.sys -> [2008.10.13 11:09:46 | 00,271,360 | ---- | M] () (avgio) avgio [Kernel | System | Running] -> %ProgramFiles%\Avira\AntiVir PersonalEdition Classic\avgio.sys -> [2007.02.27 14:24:55 | 00,011,840 | ---- | M] (Avira GmbH) (AvgLdx86) AVG Free AVI Loader Driver x86 [Kernel | System | Running] -> %SystemRoot%\system32\drivers\avgldx86.sys -> [2008.12.14 03:20:28 | 00,097,928 | ---- | M] (AVG Technologies CZ, s.r.o.) (AvgMfx86) AVG Free On-access Scanner Minifilter Driver x86 [File_System | System | Running] -> %SystemRoot%\system32\drivers\avgmfx86.sys -> [2008.12.14 03:20:27 | 00,026,824 | ---- | M] (AVG Technologies CZ, s.r.o.) (avgntflt) avgntflt [File_System | On_Demand | Running] -> %ProgramFiles%\Avira\AntiVir PersonalEdition Classic\avgntflt.sys -> [2008.05.20 15:29:43 | 00,052,032 | ---- | M] (Avira GmbH) (avipbb) avipbb [Kernel | System | Running] -> %SystemRoot%\system32\drivers\avipbb.sys -> [2008.10.30 10:21:03 | 00,075,072 | ---- | M] (Avira GmbH) (bdacap) PC-DTV Receiver [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\bdacap.sys -> [2006.02.14 10:24:20 | 00,217,728 | R--- | M] (Genesys Logic, Inc.) (DMICall) Sony DMI Call service [Kernel | System | Running] -> %SystemRoot%\system32\drivers\DMICall.sys -> [2000.12.05 16:18:02 | 00,003,952 | R--- | M] (Sony Corporation) (Dot4 HPH11) Dot4 HPH11 [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\hphid411.sys -> [2002.05.24 13:46:13 | 00,050,896 | ---- | M] (HP) (Dot4Print HPH11) Print Class Driver for IEEE-1284.4 HPH11 [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\hphipr11.sys -> [2002.05.24 13:46:13 | 00,016,112 | ---- | M] (HP) (Dot4Storage HPH11) Storage Class Driver for IEEE-1284.4 (HPH11) [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\hphs2k11.sys -> [2002.05.24 13:46:13 | 00,050,276 | ---- | M] (Hewlett-Packard) (Dot4Usb HPH11) Dot4Usb HPH11 [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\hphius11.sys -> [2002.05.24 13:46:13 | 00,018,928 | ---- | M] (HP) (E100B) Intel(R) PRO Adapter Driver [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\e100b325.sys -> [2006.06.01 20:06:00 | 00,154,112 | ---- | M] (Intel Corporation) (enodpl) enodpl [Kernel | Auto | Running] -> %SystemRoot%\system32\drivers\enodpl.sys -> [2003.03.02 17:44:26 | 00,007,552 | ---- | M] () (EPUSBSTOR) EPSON USB Storage Driver [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\epusbsto.sys -> [2001.09.10 00:00:00 | 00,017,976 | ---- | M] (SEIKO EPSON CORPORATION) (FWLANUSB) AVM FRITZ!WLAN [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\fwlanusb.sys -> [2006.04.06 00:00:00 | 00,264,704 | ---- | M] (AVM GmbH) (GcKernel) Microsoft SideWinder Value Add - Filtertreiber [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\GcKernel.sys -> [2004.08.03 22:08:30 | 00,059,136 | ---- | M] (Microsoft Corporation) (HDAudBus) Microsoft UAA Bus Driver for High Definition Audio [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\Hdaudbus.sys -> [2004.08.12 17:45:54 | 00,137,728 | ---- | M] (Windows (R) Server 2003 DDK provider) (HIDSwvd) Microsoft SideWinder-Minitreiber für virtuelles HID-Gerät [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\HIDSwvd.sys -> [2001.08.17 13:02:50 | 00,002,688 | ---- | M] (Microsoft Corporation) (HSFHWAZL) HSFHWAZL [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\HSFHWAZL.sys -> [2004.09.08 03:37:10 | 00,161,024 | ---- | M] (Conexant Systems, Inc.) (HSF_DP) HSF_DP [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\HSF_DP.sys -> [2004.09.08 03:36:20 | 01,041,536 | ---- | M] (Conexant Systems, Inc.) (IKFileSec) File Security Driver [File_System | Boot | Running] -> %SystemRoot%\system32\drivers\ikfilesec.sys -> [2008.06.02 15:19:12 | 00,042,376 | ---- | M] (PCTools Research Pty Ltd.) (IkSysFlt) System Filter Driver [Kernel | System | Running] -> %SystemRoot%\system32\drivers\iksysflt.sys -> [2008.06.02 15:19:16 | 00,066,952 | ---- | M] (PCTools Research Pty Ltd.) (IKSysSec) System Security Driver [Kernel | System | Running] -> %SystemRoot%\system32\drivers\iksyssec.sys -> [2008.06.10 21:22:52 | 00,081,288 | ---- | M] (PCTools Research Pty Ltd.) (IntcAzAudAddService) Service for Realtek HD Audio (WDM) [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\RtkHDAud.sys -> [2004.11.03 10:15:00 | 02,301,568 | R--- | M] (Realtek Semiconductor Corp.) (kbdhid) Tastatur-HID-Treiber [Kernel | System | Stopped] -> %SystemRoot%\system32\drivers\kbdhid.sys -> [2004.08.03 23:46:12 | 00,014,848 | ---- | M] (Microsoft Corporation) (Kl1) Kl1 [Kernel | Boot | Running] -> %SystemRoot%\system32\drivers\kl1.sys -> [2005.08.04 14:41:01 | 00,018,795 | ---- | M] (Kaspersky Lab) (Klif) Klif [Kernel | System | Running] -> %SystemRoot%\system32\drivers\klif.sys -> [2005.08.04 15:01:34 | 00,129,808 | ---- | M] (Kaspersky Labs) (Klmc) Klmc [Kernel | System | Running] -> %SystemRoot%\system32\drivers\klmc.sys -> [2005.08.04 15:01:36 | 00,010,995 | ---- | M] (Kaspersky Lab) (lirsgt) lirsgt [Kernel | Auto | Running] -> %SystemRoot%\system32\drivers\lirsgt.sys -> [2008.10.13 11:09:37 | 00,018,048 | ---- | M] () (mdmxsdk) mdmxsdk [Kernel | Auto | Running] -> %SystemRoot%\system32\drivers\mdmxsdk.sys -> [2004.03.17 04:04:14 | 00,013,059 | ---- | M] (Conexant) (MPE) BDA MPE-Filter [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\MPE.sys -> [2004.08.03 22:10:14 | 00,015,360 | ---- | M] (Microsoft Corporation) (nv) nv [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\nv4_mini.sys -> [2004.11.05 13:05:00 | 03,293,952 | ---- | M] (NVIDIA Corporation) (NwlnkIpx) NWLink IPX/SPX/NetBIOS-kompatibles Transportprotokoll [Kernel | Auto | Running] -> %SystemRoot%\system32\drivers\nwlnkipx.sys -> [2006.06.01 20:06:00 | 00,088,448 | ---- | M] (Microsoft Corporation) (NwlnkNb) NWLink-NetBIOS [Kernel | Auto | Running] -> %SystemRoot%\system32\drivers\nwlnknb.sys -> [2006.06.01 20:06:00 | 00,063,232 | ---- | M] (Microsoft Corporation) (NwlnkSpx) NWLink SPX/SPXII-Protokoll [Kernel | Auto | Running] -> %SystemRoot%\system32\drivers\nwlnkspx.sys -> [2006.06.01 20:06:00 | 00,055,936 | ---- | M] (Microsoft Corporation) (NWRDR) NetWare Rdr [File_System | On_Demand | Running] -> %SystemRoot%\system32\drivers\nwrdr.sys -> [2006.10.13 11:23:15 | 00,163,584 | ---- | M] (Microsoft Corporation) (Ptilink) Treiber für direkte Parallelverbindung [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\ptilink.sys -> [2006.06.01 20:06:00 | 00,017,792 | ---- | M] (Parallel Technologies, Inc.) (PxHelp20) PxHelp20 [Kernel | Boot | Running] -> %SystemRoot%\system32\drivers\pxhelp20.sys -> [2006.08.16 02:00:00 | 00,036,592 | ---- | M] (Sonic Solutions) (QV2KUX) Casio-Digitalkamera [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\qv2kux.sys -> [2001.08.17 13:53:32 | 00,003,328 | ---- | M] (Microsoft Corporation) (s24trans) WLAN Transport [Kernel | Auto | Running] -> %SystemRoot%\system32\drivers\s24trans.sys -> [2004.08.06 16:44:14 | 00,011,354 | ---- | M] (Intel Corporation) (Secdrv) Secdrv [Kernel | Auto | Running] -> %SystemRoot%\system32\drivers\secdrv.sys -> [2007.11.13 11:25:53 | 00,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) (sfdrv01) StarForce Protection Environment Driver (version 1.x) [Kernel | Boot | Running] -> %SystemRoot%\system32\drivers\sfdrv01.sys -> [2006.03.26 13:22:14 | 00,051,200 | ---- | M] (Protection Technology (StarForce)) (sfhlp02) StarForce Protection Helper Driver (version 2.x) [Kernel | Boot | Running] -> %SystemRoot%\system32\drivers\sfhlp02.sys -> [2006.03.13 10:38:23 | 00,006,656 | ---- | M] (Protection Technology (StarForce)) (sfsync02) StarForce Protection Synchronization Driver (version 2.x) [Kernel | Boot | Running] -> %SystemRoot%\system32\drivers\sfsync02.sys -> [2004.11.29 19:14:30 | 00,019,648 | ---- | M] (Protection Technology) (sfsync04) StarForce Protection Synchronization Driver (version 4.x) [Kernel | Boot | Running] -> %SystemRoot%\system32\drivers\sfsync04.sys -> [2006.03.24 17:27:01 | 00,050,176 | ---- | M] (Protection Technology (StarForce)) (sfvfs02) StarForce Protection VFS Driver (version 2.x) [Kernel | Boot | Running] -> %SystemRoot%\system32\drivers\sfvfs02.sys -> [2005.11.03 15:40:07 | 00,063,488 | ---- | M] (Protection Technology) (SNC) Sony Notebook-Steuergerät [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\SonyNC.sys -> [2001.08.17 12:51:20 | 00,020,752 | ---- | M] (Sony Corporation) (srescan) srescan [Kernel | Boot | Running] -> %SystemRoot%\system32\ZoneLabs\srescan.sys -> [2008.02.27 03:10:44 | 00,051,176 | ---- | M] (Zone Labs, LLC) (ssmdrv) ssmdrv [Kernel | System | Running] -> %SystemRoot%\system32\drivers\ssmdrv.sys -> [2007.11.08 18:03:26 | 00,021,248 | ---- | M] (AVIRA GmbH) (tandpl) tandpl [Kernel | Auto | Running] -> %SystemRoot%\system32\drivers\tandpl.sys -> [2003.04.19 00:32:04 | 00,004,736 | ---- | M] () (Tcpip6) Microsoft IPv6-Protokolltreiber [Kernel | System | Running] -> %SystemRoot%\system32\drivers\tcpip6.sys -> [2008.06.20 10:52:06 | 00,225,920 | ---- | M] (Microsoft Corporation) (tunmp) Microsoft Tun-Miniportadaptertreiber [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\tunmp.sys -> [2006.06.01 20:06:00 | 00,012,416 | ---- | M] (Microsoft Corporation) (VL807) VL807 Filter [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\VL807.sys -> [2007.04.10 02:35:44 | 00,022,144 | ---- | M] () (vsdatant) vsdatant [Kernel | System | Running] -> %SystemRoot%\system32\vsdatant.sys -> [2008.07.09 09:05:22 | 00,394,952 | ---- | M] (Zone Labs, LLC) (w29n51) Intel(R) PRO/Wireless 2200BG Netzwerkverbindungstreiber für Windows XP [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\w29n51.sys -> [2004.08.07 18:51:04 | 03,210,496 | ---- | M] (Intel® Corporation) (winachsf) winachsf [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\HSF_CNXT.sys -> [2004.09.08 03:36:54 | 00,685,184 | ---- | M] (Conexant Systems, Inc.) (ZD1211U(ZyDAS)) IEEE 802.11g USB Wireless LAN Driver(ZyDAS) [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\ZD1211U.sys -> [2004.04.24 16:08:34 | 00,210,944 | ---- | M] (ZyDAS Technology Corporation) (ZDPNDIS5) ZDPNDIS5 NDIS Protocol Driver [Kernel | On_Demand | Running] -> %SystemRoot%\system32\ZDPNDIS5.sys -> [2004.01.14 11:30:00 | 00,017,151 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Registry - Safe List] < Internet Explorer Settings [HKEY_LOCAL_MACHINE\] > -> -> HKEY_LOCAL_MACHINE\: Main\\"Default_Page_URL" -> http://go.microsoft.com/fwlink/?LinkId=69157 -> HKEY_LOCAL_MACHINE\: Main\\"Default_Search_URL" -> http://go.microsoft.com/fwlink/?LinkId=54896 -> HKEY_LOCAL_MACHINE\: Main\\"Default_Secondary_Page_URL" -> -> HKEY_LOCAL_MACHINE\: Main\\"Extensions Off Page" -> about:NoAdd-ons -> HKEY_LOCAL_MACHINE\: Main\\"Local Page" -> %SystemRoot%\system32\blank.htm -> HKEY_LOCAL_MACHINE\: Main\\"Search Page" -> http://go.microsoft.com/fwlink/?LinkId=54896 -> HKEY_LOCAL_MACHINE\: Main\\"Security Risk Page" -> about:SecurityRisk -> HKEY_LOCAL_MACHINE\: Main\\"Start Page" -> http://go.microsoft.com/fwlink/?LinkId=69157 -> HKEY_LOCAL_MACHINE\: Search\\"CustomizeSearch" -> http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm -> HKEY_LOCAL_MACHINE\: Search\\"Default_Search_URL" -> http://www.google.com/ie -> HKEY_LOCAL_MACHINE\: Search\\"SearchAssistant" -> http://www.google.com/ie -> < Internet Explorer Settings [HKEY_CURRENT_USER\] > -> -> HKEY_CURRENT_USER\: Main\\"Local Page" -> C:\WINDOWS\system32\blank.htm -> HKEY_CURRENT_USER\: Main\\"Page_Transitions" -> -> HKEY_CURRENT_USER\: Main\\"Search Page" -> http://www.google.com -> HKEY_CURRENT_USER\: Main\\"SearchMigratedDefaultName" -> Google -> HKEY_CURRENT_USER\: Main\\"SearchMigratedDefaultURL" -> http://www.google.com/search?q={searchTerms} -> HKEY_CURRENT_USER\: Main\\"Start Page" -> http://www.google.com/ -> HKEY_CURRENT_USER\: Search\\"AutoSearch" -> http://ie.search.msn.com/{SUB_RFC1766}/srchasst/saautosearch.aspx -> HKEY_CURRENT_USER\: Search\\"CustomizeSearch" -> http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm -> HKEY_CURRENT_USER\: Search\\"SearchAssistant" -> http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm -> HKEY_CURRENT_USER\: SearchURL\\"" -> http://www.google.com/keyword/%s -> HKEY_CURRENT_USER\: URLSearchHooks\\"{97ac393a-a525-4cd0-95cf-019b028cc7a4}" [HKLM] -> %ProgramFiles%\Peer2Peer-DE\tbPeer.dll [Peer2Peer-DE Toolbar] -> File not found HKEY_CURRENT_USER\: URLSearchHooks\\"{EF99BD32-C1FB-11D2-892F-0090271D4F88}" [HKLM] -> %ProgramFiles%\Yahoo!\Companion\Installs\cpn0\yt.dll [Yahoo! Toolbar mit Pop-Up-Blocker] -> [2006.10.26 11:28:40 | 00,440,384 | ---- | M] (Yahoo! Inc.) HKEY_CURRENT_USER\: "ProxyEnable" -> 0 -> HKEY_CURRENT_USER\: "ProxyOverride" -> fritz.box;192.168.178.1 -> < FireFox Settings [Default Profile] > -> C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Mozilla\FireFox\Profiles\ns2fcwum.default\prefs.js -> browser.search.defaultenginename -> "Google" -> browser.search.defaulturl -> "http://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q=" -> browser.search.selectedEngine -> "Google" -> browser.startup.homepage -> "http://de.yahoo.com" -> browser.startup.homepage_override.mstone -> "rv:1.9.0.1" -> extensions.enabledItems -> {3112ca9c-de6d-4884-a869-9855de68056c}:3.1.20081127W -> extensions.enabledItems -> {800b5000-a755-47e1-992b-48a1c1357f07}:1.1.4 -> extensions.enabledItems -> {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}:6.0.05 -> extensions.enabledItems -> {635abd67-4fe9-1b23-4f01-e679fa7484c1}:1.6.2.20080910 -> extensions.enabledItems -> {3f963a5b-e555-4543-90e2-c3908898db71}:8.0 -> extensions.enabledItems -> {1d5287d1-8a92-0001-1f31-1cec198018d8}:2.0.20080718 -> extensions.enabledItems -> {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.0.1 -> < HOSTS File > (4188 bytes and 92 lines) -> C:\WINDOWS\System32\drivers\etc\Hosts -> First 25 entries... 127.0.0.1 localhost 127.0.0.1 bin.errorprotector.com ## added by CiD 127.0.0.1 br.errorsafe.com ## added by CiD 127.0.0.1 br.winantivirus.com ## added by CiD 127.0.0.1 br.winfixer.com ## added by CiD 127.0.0.1 cdn.drivecleaner.com ## added by CiD 127.0.0.1 cdn.errorsafe.com ## added by CiD 127.0.0.1 cdn.winsoftware.com ## added by CiD 127.0.0.1 de.errorsafe.com ## added by CiD 127.0.0.1 de.winantivirus.com ## added by CiD 127.0.0.1 download.cdn.drivecleaner.com ## added by CiD 127.0.0.1 download.cdn.errorsafe.com ## added by CiD 127.0.0.1 download.cdn.winsoftware.com ## added by CiD 127.0.0.1 download.errorsafe.com ## added by CiD 127.0.0.1 download.systemdoctor.com ## added by CiD 127.0.0.1 download.winantispyware.com ## added by CiD 127.0.0.1 download.windrivecleaner.com ## added by CiD 127.0.0.1 download.winfixer.com ## added by CiD 127.0.0.1 drivecleaner.com ## added by CiD 127.0.0.1 dynamique.drivecleaner.com ## added by CiD 127.0.0.1 errorprotector.com ## added by CiD 127.0.0.1 errorsafe.com ## added by CiD 127.0.0.1 es.winantivirus.com ## added by CiD 127.0.0.1 fr.winantivirus.com ## added by CiD 127.0.0.1 fr.winfixer.com ## added by CiD < BHO's [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\ -> {02478D38-C3F9-4efb-9B51-7695ECA05670} [HKLM] -> %ProgramFiles%\Yahoo!\Companion\Installs\cpn0\yt.dll [Yahoo! Toolbar Helper] -> [2006.10.26 11:28:40 | 00,440,384 | ---- | M] (Yahoo! Inc.) {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} [HKLM] -> %CommonProgramFiles%\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [Adobe PDF Reader Link Helper] -> [2006.10.22 22:08:42 | 00,062,080 | ---- | M] (Adobe Systems Incorporated) {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} [HKLM] -> %ProgramFiles%\MegauploadToolbar\megauploadtoolbar.dll [Megaupload Toolbar] -> [2007.08.17 14:03:52 | 01,933,256 | ---- | M] (MEGAUPLOAD ) {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} [HKLM] -> %ProgramFiles%\Java\jre1.6.0_05\bin\ssv.dll [SSVHelper Class] -> [2008.02.22 04:25:19 | 00,509,328 | ---- | M] (Sun Microsystems, Inc.) {7E853D72-626A-48EC-A868-BA8D5E23E045} [HKLM] -> Reg Error: Key does not exist or could not be opened. [Reg Error: Key does not exist or could not be opened.] -> File not found {9030D464-4C02-4ABF-8ECC-5164760863C6} [HKLM] -> %CommonProgramFiles%\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [Windows Live Anmelde-Hilfsprogramm] -> [2007.09.20 10:30:18 | 00,328,752 | ---- | M] (Microsoft Corporation) {97ac393a-a525-4cd0-95cf-019b028cc7a4} [HKLM] -> %ProgramFiles%\Peer2Peer-DE\tbPeer.dll [Peer2Peer-DE Toolbar] -> File not found {AA58ED58-01DD-4d91-8333-CF10577473F7} [HKLM] -> %ProgramFiles%\Google\GoogleToolbar2.dll [Google Toolbar Helper] -> [2007.08.21 18:38:58 | 02,427,968 | R--- | M] (Google Germany GmbH) {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} [HKLM] -> %ProgramFiles%\Google\GoogleToolbarNotifier\4.1.805.4472\swg.dll [Google Toolbar Notifier BHO] -> [2008.10.29 17:06:26 | 00,652,784 | ---- | M] (Google Inc.) {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} [HKLM] -> %ProgramFiles%\Windows Live Toolbar\msntb.dll [Windows Live Toolbar Helper] -> [2007.10.19 11:20:48 | 00,546,320 | ---- | M] (Microsoft Corporation) {F0D4B231-DA4B-4daf-81E4-DFEE4931A4AA} [HKLM] -> %ProgramFiles%\ZoneAlarmSB\bar\1.bin\SPYBLOCK.DLL [ZoneAlarm Spy Blocker BHO] -> [2008.11.09 22:01:21 | 00,262,144 | ---- | M] (ZoneAlarm) < Internet Explorer ToolBars [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ToolBar -> "{2318C2B1-4965-11d4-9B18-009027A5CD4F}" [HKLM] -> %ProgramFiles%\Google\GoogleToolbar2.dll [&Google] -> [2007.08.21 18:38:58 | 02,427,968 | R--- | M] (Google Germany GmbH) "{4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C}" [HKLM] -> %ProgramFiles%\MegauploadToolbar\megauploadtoolbar.dll [Megaupload Toolbar] -> [2007.08.17 14:03:52 | 01,933,256 | ---- | M] (MEGAUPLOAD ) "{97ac393a-a525-4cd0-95cf-019b028cc7a4}" [HKLM] -> %ProgramFiles%\Peer2Peer-DE\tbPeer.dll [Peer2Peer-DE Toolbar] -> File not found "{BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0}" [HKLM] -> %ProgramFiles%\Windows Live Toolbar\msntb.dll [Windows Live Toolbar] -> [2007.10.19 11:20:48 | 00,546,320 | ---- | M] (Microsoft Corporation) "{EF99BD32-C1FB-11D2-892F-0090271D4F88}" [HKLM] -> %ProgramFiles%\Yahoo!\Companion\Installs\cpn0\yt.dll [Yahoo! Toolbar mit Pop-Up-Blocker] -> [2006.10.26 11:28:40 | 00,440,384 | ---- | M] (Yahoo! Inc.) "{F0D4B239-DA4B-4daf-81E4-DFEE4931A4AA}" [HKLM] -> %ProgramFiles%\ZoneAlarmSB\bar\1.bin\SPYBLOCK.DLL [ZoneAlarm Spy Blocker] -> [2008.11.09 22:01:21 | 00,262,144 | ---- | M] (ZoneAlarm) < Internet Explorer ToolBars [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\ -> WebBrowser\\"{2318C2B1-4965-11D4-9B18-009027A5CD4F}" [HKLM] -> %ProgramFiles%\Google\GoogleToolbar2.dll [&Google] -> [2007.08.21 18:38:58 | 02,427,968 | R--- | M] (Google Germany GmbH) WebBrowser\\"{4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C}" [HKLM] -> %ProgramFiles%\MegauploadToolbar\megauploadtoolbar.dll [Megaupload Toolbar] -> [2007.08.17 14:03:52 | 01,933,256 | ---- | M] (MEGAUPLOAD ) WebBrowser\\"{855F3B16-6D32-4FE6-8A56-BBB695989046}" [HKLM] -> Reg Error: Key does not exist or could not be opened. [Reg Error: Key does not exist or could not be opened.] -> File not found WebBrowser\\"{97AC393A-A525-4CD0-95CF-019B028CC7A4}" [HKLM] -> %ProgramFiles%\Peer2Peer-DE\tbPeer.dll [Peer2Peer-DE Toolbar] -> File not found WebBrowser\\"{A057A204-BACC-4D26-9990-79A187E2698E}" [HKLM] -> Reg Error: Key does not exist or could not be opened. [Reg Error: Key does not exist or could not be opened.] -> File not found WebBrowser\\"{BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0}" [HKLM] -> %ProgramFiles%\Windows Live Toolbar\msntb.dll [Windows Live Toolbar] -> [2007.10.19 11:20:48 | 00,546,320 | ---- | M] (Microsoft Corporation) WebBrowser\\"{EF99BD32-C1FB-11D2-892F-0090271D4F88}" [HKLM] -> %ProgramFiles%\Yahoo!\Companion\Installs\cpn0\yt.dll [Yahoo! Toolbar mit Pop-Up-Blocker] -> [2006.10.26 11:28:40 | 00,440,384 | ---- | M] (Yahoo! Inc.) < Run [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> "Adobe Photo Downloader" -> %ProgramFiles%\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe ["C:\Programme\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe"] -> [2005.06.06 23:46:24 | 00,057,344 | ---- | M] (Adobe Systems Incorporated) "Adobe Reader Speed Launcher" -> %ProgramFiles%\Adobe\Reader 8.0\Reader\Reader_SL.exe ["C:\Programme\Adobe\Reader 8.0\Reader\Reader_sl.exe"] -> [2007.10.10 19:51:55 | 00,039,792 | ---- | M] (Adobe Systems Incorporated) "Alcmtr" -> %SystemRoot%\ALCMTR.EXE [ALCMTR.EXE] -> [2004.10.13 08:00:10 | 00,057,344 | R--- | M] (Realtek Semiconductor Corp.) "avgnt" -> %ProgramFiles%\Avira\AntiVir PersonalEdition Classic\avgnt.exe ["C:\Programme\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min] -> [2008.06.12 13:28:40 | 00,266,497 | ---- | M] (Avira GmbH) "ChangeFilterMerit" -> %ProgramFiles%\NewSoft\Presto! PVR\ChangeFilterMerit.exe [C:\Programme\NewSoft\Presto! PVR\ChangeFilterMerit.exe] -> [2005.05.17 08:54:10 | 00,040,960 | ---- | M] () "Google Desktop Search" -> ["C:\Programme\Google\Google Desktop Search\GoogleDesktop.exe" /startup] -> File not found "HPDJ Taskbar Utility" -> %SystemRoot%\system32\spool\drivers\w32x86\3\hpztsb05.exe [C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb05.exe] -> [2002.05.24 13:20:47 | 00,188,416 | ---- | M] (HP) "HPHmon04" -> %SystemRoot%\system32\hphmon04.exe [C:\WINDOWS\system32\hphmon04.exe] -> [2002.06.20 19:40:49 | 00,339,968 | ---- | M] (Hewlett-Packard) "HPHUPD04" -> %ProgramFiles%\HP Photosmart 11\hphinstall\UniPatch\hphupd04.exe ["C:\Programme\HP Photosmart 11\hphinstall\UniPatch\hphupd04.exe"] -> [2002.05.24 13:47:42 | 00,049,152 | ---- | M] (Hewlett-Packard) "ISBMgr.exe" -> %ProgramFiles%\Sony\ISB Utility\ISBMgr.exe [C:\Programme\Sony\ISB Utility\ISBMgr.exe] -> [2004.02.20 14:12:34 | 00,032,768 | ---- | M] (Sony Corporation) "ISTray" -> %ProgramFiles%\Spyware Doctor\pctsTray.exe ["C:\Programme\Spyware Doctor\pctsTray.exe"] -> [2008.07.16 09:16:20 | 01,166,216 | ---- | M] (PC Tools) "KAVPersonal50" -> %ProgramFiles%\Kaspersky Lab\Kaspersky Anti-Virus Personal Pro\kav.exe ["C:\Programme\Kaspersky Lab\Kaspersky Anti-Virus Personal Pro\kav.exe" /minimize] -> [2005.08.04 15:01:11 | 00,139,367 | ---- | M] (Kaspersky Lab) "KernelFaultCheck" -> [%systemroot%\system32\dumprep 0 -k] -> File not found "NeroFilterCheck" -> %CommonProgramFiles%\Ahead\Lib\NeroCheck.exe [C:\Programme\Gemeinsame Dateien\Ahead\Lib\NeroCheck.exe] -> [2006.01.12 16:40:44 | 00,155,648 | ---- | M] (Nero AG) "NvCplDaemon" -> %SystemRoot%\system32\nvcpl.dll [RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup] -> [2004.11.05 13:05:00 | 05,406,720 | ---- | M] (NVIDIA Corporation) "Presto! PVR Monitor" -> %ProgramFiles%\NewSoft\Presto! PVR\Monitor.exe [C:\Programme\NewSoft\Presto! PVR\Monitor.exe] -> [2006.02.23 10:24:26 | 00,057,344 | ---- | M] (NewSoft) "QuickTime Task" -> %ProgramFiles%\QuickTime\qttask.exe ["C:\Programme\QuickTime\qttask.exe" -atboottime] -> [2006.12.21 23:25:11 | 00,155,648 | ---- | M] (Apple Computer, Inc.) "RemoteControl" -> %ProgramFiles%\CyberLink\PowerDVD\PDVDServ.exe [C:\Programme\CyberLink\PowerDVD\PDVDServ.exe] -> [2004.11.02 20:24:46 | 00,032,768 | ---- | M] (Cyberlink Corp.) "Share-to-Web Namespace Daemon" -> %ProgramFiles%\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe [C:\Programme\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe] -> [2002.04.17 10:42:56 | 00,069,632 | ---- | M] (Hewlett-Packard) "SonyPowerCfg" -> %ProgramFiles%\Sony\VAIO Power Management\SPMgr.exe [C:\Programme\Sony\VAIO Power Management\SPMgr.exe] -> [2004.10.21 19:12:48 | 00,184,320 | ---- | M] (Sony Corporation) "ZoneAlarm Client" -> %ProgramFiles%\Zone Labs\ZoneAlarm\zlclient.exe ["C:\Programme\Zone Labs\ZoneAlarm\zlclient.exe"] -> [2008.07.09 09:05:20 | 00,919,016 | ---- | M] (Zone Labs, LLC) < Run [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> "BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}" -> %CommonProgramFiles%\Ahead\Lib\NMBgMonitor.exe ["C:\Programme\Gemeinsame Dateien\Ahead\Lib\NMBgMonitor.exe"] -> [2006.04.21 17:03:34 | 00,094,208 | ---- | M] (Nero AG) "EA Core" -> %ProgramFiles%\Electronic Arts\EADM\Core.exe ["C:\Programme\Electronic Arts\EADM\Core.exe" -silent] -> [2008.06.13 17:27:34 | 02,752,512 | ---- | M] (Electronic Arts) "ICQ" -> %ProgramFiles%\ICQ6\ICQ.exe ["C:\Programme\ICQ6\ICQ.exe" silent] -> [2008.09.01 16:08:21 | 00,173,304 | ---- | M] (ICQ, Inc.) "MSMSGS" -> %ProgramFiles%\Messenger\msmsgs.exe ["C:\Programme\Messenger\msmsgs.exe" /background] -> [2003.04.14 20:05:18 | 01,498,032 | ---- | M] (Microsoft Corporation) "MsnMsgr" -> %ProgramFiles%\Windows Live\Messenger\msnmsgr.exe ["C:\Programme\Windows Live\Messenger\MsnMsgr.Exe" /background] -> [2007.10.18 11:34:34 | 05,724,184 | ---- | M] (Microsoft Corporation) "MySpaceIM" -> %ProgramFiles%\MySpace\IM\MySpaceIM.exe [C:\Programme\MySpace\IM\MySpaceIM.exe] -> [2008.04.18 00:27:00 | 09,117,696 | ---- | M] () "Shareaza" -> %ProgramFiles%\Shareaza\Shareaza.exe ["C:\Programme\Shareaza\Shareaza.exe" -tray] -> [2008.10.01 12:00:14 | 05,723,136 | ---- | M] (Shareaza Development Team) "swg" -> %ProgramFiles%\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [C:\Programme\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe] -> [2007.05.28 21:22:36 | 00,068,856 | ---- | M] (Google Inc.) "WrestlingEncoreSetup.exe" -> D:\PROGRA~1\WRESTL~1.EXE [D:\PROGRA~1\WRESTL~1.EXE /r] -> File not found "Yahoo! Pager" -> %ProgramFiles%\Yahoo!\Messenger\YahooMessenger.exe ["C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE" -quiet] -> [2007.08.30 17:43:18 | 04,670,704 | ---- | M] (Yahoo! Inc.) < Administrator Startup Folder > -> C:\Dokumente und Einstellungen\Administrator\Startmenü\Programme\Autostart -> < All Users Startup Folder > -> C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart -> %AllUsersProfile%\Startmenü\Programme\Autostart\IEEE 802.11g USB Wireless LAN Utility.lnk -> %ProgramFiles%\IEEE 802.11g USB Wireless LAN\IEEE 802.11g USB Wireless LAN\WlanUtil.exe -> [2004.04.23 11:26:50 | 00,364,544 | ---- | M] () < CurrentVersion Policy Settings - System [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System \\"dontdisplaylastusername" -> [0] -> File not found \\"legalnoticecaption" -> [] -> File not found \\"legalnoticetext" -> [] -> File not found \\"shutdownwithoutlogon" -> [1] -> File not found \\"undockwithoutlogon" -> [1] -> File not found < CurrentVersion Policy Settings - Explorer [HKEY_CURRENT_USER] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer \\"NoDriveTypeAutoRun" -> [145] -> File not found \\"NoCDBurning" -> [1] -> File not found \\"NoRecentDocsMenu" -> [1] -> File not found < Internet Explorer Menu Extensions [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\ -> &Windows Live Search -> %ProgramFiles%\Windows Live Toolbar\msntb.dll [res://C:\Programme\Windows Live Toolbar\msntb.dll/search.htm] -> [2007.10.19 11:20:48 | 00,546,320 | ---- | M] (Microsoft Corporation) Add to Windows &Live Favorites -> [http://favorites.live.com/quickadd.aspx] -> File not found In neuer Registerkarte im Hintergrund öffnen -> %ProgramFiles%\Windows Live Toolbar\Components\de-de\msntabres.dll.mui [res://C:\Programme\Windows Live Toolbar\Components\de-de\msntabres.dll.mui/229?3722d98ff3564ee394651d5bec18de0d] -> [2007.10.19 12:12:26 | 00,094,208 | ---- | M] (Microsoft Corporation) In neuer Registerkarte im Vordergrund öffnen -> %ProgramFiles%\Windows Live Toolbar\Components\de-de\msntabres.dll.mui [res://C:\Programme\Windows Live Toolbar\Components\de-de\msntabres.dll.mui/230?3722d98ff3564ee394651d5bec18de0d] -> [2007.10.19 12:12:26 | 00,094,208 | ---- | M] (Microsoft Corporation) Nach Microsoft &Excel exportieren -> %ProgramFiles%\Microsoft Office\OFFICE11\EXCEL.EXE [res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000] -> [2008.08.04 15:12:50 | 10,354,176 | ---- | M] (Microsoft Corporation) < Internet Explorer Extensions [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\ -> {08B0E5C0-4FCB-11CF-AAA5-00401C608501}:{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBC} [HKLM] -> %ProgramFiles%\Java\jre1.6.0_05\bin\npjpi160_05.dll [Menu: Sun Java Konsole] -> [2008.02.22 04:25:19 | 00,132,496 | ---- | M] (Sun Microsystems, Inc.) {92780B25-18CC-41C8-B9BE-3C9C571A8263}:{FF059E31-CC5A-4E2E-BF3B-96E929D65503} [HKLM] -> %ProgramFiles%\Microsoft Office\OFFICE11\REFIEBAR.DLL [Button: Recherchieren] -> [2007.04.19 13:10:18 | 00,063,840 | ---- | M] (Microsoft Corporation) {e2e2dd38-d088-4134-82b7-f2ba38496583}:Exec [HKLM] -> %SystemRoot%\network diagnostic\xpnetdiag.exe [Menu: @xpsp3res.dll,-20001] -> [2006.10.10 13:44:50 | 00,557,568 | ---- | M] (Microsoft Corporation) {E59EB121-F339-4851-A3BA-FE49C35617C2}:Exec [HKLM] -> %ProgramFiles%\ICQ6\ICQ.exe [Button: ICQ6] -> [2008.09.01 16:08:21 | 00,173,304 | ---- | M] (ICQ, Inc.) {E59EB121-F339-4851-A3BA-FE49C35617C2}:Exec [HKLM] -> %ProgramFiles%\ICQ6\ICQ.exe [Menu: ICQ6] -> [2008.09.01 16:08:21 | 00,173,304 | ---- | M] (ICQ, Inc.) {FB5F1910-F110-11d2-BB9E-00C04F795683}:Exec [HKLM] -> %ProgramFiles%\Messenger\msmsgs.exe [Button: Messenger] -> [2003.04.14 20:05:18 | 01,498,032 | ---- | M] (Microsoft Corporation) {FB5F1910-F110-11d2-BB9E-00C04F795683}:Exec [HKLM] -> %ProgramFiles%\Messenger\msmsgs.exe [Menu: Windows Messenger] -> [2003.04.14 20:05:18 | 01,498,032 | ---- | M] (Microsoft Corporation) < Internet Explorer Extensions [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Extensions\ -> CmdMapping\\"{08B0E5C0-4FCB-11CF-AAA5-00401C608501}" [HKLM] -> %ProgramFiles%\Java\jre1.6.0_05\bin\npjpi160_05.dll [Sun Java Konsole] -> [2008.02.22 04:25:19 | 00,132,496 | ---- | M] (Sun Microsystems, Inc.) CmdMapping\\"{92780B25-18CC-41C8-B9BE-3C9C571A8263}" [HKLM] -> %ProgramFiles%\Microsoft Office\OFFICE11\REFIEBAR.DLL [Recherchieren] -> [2007.04.19 13:10:18 | 00,063,840 | ---- | M] (Microsoft Corporation) CmdMapping\\"{C5428486-50A0-4a02-9D20-520B59A9F9B2}" [HKLM] -> [Reg Error: Key does not exist or could not be opened.] -> File not found CmdMapping\\"{C5428486-50A0-4a02-9D20-520B59A9F9B3}" [HKLM] -> [Reg Error: Key does not exist or could not be opened.] -> File not found CmdMapping\\"{e2e2dd38-d088-4134-82b7-f2ba38496583}" [HKLM] -> %SystemRoot%\network diagnostic\xpnetdiag.exe [@xpsp3res.dll,-20001] -> [2006.10.10 13:44:50 | 00,557,568 | ---- | M] (Microsoft Corporation) CmdMapping\\"{E59EB121-F339-4851-A3BA-FE49C35617C2}" [HKLM] -> %ProgramFiles%\ICQ6\ICQ.exe [ICQ6] -> [2008.09.01 16:08:21 | 00,173,304 | ---- | M] (ICQ, Inc.) CmdMapping\\"{FB5F1910-F110-11d2-BB9E-00C04F795683}" [HKLM] -> %ProgramFiles%\Messenger\msmsgs.exe [Messenger] -> [2003.04.14 20:05:18 | 01,498,032 | ---- | M] (Microsoft Corporation) < Internet Explorer Plugins [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Plugins\ -> PluginsPageFriendlyName -> Microsoft ActiveX Gallery -> PluginsPage -> http://activex.microsoft.com/controls/find.asp?ext=%s&mime=%s -> < Default Prefix > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix "" -> http:// < Trusted Sites Domains [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 1 domain(s) found. -> 1 domain(s) and sub-domain(s) not assigned to a zone. < Trusted Sites Ranges [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. -> < Trusted Sites Domains [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 2 domain(s) found. -> fritz.box .[*] -> Lokales Intranet -> 1 domain(s) and sub-domain(s) not assigned to a zone. < Trusted Sites Ranges [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 1 range(s) found. -> Range1 [:Range = 192.168.178.1] -> * = Lokales Intranet | -> < Downloaded Program Files > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\ -> {166B1BCA-3F9C-11CF-8075-444553540000} [HKLM] -> http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab[Shockwave ActiveX Control] -> {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} [HKLM] -> http://ak.exe.imgfarm.com/images/nocache/funwebproducts/ei/ZwinkyInitialSetup1.0.0.15-3.cab[Reg Error: Key does not exist or could not be opened.] -> {233C1507-6A77-46A4-9443-F871F945D258} [HKLM] -> http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab[Shockwave ActiveX Control] -> {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} [HKLM] -> C:\Programme\Yahoo!\Common\Yinsthelper200711281.dll[Installation Support] -> {4F1E5B1A-2A80-42CA-8532-2D05CB959537} [HKLM] -> http://gfx2.hotmail.com/mail/w2/resources/MSNPUpld.cab[MSN Photo Upload Tool] -> {6414512B-B978-451D-A0D8-FCFDF33E833C} [HKLM] -> http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1167213454687[WUWebControl Class] -> {8AD9C840-044E-11D1-B3E9-00805F499D93} [HKLM] -> http://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab[Java Plug-in 1.6.0_05] -> {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} [HKLM] -> http://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab[Reg Error: Key does not exist or could not be opened.] -> {BA162249-F2C5-4851-8ADC-FC58CB424243} [HKLM] -> http://static.ak.schuelervz.net/photouploader/ImageUploader5.cab?nocache=20080125-1[Image Uploader Control] -> {CAFEEFAC-0015-0000-0011-ABCDEFFEDCBA} [HKLM] -> http://java.sun.com/update/1.5.0/jinstall-1_5_0_11-windows-i586.cab[Java Plug-in 1.5.0_11] -> {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} [HKLM] -> http://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab[Java Plug-in 1.6.0_05] -> {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} [HKLM] -> http://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab[Java Plug-in 1.6.0_05] -> {D27CDB6E-AE6D-11CF-96B8-444553540000} [HKLM] -> http://fpdownload.macromedia.com/get/flashplayer/current/swflash.cab[Shockwave Flash Object] -> < DNS Name Servers [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Adapters\ -> {0DDA24DB-6E3B-41EA-8F3A-C220C9461808} -> () -> {21B5FAF2-5386-411D-8E89-4C84B957A045} -> (IEEE 802.11g USB Wireless LAN) -> {58F10291-981F-432B-B5C1-3E6C15FD1874} -> 85.255.116.153;85.255.112.12 (Intel(R) PRO/100 VE Network Connection) -> {7799B224-9384-4085-9F0A-6D0645296969} -> (AVM FRITZ!WLAN USB Stick v1.1) -> {BF150BEF-DF7A-4BF5-82FB-026C673BB778} -> (1394-Netzwerkadapter) -> {D1B0DC0D-3AE5-4B9B-A3AD-F8D27D491069} -> 85.255.116.153;85.255.112.12 (Intel(R) PRO/Wireless 2200BG Network Connection) -> {DC692D2E-244D-4C2D-B663-C2F10B5B53DB} -> (Sitecom Wireless Network PC Card 11M) -> < AppInit_DLLs [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_DLLs -> *AppInit_DLLs* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_Dlls -> C:\PROGRA~1\Google\GOOGLE~4\GOEC62~1.DLL -> %ProgramFiles%\Google\Google Desktop Search\GoogleDesktopNetwork3.dll -> [2008.09.26 17:54:54 | 00,113,664 | ---- | M] (Google) *MultiFile Done* -> -> < Winlogon settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon -> *UIHost* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\UIHost -> C:\Dokumente -> -> File not found und -> -> File not found Einstellungen\All -> -> File not found Users\Anwendungsdaten\TuneUp -> -> File not found Software\TuneUp -> -> File not found Utilities\WinStyler\tu_logonui.exe -> -> File not found *MultiFile Done* -> -> < Winlogon\Notify settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ -> VESWinlogon -> %SystemRoot%\system32\VESWinlogon.dll -> [2004.10.27 15:40:04 | 00,073,728 | ---- | M] (Sony Corporation) < LSA Authentication Packages [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\Authentication Packages -> *LSA Authentication Packages* -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\Authentication Packages -> nwprovau -> %SystemRoot%\system32\nwprovau.dll -> [2006.10.13 13:35:14 | 00,146,432 | ---- | M] (Microsoft Corporation) *MultiFile Done* -> -> < Domain Profile Authorized Applications List > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List -> "%windir%\Network Diagnostic\xpnetdiag.exe" -> C:\WINDOWS\network diagnostic\xpnetdiag.exe [%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000] -> [2006.10.10 13:44:50 | 00,557,568 | ---- | M] (Microsoft Corporation) "%windir%\system32\sessmgr.exe" -> C:\WINDOWS\system32\sessmgr.exe [%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019] -> [2006.06.01 20:06:00 | 00,142,848 | ---- | M] (Microsoft Corporation) "C:\Programme\Windows Live\Messenger\livecall.exe" -> C:\Programme\Windows Live\Messenger\livecall.exe [C:\Programme\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)] -> [2007.10.02 17:18:24 | 00,304,488 | ---- | M] (Microsoft Corporation) "C:\Programme\Windows Live\Messenger\msnmsgr.exe" -> C:\Programme\Windows Live\Messenger\msnmsgr.exe [C:\Programme\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger] -> [2007.10.18 11:34:34 | 05,724,184 | ---- | M] (Microsoft Corporation) < Standard Profile Authorized Applications List > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List -> "%windir%\Network Diagnostic\xpnetdiag.exe" -> C:\WINDOWS\network diagnostic\xpnetdiag.exe [%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000] -> [2006.10.10 13:44:50 | 00,557,568 | ---- | M] (Microsoft Corporation) "%windir%\system32\sessmgr.exe" -> C:\WINDOWS\system32\sessmgr.exe [%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019] -> [2006.06.01 20:06:00 | 00,142,848 | ---- | M] (Microsoft Corporation) "C:\Dokumente und Einstellungen\Administrator\Eigene Dateien\utorrent.exe" -> C:\Dokumente und Einstellungen\Administrator\Eigene Dateien\utorrent.exe [C:\Dokumente und Einstellungen\Administrator\Eigene Dateien\utorrent.exe:*:Enabled:µTorrent] -> [2007.06.12 13:10:36 | 00,177,152 | ---- | M] () "C:\Programme\AVG\AVG8\avgupd.exe" -> C:\Programme\AVG\AVG8\avgupd.exe [C:\Programme\AVG\AVG8\avgupd.exe:*:Enabled:avgupd.exe] -> [2008.12.14 03:20:10 | 00,641,304 | ---- | M] (AVG Technologies CZ, s.r.o.) "C:\Programme\Electronic Arts\EADM\Core.exe" -> C:\Programme\Electronic Arts\EADM\Core.exe [C:\Programme\Electronic Arts\EADM\Core.exe:*:Enabled:EA Download Manager] -> [2008.06.13 17:27:34 | 02,752,512 | ---- | M] (Electronic Arts) "C:\Programme\GameSpy Arcade\Aphex.exe" -> C:\Programme\GameSpy Arcade\Aphex.exe [C:\Programme\GameSpy Arcade\Aphex.exe:*:Enabled:GameSpy Arcade] -> [2006.08.21 22:17:28 | 04,206,658 | ---- | M] (IGN Entertainment, Inc.) "C:\Programme\Gemeinsame Dateien\AOL\Loader\aolload.exe" -> C:\Programme\Gemeinsame Dateien\AOL\Loader\aolload.exe [C:\Programme\Gemeinsame Dateien\AOL\Loader\aolload.exe:*:Enabled:AOL Loader] -> File not found "C:\Programme\ICQ6\ICQ.exe" -> C:\Programme\ICQ6\ICQ.exe [C:\Programme\ICQ6\ICQ.exe:*:Enabled:ICQ6] -> [2008.09.01 16:08:21 | 00,173,304 | ---- | M] (ICQ, Inc.) "C:\Programme\LimeWire\LimeWire.exe" -> C:\Programme\LimeWire\LimeWire.exe [C:\Programme\LimeWire\LimeWire.exe:*:Enabled:LimeWire] -> [2008.09.18 19:50:21 | 00,147,456 | ---- | M] (Lime Wire, LLC) "C:\Programme\Messenger\msmsgs.exe" -> C:\Programme\Messenger\msmsgs.exe [C:\Programme\Messenger\msmsgs.exe:*:Enabled:Messenger] -> [2003.04.14 20:05:18 | 01,498,032 | ---- | M] (Microsoft Corporation) "C:\Programme\MySpace\IM\MySpaceIM.exe" -> C:\Programme\MySpace\IM\MySpaceIM.exe [C:\Programme\MySpace\IM\MySpaceIM.exe:*:Enabled:MySpaceIM] -> [2008.04.18 00:27:00 | 09,117,696 | ---- | M] () "C:\Programme\Nero\Nero 7\Nero ShowTime\ShowTime.exe" -> C:\Programme\Nero\Nero 7\Nero ShowTime\ShowTime.exe [C:\Programme\Nero\Nero 7\Nero ShowTime\ShowTime.exe:*:Enabled:Nero ShowTime] -> [2006.03.23 16:44:06 | 03,739,648 | ---- | M] (Nero AG) "C:\Programme\Shareaza\Shareaza.exe" -> C:\Programme\Shareaza\Shareaza.exe [C:\Programme\Shareaza\Shareaza.exe:*:Enabled:Shareaza] -> [2008.10.01 12:00:14 | 05,723,136 | ---- | M] (Shareaza Development Team) "C:\Programme\uTorrent\uTorrent.exe" -> C:\Programme\uTorrent\uTorrent.exe [C:\Programme\uTorrent\uTorrent.exe:*:Enabled:µTorrent] -> [2008.12.08 18:47:43 | 00,270,128 | ---- | M] (BitTorrent, Inc.) "C:\Programme\Windows Live\Messenger\livecall.exe" -> C:\Programme\Windows Live\Messenger\livecall.exe [C:\Programme\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)] -> [2007.10.02 17:18:24 | 00,304,488 | ---- | M] (Microsoft Corporation) "C:\Programme\Windows Live\Messenger\msnmsgr.exe" -> C:\Programme\Windows Live\Messenger\msnmsgr.exe [C:\Programme\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger] -> [2007.10.18 11:34:34 | 05,724,184 | ---- | M] (Microsoft Corporation) "C:\Programme\Yahoo!\Messenger\YahooMessenger.exe" -> C:\Programme\Yahoo!\Messenger\YahooMessenger.exe [C:\Programme\Yahoo!\Messenger\YahooMessenger.exe:*:Enabled:Yahoo! Messenger] -> [2007.08.30 17:43:18 | 04,670,704 | ---- | M] (Yahoo! Inc.) "C:\Programme\Yahoo!\Messenger\YServer.exe" -> C:\Programme\Yahoo!\Messenger\YServer.exe [C:\Programme\Yahoo!\Messenger\YServer.exe:*:Enabled:Yahoo! FT Server] -> [2007.08.30 17:43:18 | 00,091,376 | ---- | M] (Yahoo! Inc.) "C:\WINDOWS\system32\dpvsetup.exe" -> C:\WINDOWS\system32\dpvsetup.exe [C:\WINDOWS\system32\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test] -> [2006.06.01 20:06:00 | 00,083,456 | ---- | M] (Microsoft Corporation) "C:\WINDOWS\system32\rundll32.exe" -> C:\WINDOWS\system32\rundll32.exe [C:\WINDOWS\system32\rundll32.exe:*:Enabled:Eine DLL-Datei als Anwendung ausführen] -> [2006.06.01 20:06:00 | 00,033,792 | ---- | M] (Microsoft Corporation) "D:\Programme\Anno 1701\Anno1701.exe" -> D:\Programme\Anno 1701\Anno1701.exe [D:\Programme\Anno 1701\Anno1701.exe:*:Enabled:Anno 1701] -> [2006.10.05 08:57:40 | 07,464,448 | ---- | M] (Related Designs Software GmbH) "D:\Programme\Cyanide\Radsport Manager Pro 2006\PCM.exe" -> D:\Programme\Cyanide\Radsport Manager Pro 2006\PCM.exe [D:\Programme\Cyanide\Radsport Manager Pro 2006\PCM.exe:*:Enabled:pcm] -> [2006.05.30 11:31:58 | 04,005,888 | ---- | M] (Cyanide) "D:\Programme\EA Games\Battlefield Vietnam\bfvietnam.exe" -> D:\Programme\EA Games\Battlefield Vietnam\bfvietnam.exe [D:\Programme\EA Games\Battlefield Vietnam\bfvietnam.exe:*:Enabled:bfvietnam] -> [2004.09.23 11:24:46 | 09,688,576 | ---- | M] () "D:\Programme\EA Games\Command & Conquer Generäle Stunde Null\game.dat" -> D:\Programme\EA Games\Command & Conquer Generäle Stunde Null\game.dat [D:\Programme\EA Games\Command & Conquer Generäle Stunde Null\game.dat:*:Enabled:game] -> File not found "D:\Programme\EA Games\Nightfire\Bond.exe" -> D:\Programme\EA Games\Nightfire\Bond.exe [D:\Programme\EA Games\Nightfire\Bond.exe:*:Enabled:Bond] -> File not found "D:\Programme\Firefly Studios\CivCity Rom\CivCity Rome.exe" -> D:\Programme\Firefly Studios\CivCity Rom\CivCity Rome.exe [D:\Programme\Firefly Studios\CivCity Rom\CivCity Rome.exe:*:Enabled:CivCity Rome] -> [2006.06.23 14:01:32 | 09,713,128 | R--- | M] (Firefly Studios US) "D:\Programme\KONAMI\Pro Evolution Soccer 6\PES6.exe" -> D:\Programme\KONAMI\Pro Evolution Soccer 6\PES6.exe [D:\Programme\KONAMI\Pro Evolution Soccer 6\PES6.exe:*:Enabled:pes6.exe] -> [2007.10.18 15:00:57 | 15,286,272 | ---- | M] (KONAMI) "D:\Programme\SecondLife\SLVoice.exe" -> D:\Programme\SecondLife\SLVoice.exe [D:\Programme\SecondLife\SLVoice.exe:*:Enabled:SLVoice] -> [2008.10.15 01:41:10 | 00,540,672 | ---- | M] () "D:\Programme\TmNationsForever\TmForever.exe" -> D:\Programme\TmNationsForever\TmForever.exe [D:\Programme\TmNationsForever\TmForever.exe:*:Enabled:TmForever] -> [2008.04.14 00:03:42 | 11,976,704 | ---- | M] () "D:\Sierra\EE-ZDE\EE-AOC.exe" -> D:\Sierra\EE-ZDE\EE-AOC.exe [D:\Sierra\EE-ZDE\EE-AOC.exe:*:Disabled:EE-AOC] -> [2002.08.21 10:03:46 | 06,319,567 | ---- | M] () "E:\Setup\HPZnet01.exe" -> E:\Setup\HPZnet01.exe [E:\Setup\HPZnet01.exe:*:Enabled:Install Consumer Experience Network Plug in] -> File not found < SafeBoot AlternateShell [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot -> "AlternateShell" -> cmd.exe -> < CDROM Autorun Setting [HKEY_LOCAL_MACHINE]> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom -> "AutoRun" -> 1 -> "DisplayName" -> CD-ROM-Laufwerktreiber -> "ImagePath" -> %SystemRoot%\system32\drivers\cdrom.sys [system32\DRIVERS\cdrom.sys] -> [2006.06.01 20:06:00 | 00,049,536 | ---- | M] (Microsoft Corporation) < Drives with AutoRun files > -> -> C:\AUTOEXEC.BAT [] -> %SystemDrive%\AUTOEXEC.BAT [ NTFS ] -> [2006.12.21 22:47:15 | 00,000,000 | ---- | M] () C:\autorun.inf [[autorun] | ;jdmmbzfwqrunaxhnfrvauazwilvdtjdpatdocavdux | shellexecute="resycled\boot.com c:" | ;cdsycpkhpm | shell\Open\command="resycled\boot.com c:" | ;nyxblnmzzfovkuvwrrxtlpcacqsoseaorgtoxxmecuhoyaindmhnwvcfrmplgmkxdzpfvqmkmytdodcydl | shell=Open | ;igipsqnh | ] -> %SystemDrive%\autorun.inf [ NTFS ] -> [2008.12.10 16:12:05 | 00,000,255 | RHS- | M] () D:\autorun.inf [[autorun] | ;vdrjypriolqxuxfthyjbkpvnquvvpjsqlbbmcevvhftlnaujfjwxupjtazqgofalujbb | shellexecute="resycled\boot.com d:" | ;tumdmhucrqvfssbrnmpluzclpbpynbodzhzluhxaswkbqhjmstynaadsrgikiwxtjktlddgvqqa | shell\Open\command="resycled\boot.com d:" | ;govyqnaqazseym | ] -> D:\autorun.inf [ NTFS ] -> [2008.12.10 16:12:05 | 00,000,255 | RHS- | M] () < MountPoints2 [HKEY_CURRENT_USER] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2 -> \{2e9ca684-038d-11dc-86ba-0012f018cb37} HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{2e9ca684-038d-11dc-86ba-0012f018cb37}\Shell \{2e9ca684-038d-11dc-86ba-0012f018cb37}\Shell\\"" -> [AutoRun] -> File not found HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{2e9ca684-038d-11dc-86ba-0012f018cb37}\Shell\AutoRun \{2e9ca684-038d-11dc-86ba-0012f018cb37}\Shell\AutoRun\\"" -> [Auto&Play] -> File not found [Files/Folders - Created Within 30 Days] 1 C:\WINDOWS\System32\drivers\*.tmp files -> C:\WINDOWS\System32\drivers\*.tmp -> OTScanIt2 -> %UserProfile%\Desktop\OTScanIt2 -> [2008.12.14 23:12:08 | 00,000,000 | ---D | C] OTScanIt2.exe -> %UserProfile%\Desktop\OTScanIt2.exe -> [2008.12.14 23:08:41 | 00,647,677 | ---- | C] () AntiVir PE Classic.lnk -> %AllUsersProfile%\Desktop\AntiVir PE Classic.lnk -> [2008.12.14 20:59:52 | 00,001,815 | ---- | C] () avgntdd.sys -> %SystemRoot%\System32\drivers\avgntdd.sys -> [2008.12.14 20:59:33 | 00,045,376 | ---- | C] (Avira GmbH) avgntmgr.sys -> %SystemRoot%\System32\drivers\avgntmgr.sys -> [2008.12.14 20:59:33 | 00,022,336 | ---- | C] (Avira GmbH) avipbb.sys -> %SystemRoot%\System32\drivers\avipbb.sys -> [2008.12.14 20:59:30 | 00,075,072 | ---- | C] (Avira GmbH) Avira -> %ProgramFiles%\Avira -> [2008.12.14 20:59:30 | 00,000,000 | ---D | C] Avira -> %AllUsersProfile%\Anwendungsdaten\Avira -> [2008.12.14 20:59:30 | 00,000,000 | ---D | C] avgrsstx.dll -> %SystemRoot%\System32\avgrsstx.dll -> [2008.12.14 03:20:34 | 00,010,520 | ---- | C] (AVG Technologies CZ, s.r.o.) AVG Free 8.0.lnk -> %AllUsersProfile%\Desktop\AVG Free 8.0.lnk -> [2008.12.14 03:20:34 | 00,001,479 | ---- | C] () avgldx86.sys -> %SystemRoot%\System32\drivers\avgldx86.sys -> [2008.12.14 03:20:28 | 00,097,928 | ---- | C] (AVG Technologies CZ, s.r.o.) avgmfx86.sys -> %SystemRoot%\System32\drivers\avgmfx86.sys -> [2008.12.14 03:20:27 | 00,026,824 | ---- | C] (AVG Technologies CZ, s.r.o.) incavi.avm -> %SystemRoot%\System32\drivers\Avg\incavi.avm -> [2008.12.14 03:20:23 | 30,312,507 | ---- | C] () avi7.avg -> %SystemRoot%\System32\drivers\Avg\avi7.avg -> [2008.12.14 03:20:23 | 06,061,540 | ---- | C] () miniavi.avg -> %SystemRoot%\System32\drivers\Avg\miniavi.avg -> [2008.12.14 03:20:23 | 00,334,743 | ---- | C] () microavi.avg -> %SystemRoot%\System32\drivers\Avg\microavi.avg -> [2008.12.14 03:20:23 | 00,050,685 | ---- | C] () Avg -> %SystemRoot%\System32\drivers\Avg -> [2008.12.14 03:20:23 | 00,000,000 | ---D | C] AVGTOOLBAR -> %AppData%\AVGTOOLBAR -> [2008.12.14 03:20:22 | 00,000,000 | ---D | C] avg8 -> %AllUsersProfile%\Anwendungsdaten\avg8 -> [2008.12.14 03:20:09 | 00,000,000 | ---D | C] AVG -> %ProgramFiles%\AVG -> [2008.12.14 03:20:09 | 00,000,000 | ---D | C] Pro_Evolution_Soccer_2009_Full-Rip_Skullptura.torrent -> %UserProfile%\Desktop\Pro_Evolution_Soccer_2009_Full-Rip_Skullptura.torrent -> [2008.12.13 21:32:37 | 00,118,937 | ---- | C] () Audacity.lnk -> %UserProfile%\Desktop\Audacity.lnk -> [2008.12.09 22:14:02 | 00,000,610 | ---- | C] () Audacity -> %ProgramFiles%\Audacity -> [2008.12.09 22:14:01 | 00,000,000 | ---D | C] ReWire.dll -> %SystemRoot%\System32\ReWire.dll -> [2008.12.09 22:02:18 | 00,368,640 | ---- | C] (Propellerhead Software AB) REX Shared Library.dll -> %SystemRoot%\System32\REX Shared Library.dll -> [2008.12.09 22:02:18 | 00,233,472 | ---- | C] (Propellerhead Software AB) Propellerhead Software -> %AllUsersProfile%\Anwendungsdaten\Propellerhead Software -> [2008.12.09 22:02:18 | 00,000,000 | ---D | C] Propellerhead Software -> %AppData%\Propellerhead Software -> [2008.12.09 22:02:09 | 00,000,000 | ---D | C] Reason Demo.lnk -> %AllUsersProfile%\Desktop\Reason Demo.lnk -> [2008.12.09 22:02:01 | 00,000,756 | ---- | C] () Propellerhead -> %ProgramFiles%\Propellerhead -> [2008.12.09 22:01:25 | 00,000,000 | ---D | C] Install Reason Demo.exe -> %UserProfile%\Desktop\Install Reason Demo.exe -> [2008.12.09 22:00:39 | 14,880,9029 | R--- | C] (Propellerhead Software AB ) ReasonDemo_win.zip -> %UserProfile%\Desktop\ReasonDemo_win.zip -> [2008.12.09 21:46:23 | 14,881,0702 | ---- | C] () Deckadance -> %AppData%\Deckadance -> [2008.12.09 21:00:39 | 00,000,000 | ---D | C] Conduit -> %UserProfile%\Lokale Einstellungen\Anwendungsdaten\Conduit -> [2008.12.09 18:33:42 | 00,000,000 | ---D | C] ZZZZZZZZZZZZ -> %ProgramFiles%\ZZZZZZZZZZZZ -> [2008.12.09 18:33:41 | 00,000,000 | ---D | C] Peer2Peer-DE -> %UserProfile%\Lokale Einstellungen\Anwendungsdaten\Peer2Peer-DE -> [2008.12.09 18:33:41 | 00,000,000 | ---D | C] Conduit -> %ProgramFiles%\Conduit -> [2008.12.09 18:33:41 | 00,000,000 | ---D | C] Deckadance.lnk -> %UserProfile%\Desktop\Deckadance.lnk -> [2008.12.09 18:32:04 | 00,000,905 | ---- | C] () Collab.lnk -> %UserProfile%\Desktop\Collab.lnk -> [2008.12.09 18:20:02 | 00,001,621 | ---- | C] () ASIO4ALL v2 Instruction Manual.lnk -> %UserProfile%\Desktop\ASIO4ALL v2 Instruction Manual.lnk -> [2008.12.09 18:19:57 | 00,000,646 | ---- | C] () ASIO4ALL v2 Off-Line Settings.lnk -> %UserProfile%\Desktop\ASIO4ALL v2 Off-Line Settings.lnk -> [2008.12.09 18:19:57 | 00,000,580 | ---- | C] () ASIO4ALL v2 -> %ProgramFiles%\ASIO4ALL v2 -> [2008.12.09 18:19:57 | 00,000,000 | ---D | C] FL Studio 8.lnk -> %UserProfile%\Desktop\FL Studio 8.lnk -> [2008.12.09 18:19:24 | 00,000,659 | ---- | C] () vorbis.acm -> %SystemRoot%\System32\vorbis.acm -> [2008.12.09 18:18:58 | 01,294,336 | ---- | C] (HMS http://hp.vector.co.jp/authors/VA012897/) Image-Line -> %ProgramFiles%\Image-Line -> [2008.12.09 18:18:42 | 00,000,000 | ---D | C] Outsim -> %ProgramFiles%\Outsim -> [2008.12.09 18:18:41 | 00,000,000 | ---D | C] ~$nzinverbrauch.doc -> %UserProfile%\Desktop\~$nzinverbrauch.doc -> [2008.12.08 23:17:03 | 00,000,162 | -H-- | C] () Benzinverbrauch.doc -> %UserProfile%\Desktop\Benzinverbrauch.doc -> [2008.12.08 23:17:02 | 00,037,376 | ---- | C] () rld-fm07 -> %UserProfile%\Desktop\rld-fm07 -> [2008.12.08 18:47:26 | 00,000,000 | ---D | C] rld-fm07.rar -> %UserProfile%\Desktop\rld-fm07.rar -> [2008.12.08 18:46:26 | 07,860,011 | ---- | C] () pro-fim07.mds -> %UserProfile%\Desktop\pro-fim07.mds -> [2008.12.08 18:35:08 | 00,033,362 | ---- | C] () Ndisprot.sys -> %SystemRoot%\System32\drivers\Ndisprot.sys -> [2008.12.08 18:01:29 | 00,027,904 | ---- | C] (Windows (R) Codename Longhorn DDK provider) autorun.inf -> %SystemDrive%\autorun.inf -> [2008.12.08 18:01:28 | 00,000,255 | RHS- | C] () resycled -> %SystemDrive%\resycled -> [2008.12.08 18:01:28 | 00,000,000 | RHSD | C] setup903 -> %UserProfile%\Desktop\setup903 -> [2008.12.08 18:00:53 | 00,000,000 | ---D | C] setup903.zip -> %UserProfile%\Desktop\setup903.zip -> [2008.12.08 18:00:12 | 00,068,208 | ---- | C] () Quadratische_Funktionen_022_Benzin.doc -> %UserProfile%\Desktop\Quadratische_Funktionen_022_Benzin.doc -> [2008.12.08 14:21:10 | 00,044,032 | ---- | C] () Blatt_21.doc -> %UserProfile%\Desktop\Blatt_21.doc -> [2008.12.01 20:34:45 | 00,110,080 | ---- | C] () l_6e60053032b613436dcf1be6619ef6da.jpg -> %UserProfile%\Desktop\l_6e60053032b613436dcf1be6619ef6da.jpg -> [2008.11.30 22:41:49 | 00,003,623 | ---- | C] () l_075943f1fce88b8ad33445868e066140.jpg -> %UserProfile%\Desktop\l_075943f1fce88b8ad33445868e066140.jpg -> [2008.11.30 22:41:26 | 00,003,278 | ---- | C] () l_2725b51d3ee1d2c442e6fac97809f166.jpg -> %UserProfile%\Desktop\l_2725b51d3ee1d2c442e6fac97809f166.jpg -> [2008.11.30 22:40:48 | 00,004,612 | ---- | C] () Mozilla Firefox.lnk -> %AllUsersProfile%\Desktop\Mozilla Firefox.lnk -> [2008.11.26 19:23:13 | 00,001,566 | ---- | C] () Blatt_20.doc -> %UserProfile%\Desktop\Blatt_20.doc -> [2008.11.26 17:57:52 | 00,133,632 | ---- | C] () Divided Soul (song).doc -> %UserProfile%\Eigene Dateien\Divided Soul (song).doc -> [2008.11.26 17:53:24 | 00,031,232 | ---- | C] () Divided Soul.doc -> %UserProfile%\Eigene Dateien\Divided Soul.doc -> [2008.11.24 22:38:18 | 00,020,992 | ---- | C] () 4_e.doc -> %UserProfile%\Desktop\4_e.doc -> [2008.11.24 18:36:07 | 00,019,968 | ---- | C] () 4_d.doc -> %UserProfile%\Desktop\4_d.doc -> [2008.11.24 18:35:52 | 00,017,920 | ---- | C] () Blatt19_4.1_c_.doc -> %UserProfile%\Desktop\Blatt19_4.1_c_.doc -> [2008.11.24 18:35:34 | 00,020,480 | ---- | C] () Blatt19_4a_.doc -> %UserProfile%\Desktop\Blatt19_4a_.doc -> [2008.11.24 18:35:08 | 00,024,576 | ---- | C] () Blatt19_4.1_b_.doc -> %UserProfile%\Desktop\Blatt19_4.1_b_.doc -> [2008.11.24 18:34:39 | 00,024,576 | ---- | C] () xactengine2_8.dll -> %SystemRoot%\System32\xactengine2_8.dll -> [2008.11.23 15:07:37 | 00,266,088 | ---- | C] (Microsoft Corporation) x3daudio1_2.dll -> %SystemRoot%\System32\x3daudio1_2.dll -> [2008.11.23 15:07:37 | 00,018,280 | ---- | C] (Microsoft Corporation) D3DCompiler_34.dll -> %SystemRoot%\System32\D3DCompiler_34.dll -> [2008.11.23 15:07:35 | 01,124,720 | ---- | C] (Microsoft Corporation) d3dx10_34.dll -> %SystemRoot%\System32\d3dx10_34.dll -> [2008.11.23 15:07:35 | 00,443,752 | ---- | C] (Microsoft Corporation) d3dx9_34.dll -> %SystemRoot%\System32\d3dx9_34.dll -> [2008.11.23 15:07:27 | 03,497,832 | ---- | C] (Microsoft Corporation) xactengine2_7.dll -> %SystemRoot%\System32\xactengine2_7.dll -> [2008.11.23 15:07:19 | 00,261,480 | ---- | C] (Microsoft Corporation) D3DCompiler_33.dll -> %SystemRoot%\System32\D3DCompiler_33.dll -> [2008.11.23 15:07:14 | 01,123,696 | ---- | C] (Microsoft Corporation) d3dx10_33.dll -> %SystemRoot%\System32\d3dx10_33.dll -> [2008.11.23 15:07:14 | 00,443,752 | ---- | C] (Microsoft Corporation) xactengine2_6.dll -> %SystemRoot%\System32\xactengine2_6.dll -> [2008.11.23 15:06:49 | 00,255,848 | ---- | C] (Microsoft Corporation) xactengine2_5.dll -> %SystemRoot%\System32\xactengine2_5.dll -> [2008.11.23 15:06:45 | 00,251,672 | ---- | C] (Microsoft Corporation) d3dx9_32.dll -> %SystemRoot%\System32\d3dx9_32.dll -> [2008.11.23 15:06:41 | 03,426,072 | ---- | C] (Microsoft Corporation) xactengine2_4.dll -> %SystemRoot%\System32\xactengine2_4.dll -> [2008.11.23 15:06:38 | 00,237,848 | ---- | C] (Microsoft Corporation) x3daudio1_1.dll -> %SystemRoot%\System32\x3daudio1_1.dll -> [2008.11.23 15:06:38 | 00,015,128 | ---- | C] (Microsoft Corporation) d3dx9_31.dll -> %SystemRoot%\System32\d3dx9_31.dll -> [2008.11.23 15:06:36 | 02,414,360 | ---- | C] (Microsoft Corporation) xactengine2_3.dll -> %SystemRoot%\System32\xactengine2_3.dll -> [2008.11.23 15:06:28 | 00,236,824 | ---- | C] (Microsoft Corporation) xinput1_2.dll -> %SystemRoot%\System32\xinput1_2.dll -> [2008.11.23 15:06:25 | 00,062,744 | ---- | C] (Microsoft Corporation) Alarmstufe Rot 2.lnk -> %AllUsersProfile%\Desktop\Alarmstufe Rot 2.lnk -> [2008.11.22 16:43:58 | 00,000,592 | ---- | C] () Westwood -> %SystemDrive%\Westwood -> [2008.11.22 16:37:53 | 00,000,000 | ---D | C] Solid Edge V20 -> %ProgramFiles%\Solid Edge V20 -> [2008.11.21 19:51:10 | 00,000,000 | ---D | C] wp2.ini -> %SystemRoot%\wp2.ini -> [2008.11.20 19:08:50 | 00,002,303 | ---- | C] () wp.ini -> %SystemRoot%\wp.ini -> [2008.11.20 19:08:50 | 00,000,019 | ---- | C] () peanut -> %SystemDrive%\peanut -> [2008.11.20 19:00:55 | 00,000,000 | ---D | C] V.I.N.C.E_-_Melancholie__Album_.rar -> %UserProfile%\Desktop\V.I.N.C.E_-_Melancholie__Album_.rar -> [2008.11.15 14:53:57 | 46,767,449 | ---- | C] () [Files/Folders - Modified Within 30 Days] 1 C:\WINDOWS\System32\drivers\*.tmp files -> C:\WINDOWS\System32\drivers\*.tmp -> 18 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> 1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Microsoft\Network\Downloader\ -> C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Microsoft\Network\Downloader -> [2006.12.27 09:55:40 | 00,000,000 | ---D | M] qmgr0.dat -> C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Microsoft\Network\Downloader\qmgr0.dat -> [2008.12.09 18:06:06 | 00,004,617 | ---- | M] () qmgr1.dat -> C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Microsoft\Network\Downloader\qmgr1.dat -> [2008.12.09 18:06:07 | 00,004,232 | ---- | M] () C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Microsoft\OFFICE\DATA\ -> C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Microsoft\OFFICE\DATA -> [2007.08.21 16:42:55 | 00,000,000 | ---D | M] opa11.dat -> C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Microsoft\OFFICE\DATA\opa11.dat -> [2006.12.22 01:16:27 | 00,008,206 | ---- | M] () C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\Temporäres Verzeichnis 1 für ReasonDemo_win.zip\ -> C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\Temporäres Verzeichnis 1 für ReasonDemo_win.zip\ -> [2008.12.09 21:51:08 | 00,000,000 | -H-D | M] Install Reason Demo.exe -> C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\Temporäres Verzeichnis 1 für ReasonDemo_win.zip\Install Reason Demo.exe -> [2008.12.09 21:51:42 | 14,794,7520 | ---- | M] (Propellerhead Software AB ) C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\ -> C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp -> [2008.12.14 23:11:45 | 00,000,000 | ---D | M] patchw32.dll -> C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\patchw32.dll -> [2003.08.13 06:58:15 | 00,203,264 | R--- | M] () 308 C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\*.tmp files -> C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\*.tmp -> C:\WINDOWS\Temp\FlashForge\ -> C:\WINDOWS\Temp\FlashForge -> [2008.12.08 14:43:05 | 00,000,000 | ---D | M] hsv screensaver 7-2007.exe -> C:\WINDOWS\Temp\FlashForge\hsv screensaver 7-2007.exe -> [2008.11.21 19:45:36 | 01,575,507 | ---- | M] (Macromedia, Inc.) C:\WINDOWS\Temp\gis5a59e\ -> C:\WINDOWS\Temp\gis5a59e -> [2008.03.18 20:55:17 | 00,000,000 | ---D | M] GoogleUpdater.exe -> C:\WINDOWS\Temp\gis5a59e\GoogleUpdater.exe -> [2008.03.18 12:37:49 | 00,125,624 | ---- | M] (Google) GoogleUpdaterAdminPrefs.exe -> C:\WINDOWS\Temp\gis5a59e\GoogleUpdaterAdminPrefs.exe -> [2008.03.18 12:37:49 | 00,187,064 | ---- | M] (Google) GoogleUpdaterInstallMgr.exe -> C:\WINDOWS\Temp\gis5a59e\GoogleUpdaterInstallMgr.exe -> [2008.03.18 12:37:49 | 00,666,296 | ---- | M] (Google) GoogleUpdaterService.exe -> C:\WINDOWS\Temp\gis5a59e\GoogleUpdaterService.exe -> [2008.03.18 12:37:49 | 00,138,680 | ---- | M] (Google) GoogleUpdaterSetup.exe -> C:\WINDOWS\Temp\gis5a59e\GoogleUpdaterSetup.exe -> [2008.03.18 12:37:49 | 00,125,624 | ---- | M] (Google Inc.) gtfirstboot.exe -> C:\WINDOWS\Temp\gis5a59e\gtfirstboot.exe -> [2008.03.18 12:37:49 | 00,065,536 | ---- | M] () C:\WINDOWS\Temp\gis8c1c2a\ -> C:\WINDOWS\Temp\gis8c1c2a -> [2008.10.30 15:59:44 | 00,000,000 | ---D | M] GoogleUpdater.exe -> C:\WINDOWS\Temp\gis8c1c2a\GoogleUpdater.exe -> [2008.10.29 17:06:18 | 00,161,264 | ---- | M] (Google) GoogleUpdaterService.exe -> C:\WINDOWS\Temp\gis8c1c2a\GoogleUpdaterService.exe -> [2008.10.29 17:06:18 | 00,168,432 | ---- | M] (Google) C:\WINDOWS\Temp\gis8c1c2a\2.4.1368.5602\ -> C:\WINDOWS\Temp\gis8c1c2a\2.4.1368.5602 -> [2008.10.29 17:06:18 | 00,000,000 | ---D | M] GoogleUpdaterAdminPrefs.exe -> C:\WINDOWS\Temp\gis8c1c2a\2.4.1368.5602\GoogleUpdaterAdminPrefs.exe -> [2008.10.29 17:06:17 | 00,228,336 | ---- | M] (Google) GoogleUpdaterInstallMgr.exe -> C:\WINDOWS\Temp\gis8c1c2a\2.4.1368.5602\GoogleUpdaterInstallMgr.exe -> [2008.10.29 17:06:18 | 00,834,032 | ---- | M] (Google) GoogleUpdaterSetup.exe -> C:\WINDOWS\Temp\gis8c1c2a\2.4.1368.5602\GoogleUpdaterSetup.exe -> [2008.10.29 17:06:18 | 00,175,600 | ---- | M] (Google Inc.) C:\WINDOWS\Temp\gis8e3c1\ -> C:\WINDOWS\Temp\gis8e3c1 -> [2007.08.19 18:20:17 | 00,000,000 | ---D | M] GoogleUpdater.exe -> C:\WINDOWS\Temp\gis8e3c1\GoogleUpdater.exe -> [2007.08.18 16:49:30 | 00,124,912 | ---- | M] (Google) GoogleUpdaterAdminPrefs.exe -> C:\WINDOWS\Temp\gis8e3c1\GoogleUpdaterAdminPrefs.exe -> [2007.08.18 16:49:30 | 00,185,840 | ---- | M] (Google) GoogleUpdaterInstallMgr.exe -> C:\WINDOWS\Temp\gis8e3c1\GoogleUpdaterInstallMgr.exe -> [2007.08.18 16:49:30 | 00,664,560 | ---- | M] (Google) GoogleUpdaterService.exe -> C:\WINDOWS\Temp\gis8e3c1\GoogleUpdaterService.exe -> [2007.08.18 16:49:30 | 00,138,680 | ---- | M] (Google) GoogleUpdaterSetup.exe -> C:\WINDOWS\Temp\gis8e3c1\GoogleUpdaterSetup.exe -> [2007.08.18 16:49:30 | 00,124,400 | ---- | M] (Google Inc.) gtfirstboot.exe -> C:\WINDOWS\Temp\gis8e3c1\gtfirstboot.exe -> [2007.08.18 16:49:30 | 00,065,536 | ---- | M] () C:\WINDOWS\Temp\GLKbFilter\ -> C:\WINDOWS\Temp\GLKbFilter -> [2007.07.25 20:16:42 | 00,000,000 | ---D | M] REMOVE.exe -> C:\WINDOWS\Temp\GLKbFilter\REMOVE.exe -> [2005.11.10 08:12:36 | 00,036,864 | R--- | M] () C:\WINDOWS\Temp\gis5a59e\ -> C:\WINDOWS\Temp\gis5a59e -> [2008.03.18 20:55:17 | 00,000,000 | ---D | M] ci.dll -> C:\WINDOWS\Temp\gis5a59e\ci.dll -> [2008.03.18 12:37:49 | 00,877,056 | ---- | M] (Google) cires_de.dll -> C:\WINDOWS\Temp\gis5a59e\cires_de.dll -> [2008.03.18 12:37:49 | 00,135,680 | ---- | M] () npCIDetect11.dll -> C:\WINDOWS\Temp\gis5a59e\npCIDetect11.dll -> [2008.03.18 12:37:49 | 00,083,968 | ---- | M] (Google) C:\WINDOWS\Temp\gis8c1c2a\2.4.1368.5602\ -> C:\WINDOWS\Temp\gis8c1c2a\2.4.1368.5602 -> [2008.10.29 17:06:18 | 00,000,000 | ---D | M] ci.dll -> C:\WINDOWS\Temp\gis8c1c2a\2.4.1368.5602\ci.dll -> [2008.10.29 17:06:18 | 01,119,232 | ---- | M] (Google) cires.dll -> C:\WINDOWS\Temp\gis8c1c2a\2.4.1368.5602\cires.dll -> [2008.10.29 17:06:18 | 00,094,208 | ---- | M] () npCIDetect13.dll -> C:\WINDOWS\Temp\gis8c1c2a\2.4.1368.5602\npCIDetect13.dll -> [2008.10.29 17:06:18 | 00,094,208 | ---- | M] (Google) C:\WINDOWS\Temp\gis8e3c1\ -> C:\WINDOWS\Temp\gis8e3c1 -> [2007.08.19 18:20:17 | 00,000,000 | ---D | M] ci.dll -> C:\WINDOWS\Temp\gis8e3c1\ci.dll -> [2007.08.18 16:49:30 | 00,908,800 | ---- | M] (Google) cires_de.dll -> C:\WINDOWS\Temp\gis8e3c1\cires_de.dll -> [2007.08.18 16:49:30 | 00,136,192 | ---- | M] () npCIDetect11.dll -> C:\WINDOWS\Temp\gis8e3c1\npCIDetect11.dll -> [2007.08.18 16:49:30 | 00,083,968 | ---- | M] (Google) C:\WINDOWS\Temp\is-AQ34F.tmp\ -> C:\WINDOWS\Temp\is-AQ34F.tmp\ -> [2007.12.01 18:29:06 | 00,000,000 | ---D | M] SecurityUtil.dll -> C:\WINDOWS\Temp\is-AQ34F.tmp\SecurityUtil.dll -> [2005.09.27 11:23:36 | 00,086,016 | ---- | M] () C:\WINDOWS\Temp\is-R85HS.tmp\ -> C:\WINDOWS\Temp\is-R85HS.tmp\ -> [2007.07.20 21:34:43 | 00,000,000 | ---D | M] SecurityUtil.dll -> C:\WINDOWS\Temp\is-R85HS.tmp\SecurityUtil.dll -> [2005.09.27 10:23:36 | 00,086,016 | ---- | M] () C:\WINDOWS\Temp\nsd4C.tmp\ -> C:\WINDOWS\Temp\nsd4C.tmp\ -> [2007.11.02 15:14:40 | 00,000,000 | ---D | M] NSIS_Picasa.dll -> C:\WINDOWS\Temp\nsd4C.tmp\NSIS_Picasa.dll -> [2007.11.02 15:14:40 | 00,055,808 | ---- | M] () C:\WINDOWS\Temp\nsj80.tmp\ -> C:\WINDOWS\Temp\nsj80.tmp\ -> [2008.04.24 11:35:19 | 00,000,000 | ---D | M] NSIS_Picasa.dll -> C:\WINDOWS\Temp\nsj80.tmp\NSIS_Picasa.dll -> [2008.04.24 11:35:19 | 00,051,200 | ---- | M] () C:\WINDOWS\Temp\nsq25.tmp\ -> C:\WINDOWS\Temp\nsq25.tmp\ -> [2007.08.29 21:19:16 | 00,000,000 | ---D | M] NSIS_Picasa.dll -> C:\WINDOWS\Temp\nsq25.tmp\NSIS_Picasa.dll -> [2007.08.29 21:19:16 | 00,055,808 | ---- | M] () C:\WINDOWS\Temp\nsy7.tmp\ -> C:\WINDOWS\Temp\nsy7.tmp\ -> [2007.07.03 20:20:54 | 00,000,000 | ---D | M] NSIS_Picasa.dll -> C:\WINDOWS\Temp\nsy7.tmp\NSIS_Picasa.dll -> [2007.07.03 20:20:43 | 00,054,784 | ---- | M] () C:\WINDOWS\Temp\ -> C:\WINDOWS\Temp -> [2008.12.14 23:06:36 | 00,000,000 | ---D | M] Perflib_Perfdata_15f0.dat -> C:\WINDOWS\Temp\Perflib_Perfdata_15f0.dat -> [2008.04.12 21:33:07 | 00,016,384 | ---- | M] () 497 C:\WINDOWS\Temp\*.tmp files -> C:\WINDOWS\Temp\*.tmp -> C:\WINDOWS\Temp\Temporary Internet Files\Content.IE5\ -> C:\WINDOWS\Temp\Temporary Internet Files\Content.IE5\ -> [2007.12.28 22:00:15 | 00,000,000 | --SD | M] index.dat -> C:\WINDOWS\Temp\Temporary Internet Files\Content.IE5\index.dat -> [2008.03.26 19:01:44 | 00,032,768 | ---- | M] () C:\WINDOWS\Temp\Verlauf\History.IE5\ -> C:\WINDOWS\Temp\Verlauf\History.IE5\ -> [2007.12.28 22:00:16 | 00,000,000 | --SD | M] index.dat -> C:\WINDOWS\Temp\Verlauf\History.IE5\index.dat -> [2008.03.26 19:01:44 | 00,016,384 | ---- | M] () OTScanIt2.exe -> %UserProfile%\Desktop\OTScanIt2.exe -> [2008.12.14 23:08:41 | 00,647,677 | ---- | M] () Auf Updates für Windows Live Toolbar prüfen.job -> %SystemRoot%\tasks\Auf Updates für Windows Live Toolbar prüfen.job -> [2008.12.14 22:15:01 | 00,000,248 | ---- | M] () Meine freigegebenen Ordner.lnk -> %UserProfile%\Eigene Dateien\Meine freigegebenen Ordner.lnk -> [2008.12.14 21:28:51 | 00,000,608 | ---- | M] () nvapps.xml -> %SystemRoot%\System32\nvapps.xml -> [2008.12.14 21:26:26 | 00,017,548 | ---- | M] () wpa.dbl -> %SystemRoot%\System32\wpa.dbl -> [2008.12.14 21:26:11 | 00,012,598 | ---- | M] () vsconfig.xml -> %SystemRoot%\System32\vsconfig.xml -> [2008.12.14 21:25:57 | 00,352,900 | ---- | M] () mmf.sys -> %SystemRoot%\System32\mmf.sys -> [2008.12.14 21:25:16 | 00,000,849 | -HS- | M] () SA.DAT -> %SystemRoot%\tasks\SA.DAT -> [2008.12.14 21:25:06 | 00,000,006 | -H-- | M] () bootstat.dat -> %SystemRoot%\bootstat.dat -> [2008.12.14 21:24:51 | 00,002,048 | --S- | M] () OODBS.lor -> %SystemRoot%\System32\OODBS.lor -> [2008.12.14 21:24:47 | 00,415,548 | ---- | M] () AntiVir PE Classic.lnk -> %AllUsersProfile%\Desktop\AntiVir PE Classic.lnk -> [2008.12.14 20:59:52 | 00,001,815 | ---- | M] () avgrsstx.dll -> %SystemRoot%\System32\avgrsstx.dll -> [2008.12.14 03:20:34 | 00,010,520 | ---- | M] (AVG Technologies CZ, s.r.o.) AVG Free 8.0.lnk -> %AllUsersProfile%\Desktop\AVG Free 8.0.lnk -> [2008.12.14 03:20:34 | 00,001,479 | ---- | M] () avgldx86.sys -> %SystemRoot%\System32\drivers\avgldx86.sys -> [2008.12.14 03:20:28 | 00,097,928 | ---- | M] (AVG Technologies CZ, s.r.o.) incavi.avm -> %SystemRoot%\System32\drivers\Avg\incavi.avm -> [2008.12.14 03:20:27 | 30,312,507 | ---- | M] () avgmfx86.sys -> %SystemRoot%\System32\drivers\avgmfx86.sys -> [2008.12.14 03:20:27 | 00,026,824 | ---- | M] (AVG Technologies CZ, s.r.o.) avi7.avg -> %SystemRoot%\System32\drivers\Avg\avi7.avg -> [2008.12.14 03:20:23 | 06,061,540 | ---- | M] () miniavi.avg -> %SystemRoot%\System32\drivers\Avg\miniavi.avg -> [2008.12.14 03:20:23 | 00,334,743 | ---- | M] () microavi.avg -> %SystemRoot%\System32\drivers\Avg\microavi.avg -> [2008.12.14 03:20:23 | 00,050,685 | ---- | M] () NeroDigital.ini -> %SystemRoot%\NeroDigital.ini -> [2008.12.13 23:03:46 | 00,000,116 | ---- | M] () Pro_Evolution_Soccer_2009_Full-Rip_Skullptura.torrent -> %UserProfile%\Desktop\Pro_Evolution_Soccer_2009_Full-Rip_Skullptura.torrent -> [2008.12.13 21:32:37 | 00,118,937 | ---- | M] () Norton Security Scan.job -> %SystemRoot%\tasks\Norton Security Scan.job -> [2008.12.12 18:00:00 | 00,000,394 | ---- | M] () PerfStringBackup.INI -> %SystemRoot%\System32\PerfStringBackup.INI -> [2008.12.11 22:29:18 | 00,955,690 | ---- | M] () perfh007.dat -> %SystemRoot%\System32\perfh007.dat -> [2008.12.11 22:29:18 | 00,415,340 | ---- | M] () perfh009.dat -> %SystemRoot%\System32\perfh009.dat -> [2008.12.11 22:29:18 | 00,400,798 | ---- | M] () perfc007.dat -> %SystemRoot%\System32\perfc007.dat -> [2008.12.11 22:29:18 | 00,073,904 | ---- | M] () perfc009.dat -> %SystemRoot%\System32\perfc009.dat -> [2008.12.11 22:29:18 | 00,060,958 | ---- | M] () PhotoSnapViewer.INI -> %SystemRoot%\PhotoSnapViewer.INI -> [2008.12.10 19:30:19 | 00,000,151 | ---- | M] () autorun.inf -> %SystemDrive%\autorun.inf -> [2008.12.10 16:12:05 | 00,000,255 | RHS- | M] () Audacity.lnk -> %UserProfile%\Desktop\Audacity.lnk -> [2008.12.09 22:14:02 | 00,000,610 | ---- | M] () ReWire.dll -> %SystemRoot%\System32\ReWire.dll -> [2008.12.09 22:02:18 | 00,368,640 | ---- | M] (Propellerhead Software AB) REX Shared Library.dll -> %SystemRoot%\System32\REX Shared Library.dll -> [2008.12.09 22:02:18 | 00,233,472 | ---- | M] (Propellerhead Software AB) Reason Demo.lnk -> %AllUsersProfile%\Desktop\Reason Demo.lnk -> [2008.12.09 22:02:01 | 00,000,756 | ---- | M] () ReasonDemo_win.zip -> %UserProfile%\Desktop\ReasonDemo_win.zip -> [2008.12.09 21:46:31 | 14,881,0702 | ---- | M] () ASIO4ALL v2 Instruction Manual.lnk -> %UserProfile%\Desktop\ASIO4ALL v2 Instruction Manual.lnk -> [2008.12.09 18:32:58 | 00,000,646 | ---- | M] () ASIO4ALL v2 Off-Line Settings.lnk -> %UserProfile%\Desktop\ASIO4ALL v2 Off-Line Settings.lnk -> [2008.12.09 18:32:58 | 00,000,580 | ---- | M] () Deckadance.lnk -> %UserProfile%\Desktop\Deckadance.lnk -> [2008.12.09 18:32:04 | 00,000,905 | ---- | M] () Collab.lnk -> %UserProfile%\Desktop\Collab.lnk -> [2008.12.09 18:20:02 | 00,001,621 | ---- | M] () FL Studio 8.lnk -> %UserProfile%\Desktop\FL Studio 8.lnk -> [2008.12.09 18:19:24 | 00,000,659 | ---- | M] () Benzinverbrauch.doc -> %UserProfile%\Desktop\Benzinverbrauch.doc -> [2008.12.08 23:17:03 | 00,037,376 | ---- | M] () ~$nzinverbrauch.doc -> %UserProfile%\Desktop\~$nzinverbrauch.doc -> [2008.12.08 23:17:03 | 00,000,162 | -H-- | M] () Ndisprot.sys -> %SystemRoot%\System32\drivers\Ndisprot.sys -> [2008.12.08 18:48:45 | 00,027,904 | ---- | M] (Windows (R) Codename Longhorn DDK provider) rld-fm07.rar -> %UserProfile%\Desktop\rld-fm07.rar -> [2008.12.08 18:46:38 | 07,860,011 | ---- | M] () pro-fim07.mds -> %UserProfile%\Desktop\pro-fim07.mds -> [2008.12.08 18:35:09 | 00,033,362 | ---- | M] () setup903.zip -> %UserProfile%\Desktop\setup903.zip -> [2008.12.08 18:00:15 | 00,068,208 | ---- | M] () dirsaver.ini -> %SystemRoot%\dirsaver.ini -> [2008.12.08 14:43:05 | 00,000,012 | ---- | M] () Quadratische_Funktionen_022_Benzin.doc -> %UserProfile%\Desktop\Quadratische_Funktionen_022_Benzin.doc -> [2008.12.08 14:21:12 | 00,044,032 | ---- | M] () 1-Klick-Wartung.job -> %SystemRoot%\tasks\1-Klick-Wartung.job -> [2008.12.05 17:15:00 | 00,000,408 | ---- | M] () Blatt_21.doc -> %UserProfile%\Desktop\Blatt_21.doc -> [2008.12.01 21:03:18 | 00,110,080 | ---- | M] () l_6e60053032b613436dcf1be6619ef6da.jpg -> %UserProfile%\Desktop\l_6e60053032b613436dcf1be6619ef6da.jpg -> [2008.11.30 22:41:43 | 00,003,623 | ---- | M] () l_075943f1fce88b8ad33445868e066140.jpg -> %UserProfile%\Desktop\l_075943f1fce88b8ad33445868e066140.jpg -> [2008.11.30 22:41:18 | 00,003,278 | ---- | M] () l_2725b51d3ee1d2c442e6fac97809f166.jpg -> %UserProfile%\Desktop\l_2725b51d3ee1d2c442e6fac97809f166.jpg -> [2008.11.30 22:40:38 | 00,004,612 | ---- | M] () sqmdata16.sqm -> %SystemDrive%\sqmdata16.sqm -> [2008.11.30 17:59:10 | 00,000,268 | -H-- | M] () sqmnoopt16.sqm -> %SystemDrive%\sqmnoopt16.sqm -> [2008.11.30 17:59:10 | 00,000,244 | -H-- | M] () wp.ini -> %SystemRoot%\wp.ini -> [2008.11.26 21:35:57 | 00,000,019 | ---- | M] () wp2.ini -> %SystemRoot%\wp2.ini -> [2008.11.26 21:35:53 | 00,002,303 | ---- | M] () Mozilla Firefox.lnk -> %AllUsersProfile%\Desktop\Mozilla Firefox.lnk -> [2008.11.26 19:23:13 | 00,001,566 | ---- | M] () Divided Soul (song).doc -> %UserProfile%\Eigene Dateien\Divided Soul (song).doc -> [2008.11.26 18:20:11 | 00,031,232 | ---- | M] () Blatt_20.doc -> %UserProfile%\Desktop\Blatt_20.doc -> [2008.11.26 17:57:58 | 00,133,632 | ---- | M] () Divided Soul.doc -> %UserProfile%\Eigene Dateien\Divided Soul.doc -> [2008.11.24 22:41:06 | 00,020,992 | ---- | M] () 4_e.doc -> %UserProfile%\Desktop\4_e.doc -> [2008.11.24 20:36:03 | 00,019,968 | ---- | M] () GDIPFONTCACHEV1.DAT -> %UserProfile%\Lokale Einstellungen\Anwendungsdaten\GDIPFONTCACHEV1.DAT -> [2008.11.24 19:37:56 | 00,044,032 | ---- | M] () 4_d.doc -> %UserProfile%\Desktop\4_d.doc -> [2008.11.24 18:35:52 | 00,017,920 | ---- | M] () Blatt19_4.1_c_.doc -> %UserProfile%\Desktop\Blatt19_4.1_c_.doc -> [2008.11.24 18:35:34 | 00,020,480 | ---- | M] () Blatt19_4a_.doc -> %UserProfile%\Desktop\Blatt19_4a_.doc -> [2008.11.24 18:35:08 | 00,024,576 | ---- | M] () Blatt19_4.1_b_.doc -> %UserProfile%\Desktop\Blatt19_4.1_b_.doc -> [2008.11.24 18:34:39 | 00,024,576 | ---- | M] () DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini -> %UserProfile%\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini -> [2008.11.24 16:56:26 | 00,124,928 | ---- | M] () IconCache.db -> %UserProfile%\Lokale Einstellungen\Anwendungsdaten\IconCache.db -> [2008.11.23 19:58:06 | 03,177,158 | -H-- | M] () sqmnoopt15.sqm -> %SystemDrive%\sqmnoopt15.sqm -> [2008.11.22 23:17:00 | 00,000,244 | -H-- | M] () sqmdata15.sqm -> %SystemDrive%\sqmdata15.sqm -> [2008.11.22 23:17:00 | 00,000,232 | -H-- | M] () Alarmstufe Rot 2.lnk -> %AllUsersProfile%\Desktop\Alarmstufe Rot 2.lnk -> [2008.11.22 16:43:58 | 00,000,592 | ---- | M] () FNTCACHE.DAT -> %SystemRoot%\System32\FNTCACHE.DAT -> [2008.11.22 11:00:23 | 00,196,960 | ---- | M] () V.I.N.C.E_-_Melancholie__Album_.rar -> %UserProfile%\Desktop\V.I.N.C.E_-_Melancholie__Album_.rar -> [2008.11.15 14:55:18 | 46,767,449 | ---- | M] () [File - Lop Check] Anwendungsdaten -> C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten -> [2008.12.14 03:20:22 | 00,000,000 | -H-D | M] Ahead -> C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Ahead -> [2008.03.31 20:40:20 | 00,000,000 | ---D | M] Atari -> C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Atari -> [2007.08.12 23:49:13 | 00,000,000 | ---D | M] AVGTOOLBAR -> C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\AVGTOOLBAR -> [2008.12.14 03:30:39 | 00,000,000 | ---D | M] CyberLink -> C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\CyberLink -> [2007.04.08 19:30:39 | 00,000,000 | ---D | M] Deckadance -> C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Deckadance -> [2008.12.09 21:00:39 | 00,000,000 | ---D | M] DriveCleaner 2006 Free -> C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\DriveCleaner 2006 Free -> [2007.03.26 14:06:14 | 00,000,000 | ---D | M] dvdcss -> C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\dvdcss -> [2007.07.26 10:55:55 | 00,000,000 | ---D | M] GetRightToGo -> C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\GetRightToGo -> [2007.05.17 12:13:34 | 00,000,000 | ---D | M] gtk-2.0 -> C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\gtk-2.0 -> [2008.11.03 18:26:29 | 00,000,000 | ---D | M] ICQ -> C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\ICQ -> [2007.07.10 21:22:01 | 00,000,000 | ---D | M] ICQ Toolbar -> C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\ICQ Toolbar -> [2007.07.07 15:01:02 | 00,000,000 | ---D | M] Leadertech -> C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Leadertech -> [2007.03.26 20:34:50 | 00,000,000 | ---D | M] LimeWire -> C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\LimeWire -> [2008.12.14 02:21:39 | 00,000,000 | ---D | M] Lionhead Studios -> C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Lionhead Studios -> [2008.01.19 18:33:29 | 00,000,000 | ---D | M] MegauploadToolbar -> C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\MegauploadToolbar -> [2008.12.14 23:08:28 | 00,000,000 | ---D | M] Ordner HP Share-to-Web -> C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Ordner HP Share-to-Web -> [2008.01.11 21:12:29 | 00,000,000 | ---D | M] PRODEGETOOLBAR660 -> C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\PRODEGETOOLBAR660 -> [2008.08.18 18:09:06 | 00,000,000 | ---D | M] Propellerhead Software -> C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Propellerhead Software -> [2008.12.09 22:02:38 | 00,000,000 | ---D | M] SecondLife -> C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\SecondLife -> [2008.10.21 00:26:31 | 00,000,000 | ---D | M] SecuROM -> C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\SecuROM -> [2007.01.04 23:55:48 | 00,000,000 | RH-D | M] Shareaza -> C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Shareaza -> [2008.11.07 18:38:06 | 00,000,000 | ---D | M] teamspeak2 -> C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\teamspeak2 -> [2008.09.13 20:07:59 | 00,000,000 | ---D | M] temp -> C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\temp -> [2008.12.13 23:27:06 | 00,000,000 | ---D | M] TuneUp Software -> C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\TuneUp Software -> [2006.12.21 23:03:30 | 00,000,000 | ---D | M] UseNeXT -> C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\UseNeXT -> [2008.08.18 18:09:02 | 00,000,000 | ---D | M] uTorrent -> C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\uTorrent -> [2008.12.13 21:48:35 | 00,000,000 | ---D | M] Viewpoint -> C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Viewpoint -> [2008.04.25 19:51:42 | 00,000,000 | ---D | M] Anwendungsdaten -> C:\Dokumente und Einstellungen\All Users\Anwendungsdaten -> [2008.12.14 20:59:30 | 00,000,000 | RH-D | M] {B46E1EF5-0B37-4DB4-A4E2-9F2B41036185} -> C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\{B46E1EF5-0B37-4DB4-A4E2-9F2B41036185} -> [2008.10.25 21:56:58 | 00,000,000 | ---D | M] CyberLink -> C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\CyberLink -> [2006.12.21 23:24:23 | 00,000,000 | ---D | M] Firefly Studios -> C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Firefly Studios -> [2008.08.18 18:12:20 | 00,000,000 | ---D | M] Intel -> C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Intel -> [2007.05.17 12:13:31 | 00,000,000 | ---D | M] Kaspersky Anti-Virus Personal Pro -> C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Kaspersky Anti-Virus Personal Pro -> [2007.02.20 23:12:25 | 00,000,000 | ---D | M] Lionhead Studios -> C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Lionhead Studios -> [2008.08.18 18:05:15 | 00,000,000 | ---D | M] Propellerhead Software -> C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Propellerhead Software -> [2008.12.09 22:02:18 | 00,000,000 | ---D | M] Stupid Vc Soft Defy -> C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Stupid Vc Soft Defy -> [2007.10.19 10:47:30 | 00,000,000 | ---D | M] TEMP -> C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TEMP -> [2008.12.14 22:34:11 | 00,000,000 | ---D | M] TrackMania -> C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TrackMania -> [2008.08.18 18:05:29 | 00,000,000 | ---D | M] Trymedia -> C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Trymedia -> [2007.03.28 18:03:31 | 00,000,000 | ---D | M] TuneUp Software -> C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TuneUp Software -> [2006.12.21 23:03:24 | 00,000,000 | ---D | M] Viewpoint -> C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Viewpoint -> [2008.04.25 14:01:40 | 00,000,000 | ---D | M] Windows Live Toolbar -> C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Windows Live Toolbar -> [2007.04.15 20:03:29 | 00,000,000 | ---D | M] C:\WINDOWS\Tasks\ -> C:\WINDOWS\Tasks -> [2008.02.14 07:22:45 | 00,000,000 | --SD | M] 1-Klick-Wartung.job -> C:\WINDOWS\Tasks\1-Klick-Wartung.job -> [2008.12.05 17:15:00 | 00,000,408 | ---- | M] () Auf Updates für Windows Live Toolbar prüfen.job -> C:\WINDOWS\Tasks\Auf Updates für Windows Live Toolbar prüfen.job -> [2008.12.14 22:15:01 | 00,000,248 | ---- | M] () desktop.ini -> C:\WINDOWS\Tasks\desktop.ini -> [2006.06.01 20:06:00 | 00,000,065 | RH-- | M] () Norton Security Scan.job -> C:\WINDOWS\Tasks\Norton Security Scan.job -> [2008.12.12 18:00:00 | 00,000,394 | ---- | M] () SA.DAT -> C:\WINDOWS\Tasks\SA.DAT -> [2008.12.14 21:25:06 | 00,000,006 | -H-- | M] () [File - Purity Scan] [CatchMe Rootkit Scan by GMER] < Windows folder & sub-folders > scanning hidden processes ... scanning hidden services & system hive ... disk error: C:\WINDOWS\system32\config\system, 0 scanning hidden registry entries ... disk error: C:\WINDOWS\system32\config\software, 0 disk error: C:\Dokumente und Einstellungen\Administrator\ntuser.dat, 0 scanning hidden files ... disk error: C:\WINDOWS\ please note that you need administrator rights to perform deep scan < Document and Settings folder & sub folders > scanning hidden files ... disk error: C:\Dokumente und Einstellungen\ please note that you need administrator rights to perform deep scan [Alternate Data Streams] @Alternate Data Stream - 16 bytes -> %UserProfile%\Eigene Dateien\Shareaza Downloads:Shareaza.GUID @Alternate Data Stream - 106 bytes -> %AllUsersProfile%\Anwendungsdaten\TEMP:DFC5A2B2 @Alternate Data Stream - 0 bytes -> %UserProfile%\Eigene Dateien\Thumbs.db:encryptable @Alternate Data Stream - 0 bytes -> %SystemRoot%\Thumbs.db:encryptable < End of report > [/code]