Her you go, I hope you find the little devil...
OTViewIt logfile created on: 01.09.2008 21:09:07 - Run 1
OTViewIt by OldTimer - Version 1.0.1.7 Folder = C:\Dokumente und Einstellungen\Saturn\Desktop
Windows XP Home Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.11)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
446,17 Mb Total Physical Memory | 149,60 Mb Available Physical Memory | 33,53% Memory free
1,03 Gb Paging File | 0,72 Gb Available in Paging File | 69,62% Paging File free
Paging file location(s): C:\pagefile.sys 672 1344;
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 74,53 Gb Total Space | 18,42 Gb Free Space | 24,72% Space Free | Partition Type: NTFS
Drive D: | 1,30 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: SONIASLAPTOP
Current User Name: Saturn
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Whitelist: On
===== Processes - Non-Microsoft Only =====
[07.19.2008 04:25 PM | 00,016,056 | ---- | M] (ALWIL Software) - C:\Programme\Alwil Software\Avast4\aswUpdSv.exe
[07.19.2008 04:38 PM | 00,147,640 | ---- | M] (ALWIL Software) - C:\Programme\Alwil Software\Avast4\ashServ.exe
[07.08.2005 12:13 AM | 00,036,864 | ---- | M] () - C:\WINDOWS\system32\acs.exe
[10.15.2004 12:28 AM | 00,098,394 | ---- | M] (Synaptics, Inc.) - C:\Programme\Synaptics\SynTP\SynTPLpr.exe
[10.15.2004 12:26 AM | 00,688,218 | ---- | M] (Synaptics, Inc.) - C:\Programme\Synaptics\SynTP\SynTPEnh.exe
[07.19.2008 04:38 PM | 00,078,008 | ---- | M] (ALWIL Software) - C:\Programme\Alwil Software\Avast4\ashDisp.exe
[09.06.2007 01:28 PM | 00,110,592 | ---- | M] (Apple, Inc.) - C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
[10.15.2005 03:29 PM | 00,088,203 | ---- | M] (Agere Systems) - C:\WINDOWS\agrsmmsg.exe
[08.05.2005 10:05 PM | 00,344,064 | ---- | M] (ATI Technologies, Inc.) - C:\Programme\ATI Technologies\ATI Control Panel\atiptaxx.exe
[01.18.2005 01:38 AM | 00,040,960 | ---- | M] (TOSHIBA CORPORATION) - C:\Programme\TOSHIBA\ConfigFree\CFSvcs.exe
[09.15.2006 07:05 AM | 00,348,160 | ---- | M] (Juniper Networks) - C:\Programme\Juniper Networks\Common Files\dsNcService.exe
[08.03.2005 05:15 PM | 00,040,960 | ---- | M] (TOSHIBA Corporation) - C:\WINDOWS\system32\TPSBattM.exe
[08.10.2005 11:15 AM | 00,035,328 | ---- | M] (TOSHIBA Corp.) - C:\Programme\TOSHIBA\TOSHIBA Applet\TAPPSRV.exe
[07.19.2008 04:38 PM | 00,250,040 | ---- | M] (ALWIL Software) - C:\Programme\Alwil Software\Avast4\ashMaiSv.exe
[07.23.2008 04:25 PM | 00,348,344 | ---- | M] (ALWIL Software) - C:\Programme\Alwil Software\Avast4\ashWebSv.exe
===== Win32 Services - Non-Microsoft Only =====
(ACS) Atheros-Konfigurationsdienst [Auto | Running]
[07.08.2005 12:13 AM | 00,036,864 | ---- | M] () - C:\WINDOWS\system32\acs.exe
(Apple Mobile Device) Apple Mobile Device [Auto | Running]
[09.06.2007 01:28 PM | 00,110,592 | ---- | M] (Apple, Inc.) - C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
(aswUpdSv) avast! iAVS4 Control Service [Auto | Running]
[07.19.2008 04:25 PM | 00,016,056 | ---- | M] (ALWIL Software) - C:\Programme\Alwil Software\Avast4\aswUpdSv.exe
(avast! Antivirus) avast! Antivirus [Auto | Running]
[07.19.2008 04:38 PM | 00,147,640 | ---- | M] (ALWIL Software) - C:\Programme\Alwil Software\Avast4\ashServ.exe
(avast! Mail Scanner) avast! Mail Scanner [On_Demand | Running]
[07.19.2008 04:38 PM | 00,250,040 | ---- | M] (ALWIL Software) - C:\Programme\Alwil Software\Avast4\ashMaiSv.exe
(avast! Web Scanner) avast! Web Scanner [On_Demand | Running]
[07.23.2008 04:25 PM | 00,348,344 | ---- | M] (ALWIL Software) - C:\Programme\Alwil Software\Avast4\ashWebSv.exe
(CFSvcs) ConfigFree Service [Auto | Running]
[01.18.2005 01:38 AM | 00,040,960 | ---- | M] (TOSHIBA CORPORATION) - C:\Programme\TOSHIBA\ConfigFree\CFSvcs.exe
(DirMS_Defragmentation) DirMS_Defragmentation [On_Demand | Stopped]
[11.27.2006 07:48 AM | 00,245,760 | ---- | M] () - C:\Programme\MATCO\DirmsService.exe
(dsNcService) Juniper Network Connect Service [Auto | Running]
[09.15.2006 07:05 AM | 00,348,160 | ---- | M] (Juniper Networks) - C:\Programme\Juniper Networks\Common Files\dsNcService.exe
(HealthMonitor) HealthMonitor [Disabled | Stopped]
[04.27.2006 11:46 AM | 00,024,576 | ---- | M] (Vittorio Pavesi) - C:\Programme\HealthMonitor\HealthMonitor.exe
(TAPPSRV) TOSHIBA Application Service [Auto | Running]
[08.10.2005 11:15 AM | 00,035,328 | ---- | M] (TOSHIBA Corp.) - C:\Programme\TOSHIBA\TOSHIBA Applet\TAPPSRV.exe
===== Driver Services - Non-Microsoft Only =====
(Aavmker4) avast! Asynchronous Virus Monitor [System | Running]
[07.19.2008 04:32 PM | 00,026,944 | ---- | M] (ALWIL Software) - C:\WINDOWS\System32\drivers\aavmker4.sys
(AgereSoftModem) TOSHIBA V92 Software Modem [On_Demand | Running]
[11.15.2005 06:00 PM | 01,122,656 | ---- | M] (Agere Systems) - C:\WINDOWS\system32\drivers\AGRSM.sys
(AR5211) Atheros Wireless Network Adapter Service [On_Demand | Running]
[09.12.2005 08:08 PM | 00,468,736 | ---- | M] (Atheros Communications, Inc.) - C:\WINDOWS\system32\drivers\ar5211.sys
(aswFsBlk) aswFsBlk [Auto | Running]
[07.19.2008 04:37 PM | 00,020,560 | ---- | M] (ALWIL Software) - C:\WINDOWS\system32\drivers\aswFsBlk.sys
(aswMon2) avast! Standard Shield Support [Auto | Running]
[07.19.2008 04:37 PM | 00,094,416 | ---- | M] (ALWIL Software) - C:\WINDOWS\System32\drivers\aswmon2.sys
(aswRdr) aswRdr [On_Demand | Running]
[07.19.2008 04:33 PM | 00,023,152 | ---- | M] (ALWIL Software) - C:\WINDOWS\System32\drivers\aswRdr.sys
(aswSP) avast! Self Protection [System | Running]
[07.19.2008 04:35 PM | 00,078,416 | ---- | M] (ALWIL Software) - C:\WINDOWS\System32\drivers\aswSP.sys
(aswTdi) avast! Network Shield Support [System | Running]
[07.19.2008 04:32 PM | 00,042,912 | ---- | M] (ALWIL Software) - C:\WINDOWS\System32\drivers\aswTdi.sys
(catchme) catchme [On_Demand | Stopped]
File not found - C:\DOKUME~1\Saturn\LOKALE~1\Temp\catchme.sys
(CVirtA) Cisco Systems VPN Adapter [On_Demand | Stopped]
[05.01.2003 01:26 PM | 00,005,220 | R--- | M] (Cisco Systems, Inc.) - C:\WINDOWS\system32\drivers\CVirtA.sys
(DAdderFltr) DeathAdder Mouse [On_Demand | Stopped]
[11.14.2006 04:29 PM | 00,022,144 | ---- | M] (Razer (Asia-Pacific) Pte Ltd) - C:\WINDOWS\system32\drivers\dadder.sys
(dsNcAdpt) Juniper Network Connect Adapter [On_Demand | Running]
[09.15.2006 07:05 AM | 00,023,552 | ---- | M] (Juniper Networks) - C:\WINDOWS\system32\drivers\dsNcAdpt.sys
(dtscsi) dtscsi [On_Demand | Stopped]
File not found - C:\WINDOWS\System32\Drivers\dtscsi.sys
(FreeOTFE) FreeOTFE [On_Demand | Stopped]
File not found - F:\FreeOTFE\FreeOTFE.sys
(FreeOTFECypherAES_Gladman) FreeOTFECypherAES_Gladman [On_Demand | Stopped]
File not found - F:\FreeOTFE\FreeOTFECypherAES_Gladman.sys
(FreeOTFECypherAES_ltc) FreeOTFECypherAES_ltc [On_Demand | Stopped]
File not found - F:\FreeOTFE\FreeOTFECypherAES_ltc.sys
(FreeOTFECypherBlowfish) FreeOTFECypherBlowfish [On_Demand | Stopped]
File not found - F:\FreeOTFE\FreeOTFECypherBlowfish.sys
(FreeOTFECypherCAST5) FreeOTFECypherCAST5 [On_Demand | Stopped]
File not found - F:\FreeOTFE\FreeOTFECypherCAST5.sys
(FreeOTFECypherCAST6_Gladman) FreeOTFECypherCAST6_Gladman [On_Demand | Stopped]
File not found - F:\FreeOTFE\FreeOTFECypherCAST6_Gladman.sys
(FreeOTFECypherDES) FreeOTFECypherDES [On_Demand | Stopped]
File not found - F:\FreeOTFE\FreeOTFECypherDES.sys
(FreeOTFECypherNull) FreeOTFECypherNull [On_Demand | Stopped]
File not found - F:\FreeOTFE\FreeOTFECypherNull.sys
(FreeOTFECypherRC6_Gladman) FreeOTFECypherRC6_Gladman [On_Demand | Stopped]
File not found - F:\FreeOTFE\FreeOTFECypherRC6_Gladman.sys
(FreeOTFECypherRC6_ltc) FreeOTFECypherRC6_ltc [On_Demand | Stopped]
File not found - F:\FreeOTFE\FreeOTFECypherRC6_ltc.sys
(FreeOTFECypherSerpent_Gladman) FreeOTFECypherSerpent_Gladman [On_Demand | Stopped]
File not found - F:\FreeOTFE\FreeOTFECypherSerpent_Gladman.sys
(FreeOTFECypherTwofish_Gladman) FreeOTFECypherTwofish_Gladman [On_Demand | Stopped]
File not found - F:\FreeOTFE\FreeOTFECypherTwofish_Gladman.sys
(FreeOTFECypherTwofish_HifnCS) FreeOTFECypherTwofish_HifnCS [On_Demand | Stopped]
File not found - F:\FreeOTFE\FreeOTFECypherTwofish_HifnCS.sys
(FreeOTFECypherTwofish_ltc) FreeOTFECypherTwofish_ltc [On_Demand | Stopped]
File not found - F:\FreeOTFE\FreeOTFECypherTwofish_ltc.sys
(FreeOTFECypherXOR) FreeOTFECypherXOR [On_Demand | Stopped]
File not found - F:\FreeOTFE\FreeOTFECypherXOR.sys
(FreeOTFEHashMD) FreeOTFEHashMD [On_Demand | Stopped]
File not found - F:\FreeOTFE\FreeOTFEHashMD.sys
(FreeOTFEHashNull) FreeOTFEHashNull [On_Demand | Stopped]
File not found - F:\FreeOTFE\FreeOTFEHashNull.sys
(FreeOTFEHashRIPEMD) FreeOTFEHashRIPEMD [On_Demand | Stopped]
File not found - F:\FreeOTFE\FreeOTFEHashRIPEMD.sys
(FreeOTFEHashSHA) FreeOTFEHashSHA [On_Demand | Stopped]
File not found - F:\FreeOTFE\FreeOTFEHashSHA.sys
(FreeOTFEHashTiger) FreeOTFEHashTiger [On_Demand | Stopped]
File not found - F:\FreeOTFE\FreeOTFEHashTiger.sys
(FreeOTFEHashWhirlpool) FreeOTFEHashWhirlpool [On_Demand | Stopped]
File not found - F:\FreeOTFE\FreeOTFEHashWhirlpool.sys
(Netdevio) TOSHIBA Network Device Usermode I/O Protocol [Auto | Running]
[01.29.2003 11:35 PM | 00,012,032 | ---- | M] (TOSHIBA Corporation.) - C:\WINDOWS\system32\drivers\Netdevio.sys
(PNDIS5) PNDIS5 NDIS Protocol Driver [On_Demand | Stopped]
File not found - D:\PNDIS5.SYS
(RTL8023xp) Realtek 10/100/1000 NIC Family all in one NDIS XP Driver [On_Demand | Stopped]
[03.04.2005 08:10 PM | 00,074,496 | ---- | M] (Realtek Semiconductor Corporation ) - C:\WINDOWS\system32\drivers\Rtlnicxp.sys
(rtl8139) NT-Treiber für Realtek RTL8139(A/B/C)-basierten PCI-Fast Ethernet-Adapter [On_Demand | Stopped]
[08.03.2004 11:31 PM | 00,020,992 | ---- | M] (Realtek Semiconductor Corporation) - C:\WINDOWS\system32\drivers\RTL8139.sys
(sptd) sptd [Boot | Running]
[09.13.2007 09:05 PM | 00,685,816 | ---- | M] () - C:\WINDOWS\system32\drivers\sptd.sys
(SYMIDSCO) SYMIDSCO [On_Demand | Stopped]
File not found - C:\PROGRA~1\GEMEIN~1\SYMANT~1\SymcData\idsdefs\20060807.097\symidsco.sys
(SynTP) Synaptics TouchPad Driver [On_Demand | Running]
[10.15.2004 12:14 AM | 00,185,728 | ---- | M] (Synaptics, Inc.) - C:\WINDOWS\system32\drivers\SynTP.sys
(TVALD) Toshiba Mobile PC Service [On_Demand | Running]
[10.20.2005 03:03 PM | 00,006,144 | ---- | M] (Toshiba Corporation) - C:\WINDOWS\system32\drivers\NBSMI.sys
(Tvs) TOSHIBA Virtual Sound with SRS technologies [On_Demand | Running]
[11.30.2005 12:01 PM | 00,043,392 | ---- | M] (TOSHIBA Corporation) - C:\WINDOWS\system32\drivers\Tvs.sys
========== Run Keys ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AGRSMMSG" = "C:\WINDOWS\AGRSMMSG.exe" [10.15.2005 03:29 PM | 00,088,203 | ---- | M] (Agere Systems)
"ATIPTA" = C:\PROGRAMME\ATI TECHNOLOGIES\ATI CONTROL PANEL\ATIPTAXX.EXE [08.05.2005 10:05 PM | 00,344,064 | ---- | M] (ATI Technologies, Inc.)
"avast!" = C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe [07.19.2008 04:38 PM | 00,078,008 | ---- | M] (ALWIL Software)
"RTHDCPL" = RTHDCPL.EXE [11.10.2005 08:14 PM | 15,473,664 | ---- | M] (Realtek Semiconductor Corp.)
"SynTPEnh" = C:\Programme\Synaptics\SynTP\SynTPEnh.exe [10.15.2004 12:26 AM | 00,688,218 | ---- | M] (Synaptics, Inc.)
"SynTPLpr" = C:\Programme\Synaptics\SynTP\SynTPLpr.exe [10.15.2004 12:28 AM | 00,098,394 | ---- | M] (Synaptics, Inc.)
"TPSMain" = "C:\WINDOWS\system32\TPSMain.exe" [08.03.2005 05:16 PM | 00,266,240 | ---- | M] (TOSHIBA Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"load" = Reg Error: Key does not exist or could not be opened.
"run" = Reg Error: Key does not exist or could not be opened.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"load" =
"run" = Reg Error: Value run does not exist or could not be read.
========== Startup Folders ==========
[All Users Startup Folder - C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart]
[Saturn Startup Folder - C:\Dokumente und Einstellungen\Saturn\Startmenü\Programme\Autostart]
========== BHO's ==========
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
HKLM CLSID: (Adobe PDF Reader Link Helper) - [12.18.2006 05:16 AM | 00,059,032 | ---- | M] (Adobe Systems Incorporated) C:\Programme\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
HKLM CLSID: (SSVHelper Class) - [06.10.2008 04:27 AM | 00,509,328 | ---- | M] (Sun Microsystems, Inc.) C:\Programme\Java\jre1.6.0_07\bin\ssv.dll
========== Toolbars ==========
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\ShellBrowser]
"{42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6}"
HKLM CLSID: (Reg Error: Key does not exist or could not be opened.) - File not found Reg Error: Key does not exist or could not be opened.
"{C4069E3A-68F1-403E-B40E-20066696354B}"
HKLM CLSID: (Reg Error: Key does not exist or could not be opened.) - File not found Reg Error: Key does not exist or could not be opened.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]
"{0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7}"
HKLM CLSID: (Reg Error: Key does not exist or could not be opened.) - File not found Reg Error: Key does not exist or could not be opened.
========== AppInit_Dlls ==========
========== HKLM Security Providers ==========
========== HKLM Winlogon Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\Shell]
"Explorer.exe" - [06.13.2007 03:21 PM | 01,036,288 | ---- | M] (Microsoft Corporation) C:\WINDOWS\explorer.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\UserInit]
"C:\WINDOWS\SYSTEM32\Userinit.exe" - [08.04.2004 03:00 PM | 00,025,088 | ---- | M] (Microsoft Corporation) C:\WINDOWS\system32\userinit.exe
"C:\WINDOWS\system32\oembios.exe" - [08.04.2004 03:00 PM | 00,136,704 | R--- | M] () C:\WINDOWS\system32\oembios.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\UIHost]
"logonui.exe" - [08.04.2004 03:00 PM | 00,515,072 | ---- | M] (Microsoft Corporation) C:\WINDOWS\system32\logonui.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\VMApplet]
"rundll32 shell32" - [10.25.2007 06:42 PM | 08,501,248 | ---- | M] (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
"Control_RunDLL "sysdm.cpl"" - [08.04.2004 03:00 PM | 00,303,104 | ---- | M] (Microsoft Corporation) C:\WINDOWS\system32\sysdm.cpl
========== User's Winlogon Settings ==========
========== Winlogon Notify Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
"DllName" = C:\WINDOWS\system32\ati2evxx.dll [08.04.2005 07:04 AM | 00,046,080 | ---- | M] (ATI Technologies Inc.)
========== Policies ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer]
Unable to open key or key not present!
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System]
"dontdisplaylastusername" = 0
"legalnoticecaption" =
"legalnoticetext" =
"shutdownwithoutlogon" = 1
"undockwithoutlogon" = 1
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer]
"NoDriveTypeAutoRun" = 145
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System]
"NoDispBackgroundPage" = 1
"NoDispScrSavPage" = 1
"disableregistrytools" = 0
========== Lsa Authentication Packages ==========
========== Lsa Security Packages ==========
========== Desktop Components ==========
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Desktop\Components\0]
"FriendlyName" = "Die derzeitige Homepage"
"Source" = "About:Home"
"SubscribedURL" = "About:Home"
========== Safeboot Options ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot]
"AlternateShell" = cmd.exe
========== Disabled MsConfig Items ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\services]
"ose" = 3
"O&O Defrag" = 2
"iPod Service" = 3
"HealthMonitor" = 2
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Alcmtr]
"key" = SOFTWARE\Microsoft\Windows\CurrentVersion\Run
"item" = C:\WINDOWS\Alcmtr.exe [05.04.2005 03:43 AM | 00,069,632 | ---- | M] (Realtek Semiconductor Corp.)
"hkey" = HKLM
"command" = C:\WINDOWS\Alcmtr.exe [05.04.2005 03:43 AM | 00,069,632 | ---- | M] (Realtek Semiconductor Corp.)
"inimapping" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\PadTouch]
"key" = SOFTWARE\Microsoft\Windows\CurrentVersion\Run
"item" = PadExe
"hkey" = HKLM
"command" = C:\Programme\TOSHIBA\Touch and Launch\PadExe.exe [08.30.2005 01:34 PM | 01,077,328 | ---- | M] (TOSHIBA)
"inimapping" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\state]
"system.ini" = 0
"win.ini" = 0
"bootini" = 0
"services" = 2
"startup" = 2
========== CDRom AutoRun Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom]
"AutoRun" = 1
========== Autorun Files on Drives ==========
AUTOEXEC.BAT []
[12.05.2005 04:45 PM | 00,000,000 | ---- | M] () C:\AUTOEXEC.BAT [ NTFS ]
========== MountPoints2 ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{0b43f858-fae3-11da-8ffb-0016e324ee5e}\Shell]
"" = None
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{13cb22b3-4f41-11dd-923d-0016e324ee5e}\Shell]
"" = None
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{255f6129-0db4-11db-9026-0016e324ee5e}\Shell]
"" = None
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{3762d97a-f789-11da-8fec-0016e324ee5e}\Shell]
"" = None
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{78d40111-0302-11dc-91d7-0016e324ee5e}\Shell]
"" = None
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{7ba26306-4bc8-11db-90ae-0016e324ee5e}\Shell]
"" = None
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{994ed6a9-f476-11da-8fde-0016e324ee5e}\Shell]
"" = None
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{9c09ffc4-4f1c-11dd-923c-0016e324ee5e}\Shell]
"" = None
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{aa940a54-14e7-11dd-921a-00a0d13ddbd3}\Shell]
"" = None
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{aa940a55-14e7-11dd-921a-00a0d13ddbd3}\Shell]
"" = None
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{aa940a56-14e7-11dd-921a-00a0d13ddbd3}\Shell]
"" = None
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{aa940a57-14e7-11dd-921a-00a0d13ddbd3}\Shell]
"" = None
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{ba4c10b6-f332-11da-8fdb-0016e324ee5e}\Shell]
"" = None
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{cb379e65-eca4-11da-8fcb-806d6172696f}\Shell]
"" = None
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{d3d200b8-5229-11dd-923e-0016e324ee5e}\Shell]
"" = None
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{fc2277f8-22bc-11db-9046-0016e324ee5e}\Shell]
"" = None
========== DNS Name Servers ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Adapters\{251F8888-C33A-42CD-801E-32846FA2D6A1}]
Servers: | Description: 1394-Netzwerkadapter
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Adapters\{4CF82B47-C2C9-4B67-9BA6-F42C72C43656}]
Servers: | Description:
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Adapters\{594D937A-E2A3-424F-96F8-B80E240D74A4}]
Servers: | Description: Atheros AR5005G Wireless Network Adapter
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Adapters\{5F73167E-47BC-4DBA-B5B7-0E21230D1A35}]
Servers: | Description: Realtek RTL8139/810x Family Fast Ethernet NIC
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Adapters\{97A7DF20-7957-4B6E-9D5B-C5338650C65D}]
Servers: | Description:
========== Hosts File ==========
HOSTS File = (845 bytes) - C:\WINDOWS\System32\drivers\etc\Hosts
First 25 entries...
127.0.0.1 localhost
127.0.0.1 microsoft.com
========== Files/Folders - Created Within 30 days ==========
[08.25.2008 10:15 AM | ---D | C] - C:\!KillBox
[09.01.2008 08:29 AM | ---D | C] - C:\_OTMoveIt
[22 C:\WINDOWS\System32\*.tmp files]
[08.24.2008 11:46 PM | 00,625,208 | ---- | C] () - C:\WINDOWS\System32\phc31pj0ej0c.bmp
[08.24.2008 11:46 PM | -HSD | C] - C:\WINDOWS\System32\sysproc64
[08.17.2008 03:35 PM | ---D | C] - C:\Dokumente und Einstellungen\All Users\Dokumente\sun
[08.17.2008 09:30 PM | ---D | C] - C:\Dokumente und Einstellungen\Saturn\Eigene Dateien\My Saved Games
[08.25.2008 08:17 AM | 00,099,262 | ---- | C] () - C:\Dokumente und Einstellungen\Saturn\Desktop\SmitfraudFix.zip
[08.25.2008 10:06 AM | 00,001,544 | ---- | C] () - C:\Dokumente und Einstellungen\Saturn\Desktop\HijackThis.lnk
[08.25.2008 10:07 AM | 00,092,672 | ---- | C] (Option^Explicit Software
[email protected]) - C:\Dokumente und Einstellungen\Saturn\Desktop\KillBox.exe
[08.25.2008 10:07 AM | 00,186,946 | ---- | C] (Business Information Solutions) - C:\Dokumente und Einstellungen\Saturn\Desktop\AntiPuper.exe
[08.25.2008 10:07 AM | 01,147,911 | ---- | C] (McAfee Inc.) - C:\Dokumente und Einstellungen\Saturn\Desktop\stinger3.exe
[08.25.2008 10:51 AM | 00,000,024 | ---- | C] () - C:\Dokumente und Einstellungen\Saturn\Desktop\stinger3.opt
[09.01.2008 08:17 AM | 02,840,693 | R--- | C] () - C:\Dokumente und Einstellungen\Saturn\Desktop\ComboFix.exe
[08.17.2008 01:54 PM | ---D | C] - C:\Programme\DOSBox-0.72
[08.17.2008 03:48 PM | ---D | C] - C:\Programme\OpenOffice.org 2.4
[08.24.2008 03:48 PM | ---D | C] - C:\Programme\VS Revo Group
[08.24.2008 08:49 PM | ---D | C] - C:\Programme\MATCO
[08.25.2008 10:06 AM | ---D | C] - C:\Programme\HijackThis
========== Files - Modified Within 30 days ==========
[09.01.2008 09:49 AM | 46,791,4752 | -HS- | M] () - C:\hiberfil.sys
[22 C:\WINDOWS\System32\*.tmp files]
[08.25.2008 01:23 AM | 00,205,248 | ---- | M] () - C:\WINDOWS\System32\FNTCACHE.DAT
[08.25.2008 07:59 AM | 00,625,208 | ---- | M] () - C:\WINDOWS\System32\phc31pj0ej0c.bmp
[09.01.2008 08:11 AM | 00,001,158 | ---- | M] () - C:\WINDOWS\System32\wpa.dbl
[1 C:\WINDOWS\*.tmp files]
[08.15.2008 07:41 PM | 00,001,374 | ---- | M] () - C:\WINDOWS\imsins.BAK
[09.01.2008 09:50 AM | 00,002,048 | --S- | M] () - C:\WINDOWS\bootstat.dat
[08.13.2008 08:28 AM | 00,134,656 | ---- | M] () - C:\Dokumente und Einstellungen\Saturn\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[08.24.2008 11:45 PM | 00,030,560 | ---- | M] () - C:\Dokumente und Einstellungen\Saturn\Lokale Einstellungen\Anwendungsdaten\GDIPFONTCACHEV1.DAT
[08.25.2008 11:09 AM | 01,574,570 | -H-- | M] () - C:\Dokumente und Einstellungen\Saturn\Lokale Einstellungen\Anwendungsdaten\IconCache.db
[08.17.2008 06:00 PM | 00,002,121 | ---- | M] () - C:\Dokumente und Einstellungen\Saturn\Desktop\iTunes.lnk
[08.25.2008 08:17 AM | 00,099,262 | ---- | M] () - C:\Dokumente und Einstellungen\Saturn\Desktop\SmitfraudFix.zip
[08.25.2008 10:06 AM | 00,001,544 | ---- | M] () - C:\Dokumente und Einstellungen\Saturn\Desktop\HijackThis.lnk
[08.25.2008 10:51 AM | 00,000,024 | ---- | M] () - C:\Dokumente und Einstellungen\Saturn\Desktop\stinger3.opt
[08.25.2008 10:53 AM | 00,092,672 | ---- | M] (Option^Explicit Software
[email protected]) - C:\Dokumente und Einstellungen\Saturn\Desktop\KillBox.exe
[08.25.2008 10:54 AM | 00,186,946 | ---- | M] (Business Information Solutions) - C:\Dokumente und Einstellungen\Saturn\Desktop\AntiPuper.exe
[08.25.2008 11:00 AM | 01,147,911 | ---- | M] (McAfee Inc.) - C:\Dokumente und Einstellungen\Saturn\Desktop\stinger3.exe
[09.01.2008 08:54 AM | 02,840,693 | R--- | M] () - C:\Dokumente und Einstellungen\Saturn\Desktop\ComboFix.exe
< End of report >
OTViewIt Extras logfile created on: 01.09.2008 21:09:07 - Run 1
OTViewIt by OldTimer - Version 1.0.1.7 Folder = C:\Dokumente und Einstellungen\Saturn\Desktop
Windows XP Home Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.11)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
446,17 Mb Total Physical Memory | 149,60 Mb Available Physical Memory | 33,53% Memory free
1,03 Gb Paging File | 0,72 Gb Available in Paging File | 69,62% Paging File free
Paging file location(s): C:\pagefile.sys 672 1344;
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 74,53 Gb Total Space | 18,42 Gb Free Space | 24,72% Space Free | Partition Type: NTFS
Drive D: | 1,30 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019
[08.04.2004 03:00 PM | 00,142,848 | ---- | M] (Microsoft Corporation)
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000
[10.10.2006 02:44 PM | 00,557,568 | ---- | M] (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019
[08.04.2004 03:00 PM | 00,142,848 | ---- | M] (Microsoft Corporation)
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000
[10.10.2006 02:44 PM | 00,557,568 | ---- | M] (Microsoft Corporation)
"C:\Programme\FileZilla\FileZilla.exe" = C:\Programme\FileZilla\FileZilla.exe:*:Enabled:FileZilla
File not found
"C:\Programme\Macromedia\Dreamweaver MX\Dreamweaver.exe" = C:\Programme\Macromedia\Dreamweaver MX\Dreamweaver.exe:*:Enabled:Dreamweaver MX
File not found
"C:\Programme\Soulseek\slsk.exe" = C:\Programme\Soulseek\slsk.exe:*:Enabled:SoulSeek
[04.18.2005 12:08 AM | 03,112,960 | ---- | M] ()
"C:\Programme\Last.fm\LastFM.exe" = C:\Programme\Last.fm\LastFM.exe:*:Enabled:LastFM
[05.28.2008 04:13 PM | 01,138,688 | ---- | M] (Last.fm)
"C:\Programme\Mozilla Firefox\firefox.exe" = C:\Programme\Mozilla Firefox\firefox.exe:*:Enabled:Firefox
[07.03.2008 04:25 AM | 00,307,712 | ---- | M] (Mozilla Corporation)
"C:\Programme\Macromedia\FreeHand MX\FreeHand MX.exe" = C:\Programme\Macromedia\FreeHand MX\FreeHand MX.exe:*:Enabled:FreeHand MX
[02.03.2003 12:46 AM | 06,901,760 | ---- | M] ()
"C:\Programme\Opera\Opera.exe" = C:\Programme\Opera\Opera.exe:*:Enabled:Opera Internet Browser
[06.11.2008 08:16 PM | 00,098,816 | ---- | M] (Opera Software)
"C:\Programme\JAlbum 6.5\JAlbumWin.exe" = C:\Programme\JAlbum 6.5\JAlbumWin.exe:*:Enabled:JAlbumWin
[09.28.2006 02:34 PM | 21,112,832 | ---- | M] ()
"C:\Programme\Macromedia\Flash MX\Flash.exe" = C:\Programme\Macromedia\Flash MX\Flash.exe:*:Enabled:Flash 6.0 r25
[03.07.2002 09:30 PM | 12,173,312 | ---- | M] (Macromedia, Inc.)
"C:\WINDOWS\system32\fxsclnt.exe" = C:\WINDOWS\system32\fxsclnt.exe:*:Enabled:Microsoft Fax Console
[08.04.2004 03:00 PM | 00,143,360 | ---- | M] (Microsoft Corporation)
"C:\Programme\Joost\xulrunner\tvprunner.exe" = C:\Programme\Joost\xulrunner\tvprunner.exe:*:Enabled:tvprunner
File not found
"C:\WINDOWS\system32\ElectricSheep.scr" = C:\WINDOWS\system32\ElectricSheep.scr:*:Enabled:ElectricSheep
File not found
"C:\Programme\Internet Explorer\iexplore.exe" = C:\Programme\Internet Explorer\iexplore.exe:*:Enabled:Internet Explorer
[06.23.2008 11:20 AM | 00,625,664 | ---- | M] (Microsoft Corporation)
"C:\WINDOWS\system32\javaw.exe" = C:\WINDOWS\system32\javaw.exe:*:Enabled:Java 2 Platform Standard Edition binary
[06.10.2008 01:21 AM | 00,135,168 | ---- | M] (Sun Microsystems, Inc.)
"D:\Setup.exe" = D:\Setup.exe:*:Enabled:Setup
File not found
"C:\Programme\iTunes\iTunes.exe" = C:\Programme\iTunes\iTunes.exe:*:Enabled:iTunes
[06.02.2008 11:13 AM | 20,638,504 | ---- | M] (Apple Inc.)
"C:\WINDOWS\system32\drivers\svchost.exe" = C:\WINDOWS\system32\drivers\svchost.exe:*:Disabled:svchost
File not found
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.bat [@ = batfile] - "%1" %*
.cmd [@ = cmdfile] - "%1" %*
.com [@ = comfile] - "%1" %*
.exe [@ = exefile] - "%1" %*
.html [@ = FirefoxHTML] - [07.03.2008 04:25 AM | 00,307,712 | ---- | M] (Mozilla Corporation) - C:\Programme\Mozilla Firefox\firefox.exe
.js [@ = Reg Error: Value does not exist or could not be read.] - File not found - Reg Error: Key does not exist or could not be opened.
.pif [@ = piffile] - "%1" %*
.scr [@ = scrfile] - "%1" /S
========== Winsock2 Catalogs ==========
========== HKEY_LOCAL_MACHINE Protocol Defaults ==========
========== HKEY_CURRENT_USER Protocol Defaults ==========
========== Protocol Handlers ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\]
ipp: [HKLM - No CLSID value]
msdaipp: [HKLM - No CLSID value]
========== Protocol Filters ==========
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{02DFF6B1-1654-411C-8D7B-FD6052EF016F}" = Apple Software Update
"{0456ebd7-5f67-4ab6-852e-63781e3f389c}" = Macromedia Flash Player
"{05832D65-6EDB-4D32-BA78-BCD0E2B91C02}" = Atheros Wireless LAN MiniPCI card Driver
"{08CA9554-B5FE-4313-938F-D4A417B81175}" = QuickTime
"{0BEDBD4E-2D34-47B5-9973-57E62B29307C}" = ATI Systemsteuerung
"{10236EC6-5F49-4DD7-B1F2-AC4BE23B0442}_is1" = FastCrawl Version 1.03
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_iP2500_series" = Canon iP2500 series
"{12B3A009-A080-4619-9A2A-C6DB151D8D67}" = TOSHIBA Assist
"{18D10072035C4515918F7E37EAFAACFC}" = AutoUpdate
"{311F799A-FCE9-4D9E-B5D2-CBB8859B40BB}" = Microsoft XNA Framework Redistributable 1.0 Refresh
"{3154B949-F183-4C31-9693-1F97DB3CF68C}_is1" = SEPY ActionScript Editor
"{3248F0A8-6813-11D6-A77B-00B0D0150040}" = J2SE Runtime Environment 5.0 Update 4
"{3248F0A8-6813-11D6-A77B-00B0D0160040}" = Java 6 Update 4
"{3248F0A8-6813-11D6-A77B-00B0D0160070}" = Java 6 Update 7
"{350C97B3-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3BE480ED-E17A-431A-981C-5C2EDDBCD3BF}" = Macromedia Flash MX
"{3EB6332B-AF02-457C-A31C-835458C5B48B}" = TOSHIBA Benutzerhandbücher
"{43721D86-16D1-46BF-8353-37CD82333BC3}" = OpenOffice.org 2.4
"{44734179-8A79-4DEE-BB08-73037F065543}" = Apple Mobile Device Support
"{4B1FA220-DF45-47E0-A3B5-F2576C801489}" = "WPF/E" (codename) Community Technology Preview (Dec 2006)
"{56F6A91D-46D4-4919-ABE6-55BD17DEB039}" = SweetMovieLife 1.0E
"{5D96E2B1-D9AC-46E0-9073-425C5F63E338}" = Touch and Launch
"{64212898-097F-4F3F-AECA-6D34A7EF82DF}" = TOSHIBA Zoom-Dienstprogramm
"{64DD71BC-3109-4C88-9AD3-D5422644B722}" = TOSHIBA Hotkey Utility
"{69BE47C2-36FE-4397-8199-85D8EAE69982}" = TOSHIBA TouchPad ON/Off Utility
"{71D658CF-4E0D-4DA8-AA67-8C0B6F1C01FE}" = Atheros Client Utility
"{7472B5B4-3FB7-446F-BC78-6BBA506EC473}" = Opera 9.50
"{78C68CB9-3DF5-44F3-AB9D-FA305C5EB85C}" = TOSHIBA Utilities
"{7B63B2922B174135AFC0E1377DD81EC2}" = DivX Codec
"{8B12BA86-ADAC-4BA6-B441-FFC591087252}" = TOSHIBA Virtual Sound
"{8B4AB829-DFD3-436D-B808-D9733D76C590}" = MacromediaDreamweaver MX
"{8B4AE751-7055-4518-87B0-E148A8D50D0A}" = Macromedia FreeHand MX
"{8BF2C401-02CE-424D-BC26-6C4F9FB446B6}" = Macromedia Flash 8 Video Encoder
"{91057632-CA70-413C-B628-2D3CDBBB906B}" = Macromedia Flash Player 8 Plugin
"{91A10407-6000-11D3-8CFE-0150048383C9}" = Microsoft Office OneNote 2003
"{94FB906A-CF42-4128-A509-D353026A607E}" = REALTEK Gigabit and Fast Ethernet NIC Driver
"{9F70BF98-003C-491D-81FC-FF9792206AF0}" = iTunes
"{9FE35071-CAB2-4E79-93E7-BFC6A2DC5C5D}" = CD/DVD Drive Acoustic Silencer
"{A6690C0E-B96E-4F0F-A8EB-D5B332454AC6}" = TOSHIBA Controls
"{AC76BA86-7AD7-1031-7B44-A70900000002}" = Adobe Reader 7.0.9 - Deutsch
"{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter
"{B508B3F1-A24A-32C0-B310-85786919EF28}" = Microsoft .NET Framework 2.0 Service Pack 1
"{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Web Player
"{BD57EA4D-026E-4F08-9B93-080E282B81FE}" = iPod for Windows 2006-06-28
"{BDD83DC9-BEE9-4654-A5DA-CC46C250088D}" = TOSHIBA ConfigFree
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{D050D7362D214723AD585B541FFB6C11}" = DivX Content Uploader
"{D1014B9B-5704-4B27-B581-1C19B72528D1}" = Panasonic DVC USB Driver
"{E07C71A6-1576-4F7F-8856-B1C439E669AC}" = MotionDV STUDIO 5.6E LE for DV
"{E78BFA60-5393-4C38-82AB-E8019E464EB4}" = Microsoft .NET Framework 1.1 German Language Pack
"{EB1B8449-CD8F-485B-ADB6-02FBCFE180D3}" = DeathAdder Mouse
"{EC1F15E1-F3CC-46EE-B7A5-849A08ED60DC}}_is1" = PantsOff 2.0
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F81B7B81-6458-4A38-A261-BC163E16EB8B}" = DirMS-S
"7-Zip" = 7-Zip 4.42
"Adobe Flash Player Plugin" = Adobe Flash Player Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player
"AFPL Ghostscript 8.54" = AFPL Ghostscript 8.54
"AFPL Ghostscript Fonts" = AFPL Ghostscript Fonts
"All ATI Software" = ATI - Software Uninstall Utility
"Aspell German Dictionary_is1" = Aspell German Dictionary-0.50-2
"AstroWorld 2003 Millennium" = AstroWorld 2003 Millennium
"ATI Display Driver" = ATI Display Driver
"avast!" = avast! Antivirus
"BLOCKSUM_is1" = Uninstall BLOCKSUM
"Canon iP2500 series Benutzerregistrierung" = Canon iP2500 series Benutzerregistrierung
"CCleaner" = CCleaner (remove only)
"CCS64 V3.1" = CCS64 V3.1
"CDisplay_is1" = CDisplay 1.8
"dBpowerAMP Music Converter" = dBpowerAMP Music Converter
"dBpowerAMP WMA V9.1 Codec" = dBpowerAMP WMA V9.1 Codec
"dm Fotowelt" = dm Fotowelt
"EPSON Printer and Utilities" = EPSON-Drucker-Software
"FileZilla Client" = FileZilla Client 3.0.2.1
"Flickr Uploadr" = Flickr Uploadr 2.5.0.15
"Foxit Reader" = Foxit Reader
"GNU Aspell_is1" = GNU Aspell 0.50-3
"GTK 2.0" = GTK+ Runtime 2.10.13 rev a (nur entfernen)
"HealthMonitor" = HealthMonitor 3.1
"HijackThis" = HijackThis 2.0.2
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie7" = Windows Internet Explorer 7
"InfraRecorder" = InfraRecorder
"InstallShield_{BD57EA4D-026E-4F08-9B93-080E282B81FE}" = iPod for Windows 2006-06-28
"InstallShield_{D1014B9B-5704-4B27-B581-1C19B72528D1}" = Panasonic DVC USB Driver
"iScrobbler" = iScrobbler
"JAlbum_0" = JAlbum 6.5
"Juniper Network Connect 5.3.0" = Juniper Networks Network Connect 5.3.0
"KB873333" = Windows XP-Hotfix - KB873333
"KB873339" = Windows XP-Hotfix - KB873339
"KB884018" = Windows XP-Hotfix - KB884018
"KB885250" = Windows XP-Hotfix - KB885250
"KB885835" = Windows XP-Hotfix - KB885835
"KB885836" = Windows XP-Hotfix - KB885836
"KB885855" = Windows XP-Hotfix - KB885855
"KB886185" = Windows XP-Hotfix - KB886185
"KB887472" = Windows XP-Hotfix - KB887472
"KB887742" = Windows XP-Hotfix - KB887742
"KB888111WXPSP2" = High Definition Audio Driver Package - KB888111
"KB888113" = Windows XP-Hotfix - KB888113
"KB888302" = Windows XP-Hotfix - KB888302
"KB889673" = Windows XP-Hotfix - KB889673
"KB890046" = Sicherheitsupdate für Windows XP (KB890046)
"KB890175" = Windows XP-Hotfix - KB890175
"KB890859" = Windows XP-Hotfix - KB890859
"KB891781" = Windows XP-Hotfix - KB891781
"KB893056" = Windows XP-Hotfix - KB893056
"KB893066" = Sicherheitsupdate für Windows XP (KB893066)
"KB893357" = Hotfix für Windows XP (KB893357)
"KB893756" = Sicherheitsupdate für Windows XP (KB893756)
"KB893803v2" = Windows Installer 3.1 (KB893803)
"KB894391" = Update für Windows XP (KB894391)
"KB894871" = Hotfix für Windows XP (KB894871)
"KB895200" = Windows XP-Hotfix - KB895200
"KB896358" = Sicherheitsupdate für Windows XP (KB896358)
"KB896422" = Sicherheitsupdate für Windows XP (KB896422)
"KB896423" = Sicherheitsupdate für Windows XP (KB896423)
"KB896424" = Sicherheitsupdate für Windows XP (KB896424)
"KB896428" = Sicherheitsupdate für Windows XP (KB896428)
"KB896688" = Sicherheitsupdate für Windows XP (KB896688)
"KB898458" = Sicherheitsupdate für Step by Step Interactive Training (KB898458)
"KB898461" = Update für Windows XP (KB898461)
"KB899587" = Sicherheitsupdate für Windows XP (KB899587)
"KB899589" = Sicherheitsupdate für Windows XP (KB899589)
"KB899591" = Sicherheitsupdate für Windows XP (KB899591)
"KB900485" = Update für Windows XP (KB900485)
"KB900725" = Sicherheitsupdate für Windows XP (KB900725)
"KB901017" = Sicherheitsupdate für Windows XP (KB901017)
"KB901214" = Sicherheitsupdate für Windows XP (KB901214)
"KB902400" = Sicherheitsupdate für Windows XP (KB902400)
"KB904706" = Sicherheitsupdate für Windows XP (KB904706)
"KB904942" = Update für Windows XP (KB904942)
"KB905414" = Sicherheitsupdate für Windows XP (KB905414)
"KB905749" = Sicherheitsupdate für Windows XP (KB905749)
"KB908519" = Sicherheitsupdate für Windows XP (KB908519)
"KB908531" = Update für Windows XP (KB908531)
"KB910437" = Update für Windows XP (KB910437)
"KB911280" = Sicherheitsupdate für Windows XP (KB911280)
"KB911562" = Sicherheitsupdate für Windows XP (KB911562)
"KB911564" = Sicherheitsupdate für Windows Media Player (KB911564)
"KB911565" = Sicherheitsupdate für Windows Media Player 10 (KB911565)
"KB911567" = Sicherheitsupdate für Windows XP (KB911567)
"KB911927" = Sicherheitsupdate für Windows XP (KB911927)
"KB912812" = Sicherheitsupdate für Windows XP (KB912812)
"KB912919" = Sicherheitsupdate für Windows XP (KB912919)
"KB913446" = Sicherheitsupdate für Windows XP (KB913446)
"KB913580" = Sicherheitsupdate für Windows XP (KB913580)
"KB914388" = Sicherheitsupdate für Windows XP (KB914388)
"KB914389" = Sicherheitsupdate für Windows XP (KB914389)
"KB914440" = Hotfix für Windows XP (KB914440)
"KB915865" = Hotfix für Windows XP (KB915865)
"KB916281" = Sicherheitsupdate für Windows XP (KB916281)
"KB916595" = Update für Windows XP (KB916595)
"KB917159" = Sicherheitsupdate für Windows XP (KB917159)
"KB917344" = Sicherheitsupdate für Windows XP (KB917344)
"KB917422" = Sicherheitsupdate für Windows XP (KB917422)
"KB917953" = Sicherheitsupdate für Windows XP (KB917953)
"KB918118" = Sicherheitsupdate für Windows XP (KB918118)
"KB918439" = Sicherheitsupdate für Windows XP (KB918439)
"KB919007" = Sicherheitsupdate für Windows XP (KB919007)
"KB920213" = Sicherheitsupdate für Windows XP (KB920213)
"KB920214" = Sicherheitsupdate für Windows XP (KB920214)
"KB920670" = Sicherheitsupdate für Windows XP (KB920670)
"KB920683" = Sicherheitsupdate für Windows XP (KB920683)
"KB920685" = Sicherheitsupdate für Windows XP (KB920685)
"KB920872" = Update für Windows XP (KB920872)
"KB921398" = Sicherheitsupdate für Windows XP (KB921398)
"KB921503" = Sicherheitsupdate für Windows XP (KB921503)
"KB921883" = Sicherheitsupdate für Windows XP (KB921883)
"KB922582" = Update für Windows XP (KB922582)
"KB922616" = Sicherheitsupdate für Windows XP (KB922616)
"KB922819" = Sicherheitsupdate für Windows XP (KB922819)
"KB923191" = Sicherheitsupdate für Windows XP (KB923191)
"KB923414" = Sicherheitsupdate für Windows XP (KB923414)
"KB923694" = Sicherheitsupdate für Windows XP (KB923694)
"KB923723" = Sicherheitsupdate für Step by Step Interactive Training (KB923723)
"KB923980" = Sicherheitsupdate für Windows XP (KB923980)
"KB924191" = Sicherheitsupdate für Windows XP (KB924191)
"KB924270" = Sicherheitsupdate für Windows XP (KB924270)
"KB924496" = Sicherheitsupdate für Windows XP (KB924496)
"KB924667" = Sicherheitsupdate für Windows XP (KB924667)
"KB925398_WMP64" = Sicherheitsupdate für Windows Media Player 6.4 (KB925398)
"KB925902" = Sicherheitsupdate für Windows XP (KB925902)
"KB926239" = Hotfix for Windows XP (KB926239)
"KB926255" = Sicherheitsupdate für Windows XP (KB926255)
"KB926436" = Sicherheitsupdate für Windows XP (KB926436)
"KB927779" = Sicherheitsupdate für Windows XP (KB927779)
"KB927802" = Sicherheitsupdate für Windows XP (KB927802)
"KB927891" = Update für Windows XP (KB927891)
"KB928090-IE7" = Sicherheitsupdate für Windows Internet Explorer 7 (KB928090)
"KB928255" = Sicherheitsupdate für Windows XP (KB928255)
"KB928843" = Sicherheitsupdate für Windows XP (KB928843)
"KB929123" = Sicherheitsupdate für Windows XP (KB929123)
"KB929338" = Update für Windows XP (KB929338)
"KB929399" = Hotfix for Windows Media Format 11 SDK (KB929399)
"KB929969" = Sicherheitsupdate für Windows Internet Explorer 7 (KB929969)
"KB930178" = Sicherheitsupdate für Windows XP (KB930178)
"KB930916" = Update für Windows XP (KB930916)
"KB931261" = Sicherheitsupdate für Windows XP (KB931261)
"KB931768-IE7" = Sicherheitsupdate für Windows Internet Explorer 7 (KB931768)
"KB931784" = Sicherheitsupdate für Windows XP (KB931784)
"KB931836" = Update für Windows XP (KB931836)
"KB932168" = Sicherheitsupdate für Windows XP (KB932168)
"KB932823-v3" = Update für Windows XP (KB932823-v3)
"KB933360" = Update für Windows XP (KB933360)
"KB933566-IE7" = Sicherheitsupdate für Windows Internet Explorer 7 (KB933566)
"KB933729" = Sicherheitsupdate für Windows XP (KB933729)
"KB935448" = Hotfix für Windows XP (KB935448)
"KB935839" = Sicherheitsupdate für Windows XP (KB935839)
"KB935840" = Sicherheitsupdate für Windows XP (KB935840)
"KB936021" = Sicherheitsupdate für Windows XP (KB936021)
"KB936357" = Update für Windows XP (KB936357)
"KB936782_WMP11" = Sicherheitsupdate für Windows Media Player 11 (KB936782)
"KB937143-IE7" = Sicherheitsupdate für Windows Internet Explorer 7 (KB937143)
"KB938127-IE7" = Sicherheitsupdate für Windows Internet Explorer 7 (KB938127)
"KB938828" = Update für Windows XP (KB938828)
"KB938829" = Sicherheitsupdate für Windows XP (KB938829)
"KB939653-IE7" = Sicherheitsupdate für Windows Internet Explorer 7 (KB939653)
"KB939683" = Hotfix für Windows Media Player 11 (KB939683)
"KB941202" = Sicherheitsupdate für Windows XP (KB941202)
"KB941568" = Sicherheitsupdate für Windows XP (KB941568)
"KB941569" = Sicherheitsupdate für Windows XP (KB941569)
"KB941644" = Sicherheitsupdate für Windows XP (KB941644)
"KB941693" = Sicherheitsupdate für Windows XP (KB941693)
"KB942615-IE7" = Sicherheitsupdate für Windows Internet Explorer 7 (KB942615)
"KB942763" = Update für Windows XP (KB942763)
"KB943055" = Sicherheitsupdate für Windows XP (KB943055)
"KB943460" = Sicherheitsupdate für Windows XP (KB943460)
"KB943485" = Sicherheitsupdate für Windows XP (KB943485)
"KB944533-IE7" = Sicherheitsupdate für Windows Internet Explorer 7 (KB944533)
"KB944653" = Sicherheitsupdate für Windows XP (KB944653)
"KB945553" = Sicherheitsupdate für Windows XP (KB945553)
"KB946026" = Sicherheitsupdate für Windows XP (KB946026)
"KB947864-IE7" = Hotfix für Windows Internet Explorer 7 (KB947864)
"KB948590" = Sicherheitsupdate für Windows XP (KB948590)
"KB948881" = Sicherheitsupdate für Windows XP (KB948881)
"KB950749" = Sicherheitsupdate für Windows XP (KB950749)
"KB950759-IE7" = Sicherheitsupdate für Windows Internet Explorer 7 (KB950759)
"KB950760" = Sicherheitsupdate für Windows XP (KB950760)
"KB950762" = Sicherheitsupdate für Windows XP (KB950762)
"KB950974" = Sicherheitsupdate für Windows XP (KB950974)
"KB951066" = Sicherheitsupdate für Windows XP (KB951066)
"KB951072-v2" = Update für Windows XP (KB951072-v2)
"KB951376" = Sicherheitsupdate für Windows XP (KB951376)
"KB951376-v2" = Sicherheitsupdate für Windows XP (KB951376-v2)
"KB951698" = Sicherheitsupdate für Windows XP (KB951698)
"KB951748" = Sicherheitsupdate für Windows XP (KB951748)
"KB952287" = Hotfix für Windows XP (KB952287)
"KB952954" = Sicherheitsupdate für Windows XP (KB952954)
"KB953838-IE7" = Sicherheitsupdate für Windows Internet Explorer 7 (KB953838)
"KB953839" = Sicherheitsupdate für Windows XP (KB953839)
"Knytt_is1" = Knytt 1.0.1
"LastFM_is1" = Last.fm 1.5.1.30182
"M928366" = Microsoft .NET Framework 1.1 Hotfix (KB928366)
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Mozilla Firefox (3.0.1)" = Mozilla Firefox (3.0.1)
"Mozilla Thunderbird (2.0.0.16)" = Mozilla Thunderbird (2.0.0.16)
"MrRobot_is1" = MrRobot 1.0
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"MSConfig CleanUp_is1" = MSConfig CleanUp 1.2
"MultipleIEs_is1" = MultipleIEs
"MusicBrainz Picard" = MusicBrainz Picard 0.7.2
"MUSTEK 1200 CU PLUS v1.2" = MUSTEK 1200 CU PLUS v1.2
"New Star Soccer 3" = New Star Soccer 3
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"Notepad++" = Notepad++
"PC-Diagnose-Tool" = TOSHIBA PC-Diagnose-Tool
"Picasa2" = Picasa 2
"Power Saver" = TOSHIBA Power Saver
"Pure Sudoku_is1" = Pure Sudoku 1.11
"RealPlayer 6.0" = RealPlayer
"Revo Uninstaller" = Revo Uninstaller 1.71
"RocketDock_is1" = RocketDock 1.3.5
"RPG Maker 2000 1.05" = RPG Maker 2000 1.05
"RTP for RM2K (Png, Wav, Midi, Fonts)" = RTP for RM2K (Png, Wav, Midi, Fonts)
"SciTE Source Code Editor_is1" = SciTE 1.57
"SE|PY ActionScript Editor" = SE|PY ActionScript Editor 1.5.3.6
"ShockwaveFlash" = Adobe Flash Player 9 ActiveX
"Soulseek" = SoulSeek Client 156c
"SShockDeinstallKey" = System Shock2
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"SysJewel_is1" = SysJewel 1.1, Build 100
"TOSHIBA Software Modem" = TOSHIBA Software Modem
"tvbrowser" = TV-Browser 2.6
"VLC media player" = VideoLAN VLC media player 0.8.5
"WgaNotify" = Windows Genuine Advantage Notifications (KB905474)
"What's Running_is1" = What's Running 2.2
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"XnView_is1" = XnView 1.82.4
"xp-AntiSpy" = xp-AntiSpy 3.95-2
"xplorer2l" = xplorer² lite
========== HKEY_CURRENT_USER Uninstall List ==========
========== Last 10 Event Log Errors ==========
[ Antivirus Events ]
Error - 19.10.2007 21:06:08 - Computer Name = SONIASLAPTOP - User Name = User SID not found - Source = avast!
Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
http://ubuntu.interg...esktop-i386.iso failed,
00000084.
Error - 19.10.2007 21:57:49 - Computer Name = SONIASLAPTOP - User Name = User SID not found - Source = avast!
Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
http://debian.nctu.e...esktop-i386.iso failed,
00000084.
Error - 20.10.2007 18:45:16 - Computer Name = SONIASLAPTOP - User Name = User SID not found - Source = avast!
Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
http://files.aehunte...ernate-i386.iso failed, 00000084.
Error - 20.10.2007 18:50:15 - Computer Name = SONIASLAPTOP - User Name = User SID not found - Source = avast!
Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
http://core2.joejaxx...ernate-i386.iso failed, 00000084.
Error - 20.10.2007 21:43:58 - Computer Name = SONIASLAPTOP - User Name = User SID not found - Source = avast!
Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
http://cdimage.ubunt...ernate-i386.iso failed, 00000084.
Error - 20.10.2007 21:56:03 - Computer Name = SONIASLAPTOP - User Name = User SID not found - Source = avast!
Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
http://cdimage.ubunt...ernate-i386.iso failed, 00000084.
Error - 08.08.2008 18:12:29 - Computer Name = SONIASLAPTOP - User Name = User SID not found - Source = avast!
Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
http://www.cyrillus....20.swf?nologo=1 failed,
0000A413.
Error - 08.08.2008 18:12:29 - Computer Name = SONIASLAPTOP - User Name = User SID not found - Source = avast!