| |
| |||||||
Log-Analyse und Auswertung: Suchanfragen werden umgeleitetWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
02.07.2011, 17:34
| #1 |
| |  Suchanfragen werden umgeleitet Hallo Leute,ich habe seit einiger Zeit folgendes Problem:meine Suchanfragen werden umgeleitet über .Dann kommen Seiten wie redirect .us oder globefinder oder ask finder.ich benutze firefox 5 oder google chrome und auch internet explorer.die haben diese problem alle.es nervt ziemlich wenn ich erst beim dritten oder vierten versuch auf die gewünschte seite komme. ich habe jetzt mit otl gescantt und diese logfiles kamen dabei raus: OTL logfile created on: 02.07.2011 18:12:24 - Run 1 OTL by OldTimer - Version 3.2.25.0 Folder = C:\Dokumente und Einstellungen\edp\Desktop Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 447,36 Mb Total Physical Memory | 130,39 Mb Available Physical Memory | 29,15% Memory free 1,03 Gb Paging File | 0,57 Gb Available in Paging File | 55,36% Paging File free Paging file location(s): C:\pagefile.sys 672 1344 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme Drive C: | 120,01 Gb Total Space | 90,36 Gb Free Space | 75,29% Space Free | Partition Type: NTFS Drive D: | 29,04 Gb Total Space | 22,92 Gb Free Space | 78,92% Space Free | Partition Type: NTFS Computer Name: EDP-Y9MB58APY2E | User Name: edp | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - C:\Dokumente und Einstellungen\edp\Desktop\OTL.exe (OldTimer Tools) PRC - C:\Programme\Avira\AntiVir Desktop\avnotify.exe (Avira GmbH) PRC - C:\Programme\Avira\AntiVir Desktop\avguard.exe (Avira GmbH) PRC - C:\Programme\Avira\AntiVir Desktop\avshadow.exe (Avira GmbH) PRC - C:\Programme\Avira\AntiVir Desktop\sched.exe (Avira GmbH) PRC - C:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH) PRC - C:\Programme\DivX\DivX Update\DivXUpdate.exe () PRC - C:\Programme\Gemeinsame Dateien\LightScribe\LSSrvc.exe (Hewlett-Packard Company) PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation) PRC - C:\WINDOWS\system32\slserv.exe ( ) ========== Modules (SafeList) ========== MOD - C:\Dokumente und Einstellungen\edp\Desktop\OTL.exe (OldTimer Tools) MOD - C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll (Microsoft Corporation) MOD - C:\WINDOWS\system32\framedyn.dll (Microsoft Corporation) ========== Win32 Services (SafeList) ========== SRV - (UPnPService) -- File not found SRV - (NMIndexingService) -- File not found SRV - (kplduo7y77oz5nzpagscrcbkblb) -- File not found SRV - (JavaQuickStarterService) -- File not found SRV - (avg8wd) -- File not found SRV - (avg8emc) -- File not found SRV - (AppMgmt) -- File not found SRV - (AntiVirScheduler) -- File not found SRV - (AntiVirService) -- C:\Programme\Avira\AntiVir Desktop\avguard.exe (Avira GmbH) SRV - (AntiVirSchedulerService) -- C:\Programme\Avira\AntiVir Desktop\sched.exe (Avira GmbH) SRV - (ose) -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE (Microsoft Corporation) SRV - (LightScribeService) -- C:\Programme\Gemeinsame Dateien\LightScribe\LSSrvc.exe (Hewlett-Packard Company) SRV - (lxcy_device) -- C:\WINDOWS\System32\lxcycoms.exe ( ) SRV - (SLService) -- C:\WINDOWS\System32\slserv.exe ( ) ========== Driver Services (SafeList) ========== DRV - (avipbb) -- C:\WINDOWS\system32\drivers\avipbb.sys (Avira GmbH) DRV - (avgntflt) -- C:\WINDOWS\system32\drivers\avgntflt.sys (Avira GmbH) DRV - (sptd) -- C:\WINDOWS\System32\Drivers\sptd.sys () DRV - (FsUsbExDisk) -- C:\WINDOWS\system32\FsUsbExDisk.Sys () DRV - (ssmdrv) -- C:\WINDOWS\system32\drivers\ssmdrv.sys (Avira GmbH) DRV - (avgio) -- C:\Programme\Avira\AntiVir Desktop\avgio.sys (Avira GmbH) DRV - (AvgTdiX) -- C:\WINDOWS\System32\Drivers\avgtdix.sys (AVG Technologies CZ, s.r.o.) DRV - (AvgLdx86) -- C:\WINDOWS\System32\Drivers\avgldx86.sys (AVG Technologies CZ, s.r.o.) DRV - (AvgMfx86) -- C:\WINDOWS\System32\Drivers\avgmfx86.sys (AVG Technologies CZ, s.r.o.) DRV - (gmer) -- C:\WINDOWS\system32\drivers\gmer.sys (GMER) DRV - (LMouKE) -- C:\WINDOWS\system32\drivers\LMouKE.Sys (Logitech, Inc.) DRV - (L8042mou) -- C:\WINDOWS\system32\drivers\L8042mou.Sys (Logitech, Inc.) DRV - (L8042Kbd) -- C:\WINDOWS\system32\drivers\L8042Kbd.sys (Logitech, Inc.) DRV - (rt2870) -- C:\WINDOWS\system32\drivers\rt2870.sys (Ralink Technology, Corp.) DRV - (se27unic) Sony Ericsson Device 039 USB Ethernet Emulation SEMC39 (WDM) -- C:\WINDOWS\system32\drivers\se27unic.sys (MCCI) DRV - (SE27obex) -- C:\WINDOWS\system32\drivers\SE27obex.sys (MCCI) DRV - (SE27mgmt) Sony Ericsson Device 039 USB WMC Device Management Drivers (WDM) -- C:\WINDOWS\system32\drivers\SE27mgmt.sys (MCCI) DRV - (SE27mdm) -- C:\WINDOWS\system32\drivers\SE27mdm.sys (MCCI) DRV - (SE27mdfl) -- C:\WINDOWS\system32\drivers\SE27mdfl.sys (MCCI) DRV - (SE27bus) Sony Ericsson Device 039 Driver driver (WDM) -- C:\WINDOWS\system32\drivers\SE27bus.sys (MCCI) DRV - (RecAgent) -- C:\WINDOWS\system32\drivers\recagent.sys (Smart Link) DRV - (Slntamr) -- C:\WINDOWS\system32\drivers\slntamr.sys ( ) DRV - (nvnforce) Service for NVIDIA(R) nForce(TM) -- C:\WINDOWS\system32\drivers\nvapu.sys (NVIDIA Corporation) DRV - (nvax) Service for NVIDIA(R) nForce(TM) -- C:\WINDOWS\system32\drivers\nvax.sys (NVIDIA Corporation) DRV - (Mtlmnt5) -- C:\WINDOWS\system32\drivers\mtlmnt5.sys ( ) DRV - (Mtlstrm) -- C:\WINDOWS\system32\drivers\mtlstrm.sys ( ) DRV - (SlNtHal) -- C:\WINDOWS\system32\drivers\slnthal.sys ( ) DRV - (SlWdmSup) -- C:\WINDOWS\system32\drivers\slwdmsup.sys (Vireo Software) DRV - (NtMtlFax) -- C:\WINDOWS\system32\drivers\ntmtlfax.sys ( ) DRV - (NVENET) -- C:\WINDOWS\system32\drivers\NVENET.sys (NVIDIA Corporation) DRV - (nv_agp) -- C:\WINDOWS\System32\DRIVERS\nv_agp.sys (NVIDIA Corporation) DRV - (ASPI32) -- C:\WINDOWS\System32\drivers\ASPI32.SYS (Adaptec) DRV - (ASPI) -- C:\WINDOWS\system32\drivers\ASPI32.SYS (Adaptec) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = hxxp://vshare.toolbarhome.com/?hp=df IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = hxxp://dnl.crawler.com/support/sa_customize.aspx?TbId=60076 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = 127.0.0.1:8118 IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "AutoConfigURL" = file://C:\Dokumente und Einstellungen\edp\Eigene Dateien\ws.js IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = 127.0.0.1:8118 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "AutoConfigURL" = file://C:\Dokumente und Einstellungen\edp\Eigene Dateien\ws.js IE - HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-1275210071-412668190-725345543-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://go.gmx.net/home IE - HKU\S-1-5-21-1275210071-412668190-725345543-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://go.gmx.net/tab2 [binary data] IE - HKU\S-1-5-21-1275210071-412668190-725345543-1004\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1 IE - HKU\S-1-5-21-1275210071-412668190-725345543-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://vshare.toolbarhome.com/?hp=df IE - HKU\S-1-5-21-1275210071-412668190-725345543-1004\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = IE - HKU\S-1-5-21-1275210071-412668190-725345543-1004\..\URLSearchHook: *{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - Reg Error: Key error. File not found IE - HKU\S-1-5-21-1275210071-412668190-725345543-1004\..\URLSearchHook: *{E312764E-7706-43F1-8DAB-FCDD2B1E416D} - Reg Error: Key error. File not found IE - HKU\S-1-5-21-1275210071-412668190-725345543-1004\..\URLSearchHook: {00000000-6E41-4FD3-8538-502F5495E5FC} - Reg Error: Key error. File not found IE - HKU\S-1-5-21-1275210071-412668190-725345543-1004\..\URLSearchHook: {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Programme\DVDVideoSoftTB\prxtbDVDV.dll (Conduit Ltd.) IE - HKU\S-1-5-21-1275210071-412668190-725345543-1004\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - Reg Error: Key error. File not found IE - HKU\S-1-5-21-1275210071-412668190-725345543-1004\..\URLSearchHook: {cc05a3e3-64c3-4af2-bfc1-af0d66b69065} - Reg Error: Key error. File not found IE - HKU\S-1-5-21-1275210071-412668190-725345543-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-1275210071-412668190-725345543-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local> IE - HKU\S-1-5-21-1275210071-412668190-725345543-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "AutoConfigURL" = file://C:\Dokumente und Einstellungen\edp\Eigene Dateien\ws.js ========== FireFox ========== FF - prefs.js..browser.startup.homepage: "hxxp://de.yahoo.com/?p=us" FF - HKLM\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: D:\Programme\browserrecord [2008.05.11 12:32:43 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Programme\HP\Digital Imaging\Smart Web Printing\MozillaAddOn2 [2009.09.08 14:03:02 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 5.0\extensions\\Components: C:\Programme\Mozilla Firefox\components [2011.06.19 21:35:27 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Thunderbird 2.0.0.24\extensions\\Components: C:\Programme\Mozilla Thunderbird\components [2011.06.26 11:50:26 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Thunderbird 2.0.0.24\extensions\\Plugins: C:\Programme\Mozilla Thunderbird\plugins [2011.06.01 09:59:25 | 000,000,000 | ---D | M] [2011.05.06 21:49:09 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\edp\Anwendungsdaten\Mozilla\Extensions [2010.09.09 21:32:49 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\edp\Anwendungsdaten\Mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6} [2008.11.19 20:22:54 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\edp\Anwendungsdaten\Mozilla\Extensions\{6334D996-EA3E-4a0e-AA8D-15BA56B37241} [2010.10.17 13:52:39 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\edp\Anwendungsdaten\Mozilla\Extensions\mozswing@mozswing.org [2011.06.20 13:37:14 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\edp\Anwendungsdaten\Mozilla\Firefox\Profiles\bd01p0kn.default\extensions [2011.06.22 14:12:21 | 000,000,000 | ---D | M] (WiseCleaner Toolbar) -- C:\Dokumente und Einstellungen\edp\Anwendungsdaten\Mozilla\Firefox\Profiles\bd01p0kn.default\extensions\toolbar@ask.com [2011.06.20 13:37:14 | 000,000,000 | ---D | M] (Gutscheinrausch.de) -- C:\Dokumente und Einstellungen\edp\Anwendungsdaten\Mozilla\Firefox\Profiles\bd01p0kn.default\extensions\wv1muc0c.mdc [2011.06.19 21:35:26 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions File not found (No name found) -- [2010.09.25 23:30:37 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V3.5\WINDOWS PRESENTATION FOUNDATION\DOTNETASSISTANTEXTENSION [2011.06.16 06:32:37 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Programme\mozilla firefox\components\browsercomps.dll [2010.01.01 10:00:00 | 000,001,392 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\amazondotcom-de.xml [2010.01.01 10:00:00 | 000,002,252 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\bing.xml [2010.01.01 10:00:00 | 000,001,153 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\eBay-de.xml [2010.01.01 10:00:00 | 000,006,805 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\leo_ende_de.xml [2010.01.01 10:00:00 | 000,001,178 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\wikipedia-de.xml [2010.01.01 10:00:00 | 000,001,105 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\yahoo-de.xml O1 HOSTS File: ([2002.08.29 14:00:00 | 000,000,795 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found. O2 - BHO: (Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated) O2 - BHO: (no name) - {0974BA1E-64EC-11DE-B2A5-E43756D89593} - No CLSID value found. O2 - BHO: (no name) - {201f27d4-3704-41d6-89c1-aa35e39143ed} - No CLSID value found. O2 - BHO: (no name) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - No CLSID value found. O2 - BHO: (no name) - {74322BF9-DF26-493f-B0DA-6D2FC5E6429E} - No CLSID value found. O2 - BHO: (DVDVideoSoftTB Toolbar) - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Programme\DVDVideoSoftTB\prxtbDVDV.dll (Conduit Ltd.) O2 - BHO: (no name) - {A3BC75A2-1F87-4686-AA43-5347D756017C} - No CLSID value found. O2 - BHO: (no name) - {ABB49B3B-AB7D-4ED0-9135-93FD5AA4F69F} - No CLSID value found. O2 - BHO: (no name) - {cc05a3e3-64c3-4af2-bfc1-af0d66b69065} - No CLSID value found. O2 - BHO: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found. O2 - BHO: (no name) - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - No CLSID value found. O3 - HKLM\..\Toolbar: (no name) - {0974BA1E-64EC-11DE-B2A5-E43756D89593} - No CLSID value found. O3 - HKLM\..\Toolbar: (no name) - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - No CLSID value found. O3 - HKLM\..\Toolbar: (DVDVideoSoftTB Toolbar) - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Programme\DVDVideoSoftTB\prxtbDVDV.dll (Conduit Ltd.) O3 - HKLM\..\Toolbar: (no name) - {ABB49B3B-AB7D-4ED0-9135-93FD5AA4F69F} - No CLSID value found. O3 - HKLM\..\Toolbar: (no name) - {cc05a3e3-64c3-4af2-bfc1-af0d66b69065} - No CLSID value found. O3 - HKLM\..\Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found. O3 - HKLM\..\Toolbar: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found. O3 - HKLM\..\Toolbar: (no name) - {DFEFCDEE-CF1A-4FC8-88AD-48514E463B27} - No CLSID value found. O3 - HKU\S-1-5-21-1275210071-412668190-725345543-1004\..\Toolbar\WebBrowser: (no name) - {3041D03E-FD4B-44E0-B742-2D9B88305F98} - No CLSID value found. O3 - HKU\S-1-5-21-1275210071-412668190-725345543-1004\..\Toolbar\WebBrowser: (no name) - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - No CLSID value found. O3 - HKU\S-1-5-21-1275210071-412668190-725345543-1004\..\Toolbar\WebBrowser: (DVDVideoSoftTB Toolbar) - {872B5B88-9DB5-4310-BDD0-AC189557E5F5} - C:\Programme\DVDVideoSoftTB\prxtbDVDV.dll (Conduit Ltd.) O4 - HKLM..\Run: [avgnt] C:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH) O4 - HKLM..\Run: [DivXUpdate] C:\Programme\DivX\DivX Update\DivXUpdate.exe () O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation) O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe () O4 - HKU\.DEFAULT..\Run: [DWQueuedReporting] C:\Programme\Gemeinsame Dateien\Microsoft Shared\DW\DWTRIG20.EXE (Microsoft Corporation) O4 - HKU\S-1-5-18..\Run: [DWQueuedReporting] C:\Programme\Gemeinsame Dateien\Microsoft Shared\DW\DWTRIG20.EXE (Microsoft Corporation) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 1 O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Recovery present O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Recovery present O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Recovery present O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Recovery present O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-21-1275210071-412668190-725345543-1004\Software\Policies\Microsoft\Internet Explorer\Recovery present O7 - HKU\S-1-5-21-1275210071-412668190-725345543-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O8 - Extra context menu item: Free YouTube Download - C:\Dokumente und Einstellungen\edp\Anwendungsdaten\DVDVideoSoftIEHelpers\freeyoutubedownload.htm () O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Dokumente und Einstellungen\edp\Anwendungsdaten\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm () O15 - HKU\S-1-5-21-1275210071-412668190-725345543-1004\..Trusted Domains: internet ([]about in Internet) O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control) O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} hxxp://www.laplink.com/scan8/oscan8.cab (BDSCANONLINE Control) O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} hxxp://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1209068715890 (WUWebControl Class) O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} hxxp://download.divx.com/player/DivXBrowserPlugin.cab (Reg Error: Key error.) O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} hxxp://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1209068703984 (MUWebControl Class) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22) O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} hxxp://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab (Reg Error: Key error.) O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Reg Error: Key error.) O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Reg Error: Key error.) O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.) O16 - DPF: DirectAnimation Java Classes file://C:\WINDOWS\Java\classes\dajava.cab (Reg Error: Key error.) O16 - DPF: Microsoft XML Parser for Java file://C:\WINDOWS\Java\classes\xmldso.cab (Reg Error: Key error.) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1 O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - Reg Error: Key error. File not found O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O20 - Winlogon\Notify\avgrsstarter: DllName - avgrsstx.dll - C:\WINDOWS\System32\avgrsstx.dll (AVG Technologies CZ, s.r.o.) O24 - Desktop Components:0 (Die derzeitige Homepage) - About:Home O24 - Desktop WallPaper: C:\Dokumente und Einstellungen\edp\Lokale Einstellungen\Anwendungsdaten\Microsoft\Wallpaper1.bmp O24 - Desktop BackupWallPaper: C:\Dokumente und Einstellungen\edp\Lokale Einstellungen\Anwendungsdaten\Microsoft\Wallpaper1.bmp O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2008.04.06 15:06:21 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O34 - HKLM BootExecute: (autocheck autochk /p \??\C  - File not foundO34 - HKLM BootExecute: (autocheck autochk *) - File not found O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKU\S-1-5-21-1275210071-412668190-725345543-1004\...exe [@ = exefile] -- Reg Error: Key error. File not found NetSvcs: 6to4 - File not found NetSvcs: AppMgmt - File not found NetSvcs: Ias - File not found NetSvcs: Iprip - File not found NetSvcs: Irmon - File not found NetSvcs: NWCWorkstation - File not found NetSvcs: Nwsapagent - File not found NetSvcs: WmdmPmSp - File not found MsConfig - State: "system.ini" - 0 MsConfig - State: "win.ini" - 0 MsConfig - State: "bootini" - 0 MsConfig - State: "services" - 0 MsConfig - State: "startup" - 0 SafeBootMin: AppMgmt - File not found SafeBootMin: Base - Driver Group SafeBootMin: Boot Bus Extender - Driver Group SafeBootMin: Boot file system - Driver Group SafeBootMin: File system - Driver Group SafeBootMin: Filter - Driver Group SafeBootMin: PCI Configuration - Driver Group SafeBootMin: PNP Filter - Driver Group SafeBootMin: Primary disk - Driver Group SafeBootMin: SCSI Class - Driver Group SafeBootMin: sermouse.sys - Driver SafeBootMin: System Bus Extender - Driver Group SafeBootMin: vds - Service SafeBootMin: vga.sys - Driver SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootNet: AppMgmt - File not found SafeBootNet: Base - Driver Group SafeBootNet: Boot Bus Extender - Driver Group SafeBootNet: Boot file system - Driver Group SafeBootNet: File system - Driver Group SafeBootNet: Filter - Driver Group SafeBootNet: NDIS Wrapper - Driver Group SafeBootNet: NetBIOSGroup - Driver Group SafeBootNet: NetDDEGroup - Driver Group SafeBootNet: Network - Driver Group SafeBootNet: NetworkProvider - Driver Group SafeBootNet: nm - File not found SafeBootNet: nm.sys - File not found SafeBootNet: PCI Configuration - Driver Group SafeBootNet: PNP Filter - Driver Group SafeBootNet: PNP_TDI - Driver Group SafeBootNet: Primary disk - Driver Group SafeBootNet: SCSI Class - Driver Group SafeBootNet: sermouse.sys - Driver SafeBootNet: Streams Drivers - Driver Group SafeBootNet: System Bus Extender - Driver Group SafeBootNet: TDI - Driver Group SafeBootNet: UploadMgr - Service SafeBootNet: vga.sys - Driver SafeBootNet: vsmon - Service SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Microsoft VM ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608555} - Internet Explorer Classes for Java ActiveX: {09D80335-9BBF-48EB-9576-8B6928C251A2} - GMX Update ActiveX: {10072CEC-8CC1-11D1-986E-00A0C955B42F} - Vektorgrafik-Rendering (VML) ActiveX: {10880D85-AAD9-4558-ABDC-2AB1552D831F} - "C:\Programme\Gemeinsame Dateien\LightScribe\LSRunOnce.exe" ActiveX: {166B1BCA-3F9C-11CF-8075-444553540000} - Macromedia Shockwave Director 10.0 ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - Microsoft NetShow Player ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 6.4 ActiveX: {283807B5-2C60-11D0-A31D-00AA00B92C03} - DirectAnimation ActiveX: {2A3320D6-C805-4280-B423-B665BDE33D8F} - Microsoft .NET Framework 1.1 Security Update (KB979906) ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll ActiveX: {36f8ec70-c29a-11d1-b5c7-0000f8051515} - Dynamic HTML-Datenbindung für Java ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack ActiveX: {3bf42070-b3b1-11d1-b5c5-0000f8051515} - Uniscribe ActiveX: {3C3901C5-3455-3E0A-A214-0B093A5070A6} - .NET Framework ActiveX: {411EDCF7-755D-414E-A74B-3DCD6583F589} - Microsoft .NET Framework 1.1 Service Pack 1 (KB867460) ActiveX: {412EF925-3539-44AE-B9EC-F79D4E8DBE54} - GMX Browser Add-on ActiveX: {4278c270-a269-11d1-b5bf-0000f8051515} - Erweitertes Authoring ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install ActiveX: {44BBA842-CC51-11CF-AAFA-00AA00B6015B} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - DirectShow ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help ActiveX: {4AADD1F0-17A8-4349-943F-9C7B5E3F9CB4} - Yahoo! Toolbar ActiveX: {4f216970-c90c-11d1-b5c7-0000f8051515} - DirectAnimation Java Classes ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.8 ActiveX: {4FB202B3-4735-4C4D-957E-0C8CA2FE17EB} - Yahoo! Search Setting Update ActiveX: {5056b317-8d4c-43ee-8543-b9d1e234b8f4} - Sicherheitsupdate für Windows XP (KB923789) ActiveX: {5945c046-1e7d-11d1-bc44-00c04fd912be} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser ActiveX: {5A8D6EE0-3E18-11D0-821E-444553540000} - ICW ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access ActiveX: {7131646D-CD3C-40F4-97B9-CD9E4E6262EF} - .NET Framework ActiveX: {73FA19D0-2D75-11D2-995D-00C04F98BBC9} - Web Folders ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install ActiveX: {8937FCB2-2FC6-4FC3-9FB5-DE2C92DB9C38} - .NET Framework ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\WINDOWS\system32\ie4uinit.exe -BaseSettings ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\WINDOWS\system32\Rundll32.exe C:\WINDOWS\system32\mscories.dll,Install ActiveX: {9309DD7E-EBFE-3C95-8B47-30D3A012F606} - .NET Framework ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding ActiveX: {A509B1FF-37FF-4bFF-8CFF-4F3A747040FF} - C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\advpack.dll,LaunchINFSectionEx C:\Programme\Internet Explorer\clrtour.inf,DefaultInstall.ResetTour,,12 ActiveX: {B508B3F1-A24A-32C0-B310-85786919EF28} - .NET Framework ActiveX: {C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F} - .NET Framework ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts ActiveX: {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} - .NET Framework ActiveX: {CC2A9BA0-3BDD-11D0-821E-444553540000} - Taskplaner ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1 ActiveX: {D15293F9-CD53-4FA4-9E48-E161B336F03D} - NoIE8Tour ActiveX: {D27CDB6E-AE6D-11cf-96B8-444553540000} - Adobe Flash Player ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help ActiveX: {E78BFA60-5393-4C38-82AB-E8019E464EB4} - .NET Framework ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface ActiveX: {EF289A85-8E57-408d-BE47-73B55609861A} - RootsUpdate ActiveX: <{12d0ed0d-0ee0-4f90-8827-78cefb8f4988} - C:\WINDOWS\system32\ieudinit.exe ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\WINDOWS\inf\unregmp2.exe /ShowWMP ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - %systemroot%\system32\shmgrate.exe OCInstallUserConfigIE ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\iedkcs32.dll",BrandIEActiveSetup SIGNUP ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP ActiveX: >{881dd1c5-3dcf-431b-b061-f3f88e8be88a} - %systemroot%\system32\shmgrate.exe OCInstallUserConfigOE ActiveX: Microsoft Base Smart Card Crypto Provider Package - Drivers32: msacm.ac3acm - C:\WINDOWS\System32\ac3acm.acm (fccHandler) Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS) Drivers32: msacm.lameacm - C:\WINDOWS\System32\lameACM.acm (hxxp://www.mp3dev.org/) Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.) Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.) Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.) Drivers32: vidc.DIVX - C:\WINDOWS\System32\DivX.dll (DivX, Inc.) Drivers32: VIDC.FFDS - C:\WINDOWS\System32\ff_vfw.dll () Drivers32: vidc.I420 - C:\WINDOWS\System32\i420vfw.dll (www.helixcommunity.org) Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll () Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll () Drivers32: vidc.VP60 - vp6vfw.dll File not found Drivers32: vidc.VP61 - vp6vfw.dll File not found Drivers32: vidc.VP62 - vp6vfw.dll File not found Drivers32: VIDC.WMV3 - C:\WINDOWS\System32\wmv9vcm.dll (Microsoft Corporation) Drivers32: VIDC.XVID - xvidvfw.dll File not found Drivers32: vidc.yv12 - C:\WINDOWS\System32\DivX.dll (DivX, Inc.) CREATERESTOREPOINT Restore point Set: OTL Restore Point ========== Files/Folders - Created Within 30 Days ========== [2011.07.02 18:06:55 | 000,580,096 | ---- | C] (OldTimer Tools) -- C:\Dokumente und Einstellungen\edp\Desktop\OTL.exe [2011.07.01 16:34:30 | 000,000,000 | RH-D | C] -- C:\Dokumente und Einstellungen\edp\Recent [2011.07.01 09:12:34 | 000,000,000 | ---D | C] -- C:\WINDOWS\ie8updates [2011.07.01 08:59:07 | 000,105,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mup.sys [2011.06.26 21:36:09 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\edp\Eigene Dateien\Downloads [2011.06.23 15:47:53 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\DivX Plus [2011.06.23 15:47:52 | 000,000,000 | ---D | C] -- C:\Programme\DivX [2011.06.23 15:47:39 | 000,000,000 | ---D | C] -- C:\Programme\Gemeinsame Dateien\DivX Shared [2011.06.23 15:45:54 | 000,917,856 | ---- | C] (DivX, LLC) -- C:\Dokumente und Einstellungen\edp\Desktop\DivXVODPlayer.exe [2011.06.22 21:14:26 | 000,544,768 | ---- | C] (Stardock Corporation) -- C:\WINDOWS\System32\wbocx.ocx [2011.06.22 21:14:26 | 000,056,496 | ---- | C] (Stardock.Net, Inc) -- C:\WINDOWS\System32\wbhelp2.dll [2011.06.22 21:14:26 | 000,033,968 | ---- | C] (Neil Banfield) -- C:\WINDOWS\System32\anim.dll [2011.06.22 21:14:25 | 000,004,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\W95INF32.DLL [2011.06.22 21:14:25 | 000,002,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\W95INF16.DLL [2011.06.22 21:14:24 | 000,000,000 | ---D | C] -- C:\Programme\WinUtilities [2011.06.20 13:37:28 | 000,000,000 | ---D | C] -- C:\Programme\DVD Shrink DE [2011.06.20 13:35:21 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\edp\Eigene Dateien\NeroVision [2011.06.19 21:46:55 | 000,000,000 | ---D | C] -- C:\Programme\SmartPCTools [2011.06.19 21:42:18 | 000,000,000 | ---D | C] -- C:\Programme\Wise Disk Cleaner [2011.06.19 21:41:17 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\edp\Lokale Einstellungen\Anwendungsdaten\AskToolbar [2011.06.19 21:34:11 | 000,000,000 | ---D | C] -- C:\Programme\Wise Registry Cleaner [2011.06.17 21:29:40 | 000,404,640 | ---- | C] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl [2011.06.16 20:46:42 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Avira [2011.06.16 20:46:13 | 000,028,520 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\ssmdrv.sys [2011.06.16 20:46:10 | 000,138,192 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avipbb.sys [2011.06.16 20:46:10 | 000,066,616 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avgntflt.sys [2011.06.16 20:46:10 | 000,045,416 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avgntdd.sys [2011.06.16 20:46:10 | 000,022,360 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avgntmgr.sys [2011.06.12 17:41:03 | 000,000,000 | ---D | C] -- C:\Programme\Avira [2011.06.06 20:21:10 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\edp\Eigene Dateien\JULI 2011 [2008.09.20 18:41:25 | 000,047,360 | ---- | C] (VSO Software) -- C:\Dokumente und Einstellungen\edp\Anwendungsdaten\pcouffin.sys [2008.04.06 17:23:19 | 000,409,600 | ---- | C] ( ) -- C:\WINDOWS\System32\lxcyinpa.dll [2008.04.06 17:23:19 | 000,393,216 | ---- | C] ( ) -- C:\WINDOWS\System32\lxcyiesc.dll [2008.04.06 17:21:37 | 001,183,744 | ---- | C] ( ) -- C:\WINDOWS\System32\lxcyserv.dll [2008.04.06 17:21:37 | 000,995,328 | ---- | C] ( ) -- C:\WINDOWS\System32\lxcyusb1.dll [2008.04.06 17:21:37 | 000,536,576 | ---- | C] ( ) -- C:\WINDOWS\System32\lxcylmpm.dll [2008.04.06 17:21:37 | 000,380,928 | ---- | C] ( ) -- C:\WINDOWS\System32\lxcyih.exe [2008.04.06 17:21:37 | 000,163,840 | ---- | C] ( ) -- C:\WINDOWS\System32\lxcyprox.dll [2008.04.06 17:21:37 | 000,114,688 | ---- | C] ( ) -- C:\WINDOWS\System32\lxcypplc.dll [2008.04.06 17:21:36 | 000,696,320 | ---- | C] ( ) -- C:\WINDOWS\System32\lxcyhbn3.dll [2008.04.06 17:21:36 | 000,610,304 | ---- | C] ( ) -- C:\WINDOWS\System32\lxcycomc.dll [2008.04.06 17:21:36 | 000,495,616 | ---- | C] ( ) -- C:\WINDOWS\System32\lxcycoms.exe [2008.04.06 17:21:36 | 000,421,888 | ---- | C] ( ) -- C:\WINDOWS\System32\lxcycomm.dll [2008.04.06 17:21:36 | 000,385,024 | ---- | C] ( ) -- C:\WINDOWS\System32\lxcycfg.exe [2008.04.06 15:17:03 | 000,014,976 | ---- | C] ( ) -- C:\WINDOWS\System32\drivers\winddx.sys [2003.08.20 17:34:50 | 000,548,952 | ---- | C] ( ) -- C:\WINDOWS\System32\drivers\slntamr.sys [2003.07.16 12:30:26 | 000,221,736 | ---- | C] ( ) -- C:\WINDOWS\System32\drivers\mtlmnt5.sys [2003.07.02 17:40:08 | 000,045,056 | ---- | C] ( ) -- C:\WINDOWS\System32\slserv.exe [2003.07.02 16:26:36 | 001,301,128 | ---- | C] ( ) -- C:\WINDOWS\System32\drivers\mtlstrm.sys [2003.07.02 16:24:36 | 000,086,128 | ---- | C] ( ) -- C:\WINDOWS\System32\drivers\slnthal.sys [2003.07.02 15:57:10 | 000,167,384 | ---- | C] ( ) -- C:\WINDOWS\System32\drivers\ntmtlfax.sys [3 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] [2 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2011.07.02 18:06:56 | 000,580,096 | ---- | M] (OldTimer Tools) -- C:\Dokumente und Einstellungen\edp\Desktop\OTL.exe [2011.07.02 17:48:57 | 000,138,192 | ---- | M] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avipbb.sys [2011.07.02 17:48:57 | 000,066,616 | ---- | M] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avgntflt.sys [2011.07.02 17:46:27 | 000,088,566 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml [2011.07.02 17:43:08 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2011.07.02 17:43:00 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2011.07.01 16:34:03 | 000,000,046 | ---- | M] () -- C:\WINDOWS\System32\_WKERNEL.FRE [2011.07.01 16:02:45 | 000,303,624 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2011.07.01 12:18:55 | 000,001,355 | ---- | M] () -- C:\WINDOWS\imsins.BAK [2011.07.01 12:03:43 | 000,532,062 | ---- | M] () -- C:\WINDOWS\System32\perfh007.dat [2011.07.01 12:03:43 | 000,506,148 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat [2011.07.01 12:03:43 | 000,107,262 | ---- | M] () -- C:\WINDOWS\System32\perfc007.dat [2011.07.01 12:03:43 | 000,089,118 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat [2011.06.29 18:30:42 | 000,002,495 | ---- | M] () -- C:\Dokumente und Einstellungen\edp\Desktop\Microsoft Word.lnk [2011.06.23 18:28:48 | 001,011,378 | ---- | M] () -- C:\Dokumente und Einstellungen\edp\Desktop\Samsung Home.divx [2011.06.23 16:13:07 | 000,001,484 | ---- | M] () -- C:\Dokumente und Einstellungen\edp\Desktop\DivX Movies.lnk [2011.06.23 15:48:27 | 000,000,763 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\DivX Plus Player.lnk [2011.06.23 15:45:59 | 000,917,856 | ---- | M] (DivX, LLC) -- C:\Dokumente und Einstellungen\edp\Desktop\DivXVODPlayer.exe [2011.06.22 21:14:36 | 000,000,629 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\WinUtilities.lnk [2011.06.21 21:22:54 | 000,443,900 | ---- | M] () -- C:\Dokumente und Einstellungen\edp\Eigene Dateien\AUDI A 6 Min Schmid.pdf [2011.06.20 22:29:42 | 000,488,213 | ---- | M] () -- C:\Dokumente und Einstellungen\edp\Eigene Dateien\AUDI A 8 Min Schmid II.pdf [2011.06.20 13:18:21 | 000,505,893 | ---- | M] () -- C:\Dokumente und Einstellungen\edp\Eigene Dateien\AUDI A 8 Min Schmid.pdf [2011.06.19 21:42:22 | 000,001,648 | ---- | M] () -- C:\Dokumente und Einstellungen\edp\Desktop\Wise Disk Cleaner Free.lnk [2011.06.19 21:42:22 | 000,001,634 | ---- | M] () -- C:\Dokumente und Einstellungen\edp\Desktop\Clean disk with 1 click.lnk [2011.06.19 21:35:51 | 000,000,702 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Mozilla Firefox.lnk [2011.06.19 21:34:19 | 000,001,684 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Clear with 1 click.lnk [2011.06.19 21:34:18 | 000,000,806 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Wise Registry Cleaner.lnk [2011.06.17 21:29:40 | 000,404,640 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl [2011.06.16 20:46:42 | 000,001,677 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Avira AntiVir Control Center.lnk [2011.06.12 17:29:08 | 000,002,953 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT [2011.06.05 14:01:20 | 000,000,723 | ---- | M] () -- C:\Dokumente und Einstellungen\edp\Desktop\Verknüpfung mit iexplore.lnk [2011.06.04 18:55:42 | 000,106,496 | ---- | M] () -- C:\Dokumente und Einstellungen\edp\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [3 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] [2 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] ========== Files Created - No Company Name ========== [2011.07.01 08:57:50 | 000,001,355 | ---- | C] () -- C:\WINDOWS\imsins.BAK [2011.06.23 18:28:31 | 001,011,378 | ---- | C] () -- C:\Dokumente und Einstellungen\edp\Desktop\Samsung Home.divx [2011.06.23 15:48:57 | 000,001,484 | ---- | C] () -- C:\Dokumente und Einstellungen\edp\Desktop\DivX Movies.lnk [2011.06.23 15:48:27 | 000,000,763 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\DivX Plus Player.lnk [2011.06.22 21:14:46 | 000,000,046 | ---- | C] () -- C:\WINDOWS\System32\_WKERNEL.FRE [2011.06.22 21:14:35 | 000,000,629 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\WinUtilities.lnk [2011.06.22 21:14:25 | 000,000,439 | ---- | C] () -- C:\WINDOWS\System32\shfolder.inf [2011.06.21 21:22:54 | 000,443,900 | ---- | C] () -- C:\Dokumente und Einstellungen\edp\Eigene Dateien\AUDI A 6 Min Schmid.pdf [2011.06.20 22:29:42 | 000,488,213 | ---- | C] () -- C:\Dokumente und Einstellungen\edp\Eigene Dateien\AUDI A 8 Min Schmid II.pdf [2011.06.20 13:18:21 | 000,505,893 | ---- | C] () -- C:\Dokumente und Einstellungen\edp\Eigene Dateien\AUDI A 8 Min Schmid.pdf [2011.06.19 21:42:22 | 000,001,648 | ---- | C] () -- C:\Dokumente und Einstellungen\edp\Desktop\Wise Disk Cleaner Free.lnk [2011.06.19 21:42:22 | 000,001,634 | ---- | C] () -- C:\Dokumente und Einstellungen\edp\Desktop\Clean disk with 1 click.lnk [2011.06.19 21:34:19 | 000,001,684 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Clear with 1 click.lnk [2011.06.19 21:34:17 | 000,000,806 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Wise Registry Cleaner.lnk [2011.06.16 20:46:42 | 000,001,677 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Avira AntiVir Control Center.lnk [2011.06.05 14:01:20 | 000,000,723 | ---- | C] () -- C:\Dokumente und Einstellungen\edp\Desktop\Verknüpfung mit iexplore.lnk [2011.04.14 11:32:27 | 000,000,144 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\~19521332r [2011.04.14 11:32:26 | 000,000,096 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\~19521332 [2011.04.14 11:30:35 | 000,000,400 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\19521332 [2011.02.21 17:48:36 | 000,001,204 | ---- | C] () -- C:\WINDOWS\DISNEY.INI [2011.02.13 19:13:44 | 000,019,533 | ---- | C] () -- C:\WINDOWS\hpqins13.dat [2011.01.30 22:31:22 | 000,019,456 | -H-- | C] () -- C:\Dokumente und Einstellungen\edp\Lokale Einstellungen\Anwendungsdaten\WebpageIcons.db [2011.01.30 22:10:51 | 000,110,080 | ---- | C] () -- C:\WINDOWS\System32\advd.dll [2011.01.30 22:10:50 | 000,023,040 | ---- | C] () -- C:\WINDOWS\System32\auth.dll [2011.01.30 22:10:49 | 000,237,568 | ---- | C] () -- C:\WINDOWS\System32\lame_enc.dll [2010.12.14 00:17:18 | 002,376,472 | ---- | C] () -- C:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\Anwendungsdaten\WPFFontCache_v0400-S-1-5-21-1275210071-412668190-725345543-1004-0.dat [2010.12.14 00:17:10 | 000,335,722 | ---- | C] () -- C:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\Anwendungsdaten\WPFFontCache_v0400-System.dat [2010.12.05 16:41:13 | 000,110,592 | ---- | C] () -- C:\WINDOWS\System32\FsUsbExDevice.Dll [2010.12.05 16:41:12 | 000,036,640 | ---- | C] () -- C:\WINDOWS\System32\FsUsbExDisk.Sys [2010.12.05 16:40:55 | 000,002,528 | -H-- | C] () -- C:\Dokumente und Einstellungen\edp\Anwendungsdaten\$_hpcst$.hpc [2010.11.28 20:00:20 | 000,000,232 | ---- | C] () -- C:\Dokumente und Einstellungen\edp\Anwendungsdaten\trueburner.ini [2010.01.05 18:38:59 | 000,000,000 | ---- | C] () -- C:\WINDOWS\hpqEmlSz.INI [2009.12.20 00:11:38 | 000,000,065 | ---- | C] () -- C:\WINDOWS\FISHUI.INI [2009.12.18 08:57:56 | 000,120,200 | ---- | C] () -- C:\WINDOWS\System32\DLLDEV32i.dll [2009.12.18 08:57:13 | 000,007,119 | ---- | C] () -- C:\WINDOWS\mgxoschk.ini [2009.11.18 19:29:28 | 000,000,171 | -H-- | C] () -- C:\Dokumente und Einstellungen\edp\Anwendungsdaten\Archery 3D Settings [2009.09.08 13:54:26 | 000,188,616 | ---- | C] () -- C:\WINDOWS\hpoins28.dat [2009.09.08 13:54:26 | 000,000,796 | ---- | C] () -- C:\WINDOWS\hpomdl28.dat [2009.08.02 12:56:57 | 000,000,168 | ---- | C] () -- C:\Dokumente und Einstellungen\edp\Anwendungsdaten\burnaware.ini [2009.07.05 21:28:03 | 000,000,046 | ---- | C] () -- C:\WINDOWS\System32\DonationCoder_urlsnooper_InstallInfo.dat [2009.07.04 23:01:32 | 000,168,448 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll [2009.03.02 11:33:32 | 000,085,504 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll [2009.01.30 22:29:30 | 000,015,312 | ---- | C] () -- C:\WINDOWS\System32\RaCoInst.dat [2009.01.02 14:49:09 | 000,004,212 | -H-- | C] () -- C:\WINDOWS\System32\zllictbl.dat [2008.12.20 19:42:13 | 000,000,250 | ---- | C] () -- C:\WINDOWS\gmer.ini [2008.12.20 19:42:08 | 000,819,200 | ---- | C] () -- C:\WINDOWS\gmer.dll [2008.12.20 19:42:07 | 000,757,760 | R--- | C] () -- C:\WINDOWS\gmer.exe [2008.11.11 22:18:33 | 000,000,488 | ---- | C] () -- C:\WINDOWS\Poolemup.ini [2008.11.10 21:58:32 | 000,000,984 | ---- | C] () -- C:\WINDOWS\Dartemup.ini [2008.11.01 14:22:01 | 000,000,067 | ---- | C] () -- C:\WINDOWS\AVIConverter.INI [2008.10.24 21:15:20 | 000,000,000 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\LauncherAccess.dt [2008.10.24 21:05:53 | 000,005,632 | ---- | C] () -- C:\WINDOWS\System32\drivers\StarOpen.sys [2008.10.21 17:33:52 | 001,208,320 | ---- | C] () -- C:\WINDOWS\System32\cygxml2-2.dll [2008.10.21 17:33:52 | 000,328,978 | ---- | C] () -- C:\WINDOWS\System32\dvda.exe [2008.10.21 17:33:52 | 000,062,464 | ---- | C] () -- C:\WINDOWS\System32\cygz.dll [2008.10.21 17:33:21 | 000,980,992 | ---- | C] () -- C:\WINDOWS\System32\cygiconv-2.dll [2008.10.18 20:54:45 | 000,240,128 | ---- | C] () -- C:\WINDOWS\System32\x.264.exe [2008.10.18 20:54:45 | 000,066,560 | ---- | C] () -- C:\WINDOWS\MOTA113.exe [2008.10.18 20:54:45 | 000,027,648 | ---- | C] () -- C:\WINDOWS\System32\AVSredirect.dll [2008.10.18 20:54:44 | 000,502,784 | ---- | C] () -- C:\WINDOWS\x2.64.exe [2008.10.18 20:54:44 | 000,217,073 | ---- | C] () -- C:\WINDOWS\meta4.exe [2008.10.09 17:03:57 | 000,000,151 | ---- | C] () -- C:\WINDOWS\PhotoSnapViewer.INI [2008.10.06 21:27:02 | 000,000,102 | ---- | C] () -- C:\WINDOWS\cdplayer.ini [2008.10.05 12:55:17 | 000,000,067 | ---- | C] () -- C:\WINDOWS\Aurora MPEG To DVD.INI [2008.09.21 11:19:20 | 000,000,017 | ---- | C] () -- C:\WINDOWS\Missing.ini [2008.09.21 11:18:47 | 000,000,032 | ---- | C] () -- C:\WINDOWS\CD-Start.INI [2008.09.20 18:41:25 | 000,087,608 | ---- | C] () -- C:\Dokumente und Einstellungen\edp\Anwendungsdaten\inst.exe [2008.09.20 18:41:25 | 000,007,887 | ---- | C] () -- C:\Dokumente und Einstellungen\edp\Anwendungsdaten\pcouffin.cat [2008.09.20 18:41:25 | 000,001,144 | ---- | C] () -- C:\Dokumente und Einstellungen\edp\Anwendungsdaten\pcouffin.inf [2008.08.30 23:18:31 | 000,000,038 | ---- | C] () -- C:\WINDOWS\AviSplitter.INI [2008.08.30 17:17:10 | 000,077,824 | ---- | C] () -- C:\WINDOWS\System32\SecurityBrowser.exe [2008.08.30 17:17:09 | 000,005,632 | ---- | C] () -- C:\WINDOWS\System32\bindll.dll [2008.07.22 22:59:13 | 000,000,165 | -HS- | C] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\.zreglib [2008.07.12 23:34:34 | 000,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini [2008.05.15 16:38:51 | 000,106,496 | ---- | C] () -- C:\Dokumente und Einstellungen\edp\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2008.04.25 13:31:58 | 000,002,710 | ---- | C] () -- C:\WINDOWS\wininit.ini [2008.04.25 11:13:10 | 000,004,176 | ---- | C] () -- C:\WINDOWS\mozver.dat [2008.04.24 22:18:57 | 000,006,550 | ---- | C] () -- C:\WINDOWS\jautoexp.dat [2008.04.06 17:26:50 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat [2008.04.06 17:23:20 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\lxcyvs.dll [2008.04.06 17:23:18 | 000,303,104 | ---- | C] () -- C:\WINDOWS\System32\lxcycoin.dll [2008.04.06 17:23:08 | 000,692,224 | ---- | C] () -- C:\WINDOWS\System32\lxcydrs.dll [2008.04.06 17:23:08 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\lxcycaps.dll [2008.04.06 17:23:08 | 000,061,440 | ---- | C] () -- C:\WINDOWS\System32\lxcycnv4.dll [2008.04.06 17:21:38 | 000,233,472 | ---- | C] () -- C:\WINDOWS\System32\lxcyinst.dll [2008.04.06 16:30:21 | 000,008,192 | ---- | C] () -- C:\WINDOWS\suecmdial.dll [2008.04.06 15:26:20 | 000,000,400 | ---- | C] () -- C:\WINDOWS\ODBC.INI [2008.04.06 15:17:03 | 000,475,136 | ---- | C] () -- C:\WINDOWS\System32\SLLights.dll [2008.04.06 15:17:03 | 000,376,832 | ---- | C] () -- C:\WINDOWS\System32\slmh.exe [2008.04.06 15:17:03 | 000,167,936 | ---- | C] () -- C:\WINDOWS\System32\minirec.exe [2008.04.06 15:17:03 | 000,155,648 | ---- | C] () -- C:\WINDOWS\System32\amr_cpl.dll [2008.04.06 15:17:03 | 000,135,168 | ---- | C] () -- C:\WINDOWS\System32\SLMOHServ.dll [2008.04.06 15:17:03 | 000,061,440 | ---- | C] () -- C:\WINDOWS\SmCfg.exe [2008.04.06 15:15:36 | 001,622,016 | ---- | C] () -- C:\WINDOWS\System32\nwiz.exe [2008.04.06 15:15:36 | 000,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll [2008.04.06 15:15:36 | 000,425,984 | ---- | C] () -- C:\WINDOWS\System32\keystone.exe [2008.04.06 15:15:35 | 001,470,464 | ---- | C] () -- C:\WINDOWS\System32\nview.dll [2008.04.06 15:08:15 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat [2008.04.06 15:04:11 | 000,021,740 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat [2007.08.16 06:23:28 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\gpyapi.dll [2006.10.22 12:22:00 | 001,662,976 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll [2006.10.22 12:22:00 | 001,339,392 | ---- | C] () -- C:\WINDOWS\System32\nvdspsch.exe [2006.10.22 12:22:00 | 001,019,904 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll [2006.10.22 12:22:00 | 000,581,632 | ---- | C] () -- C:\WINDOWS\System32\nvhwvid.dll [2006.10.22 12:22:00 | 000,442,368 | ---- | C] () -- C:\WINDOWS\System32\nvappbar.exe [2006.10.22 12:22:00 | 000,286,720 | ---- | C] () -- C:\WINDOWS\System32\nvnt4cpl.dll [2006.10.22 12:22:00 | 000,212,992 | ---- | C] () -- C:\WINDOWS\System32\nvapi.dll [2006.09.13 13:06:10 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\gtapi.dll [2005.03.04 14:10:36 | 000,106,496 | ---- | C] () -- C:\WINDOWS\bdoscandel.exe [2005.03.01 15:30:20 | 000,000,453 | ---- | C] () -- C:\WINDOWS\bdoscandellang.ini [2004.11.29 17:43:20 | 000,081,920 | ---- | C] () -- C:\WINDOWS\System32\sherlock2.exe [2004.08.02 14:20:40 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat [2003.07.02 18:05:46 | 000,188,416 | ---- | C] () -- C:\WINDOWS\System32\slextspk.dll [2003.07.02 18:04:32 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\coinst.dll [2003.07.02 17:35:48 | 000,159,744 | ---- | C] () -- C:\WINDOWS\System32\SLGen.dll [2003.07.02 17:03:48 | 000,024,576 | ---- | C] () -- C:\WINDOWS\slrundll.exe [2002.08.29 14:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat [2002.08.29 14:00:00 | 000,532,062 | ---- | C] () -- C:\WINDOWS\System32\perfh007.dat [2002.08.29 14:00:00 | 000,506,148 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat [2002.08.29 14:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat [2002.08.29 14:00:00 | 000,269,480 | ---- | C] () -- C:\WINDOWS\System32\perfi007.dat [2002.08.29 14:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat [2002.08.29 14:00:00 | 000,107,262 | ---- | C] () -- C:\WINDOWS\System32\perfc007.dat [2002.08.29 14:00:00 | 000,089,118 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat [2002.08.29 14:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin [2002.08.29 14:00:00 | 000,034,478 | ---- | C] () -- C:\WINDOWS\System32\perfd007.dat [2002.08.29 14:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat [2002.08.29 14:00:00 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin [2002.08.29 14:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat [2002.05.16 02:38:40 | 000,091,136 | ---- | C] () -- C:\WINDOWS\System32\mp4fil32.dll [2002.05.04 16:19:00 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\avisynthEx.dll [2001.09.04 11:05:32 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin [2001.09.04 11:04:04 | 000,004,678 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat [2001.01.06 16:21:01 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI [2001.01.06 16:20:05 | 000,303,624 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT ========== Custom Scans ========== < %ALLUSERSPROFILE%\Application Data\*. > < %ALLUSERSPROFILE%\Application Data\*.exe /s > < %APPDATA%\*. > [2010.09.24 23:13:42 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\edp\Anwendungsdaten\Adobe [2008.10.20 17:17:49 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\edp\Anwendungsdaten\Ahead [2010.09.06 22:03:18 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\edp\Anwendungsdaten\aMule [2010.07.17 22:02:10 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\edp\Anwendungsdaten\Any DVD Cloner [2009.08.09 12:58:05 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\edp\Anwendungsdaten\Any Video Converter [2011.03.31 19:28:11 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\edp\Anwendungsdaten\Apple Computer [2008.11.20 13:46:40 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\edp\Anwendungsdaten\Ashampoo [2010.04.02 11:48:43 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\edp\Anwendungsdaten\Avira [2008.12.07 14:08:26 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\edp\Anwendungsdaten\Azureus [2009.07.20 09:58:43 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\edp\Anwendungsdaten\BinarySense [2011.02.06 00:54:16 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\edp\Anwendungsdaten\concept design [2008.10.24 21:18:13 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\edp\Anwendungsdaten\ConvertTemp [2011.06.19 22:20:54 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\edp\Anwendungsdaten\Cuki [2009.12.20 00:02:16 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\edp\Anwendungsdaten\DataCast [2008.08.31 00:02:24 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\edp\Anwendungsdaten\DeepBurner [2009.11.07 19:27:36 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\edp\Anwendungsdaten\Desktopicon [2010.05.04 22:44:56 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\edp\Anwendungsdaten\DivX [2008.11.01 23:53:00 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\edp\Anwendungsdaten\DNA [2010.07.17 22:02:13 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\edp\Anwendungsdaten\dvdcss [2011.04.02 21:42:35 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\edp\Anwendungsdaten\DVDVideoSoft [2010.12.13 23:46:57 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\edp\Anwendungsdaten\DVDVideoSoftIEHelpers [2008.09.17 07:21:41 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\edp\Anwendungsdaten\FaxCtr [2009.07.25 19:15:08 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\edp\Anwendungsdaten\FinalBurner Video DVD [2010.10.29 07:33:26 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\edp\Anwendungsdaten\FinalMediaPlayer [2009.10.18 15:46:56 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\edp\Anwendungsdaten\FreeFLVConverter [2011.01.22 08:08:35 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\edp\Anwendungsdaten\GetRightToGo [2009.01.25 13:50:00 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\edp\Anwendungsdaten\Google [2009.02.01 23:21:38 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\edp\Anwendungsdaten\GrabPro [2010.12.13 23:22:20 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\edp\Anwendungsdaten\Gutscheinmieze [2009.09.04 14:49:24 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\edp\Anwendungsdaten\Help [2009.09.08 14:08:29 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\edp\Anwendungsdaten\HP [2010.05.09 15:55:15 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\edp\Anwendungsdaten\HPAppData [2009.09.24 15:55:56 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\edp\Anwendungsdaten\HpUpdate [2008.04.06 15:11:15 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\edp\Anwendungsdaten\Identities [2009.09.19 13:57:50 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\edp\Anwendungsdaten\iMeshMediabarTb [2010.04.20 19:35:38 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\edp\Anwendungsdaten\InstallShield [2009.03.08 22:00:48 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\edp\Anwendungsdaten\KONZ [2009.07.29 22:11:33 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\edp\Anwendungsdaten\Leawo [2009.06.21 15:31:14 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\edp\Anwendungsdaten\Logitech [2010.09.24 23:13:42 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\edp\Anwendungsdaten\Macromedia [2011.01.24 22:25:00 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\edp\Anwendungsdaten\MAGIX [2009.04.19 17:58:50 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\edp\Anwendungsdaten\Malwarebytes [2009.02.09 15:57:11 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\edp\Anwendungsdaten\Media Player Classic [2010.10.29 18:55:26 | 000,000,000 | --SD | M] -- C:\Dokumente und Einstellungen\edp\Anwendungsdaten\Microsoft [2009.07.24 21:50:25 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\edp\Anwendungsdaten\Moyea [2010.11.13 18:43:10 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\edp\Anwendungsdaten\Mozilla [2010.10.30 20:48:09 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\edp\Anwendungsdaten\MozillaControl [2008.10.20 17:21:29 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\edp\Anwendungsdaten\NeroVision [2008.07.21 09:27:00 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\edp\Anwendungsdaten\Nokia [2009.09.23 20:26:31 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\edp\Anwendungsdaten\OpenOffice.org [2008.09.01 22:42:27 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\edp\Anwendungsdaten\OpenOffice.org2 [2011.06.01 09:55:32 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\edp\Anwendungsdaten\Opera [2009.02.01 23:26:06 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\edp\Anwendungsdaten\Orbit [2008.11.19 20:22:44 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\edp\Anwendungsdaten\Participatory Culture Foundation [2008.07.21 09:27:16 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\edp\Anwendungsdaten\PC Suite [2008.12.30 00:15:18 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\edp\Anwendungsdaten\PCF-VLC [2009.10.10 21:45:56 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\edp\Anwendungsdaten\PPLiveVA [2011.07.02 17:55:27 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\edp\Anwendungsdaten\PriceGong [2008.11.30 18:09:56 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\edp\Anwendungsdaten\RapidSolution [2009.08.04 21:36:04 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\edp\Anwendungsdaten\Real [2010.07.17 23:21:01 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\edp\Anwendungsdaten\RipIt4Me [2010.12.28 14:57:44 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\edp\Anwendungsdaten\Samsung [2008.09.20 21:09:42 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\edp\Anwendungsdaten\Smart PC Solutions [2008.12.17 21:32:15 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\edp\Anwendungsdaten\Snapfish [2008.11.21 11:03:37 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\edp\Anwendungsdaten\streamripper [2008.05.04 21:55:58 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\edp\Anwendungsdaten\Sun [2010.03.20 00:07:33 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\edp\Anwendungsdaten\Temporary [2009.11.01 12:07:12 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\edp\Anwendungsdaten\thecleaner [2010.09.09 21:32:37 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\edp\Anwendungsdaten\Thunderbird [2009.10.11 12:57:55 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\edp\Anwendungsdaten\tor [2008.10.24 21:18:12 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\edp\Anwendungsdaten\TransRender [2008.05.04 15:40:53 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\edp\Anwendungsdaten\TVU Networks [2010.11.24 22:44:50 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\edp\Anwendungsdaten\Uniblue [2010.09.06 19:55:45 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\edp\Anwendungsdaten\UseNeXT [2010.11.28 19:09:11 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\edp\Anwendungsdaten\Vso [2008.04.27 18:45:30 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\edp\Anwendungsdaten\WinPatrol [2009.06.24 14:08:27 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\edp\Anwendungsdaten\Yahoo! < %APPDATA%\*.exe /s > [2010.11.28 19:09:10 | 000,087,608 | ---- | M] () -- C:\Dokumente und Einstellungen\edp\Anwendungsdaten\inst.exe [2010.06.10 15:19:22 | 000,825,856 | ---- | M] (Synatix GmbH) -- C:\Dokumente und Einstellungen\edp\Anwendungsdaten\Gutscheinmieze\uninstall.exe [2009.07.15 13:07:43 | 000,001,078 | R--- | M] () -- C:\Dokumente und Einstellungen\edp\Anwendungsdaten\Microsoft\Installer\{0F9196C6-58B4-445B-B56E-B1200FECC151}\_18be6784.exe [2009.07.15 13:07:43 | 000,001,078 | R--- | M] () -- C:\Dokumente und Einstellungen\edp\Anwendungsdaten\Microsoft\Installer\{0F9196C6-58B4-445B-B56E-B1200FECC151}\_294823.exe [2009.07.15 13:07:43 | 000,001,078 | R--- | M] () -- C:\Dokumente und Einstellungen\edp\Anwendungsdaten\Microsoft\Installer\{0F9196C6-58B4-445B-B56E-B1200FECC151}\_2cd672ae.exe [2009.07.15 13:07:43 | 000,001,078 | R--- | M] () -- C:\Dokumente und Einstellungen\edp\Anwendungsdaten\Microsoft\Installer\{0F9196C6-58B4-445B-B56E-B1200FECC151}\_4ae13d6c.exe [2011.01.24 23:58:56 | 000,003,584 | R--- | M] () -- C:\Dokumente und Einstellungen\edp\Anwendungsdaten\Microsoft\Installer\{121634B0-2F4B-11D3-ADA3-00C04F52DD52}\Icon386ED4E3.exe [2010.10.28 11:53:19 | 000,643,072 | ---- | M] () -- C:\Dokumente und Einstellungen\edp\Anwendungsdaten\RipIt4Me\updater\ri4mupdater.exe < %SYSTEMDRIVE%\*.exe > < MD5 for: AGP440.SYS > [2004.08.04 01:10:00 | 018,782,319 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:AGP440.sys [2011.02.13 13:11:05 | 023,898,261 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:AGP440.sys [2004.08.04 01:10:00 | 018,782,319 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp2.cab:AGP440.sys [2011.02.13 13:11:05 | 023,898,261 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:AGP440.sys [2008.04.13 21:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\ServicePackFiles\i386\agp440.sys [2008.04.13 20:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\SoftwareDistribution\Download\7d084ddd2c07c476a226e31c4ef032ff\agp440.sys [2008.04.13 21:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\system32\drivers\agp440.sys < MD5 for: ATAPI.SYS > [2002.08.29 14:00:00 | 010,180,476 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp1.cab:atapi.sys [2004.08.04 01:10:00 | 018,782,319 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys [2011.02.13 13:11:05 | 023,898,261 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys [2004.08.04 01:10:00 | 018,782,319 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp2.cab:atapi.sys [2011.02.13 13:11:05 | 023,898,261 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:atapi.sys [2008.04.13 21:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys [2008.04.13 20:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\SoftwareDistribution\Download\7d084ddd2c07c476a226e31c4ef032ff\atapi.sys [2008.04.13 21:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys < MD5 for: EVENTLOG.DLL > [2008.04.14 04:22:10 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=04955AA695448C181B367D964AF158AA -- C:\WINDOWS\ServicePackFiles\i386\eventlog.dll [2008.04.14 04:22:10 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=04955AA695448C181B367D964AF158AA -- C:\WINDOWS\SoftwareDistribution\Download\7d084ddd2c07c476a226e31c4ef032ff\eventlog.dll [2008.04.14 04:22:10 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=04955AA695448C181B367D964AF158AA -- C:\WINDOWS\system32\eventlog.dll < MD5 for: EXPLORER.EXE > [2007.06.13 15:10:08 | 001,036,288 | ---- | M] (Microsoft Corporation) MD5=331ED93570BAF3CFE30340298762CD56 -- C:\WINDOWS\$hf_mig$\KB938828\SP2QFE\explorer.exe [2008.04.14 04:22:45 | 001,036,800 | ---- | M] (Microsoft Corporation) MD5=418045A93CD87A352098AB7DABE1B53E -- C:\WINDOWS\explorer.exe [2008.04.14 04:22:45 | 001,036,800 | ---- | M] (Microsoft Corporation) MD5=418045A93CD87A352098AB7DABE1B53E -- C:\WINDOWS\ServicePackFiles\i386\explorer.exe [2008.04.14 04:22:45 | 001,036,800 | ---- | M] (Microsoft Corporation) MD5=418045A93CD87A352098AB7DABE1B53E -- C:\WINDOWS\SoftwareDistribution\Download\7d084ddd2c07c476a226e31c4ef032ff\explorer.exe < MD5 for: NETLOGON.DLL > [2008.04.14 04:22:19 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=0098D35F91DEAB9C127360A877F2CF84 -- C:\WINDOWS\ServicePackFiles\i386\netlogon.dll [2008.04.14 04:22:19 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=0098D35F91DEAB9C127360A877F2CF84 -- C:\WINDOWS\SoftwareDistribution\Download\7d084ddd2c07c476a226e31c4ef032ff\netlogon.dll [2008.04.14 04:22:19 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=0098D35F91DEAB9C127360A877F2CF84 -- C:\WINDOWS\system32\netlogon.dll [2009.02.06 20:46:10 | 000,408,064 | ---- | M] (Microsoft Corporation) MD5=ED4BBAD725A21632FB205452749FC8F5 -- C:\WINDOWS\$hf_mig$\KB968389\SP2QFE\netlogon.dll [2009.02.06 20:46:10 | 000,408,064 | ---- | M] (Microsoft Corporation) MD5=ED4BBAD725A21632FB205452749FC8F5 -- C:\WINDOWS\$hf_mig$\KB975467\SP2QFE\netlogon.dll [2009.02.06 20:46:10 | 000,408,064 | ---- | M] (Microsoft Corporation) MD5=ED4BBAD725A21632FB205452749FC8F5 -- C:\WINDOWS\SoftwareDistribution\Download\c73c85abcd9580c46805ff94bb133fb8\sp2qfe\netlogon.dll < MD5 for: SCECLI.DLL > [2008.04.14 04:22:23 | 000,187,904 | ---- | M] (Microsoft Corporation) MD5=5132443DF6FC3771A17AB4AE55DCBC28 -- C:\WINDOWS\ServicePackFiles\i386\scecli.dll [2008.04.14 04:22:23 | 000,187,904 | ---- | M] (Microsoft Corporation) MD5=5132443DF6FC3771A17AB4AE55DCBC28 -- C:\WINDOWS\SoftwareDistribution\Download\7d084ddd2c07c476a226e31c4ef032ff\scecli.dll [2008.04.14 04:22:23 | 000,187,904 | ---- | M] (Microsoft Corporation) MD5=5132443DF6FC3771A17AB4AE55DCBC28 -- C:\WINDOWS\system32\scecli.dll < MD5 for: USER32.DLL > [2005.03.02 20:19:56 | 000,578,560 | ---- | M] (Microsoft Corporation) MD5=4C90159A69A5FD3EB39C71411F28FCFF -- C:\WINDOWS\$hf_mig$\KB890859\SP2QFE\user32.dll [2007.03.08 17:48:39 | 000,579,584 | ---- | M] (Microsoft Corporation) MD5=78785EFF8CB90CEC1862A4CCFD9A3C3A -- C:\WINDOWS\$hf_mig$\KB925902\SP2QFE\user32.dll [2008.04.14 04:22:31 | 000,580,096 | ---- | M] (Microsoft Corporation) MD5=B0050CC5340E3A0760DD8B417FF7AEBD -- C:\WINDOWS\ServicePackFiles\i386\user32.dll [2008.04.14 04:22:31 | 000,580,096 | ---- | M] (Microsoft Corporation) MD5=B0050CC5340E3A0760DD8B417FF7AEBD -- C:\WINDOWS\SoftwareDistribution\Download\7d084ddd2c07c476a226e31c4ef032ff\user32.dll [2008.04.14 04:22:31 | 000,580,096 | ---- | M] (Microsoft Corporation) MD5=B0050CC5340E3A0760DD8B417FF7AEBD -- C:\WINDOWS\system32\user32.dll < MD5 for: USERINIT.EXE > [2008.04.14 04:23:03 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=788F95312E26389D596C0FA55834E106 -- C:\WINDOWS\ServicePackFiles\i386\userinit.exe [2008.04.14 04:23:03 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=788F95312E26389D596C0FA55834E106 -- C:\WINDOWS\SoftwareDistribution\Download\7d084ddd2c07c476a226e31c4ef032ff\userinit.exe [2008.04.14 04:23:03 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=788F95312E26389D596C0FA55834E106 -- C:\WINDOWS\system32\userinit.exe < MD5 for: WINLOGON.EXE > [2008.04.14 04:23:05 | 000,513,024 | ---- | M] (Microsoft Corporation) MD5=F09A527B422E25C478E38CAA0E44417A -- C:\WINDOWS\ServicePackFiles\i386\winlogon.exe [2008.04.14 04:23:05 | 000,513,024 | ---- | M] (Microsoft Corporation) MD5=F09A527B422E25C478E38CAA0E44417A -- C:\WINDOWS\SoftwareDistribution\Download\7d084ddd2c07c476a226e31c4ef032ff\winlogon.exe [2008.04.14 04:23:05 | 000,513,024 | ---- | M] (Microsoft Corporation) MD5=F09A527B422E25C478E38CAA0E44417A -- C:\WINDOWS\system32\winlogon.exe < MD5 for: WS2IFSL.SYS > [2002.08.29 14:00:00 | 000,012,032 | ---- | M] (Microsoft Corporation) MD5=6ABE6E225ADB5A751622A9CC3BC19CE8 -- C:\WINDOWS\system32\dllcache\ws2ifsl.sys [2002.08.29 14:00:00 | 000,012,032 | ---- | M] (Microsoft Corporation) MD5=6ABE6E225ADB5A751622A9CC3BC19CE8 -- C:\WINDOWS\system32\drivers\ws2ifsl.sys < %systemroot%\system32\drivers\*.sys /lockedfiles > [2010.11.28 20:07:30 | 000,436,792 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\sptd.sys < %systemroot%\System32\config\*.sav > [2001.01.06 17:19:05 | 000,094,208 | ---- | M] () -- C:\WINDOWS\System32\config\default.sav [2001.01.06 17:19:05 | 000,606,208 | ---- | M] () -- C:\WINDOWS\System32\config\software.sav [2001.01.06 17:19:05 | 000,413,696 | ---- | M] () -- C:\WINDOWS\System32\config\system.sav < %systemroot%\*. /mp /s > < %systemroot%\system32\*.dll /lockedfiles > [3 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ] ========== Alternate Data Streams ========== @Alternate Data Stream - 72 bytes -> C:\WINDOWS:C54711DDC0E88FB4 @Alternate Data Stream - 125 bytes -> C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TEMP:2BE9FEFC @Alternate Data Stream - 121 bytes -> C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TEMP:264B2CC4 @Alternate Data Stream - 118 bytes -> C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TEMP:ECF54A0E @Alternate Data Stream - 108 bytes -> C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TEMP:CB0AACC9 < End of report > Und dies noch: OTL Extras logfile created on: 02.07.2011 18:12:24 - Run 1 OTL by OldTimer - Version 3.2.25.0 Folder = C:\Dokumente und Einstellungen\edp\Desktop Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 447,36 Mb Total Physical Memory | 130,39 Mb Available Physical Memory | 29,15% Memory free 1,03 Gb Paging File | 0,57 Gb Available in Paging File | 55,36% Paging File free Paging file location(s): C:\pagefile.sys 672 1344 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme Drive C: | 120,01 Gb Total Space | 90,36 Gb Free Space | 75,29% Space Free | Partition Type: NTFS Drive D: | 29,04 Gb Total Space | 22,92 Gb Free Space | 78,92% Space Free | Partition Type: NTFS Computer Name: EDP-Y9MB58APY2E | User Name: edp | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Extra Registry (SafeList) ========== ========== File Associations ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%* .html [@ = Opera.HTML] -- Reg Error: Key error. File not found .url [@ = InternetShortcut] -- rundll32.exe shdocvw.dll,OpenURL %l [HKEY_USERS\S-1-5-21-1275210071-412668190-725345543-1004\SOFTWARE\Classes\<extension>] .exe [@ = exefile] -- Reg Error: Key error. File not found .html [@ = htmlfile] -- Reg Error: Key error. File not found ========== Shell Spawning ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%* exefile [open] -- "%1" %* htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" -nohome htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" -nohome https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" -nohome InternetShortcut [open] -- rundll32.exe shdocvw.dll,OpenURL %l piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation) Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation) Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) ========== Security Center Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "AntiVirusDisableNotify" = 0 "FirewallDisableNotify" = 0 "UpdatesDisableNotify" = 0 "AntiVirusOverride" = 0 "FirewallOverride" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall] ========== System Restore Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore] "DisableSR" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr] "Start" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService] "Start" = 2 ========== Firewall Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile] "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile] "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List] "1900:UDP" = 1900:UDP:LocalSubNet  isabled:@xpsp2res.dll,-22007"2869:TCP" = 2869:TCP:LocalSubNet isabled:@xpsp2res.dll,-22008"1988:TCP" = 1988:TCP:*:Enabled:Akamai NetSession Interface "5000:UDP" = 5000:UDP:*:Enabled:Akamai NetSession Interface ========== Authorized Applications List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List] "C:\Programme\HP\Digital Imaging\bin\hposid01.exe" = C:\Programme\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe -- (Hewlett-Packard Co.) "C:\Programme\HP\Digital Imaging\bin\hpiscnapp.exe" = C:\Programme\HP\Digital Imaging\bin\hpiscnapp.exe:*:Enabled:hpiscnapp.exe -- (Hewlett-Packard) "C:\Programme\HP\Digital Imaging\bin\hpqpsapp.exe" = C:\Programme\HP\Digital Imaging\bin\hpqpsapp.exe:*:Enabled:hpqpsapp.exe -- (Hewlett-Packard Development Co. L.P.) "C:\Programme\HP\Digital Imaging\bin\hpqpse.exe" = C:\Programme\HP\Digital Imaging\bin\hpqpse.exe:*:Enabled:hpqpse.exe -- (Hewlett-Packard Development Co. L.P.) "C:\Programme\HP\Digital Imaging\bin\hpqsudi.exe" = C:\Programme\HP\Digital Imaging\bin\hpqsudi.exe:*:Enabled:hpqsudi.exe -- (Hewlett-Packard Development Co. L.P.) "C:\Programme\HP\Digital Imaging\bin\hpqgplgtupl.exe" = C:\Programme\HP\Digital Imaging\bin\hpqgplgtupl.exe:*:Enabled:hpqgplgtupl.exe -- (Hewlett-Packard Co.) [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] "C:\Programme\HP\Digital Imaging\bin\hposid01.exe" = C:\Programme\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe -- (Hewlett-Packard Co.) "C:\Programme\HP\Digital Imaging\bin\hpiscnapp.exe" = C:\Programme\HP\Digital Imaging\bin\hpiscnapp.exe:*:Enabled:hpiscnapp.exe -- (Hewlett-Packard) "C:\Programme\HP\Digital Imaging\bin\hpqpsapp.exe" = C:\Programme\HP\Digital Imaging\bin\hpqpsapp.exe:*:Enabled:hpqpsapp.exe -- (Hewlett-Packard Development Co. L.P.) "C:\Programme\HP\Digital Imaging\bin\hpqpse.exe" = C:\Programme\HP\Digital Imaging\bin\hpqpse.exe:*:Enabled:hpqpse.exe -- (Hewlett-Packard Development Co. L.P.) "C:\Programme\HP\Digital Imaging\bin\hpqsudi.exe" = C:\Programme\HP\Digital Imaging\bin\hpqsudi.exe:*:Enabled:hpqsudi.exe -- (Hewlett-Packard Development Co. L.P.) "C:\Programme\HP\Digital Imaging\bin\hpqgplgtupl.exe" = C:\Programme\HP\Digital Imaging\bin\hpqgplgtupl.exe:*:Enabled:hpqgplgtupl.exe -- (Hewlett-Packard Co.) "C:\Programme\Mozilla Firefox\firefox.exe" = C:\Programme\Mozilla Firefox\firefox.exe:*:Enabled:Firefox -- (Mozilla Corporation) "C:\Programme\GameTop.com\Extreme Racers\Extreme Racers.exe" = C:\Programme\GameTop.com\Extreme Racers\Extreme Racers.exe:*:Enabled:Cipher Game Engine "C:\WINDOWS\system32\muzapp.exe" = C:\WINDOWS\system32\muzapp.exe:*:Enabled:MUZ AOD APP player "C:\Dokumente und Einstellungen\edp\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\Application\chrome.exe" = C:\Dokumente und Einstellungen\edp\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\Application\chrome.exe:*:Enabled:Google Chrome -- (Google Inc.) ========== HKEY_LOCAL_MACHINE Uninstall List ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{0289B35E-DC07-4c7a-9710-BBD686EA4B7D}" = Status "{09633A5E-3089-41A8-9FF1-382171423C5D}" = PSSWCORE "{0E7DBD52-B097-4F2B-A7C7-F105B0D20FDB}" = LightScribe System Software 1.14.17.1 "{0F9196C6-58B4-445B-B56E-B1200FECC151}" = Microsoft Bootvis "{121634B0-2F4B-11D3-ADA3-00C04F52DD52}" = Windows Installer Clean Up "{1545207E-C6F3-31D7-9918-BDBB65075FBF}" = Microsoft .NET Framework 3.5 Language Pack - deu "{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 "{22F761D1-8063-4170-ADF7-2D2F47834CA9}" = VideoToolkit01 "{2614F54E-A828-49FA-93BA-45A3F756BFAA}" = 32 Bit HP CIO Components Installer "{27197499-7680-4208-8FD8-5439CDB0FDC1}" = HPProductAssistant "{2AFEAA03-2DFE-4519-A629-EDAB6541ABE9}" = HPSSupply "{350C97B3-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP "{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile "{593A6CAF-E114-4e31-884F-74FF349E8E36}" = SolutionCenter "{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053 "{60D4F9F1-B828-4048-A5AB-9AA2FD0C4751}" = DJ_AIO_03_F4200_Software "{6365C963-4B72-43F8-8392-2A5441EC2A86}" = DJ_AIO_03_F4220_ProductContext "{66E6CE0C-5A1E-430C-B40A-0C90FF1804A8}" = eSupportQFolder "{68A35043-C55A-4237-88C9-37EE1C63ED71}" = Microsoft Visual J# 2.0 Redistributable Package "{6F5E2F4A-377D-4700-B0E3-8F7F7507EA15}" = CustomerResearchQFolder "{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable "{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 "{7CDBE27D-87EC-434E-AFE4-D0116AE876BB}" = Microsoft Works Suite-Add-Ins für Microsoft Word "{818ABC3C-635C-4651-8183-D0E9640B7DD1}" = HP Update "{86D4B82A-ABED-442A-BE86-96357B70F4FE}" = Ask Toolbar "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{90840407-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Excel Viewer 2003 "{911B0407-6000-11D3-8CFE-0050048383C9}" = Microsoft Word 2002 "{9309DD7E-EBFE-3C95-8B47-30D3A012F606}" = Microsoft .NET Framework 2.0 Service Pack 1 Language Pack - DEU "{943C384A-AD26-4D34-8319-A90033C09395}" = Myson Century USB Driver for Windows 98&ME "{95120000-00AF-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (German) "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 "{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 "{9C2D4047-0E40-499a-AC7A-C4B9BB12FE03}" = TrayApp "{A1071AEB-B0EF-3F5F-BC84-83A270EBE496}" = Microsoft .NET Framework 3.0 Service Pack 1 Language Pack - DEU "{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2 "{AA2E8A46-B45E-4aea-8A23-88AB57D04523}" = WebReg "{AAF4238F-7C29-451D-9925-C753271A5728}" = Microsoft Visual C++ Run Time Lib Setup "{AB5D51AE-EBC3-438D-872C-705C7C2084B0}" = DeviceManagementQFolder "{AC76BA86-7AD7-1031-7B44-A81300000003}" = Adobe Reader 8.1.3 - Deutsch "{B61A79BE-E94C-42C0-921D-8B7E5217069C}" = F4200 "{BE8A9C2C-8E41-445B-A746-BEB0B1F992F8}" = DJ_AIO_03_F4200_Software_Min "{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2 "{C3B6AEB1-390C-4792-8677-CD87F8B2C959}" = HP Deskjet F4200 All-In-One Driver Software 11.0 Rel .3 "{C41300B9-185D-475E-BFEC-39EF732F19B1}" = Apple Software Update "{C4BEEB8C-B9D2-4CD9-A2AA-1F3A1F57DF21}" = Works Suite-Betriebssystem-Pack "{C89B5E3A-690F-4CEE-909A-BF869E198B0A}" = Scan "{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1 SP1 + KB928366 "{CC0E1AE3-091D-4969-B151-7AC142062C28}" = SmartWebPrinting "{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1 "{D16B4BE6-8B10-422f-8034-96D1CA9483B5}" = GPBaseService "{D79113E7-274C-470B-BD46-01B10219DF6A}" = HPPhotosmartEssential "{E04ACCBC-DF36-364E-87E8-6C24BB981AB8}" = Visual C++ 2008 x86 Runtime - (v9.0.30729.5026) "{E04ACCBC-DF36-364E-87E8-6C24BB981AB8}.vc_x86runtime_30729_5026" = Visual C++ 2008 x86 Runtime - v9.0.30729.5026 "{E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}" = Windows Media Encoder 9-Reihe "{E78BFA60-5393-4C38-82AB-E8019E464EB4}" = Microsoft .NET Framework 1.1 German Language Pack "{E96B0085-6659-486b-A221-5042A042728D}" = Toolbox "{EDDDC607-91D9-4758-9F57-265FDCD8A772}" = Microsoft Works 7.0 "{EF1ADA5A-0B1A-4662-8C55-7475A61D8B65}" = DeviceDiscovery "{EF9E56EE-0243-4BAD-88F4-5E7508AA7D96}" = Destination Component "{F750C986-5310-3A5A-95F8-4EC71C8AC01C}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack "{F8A5531E-FEB4-4F7C-AF51-342E40FA7A0D}" = F4210_Help "{FC274982-5AAD-4C20-848D-4424A5043010}_is1" = WinUtilities 10.21 Free Edition "Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX "Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin "Adobe Shockwave Player" = Adobe Shockwave Player 11.5 "Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus "CCleaner" = CCleaner "Defraggler" = Defraggler "DivX Setup.divx.com" = DivX-Setup "DVDVideoSoftTB Toolbar" = DVDVideoSoftTB Toolbar "Free Studio_is1" = Free Studio version 5.0.8 "HP Imaging Device Functions" = HP Imaging Device Functions 11.0 "HP Photosmart Essential" = HP Photosmart Essential 3.5 "HP Smart Web Printing" = HP Smart Web Printing "HP Solution Center & Imaging Support Tools" = HP Solution Center 11.0 "HPExtendedCapabilities" = HP Customer Participation Program 11.0 "KLiteCodecPack_is1" = K-Lite Codec Pack 4.9.5 (Full) "M928366" = "Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1 SP1 + KB928366 "Microsoft .NET Framework 3.5 Language Pack - deu" = Microsoft .NET Framework 3.5 Language Pack - DEU "Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1 "Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile "Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack "Microsoft Visual J# 2.0 Redistributable Package" = Microsoft Visual J# 2.0 Redistributable Package "Mozilla Firefox 5.0 (x86 de)" = Mozilla Firefox 5.0 (x86 de) "Mozilla Thunderbird (2.0.0.24)" = Mozilla Thunderbird (2.0.0.24) "Nero - Burning Rom!UninstallKey" = Ahead Nero OEM "NeroVision!UninstallKey" = Ahead NeroVision Express "NVIDIA Drivers" = NVIDIA Drivers "SLAMRMO" = Smart Link 56K Modem "SystemRequirementsLab" = System Requirements Lab "Windows Media Encoder 9" = Windows Media Encoder 9-Reihe "Windows Media Format Runtime" = Windows Media Format 11 runtime "Windows Media Player" = Windows Media Player 11 "Wise Disk Cleaner_is1" = Wise Disk Cleaner 5.93 "Wise Registry Cleaner_is1" = Wise Registry Cleaner 5.9.4 "Works2003Setup" = Microsoft Works 2003-Setup-Start "XpsEPSC" = XML Paper Specification Shared Components Pack 1.0 ========== HKEY_USERS Uninstall List ========== [HKEY_USERS\S-1-5-21-1275210071-412668190-725345543-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "Google Chrome" = Google Chrome ========== Last 10 Event Log Errors ========== [ Application Events ] Error - 12.02.2011 09:56:38 | Computer Name = EDP-Y9MB58APY2E | Source = .NET Runtime Optimization Service | ID = 1103 Description = .NET Runtime Optimization Service (clr_optimization_v2.0.50727_32) - Tried to start a service that wasn't the latest version of CLR Optimization service. Will shutdown Error - 13.02.2011 05:52:39 | Computer Name = EDP-Y9MB58APY2E | Source = Application Error | ID = 1000 Description = Fehlgeschlagene Anwendung plugin-container.exe, Version 1.9.2.3989, fehlgeschlagenes Modul ntdll.dll, Version 5.1.2600.3520, Fehleradresse 0x0000100b. Error - 13.02.2011 13:30:31 | Computer Name = EDP-Y9MB58APY2E | Source = MsiInstaller | ID = 11719 Description = Product: HPPhotoSmartDiscLabelContent1 -- Error 1719. The Windows Installer Service could not be accessed. This can occur if the Windows Installer is not correctly installed. Contact your support personnel for assistance. Error - 13.02.2011 15:12:05 | Computer Name = EDP-Y9MB58APY2E | Source = ESENT | ID = 490 Description = svchost (920) Versuch, Datei "C:\WINDOWS\system32\CatRoot2\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\catdb" für den Lese-/Schreibzugriff zu öffnen, ist mit Systemfehler 32 (0x00000020): "Der Prozess kann nicht auf die Datei zugreifen, da sie von einem anderen Prozess verwendet wird. " fehlgeschlagen. Fehler -1032 (0xfffffbf8) beim Öffnen von Dateien. [ System Events ] Error - 01.07.2011 02:59:30 | Computer Name = EDP-Y9MB58APY2E | Source = Windows Update Agent | ID = 20 Description = Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80070643 fehlgeschlagen: Sicherheitsupdate für Microsoft .NET Framework 1.1 SP1 unter Windows XP, Windows Vista und Windows Server 2008 x86 (KB2416447) Error - 01.07.2011 05:17:18 | Computer Name = EDP-Y9MB58APY2E | Source = Service Control Manager | ID = 7000 Description = Der Dienst "Java Quick Starter" wurde aufgrund folgenden Fehlers nicht gestartet: %%3 Error - 01.07.2011 05:19:13 | Computer Name = EDP-Y9MB58APY2E | Source = Service Control Manager | ID = 7022 Description = Der Dienst "HP CUE DeviceDiscovery Service" wurde nicht ordnungsgemäß gestartet. Error - 01.07.2011 05:38:07 | Computer Name = EDP-Y9MB58APY2E | Source = NtServicePack | ID = 921877 Description = Die Windows XP KB2393802-Installation ist fehlgeschlagen. Ein interner Fehler ist aufgetreten. Error - 01.07.2011 05:38:07 | Computer Name = EDP-Y9MB58APY2E | Source = Windows Update Agent | ID = 20 Description = Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x8007054f fehlgeschlagen: Sicherheitsupdate für Windows XP (KB2393802) Error - 01.07.2011 05:40:38 | Computer Name = EDP-Y9MB58APY2E | Source = Windows Update Agent | ID = 20 Description = Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80070643 fehlgeschlagen: Sicherheitsupdate für Microsoft .NET Framework 1.1 SP1 unter Windows XP, Windows Vista und Windows Server 2008 x86 (KB2416447) Error - 01.07.2011 10:03:54 | Computer Name = EDP-Y9MB58APY2E | Source = Service Control Manager | ID = 7000 Description = Der Dienst "Java Quick Starter" wurde aufgrund folgenden Fehlers nicht gestartet: %%3 Error - 01.07.2011 10:05:11 | Computer Name = EDP-Y9MB58APY2E | Source = Service Control Manager | ID = 7022 Description = Der Dienst "HP CUE DeviceDiscovery Service" wurde nicht ordnungsgemäß gestartet. Error - 02.07.2011 11:44:17 | Computer Name = EDP-Y9MB58APY2E | Source = Service Control Manager | ID = 7000 Description = Der Dienst "Java Quick Starter" wurde aufgrund folgenden Fehlers nicht gestartet: %%3 Error - 02.07.2011 11:45:57 | Computer Name = EDP-Y9MB58APY2E | Source = Service Control Manager | ID = 7022 Description = Der Dienst "HP CUE DeviceDiscovery Service" wurde nicht ordnungsgemäß gestartet. < End of report > Ich würde mich freuen wenn mir einer von euch helfen könnte,das wäre klasse. Ciao  |
Baum-Darstellung