Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung

Log-Analyse und Auswertung: Gelöst aber richtig?/ LPD (GVA) Trojaner auf XP mit Verhinderung abgesicherter Systemstart

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.

Antwort
Alt 26.05.2014, 12:31   #1
Plini
 
Gelöst aber richtig?/ LPD (GVA) Trojaner auf XP mit Verhinderung abgesicherter Systemstart - Standard

Gelöst aber richtig?/ LPD (GVA) Trojaner auf XP mit Verhinderung abgesicherter Systemstart



Habe/hatte den Virus mit der netten Seite der LPD und Heinzi Fischer...

Ich habe mit OTLPE einen Scan gezogen:
Code:
ATTFilter
OTL logfile created on: 5/26/2014 1:00:56 PM - Run 
OTLPE by OldTimer - Version 3.1.48.0     Folder = X:\Programs\OTLPE
Microsoft Windows XP Service Pack 3 (Version = 5.1.2600) - Type = SYSTEM
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000C07 | Country: Österreich | Language: DEA | Date Format: dd.MM.yyyy
 
3.00 Gb Total Physical Memory | 3.00 Gb Available Physical Memory | 83.00% Memory free
3.00 Gb Paging File | 3.00 Gb Available in Paging File | 90.00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 136.73 Gb Total Space | 77.55 Gb Free Space | 56.72% Space Free | Partition Type: NTFS
Drive D: | 34.25 Gb Total Space | 0.39 Gb Free Space | 1.13% Space Free | Partition Type: NTFS
Drive E: | 978.07 Mb Total Space | 733.52 Mb Free Space | 75.00% Space Free | Partition Type: FAT32
Drive F: | 1397.26 Gb Total Space | 26.76 Gb Free Space | 1.92% Space Free | Partition Type: NTFS
Drive G: | 2.62 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
Drive X: | 436.59 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
 
Computer Name: REATOGO | User Name: SYSTEM
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
Using ControlSet: ControlSet002
 
========== Win32 Services (SafeList) ==========
 
SRV - [2014/05/26 03:19:29 | 000,157,696 | ---- | M] () [Auto] -- C:\DOKUME~1\ALLUSE~1\ANWEND~1\72708163A29C273D7EF0E798417733CC\hclg9dol.cpp -- (winmgmt)
SRV - [2014/05/13 08:15:28 | 000,292,424 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto] -- C:\Programme\AVG\AVG2014\avgwdsvc.exe -- (avgwd)
SRV - [2014/01/09 01:17:38 | 000,770,432 | ---- | M] (Enigma Software Group USA, LLC.) [Auto] -- C:\Programme\Enigma Software Group\SpyHunter\SH4Service.exe -- (SpyHunter 4 Service)
SRV - [2013/08/09 01:45:48 | 000,257,416 | ---- | M] (Adobe Systems Incorporated) [On_Demand] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013/02/22 07:32:59 | 002,849,120 | ---- | M] (TeamViewer GmbH) [Auto] -- C:\Programme\TeamViewer\Version7\TeamViewer_Service.exe -- (TeamViewer7)
SRV - [2012/06/24 12:30:55 | 003,442,640 | ---- | M] (Acronis) [Auto] -- C:\Programme\Gemeinsame Dateien\Acronis\CDP\afcdpsrv.exe -- (afcdpsrv)
SRV - [2012/03/02 12:00:26 | 000,025,504 | ---- | M] (Samsung Electronics Co., Ltd.) [Auto] -- C:\Programme\Samsung\AllShare\AllShareDMS\AllShareDMS.exe -- (SamsungAllShareV2.0)
SRV - [2012/03/02 12:00:20 | 000,027,584 | ---- | M] (Samsung Electronics Co., Ltd.) [On_Demand] -- C:\Programme\Samsung\AllShare\AllShareSlideShowService.exe -- (SimpleSlideShowServer)
SRV - [2011/08/05 06:14:10 | 006,495,504 | ---- | M] (Acronis) [Auto] -- C:\Programme\Gemeinsame Dateien\Acronis\SyncAgent\syncagentsrv.exe -- (syncagentsrv)
SRV - [2011/08/05 06:13:14 | 000,809,192 | ---- | M] (Acronis) [Auto] -- C:\Programme\Gemeinsame Dateien\Acronis\Schedule2\schedul2.exe -- (AcrSch2Svc)
SRV - [2011/07/22 08:26:40 | 000,690,472 | ---- | M] (Nero AG) [Auto] -- C:\Programme\Nero\Update\NASvc.exe -- (NAUpdate)
SRV - [2011/07/19 23:18:24 | 000,440,696 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE12\ODSERV.EXE -- (odserv)
SRV - [2010/02/19 07:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand] -- C:\Programme\Gemeinsame Dateien\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)
SRV - [2009/08/18 05:29:22 | 001,529,728 | ---- | M] (Microsoft Corporation) [Auto] -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\Windows Live\WLIDSVC.EXE -- (wlidsvc)
SRV - [2006/10/26 09:03:08 | 000,145,184 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE -- (ose)
SRV - [2006/10/26 08:40:34 | 000,335,872 | ---- | M] (Microsoft Corporation) [Auto] -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7DEBUG\mdm.exe -- (MDM)
SRV - [2005/05/10 21:09:54 | 000,225,280 | ---- | M] (O&O Software GmbH) [Auto] -- C:\WINDOWS\system32\oodag.exe -- (O&O Defrag)
SRV - [2004/10/21 22:24:18 | 000,073,728 | ---- | M] (Macrovision Corporation) [On_Demand] -- C:\Programme\Gemeinsame Dateien\InstallShield\Driver\1050\Intel 32\IDriverT.exe -- (IDriverT)
 
 
========== Driver Services (SafeList) ==========
 
DRV - File not found [Kernel | On_Demand] --  -- (WDICA)
DRV - File not found [Kernel | On_Demand] --  -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand] --  -- (PDRELI)
DRV - File not found [Kernel | On_Demand] --  -- (PDFRAME)
DRV - File not found [Kernel | On_Demand] --  -- (PDCOMP)
DRV - File not found [Kernel | On_Demand] --  -- (Pcouffin)
DRV - File not found [Kernel | System] --  -- (PCIDump)
DRV - File not found [Kernel | System] --  -- (lbrtfdc)
DRV - File not found [Kernel | System] --  -- (i2omgmt)
DRV - File not found [Kernel | System] --  -- (Changer)
DRV - [2014/05/13 08:17:24 | 000,237,848 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot] -- C:\WINDOWS\system32\drivers\avglogx.sys -- (Avglogx)
DRV - [2014/05/13 08:17:22 | 000,210,200 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System] -- C:\WINDOWS\system32\drivers\avgtdix.sys -- (Avgtdix)
DRV - [2014/05/13 08:17:20 | 000,149,784 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot] -- C:\WINDOWS\system32\drivers\avgidshx.sys -- (AVGIDSHX)
DRV - [2014/01/06 21:48:42 | 000,012,288 | ---- | M] () [Kernel | On_Demand] -- C:\Programme\Enigma Software Group\SpyHunter\esgiguard.sys -- (esgiguard)
DRV - [2012/06/24 12:31:01 | 000,234,752 | ---- | M] (Acronis) [File_System | On_Demand] -- C:\WINDOWS\system32\drivers\afcdp.sys -- (afcdp)
DRV - [2012/06/24 12:30:42 | 000,766,208 | ---- | M] (Acronis) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\tdrpman.sys -- (tdrpman)
DRV - [2012/06/24 12:30:37 | 000,609,760 | ---- | M] (Acronis) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\timntr.sys -- (timounter)
DRV - [2012/06/24 12:30:17 | 000,126,112 | ---- | M] (Acronis) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\vididr.sys -- (vididr)
DRV - [2012/06/24 12:30:13 | 000,084,512 | ---- | M] (Acronis) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\vsflt58.sys -- (vidsflt58) Acronis Disk Storage Filter (58)
DRV - [2012/06/24 12:30:08 | 000,170,496 | ---- | M] (Acronis) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\snapman.sys -- (snapman)
DRV - [2012/06/24 12:30:03 | 000,076,768 | ---- | M] (Acronis) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\fltsrv.sys -- (fltsrv)
DRV - [2012/06/22 05:01:32 | 000,019,984 | ---- | M] () [File_System | On_Demand] -- C:\WINDOWS\system32\drivers\EsgScanner.sys -- (EsgScanner)
DRV - [2012/05/01 19:35:17 | 000,121,208 | ---- | M] (SlySoft, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\AnyDVD.sys -- (AnyDVD)
DRV - [2011/07/13 07:39:10 | 000,056,496 | ---- | M] (Nero AG) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\NBVol.sys -- (NBVol)
DRV - [2011/07/13 07:39:10 | 000,012,464 | ---- | M] (Nero AG) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\NBVolUp.sys -- (NBVolUp)
DRV - [2011/05/18 01:49:32 | 000,054,784 | ---- | M] (GenesysLogic) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\GeneStor.sys -- (GeneStor)
DRV - [2011/05/06 06:42:22 | 000,086,912 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\AssmannUDSMBus.sys -- (AssmannUDSMBus)
DRV - [2011/05/06 06:37:08 | 000,139,648 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\AssmannUDSTcpBus.sys -- (AssmannUDSTcpBus)
DRV - [2010/07/28 18:25:42 | 000,025,112 | ---- | M] (Initio Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ivusb.sys -- (ivusb)
DRV - [2010/04/28 02:44:02 | 000,054,760 | ---- | M] (Microsoft Corporation) [Kernel | Auto] -- C:\WINDOWS\system32\drivers\fssfltr_tdi.sys -- (fssfltr)
DRV - [2009/02/12 03:23:10 | 003,489,280 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2008/04/13 14:46:22 | 000,015,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\mpe.sys -- (MPE)
DRV - [2008/04/13 14:45:33 | 000,011,520 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\scsiscan.sys -- (scsiscan)
DRV - [2007/12/12 08:11:08 | 000,012,288 | ---- | M] () [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\Spyder3.sys -- (Spyder3)
DRV - [2007/12/10 18:53:34 | 000,554,240 | ---- | M] (DiBcom SA) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\mod7700.sys -- (mod7700)
DRV - [2007/11/09 04:07:34 | 000,013,824 | ---- | M] (DiBcom S.A.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\modrc.sys -- (MODRC)
DRV - [2006/09/20 12:38:26 | 000,207,152 | ---- | M] (Silicon Image, Inc) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\Si3124r5.sys -- (Si3124r5)
DRV - [2006/08/28 20:10:06 | 000,158,208 | R--- | M] (Broadcom Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\b57xp32.sys -- (b57w2k)
DRV - [2006/07/13 13:42:42 | 000,017,328 | ---- | M] (Silicon Image, Inc.) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\SiWinAcc.sys -- (SiFilter)
DRV - [2005/07/07 04:14:30 | 001,389,056 | R--- | M] (Creative Technology Ltd.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\P17.sys -- (P17)
DRV - [2005/01/10 06:15:30 | 000,106,496 | R--- | M] (Creative Technology Ltd.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ctoss2k.sys -- (ossrv)
DRV - [2005/01/10 06:15:24 | 000,138,752 | R--- | M] (Creative Technology Ltd) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ctsfm2k.sys -- (ctsfm2k)
DRV - [2004/02/03 10:17:46 | 000,100,881 | ---- | M] (Silicon Image, Inc) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\SI3124r.sys -- (SI3124r)
DRV - [2003/05/23 07:49:20 | 000,037,760 | ---- | M] (LSI Logic) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\symmpi.sys -- (symmpi)
DRV - [2002/04/02 10:30:16 | 000,033,024 | ---- | M] (Colorvision Inc) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\cvspydr2.sys -- (cvspydr2)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
 
 
IE - HKU\.DEFAULT\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - Reg Error: Key error. File not found
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\Harald_Sahling_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
IE - HKU\Harald_Sahling_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\Harald_Sahling_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local;<local>
 
IE - HKU\LocalService_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\NetworkService_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Content Upload Plugin,version=1.0.0: C:\Programme\DivX\DivX Content Uploader\npUpload.dll (DivX,Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0:  
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Programme\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Web Player Plug-In,version=1.0.0: C:\Programme\DivX\DivX Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Programme\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Programme\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpWinExt,version=5.0: C:\Programme\MSN Toolbar\Platform\5.0.1449.0\npwinext.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Programme\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8117.0416: C:\Programme\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@Nero.com/KM: C:\Programme\Gemeinsame Dateien\Nero\BrowserPlugin\npBrowserPlugin.dll (Nero AG)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3:  
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9:  
FF - HKLM\Software\MozillaPlugins\@viewpoint.com/VMP: C:\Programme\Viewpoint\Viewpoint Media Player\npViewpoint.dll ()
FF - HKLM\Software\MozillaPlugins\Adobe Acrobat: C:\Programme\Adobe\Acrobat 10.0\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@citrixonline.com/appdetectorplugin: C:\Dokumente und Einstellungen\Harald Sahling\Lokale Einstellungen\Anwendungsdaten\Citrix\Plugins\104\npappdetector.dll (Citrix Online)
FF - HKCU\Software\MozillaPlugins\amazon.com/AmazonMP3DownloaderPlugin: C:\Dokumente und Einstellungen\Harald Sahling\Lokale Einstellungen\Anwendungsdaten\Program Files\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin10181.dll (Amazon.com, Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\web2pdfextension@web2pdf.adobedotcom: C:\Programme\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn [2014/04/10 02:25:07 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\msntoolbar@msn.com: C:\Programme\MSN Toolbar\Platform\5.0.1449.0\Firefox [2013/07/24 17:04:15 | 000,000,000 | ---D | M]
 
 
O1 HOSTS File: ([2012/06/25 16:58:12 | 000,000,850 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O1 - Hosts: 127.0.0.1	activate.adobe.com
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} -  File not found
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (EWPBrowseObject Class) - {68F9551E-0411-48E4-9AAF-4BC42A6A46BE} - C:\Programme\Canon\Easy-WebPrint\EWPBrowseLoader.dll ()
O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (Nero Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Programme\Ask.com\GenericAskToolbar.dll (Ask)
O2 - BHO: (SmartSelect Class) - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (Easy-WebPrint) - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Programme\Canon\Easy-WebPrint\Toolband.dll ()
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found.
O3 - HKLM\..\Toolbar: (Nero Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Programme\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKU\Harald_Sahling_ON_C\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKU\Harald_Sahling_ON_C\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKU\Harald_Sahling_ON_C\..\Toolbar\WebBrowser: (Nero Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Programme\Ask.com\GenericAskToolbar.dll (Ask)
O4 - HKLM..\Run: []  File not found
O4 - HKLM..\Run: [Acrobat Assistant 8.0] C:\Programme\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe (Adobe Systems Inc.)
O4 - HKLM..\Run: [Acronis Scheduler2 Service] C:\Programme\Gemeinsame Dateien\Acronis\Schedule2\schedhlp.exe (Acronis)
O4 - HKLM..\Run: [Adobe Acrobat Speed Launcher] C:\Programme\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Adobe ARM] C:\Programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Programme\Gemeinsame Dateien\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AdobeCS5ServiceManager] C:\Programme\Gemeinsame Dateien\Adobe\CS5ServiceManager\CS5ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AllShareAgent] C:\Programme\Samsung\AllShare\AllShareAgent.exe (Samsung Electronics Co., Ltd.)
O4 - HKLM..\Run: [ApnUpdater] C:\Programme\Ask.com\Updater\Updater.exe (Ask)
O4 - HKLM..\Run: [AVG_UI] C:\Programme\AVG\AVG2014\avgui.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [BluetoothAuthenticationAgent] C:\WINDOWS\System32\bthprops.cpl (Microsoft Corporation)
O4 - HKLM..\Run: [CTSysVol] C:\Programme\Creative\SBAudigy\Surround Mixer\CTSysVol.exe (Creative Technology Ltd)
O4 - HKLM..\Run: [DivXMediaServer] C:\Programme\DivX\DivX Media Server\DivXMediaServer.exe (DivX, LLC)
O4 - HKLM..\Run: [DivXUpdate] C:\Programme\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [Easy-PrintToolBox] C:\Programme\Canon\Easy-PrintToolBox\BJPSMAIN.EXE (CANON INC.)
O4 - HKLM..\Run: [FRYMXINS] C:\Programme\ATI Technologies\Fire GL 3D Studio Max\atiimxgl.exe (ATI Technologies, Inc.)
O4 - HKLM..\Run: [HP Designjet Z3100 Photo Series] C:\Programme\HP Designjet Z3100 Photo Series\Setup.exe ()
O4 - HKLM..\Run: [KCodes UDS Control Center] C:\Programme\Assmann\USB Device Server\Control Center.exe ()
O4 - HKLM..\Run: [KernelFaultCheck]  File not found
O4 - HKLM..\Run: [KnexStarter] C:\Programme\Gemeinsame Dateien\Hewlett-Packard\HP Device Communication Services\AppInterfaces\HPDeviceService.exe (Hewlett-Packard Company)
O4 - HKLM..\Run: [NBAgent] C:\Programme\Nero\Nero 11\Nero BackItUp\NBAgent.exe (Nero AG)
O4 - HKLM..\Run: [NWEReboot]  File not found
O4 - HKLM..\Run: [P17Helper] C:\WINDOWS\System32\P17.dll ()
O4 - HKLM..\Run: [PDUiP6700DMon] C:\Programme\Canon\Memory Card Utility\iP6700D\PDUiP6700DMon.exe (CANON INC.)
O4 - HKLM..\Run: [PUStarter] C:\Programme\Gemeinsame Dateien\Hewlett-Packard\HP Printer Utility DCS\AppInterfaces\HPPUDS.exe (Hewlett-Packard Company)
O4 - HKLM..\Run: [RegistryMechanic]  File not found
O4 - HKLM..\Run: [RunPUTasktray]  File not found
O4 - HKLM..\Run: [RunTasktray]  File not found
O4 - HKLM..\Run: [ScreenManager Pro for LCD] C:\Programme\EIZO\ScreenManager Pro for LCD\Lcdctrl.exe (EIZO NANAO CORPORATION)
O4 - HKLM..\Run: [SpyHunter Security Suite] C:\Programme\Enigma Software Group\SpyHunter\SpyHunter4.exe (Enigma Software Group USA, LLC.)
O4 - HKLM..\Run: [StartCCC] C:\Programme\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [SwitchBoard] C:\Programme\Gemeinsame Dateien\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [TrueImageMonitor.exe] C:\Programme\Acronis\TrueImageHome\TrueImageMonitor.exe (Acronis)
O4 - HKLM..\Run: [UMonit] C:\WINDOWS\system32\UMonit.exe ()
O4 - HKLM..\Run: [UpdReg] C:\WINDOWS\Updreg.EXE (Creative Technology Ltd.)
O4 - HKU\Harald_Sahling_ON_C..\Run: [Akamai NetSession Interface] C:\Dokumente und Einstellungen\Harald Sahling\Lokale Einstellungen\Anwendungsdaten\Akamai\netsession_win.exe (Akamai Technologies, Inc.)
O4 - HKU\Harald_Sahling_ON_C..\Run: [AmazonMP3DownloaderHelper] C:\Dokumente und Einstellungen\Harald Sahling\Lokale Einstellungen\Anwendungsdaten\Program Files\Amazon\MP3 Downloader\AmazonMP3DownloaderHelper.exe ()
O4 - HKU\Harald_Sahling_ON_C..\Run: [AnyDVD] C:\Programme\SlySoft\AnyDVD\AnyDVDtray.exe (SlySoft, Inc.)
O4 - HKU\Harald_Sahling_ON_C..\Run: [HP Officejet Pro 8600 (NET)] C:\Programme\HP\HP Officejet Pro 8600\Bin\ScanToPCActivationApp.exe (Hewlett-Packard Co.)
O4 - HKU\Harald_Sahling_ON_C..\Run: [HydraVisionDesktopManager] C:\Programme\ATI Technologies\ATI HYDRAVISION\HydraDM.exe (AMD)
O4 - HKU\Harald_Sahling_ON_C..\Run: [uTorrent] C:\Programme\uTorrent\uTorrent.exe (BitTorrent Inc.)
O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\Spyder3Utility.lnk = C:\Programme\Datacolor\Spyder3Elite\Utility\Spyder3Utility.exe ()
O4 - Startup: C:\Dokumente und Einstellungen\Harald Sahling\Startmenü\Programme\Autostart\Dropbox.lnk = C:\Dokumente und Einstellungen\Harald Sahling\Anwendungsdaten\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O4 - Startup: C:\Dokumente und Einstellungen\Harald Sahling\Startmenü\Programme\Autostart\explorer.lnk = X:\I386\SYSTEM32\RUNDLL32.EXE (Microsoft Corporation)
O4 - Startup: C:\Dokumente und Einstellungen\Harald Sahling\Startmenü\Programme\Autostart\PMCRemoteLauncher.lnk = C:\Dokumente und Einstellungen\Harald Sahling\Lokale Einstellungen\Anwendungsdaten\Pinnacle\TVC\Tools\PMCRemoteCtrl.exe (Pinnacle Systems)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\Harald_Sahling_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\Harald_Sahling_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun =  [binary data]
O7 - HKU\LocalService_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\NetworkService_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: An vorhandene PDF-Datei anfügen - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: In Adobe PDF konvertieren - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Linkziel an vorhandene PDF-Datei anhängen - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Linkziel in Adobe PDF konvertieren - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O9 - Extra 'Tools' menuitem : Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre6\bin\npjpi160_29.dll (Sun Microsystems, Inc.)
O9 - Extra Button: Bonjour - {7F9DB11C-E358-4ca6-A83D-ACC663939424} - C:\Programme\Bonjour\ExplorerPlugin.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {11260943-421B-11D0-8EAC-0000C07D88CF} hxxp://www.ipix.com/viewers/ipixx.cab (iPIX ActiveX Control)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} hxxp://go.microsoft.com/fwlink/?linkid=39204 (Windows Genuine Advantage Validation Tool)
O16 - DPF: {2DAD3559-2923-4935-AD49-B673D2539944} https://www-307.ibm.com/pc/support/access/aslibmain/content/AcpIR.cab (IASRunner Class)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} hxxp://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1176666679466 (WUWebControl Class)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} hxxp://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1274738872446 (MUWebControl Class)
O16 - DPF: {82774781-8F4E-11D1-AB1C-0000F8773BF0} https://transfers.ds.microsoft.com/FTM/TransferSource/grTransferCtrl.cab (DLC Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {C1FDEE68-98D5-4F42-A4DD-D0BECF5077EB} hxxp://tools.ebayimg.com/eps/wl/activex/eBay_Enhanced_Picture_Control_v1-0-31-0.cab (EPUImageControl Class)
O16 - DPF: {CAFEEFAC-0015-0000-0005-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_05-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_01-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.0.0.138
O18 - Protocol\Handler\HPDCS {ba135f49-a12c-4e26-a2c4-6ea945999072} - C:\Programme\Gemeinsame Dateien\Hewlett-Packard\HP Device Communication Services\APP\hpdcsapp.dll (Hewlett-Packard Company)
O18 - Protocol\Handler\hppfile {C4E2084B-ED27-4893-A43D-488CA3F370E2} - C:\Programme\Hewlett-Packard\HP Easy Printer Care\HPPCtrls.dll (Hewlett-Packard Company)
O18 - Protocol\Handler\hppsam {C4E2084B-ED27-4893-A43D-488CA3F370E2} - C:\Programme\Hewlett-Packard\HP Easy Printer Care\HPPCtrls.dll (Hewlett-Packard Company)
O18 - Protocol\Handler\HPPUDCS {522CC7E5-F378-4F97-8BD7-125D17F5B332} - C:\Programme\Gemeinsame Dateien\Hewlett-Packard\HP Printer Utility DCS\APP\hplidcsapp.dll (Hewlett-Packard Company)
O18 - Protocol\Handler\hppufile {4BCA8E33-E18F-4358-9F6F-3C7206BCF72F} - C:\Programme\Hewlett-Packard\HP Printer Utility\hpluCtrls.dll (Hewlett-Packard Company)
O18 - Protocol\Handler\hppusam {4BCA8E33-E18F-4358-9F6F-3C7206BCF72F} - C:\Programme\Hewlett-Packard\HP Printer Utility\hpluCtrls.dll (Hewlett-Packard Company)
O18 - Protocol\Handler\hppuzip {4BCA8E33-E18F-4358-9F6F-3C7206BCF72F} - C:\Programme\Hewlett-Packard\HP Printer Utility\hpluCtrls.dll (Hewlett-Packard Company)
O18 - Protocol\Handler\hppzip {C4E2084B-ED27-4893-A43D-488CA3F370E2} - C:\Programme\Hewlett-Packard\HP Easy Printer Care\HPPCtrls.dll (Hewlett-Packard Company)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} -  File not found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O24 - Desktop Components:0 (Die derzeitige Homepage) - About:Home
O28 - HKLM ShellExecuteHooks: {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Programme\Windows Desktop Search\MsnlNamespaceMgr.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2007/04/15 13:51:39 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2008/01/18 17:01:26 | 000,000,235 | ---- | M] () - E:\AUTORUN.INF -- [ FAT32 ]
O32 - AutoRun File - [2007/01/30 09:01:30 | 000,000,143 | R--- | M] () - G:\AUTORUN.INF -- [ CDFS ]
O32 - AutoRun File - [2006/03/24 07:06:41 | 000,000,053 | R--- | M] () - X:\AUTORUN.INF -- [ CDFS ]
O33 - MountPoints2\{92de9e13-7bee-11dd-98d0-000d3aa379a4}\Shell - "" = AutoRun
O33 - MountPoints2\{92de9e13-7bee-11dd-98d0-000d3aa379a4}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{92de9e13-7bee-11dd-98d0-000d3aa379a4}\Shell\AutoRun\command - "" = C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL SanDisk-Games.exe
O33 - MountPoints2\G\Shell - "" = AutoRun
O33 - MountPoints2\G\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\G\Shell\AutoRun\command - "" = G:\TVCenterPro.exe -- [2007/02/13 05:57:54 | 000,760,904 | R--- | M] (Pinnacle Systems)
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
O34 - HKLM BootExecute: (OODBS) - C:\WINDOWS\System32\OODBS.exe (O&O Software GmbH)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
========== Files/Folders - Created Within 30 Days ==========
 
[2014/05/26 03:48:33 | 000,000,000 | -HSD | C] -- C:\WINDOWS\CSC
[2014/05/26 03:19:29 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\72708163A29C273D7EF0E798417733CC
[2014/05/16 02:10:49 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Harald Sahling\Desktop\Steidl
[2014/05/13 21:03:44 | 000,000,000 | ---D | C] -- C:\Programme\Gemeinsame Dateien\DESIGNER
[2007/11/22 15:25:40 | 000,017,376 | ---- | C] (         ) -- C:\WINDOWS\System32\drivers\GT680X.SYS
[2001/09/19 08:32:26 | 000,065,536 | R--- | C] ( ) -- C:\WINDOWS\System32\A3d.dll
[6 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[2 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2014/05/26 05:31:00 | 000,000,244 | ---- | M] () -- C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job
[2014/05/26 05:25:39 | 000,001,065 | ---- | M] () -- C:\Dokumente und Einstellungen\Harald Sahling\Startmenü\Programme\Autostart\Dropbox.lnk
[2014/05/26 05:24:00 | 000,000,884 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2014/05/26 05:22:12 | 000,001,075 | ---- | M] () -- C:\Dokumente und Einstellungen\Harald Sahling\Desktop\Dropbox.lnk
[2014/05/26 05:12:34 | 000,012,598 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2014/05/26 05:10:46 | 000,000,240 | ---- | M] () -- C:\WINDOWS\tasks\Ende des Supports für Microsoft Windows XP –  Benachrichtigung – Anmeldung.job
[2014/05/26 05:10:44 | 000,000,334 | ---- | M] () -- C:\WINDOWS\tasks\ROC_JAN2013_TB_rmv.job
[2014/05/26 05:10:43 | 000,000,334 | ---- | M] () -- C:\WINDOWS\tasks\ROC_PAID_JAN2013_TB_rmv.job
[2014/05/26 05:10:26 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2014/05/26 05:10:12 | 000,148,992 | ---- | M] () -- C:\WINDOWS\System32\OODBS.lor
[2014/05/26 04:10:00 | 000,000,448 | ---- | M] () -- C:\WINDOWS\tasks\At1.job
[2014/05/26 04:08:57 | 000,001,971 | ---- | M] () -- C:\Dokumente und Einstellungen\Harald Sahling\Desktop\SpyHunter.lnk
[2014/05/26 03:29:20 | 000,000,341 | ---- | M] () -- C:\Dokumente und Einstellungen\Harald Sahling\Desktop\TVCenter Pro.lnk
[2014/05/26 03:19:30 | 000,000,818 | ---- | M] () -- C:\Dokumente und Einstellungen\Harald Sahling\Startmenü\Programme\Autostart\explorer.lnk
[2014/05/25 20:00:00 | 000,000,364 | ---- | M] () -- C:\WINDOWS\tasks\AdobeAAMUpdater-1.0-INTELLISTATION1-Harald Sahling.job
[2014/05/25 14:40:00 | 000,000,448 | ---- | M] () -- C:\WINDOWS\tasks\At2.job
[2014/05/25 13:06:00 | 000,000,448 | ---- | M] () -- C:\WINDOWS\tasks\At3.job
[2014/05/25 08:00:00 | 000,000,448 | ---- | M] () -- C:\WINDOWS\tasks\At4.job
[2014/05/21 03:37:55 | 000,000,698 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\AVG 2014.lnk
[2014/05/21 03:37:55 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\AVG Eigenständige Version von Link Scanner
[2014/05/13 08:17:24 | 000,237,848 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avglogx.sys
[2014/05/13 08:17:22 | 000,210,200 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgtdix.sys
[2014/05/13 08:17:20 | 000,149,784 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgidshx.sys
[2014/05/11 09:01:00 | 000,000,234 | ---- | M] () -- C:\WINDOWS\tasks\Ende des Supports für Microsoft Windows XP – Monatliche Benachrichtigung.job
[2014/04/30 04:13:01 | 006,022,144 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mshtml.dll
[6 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[2 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2014/05/26 03:29:17 | 000,000,341 | ---- | C] () -- C:\Dokumente und Einstellungen\Harald Sahling\Desktop\TVCenter Pro.lnk
[2014/05/26 03:19:30 | 000,000,818 | ---- | C] () -- C:\Dokumente und Einstellungen\Harald Sahling\Startmenü\Programme\Autostart\explorer.lnk
[2014/04/14 17:47:04 | 000,014,232 | ---- | C] () -- C:\WINDOWS\System32\sh4native.exe
[2014/04/14 08:38:39 | 000,010,498 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\lpm.dat
[2014/02/22 16:04:19 | 000,001,456 | ---- | C] () -- C:\Dokumente und Einstellungen\Harald Sahling\Lokale Einstellungen\Anwendungsdaten\Adobe Save for Web 12.0 Prefs
[2014/02/09 07:40:02 | 000,000,132 | ---- | C] () -- C:\Dokumente und Einstellungen\Harald Sahling\Anwendungsdaten\Adobe PNG Format CS5 Prefs
[2013/09/21 06:05:14 | 000,000,032 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\zprib.ini
[2013/04/18 16:01:04 | 000,266,643 | ---- | C] () -- C:\WINDOWS\hpwins22.dat.temp
[2013/02/21 05:04:38 | 002,302,976 | ---- | C] () -- C:\Dokumente und Einstellungen\Harald Sahling\backup.pst
[2013/02/03 05:20:06 | 000,000,132 | ---- | C] () -- C:\Dokumente und Einstellungen\Harald Sahling\Anwendungsdaten\Adobe BMP Format CS5 Prefs
[2012/12/12 22:26:50 | 002,821,083 | ---- | C] () -- C:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\Anwendungsdaten\WPFFontCache_v0400-S-1-5-21-1547161642-602162358-725345543-1003-0.dat
[2012/12/08 07:37:15 | 000,414,914 | ---- | C] () -- C:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\Anwendungsdaten\WPFFontCache_v0400-System.dat
[2012/11/13 14:04:13 | 000,000,057 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Ament.ini
[2012/10/31 03:53:27 | 000,000,741 | ---- | C] () -- C:\WINDOWS\XMLEditor4.INI
[2012/09/03 02:22:34 | 000,139,264 | ---- | C] () -- C:\WINDOWS\System32\ustor.dll
[2012/09/03 02:22:34 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\UMonit.exe
[2012/09/03 02:22:05 | 000,172,097 | ---- | C] () -- C:\WINDOWS\System32\NoMSGuninstall.exe
[2012/09/03 02:22:05 | 000,000,807 | ---- | C] () -- C:\WINDOWS\System32\ProductName.ini
[2012/09/03 02:22:04 | 000,001,519 | ---- | C] () -- C:\WINDOWS\System32\_IconCfg0.ini
[2012/09/03 02:22:04 | 000,000,187 | ---- | C] () -- C:\WINDOWS\System32\IconCfg0.ini
[2012/06/22 05:01:32 | 000,019,984 | ---- | C] () -- C:\WINDOWS\System32\ESGScanner.sys
[2012/06/22 05:01:32 | 000,019,984 | ---- | C] () -- C:\WINDOWS\System32\drivers\EsgScanner.sys
[2012/05/09 17:22:28 | 000,001,769 | ---- | C] () -- C:\WINDOWS\Language_trs.ini
[2012/05/09 17:22:22 | 000,025,804 | ---- | C] () -- C:\WINDOWS\Ascd_tmp.ini
[2012/05/09 17:22:21 | 000,010,296 | ---- | C] () -- C:\WINDOWS\System32\drivers\ASUSHWIO.SYS
[2012/01/26 16:54:37 | 000,005,120 | ---- | C] () -- C:\Dokumente und Einstellungen\NetworkService\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012/01/26 16:54:37 | 000,001,324 | ---- | C] () -- C:\Dokumente und Einstellungen\NetworkService\Lokale Einstellungen\Anwendungsdaten\d3d9caps.dat
[2011/05/16 17:01:19 | 000,000,038 | ---- | C] () -- C:\WINDOWS\avisplitter.ini
[2010/03/24 02:23:57 | 000,023,671 | ---- | C] () -- C:\WINDOWS\hpqins15.dat
[2009/12/26 12:31:15 | 015,376,384 | ---- | C] () -- C:\Dokumente und Einstellungen\Harald Sahling\s-1-5-21-1547161642-602162358-725345543-1003.rrr
[2009/12/26 12:31:14 | 000,241,664 | ---- | C] () -- C:\Dokumente und Einstellungen\LocalService\s-1-5-19.rrr
[2009/12/26 12:31:14 | 000,233,472 | ---- | C] () -- C:\Dokumente und Einstellungen\NetworkService\s-1-5-20.rrr
[2009/12/26 11:44:46 | 000,078,195 | ---- | C] () -- C:\WINDOWS\hpqins05.dat
[2009/09/12 19:15:20 | 000,335,872 | ---- | C] () -- C:\WINDOWS\System32\m4atag.dll
[2009/09/12 14:19:40 | 000,000,078 | ---- | C] () -- C:\Dokumente und Einstellungen\Harald Sahling\rpdeluxe.properties
[2009/08/03 09:07:42 | 000,403,816 | ---- | C] () -- C:\WINDOWS\System32\OGACheckControl.dll
[2009/08/03 09:07:42 | 000,230,768 | ---- | C] () -- C:\WINDOWS\System32\OGAEXEC.exe
[2009/07/14 17:50:18 | 000,027,648 | ---- | C] () -- C:\WINDOWS\System32\AVSredirect.dll
[2009/07/02 16:46:02 | 000,002,850 | ---- | C] () -- C:\WINDOWS\hpwmdl22.dat.temp
[2009/02/21 16:46:30 | 000,000,000 | ---- | C] () -- C:\WINDOWS\ativpsrm.bin
[2008/12/10 17:29:14 | 003,107,788 | ---- | C] () -- C:\WINDOWS\System32\ativva5x.dat
[2008/12/10 17:29:14 | 000,887,724 | ---- | C] () -- C:\WINDOWS\System32\ativva6x.dat
[2008/11/24 02:26:00 | 000,037,027 | ---- | C] () -- C:\WINDOWS\atmoUn.exe
[2008/10/20 16:54:32 | 000,000,037 | ---- | C] () -- C:\WINDOWS\ipixActivex.ini
[2008/05/26 17:23:36 | 000,016,834 | ---- | C] () -- C:\WINDOWS\System32\gthrctr.ini
[2008/05/26 17:23:34 | 000,024,188 | ---- | C] () -- C:\WINDOWS\System32\idxcntrs.ini
[2008/05/26 17:23:32 | 000,016,568 | ---- | C] () -- C:\WINDOWS\System32\gsrvctr.ini
[2008/05/26 16:59:42 | 000,018,904 | ---- | C] () -- C:\WINDOWS\System32\structuredqueryschematrivial.bin
[2008/05/26 16:59:40 | 000,106,605 | ---- | C] () -- C:\WINDOWS\System32\structuredqueryschema.bin
[2008/05/23 07:40:11 | 000,363,520 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2008/03/19 10:26:52 | 000,012,288 | ---- | C] () -- C:\WINDOWS\System32\drivers\Spyder3.sys
[2007/11/29 05:17:42 | 000,000,023 | ---- | C] () -- C:\WINDOWS\PenPowerTS863.INI
[2007/11/22 15:26:17 | 000,708,608 | ---- | C] () -- C:\WINDOWS\SnapShow.exe
[2007/11/22 15:26:17 | 000,360,769 | ---- | C] () -- C:\WINDOWS\System32\drivers\Capt930b.sys
[2007/11/22 15:26:17 | 000,151,552 | ---- | C] () -- C:\WINDOWS\SnapTrap.exe
[2007/11/22 15:26:17 | 000,025,340 | ---- | C] () -- C:\WINDOWS\System32\drivers\Camd930b.sys
[2007/11/22 15:26:17 | 000,015,365 | ---- | C] () -- C:\WINDOWS\930TwCfg.INI
[2007/11/22 15:26:15 | 000,049,152 | ---- | C] () -- C:\WINDOWS\AutoSet.dll
[2007/11/22 15:25:40 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\AutoSet.dll
[2007/10/28 17:45:11 | 000,000,756 | ---- | C] () -- C:\WINDOWS\hpntwksetup.ini
[2007/07/29 08:10:08 | 000,001,125 | ---- | C] () -- C:\WINDOWS\winamp.ini
[2007/06/22 18:10:54 | 000,000,125 | -HS- | C] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\.zreglib
[2007/06/19 18:51:00 | 000,000,163 | ---- | C] () -- C:\WINDOWS\System32\AddPort.ini
[2007/06/19 18:48:48 | 000,000,021 | ---- | C] () -- C:\WINDOWS\hpdjz3100.ini
[2007/06/19 18:45:11 | 000,000,011 | ---- | C] () -- C:\WINDOWS\hplj5200m.ini
[2007/05/20 04:54:49 | 000,059,904 | ---- | C] () -- C:\Dokumente und Einstellungen\Harald Sahling\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2007/05/19 15:09:44 | 000,000,151 | ---- | C] () -- C:\WINDOWS\PhotoSnapViewer.INI
[2007/05/05 13:02:42 | 000,004,212 | -H-- | C] () -- C:\WINDOWS\System32\zllictbl.dat
[2007/05/05 10:31:09 | 000,005,627 | R--- | C] () -- C:\WINDOWS\System32\Ludap17.ini
[2007/05/05 10:31:09 | 000,000,039 | R--- | C] () -- C:\WINDOWS\System32\ctzapxx.ini
[2007/05/02 20:17:53 | 000,000,074 | ---- | C] () -- C:\WINDOWS\iltwain.ini
[2007/05/01 18:14:19 | 000,000,230 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2007/05/01 16:47:21 | 000,000,000 | ---- | C] () -- C:\WINDOWS\OpPrintServer.INI
[2007/04/16 18:30:10 | 000,000,020 | -H-- | C] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\PKP_DLea.DAT
[2007/04/16 03:34:35 | 000,242,688 | ---- | C] () -- C:\WINDOWS\System32\ISP2003.dll
[2007/04/16 03:22:26 | 000,000,400 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2007/04/15 21:37:21 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2007/04/15 14:35:02 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2007/04/15 14:34:04 | 003,695,568 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2007/04/15 13:54:11 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2007/04/15 13:48:16 | 000,021,740 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2007/03/26 09:14:54 | 000,126,976 | ---- | C] () -- C:\WINDOWS\System32\HPDevEnm.dll
[2007/02/16 18:48:38 | 003,107,788 | ---- | C] () -- C:\WINDOWS\System32\ativvaxx.dat
[2006/11/24 12:09:58 | 000,180,720 | ---- | C] () -- C:\WINDOWS\System32\atiicdxx.dat
[2005/05/03 07:38:42 | 000,064,512 | R--- | C] () -- C:\WINDOWS\System32\P17.dll
[2003/10/02 06:48:18 | 000,053,248 | R--- | C] () -- C:\WINDOWS\System32\P17CPI.dll
[2001/08/23 08:00:00 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2001/08/23 08:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2001/08/23 08:00:00 | 000,596,696 | ---- | C] () -- C:\WINDOWS\System32\perfh007.dat
[2001/08/23 08:00:00 | 000,542,976 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2001/08/23 08:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2001/08/23 08:00:00 | 000,269,480 | ---- | C] () -- C:\WINDOWS\System32\perfi007.dat
[2001/08/23 08:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2001/08/23 08:00:00 | 000,127,792 | ---- | C] () -- C:\WINDOWS\System32\perfc007.dat
[2001/08/23 08:00:00 | 000,097,500 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2001/08/23 08:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2001/08/23 08:00:00 | 000,034,478 | ---- | C] () -- C:\WINDOWS\System32\perfd007.dat
[2001/08/23 08:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2001/08/23 08:00:00 | 000,004,463 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2001/08/23 08:00:00 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin
[2001/08/23 08:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2001/07/06 10:30:00 | 000,003,254 | ---- | C] () -- C:\WINDOWS\System32\HPTCPMON.INI
[1997/06/14 04:56:08 | 000,056,832 | ---- | C] () -- C:\WINDOWS\System32\iyvu9_32.dll
 
========== LOP Check ==========
 
[2012/10/30 13:17:20 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\LocalService\Anwendungsdaten\Samsung
[2009/03/05 20:33:17 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Harald Sahling\Anwendungsdaten\.BitTornado
[2007/04/16 19:11:25 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Harald Sahling\Anwendungsdaten\ACD Systems
[2012/06/24 12:32:21 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Harald Sahling\Anwendungsdaten\Acronis
[2013/06/20 02:18:54 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Harald Sahling\Anwendungsdaten\Amazon
[2009/12/05 13:04:12 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Harald Sahling\Anwendungsdaten\AnvSoft
[2009/07/29 04:58:08 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Harald Sahling\Anwendungsdaten\Any Video Converter Professional
[2012/10/11 15:28:04 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Harald Sahling\Anwendungsdaten\AskToolbar
[2013/09/26 10:25:10 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Harald Sahling\Anwendungsdaten\AVG2014
[2010/04/14 21:25:30 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Harald Sahling\Anwendungsdaten\AVG9
[2007/05/17 08:33:56 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Harald Sahling\Anwendungsdaten\CD-LabelPrint
[2014/01/06 10:09:49 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Harald Sahling\Anwendungsdaten\chc
[2014/01/06 10:09:51 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Harald Sahling\Anwendungsdaten\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2011/12/18 17:35:11 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Harald Sahling\Anwendungsdaten\DDMSettings
[2014/05/26 05:25:44 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Harald Sahling\Anwendungsdaten\Dropbox
[2014/05/26 05:25:35 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Harald Sahling\Anwendungsdaten\DropboxMaster
[2013/11/05 18:07:34 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Harald Sahling\Anwendungsdaten\dRS4photo
[2010/11/14 09:31:01 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Harald Sahling\Anwendungsdaten\dRS4photo.CC441639FAB643879327A3CEA2D410C2594D7DBE.1
[2014/05/18 12:25:05 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Harald Sahling\Anwendungsdaten\FileZilla
[2012/11/07 05:45:49 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Harald Sahling\Anwendungsdaten\Jablotron
[2012/06/24 11:26:33 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Harald Sahling\Anwendungsdaten\netdesigner
[2007/04/16 18:46:43 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Harald Sahling\Anwendungsdaten\Nikon
[2007/09/23 10:08:47 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Harald Sahling\Anwendungsdaten\Opera
[2012/10/30 13:16:49 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Harald Sahling\Anwendungsdaten\Samsung
[2007/06/23 21:34:25 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Harald Sahling\Anwendungsdaten\SlySoft
[2013/07/24 09:01:07 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Harald Sahling\Anwendungsdaten\TeamViewer
[2014/05/26 05:16:53 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Harald Sahling\Anwendungsdaten\uTorrent
[2010/11/12 16:43:51 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Harald Sahling\Anwendungsdaten\Windows Desktop Search
[2011/03/06 08:44:20 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Harald Sahling\Anwendungsdaten\Windows Search
[2014/05/26 03:19:29 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\72708163A29C273D7EF0E798417733CC
[2013/10/31 01:56:41 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\ACD Systems
[2013/09/08 03:26:49 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Acronis
[2008/01/18 05:17:33 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Avery
[2013/09/26 10:23:27 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\AVG2014
[2012/05/08 17:28:18 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\avg9
[2007/05/01 16:46:24 | 000,000,000 | -H-D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\CanonBJ
[2011/03/15 03:48:47 | 000,000,000 | -H-D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Common Files
[2007/11/22 15:31:38 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\DriverInfo
[2007/08/05 12:32:21 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Elaborate Bytes
[2007/04/16 18:30:10 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\EnterNHelp
[2011/01/29 18:26:04 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\InstallMate
[2008/07/10 15:27:15 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\MailFrontier
[2014/05/26 03:32:22 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\MFAData
[2009/02/04 13:53:54 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Nikon
[2007/12/30 07:44:38 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Phase One
[2008/05/23 07:41:03 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Pinnacle
[2012/08/20 14:28:53 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\regid.1986-12.com.adobe
[2007/06/22 18:11:51 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\SlySoft
[2009/12/12 15:45:36 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TEMP
[2007/04/16 18:30:10 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Ultima_T15
[2008/11/24 02:25:55 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Viewpoint
[2014/05/26 04:10:00 | 000,000,448 | ---- | M] () -- C:\WINDOWS\Tasks\At1.job
[2014/05/25 14:40:00 | 000,000,448 | ---- | M] () -- C:\WINDOWS\Tasks\At2.job
[2014/05/25 13:06:00 | 000,000,448 | ---- | M] () -- C:\WINDOWS\Tasks\At3.job
[2014/05/25 08:00:00 | 000,000,448 | ---- | M] () -- C:\WINDOWS\Tasks\At4.job
[2014/05/26 05:10:46 | 000,000,240 | ---- | M] () -- C:\WINDOWS\Tasks\Ende des Supports für Microsoft Windows XP –  Benachrichtigung – Anmeldung.job
[2014/05/11 09:01:00 | 000,000,234 | ---- | M] () -- C:\WINDOWS\Tasks\Ende des Supports für Microsoft Windows XP – Monatliche Benachrichtigung.job
[2014/05/26 05:10:44 | 000,000,334 | ---- | M] () -- C:\WINDOWS\Tasks\ROC_JAN2013_TB_rmv.job
[2014/05/26 05:10:43 | 000,000,334 | ---- | M] () -- C:\WINDOWS\Tasks\ROC_PAID_JAN2013_TB_rmv.job
[2014/05/26 05:31:00 | 000,000,244 | ---- | M] () -- C:\WINDOWS\Tasks\Scheduled Update for Ask Toolbar.job
 
========== Purity Check ==========
 
 
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 48 bytes -> C:\WINDOWS:485C605C8F59BA9C
@Alternate Data Stream - 171 bytes -> C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TEMP:661DFA1C
< End of report >
         
und dann versucht in Analogie die schadhaften Dateien zu verschieben
Teil 1
Code:
ATTFilter
========== OTL ==========
Registry key HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\winmgmt deleted successfully.
C:\DOKUME~1\ALLUSE~1\ANWEND~1\72708163A29C273D7EF0E798417733CC\hclg9dol.cpp moved successfully.
========== COMMANDS ==========
 
[EMPTYTEMP]
 
User: All Users
 
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes
 
User: Gast
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
 
User: Gast.INTELLISTATION1
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
 
User: Harald Sahling
->Temp folder emptied: 2868348 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Java cache emptied: 0 bytes
->Flash cache emptied: 0 bytes
 
User: LocalService
->Temp folder emptied: 66016 bytes
->Temporary Internet Files folder emptied: 33170 bytes
 
User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
 
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 46937 bytes
 
Total Files Cleaned = 3.00 mb
 
 
OTLPE by OldTimer - Version 3.1.48.0 log created on 05262014_150929
         
Teil 2
Code:
ATTFilter
========== OTL ==========
File move failed. C:\Dokumente und Einstellungen\Harald Sahling\Startmenü\Programme\Autostart\explorer.lnk scheduled to be moved on reboot.
File move failed. X:\I386\SYSTEM32\RUNDLL32.EXE scheduled to be moved on reboot.
========== COMMANDS ==========
 
OTLPE by OldTimer - Version 3.1.48.0 log created on 05262014_133538

Files\Folders moved on Reboot...
File\Folder C:\Dokumente und Einstellungen\Harald Sahling\Startmenü\Programme\Autostart\explorer.lnk not found!
File\Folder X:\I386\SYSTEM32\RUNDLL32.EXE not found!

Registry entries deleted on Reboot...
         
Teil 3
Code:
ATTFilter
========== OTL ==========
C:\Dokumente und Einstellungen\Harald Sahling\Desktop\TVCenter Pro.lnk moved successfully.
C:\Dokumente und Einstellungen\Harald Sahling\Startmenü\Programme\Autostart\explorer.lnk moved successfully.
========== COMMANDS ==========
 
[EMPTYTEMP]
 
User: All Users
 
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Flash cache emptied: 57472 bytes
 
User: Gast
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 402 bytes
 
User: Gast.INTELLISTATION1
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 402 bytes
 
User: Harald Sahling
->Temp folder emptied: 68389785 bytes
->Temporary Internet Files folder emptied: 1033119907 bytes
->Java cache emptied: 67777547 bytes
->Flash cache emptied: 83677 bytes
 
User: LocalService
->Temp folder emptied: 66016 bytes
->Temporary Internet Files folder emptied: 84613 bytes
 
User: NetworkService
->Temp folder emptied: 66016 bytes
->Temporary Internet Files folder emptied: 63663 bytes
 
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 1319838 bytes
%systemroot%\System32 .tmp files removed: 721287 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 174303515 bytes
 
Total Files Cleaned = 1,284.00 mb
 
 
OTLPE by OldTimer - Version 3.1.48.0 log created on 05262014_133017
         
Das ist der aktuelle Scan (nach Anwendung obiger moves)
Code:
ATTFilter
OTL logfile created on: 5/26/2014 3:02:51 PM - Run 
OTLPE by OldTimer - Version 3.1.48.0     Folder = X:\Programs\OTLPE
Microsoft Windows XP Service Pack 3 (Version = 5.1.2600) - Type = SYSTEM
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000C07 | Country: Österreich | Language: DEA | Date Format: dd.MM.yyyy
 
3.00 Gb Total Physical Memory | 3.00 Gb Available Physical Memory | 92.00% Memory free
3.00 Gb Paging File | 3.00 Gb Available in Paging File | 98.00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 136.73 Gb Total Space | 78.83 Gb Free Space | 57.65% Space Free | Partition Type: NTFS
Drive D: | 34.25 Gb Total Space | 0.39 Gb Free Space | 1.13% Space Free | Partition Type: NTFS
Drive E: | 978.07 Mb Total Space | 733.52 Mb Free Space | 75.00% Space Free | Partition Type: FAT32
Drive F: | 1397.26 Gb Total Space | 26.76 Gb Free Space | 1.92% Space Free | Partition Type: NTFS
Drive G: | 2.62 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
Drive X: | 436.59 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
 
Computer Name: REATOGO | User Name: SYSTEM
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
Using ControlSet: ControlSet002
 
========== Win32 Services (SafeList) ==========
 
SRV - [2014/05/26 03:19:29 | 000,157,696 | ---- | M] () [Auto] -- C:\DOKUME~1\ALLUSE~1\ANWEND~1\72708163A29C273D7EF0E798417733CC\hclg9dol.cpp -- (winmgmt)
SRV - [2014/05/13 08:15:28 | 000,292,424 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto] -- C:\Programme\AVG\AVG2014\avgwdsvc.exe -- (avgwd)
SRV - [2014/01/09 01:17:38 | 000,770,432 | ---- | M] (Enigma Software Group USA, LLC.) [Auto] -- C:\Programme\Enigma Software Group\SpyHunter\SH4Service.exe -- (SpyHunter 4 Service)
SRV - [2013/08/09 01:45:48 | 000,257,416 | ---- | M] (Adobe Systems Incorporated) [On_Demand] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013/02/22 07:32:59 | 002,849,120 | ---- | M] (TeamViewer GmbH) [Auto] -- C:\Programme\TeamViewer\Version7\TeamViewer_Service.exe -- (TeamViewer7)
SRV - [2012/06/24 12:30:55 | 003,442,640 | ---- | M] (Acronis) [Auto] -- C:\Programme\Gemeinsame Dateien\Acronis\CDP\afcdpsrv.exe -- (afcdpsrv)
SRV - [2012/03/02 12:00:26 | 000,025,504 | ---- | M] (Samsung Electronics Co., Ltd.) [Auto] -- C:\Programme\Samsung\AllShare\AllShareDMS\AllShareDMS.exe -- (SamsungAllShareV2.0)
SRV - [2012/03/02 12:00:20 | 000,027,584 | ---- | M] (Samsung Electronics Co., Ltd.) [On_Demand] -- C:\Programme\Samsung\AllShare\AllShareSlideShowService.exe -- (SimpleSlideShowServer)
SRV - [2011/08/05 06:14:10 | 006,495,504 | ---- | M] (Acronis) [Auto] -- C:\Programme\Gemeinsame Dateien\Acronis\SyncAgent\syncagentsrv.exe -- (syncagentsrv)
SRV - [2011/08/05 06:13:14 | 000,809,192 | ---- | M] (Acronis) [Auto] -- C:\Programme\Gemeinsame Dateien\Acronis\Schedule2\schedul2.exe -- (AcrSch2Svc)
SRV - [2011/07/22 08:26:40 | 000,690,472 | ---- | M] (Nero AG) [Auto] -- C:\Programme\Nero\Update\NASvc.exe -- (NAUpdate)
SRV - [2011/07/19 23:18:24 | 000,440,696 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE12\ODSERV.EXE -- (odserv)
SRV - [2010/02/19 07:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand] -- C:\Programme\Gemeinsame Dateien\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)
SRV - [2009/08/18 05:29:22 | 001,529,728 | ---- | M] (Microsoft Corporation) [Auto] -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\Windows Live\WLIDSVC.EXE -- (wlidsvc)
SRV - [2006/10/26 09:03:08 | 000,145,184 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE -- (ose)
SRV - [2006/10/26 08:40:34 | 000,335,872 | ---- | M] (Microsoft Corporation) [Auto] -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7DEBUG\mdm.exe -- (MDM)
SRV - [2005/05/10 21:09:54 | 000,225,280 | ---- | M] (O&O Software GmbH) [Auto] -- C:\WINDOWS\system32\oodag.exe -- (O&O Defrag)
SRV - [2004/10/21 22:24:18 | 000,073,728 | ---- | M] (Macrovision Corporation) [On_Demand] -- C:\Programme\Gemeinsame Dateien\InstallShield\Driver\1050\Intel 32\IDriverT.exe -- (IDriverT)
 
 
========== Driver Services (SafeList) ==========
 
DRV - File not found [Kernel | On_Demand] --  -- (WDICA)
DRV - File not found [Kernel | On_Demand] --  -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand] --  -- (PDRELI)
DRV - File not found [Kernel | On_Demand] --  -- (PDFRAME)
DRV - File not found [Kernel | On_Demand] --  -- (PDCOMP)
DRV - File not found [Kernel | On_Demand] --  -- (Pcouffin)
DRV - File not found [Kernel | System] --  -- (PCIDump)
DRV - File not found [Kernel | System] --  -- (lbrtfdc)
DRV - File not found [Kernel | System] --  -- (i2omgmt)
DRV - File not found [Kernel | System] --  -- (Changer)
DRV - [2014/05/13 08:17:24 | 000,237,848 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot] -- C:\WINDOWS\system32\drivers\avglogx.sys -- (Avglogx)
DRV - [2014/05/13 08:17:22 | 000,210,200 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System] -- C:\WINDOWS\system32\drivers\avgtdix.sys -- (Avgtdix)
DRV - [2014/05/13 08:17:20 | 000,149,784 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot] -- C:\WINDOWS\system32\drivers\avgidshx.sys -- (AVGIDSHX)
DRV - [2014/01/06 21:48:42 | 000,012,288 | ---- | M] () [Kernel | On_Demand] -- C:\Programme\Enigma Software Group\SpyHunter\esgiguard.sys -- (esgiguard)
DRV - [2012/06/24 12:31:01 | 000,234,752 | ---- | M] (Acronis) [File_System | On_Demand] -- C:\WINDOWS\system32\drivers\afcdp.sys -- (afcdp)
DRV - [2012/06/24 12:30:42 | 000,766,208 | ---- | M] (Acronis) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\tdrpman.sys -- (tdrpman)
DRV - [2012/06/24 12:30:37 | 000,609,760 | ---- | M] (Acronis) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\timntr.sys -- (timounter)
DRV - [2012/06/24 12:30:17 | 000,126,112 | ---- | M] (Acronis) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\vididr.sys -- (vididr)
DRV - [2012/06/24 12:30:13 | 000,084,512 | ---- | M] (Acronis) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\vsflt58.sys -- (vidsflt58) Acronis Disk Storage Filter (58)
DRV - [2012/06/24 12:30:08 | 000,170,496 | ---- | M] (Acronis) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\snapman.sys -- (snapman)
DRV - [2012/06/24 12:30:03 | 000,076,768 | ---- | M] (Acronis) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\fltsrv.sys -- (fltsrv)
DRV - [2012/06/22 05:01:32 | 000,019,984 | ---- | M] () [File_System | On_Demand] -- C:\WINDOWS\system32\drivers\EsgScanner.sys -- (EsgScanner)
DRV - [2012/05/01 19:35:17 | 000,121,208 | ---- | M] (SlySoft, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\AnyDVD.sys -- (AnyDVD)
DRV - [2011/07/13 07:39:10 | 000,056,496 | ---- | M] (Nero AG) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\NBVol.sys -- (NBVol)
DRV - [2011/07/13 07:39:10 | 000,012,464 | ---- | M] (Nero AG) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\NBVolUp.sys -- (NBVolUp)
DRV - [2011/05/18 01:49:32 | 000,054,784 | ---- | M] (GenesysLogic) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\GeneStor.sys -- (GeneStor)
DRV - [2011/05/06 06:42:22 | 000,086,912 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\AssmannUDSMBus.sys -- (AssmannUDSMBus)
DRV - [2011/05/06 06:37:08 | 000,139,648 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\AssmannUDSTcpBus.sys -- (AssmannUDSTcpBus)
DRV - [2010/07/28 18:25:42 | 000,025,112 | ---- | M] (Initio Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ivusb.sys -- (ivusb)
DRV - [2010/04/28 02:44:02 | 000,054,760 | ---- | M] (Microsoft Corporation) [Kernel | Auto] -- C:\WINDOWS\system32\drivers\fssfltr_tdi.sys -- (fssfltr)
DRV - [2009/02/12 03:23:10 | 003,489,280 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2008/04/13 14:46:22 | 000,015,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\mpe.sys -- (MPE)
DRV - [2008/04/13 14:45:33 | 000,011,520 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\scsiscan.sys -- (scsiscan)
DRV - [2007/12/12 08:11:08 | 000,012,288 | ---- | M] () [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\Spyder3.sys -- (Spyder3)
DRV - [2007/12/10 18:53:34 | 000,554,240 | ---- | M] (DiBcom SA) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\mod7700.sys -- (mod7700)
DRV - [2007/11/09 04:07:34 | 000,013,824 | ---- | M] (DiBcom S.A.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\modrc.sys -- (MODRC)
DRV - [2006/09/20 12:38:26 | 000,207,152 | ---- | M] (Silicon Image, Inc) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\Si3124r5.sys -- (Si3124r5)
DRV - [2006/08/28 20:10:06 | 000,158,208 | R--- | M] (Broadcom Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\b57xp32.sys -- (b57w2k)
DRV - [2006/07/13 13:42:42 | 000,017,328 | ---- | M] (Silicon Image, Inc.) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\SiWinAcc.sys -- (SiFilter)
DRV - [2005/07/07 04:14:30 | 001,389,056 | R--- | M] (Creative Technology Ltd.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\P17.sys -- (P17)
DRV - [2005/01/10 06:15:30 | 000,106,496 | R--- | M] (Creative Technology Ltd.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ctoss2k.sys -- (ossrv)
DRV - [2005/01/10 06:15:24 | 000,138,752 | R--- | M] (Creative Technology Ltd) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ctsfm2k.sys -- (ctsfm2k)
DRV - [2004/02/03 10:17:46 | 000,100,881 | ---- | M] (Silicon Image, Inc) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\SI3124r.sys -- (SI3124r)
DRV - [2003/05/23 07:49:20 | 000,037,760 | ---- | M] (LSI Logic) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\symmpi.sys -- (symmpi)
DRV - [2002/04/02 10:30:16 | 000,033,024 | ---- | M] (Colorvision Inc) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\cvspydr2.sys -- (cvspydr2)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
 
 
IE - HKU\.DEFAULT\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - Reg Error: Key error. File not found
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\Harald_Sahling_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
IE - HKU\Harald_Sahling_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\Harald_Sahling_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local;<local>
 
IE - HKU\LocalService_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\NetworkService_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Content Upload Plugin,version=1.0.0: C:\Programme\DivX\DivX Content Uploader\npUpload.dll (DivX,Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0:  
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Programme\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Web Player Plug-In,version=1.0.0: C:\Programme\DivX\DivX Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Programme\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Programme\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpWinExt,version=5.0: C:\Programme\MSN Toolbar\Platform\5.0.1449.0\npwinext.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Programme\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8117.0416: C:\Programme\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@Nero.com/KM: C:\Programme\Gemeinsame Dateien\Nero\BrowserPlugin\npBrowserPlugin.dll (Nero AG)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3:  
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9:  
FF - HKLM\Software\MozillaPlugins\@viewpoint.com/VMP: C:\Programme\Viewpoint\Viewpoint Media Player\npViewpoint.dll ()
FF - HKLM\Software\MozillaPlugins\Adobe Acrobat: C:\Programme\Adobe\Acrobat 10.0\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@citrixonline.com/appdetectorplugin: C:\Dokumente und Einstellungen\Harald Sahling\Lokale Einstellungen\Anwendungsdaten\Citrix\Plugins\104\npappdetector.dll (Citrix Online)
FF - HKCU\Software\MozillaPlugins\amazon.com/AmazonMP3DownloaderPlugin: C:\Dokumente und Einstellungen\Harald Sahling\Lokale Einstellungen\Anwendungsdaten\Program Files\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin10181.dll (Amazon.com, Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\web2pdfextension@web2pdf.adobedotcom: C:\Programme\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn [2014/04/10 02:25:07 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\msntoolbar@msn.com: C:\Programme\MSN Toolbar\Platform\5.0.1449.0\Firefox [2013/07/24 17:04:15 | 000,000,000 | ---D | M]
 
 
O1 HOSTS File: ([2012/06/25 16:58:12 | 000,000,850 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O1 - Hosts: 127.0.0.1	activate.adobe.com
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} -  File not found
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (EWPBrowseObject Class) - {68F9551E-0411-48E4-9AAF-4BC42A6A46BE} - C:\Programme\Canon\Easy-WebPrint\EWPBrowseLoader.dll ()
O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (Nero Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Programme\Ask.com\GenericAskToolbar.dll (Ask)
O2 - BHO: (SmartSelect Class) - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (Easy-WebPrint) - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Programme\Canon\Easy-WebPrint\Toolband.dll ()
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found.
O3 - HKLM\..\Toolbar: (Nero Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Programme\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKU\Harald_Sahling_ON_C\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKU\Harald_Sahling_ON_C\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKU\Harald_Sahling_ON_C\..\Toolbar\WebBrowser: (Nero Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Programme\Ask.com\GenericAskToolbar.dll (Ask)
O4 - HKLM..\Run: []  File not found
O4 - HKLM..\Run: [Acrobat Assistant 8.0] C:\Programme\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe (Adobe Systems Inc.)
O4 - HKLM..\Run: [Acronis Scheduler2 Service] C:\Programme\Gemeinsame Dateien\Acronis\Schedule2\schedhlp.exe (Acronis)
O4 - HKLM..\Run: [Adobe Acrobat Speed Launcher] C:\Programme\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Adobe ARM] C:\Programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Programme\Gemeinsame Dateien\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AdobeCS5ServiceManager] C:\Programme\Gemeinsame Dateien\Adobe\CS5ServiceManager\CS5ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AllShareAgent] C:\Programme\Samsung\AllShare\AllShareAgent.exe (Samsung Electronics Co., Ltd.)
O4 - HKLM..\Run: [ApnUpdater] C:\Programme\Ask.com\Updater\Updater.exe (Ask)
O4 - HKLM..\Run: [AVG_UI] C:\Programme\AVG\AVG2014\avgui.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [BluetoothAuthenticationAgent] C:\WINDOWS\System32\bthprops.cpl (Microsoft Corporation)
O4 - HKLM..\Run: [CTSysVol] C:\Programme\Creative\SBAudigy\Surround Mixer\CTSysVol.exe (Creative Technology Ltd)
O4 - HKLM..\Run: [DivXMediaServer] C:\Programme\DivX\DivX Media Server\DivXMediaServer.exe (DivX, LLC)
O4 - HKLM..\Run: [DivXUpdate] C:\Programme\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [Easy-PrintToolBox] C:\Programme\Canon\Easy-PrintToolBox\BJPSMAIN.EXE (CANON INC.)
O4 - HKLM..\Run: [FRYMXINS] C:\Programme\ATI Technologies\Fire GL 3D Studio Max\atiimxgl.exe (ATI Technologies, Inc.)
O4 - HKLM..\Run: [HP Designjet Z3100 Photo Series] C:\Programme\HP Designjet Z3100 Photo Series\Setup.exe ()
O4 - HKLM..\Run: [KCodes UDS Control Center] C:\Programme\Assmann\USB Device Server\Control Center.exe ()
O4 - HKLM..\Run: [KernelFaultCheck]  File not found
O4 - HKLM..\Run: [KnexStarter] C:\Programme\Gemeinsame Dateien\Hewlett-Packard\HP Device Communication Services\AppInterfaces\HPDeviceService.exe (Hewlett-Packard Company)
O4 - HKLM..\Run: [NBAgent] C:\Programme\Nero\Nero 11\Nero BackItUp\NBAgent.exe (Nero AG)
O4 - HKLM..\Run: [NWEReboot]  File not found
O4 - HKLM..\Run: [P17Helper] C:\WINDOWS\System32\P17.dll ()
O4 - HKLM..\Run: [PDUiP6700DMon] C:\Programme\Canon\Memory Card Utility\iP6700D\PDUiP6700DMon.exe (CANON INC.)
O4 - HKLM..\Run: [PUStarter] C:\Programme\Gemeinsame Dateien\Hewlett-Packard\HP Printer Utility DCS\AppInterfaces\HPPUDS.exe (Hewlett-Packard Company)
O4 - HKLM..\Run: [RegistryMechanic]  File not found
O4 - HKLM..\Run: [RunPUTasktray]  File not found
O4 - HKLM..\Run: [RunTasktray]  File not found
O4 - HKLM..\Run: [ScreenManager Pro for LCD] C:\Programme\EIZO\ScreenManager Pro for LCD\Lcdctrl.exe (EIZO NANAO CORPORATION)
O4 - HKLM..\Run: [SpyHunter Security Suite] C:\Programme\Enigma Software Group\SpyHunter\SpyHunter4.exe (Enigma Software Group USA, LLC.)
O4 - HKLM..\Run: [StartCCC] C:\Programme\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [SwitchBoard] C:\Programme\Gemeinsame Dateien\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [TrueImageMonitor.exe] C:\Programme\Acronis\TrueImageHome\TrueImageMonitor.exe (Acronis)
O4 - HKLM..\Run: [UMonit] C:\WINDOWS\system32\UMonit.exe ()
O4 - HKLM..\Run: [UpdReg] C:\WINDOWS\Updreg.EXE (Creative Technology Ltd.)
O4 - HKU\Harald_Sahling_ON_C..\Run: [Akamai NetSession Interface] C:\Dokumente und Einstellungen\Harald Sahling\Lokale Einstellungen\Anwendungsdaten\Akamai\netsession_win.exe (Akamai Technologies, Inc.)
O4 - HKU\Harald_Sahling_ON_C..\Run: [AmazonMP3DownloaderHelper] C:\Dokumente und Einstellungen\Harald Sahling\Lokale Einstellungen\Anwendungsdaten\Program Files\Amazon\MP3 Downloader\AmazonMP3DownloaderHelper.exe ()
O4 - HKU\Harald_Sahling_ON_C..\Run: [AnyDVD] C:\Programme\SlySoft\AnyDVD\AnyDVDtray.exe (SlySoft, Inc.)
O4 - HKU\Harald_Sahling_ON_C..\Run: [HP Officejet Pro 8600 (NET)] C:\Programme\HP\HP Officejet Pro 8600\Bin\ScanToPCActivationApp.exe (Hewlett-Packard Co.)
O4 - HKU\Harald_Sahling_ON_C..\Run: [HydraVisionDesktopManager] C:\Programme\ATI Technologies\ATI HYDRAVISION\HydraDM.exe (AMD)
O4 - HKU\Harald_Sahling_ON_C..\Run: [uTorrent] C:\Programme\uTorrent\uTorrent.exe (BitTorrent Inc.)
O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\Spyder3Utility.lnk = C:\Programme\Datacolor\Spyder3Elite\Utility\Spyder3Utility.exe ()
O4 - Startup: C:\Dokumente und Einstellungen\Harald Sahling\Startmenü\Programme\Autostart\Dropbox.lnk = C:\Dokumente und Einstellungen\Harald Sahling\Anwendungsdaten\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O4 - Startup: C:\Dokumente und Einstellungen\Harald Sahling\Startmenü\Programme\Autostart\explorer.lnk = X:\I386\SYSTEM32\RUNDLL32.EXE (Microsoft Corporation)
O4 - Startup: C:\Dokumente und Einstellungen\Harald Sahling\Startmenü\Programme\Autostart\PMCRemoteLauncher.lnk = C:\Dokumente und Einstellungen\Harald Sahling\Lokale Einstellungen\Anwendungsdaten\Pinnacle\TVC\Tools\PMCRemoteCtrl.exe (Pinnacle Systems)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\Harald_Sahling_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\Harald_Sahling_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun =  [binary data]
O7 - HKU\LocalService_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\NetworkService_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: An vorhandene PDF-Datei anfügen - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: In Adobe PDF konvertieren - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Linkziel an vorhandene PDF-Datei anhängen - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Linkziel in Adobe PDF konvertieren - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O9 - Extra 'Tools' menuitem : Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre6\bin\npjpi160_29.dll (Sun Microsystems, Inc.)
O9 - Extra Button: Bonjour - {7F9DB11C-E358-4ca6-A83D-ACC663939424} - C:\Programme\Bonjour\ExplorerPlugin.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {11260943-421B-11D0-8EAC-0000C07D88CF} hxxp://www.ipix.com/viewers/ipixx.cab (iPIX ActiveX Control)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} hxxp://go.microsoft.com/fwlink/?linkid=39204 (Windows Genuine Advantage Validation Tool)
O16 - DPF: {2DAD3559-2923-4935-AD49-B673D2539944} https://www-307.ibm.com/pc/support/access/aslibmain/content/AcpIR.cab (IASRunner Class)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} hxxp://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1176666679466 (WUWebControl Class)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} hxxp://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1274738872446 (MUWebControl Class)
O16 - DPF: {82774781-8F4E-11D1-AB1C-0000F8773BF0} https://transfers.ds.microsoft.com/FTM/TransferSource/grTransferCtrl.cab (DLC Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {C1FDEE68-98D5-4F42-A4DD-D0BECF5077EB} hxxp://tools.ebayimg.com/eps/wl/activex/eBay_Enhanced_Picture_Control_v1-0-31-0.cab (EPUImageControl Class)
O16 - DPF: {CAFEEFAC-0015-0000-0005-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_05-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_01-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.0.0.138
O18 - Protocol\Handler\HPDCS {ba135f49-a12c-4e26-a2c4-6ea945999072} - C:\Programme\Gemeinsame Dateien\Hewlett-Packard\HP Device Communication Services\APP\hpdcsapp.dll (Hewlett-Packard Company)
O18 - Protocol\Handler\hppfile {C4E2084B-ED27-4893-A43D-488CA3F370E2} - C:\Programme\Hewlett-Packard\HP Easy Printer Care\HPPCtrls.dll (Hewlett-Packard Company)
O18 - Protocol\Handler\hppsam {C4E2084B-ED27-4893-A43D-488CA3F370E2} - C:\Programme\Hewlett-Packard\HP Easy Printer Care\HPPCtrls.dll (Hewlett-Packard Company)
O18 - Protocol\Handler\HPPUDCS {522CC7E5-F378-4F97-8BD7-125D17F5B332} - C:\Programme\Gemeinsame Dateien\Hewlett-Packard\HP Printer Utility DCS\APP\hplidcsapp.dll (Hewlett-Packard Company)
O18 - Protocol\Handler\hppufile {4BCA8E33-E18F-4358-9F6F-3C7206BCF72F} - C:\Programme\Hewlett-Packard\HP Printer Utility\hpluCtrls.dll (Hewlett-Packard Company)
O18 - Protocol\Handler\hppusam {4BCA8E33-E18F-4358-9F6F-3C7206BCF72F} - C:\Programme\Hewlett-Packard\HP Printer Utility\hpluCtrls.dll (Hewlett-Packard Company)
O18 - Protocol\Handler\hppuzip {4BCA8E33-E18F-4358-9F6F-3C7206BCF72F} - C:\Programme\Hewlett-Packard\HP Printer Utility\hpluCtrls.dll (Hewlett-Packard Company)
O18 - Protocol\Handler\hppzip {C4E2084B-ED27-4893-A43D-488CA3F370E2} - C:\Programme\Hewlett-Packard\HP Easy Printer Care\HPPCtrls.dll (Hewlett-Packard Company)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} -  File not found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O24 - Desktop Components:0 (Die derzeitige Homepage) - About:Home
O28 - HKLM ShellExecuteHooks: {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Programme\Windows Desktop Search\MsnlNamespaceMgr.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2007/04/15 13:51:39 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2008/01/18 17:01:26 | 000,000,235 | ---- | M] () - E:\AUTORUN.INF -- [ FAT32 ]
O32 - AutoRun File - [2007/01/30 09:01:30 | 000,000,143 | R--- | M] () - G:\AUTORUN.INF -- [ CDFS ]
O32 - AutoRun File - [2006/03/24 07:06:41 | 000,000,053 | R--- | M] () - X:\AUTORUN.INF -- [ CDFS ]
O33 - MountPoints2\{92de9e13-7bee-11dd-98d0-000d3aa379a4}\Shell - "" = AutoRun
O33 - MountPoints2\{92de9e13-7bee-11dd-98d0-000d3aa379a4}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{92de9e13-7bee-11dd-98d0-000d3aa379a4}\Shell\AutoRun\command - "" = C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL SanDisk-Games.exe
O33 - MountPoints2\G\Shell - "" = AutoRun
O33 - MountPoints2\G\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\G\Shell\AutoRun\command - "" = G:\TVCenterPro.exe -- [2007/02/13 05:57:54 | 000,760,904 | R--- | M] (Pinnacle Systems)
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
O34 - HKLM BootExecute: (OODBS) - C:\WINDOWS\System32\OODBS.exe (O&O Software GmbH)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
========== Files/Folders - Created Within 30 Days ==========
 
[2014/05/26 13:35:38 | 002,237,440 | R--- | C] (OldTimer Tools) -- C:\OTLPE.exe
[2014/05/26 13:30:17 | 000,000,000 | ---D | C] -- C:\_OTL
[2014/05/26 03:48:33 | 000,000,000 | -HSD | C] -- C:\WINDOWS\CSC
[2014/05/26 03:19:29 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\72708163A29C273D7EF0E798417733CC
[2014/05/16 02:10:49 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Harald Sahling\Desktop\Steidl
[2014/05/13 21:03:44 | 000,000,000 | ---D | C] -- C:\Programme\Gemeinsame Dateien\DESIGNER
[2007/11/22 15:25:40 | 000,017,376 | ---- | C] (         ) -- C:\WINDOWS\System32\drivers\GT680X.SYS
[2001/09/19 08:32:26 | 000,065,536 | R--- | C] ( ) -- C:\WINDOWS\System32\A3d.dll
 
========== Files - Modified Within 30 Days ==========
 
[2014/05/26 07:51:00 | 000,000,244 | ---- | M] () -- C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job
[2014/05/26 07:47:30 | 000,012,598 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2014/05/26 07:45:39 | 000,000,240 | ---- | M] () -- C:\WINDOWS\tasks\Ende des Supports für Microsoft Windows XP –  Benachrichtigung – Anmeldung.job
[2014/05/26 07:45:38 | 000,000,334 | ---- | M] () -- C:\WINDOWS\tasks\ROC_JAN2013_TB_rmv.job
[2014/05/26 07:45:37 | 000,000,334 | ---- | M] () -- C:\WINDOWS\tasks\ROC_PAID_JAN2013_TB_rmv.job
[2014/05/26 07:45:20 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2014/05/26 07:45:04 | 000,149,865 | ---- | M] () -- C:\WINDOWS\System32\OODBS.lor
[2014/05/26 07:39:31 | 000,000,818 | ---- | M] () -- C:\Dokumente und Einstellungen\Harald Sahling\Startmenü\Programme\Autostart\explorer.lnk
[2014/05/26 05:25:39 | 000,001,065 | ---- | M] () -- C:\Dokumente und Einstellungen\Harald Sahling\Startmenü\Programme\Autostart\Dropbox.lnk
[2014/05/26 05:24:00 | 000,000,884 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2014/05/26 05:22:12 | 000,001,075 | ---- | M] () -- C:\Dokumente und Einstellungen\Harald Sahling\Desktop\Dropbox.lnk
[2014/05/26 04:10:00 | 000,000,448 | ---- | M] () -- C:\WINDOWS\tasks\At1.job
[2014/05/26 04:08:57 | 000,001,971 | ---- | M] () -- C:\Dokumente und Einstellungen\Harald Sahling\Desktop\SpyHunter.lnk
[2014/05/25 20:00:00 | 000,000,364 | ---- | M] () -- C:\WINDOWS\tasks\AdobeAAMUpdater-1.0-INTELLISTATION1-Harald Sahling.job
[2014/05/25 14:40:00 | 000,000,448 | ---- | M] () -- C:\WINDOWS\tasks\At2.job
[2014/05/25 13:06:00 | 000,000,448 | ---- | M] () -- C:\WINDOWS\tasks\At3.job
[2014/05/25 08:00:00 | 000,000,448 | ---- | M] () -- C:\WINDOWS\tasks\At4.job
[2014/05/21 03:37:55 | 000,000,698 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\AVG 2014.lnk
[2014/05/21 03:37:55 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\AVG Eigenständige Version von Link Scanner
[2014/05/13 08:17:24 | 000,237,848 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avglogx.sys
[2014/05/13 08:17:22 | 000,210,200 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgtdix.sys
[2014/05/13 08:17:20 | 000,149,784 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgidshx.sys
[2014/05/11 09:01:00 | 000,000,234 | ---- | M] () -- C:\WINDOWS\tasks\Ende des Supports für Microsoft Windows XP – Monatliche Benachrichtigung.job
[2014/04/30 04:13:01 | 006,022,144 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mshtml.dll
 
========== Files Created - No Company Name ==========
 
[2014/05/26 07:39:31 | 000,000,818 | ---- | C] () -- C:\Dokumente und Einstellungen\Harald Sahling\Startmenü\Programme\Autostart\explorer.lnk
[2014/04/14 17:47:04 | 000,014,232 | ---- | C] () -- C:\WINDOWS\System32\sh4native.exe
[2014/04/14 08:38:39 | 000,010,498 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\lpm.dat
[2014/02/22 16:04:19 | 000,001,456 | ---- | C] () -- C:\Dokumente und Einstellungen\Harald Sahling\Lokale Einstellungen\Anwendungsdaten\Adobe Save for Web 12.0 Prefs
[2014/02/09 07:40:02 | 000,000,132 | ---- | C] () -- C:\Dokumente und Einstellungen\Harald Sahling\Anwendungsdaten\Adobe PNG Format CS5 Prefs
[2013/09/21 06:05:14 | 000,000,032 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\zprib.ini
[2013/04/18 16:01:04 | 000,266,643 | ---- | C] () -- C:\WINDOWS\hpwins22.dat.temp
[2013/02/21 05:04:38 | 002,302,976 | ---- | C] () -- C:\Dokumente und Einstellungen\Harald Sahling\backup.pst
[2013/02/03 05:20:06 | 000,000,132 | ---- | C] () -- C:\Dokumente und Einstellungen\Harald Sahling\Anwendungsdaten\Adobe BMP Format CS5 Prefs
[2012/12/12 22:26:50 | 002,821,083 | ---- | C] () -- C:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\Anwendungsdaten\WPFFontCache_v0400-S-1-5-21-1547161642-602162358-725345543-1003-0.dat
[2012/12/08 07:37:15 | 000,414,914 | ---- | C] () -- C:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\Anwendungsdaten\WPFFontCache_v0400-System.dat
[2012/11/13 14:04:13 | 000,000,057 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Ament.ini
[2012/10/31 03:53:27 | 000,000,741 | ---- | C] () -- C:\WINDOWS\XMLEditor4.INI
[2012/09/03 02:22:34 | 000,139,264 | ---- | C] () -- C:\WINDOWS\System32\ustor.dll
[2012/09/03 02:22:34 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\UMonit.exe
[2012/09/03 02:22:05 | 000,172,097 | ---- | C] () -- C:\WINDOWS\System32\NoMSGuninstall.exe
[2012/09/03 02:22:05 | 000,000,807 | ---- | C] () -- C:\WINDOWS\System32\ProductName.ini
[2012/09/03 02:22:04 | 000,001,519 | ---- | C] () -- C:\WINDOWS\System32\_IconCfg0.ini
[2012/09/03 02:22:04 | 000,000,187 | ---- | C] () -- C:\WINDOWS\System32\IconCfg0.ini
[2012/06/22 05:01:32 | 000,019,984 | ---- | C] () -- C:\WINDOWS\System32\ESGScanner.sys
[2012/06/22 05:01:32 | 000,019,984 | ---- | C] () -- C:\WINDOWS\System32\drivers\EsgScanner.sys
[2012/05/09 17:22:28 | 000,001,769 | ---- | C] () -- C:\WINDOWS\Language_trs.ini
[2012/05/09 17:22:22 | 000,025,804 | ---- | C] () -- C:\WINDOWS\Ascd_tmp.ini
[2012/05/09 17:22:21 | 000,010,296 | ---- | C] () -- C:\WINDOWS\System32\drivers\ASUSHWIO.SYS
[2012/01/26 16:54:37 | 000,005,120 | ---- | C] () -- C:\Dokumente und Einstellungen\NetworkService\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012/01/26 16:54:37 | 000,001,324 | ---- | C] () -- C:\Dokumente und Einstellungen\NetworkService\Lokale Einstellungen\Anwendungsdaten\d3d9caps.dat
[2011/05/16 17:01:19 | 000,000,038 | ---- | C] () -- C:\WINDOWS\avisplitter.ini
[2010/03/24 02:23:57 | 000,023,671 | ---- | C] () -- C:\WINDOWS\hpqins15.dat
[2009/12/26 12:31:15 | 015,376,384 | ---- | C] () -- C:\Dokumente und Einstellungen\Harald Sahling\s-1-5-21-1547161642-602162358-725345543-1003.rrr
[2009/12/26 12:31:14 | 000,241,664 | ---- | C] () -- C:\Dokumente und Einstellungen\LocalService\s-1-5-19.rrr
[2009/12/26 12:31:14 | 000,233,472 | ---- | C] () -- C:\Dokumente und Einstellungen\NetworkService\s-1-5-20.rrr
[2009/12/26 11:44:46 | 000,078,195 | ---- | C] () -- C:\WINDOWS\hpqins05.dat
[2009/09/12 19:15:20 | 000,335,872 | ---- | C] () -- C:\WINDOWS\System32\m4atag.dll
[2009/09/12 14:19:40 | 000,000,078 | ---- | C] () -- C:\Dokumente und Einstellungen\Harald Sahling\rpdeluxe.properties
[2009/08/03 09:07:42 | 000,403,816 | ---- | C] () -- C:\WINDOWS\System32\OGACheckControl.dll
[2009/08/03 09:07:42 | 000,230,768 | ---- | C] () -- C:\WINDOWS\System32\OGAEXEC.exe
[2009/07/14 17:50:18 | 000,027,648 | ---- | C] () -- C:\WINDOWS\System32\AVSredirect.dll
[2009/07/02 16:46:02 | 000,002,850 | ---- | C] () -- C:\WINDOWS\hpwmdl22.dat.temp
[2009/02/21 16:46:30 | 000,000,000 | ---- | C] () -- C:\WINDOWS\ativpsrm.bin
[2008/12/10 17:29:14 | 003,107,788 | ---- | C] () -- C:\WINDOWS\System32\ativva5x.dat
[2008/12/10 17:29:14 | 000,887,724 | ---- | C] () -- C:\WINDOWS\System32\ativva6x.dat
[2008/11/24 02:26:00 | 000,037,027 | ---- | C] () -- C:\WINDOWS\atmoUn.exe
[2008/10/20 16:54:32 | 000,000,037 | ---- | C] () -- C:\WINDOWS\ipixActivex.ini
[2008/05/26 17:23:36 | 000,016,834 | ---- | C] () -- C:\WINDOWS\System32\gthrctr.ini
[2008/05/26 17:23:34 | 000,024,188 | ---- | C] () -- C:\WINDOWS\System32\idxcntrs.ini
[2008/05/26 17:23:32 | 000,016,568 | ---- | C] () -- C:\WINDOWS\System32\gsrvctr.ini
[2008/05/26 16:59:42 | 000,018,904 | ---- | C] () -- C:\WINDOWS\System32\structuredqueryschematrivial.bin
[2008/05/26 16:59:40 | 000,106,605 | ---- | C] () -- C:\WINDOWS\System32\structuredqueryschema.bin
[2008/05/23 07:40:11 | 000,363,520 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2008/03/19 10:26:52 | 000,012,288 | ---- | C] () -- C:\WINDOWS\System32\drivers\Spyder3.sys
[2007/11/29 05:17:42 | 000,000,023 | ---- | C] () -- C:\WINDOWS\PenPowerTS863.INI
[2007/11/22 15:26:17 | 000,708,608 | ---- | C] () -- C:\WINDOWS\SnapShow.exe
[2007/11/22 15:26:17 | 000,360,769 | ---- | C] () -- C:\WINDOWS\System32\drivers\Capt930b.sys
[2007/11/22 15:26:17 | 000,151,552 | ---- | C] () -- C:\WINDOWS\SnapTrap.exe
[2007/11/22 15:26:17 | 000,025,340 | ---- | C] () -- C:\WINDOWS\System32\drivers\Camd930b.sys
[2007/11/22 15:26:17 | 000,015,365 | ---- | C] () -- C:\WINDOWS\930TwCfg.INI
[2007/11/22 15:26:15 | 000,049,152 | ---- | C] () -- C:\WINDOWS\AutoSet.dll
[2007/11/22 15:25:40 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\AutoSet.dll
[2007/10/28 17:45:11 | 000,000,756 | ---- | C] () -- C:\WINDOWS\hpntwksetup.ini
[2007/07/29 08:10:08 | 000,001,125 | ---- | C] () -- C:\WINDOWS\winamp.ini
[2007/06/22 18:10:54 | 000,000,125 | -HS- | C] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\.zreglib
[2007/06/19 18:51:00 | 000,000,163 | ---- | C] () -- C:\WINDOWS\System32\AddPort.ini
[2007/06/19 18:48:48 | 000,000,021 | ---- | C] () -- C:\WINDOWS\hpdjz3100.ini
[2007/06/19 18:45:11 | 000,000,011 | ---- | C] () -- C:\WINDOWS\hplj5200m.ini
[2007/05/20 04:54:49 | 000,059,904 | ---- | C] () -- C:\Dokumente und Einstellungen\Harald Sahling\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2007/05/19 15:09:44 | 000,000,151 | ---- | C] () -- C:\WINDOWS\PhotoSnapViewer.INI
[2007/05/05 13:02:42 | 000,004,212 | -H-- | C] () -- C:\WINDOWS\System32\zllictbl.dat
[2007/05/05 10:31:09 | 000,005,627 | R--- | C] () -- C:\WINDOWS\System32\Ludap17.ini
[2007/05/05 10:31:09 | 000,000,039 | R--- | C] () -- C:\WINDOWS\System32\ctzapxx.ini
[2007/05/02 20:17:53 | 000,000,074 | ---- | C] () -- C:\WINDOWS\iltwain.ini
[2007/05/01 18:14:19 | 000,000,230 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2007/05/01 16:47:21 | 000,000,000 | ---- | C] () -- C:\WINDOWS\OpPrintServer.INI
[2007/04/16 18:30:10 | 000,000,020 | -H-- | C] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\PKP_DLea.DAT
[2007/04/16 03:34:35 | 000,242,688 | ---- | C] () -- C:\WINDOWS\System32\ISP2003.dll
[2007/04/16 03:22:26 | 000,000,400 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2007/04/15 21:37:21 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2007/04/15 14:35:02 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2007/04/15 14:34:04 | 003,695,568 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2007/04/15 13:54:11 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2007/04/15 13:48:16 | 000,021,740 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2007/03/26 09:14:54 | 000,126,976 | ---- | C] () -- C:\WINDOWS\System32\HPDevEnm.dll
[2007/02/16 18:48:38 | 003,107,788 | ---- | C] () -- C:\WINDOWS\System32\ativvaxx.dat
[2006/11/24 12:09:58 | 000,180,720 | ---- | C] () -- C:\WINDOWS\System32\atiicdxx.dat
[2005/05/03 07:38:42 | 000,064,512 | R--- | C] () -- C:\WINDOWS\System32\P17.dll
[2003/10/02 06:48:18 | 000,053,248 | R--- | C] () -- C:\WINDOWS\System32\P17CPI.dll
[2001/08/23 08:00:00 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2001/08/23 08:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2001/08/23 08:00:00 | 000,596,696 | ---- | C] () -- C:\WINDOWS\System32\perfh007.dat
[2001/08/23 08:00:00 | 000,542,976 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2001/08/23 08:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2001/08/23 08:00:00 | 000,269,480 | ---- | C] () -- C:\WINDOWS\System32\perfi007.dat
[2001/08/23 08:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2001/08/23 08:00:00 | 000,127,792 | ---- | C] () -- C:\WINDOWS\System32\perfc007.dat
[2001/08/23 08:00:00 | 000,097,500 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2001/08/23 08:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2001/08/23 08:00:00 | 000,034,478 | ---- | C] () -- C:\WINDOWS\System32\perfd007.dat
[2001/08/23 08:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2001/08/23 08:00:00 | 000,004,463 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2001/08/23 08:00:00 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin
[2001/08/23 08:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2001/07/06 10:30:00 | 000,003,254 | ---- | C] () -- C:\WINDOWS\System32\HPTCPMON.INI
[1997/06/14 04:56:08 | 000,056,832 | ---- | C] () -- C:\WINDOWS\System32\iyvu9_32.dll
 
========== LOP Check ==========
 
[2013/09/08 02:58:02 | 000,000,000 | ---D | M] -- C:\WINDOWS\system32\config\systemprofile\Anwendungsdaten\Acronis
[2013/09/26 10:23:23 | 000,000,000 | ---D | M] -- C:\WINDOWS\system32\config\systemprofile\Anwendungsdaten\AVG2014
[2009/03/05 20:33:17 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Harald Sahling\Anwendungsdaten\.BitTornado
[2007/04/16 19:11:25 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Harald Sahling\Anwendungsdaten\ACD Systems
[2012/06/24 12:32:21 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Harald Sahling\Anwendungsdaten\Acronis
[2013/06/20 02:18:54 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Harald Sahling\Anwendungsdaten\Amazon
[2009/12/05 13:04:12 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Harald Sahling\Anwendungsdaten\AnvSoft
[2009/07/29 04:58:08 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Harald Sahling\Anwendungsdaten\Any Video Converter Professional
[2012/10/11 15:28:04 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Harald Sahling\Anwendungsdaten\AskToolbar
[2013/09/26 10:25:10 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Harald Sahling\Anwendungsdaten\AVG2014
[2010/04/14 21:25:30 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Harald Sahling\Anwendungsdaten\AVG9
[2007/05/17 08:33:56 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Harald Sahling\Anwendungsdaten\CD-LabelPrint
[2014/01/06 10:09:49 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Harald Sahling\Anwendungsdaten\chc
[2014/01/06 10:09:51 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Harald Sahling\Anwendungsdaten\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2011/12/18 17:35:11 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Harald Sahling\Anwendungsdaten\DDMSettings
[2014/05/26 05:25:44 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Harald Sahling\Anwendungsdaten\Dropbox
[2014/05/26 05:25:35 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Harald Sahling\Anwendungsdaten\DropboxMaster
[2013/11/05 18:07:34 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Harald Sahling\Anwendungsdaten\dRS4photo
[2010/11/14 09:31:01 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Harald Sahling\Anwendungsdaten\dRS4photo.CC441639FAB643879327A3CEA2D410C2594D7DBE.1
[2014/05/18 12:25:05 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Harald Sahling\Anwendungsdaten\FileZilla
[2012/11/07 05:45:49 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Harald Sahling\Anwendungsdaten\Jablotron
[2012/06/24 11:26:33 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Harald Sahling\Anwendungsdaten\netdesigner
[2007/04/16 18:46:43 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Harald Sahling\Anwendungsdaten\Nikon
[2007/09/23 10:08:47 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Harald Sahling\Anwendungsdaten\Opera
[2012/10/30 13:16:49 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Harald Sahling\Anwendungsdaten\Samsung
[2007/06/23 21:34:25 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Harald Sahling\Anwendungsdaten\SlySoft
[2013/07/24 09:01:07 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Harald Sahling\Anwendungsdaten\TeamViewer
[2014/05/26 05:16:53 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Harald Sahling\Anwendungsdaten\uTorrent
[2010/11/12 16:43:51 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Harald Sahling\Anwendungsdaten\Windows Desktop Search
[2011/03/06 08:44:20 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Harald Sahling\Anwendungsdaten\Windows Search
[2012/10/30 13:17:20 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\LocalService\Anwendungsdaten\Samsung
[2014/05/26 03:19:29 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\72708163A29C273D7EF0E798417733CC
[2013/10/31 01:56:41 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\ACD Systems
[2013/09/08 03:26:49 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Acronis
[2008/01/18 05:17:33 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Avery
[2013/09/26 10:23:27 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\AVG2014
[2012/05/08 17:28:18 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\avg9
[2007/05/01 16:46:24 | 000,000,000 | -H-D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\CanonBJ
[2011/03/15 03:48:47 | 000,000,000 | -H-D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Common Files
[2007/11/22 15:31:38 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\DriverInfo
[2007/08/05 12:32:21 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Elaborate Bytes
[2007/04/16 18:30:10 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\EnterNHelp
[2011/01/29 18:26:04 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\InstallMate
[2008/07/10 15:27:15 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\MailFrontier
[2014/05/26 03:32:22 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\MFAData
[2009/02/04 13:53:54 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Nikon
[2007/12/30 07:44:38 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Phase One
[2008/05/23 07:41:03 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Pinnacle
[2012/08/20 14:28:53 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\regid.1986-12.com.adobe
[2007/06/22 18:11:51 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\SlySoft
[2009/12/12 15:45:36 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TEMP
[2007/04/16 18:30:10 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Ultima_T15
[2008/11/24 02:25:55 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Viewpoint
[2014/05/26 04:10:00 | 000,000,448 | ---- | M] () -- C:\WINDOWS\Tasks\At1.job
[2014/05/25 14:40:00 | 000,000,448 | ---- | M] () -- C:\WINDOWS\Tasks\At2.job
[2014/05/25 13:06:00 | 000,000,448 | ---- | M] () -- C:\WINDOWS\Tasks\At3.job
[2014/05/25 08:00:00 | 000,000,448 | ---- | M] () -- C:\WINDOWS\Tasks\At4.job
[2014/05/26 07:45:39 | 000,000,240 | ---- | M] () -- C:\WINDOWS\Tasks\Ende des Supports für Microsoft Windows XP –  Benachrichtigung – Anmeldung.job
[2014/05/11 09:01:00 | 000,000,234 | ---- | M] () -- C:\WINDOWS\Tasks\Ende des Supports für Microsoft Windows XP – Monatliche Benachrichtigung.job
[2014/05/26 07:45:38 | 000,000,334 | ---- | M] () -- C:\WINDOWS\Tasks\ROC_JAN2013_TB_rmv.job
[2014/05/26 07:45:37 | 000,000,334 | ---- | M] () -- C:\WINDOWS\Tasks\ROC_PAID_JAN2013_TB_rmv.job
[2014/05/26 07:51:00 | 000,000,244 | ---- | M] () -- C:\WINDOWS\Tasks\Scheduled Update for Ask Toolbar.job
 
========== Purity Check ==========
 
 
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 48 bytes -> C:\WINDOWS:485C605C8F59BA9C
@Alternate Data Stream - 171 bytes -> C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TEMP:661DFA1C
< End of report >
         
bekam beim Starten die Meldung
--------------
RUNDLL
Fehler beim Laden von
c:\dokumen~1\alluse~1\727081~1\hclg9dol.cpp

Das angegebene Modul wurde nicht gefunden
--------------

Sonst scheint alles (auch der IE) zu funktionieren. Lasse jetzt nochmals einen SpyHunter drüberlaufen...

wars das dann oder soll ich nochwas tun /bzw ändern?

Alt 26.05.2014, 13:27   #2
schrauber
/// the machine
/// TB-Ausbilder
 

Gelöst aber richtig?/ LPD (GVA) Trojaner auf XP mit Verhinderung abgesicherter Systemstart - Standard

Gelöst aber richtig?/ LPD (GVA) Trojaner auf XP mit Verhinderung abgesicherter Systemstart



Hi,

erstmal Finger weg von Spyhunter, das ist Fake.

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

__________________

__________________

Alt 27.05.2014, 07:24   #3
Plini
 
Gelöst aber richtig?/ LPD (GVA) Trojaner auf XP mit Verhinderung abgesicherter Systemstart - Standard

Gelöst aber richtig?/ LPD (GVA) Trojaner auf XP mit Verhinderung abgesicherter Systemstart



Hier ist FRST:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:25-05-2014 02
Ran by Harald Sahling (administrator) on INTELLISTATION1 on 27-05-2014 10:10:31
Running from C:\Dokumente und Einstellungen\Harald Sahling\Desktop
Platform: Microsoft Windows XP Service Pack 3 (X86) OS Language: German Standard
Internet Explorer Version 8
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(Enigma Software Group USA, LLC.) C:\PROGRA~1\ENIGMA~1\SPYHUN~1\SH4SER~1.EXE
(ATI Technologies Inc.) C:\WINDOWS\system32\ati2evxx.exe
(ATI Technologies Inc.) C:\WINDOWS\system32\ati2evxx.exe
(Acronis) C:\Programme\Gemeinsame Dateien\Acronis\Schedule2\schedul2.exe
(Acronis) C:\Programme\Gemeinsame Dateien\Acronis\CDP\afcdpsrv.exe
(AVG Technologies CZ, s.r.o.) C:\Programme\AVG\AVG2014\avgfws.exe
(AVG Technologies CZ, s.r.o.) C:\Programme\AVG\AVG2014\avgwdsvc.exe
(Apple Inc.) C:\Programme\Bonjour\mDNSResponder.exe
(Creative Technology Ltd) C:\WINDOWS\system32\CTSVCCDA.EXE
(Sun Microsystems, Inc.) C:\Programme\Java\jre6\bin\jqs.exe
(Microsoft Corporation) C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7DEBUG\mdm.exe
(Nero AG) C:\Programme\Nero\Update\NASvc.exe
(O&O Software GmbH) C:\WINDOWS\system32\oodag.exe
(AVG Technologies CZ, s.r.o.) C:\Programme\AVG\AVG2014\avgnsx.exe
(AVG Technologies CZ, s.r.o.) C:\Programme\AVG\AVG2014\avgemcx.exe
(Microsoft Corp.) C:\Programme\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
(TeamViewer GmbH) C:\Programme\TeamViewer\Version7\TeamViewer_Service.exe
(Microsoft Corporation) C:\Programme\Gemeinsame Dateien\Microsoft Shared\Windows Live\WLIDSVC.EXE
(TeamViewer GmbH) C:\Programme\TeamViewer\Version7\TeamViewer.exe
(CANON INC.) C:\Programme\Canon\Memory Card Utility\iP6700D\PDUiP6700DMon.exe
(Creative Technology Ltd) C:\Programme\Creative\SBAudigy\Surround Mixer\CTSysVol.exe
(Microsoft Corporation) C:\Programme\Microsoft IntelliType Pro\itype.exe
(Microsoft Corporation) C:\Programme\Microsoft IntelliPoint\ipoint.exe
(TeamViewer GmbH) C:\Programme\TeamViewer\Version7\tv_w32.exe
(Hewlett-Packard Company) C:\Programme\Gemeinsame Dateien\Hewlett-Packard\HP Device Communication Services\AppInterfaces\HPDeviceService.exe
(Hewlett-Packard Company) C:\Programme\Gemeinsame Dateien\Hewlett-Packard\HP Device Communication Services\AppInterfaces\HPDeviceHost.exe
(Microsoft Corporation) C:\Programme\Gemeinsame Dateien\Microsoft Shared\Windows Live\WLIDSVCM.EXE
() C:\Programme\DivX\DivX Update\DivXUpdate.exe
(Hewlett-Packard Company) C:\Programme\Hewlett-Packard\HP Easy Printer Care\HPPRun.exe
(EIZO NANAO CORPORATION) C:\Programme\EIZO\ScreenManager Pro for LCD\Lcdctrl.exe
(Hewlett-Packard) C:\Programme\Hp\HP Software Update\hpwuschd2.exe
(Hewlett-Packard Company) C:\Programme\Gemeinsame Dateien\Hewlett-Packard\HP Printer Utility DCS\AppInterfaces\HPPUDS.exe
(Advanced Micro Devices Inc.) C:\Programme\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Hewlett-Packard Company) C:\Programme\Gemeinsame Dateien\Hewlett-Packard\HP Printer Utility DCS\AppInterfaces\HPPUDH.exe
(Hewlett-Packard Company) C:\Programme\Hewlett-Packard\HP Printer Utility\HPPU.exe
(Acronis) C:\Programme\Acronis\TrueImageHome\TrueImageMonitor.exe
(Acronis) C:\Programme\Gemeinsame Dateien\Acronis\Schedule2\schedhlp.exe
(Adobe Systems Incorporated) C:\Programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe
(Adobe Systems Inc.) C:\Programme\Adobe\Acrobat 10.0\Acrobat\acrotray.exe
() C:\WINDOWS\system32\UMonit.exe
(Ask) C:\Programme\Ask.com\Updater\Updater.exe
(Samsung Electronics Co., Ltd.) C:\Programme\Samsung\AllShare\AllShareAgent.exe
() C:\Programme\Assmann\USB Device Server\Control Center.exe
(Microsoft Corp.) C:\Programme\MSN Toolbar\Platform\5.0.1449.0\mswinext.exe
(AVG Technologies CZ, s.r.o.) C:\Programme\AVG\AVG2014\avgui.exe
(Enigma Software Group USA, LLC.) C:\Programme\Enigma Software Group\SpyHunter\SpyHunter4.exe
(ATI Technologies Inc.) C:\Programme\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(SlySoft, Inc.) C:\Programme\SlySoft\AnyDVD\AnyDVDtray.exe
(AMD) C:\Programme\ATI Technologies\ATI HYDRAVISION\HydraDM.exe
(Akamai Technologies, Inc.) C:\Dokumente und Einstellungen\Harald Sahling\Lokale Einstellungen\Anwendungsdaten\Akamai\netsession_win.exe
(Hewlett-Packard Co.) C:\Programme\Hp\HP Officejet Pro 8600\Bin\ScanToPCActivationApp.exe
() C:\Dokumente und Einstellungen\Harald Sahling\Lokale Einstellungen\Anwendungsdaten\Program Files\Amazon\MP3 Downloader\AmazonMP3DownloaderHelper.exe
(Microsoft Corporation) C:\Programme\Windows Media Player\wmpnscfg.exe
(Microsoft Corporation) C:\Programme\Windows Live\Messenger\msnmsgr.exe
() C:\Programme\Datacolor\Spyder3Elite\Utility\Spyder3Utility.exe
(Microsoft Corporation) C:\Programme\Windows Desktop Search\WindowsSearch.exe
(Dropbox, Inc.) C:\Dokumente und Einstellungen\Harald Sahling\Anwendungsdaten\Dropbox\bin\Dropbox.exe
(Akamai Technologies, Inc.) C:\Dokumente und Einstellungen\Harald Sahling\Lokale Einstellungen\Anwendungsdaten\Akamai\netsession_win.exe
(Hewlett-Packard Co.) C:\Programme\Hp\HP Officejet Pro 8600\Bin\HPNetworkCommunicator.exe
(Microsoft Corporation) C:\Programme\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Programme\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Programme\Internet Explorer\iexplore.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [ATIPTA] => C:\Programme\ATI Technologies\ATI Control Panel\atiptaxx.exe [344064 2007-02-16] (ATI Technologies, Inc.)
HKLM\...\Run: [NWEReboot] => [X]
HKLM\...\Run: [PDUiP6700DMon] => C:\Programme\Canon\Memory Card Utility\iP6700D\PDUiP6700DMon.exe [61440 2006-03-16] (CANON INC.)
HKLM\...\Run: [Easy-PrintToolBox] => C:\Programme\Canon\Easy-PrintToolBox\BJPSMAIN.EXE [409600 2004-01-14] (CANON INC.)
HKLM\...\Run: [BluetoothAuthenticationAgent] => rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
HKLM\...\Run: [CTSysVol] => C:\Programme\Creative\SBAudigy\Surround Mixer\CTSysVol.exe [57344 2005-10-31] (Creative Technology Ltd)
HKLM\...\Run: [P17Helper] => C:\WINDOWS\system32\P17.dll [64512 2005-05-03] ()
HKLM\...\Run: [UpdReg] => C:\WINDOWS\UpdReg.EXE [90112 2000-05-11] (Creative Technology Ltd.)
HKLM\...\Run: [itype] => C:\Programme\Microsoft IntelliType Pro\itype.exe [576320 2006-07-08] (Microsoft Corporation)
HKLM\...\Run: [IntelliPoint] => C:\Programme\Microsoft IntelliPoint\ipoint.exe [600896 2006-07-08] (Microsoft Corporation)
HKLM\...\Run: [KnexStarter] => C:\Programme\Gemeinsame Dateien\Hewlett-Packard\HP Device Communication Services\Appinterfaces\HPDeviceService.exe [81920 2007-03-26] (Hewlett-Packard Company)
HKLM\...\Run: [HP Designjet Z3100 Photo Series] => C:\Programme\HP Designjet Z3100 Photo Series\Setup.exe [163840 2007-05-07] ()
HKLM\...\Run: [RunTasktray] => C:\Programme\Hewlett-Packard\HP Easy Printer Care\HPPRun.exe [69120 2007-03-26] (Hewlett-Packard Company)
HKLM\...\Run: [ScreenManager Pro for LCD] => C:\Programme\EIZO\ScreenManager Pro for LCD\Lcdctrl.exe [10913320 2007-04-20] (EIZO NANAO CORPORATION)
HKLM\...\Run: [RegistryMechanic] => [X]
HKLM\...\Run: [FRYMXINS] => "C:\Programme\ATI Technologies\Fire GL 3D Studio Max\atiimxgl"
HKLM\...\Run: [KernelFaultCheck] => %systemroot%\system32\dumprep 0 -k
HKLM\...\Run: [HP Software Update] => C:\Programme\Hp\HP Software Update\HPWuSchd2.exe [49208 2010-06-09] (Hewlett-Packard)
HKLM\...\Run: [] => [X]
HKLM\...\Run: [StartCCC] => C:\Programme\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [61440 2009-02-11] (Advanced Micro Devices, Inc.)
HKLM\...\Run: [PUStarter] => C:\Programme\Gemeinsame Dateien\Hewlett-Packard\HP Printer Utility DCS\Appinterfaces\HPPUDS.exe [73728 2011-05-05] (Hewlett-Packard Company)
HKLM\...\Run: [RunPUTasktray] => C:\Programme\Hewlett-Packard\HP Printer Utility\HPPU.exe [68608 2011-05-05] (Hewlett-Packard Company)
HKLM\...\Run: [TrueImageMonitor.exe] => C:\Programme\Acronis\TrueImageHome\TrueImageMonitor.exe [5957352 2011-08-05] (Acronis)
HKLM\...\Run: [Acronis Scheduler2 Service] => C:\Programme\Gemeinsame Dateien\Acronis\Schedule2\schedhlp.exe [403592 2011-08-05] (Acronis)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Programme\Gemeinsame Dateien\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [446392 2012-04-04] (Adobe Systems Incorporated)
HKLM\...\Run: [SwitchBoard] => C:\Programme\Gemeinsame Dateien\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM\...\Run: [AdobeCS5ServiceManager] => C:\Programme\Gemeinsame Dateien\Adobe\CS5ServiceManager\CS5ServiceManager.exe [402432 2010-07-22] (Adobe Systems Incorporated)
HKLM\...\Run: [Adobe ARM] => C:\Programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM\...\Run: [Adobe Acrobat Speed Launcher] => C:\Programme\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe [41336 2013-12-18] (Adobe Systems Incorporated)
HKLM\...\Run: [Acrobat Assistant 8.0] => C:\Programme\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe [840568 2013-12-18] (Adobe Systems Inc.)
HKLM\...\Run: [UMonit] => C:\WINDOWS\system32\UMonit.exe [49152 2011-05-25] ()
HKLM\...\Run: [ApnUpdater] => C:\Programme\Ask.com\Updater\Updater.exe [1557160 2012-04-09] (Ask)
HKLM\...\Run: [NBAgent] => C:\Programme\Nero\Nero 11\Nero BackItUp\NBAgent.exe [1485096 2011-07-15] (Nero AG)
HKLM\...\Run: [AllShareAgent] => C:\Programme\Samsung\AllShare\AllShareAgent.exe [285072 2012-03-02] (Samsung Electronics Co., Ltd.)
HKLM\...\Run: [KCodes UDS Control Center] => C:\Programme\Assmann\USB Device Server\Control Center.exe [4910592 2011-05-30] ()
HKLM\...\Run: [DivXMediaServer] => C:\Programme\DivX\DivX Media Server\DivXMediaServer.exe [450560 2014-02-14] (DivX, LLC)
HKLM\...\Run: [Bing Bar] => C:\Programme\MSN Toolbar\Platform\5.0.1449.0\mswinext.exe [243544 2010-04-27] (Microsoft Corp.)
HKLM\...\Run: [Microsoft Default Manager] => C:\Programme\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe [288088 2009-11-11] (Microsoft Corporation)
HKLM\...\Run: [AVG_UI] => C:\Programme\AVG\AVG2014\avgui.exe [5181456 2014-05-13] (AVG Technologies CZ, s.r.o.)
HKLM\...\Run: [DivXUpdate] => C:\Programme\DivX\DivX Update\DivXUpdate.exe [1861968 2014-01-10] ()
HKLM\...\Run: [SpyHunter Security Suite] => C:\Programme\Enigma Software Group\SpyHunter\SpyHunter4.exe [6434176 2014-01-09] (Enigma Software Group USA, LLC.)
HKLM\...\Run: [AdobeCS6ServiceManager] => C:\Programme\Gemeinsame Dateien\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)
Winlogon\Notify\AtiExtEvent: C:\WINDOWS\system32\Ati2evxx.dll (ATI Technologies Inc.)
HKU\S-1-5-21-1547161642-602162358-725345543-1003\...\Run: [AnyDVD] => C:\Programme\SlySoft\AnyDVD\AnyDVDtray.exe [6287008 2012-08-16] (SlySoft, Inc.)
HKU\S-1-5-21-1547161642-602162358-725345543-1003\...\Run: [HydraVisionDesktopManager] => C:\Programme\ATI Technologies\ATI HYDRAVISION\HydraDM.exe [368640 2007-07-25] (AMD)
HKU\S-1-5-21-1547161642-602162358-725345543-1003\...\Run: [Akamai NetSession Interface] => C:\Dokumente und Einstellungen\Harald Sahling\Lokale Einstellungen\Anwendungsdaten\Akamai\netsession_win.exe [4672920 2014-04-17] (Akamai Technologies, Inc.)
HKU\S-1-5-21-1547161642-602162358-725345543-1003\...\Run: [HP Officejet Pro 8600 (NET)] => C:\Programme\HP\HP Officejet Pro 8600\Bin\ScanToPCActivationApp.exe [1804648 2011-09-09] (Hewlett-Packard Co.)
HKU\S-1-5-21-1547161642-602162358-725345543-1003\...\Run: [AmazonMP3DownloaderHelper] => C:\Dokumente und Einstellungen\Harald Sahling\Lokale Einstellungen\Anwendungsdaten\Program Files\Amazon\MP3 Downloader\AmazonMP3DownloaderHelper.exe [400704 2013-05-22] ()
HKU\S-1-5-21-1547161642-602162358-725345543-1003\...\Run: [WMPNSCFG] => C:\Programme\Windows Media Player\WMPNSCFG.exe [204288 2006-11-03] (Microsoft Corporation)
HKU\S-1-5-21-1547161642-602162358-725345543-1003\...\Run: [msnmsgr] => C:\Programme\Windows Live\Messenger\msnmsgr.exe [3872080 2010-04-16] (Microsoft Corporation)
HKU\S-1-5-21-1547161642-602162358-725345543-1003\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-1547161642-602162358-725345543-1003\...\Policies\Explorer: [NoDriveAutoRun] 0x00000000
HKU\S-1-5-21-1547161642-602162358-725345543-1003\...\MountPoints2: G - G:\TVCenterPro.exe -autorun
HKU\S-1-5-21-1547161642-602162358-725345543-1003\...\MountPoints2: {92de9e13-7bee-11dd-98d0-000d3aa379a4} - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL SanDisk-Games.exe
HKU\S-1-5-21-1547161642-602162358-725345543-1003\...\MountPoints2: {ee888388-2849-11dd-9667-000d3aa379a4} - G:\TVCenterPro.exe -autorun
Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\Spyder3Utility.lnk
ShortcutTarget: Spyder3Utility.lnk -> C:\Programme\Datacolor\Spyder3Elite\Utility\Spyder3Utility.exe ()
Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\Windows Search.lnk
ShortcutTarget: Windows Search.lnk -> C:\Programme\Windows Desktop Search\WindowsSearch.exe (Microsoft Corporation)
Startup: C:\Dokumente und Einstellungen\Harald Sahling\Startmenü\Programme\Autostart\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Dokumente und Einstellungen\Harald Sahling\Anwendungsdaten\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Dokumente und Einstellungen\Harald Sahling\Startmenü\Programme\Autostart\explorer.lnk
ShortcutTarget: explorer.lnk -> c:\dokume~1\alluse~1\anwend~1\727081~1\hclg9dol.cpp (No File)
Startup: C:\Dokumente und Einstellungen\Harald Sahling\Startmenü\Programme\Autostart\PMCRemoteLauncher.lnk
ShortcutTarget: PMCRemoteLauncher.lnk -> C:\Dokumente und Einstellungen\Harald Sahling\Lokale Einstellungen\Anwendungsdaten\Pinnacle\TVC\Tools\PMCRemoteCtrl.exe (Pinnacle Systems)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
SearchScopes: HKLM - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} URL = hxxp://us.yhs.search.yahoo.com/avg/search?fr=yhs-avg-chrome&type=yahoo_avg_hs2-tb-web_chrome_us&p={searchTerms}
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKCU - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} URL = hxxp://search.avg.com/route/?d=4b3d2cf0&i=23&tp=chrome&q={searchTerms}&lng={language}&ychte=at&nt=1
BHO: AVG Safe Search - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - blank No File
BHO: No Name - {5C255C8A-E604-49b4-9D64-90988571CECB} -  No File
BHO: EWPBrowseObject Class - {68F9551E-0411-48E4-9AAF-4BC42A6A46BE} - C:\Programme\Canon\Easy-WebPrint\EWPBrowseLoader.dll ()
BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Programme\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll (Microsoft Corp.)
BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO: Bing Bar BHO - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Programme\MSN Toolbar\Platform\5.0.1449.0\npwinext.dll (Microsoft Corporation)
BHO: Nero Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Programme\Ask.com\GenericAskToolbar.dll (Ask)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Programme\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
BHO: JQSIEStartDetectorImpl Class - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Programme\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)
BHO: SmartSelect Class - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKLM - Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Programme\Canon\Easy-WebPrint\Toolband.dll ()
Toolbar: HKLM - No Name - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} -  No File
Toolbar: HKLM - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKLM - Nero Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Programme\Ask.com\GenericAskToolbar.dll (Ask)
Toolbar: HKLM - @C:\Programme\MSN Toolbar\Platform\5.0.1449.0\npwinext.dll,-100 - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Programme\MSN Toolbar\Platform\5.0.1449.0\npwinext.dll (Microsoft Corporation)
Toolbar: HKLM - &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Programme\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
Toolbar: HKCU - &Adresse - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\System32\browseui.dll (Microsoft Corporation)
Toolbar: HKCU - &Links - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\WINDOWS\system32\SHELL32.dll (Microsoft Corporation)
Toolbar: HKCU - No Name - {A057A204-BACC-4D26-9990-79A187E2698E} -  No File
Toolbar: HKCU - No Name - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} -  No File
Toolbar: HKCU - No Name - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} -  No File
Toolbar: HKCU - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKCU - Nero Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Programme\Ask.com\GenericAskToolbar.dll (Ask)
Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  No File
Toolbar: HKCU - &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Programme\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
DPF: {11260943-421B-11D0-8EAC-0000C07D88CF} hxxp://www.ipix.com/viewers/ipixx.cab
DPF: {17492023-C23A-453E-A040-C7C580BBF700} hxxp://go.microsoft.com/fwlink/?linkid=39204
DPF: {2DAD3559-2923-4935-AD49-B673D2539944} https://www-307.ibm.com/pc/support/access/aslibmain/content/AcpIR.cab
DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} hxxp://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1176666679466
DPF: {82774781-8F4E-11D1-AB1C-0000F8773BF0} https://transfers.ds.microsoft.com/FTM/TransferSource/grTransferCtrl.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
DPF: {C1FDEE68-98D5-4F42-A4DD-D0BECF5077EB} hxxp://tools.ebayimg.com/eps/wl/activex/eBay_Enhanced_Picture_Control_v1-0-31-0.cab
DPF: {CAFEEFAC-0015-0000-0005-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_05-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_01-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler: HPDCS - {ba135f49-a12c-4e26-a2c4-6ea945999072} - C:\Programme\Gemeinsame Dateien\Hewlett-Packard\HP Device Communication Services\APP\hpdcsapp.dll (Hewlett-Packard Company)
Handler: hppfile - {C4E2084B-ED27-4893-A43D-488CA3F370E2} - C:\Programme\Hewlett-Packard\HP Easy Printer Care\HPPCtrls.dll (Hewlett-Packard Company)
Handler: hppsam - {C4E2084B-ED27-4893-A43D-488CA3F370E2} - C:\Programme\Hewlett-Packard\HP Easy Printer Care\HPPCtrls.dll (Hewlett-Packard Company)
Handler: HPPUDCS - {522CC7E5-F378-4F97-8BD7-125D17F5B332} - C:\Programme\Gemeinsame Dateien\Hewlett-Packard\HP Printer Utility DCS\APP\hplidcsapp.dll (Hewlett-Packard Company)
Handler: hppufile - {4BCA8E33-E18F-4358-9F6F-3C7206BCF72F} - C:\Programme\Hewlett-Packard\HP Printer Utility\hpluCtrls.dll (Hewlett-Packard Company)
Handler: hppusam - {4BCA8E33-E18F-4358-9F6F-3C7206BCF72F} - C:\Programme\Hewlett-Packard\HP Printer Utility\hpluCtrls.dll (Hewlett-Packard Company)
Handler: hppuzip - {4BCA8E33-E18F-4358-9F6F-3C7206BCF72F} - C:\Programme\Hewlett-Packard\HP Printer Utility\hpluCtrls.dll (Hewlett-Packard Company)
Handler: hppzip - {C4E2084B-ED27-4893-A43D-488CA3F370E2} - C:\Programme\Hewlett-Packard\HP Easy Printer Care\HPPCtrls.dll (Hewlett-Packard Company)
Handler: http\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Handler: http\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Handler: https\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Handler: https\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Handler: ipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Handler: lid - {5C135180-9973-46D9-ABF4-148267CBB8BF} - C:\WINDOWS\System32\msvidctl.dll (Microsoft Corporation)
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - blank No File
Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
Handler: ms-help - {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
Handler: msdaipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Handler: msdaipp\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
Handler: wlmailhtml - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Programme\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
ShellExecuteHooks: Windows Desktop Search Namespace Manager - {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Programme\Windows Desktop Search\MsnlNamespaceMgr.dll [304128 2009-05-24] (Microsoft Corporation)
Winsock: Catalog5 05 C:\Programme\Bonjour\mdnsNSP.dll [147456] (Apple Inc.)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138

FireFox:
========
FF Plugin: @divx.com/DivX Content Upload Plugin,version=1.0.0 - C:\Programme\DivX\DivX Content Uploader\npUpload.dll (DivX,Inc.)
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Programme\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @divx.com/DivX Web Player Plug-In,version=1.0.0 - C:\Programme\DivX\DivX Web Player\npdivx32.dll (DivX, LLC)
FF Plugin: @java.com/JavaPlugin - C:\Programme\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Programme\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @Microsoft.com/NpWinExt,version=5.0 - C:\Programme\MSN Toolbar\Platform\5.0.1449.0\npwinext.dll (Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeLive,version=1.5 - C:\Programme\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin: @microsoft.com/WLPG,version=14.0.8117.0416 - C:\Programme\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @Nero.com/KM - C:\PROGRA~1\GEMEIN~1\Nero\BROWSE~1\NPBROW~1.DLL (Nero AG)
FF Plugin: @viewpoint.com/VMP - C:\Programme\Viewpoint\Viewpoint Media Player\npViewpoint.dll ()
FF Plugin: Adobe Acrobat - C:\Programme\Adobe\Acrobat 10.0\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @citrixonline.com/appdetectorplugin - C:\Dokumente und Einstellungen\Harald Sahling\Lokale Einstellungen\Anwendungsdaten\Citrix\Plugins\104\npappdetector.dll (Citrix Online)
FF Plugin HKCU: amazon.com/AmazonMP3DownloaderPlugin - C:\Dokumente und Einstellungen\Harald Sahling\Lokale Einstellungen\Anwendungsdaten\Program Files\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin10181.dll (Amazon.com, Inc.)
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF Extension: Microsoft .NET Framework Assistant - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ []
FF HKLM\...\Firefox\Extensions: [jqs@sun.com] - C:\Programme\Java\jre6\lib\deploy\jqs\ff
FF Extension: Java Quick Starter - C:\Programme\Java\jre6\lib\deploy\jqs\ff [2009-07-07]
FF HKLM\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - C:\Programme\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: Adobe Acrobat - Create PDF - C:\Programme\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn [2012-08-20]
FF HKLM\...\Firefox\Extensions: [msntoolbar@msn.com] - C:\Programme\MSN Toolbar\Platform\5.0.1449.0\Firefox
FF Extension: Bing Bar - C:\Programme\MSN Toolbar\Platform\5.0.1449.0\Firefox [2013-07-24]

========================== Services (Whitelisted) =================

R2 AcrSch2Svc; C:\Programme\Gemeinsame Dateien\Acronis\Schedule2\schedul2.exe [809192 2011-08-05] (Acronis)
R2 afcdpsrv; C:\Programme\Gemeinsame Dateien\Acronis\CDP\afcdpsrv.exe [3442640 2012-06-24] (Acronis)
R2 avgfws; C:\Programme\AVG\AVG2014\avgfws.exe [1473792 2014-05-13] (AVG Technologies CZ, s.r.o.)
S2 AVGIDSAgent; C:\Programme\AVG\AVG2014\avgidsagent.exe [3644432 2014-05-13] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Programme\AVG\AVG2014\avgwdsvc.exe [292424 2014-05-13] (AVG Technologies CZ, s.r.o.)
R2 Bonjour Service; C:\Programme\Bonjour\mDNSResponder.exe [238888 2008-08-29] (Apple Inc.)
R2 Creative Service for CDROM Access; C:\WINDOWS\system32\CTsvcCDA.exe [44032 1999-12-13] (Creative Technology Ltd)
S3 fsssvc; C:\Programme\Windows Live\Family Safety\fsssvc.exe [704872 2010-04-28] (Microsoft Corporation)
R3 hpqcxs08; C:\Programme\HP\Digital Imaging\bin\hpqcxs08.dll [254824 2010-05-28] (Hewlett-Packard Co.)
R2 hpqddsvc; C:\Programme\HP\Digital Imaging\bin\hpqddsvc.dll [138600 2010-05-28] (Hewlett-Packard Co.)
R2 HPSLPSVC; C:\Programme\HP\Digital Imaging\bin\HPSLPSVC32.DLL [701288 2010-05-28] (Hewlett-Packard Co.)
S3 IDriverT; C:\Programme\Gemeinsame Dateien\InstallShield\Driver\1050\Intel 32\IDriverT.exe [73728 2004-10-22] (Macrovision Corporation)
R2 JavaQuickStarterService; C:\Programme\Java\jre6\bin\jqs.exe [153376 2011-10-03] (Sun Microsystems, Inc.)
R2 MDM; C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7DEBUG\mdm.exe [335872 2006-10-26] (Microsoft Corporation)
R2 NAUpdate; C:\Programme\Nero\Update\NASvc.exe [690472 2011-07-22] (Nero AG)
R2 O&O Defrag; C:\WINDOWS\system32\oodag.exe [225280 2005-05-11] (O&O Software GmbH)
S3 odserv; C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE12\ODSERV.EXE [440696 2011-07-20] (Microsoft Corporation)
S3 ose; C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE [145184 2006-10-26] (Microsoft Corporation)
S2 SamsungAllShareV2.0; C:\Programme\Samsung\AllShare\AllShareDMS\AllShareDMS.exe [25504 2012-03-02] (Samsung Electronics Co., Ltd.)
R2 SeaPort; C:\Programme\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [226656 2009-01-14] (Microsoft Corp.)
S3 SimpleSlideShowServer; C:\Programme\Samsung\AllShare\AllShareSlideShowService.exe [27584 2012-03-02] (Samsung Electronics Co., Ltd.)
R2 SpyHunter 4 Service; C:\Programme\Enigma Software Group\SpyHunter\SH4Service.exe [770432 2014-01-09] (Enigma Software Group USA, LLC.)
S3 SwitchBoard; C:\Programme\Gemeinsame Dateien\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
S2 syncagentsrv; C:\Programme\Gemeinsame Dateien\Acronis\SyncAgent\syncagentsrv.exe [6495504 2011-08-05] (Acronis)
R2 TeamViewer7; C:\Programme\TeamViewer\Version7\TeamViewer_Service.exe [2849120 2013-02-22] (TeamViewer GmbH)
R2 wlidsvc; C:\Programme\Gemeinsame Dateien\Microsoft Shared\Windows Live\WLIDSVC.EXE [1529728 2009-08-18] (Microsoft Corporation)
R2 WMPNetworkSvc; C:\Programme\Windows Media Player\WMPNetwk.exe [920576 2006-11-03] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

R3 AnyDVD; C:\WINDOWS\System32\Drivers\AnyDVD.sys [121208 2012-05-02] (SlySoft, Inc.)
R3 AssmannUDSMBus; C:\WINDOWS\System32\Drivers\AssmannUDSMBus.sys [86912 2011-05-06] (Windows (R) Codename Longhorn DDK provider)
S3 AssmannUDSTcpBus; C:\WINDOWS\System32\Drivers\AssmannUDSTcpBus.sys [139648 2011-05-06] (Windows (R) Codename Longhorn DDK provider)
R1 Avgdiskx; C:\WINDOWS\System32\DRIVERS\avgdiskx.sys [122136 2014-05-13] (AVG Technologies CZ, s.r.o.)
R3 Avgfwdx; C:\WINDOWS\System32\DRIVERS\avgfwdx.sys [30944 2012-01-12] (AVG Technologies CZ, s.r.o.)
S3 Avgfwfd; C:\WINDOWS\System32\DRIVERS\avgfwdx.sys [30944 2012-01-12] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\WINDOWS\System32\DRIVERS\avgidsdriverx.sys [198936 2014-05-13] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHX; C:\WINDOWS\System32\DRIVERS\avgidshx.sys [149784 2014-05-13] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSShim; C:\WINDOWS\System32\DRIVERS\avgidsshimx.sys [21272 2014-05-13] (AVG Technologies CZ, s.r.o.)
R1 Avgldx86; C:\WINDOWS\System32\DRIVERS\avgldx86.sys [192280 2014-05-13] (AVG Technologies CZ, s.r.o.)
R0 Avglogx; C:\WINDOWS\System32\DRIVERS\avglogx.sys [237848 2014-05-13] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx86; C:\WINDOWS\System32\DRIVERS\avgmfx86.sys [107288 2014-05-13] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx86; C:\WINDOWS\System32\DRIVERS\avgrkx86.sys [27416 2014-05-13] (AVG Technologies CZ, s.r.o.)
R1 Avgtdix; C:\WINDOWS\System32\DRIVERS\avgtdix.sys [210200 2014-05-13] (AVG Technologies CZ, s.r.o.)
S3 CCDECODE; C:\WINDOWS\System32\DRIVERS\CCDECODE.sys [17024 2008-04-13] (Microsoft Corporation)
S3 cvspydr2; C:\WINDOWS\System32\DRIVERS\cvspydr2.sys [33024 2002-04-02] (Colorvision Inc)
R1 ElbyCDIO; C:\WINDOWS\System32\Drivers\ElbyCDIO.sys [31088 2010-12-17] (Elaborate Bytes AG)
R3 esgiguard; C:\Programme\Enigma Software Group\SpyHunter\esgiguard.sys [12288 2014-01-07] ()
S3 EsgScanner; C:\WINDOWS\System32\DRIVERS\EsgScanner.sys [19984 2012-06-22] ()
R2 fssfltr; C:\WINDOWS\System32\DRIVERS\fssfltr_tdi.sys [54760 2010-04-28] (Microsoft Corporation)
S3 GeneStor; C:\WINDOWS\System32\DRIVERS\GeneStor.sys [54784 2011-05-18] (GenesysLogic)
S3 HPZid412; C:\WINDOWS\System32\DRIVERS\HPZid412.sys [49920 2010-02-01] (HP)
S3 HPZipr12; C:\WINDOWS\System32\DRIVERS\HPZipr12.sys [16496 2010-02-01] (HP)
S3 HPZius12; C:\WINDOWS\System32\DRIVERS\HPZius12.sys [21568 2010-02-01] (HP)
S3 ivusb; C:\WINDOWS\System32\DRIVERS\ivusb.sys [25112 2010-07-29] (Initio Corporation)
R3 mod7700; C:\WINDOWS\System32\Drivers\mod7700.sys [554240 2007-12-11] (DiBcom SA)
R3 MODRC; C:\WINDOWS\System32\DRIVERS\modrc.sys [13824 2007-11-09] (DiBcom S.A.)
S3 MPE; C:\WINDOWS\System32\DRIVERS\MPE.sys [15232 2008-04-13] (Microsoft Corporation)
S3 NdisIP; C:\WINDOWS\System32\DRIVERS\NdisIP.sys [10880 2008-04-13] (Microsoft Corporation)
R3 P17; C:\WINDOWS\System32\drivers\P17.sys [1389056 2005-07-07] (Creative Technology Ltd.)
S3 scsiscan; C:\WINDOWS\System32\DRIVERS\scsiscan.sys [11520 2008-04-13] (Microsoft Corporation)
R0 SI3124r; C:\WINDOWS\System32\DRIVERS\SI3124R.sys [100881 2004-02-03] (Silicon Image, Inc)
R0 Si3124r5; C:\WINDOWS\System32\DRIVERS\Si3124r5.sys [207152 2006-09-20] (Silicon Image, Inc)
R0 SiFilter; C:\WINDOWS\System32\DRIVERS\SiWinAcc.sys [17328 2006-07-13] (Silicon Image, Inc.)
S3 Spyder3; C:\WINDOWS\System32\DRIVERS\Spyder3.sys [12288 2007-12-12] ()
R0 symmpi; C:\WINDOWS\System32\drivers\symmpi.sys [37760 2003-05-23] (LSI Logic)
R0 tdrpman; C:\WINDOWS\System32\DRIVERS\tdrpman.sys [766208 2012-06-24] (Acronis)
R0 vididr; C:\WINDOWS\System32\DRIVERS\vididr.sys [126112 2012-06-24] (Acronis)
R0 vidsflt58; C:\WINDOWS\System32\DRIVERS\vsflt58.sys [84512 2012-06-24] (Acronis)
S4 hpt3xx; No ImagePath
S4 IntelIde; No ImagePath
S3 Pcouffin; System32\Drivers\Pcouffin.sys [X]
U5 ScsiPort; C:\WINDOWS\system32\drivers\scsiport.sys [96384 2008-04-13] (Microsoft Corporation)
U5 Tcpip6; C:\Windows\System32\Drivers\Tcpip6.sys [226880 2010-02-11] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-05-27 10:10 - 2014-05-27 10:10 - 00033862 _____ () C:\Dokumente und Einstellungen\Harald Sahling\Desktop\FRST.txt
2014-05-27 10:10 - 2014-05-27 10:10 - 00000000 ____D () C:\FRST
2014-05-27 10:09 - 2014-05-27 10:09 - 01056256 _____ (Farbar) C:\Dokumente und Einstellungen\Harald Sahling\Desktop\FRST.exe
2014-05-26 19:35 - 2011-07-13 04:55 - 02237440 ____R (OldTimer Tools) C:\OTLPE.exe
2014-05-26 19:34 - 2014-05-26 19:34 - 00003044 _____ () C:\05262014_133017.log
2014-05-26 19:30 - 2014-05-26 19:30 - 00000000 ____D () C:\_OTL
2014-05-26 18:58 - 2014-05-26 18:58 - 00104104 _____ () C:\Dokumente und Einstellungen\Harald Sahling\Desktop\OTL.txt
2014-05-26 18:52 - 2014-05-26 21:06 - 00103858 _____ () C:\OTL.Txt
2014-05-26 17:52 - 2014-05-26 17:52 - 00000000 ____D () C:\Dokumente und Einstellungen\Harald Sahling\Anwendungsdaten\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
2014-05-26 17:52 - 2014-05-26 17:52 - 00000000 ____D () C:\Dokumente und Einstellungen\All Users\Adobe
2014-05-26 17:32 - 2014-05-26 17:32 - 00001203 _____ () C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Adobe Illustrator CS6.lnk
2014-05-26 17:32 - 2014-05-26 17:32 - 00000000 ____D () C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\ALM
2014-05-26 17:31 - 2014-05-26 17:31 - 00000788 _____ () C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Adobe Bridge CS6.lnk
2014-05-26 17:29 - 2014-05-26 17:29 - 00001116 _____ () C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Adobe ExtendScript Toolkit CS6.lnk
2014-05-26 17:29 - 2014-05-26 17:29 - 00000972 _____ () C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Adobe Extension Manager CS6.lnk
2014-05-26 17:28 - 2014-05-26 17:28 - 00000708 _____ () C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Adobe Help.lnk
2014-05-26 16:39 - 2014-05-26 16:39 - 00068220 ____H () C:\WINDOWS\system32\mlfcache.dat
2014-05-26 16:34 - 2014-05-26 16:34 - 00000000 ___HD () C:\WINDOWS\PIF
2014-05-26 15:51 - 2014-05-26 15:51 - 00000000 ____D () C:\Dokumente und Einstellungen\Harald Sahling\Anwendungsdaten\TuneUp Software
2014-05-26 15:51 - 2014-05-26 15:51 - 00000000 ____D () C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\AVG
2014-05-26 15:17 - 2014-05-26 15:17 - 00000341 _____ () C:\Dokumente und Einstellungen\Harald Sahling\Desktop\TVCenter Pro.lnk
2014-05-26 13:46 - 2014-05-26 13:52 - 00003831 _____ () C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\RUNDLL32.EXE-4048-F.txt
2014-05-26 13:39 - 2014-05-26 13:41 - 00001195 _____ () C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\RUNDLL32.EXE-3916-F.txt
2014-05-26 11:11 - 2014-05-26 11:35 - 00013688 _____ () C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\RUNDLL32.EXE-2256-F.txt
2014-05-26 10:55 - 2014-05-26 10:56 - 00000472 _____ () C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\RUNDLL32.EXE-3792-F.txt
2014-05-26 10:43 - 2014-05-26 10:52 - 00005209 _____ () C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\RUNDLL32.EXE-3860-F.txt
2014-05-26 10:28 - 2014-05-26 10:33 - 00003180 _____ () C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\RUNDLL32.EXE-3976-F.txt
2014-05-26 10:12 - 2014-05-26 10:19 - 00004082 _____ () C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\RUNDLL32.EXE-1640-F.txt
2014-05-26 10:07 - 2014-05-26 10:10 - 00001741 _____ () C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\RUNDLL32.EXE-1784-F.txt
2014-05-26 10:01 - 2014-05-26 10:04 - 00001679 _____ () C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\RUNDLL32.EXE-4024-F.txt
2014-05-26 09:55 - 2014-05-26 09:55 - 00000236 _____ () C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\RUNDLL32.EXE-3864-F.txt
2014-05-26 09:51 - 2014-05-26 09:52 - 00000951 _____ () C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\RUNDLL32.EXE-588-F.txt
2014-05-26 09:48 - 2014-05-26 09:48 - 00000000 __SHD () C:\WINDOWS\CSC
2014-05-26 09:46 - 2014-05-26 09:46 - 00000236 _____ () C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\RUNDLL32.EXE-1792-F.txt
2014-05-26 09:39 - 2014-05-26 09:41 - 00000786 _____ () C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\RUNDLL32.EXE-840-F.txt
2014-05-26 09:27 - 2014-05-26 09:36 - 00005150 _____ () C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\RUNDLL32.EXE-3928-F.txt
2014-05-26 09:23 - 2014-05-26 09:23 - 00000353 _____ () C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\RUNDLL32.EXE-37456-F.txt
2014-05-26 09:19 - 2014-05-26 21:09 - 00000000 ____D () C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\72708163A29C273D7EF0E798417733CC
2014-05-16 08:10 - 2014-05-16 08:20 - 00000000 ____D () C:\Dokumente und Einstellungen\Harald Sahling\Desktop\Steidl
2014-05-14 03:03 - 2014-05-14 03:03 - 00000000 ____D () C:\Programme\Gemeinsame Dateien\DESIGNER
2014-05-13 14:19 - 2014-05-13 14:19 - 00192280 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgldx86.sys
2014-05-13 14:17 - 2014-05-13 14:17 - 00122136 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgdiskx.sys
2014-05-13 14:17 - 2014-05-13 14:17 - 00107288 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgmfx86.sys
2014-05-13 14:09 - 2014-05-13 14:09 - 00198936 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgidsdriverx.sys
2014-05-13 14:04 - 2014-05-13 14:04 - 00027416 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgrkx86.sys
2014-05-13 14:04 - 2014-05-13 14:04 - 00021272 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgidsshimx.sys
2014-05-03 03:00 - 2014-05-03 03:01 - 00007027 _____ () C:\WINDOWS\KB2964358-IE8.log

==================== One Month Modified Files and Folders =======

2014-05-27 10:11 - 2012-10-11 19:18 - 00000244 _____ () C:\WINDOWS\Tasks\Scheduled Update for Ask Toolbar.job
2014-05-27 10:10 - 2014-05-27 10:10 - 00033862 _____ () C:\Dokumente und Einstellungen\Harald Sahling\Desktop\FRST.txt
2014-05-27 10:10 - 2014-05-27 10:10 - 00000000 ____D () C:\FRST
2014-05-27 10:10 - 2012-11-13 20:06 - 00000448 _____ () C:\WINDOWS\Tasks\At1.job
2014-05-27 10:09 - 2014-05-27 10:09 - 01056256 _____ (Farbar) C:\Dokumente und Einstellungen\Harald Sahling\Desktop\FRST.exe
2014-05-27 10:03 - 2012-05-08 23:19 - 00000000 ____D () C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\MFAData
2014-05-27 09:24 - 2012-04-12 21:08 - 00000884 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2014-05-27 09:21 - 2007-04-15 20:57 - 00032506 _____ () C:\WINDOWS\SchedLgU.Txt
2014-05-27 03:00 - 2007-04-15 21:51 - 01462775 _____ () C:\WINDOWS\WindowsUpdate.log
2014-05-27 02:00 - 2012-06-25 23:18 - 00000364 _____ () C:\WINDOWS\Tasks\AdobeAAMUpdater-1.0-INTELLISTATION1-Harald Sahling.job
2014-05-26 21:09 - 2014-05-26 09:19 - 00000000 ____D () C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\72708163A29C273D7EF0E798417733CC
2014-05-26 21:06 - 2014-05-26 18:52 - 00103858 _____ () C:\OTL.Txt
2014-05-26 20:40 - 2012-11-13 20:06 - 00000448 _____ () C:\WINDOWS\Tasks\At2.job
2014-05-26 19:34 - 2014-05-26 19:34 - 00003044 _____ () C:\05262014_133017.log
2014-05-26 19:30 - 2014-05-26 19:30 - 00000000 ____D () C:\_OTL
2014-05-26 19:19 - 2007-04-15 20:37 - 00000335 _____ () C:\WINDOWS\wiadebug.log
2014-05-26 19:06 - 2012-11-13 20:06 - 00000448 _____ () C:\WINDOWS\Tasks\At3.job
2014-05-26 18:58 - 2014-05-26 18:58 - 00104104 _____ () C:\Dokumente und Einstellungen\Harald Sahling\Desktop\OTL.txt
2014-05-26 18:13 - 2009-05-08 18:58 - 00000000 ____D () C:\Dokumente und Einstellungen\Harald Sahling\Eigene Dateien\Eigene Scans
2014-05-26 17:52 - 2014-05-26 17:52 - 00000000 ____D () C:\Dokumente und Einstellungen\Harald Sahling\Anwendungsdaten\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
2014-05-26 17:52 - 2014-05-26 17:52 - 00000000 ____D () C:\Dokumente und Einstellungen\All Users\Adobe
2014-05-26 17:52 - 2007-04-16 21:03 - 00000000 ____D () C:\Dokumente und Einstellungen\Harald Sahling\Anwendungsdaten\Adobe
2014-05-26 17:51 - 2013-07-08 21:45 - 00085600 _____ () C:\WINDOWS\system32\GDIPFONTCACHEV1.DAT
2014-05-26 17:34 - 2012-06-25 23:09 - 00000000 ____D () C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\regid.1986-12.com.adobe
2014-05-26 17:32 - 2014-05-26 17:32 - 00001203 _____ () C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Adobe Illustrator CS6.lnk
2014-05-26 17:32 - 2014-05-26 17:32 - 00000000 ____D () C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\ALM
2014-05-26 17:32 - 2007-04-15 20:34 - 00000000 ____D () C:\Dokumente und Einstellungen\All Users\Startmenü\Programme
2014-05-26 17:31 - 2014-05-26 17:31 - 00000788 _____ () C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Adobe Bridge CS6.lnk
2014-05-26 17:31 - 2007-04-16 20:58 - 00000000 ____D () C:\Programme\Gemeinsame Dateien\Adobe
2014-05-26 17:31 - 2007-04-16 20:58 - 00000000 ____D () C:\Programme\Adobe
2014-05-26 17:29 - 2014-05-26 17:29 - 00001116 _____ () C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Adobe ExtendScript Toolkit CS6.lnk
2014-05-26 17:29 - 2014-05-26 17:29 - 00000972 _____ () C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Adobe Extension Manager CS6.lnk
2014-05-26 17:29 - 2007-04-16 20:58 - 00000000 ____D () C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Adobe
2014-05-26 17:28 - 2014-05-26 17:28 - 00000708 _____ () C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Adobe Help.lnk
2014-05-26 16:41 - 2013-09-26 16:15 - 00000000 ____D () C:\Dokumente und Einstellungen\Harald Sahling\Lokale Einstellungen\Anwendungsdaten\Avg2014
2014-05-26 16:39 - 2014-05-26 16:39 - 00068220 ____H () C:\WINDOWS\system32\mlfcache.dat
2014-05-26 16:37 - 2007-04-16 21:04 - 00000000 ____D () C:\Dokumente und Einstellungen\Harald Sahling\Lokale Einstellungen\Anwendungsdaten\Adobe
2014-05-26 16:34 - 2014-05-26 16:34 - 00000000 ___HD () C:\WINDOWS\PIF
2014-05-26 16:34 - 2010-10-15 03:30 - 00994550 _____ () C:\WINDOWS\setupapi.log
2014-05-26 16:29 - 2014-02-06 13:07 - 00000000 ___RD () C:\Dokumente und Einstellungen\Harald Sahling\Eigene Dateien\Dropbox
2014-05-26 16:29 - 2014-02-06 13:06 - 00000000 ____D () C:\Dokumente und Einstellungen\Harald Sahling\Anwendungsdaten\DropboxMaster
2014-05-26 16:29 - 2014-02-06 13:04 - 00000000 ____D () C:\Dokumente und Einstellungen\Harald Sahling\Anwendungsdaten\Dropbox
2014-05-26 16:29 - 2014-01-02 09:54 - 00000000 ____D () C:\Dokumente und Einstellungen\Harald Sahling\Tracing
2014-05-26 16:26 - 2014-04-06 21:17 - 00000240 _____ () C:\WINDOWS\Tasks\Ende des Supports für Microsoft Windows XP –  Benachrichtigung – Anmeldung.job
2014-05-26 16:26 - 2013-01-30 20:05 - 00000334 _____ () C:\WINDOWS\Tasks\ROC_PAID_JAN2013_TB_rmv.job
2014-05-26 16:26 - 2013-01-25 09:49 - 00000334 _____ () C:\WINDOWS\Tasks\ROC_JAN2013_TB_rmv.job
2014-05-26 16:26 - 2007-04-15 20:37 - 00000050 _____ () C:\WINDOWS\wiaservc.log
2014-05-26 16:26 - 2007-04-15 19:51 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-05-26 16:26 - 2001-08-23 14:00 - 00012598 _____ () C:\WINDOWS\system32\wpa.dbl
2014-05-26 16:25 - 2007-09-04 12:12 - 00150738 _____ () C:\WINDOWS\system32\OODBS.lor
2014-05-26 16:24 - 2009-10-31 14:13 - 00393216 _____ () C:\WINDOWS\system32\config\ACEEvent.evt
2014-05-26 16:24 - 2007-04-15 20:58 - 00000300 ___SH () C:\Dokumente und Einstellungen\Harald Sahling\ntuser.ini
2014-05-26 16:14 - 2007-04-15 20:58 - 00000000 ____D () C:\Dokumente und Einstellungen\Harald Sahling
2014-05-26 16:13 - 2012-05-07 23:55 - 00000000 ____D () C:\Dokumente und Einstellungen\Harald Sahling\Anwendungsdaten\uTorrent
2014-05-26 15:51 - 2014-05-26 15:51 - 00000000 ____D () C:\Dokumente und Einstellungen\Harald Sahling\Anwendungsdaten\TuneUp Software
2014-05-26 15:51 - 2014-05-26 15:51 - 00000000 ____D () C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\AVG
2014-05-26 15:49 - 2014-04-07 08:57 - 00000000 ____D () C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\AVG Eigenständige Version von Link Scanner
2014-05-26 15:49 - 2013-09-26 16:17 - 00000000 ____D () C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\AVG2014
2014-05-26 15:17 - 2014-05-26 15:17 - 00000341 _____ () C:\Dokumente und Einstellungen\Harald Sahling\Desktop\TVCenter Pro.lnk
2014-05-26 13:52 - 2014-05-26 13:46 - 00003831 _____ () C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\RUNDLL32.EXE-4048-F.txt
2014-05-26 13:41 - 2014-05-26 13:39 - 00001195 _____ () C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\RUNDLL32.EXE-3916-F.txt
2014-05-26 13:39 - 2007-04-15 20:58 - 00000000 ___RD () C:\Dokumente und Einstellungen\Harald Sahling\Startmenü\Programme\Autostart
2014-05-26 11:35 - 2014-05-26 11:11 - 00013688 _____ () C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\RUNDLL32.EXE-2256-F.txt
2014-05-26 11:22 - 2014-02-06 13:07 - 00001075 _____ () C:\Dokumente und Einstellungen\Harald Sahling\Desktop\Dropbox.lnk
2014-05-26 11:22 - 2014-02-06 13:06 - 00000000 ____D () C:\Dokumente und Einstellungen\Harald Sahling\Startmenü\Programme\Dropbox
2014-05-26 10:56 - 2014-05-26 10:55 - 00000472 _____ () C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\RUNDLL32.EXE-3792-F.txt
2014-05-26 10:52 - 2014-05-26 10:43 - 00005209 _____ () C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\RUNDLL32.EXE-3860-F.txt
2014-05-26 10:33 - 2014-05-26 10:28 - 00003180 _____ () C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\RUNDLL32.EXE-3976-F.txt
2014-05-26 10:19 - 2014-05-26 10:12 - 00004082 _____ () C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\RUNDLL32.EXE-1640-F.txt
2014-05-26 10:10 - 2014-05-26 10:07 - 00001741 _____ () C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\RUNDLL32.EXE-1784-F.txt
2014-05-26 10:08 - 2014-04-14 18:08 - 00001971 _____ () C:\Dokumente und Einstellungen\Harald Sahling\Desktop\SpyHunter.lnk
2014-05-26 10:04 - 2014-05-26 10:01 - 00001679 _____ () C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\RUNDLL32.EXE-4024-F.txt
2014-05-26 09:55 - 2014-05-26 09:55 - 00000236 _____ () C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\RUNDLL32.EXE-3864-F.txt
2014-05-26 09:52 - 2014-05-26 09:51 - 00000951 _____ () C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\RUNDLL32.EXE-588-F.txt
2014-05-26 09:48 - 2014-05-26 09:48 - 00000000 __SHD () C:\WINDOWS\CSC
2014-05-26 09:46 - 2014-05-26 09:46 - 00000236 _____ () C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\RUNDLL32.EXE-1792-F.txt
2014-05-26 09:41 - 2014-05-26 09:39 - 00000786 _____ () C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\RUNDLL32.EXE-840-F.txt
2014-05-26 09:36 - 2014-05-26 09:27 - 00005150 _____ () C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\RUNDLL32.EXE-3928-F.txt
2014-05-26 09:23 - 2014-05-26 09:23 - 00000353 _____ () C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\RUNDLL32.EXE-37456-F.txt
2014-05-25 14:00 - 2012-11-13 20:06 - 00000448 _____ () C:\WINDOWS\Tasks\At4.job
2014-05-21 09:37 - 2013-09-26 16:23 - 00000698 _____ () C:\Dokumente und Einstellungen\All Users\Desktop\AVG 2014.lnk
2014-05-18 18:25 - 2010-09-18 00:51 - 00000000 ____D () C:\Dokumente und Einstellungen\Harald Sahling\Anwendungsdaten\FileZilla
2014-05-16 08:35 - 2007-04-16 07:37 - 00108346 ____C () C:\WINDOWS\wmsetup.log
2014-05-16 08:20 - 2014-05-16 08:10 - 00000000 ____D () C:\Dokumente und Einstellungen\Harald Sahling\Desktop\Steidl
2014-05-14 03:12 - 2010-11-12 21:48 - 00000000 ____D () C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Microsoft Help
2014-05-14 03:10 - 2013-08-15 03:51 - 00000000 ____D () C:\WINDOWS\system32\MRT
2014-05-14 03:04 - 2007-04-16 08:12 - 90547776 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2014-05-14 03:03 - 2014-05-14 03:03 - 00000000 ____D () C:\Programme\Gemeinsame Dateien\DESIGNER
2014-05-13 14:19 - 2014-05-13 14:19 - 00192280 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgldx86.sys
2014-05-13 14:17 - 2014-05-13 14:17 - 00122136 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgdiskx.sys
2014-05-13 14:17 - 2014-05-13 14:17 - 00107288 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgmfx86.sys
2014-05-13 14:17 - 2013-09-02 10:28 - 00237848 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avglogx.sys
2014-05-13 14:17 - 2012-04-19 04:50 - 00149784 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgidshx.sys
2014-05-13 14:17 - 2012-03-19 05:17 - 00210200 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgtdix.sys
2014-05-13 14:09 - 2014-05-13 14:09 - 00198936 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgidsdriverx.sys
2014-05-13 14:04 - 2014-05-13 14:04 - 00027416 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgrkx86.sys
2014-05-13 14:04 - 2014-05-13 14:04 - 00021272 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgidsshimx.sys
2014-05-11 15:01 - 2014-04-06 21:17 - 00000234 _____ () C:\WINDOWS\Tasks\Ende des Supports für Microsoft Windows XP – Monatliche Benachrichtigung.job
2014-05-09 11:46 - 2010-06-24 00:01 - 00128512 __SHC () C:\Dokumente und Einstellungen\Harald Sahling\Desktop\Thumbs.db
2014-05-03 03:01 - 2014-05-03 03:00 - 00007027 _____ () C:\WINDOWS\KB2964358-IE8.log
2014-05-03 03:01 - 2010-04-01 09:24 - 00000000 ____D () C:\WINDOWS\ie8updates
2014-05-03 03:01 - 2007-04-17 03:00 - 00479346 ____C () C:\WINDOWS\updspapi.log
2014-05-03 03:01 - 2007-04-16 07:39 - 00554894 _____ () C:\WINDOWS\netfxocm.log
2014-05-03 03:01 - 2007-04-16 07:39 - 00159127 _____ () C:\WINDOWS\tabletoc.log
2014-05-03 03:01 - 2007-04-16 07:37 - 00220966 _____ () C:\WINDOWS\medctroc.Log
2014-05-03 03:01 - 2007-04-15 20:35 - 03282451 _____ () C:\WINDOWS\FaxSetup.log
2014-05-03 03:01 - 2007-04-15 20:35 - 01595741 _____ () C:\WINDOWS\iis6.log
2014-05-03 03:01 - 2007-04-15 20:35 - 01574605 _____ () C:\WINDOWS\ocgen.log
2014-05-03 03:01 - 2007-04-15 20:35 - 01506048 _____ () C:\WINDOWS\tsoc.log
2014-05-03 03:01 - 2007-04-15 20:35 - 01037230 _____ () C:\WINDOWS\comsetup.log
2014-05-03 03:01 - 2007-04-15 20:35 - 01003604 _____ () C:\WINDOWS\msmqinst.log
2014-05-03 03:01 - 2007-04-15 20:35 - 00629785 _____ () C:\WINDOWS\ntdtcsetup.log
2014-05-03 03:01 - 2007-04-15 20:35 - 00171380 _____ () C:\WINDOWS\ocmsn.log
2014-05-03 03:01 - 2007-04-15 20:35 - 00164675 _____ () C:\WINDOWS\msgsocm.log
2014-05-03 03:01 - 2007-04-15 20:35 - 00001355 _____ () C:\WINDOWS\imsins.log
2014-04-30 10:13 - 2007-01-04 15:40 - 06022144 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\mshtml.dll
2014-04-30 10:13 - 2004-09-29 10:03 - 06022144 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll

Files to move or delete:
====================
C:\Windows\Tasks\At1.job
C:\Windows\Tasks\At2.job
C:\Windows\Tasks\At3.job
C:\Windows\Tasks\At4.job


Some content of TEMP:
====================
C:\Dokumente und Einstellungen\Harald Sahling\Lokale Einstellungen\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmp68mvgz.dll


==================== Bamital & volsnap Check =================

C:\WINDOWS\explorer.exe
[2001-08-23 14:00] - [2008-04-14 04:22] - 1036800 ____A (Microsoft Corporation) 418045a93cd87a352098ab7dabe1b53e 

C:\WINDOWS\system32\winlogon.exe
[2001-08-23 14:00] - [2008-04-14 04:23] - 0513024 ____A (Microsoft Corporation) f09a527b422e25c478e38caa0e44417a 

C:\WINDOWS\system32\svchost.exe
[2001-08-23 14:00] - [2008-04-14 04:23] - 0014336 ____A (Microsoft Corporation) 4fbc75b74479c7a6f829e0ca19df3366 

C:\WINDOWS\system32\services.exe
[2001-08-23 14:00] - [2009-02-09 13:21] - 0111104 ____A (Microsoft Corporation) a3edbe9053889fb24ab22492472b39dc 

C:\WINDOWS\system32\User32.dll
[2001-08-23 14:00] - [2008-04-14 04:22] - 0580096 ____A (Microsoft Corporation) b0050cc5340e3a0760dd8b417ff7aebd 

C:\WINDOWS\system32\userinit.exe
[2001-08-23 14:00] - [2008-04-14 04:23] - 0026624 ____A (Microsoft Corporation) 788f95312e26389d596c0fa55834e106 

C:\WINDOWS\system32\rpcss.dll
[2007-04-16 03:04] - [2009-02-09 12:51] - 0401408 ____A (Microsoft Corporation) 3127afbf2c1ed0ab14a1bbb7aaecb85b 

 ATTENTION ======> If the system is having audio adware rpcss.dll is patched. Google the MD5, if the MD5 is unique the file is infected.
C:\WINDOWS\system32\Drivers\volsnap.sys
[2001-08-23 14:00] - [2008-04-14 03:52] - 0053760 ____A (Microsoft Corporation) a5a712f4e880874a477af790b5186e1d 


==================== End Of Log ============================
         
--- --- ---


dabei gefällt mir diese Zeile nicht:
Startup: C:\Dokumente und Einstellungen\Harald Sahling\Startmenü\Programme\Autostart\explorer.lnk
ShortcutTarget: explorer.lnk -> c:\dokume~1\alluse~1\anwend~1\727081~1\hclg9dol.cpp (No File)

addition kommt in neuem Beitrag
__________________

Alt 27.05.2014, 07:26   #4
Plini
 
Gelöst aber richtig?/ LPD (GVA) Trojaner auf XP mit Verhinderung abgesicherter Systemstart - Standard

Gelöst aber richtig?/ LPD (GVA) Trojaner auf XP mit Verhinderung abgesicherter Systemstart



und die addition (ist halt schon ein altes System - daher lang)
Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x86) Version:25-05-2014 02
Ran by Harald Sahling at 2014-05-27 10:11:59
Running from C:\Dokumente und Einstellungen\Harald Sahling\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================


==================== Installed Programs ======================

µTorrent (HKLM\...\uTorrent) (Version: 3.3.0.29544 - BitTorrent Inc.)
32 Bit HP CIO Components Installer (Version: 1.0.0 - Hewlett-Packard) Hidden
32 Bit HP CIO Components Installer (Version: 7.1.8 - Hewlett-Packard) Hidden
ACDSee 8 (HKLM\...\{AE80641A-0C8D-4670-A518-B4EC154B1027}) (Version: 8.0.39 - ACD Systems Ltd.)
ACDSee Foto-Manager 2009 (HKLM\...\{300578F9-9EFF-4B93-9AB1-C0E5707EF463}) (Version: 11.0.113 - ACD Systems International)
Acronis*True*Image*Home 2012 (HKLM\...\{D496F7BC-6AE5-4A3E-85E6-605BDF92AFD8}Visible) (Version: 15.0.5060 - Acronis)
Acronis*True*Image*Home 2012 (Version: 15.0.5060 - Acronis) Hidden
Adobe Acrobat - Reader 6.0.2 Update (HKLM\...\{AC76BA86-0000-0000-0000-6028747ADE01}) (Version: 6.0.2 - Adobe Systems)
Adobe Acrobat X Pro - English, Français, Deutsch (HKLM\...\{AC76BA86-1033-F400-7760-000000000005}) (Version: 10.1.9 - Adobe Systems)
Adobe AIR (HKLM\...\Adobe AIR) (Version: 3.9.0.1210 - Adobe Systems Incorporated)
Adobe AIR (Version: 3.9.0.1210 - Adobe Systems Incorporated) Hidden
Adobe Atmosphere Player for Acrobat and Adobe Reader (HKLM\...\Adobe Atmosphere Player) (Version:  - )
Adobe Flash Player 11 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 11.7.700.202 - Adobe Systems Incorporated)
Adobe Help Center 1.0 (Version: 001.000.000 - Adobe Systems) Hidden
Adobe Help Manager (HKLM\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 4.0.244 - Adobe Systems Incorporated)
Adobe Help Manager (Version: 4.0.244 - Adobe Systems Incorporated) Hidden
Adobe Illustrator CS6 (HKLM\...\{4869414E-7AEA-4C8E-BE1C-8D40977FD517}) (Version: 16.0 - Adobe Systems Incorporated)
Adobe Media Player (HKLM\...\com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.8 - Adobe Systems Incorporated)
Adobe Media Player (Version: 1.8 - Adobe Systems Incorporated) Hidden
Adobe Photoshop CS5 (HKLM\...\{15FEDA5F-141C-4127-8D7E-B962D1742728}) (Version: 12.0 - Adobe Systems Incorporated)
Adobe Stock Photos 1.0 (Version: 1.0.8 - Adobe Systems) Hidden
Akamai NetSession Interface (HKCU\...\Akamai) (Version:  - Akamai Technologies, Inc)
Amazon MP3-Downloader 1.0.18 (HKCU\...\Amazon MP3-Downloader) (Version: 1.0.18 - Amazon Services LLC)
Any Video Converter Professional 3.0.1 (HKLM\...\Any Video Converter Professional_is1) (Version:  - Any-Video-Converter.com)
AnyDVD (HKLM\...\AnyDVD) (Version: 7.0.7.0 - SlySoft)
Ask Toolbar (HKLM\...\{86D4B82A-ABED-442A-BE86-96357B70F4FE}) (Version: 1.15.1.0 - Ask.com) <==== ATTENTION
ATI - Dienstprogramm zur Deinstallation der Software (HKLM\...\All ATI Software) (Version: 6.14.10.1022 - )
ATI Catalyst Control Center (HKLM\...\{055EE59D-217B-43A7-ABFF-507B966405D8}) (Version: 2.009.0211.2224 - )
ATI Display Driver (HKLM\...\ATI Display Driver) (Version: 8.583-090211a-077157C-ATI - )
ATI Hydravision APS (HKLM\...\{CBBCD044-B406-4C41-A3DD-99DE6F0004D2}) (Version: 4.0.0.1 - ATI Technologies Inc.)
ATI Systemsteuerung (HKLM\...\{0BEDBD4E-2D34-47B5-9973-57E62B29307C}) (Version: 6.14.10.5194 - )
AVG 2014 (HKLM\...\AVG) (Version: 2014.0.4592 - AVG Technologies)
AVG 2014 (Version: 14.0.3950 - AVG Technologies) Hidden
AVG 2014 (Version: 14.0.4592 - AVG Technologies) Hidden
Bing Bar (HKLM\...\{08234a0d-cf39-4dca-99f0-0c5cb496da81}) (Version: 5.0.1449.0 - Microsoft Corporation)
Bing Bar Platform (Version: 5.0.1449.0 - Microsoft Corporation) Hidden
Bonjour (HKLM\...\{8A25392D-C5D2-4E79-A2BD-C15DDC5B0959}) (Version: 1.0.105 - Apple Inc.)
bpd_scan (Version: 3.00.0000 - Hewlett-Packard) Hidden
Canon iP6700D (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_iP6700D) (Version:  - )
Canon iP6700D Benutzerregistrierung (HKLM\...\Canon iP6700D Benutzerregistrierung) (Version:  - )
Canon iP6700D Memory Card Utility (HKLM\...\MCU PDUiP6700DMon.exe) (Version:  - )
Canon PhotoRecord (HKLM\...\{BBBC2B89-E193-4348-A83C-C8DD8210A4AC}) (Version: 02.02.03002 - Cisra)
Canon PRO-1 v1-1 series Printer Driver (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_PRO-1_v1-1_series) (Version:  - Canon Inc.)
Canon Utilities Easy-PhotoPrint (HKLM\...\Easy-PhotoPrint) (Version:  - )
Canon Utilities Easy-PrintToolBox (HKLM\...\Easy-PrintToolBox) (Version:  - )
Capture One 5.1 (HKLM\...\CaptureOne5_is1) (Version: 5.1.38846.44 - Phase One A/S)
Catalyst Control Center Core Implementation (Version: 2009.0211.2225.40219 - ATI) Hidden
Catalyst Control Center Graphics Full Existing (Version: 2009.0211.2225.40219 - ATI) Hidden
Catalyst Control Center Graphics Full New (Version: 2009.0211.2225.40219 - ATI) Hidden
Catalyst Control Center Graphics Light (Version: 2009.0211.2225.40219 - ATI) Hidden
Catalyst Control Center Graphics Previews Common (Version: 2009.0211.2225.40219 - ATI) Hidden
Catalyst Control Center HydraVision Full (Version: 2009.0211.2225.40219 - ATI) Hidden
Catalyst Control Center Localization All (Version: 2009.0211.2225.40219 - ATI) Hidden
CCC Help Chinese Standard (Version: 2009.0211.2224.40219 - ATI) Hidden
CCC Help Chinese Traditional (Version: 2009.0211.2224.40219 - ATI) Hidden
CCC Help Czech (Version: 2009.0211.2224.40219 - ATI) Hidden
CCC Help Danish (Version: 2009.0211.2224.40219 - ATI) Hidden
CCC Help Dutch (Version: 2009.0211.2224.40219 - ATI) Hidden
CCC Help English (Version: 2009.0211.2224.40219 - ATI) Hidden
CCC Help Finnish (Version: 2009.0211.2224.40219 - ATI) Hidden
CCC Help French (Version: 2009.0211.2224.40219 - ATI) Hidden
CCC Help German (Version: 2009.0211.2224.40219 - ATI) Hidden
CCC Help Greek (Version: 2009.0211.2224.40219 - ATI) Hidden
CCC Help Hungarian (Version: 2009.0211.2224.40219 - ATI) Hidden
CCC Help Italian (Version: 2009.0211.2224.40219 - ATI) Hidden
CCC Help Japanese (Version: 2009.0211.2224.40219 - ATI) Hidden
CCC Help Korean (Version: 2009.0211.2224.40219 - ATI) Hidden
CCC Help Norwegian (Version: 2009.0211.2224.40219 - ATI) Hidden
CCC Help Polish (Version: 2009.0211.2224.40219 - ATI) Hidden
CCC Help Portuguese (Version: 2009.0211.2224.40219 - ATI) Hidden
CCC Help Russian (Version: 2009.0211.2224.40219 - ATI) Hidden
CCC Help Spanish (Version: 2009.0211.2224.40219 - ATI) Hidden
CCC Help Swedish (Version: 2009.0211.2224.40219 - ATI) Hidden
CCC Help Thai (Version: 2009.0211.2224.40219 - ATI) Hidden
CCC Help Turkish (Version: 2009.0211.2224.40219 - ATI) Hidden
ccc-core-preinstall (Version: 2009.0211.2225.40219 - ATI) Hidden
ccc-core-static (Version: 2009.0211.2225.40219 - ATI) Hidden
ccc-utility (Version: 2009.0211.2225.40219 - ATI) Hidden
CD-LabelPrint (HKLM\...\MediaNavigation.CDLabelPrint) (Version:  - )
Chord Pickout 1.6 (HKLM\...\Chord Pickout) (Version: 1.6 - ChordPickout.com)
Citrix Online Launcher (HKLM\...\{AC7E7905-8C59-4806-A96D-30936A2B1FC5}) (Version: 1.0.168 - Citrix)
Creative MediaSource 5 (HKLM\...\{BEEFC4F8-2909-48B3-AFAA-55D3533FDEDD}) (Version: 5.00 - )
Creative Software AutoUpdate (HKLM\...\Creative Software AutoUpdate) (Version:  - )
DesignPro 5 (HKLM\...\InstallShield_{F82C6574-AD88-4B40-A432-970BC77F1BD2}) (Version: 5.3.705 - Avery Dennison)
DesignPro 5 (Version: 5.3.705 - Avery Dennison) Hidden
Digital Picture Recovery (HKLM\...\Digital Picture Recovery) (Version: 2.1.2.8 - dtidata.com)
DivX Converter (HKLM\...\{13F3917B56CD4C25848BDC69916971BB}) (Version: 7.1.0 - DivX, Inc.)
DivX Converter (HKLM\...\{B13A7C41581B411290FBC0395694E2A9}) (Version: 7.1.0 - DivX, Inc.)
DivX Plus DirectShow Filters (HKLM\...\DivX Plus DirectShow Filters) (Version:  - DivX, Inc.)
DivX Setup (HKLM\...\DivX Setup) (Version: 2.6.1.100 - DivX, LLC)
DivX Version Checker (HKLM\...\{3FC7CBBC4C1E11DCA1A752EA55D89593}) (Version: 7.1.0.9 - DivX, Inc.)
Dropbox (HKCU\...\Dropbox) (Version: 2.6.31 - Dropbox, Inc.)
Easy-WebPrint (HKLM\...\Easy-WebPrint) (Version:  - )
FileZilla Client 3.2.7.1 (HKLM\...\FileZilla Client) (Version: 3.2.7.1 - )
FireGL driver for 3D Studio MAX/VIZ (HKLM\...\{C5AEBFD6-3AF9-4784-81C2-F442C86AA096}) (Version: 6.14.10.5015 - )
Foto Fayer Online Service (HKLM\...\dRS4photo.CC441639FAB643879327A3CEA2D410C2594D7DBE.1) (Version: v1.0.0.0017 - UNKNOWN)
Foto Fayer Online Service (Version: 1.0.0 - UNKNOWN) Hidden
Genesys USB Mass Storage Device (HKLM\...\{959B7F35-2819-40C5-A0CD-3C53B5FCC935}) (Version: 4.0.2.0 - Genesys Logic)
Google Chrome (HKLM\...\Google Chrome) (Version: 23.0.1271.95 - Google Inc.)
Google Update Helper (Version: 1.3.21.123 - Google Inc.) Hidden
GoToMeeting 6.0.0.1259 (HKCU\...\GoToMeeting) (Version: 6.0.0.1259 - CitrixOnline)
High-Definition Video Playback (Version: 11.0.12200.1.158 - Nero AG) Hidden
Hotfix für Windows Internet Explorer 7 (KB947864) (Version: 1 - Microsoft Corporation) Hidden
Hotfix für Windows Media Player 11 (KB939683) (HKLM\...\KB939683) (Version:  - Microsoft Corporation)
Hotfix für Windows XP (KB2158563) (HKLM\...\KB2158563) (Version: 1 - Microsoft Corporation)
Hotfix für Windows XP (KB2443685) (HKLM\...\KB2443685) (Version: 1 - Microsoft Corporation)
Hotfix für Windows XP (KB2570791) (HKLM\...\KB2570791) (Version: 1 - Microsoft Corporation)
Hotfix für Windows XP (KB2633952) (HKLM\...\KB2633952) (Version: 1 - Microsoft Corporation)
Hotfix für Windows XP (KB2779562) (HKLM\...\KB2779562) (Version: 1 - Microsoft Corporation)
Hotfix für Windows XP (KB942288-v3) (HKLM\...\KB942288-v3) (Version: 3 - Microsoft Corporation)
Hotfix für Windows XP (KB952287) (HKLM\...\KB952287) (Version: 1 - Microsoft Corporation)
Hotfix für Windows XP (KB961118) (HKLM\...\KB961118) (Version: 1 - Microsoft Corporation)
Hotfix für Windows XP (KB970653-v3) (HKLM\...\KB970653-v3) (Version: 3 - Microsoft Corporation)
Hotfix für Windows XP (KB976098-v2) (HKLM\...\KB976098-v2) (Version: 2 - Microsoft Corporation)
Hotfix für Windows XP (KB979306) (HKLM\...\KB979306) (Version: 1 - Microsoft Corporation)
Hotfix für Windows XP (KB981793) (HKLM\...\KB981793) (Version: 1 - Microsoft Corporation)
HP Easy Printer Care (HKLM\...\HP Easy Printer Care) (Version:  - Hewlett-Packard Co.)
HP Easy Printer Care (Version: 2.1.1.1 - Hewlett-Packard) Hidden
HP FWUpdateEDO2 (HKLM\...\{415FA9AD-DA10-4ABE-97B6-5051D4795C90}) (Version: 1.2.0.0 - Hewlett-Packard)
HP Officejet Pro 8600 - Grundlegende Software für das Gerät (HKLM\...\{98D64F70-1BE2-4E06-A58E-50FF642B3F24}) (Version: 25.0.619.0 - Hewlett-Packard Co.)
HP Officejet Pro 8600 Hilfe (HKLM\...\{B6F5C6D8-C443-4B55-932F-AE11B5743FC4}) (Version: 140.0.2.2 - Hewlett Packard)
HP Printer Settings Tools (Version: 2.1.0.75 - Hewlett-Packard) Hidden
HP Printer Usage Report (Version: 2.1.0.57 - Hewlett-Packard) Hidden
HP Proactive Services (HKLM\...\{7527CD9F-894E-47B3-9AFB-3E680E007051}) (Version: 1.6.0.37 - Ihr Firmenname)
HP Update (HKLM\...\{2EFA4E4C-7B5F-48F7-A1C0-1AA882B7A9C3}) (Version: 5.003.001.001 - Hewlett-Packard)
HP Utility (HKLM\...\{1F6B1F24-1CAD-435D-B45E-9B7C858D9931}) (Version: 1.14.1.9 - Hewlett-Packard)
HPDiagnosticAlert (Version: 1.00.0000 - Microsoft) Hidden
HydraVision (HKLM\...\{FCCDE84B-0154-459E-A8F2-C6B3FA5C1881}) (Version: 4.0.2.0 - ATI Technologies Inc.)
I.R.I.S. OCR (HKLM\...\{CA6BCA2F-EDEB-408F-850B-31404BE16A61}) (Version: 12.3.4.0 - HP)
J2SE Runtime Environment 5.0 Update 5 (HKLM\...\{3248F0A8-6813-11D6-A77B-00B0D0150050}) (Version: 1.5.0.50 - Sun Microsystems, Inc.)
Java Auto Updater (Version: 2.0.6.1 - Sun Microsystems, Inc.) Hidden
Java SATARaid (HKLM\...\{BB533746-CF08-11D7-BCF1-005004748D87}) (Version:  - )
Java(TM) 6 Update 29 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83216013FF}) (Version: 6.0.290 - Sun Microsystems, Inc.)
Java(TM) 6 Update 3 (HKLM\...\{3248F0A8-6813-11D6-A77B-00B0D0160030}) (Version: 1.6.0.30 - Sun Microsystems, Inc.)
Java(TM) 6 Update 5 (HKLM\...\{3248F0A8-6813-11D6-A77B-00B0D0160050}) (Version: 1.6.0.50 - Sun Microsystems, Inc.)
Java(TM) 6 Update 7 (HKLM\...\{3248F0A8-6813-11D6-A77B-00B0D0160070}) (Version: 1.6.0.70 - Sun Microsystems, Inc.)
Java(TM) SE Runtime Environment 6 Update 1 (HKLM\...\{3248F0A8-6813-11D6-A77B-00B0D0160010}) (Version: 1.6.0.10 - Sun Microsystems, Inc.)
Junk Mail filter update (Version: 14.0.8117.416 - Microsoft Corporation) Hidden
K-Lite Mega Codec Pack 7.1.0 (HKLM\...\KLiteCodecPack_is1) (Version: 7.1.0 - )
KODAK DCS Photo Desk (HKLM\...\{4B76A1E5-490F-4B9B-B075-1B622FE21245}) (Version:  - )
Komponenten der Betriebssystemkommunikation (Version: 2.0.8 - Hewlett-Packard) Hidden
Komponenten der Ereigniskommunikation (Version: 2.3.1.1 - Hewlett-Packard) Hidden
Komponenten der Gerätedatenkommunikation (Version: 2.3.1.1 - Hewlett-Packard) Hidden
Komponenten der Kernkommunikation (Version: 2.3.1.1 - Hewlett-Packard) Hidden
Macromedia Dreamweaver 8 (HKLM\...\{0837A661-FEC3-48B3-876C-91E7D32048A9}) (Version: 8.0.0.2734 - Macromedia)
Macromedia Dreamweaver MX 2004 (HKLM\...\{05BB2EC5-6BEF-4DDC-9E75-BEE7B161157A}) (Version: 7.0 - Macromedia)
Macromedia Extension Manager (HKLM\...\{5546CDB5-2CE2-498B-B059-5B3BF81FC41F}) (Version: 1.7.240 - Macromedia, Inc.)
Microsoft .NET Framework 2.0 Service Pack 2 (HKLM\...\{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}) (Version: 2.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 2.0 Service Pack 2 Language Pack - DEU (HKLM\...\{C314CE45-3392-3B73-B4E1-139CD41CA933}) (Version: 2.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 3.0 German Language Pack (HKLM\...\Microsoft .NET Framework 3.0 German Language Pack) (Version:  - Microsoft Corporation)
Microsoft .NET Framework 3.0 German Language Pack (Version: 3.0.04506.30 - Microsoft Corporation) Hidden
Microsoft .NET Framework 3.0 Service Pack 2 (HKLM\...\{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}) (Version: 3.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 3.0 Service Pack 2 Language Pack - DEU (HKLM\...\{C2C284D2-6BD7-3B34-B0C5-B2CAED168DF7}) (Version: 3.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 3.5 Language Pack SP1 - DEU (HKLM\...\Microsoft .NET Framework 3.5 Language Pack SP1 - deu) (Version:  - Microsoft Corporation)
Microsoft .NET Framework 3.5 Language Pack SP1 - deu (Version: 3.5.30729 - Microsoft Corporation) Hidden
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version:  - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30320 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30320 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6012.5000 - Microsoft Corporation) Hidden
Microsoft Choice Guard (Version: 2.0.48.0 - Microsoft Corporation) Hidden
Microsoft Compression Client Pack 1.0 for Windows XP (HKLM\...\MSCompPackV1) (Version: 1 - Microsoft Corporation)
Microsoft Default Manager (Version: 2.1.55.0 - Microsoft Corporation) Hidden
Microsoft IntelliPoint 6.01 (HKLM\...\{6C117F31-28A8-4477-BE91-64AC0A2204AD}) (Version: 6.01.250.0 - Microsoft)
Microsoft IntelliType Pro 6.01 (HKLM\...\{D75915D3-6CFF-445F-A346-18ED6EF2F618}) (Version: 6.01.250.0 - Microsoft)
Microsoft Internationalized Domain Names Mitigation APIs (Version:  - Microsoft Corporation) Hidden
Microsoft Kernel-Mode Driver Framework Feature Pack 1.1 (Version:  - Microsoft Corporation) Hidden
Microsoft Kernel-Mode Driver Framework Feature Pack 1.9 (Version:  - Microsoft Corporation) Hidden
Microsoft National Language Support Downlevel APIs (Version:  - Microsoft Corporation) Hidden
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (Version:  - Microsoft) Hidden
Microsoft Office Access MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Enterprise 2007 (HKLM\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Groove MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Live Add-in 1.5 (HKLM\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Office OneNote MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook Connector (HKLM\...\{95120000-0122-0407-0000-0000000FF1CE}) (Version: 12.0.6423.1000 - Microsoft Corporation)
Microsoft Office Outlook MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (Version:  - Microsoft) Hidden
Microsoft Office Publisher MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Search Enhancement Pack (Version: 1.2.123.0 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft Software Update for Web Folders  (German) 12 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Sync Framework Runtime Native v1.0 (x86) (HKLM\...\{8A74E887-8F0F-4017-AF53-CBA42211AAA5}) (Version: 1.0.1215.0 - Microsoft Corporation)
Microsoft Sync Framework Services Native v1.0 (x86) (HKLM\...\{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}) (Version: 1.0.1215.0 - Microsoft Corporation)
Microsoft User-Mode Driver Framework Feature Pack 1.0 (HKLM\...\Wudf01000) (Version:  - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft_VC80_ATL_x86 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_CRT_x86 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFC_x86 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFCLOC_x86 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC90_ATL_x86 (Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_CRT_x86 (Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_MFC_x86 (Version: 1.00.0000 - Adobe) Hidden
Microsoft-Basissmartcard-Kryptografiedienstanbieterpaket (HKLM\...\KB909520) (Version:  - Microsoft Corporation)
mp3Tag 5.91 (HKLM\...\mp3Tag_is1) (Version:  - ManiacTools.com)
MSVCRT (Version: 14.0.1468.721 - Microsoft) Hidden
MSVCSetup (Version: 1.00.0000 - HP) Hidden
MSXML 4.0 SP2 (KB927978) (HKLM\...\{37477865-A3F1-4772-AD43-AAFC6BCFF99F}) (Version: 4.20.9841.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB936181) (HKLM\...\{C04E32E0-0416-434D-AFB9-6969D703A9EF}) (Version: 4.20.9848.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 6 Service Pack 2 (KB954459) (HKLM\...\{1A528690-6A2D-4BC5-B143-8C4AE8D19D96}) (Version: 6.20.1099.0 - Microsoft Corporation)
Multifunction Network Server  (HKLM\...\{17DEA3ED-86EA-4D28-849C-20CB030F4963}) (Version: 1.92 - Ihr Firmenname)
Nero 11 (HKLM\...\{EB475D31-14C0-4DC3-8E0A-8AE1711399B3}) (Version: 11.0.10100 - Nero AG)
Nero 11 Cliparts (Version: 11.0.10600.6.0 - Nero AG) Hidden
Nero 11 Disc Menus 1 (Version: 11.0.10600.5.0 - Nero AG) Hidden
Nero 11 Disc Menus 2 (Version: 11.0.10600.5.0 - Nero AG) Hidden
Nero 11 Disc Menus 3 (Version: 11.0.10600.5.0 - Nero AG) Hidden
Nero 11 Disc Menus Basic (Version: 11.0.10600.5.0 - Nero AG) Hidden
Nero 11 Effects Basic (Version: 11.0.10600.6.0 - Nero AG) Hidden
Nero 11 Image Samples (Version: 11.0.10600.5.0 - Nero AG) Hidden
Nero 11 Kwik Themes 1 (Version: 11.0.10600.5.0 - Nero AG) Hidden
Nero 11 Kwik Themes 2 (Version: 11.0.10600.5.0 - Nero AG) Hidden
Nero 11 Kwik Themes Basic (Version: 11.0.10600.5.0 - Nero AG) Hidden
Nero 11 PiP Effects Basic (Version: 11.0.10600.6.0 - Nero AG) Hidden
Nero 11 Video Samples (Version: 11.0.10600.5.0 - Nero AG) Hidden
Nero Audio Pack 1 (Version: 11.0.11500.110.0 - Nero AG) Hidden
Nero BackItUp 11 (Version: 6.0.10700.6.100 - Nero AG) Hidden
Nero BackItUp 11 Help (CHM) (Version: 11.0.10000 - Nero AG) Hidden
Nero Backup Drivers (HKLM\...\{F8EF9B71-53E7-41F5-8E54-47B4C979CB38}) (Version: 1.0.10000.1.0 - Nero AG)
Nero Burning ROM 11 (Version: 11.0.10700.12.100 - Nero AG) Hidden
Nero Burning ROM 11 Help (CHM) (Version: 11.0.10000 - Nero AG) Hidden
Nero ControlCenter 11 (Version: 11.0.11900.0.17 - Nero AG) Hidden
Nero ControlCenter 11 Help (CHM) (Version: 11.0.10000 - Nero AG) Hidden
Nero Core Components 11 (Version: 11.0.13500.1.0 - Nero AG) Hidden
Nero CoverDesigner 11 (Version: 6.0.10500.8.100 - Nero AG) Hidden
Nero CoverDesigner 11 Help (CHM) (Version: 11.0.10000 - Nero AG) Hidden
Nero Express 11 (Version: 11.0.10700.12.100 - Nero AG) Hidden
Nero Express 11 Help (CHM) (Version: 11.0.10000 - Nero AG) Hidden
Nero Kwik Media (Version: 1.10.14100.42.100 - Nero AG) Hidden
Nero Kwik Media Help (CHM) (Version: 11.0.10000 - Nero AG) Hidden
Nero Recode 11 (Version: 5.0.11300.15.100 - Nero AG) Hidden
Nero Recode 11 Help (CHM) (Version: 11.0.10000 - Nero AG) Hidden
Nero RescueAgent 11 (Version: 4.0.10300.7.100 - Nero AG) Hidden
Nero RescueAgent 11 Help (CHM) (Version: 11.0.10000 - Nero AG) Hidden
Nero SoundTrax 11 (Version: 5.0.10300.3.100 - Nero AG) Hidden
Nero SoundTrax 11 Help (CHM) (Version: 11.0.10000 - Nero AG) Hidden
Nero Toolbar Updater (HKCU\...\{79A765E1-C399-405B-85AF-466F52E918B0}) (Version: 1.2.1.22229 - Ask.com) <==== ATTENTION
Nero Update (Version: 11.0.10022.15.0 - Nero AG) Hidden
Nero Video 11 (Version: 8.0.12900.10.100 - Nero AG) Hidden
Nero Video 11 Help (CHM) (Version: 11.0.10000 - Nero AG) Hidden
Nero WaveEditor 11 (Version: 6.0.10500.3.100 - Nero AG) Hidden
Nero WaveEditor 11 Help (CHM) (Version: 11.0.10000 - Nero AG) Hidden
nero.prerequisites.msi (Version: 11.0.20001 - Nero AG) Hidden
Nikon Scan (HKLM\...\{9AE4AC96-A5F4-4F19-9D13-066C8B3CE034}) (Version: 4.0 - )
NikonCapture (HKLM\...\{21DDC579-834B-4C14-8122-853994FA2214}) (Version: 4.0 - )
O&O Defrag Professional Edition (HKLM\...\{53480370-6CA2-47EC-BC05-02B4B9271C31}) (Version: 8.0.1398 - O&O Software GmbH)
OGA Notifier 2.0.0048.0 (Version: 2.0.0048.0 - Microsoft Corporation) Hidden
PDF Settings CS5 (Version: 10.0 - Adobe Systems Incorporated) Hidden
PDF Settings CS6 (Version: 11.0 - Adobe Systems Incorporated) Hidden
PENPOWER WorldCard (HKLM\...\{A7623CE0-B5F4-4B0B-BE5E-98F1D0EFD394}) (Version: 6.02.0000 - Penpower)
PhotoRescue PC 2.1.660 (HKLM\...\PhotoRescue PC_is1) (Version:  - DataRescue sa/nv)
Registry Mechanic 5.2 (HKLM\...\Registry Mechanic_is1) (Version: 5.2 - PC Tools Pty. Ltd.)
ReNamer (HKLM\...\ReNamer_is1) (Version: 5.50 - [den4b] Denis Kozlov)
RescuePRO Deluxe (HKLM\...\{E9C303EC-4D5A-473F-9054-2F8498A30D9C}) (Version: 4.2 - LC Technology International Inc)
Samsung AllShare (HKLM\...\InstallShield_{DF47ACA3-7C78-4C08-8007-AC682563C9F1}) (Version: 2.1.0.12031_10 - Samsung Electronics Co., Ltd.)
Samsung AllShare (Version: 2.1.0.12031_10 - Samsung Electronics Co., Ltd.) Hidden
ScreenManager Pro for LCD (HKLM\...\{DAB265AD-27B2-4651-B8D8-F4F3A8ECC705}) (Version: 2.4.2.0 - EIZO NANAO CORPORATION)
Segoe UI (Version: 14.0.4327.805 - Microsoft Corp) Hidden
Sicherheitsupdate für Microsoft Windows (KB2564958) (HKLM\...\KB2564958) (Version:  - Microsoft Corporation)
Sicherheitsupdate für Windows Internet Explorer 7 (KB928090) (Version: 20070117.120000 - Microsoft Corporation) Hidden
Sicherheitsupdate für Windows Internet Explorer 7 (KB929969) (Version: 20061222.120000 - Microsoft Corporation) Hidden
Sicherheitsupdate für Windows Internet Explorer 7 (KB931768) (Version: 1 - Microsoft Corporation) Hidden
Sicherheitsupdate für Windows Internet Explorer 7 (KB933566) (Version: 1 - Microsoft Corporation) Hidden
Sicherheitsupdate für Windows Internet Explorer 7 (KB937143) (Version: 1 - Microsoft Corporation) Hidden
Sicherheitsupdate für Windows Internet Explorer 7 (KB938127) (Version: 1 - Microsoft Corporation) Hidden
Sicherheitsupdate für Windows Internet Explorer 7 (KB939653) (Version: 1 - Microsoft Corporation) Hidden
Sicherheitsupdate für Windows Internet Explorer 7 (KB942615) (Version: 1 - Microsoft Corporation) Hidden
Sicherheitsupdate für Windows Internet Explorer 7 (KB944533) (Version: 1 - Microsoft Corporation) Hidden
Sicherheitsupdate für Windows Internet Explorer 7 (KB950759) (Version: 1 - Microsoft Corporation) Hidden
Sicherheitsupdate für Windows Internet Explorer 7 (KB953838) (Version: 1 - Microsoft Corporation) Hidden
Sicherheitsupdate für Windows Internet Explorer 7 (KB956390) (Version: 1 - Microsoft Corporation) Hidden
Sicherheitsupdate für Windows Internet Explorer 7 (KB958215) (Version: 1 - Microsoft Corporation) Hidden
Sicherheitsupdate für Windows Internet Explorer 7 (KB960714) (Version: 1 - Microsoft Corporation) Hidden
Sicherheitsupdate für Windows Internet Explorer 7 (KB961260) (Version: 1 - Microsoft Corporation) Hidden
Sicherheitsupdate für Windows Internet Explorer 7 (KB963027) (Version: 1 - Microsoft Corporation) Hidden
Sicherheitsupdate für Windows Internet Explorer 7 (KB969897) (Version: 1 - Microsoft Corporation) Hidden
Sicherheitsupdate für Windows Internet Explorer 7 (KB972260) (Version: 1 - Microsoft Corporation) Hidden
Sicherheitsupdate für Windows Internet Explorer 7 (KB974455) (Version: 1 - Microsoft Corporation) Hidden
Sicherheitsupdate für Windows Internet Explorer 7 (KB976325) (Version: 1 - Microsoft Corporation) Hidden
Sicherheitsupdate für Windows Internet Explorer 7 (KB978207) (Version: 1 - Microsoft Corporation) Hidden
Sicherheitsupdate für Windows Internet Explorer 8 (KB2183461) (HKLM\...\KB2183461-IE8) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows Internet Explorer 8 (KB2360131) (HKLM\...\KB2360131-IE8) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows Internet Explorer 8 (KB2416400) (HKLM\...\KB2416400-IE8) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows Internet Explorer 8 (KB2482017) (HKLM\...\KB2482017-IE8) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows Internet Explorer 8 (KB2497640) (HKLM\...\KB2497640-IE8) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows Internet Explorer 8 (KB2510531) (HKLM\...\KB2510531-IE8) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows Internet Explorer 8 (KB2530548) (HKLM\...\KB2530548-IE8) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows Internet Explorer 8 (KB2544521) (HKLM\...\KB2544521-IE8) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows Internet Explorer 8 (KB2559049) (HKLM\...\KB2559049-IE8) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows Internet Explorer 8 (KB2586448) (HKLM\...\KB2586448-IE8) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows Internet Explorer 8 (KB2618444) (HKLM\...\KB2618444-IE8) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows Internet Explorer 8 (KB2647516) (HKLM\...\KB2647516-IE8) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows Internet Explorer 8 (KB2675157) (HKLM\...\KB2675157-IE8) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows Internet Explorer 8 (KB2699988) (HKLM\...\KB2699988-IE8) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows Internet Explorer 8 (KB2722913) (HKLM\...\KB2722913-IE8) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows Internet Explorer 8 (KB2744842) (HKLM\...\KB2744842-IE8) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows Internet Explorer 8 (KB2761465) (HKLM\...\KB2761465-IE8) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows Internet Explorer 8 (KB2792100) (HKLM\...\KB2792100-IE8) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows Internet Explorer 8 (KB2797052) (HKLM\...\KB2797052-IE8) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows Internet Explorer 8 (KB2799329) (HKLM\...\KB2799329-IE8) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows Internet Explorer 8 (KB2809289) (HKLM\...\KB2809289-IE8) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows Internet Explorer 8 (KB2817183) (HKLM\...\KB2817183-IE8) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows Internet Explorer 8 (KB2829530) (HKLM\...\KB2829530-IE8) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows Internet Explorer 8 (KB2838727) (HKLM\...\KB2838727-IE8) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows Internet Explorer 8 (KB2846071) (HKLM\...\KB2846071-IE8) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows Internet Explorer 8 (KB2847204) (HKLM\...\KB2847204-IE8) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows Internet Explorer 8 (KB2862772) (HKLM\...\KB2862772-IE8) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows Internet Explorer 8 (KB2870699) (HKLM\...\KB2870699-IE8) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows Internet Explorer 8 (KB2879017) (HKLM\...\KB2879017-IE8) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows Internet Explorer 8 (KB2888505) (HKLM\...\KB2888505-IE8) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows Internet Explorer 8 (KB2898785) (HKLM\...\KB2898785-IE8) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows Internet Explorer 8 (KB2909210) (HKLM\...\KB2909210-IE8) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows Internet Explorer 8 (KB2909921) (HKLM\...\KB2909921-IE8) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows Internet Explorer 8 (KB2925418) (HKLM\...\KB2925418-IE8) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows Internet Explorer 8 (KB2936068) (HKLM\...\KB2936068-IE8) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows Internet Explorer 8 (KB2964358) (HKLM\...\KB2964358-IE8) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows Internet Explorer 8 (KB971961) (HKLM\...\KB971961-IE8) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows Internet Explorer 8 (KB981332) (HKLM\...\KB981332-IE8) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows Internet Explorer 8 (KB982381) (HKLM\...\KB982381-IE8) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows Media Player (KB2378111) (HKLM\...\KB2378111_WM9) (Version:  - Microsoft Corporation)
Sicherheitsupdate für Windows Media Player (KB2834904) (HKLM\...\KB2834904_WM11) (Version:  - Microsoft Corporation)
Sicherheitsupdate für Windows Media Player (KB911564) (Version:  - Microsoft Corporation) Hidden
Sicherheitsupdate für Windows Media Player (KB952069) (HKLM\...\KB952069_WM9) (Version:  - Microsoft Corporation)
Sicherheitsupdate für Windows Media Player (KB954155) (HKLM\...\KB954155_WM9) (Version:  - Microsoft Corporation)
Sicherheitsupdate für Windows Media Player (KB968816) (HKLM\...\KB968816_WM9) (Version:  - Microsoft Corporation)
Sicherheitsupdate für Windows Media Player (KB973540) (HKLM\...\KB973540_WM9) (Version:  - Microsoft Corporation)
Sicherheitsupdate für Windows Media Player (KB975558) (HKLM\...\KB975558_WM8) (Version:  - Microsoft Corporation)
Sicherheitsupdate für Windows Media Player (KB978695) (HKLM\...\KB978695_WM9) (Version:  - Microsoft Corporation)
Sicherheitsupdate für Windows Media Player 10 (KB917734) (Version:  - Microsoft Corporation) Hidden
Sicherheitsupdate für Windows Media Player 11 (KB936782) (HKLM\...\KB936782_WMP11) (Version:  - Microsoft Corporation)
Sicherheitsupdate für Windows Media Player 11 (KB954154) (HKLM\...\KB954154_WM11) (Version:  - Microsoft Corporation)
Sicherheitsupdate für Windows Media Player 6.4 (KB925398) (HKLM\...\KB925398_WMP64) (Version:  - Microsoft Corporation)
Sicherheitsupdate für Windows Media Player 9 (KB917734) (Version:  - Microsoft Corporation) Hidden
Sicherheitsupdate für Windows XP (KB2079403) (HKLM\...\KB2079403) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2115168) (HKLM\...\KB2115168) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2121546) (HKLM\...\KB2121546) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2160329) (HKLM\...\KB2160329) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2229593) (HKLM\...\KB2229593) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2259922) (HKLM\...\KB2259922) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2279986) (HKLM\...\KB2279986) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2286198) (HKLM\...\KB2286198) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2296011) (HKLM\...\KB2296011) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2296199) (HKLM\...\KB2296199) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2347290) (HKLM\...\KB2347290) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2360937) (HKLM\...\KB2360937) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2387149) (HKLM\...\KB2387149) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2393802) (HKLM\...\KB2393802) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2412687) (HKLM\...\KB2412687) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2419632) (HKLM\...\KB2419632) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2423089) (HKLM\...\KB2423089) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2436673) (HKLM\...\KB2436673) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2440591) (HKLM\...\KB2440591) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2443105) (HKLM\...\KB2443105) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2476490) (HKLM\...\KB2476490) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2476687) (HKLM\...\KB2476687) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2478960) (HKLM\...\KB2478960) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2478971) (HKLM\...\KB2478971) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2479628) (HKLM\...\KB2479628) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2479943) (HKLM\...\KB2479943) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2481109) (HKLM\...\KB2481109) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2483185) (HKLM\...\KB2483185) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2485376) (HKLM\...\KB2485376) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2485663) (HKLM\...\KB2485663) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2503658) (HKLM\...\KB2503658) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2503665) (HKLM\...\KB2503665) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2506212) (HKLM\...\KB2506212) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2506223) (HKLM\...\KB2506223) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2507618) (HKLM\...\KB2507618) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2507938) (HKLM\...\KB2507938) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2508272) (HKLM\...\KB2508272) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2508429) (HKLM\...\KB2508429) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2509553) (HKLM\...\KB2509553) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2511455) (HKLM\...\KB2511455) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2524375) (HKLM\...\KB2524375) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2535512) (HKLM\...\KB2535512) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2536276) (HKLM\...\KB2536276) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2536276-v2) (HKLM\...\KB2536276-v2) (Version: 2 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2544893) (HKLM\...\KB2544893) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2544893-v2) (HKLM\...\KB2544893-v2) (Version: 2 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2555917) (HKLM\...\KB2555917) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2562937) (HKLM\...\KB2562937) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2566454) (HKLM\...\KB2566454) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2567053) (HKLM\...\KB2567053) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2567680) (HKLM\...\KB2567680) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2570222) (HKLM\...\KB2570222) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2570947) (HKLM\...\KB2570947) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2584146) (HKLM\...\KB2584146) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2585542) (HKLM\...\KB2585542) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2592799) (HKLM\...\KB2592799) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2598479) (HKLM\...\KB2598479) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2603381) (HKLM\...\KB2603381) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2618451) (HKLM\...\KB2618451) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2619339) (HKLM\...\KB2619339) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2620712) (HKLM\...\KB2620712) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2621440) (HKLM\...\KB2621440) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2624667) (HKLM\...\KB2624667) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2631813) (HKLM\...\KB2631813) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2633171) (HKLM\...\KB2633171) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2639417) (HKLM\...\KB2639417) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2641653) (HKLM\...\KB2641653) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2646524) (HKLM\...\KB2646524) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2647518) (HKLM\...\KB2647518) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2653956) (HKLM\...\KB2653956) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2655992) (HKLM\...\KB2655992) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2659262) (HKLM\...\KB2659262) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2660465) (HKLM\...\KB2660465) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2676562) (HKLM\...\KB2676562) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2685939) (HKLM\...\KB2685939) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2686509) (HKLM\...\KB2686509) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2691442) (HKLM\...\KB2691442) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2695962) (HKLM\...\KB2695962) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2698365) (HKLM\...\KB2698365) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2705219) (HKLM\...\KB2705219) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2707511) (HKLM\...\KB2707511) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2709162) (HKLM\...\KB2709162) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2712808) (HKLM\...\KB2712808) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2718523) (HKLM\...\KB2718523) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2719985) (HKLM\...\KB2719985) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2723135) (HKLM\...\KB2723135) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2727528) (HKLM\...\KB2727528) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2731847) (HKLM\...\KB2731847) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2753842) (HKLM\...\KB2753842) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2753842-v2) (HKLM\...\KB2753842-v2) (Version: 2 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2758857) (HKLM\...\KB2758857) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2761226) (HKLM\...\KB2761226) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2770660) (HKLM\...\KB2770660) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2778344) (HKLM\...\KB2778344) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2779030) (HKLM\...\KB2779030) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2780091) (HKLM\...\KB2780091) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2799494) (HKLM\...\KB2799494) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2802968) (HKLM\...\KB2802968) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2807986) (HKLM\...\KB2807986) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2808735) (HKLM\...\KB2808735) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2813170) (HKLM\...\KB2813170) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2813345) (HKLM\...\KB2813345) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2820197) (HKLM\...\KB2820197) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2820917) (HKLM\...\KB2820917) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2829361) (HKLM\...\KB2829361) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2834886) (HKLM\...\KB2834886) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2839229) (HKLM\...\KB2839229) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2845187) (HKLM\...\KB2845187) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2847311) (HKLM\...\KB2847311) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2849470) (HKLM\...\KB2849470) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2850851) (HKLM\...\KB2850851) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2850869) (HKLM\...\KB2850869) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2859537) (HKLM\...\KB2859537) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2862152) (HKLM\...\KB2862152) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2862330) (HKLM\...\KB2862330) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2862335) (HKLM\...\KB2862335) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2864063) (HKLM\...\KB2864063) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2868038) (HKLM\...\KB2868038) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2868626) (HKLM\...\KB2868626) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2876217) (HKLM\...\KB2876217) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2876315) (HKLM\...\KB2876315) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2876331) (HKLM\...\KB2876331) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2883150) (HKLM\...\KB2883150) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2892075) (HKLM\...\KB2892075) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2893294) (HKLM\...\KB2893294) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2893984) (HKLM\...\KB2893984) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2898715) (HKLM\...\KB2898715) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2900986) (HKLM\...\KB2900986) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2914368) (HKLM\...\KB2914368) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2916036) (HKLM\...\KB2916036) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2922229) (HKLM\...\KB2922229) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2929961) (HKLM\...\KB2929961) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2930275) (HKLM\...\KB2930275) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB923561) (HKLM\...\KB923561) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB923689) (HKLM\...\KB923689) (Version:  - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB923789) (HKLM\...\KB923789) (Version:  - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB938464) (HKLM\...\KB938464) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB938464-v2) (HKLM\...\KB938464-v2) (Version: 2 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB941569) (HKLM\...\KB941569) (Version:  - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB946648) (HKLM\...\KB946648) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB950760) (HKLM\...\KB950760) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB950762) (HKLM\...\KB950762) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB950974) (HKLM\...\KB950974) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB951066) (HKLM\...\KB951066) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB951376) (HKLM\...\KB951376) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB951376-v2) (HKLM\...\KB951376-v2) (Version: 2 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB951698) (HKLM\...\KB951698) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB951748) (HKLM\...\KB951748) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB952004) (HKLM\...\KB952004) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB952954) (HKLM\...\KB952954) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB953839) (HKLM\...\KB953839) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB954211) (HKLM\...\KB954211) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB954600) (HKLM\...\KB954600) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB955069) (HKLM\...\KB955069) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB956391) (HKLM\...\KB956391) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB956572) (HKLM\...\KB956572) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB956744) (HKLM\...\KB956744) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB956802) (HKLM\...\KB956802) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB956803) (HKLM\...\KB956803) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB956841) (HKLM\...\KB956841) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB956844) (HKLM\...\KB956844) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB957095) (HKLM\...\KB957095) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB957097) (HKLM\...\KB957097) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB958644) (HKLM\...\KB958644) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB958687) (HKLM\...\KB958687) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB958690) (HKLM\...\KB958690) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB958869) (HKLM\...\KB958869) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB959426) (HKLM\...\KB959426) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB960225) (HKLM\...\KB960225) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB960715) (HKLM\...\KB960715) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB960803) (HKLM\...\KB960803) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB960859) (HKLM\...\KB960859) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB961371) (HKLM\...\KB961371) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB961373) (HKLM\...\KB961373) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB961501) (HKLM\...\KB961501) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB968537) (HKLM\...\KB968537) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB969059) (HKLM\...\KB969059) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB969898) (HKLM\...\KB969898) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB969947) (HKLM\...\KB969947) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB970238) (HKLM\...\KB970238) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB970430) (HKLM\...\KB970430) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB971468) (HKLM\...\KB971468) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB971486) (HKLM\...\KB971486) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB971557) (HKLM\...\KB971557) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB971633) (HKLM\...\KB971633) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB971657) (HKLM\...\KB971657) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB971961) (Version: 1 - Microsoft Corporation) Hidden
Sicherheitsupdate für Windows XP (KB972270) (HKLM\...\KB972270) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB973346) (HKLM\...\KB973346) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB973354) (HKLM\...\KB973354) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB973507) (HKLM\...\KB973507) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB973525) (HKLM\...\KB973525) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB973869) (HKLM\...\KB973869) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB973904) (HKLM\...\KB973904) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB974112) (HKLM\...\KB974112) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB974318) (HKLM\...\KB974318) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB974392) (HKLM\...\KB974392) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB974571) (HKLM\...\KB974571) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB975025) (HKLM\...\KB975025) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB975467) (HKLM\...\KB975467) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB975560) (HKLM\...\KB975560) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB975561) (HKLM\...\KB975561) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB975562) (HKLM\...\KB975562) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB975713) (Version: 1 - Microsoft Corporation) Hidden
Sicherheitsupdate für Windows XP (KB977165) (HKLM\...\KB977165) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB977816) (HKLM\...\KB977816) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB977914) (HKLM\...\KB977914) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB978037) (HKLM\...\KB978037) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB978251) (HKLM\...\KB978251) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB978262) (HKLM\...\KB978262) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB978338) (HKLM\...\KB978338) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB978542) (HKLM\...\KB978542) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB978601) (HKLM\...\KB978601) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB978706) (HKLM\...\KB978706) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB979309) (HKLM\...\KB979309) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB979482) (HKLM\...\KB979482) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB979559) (HKLM\...\KB979559) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB979683) (HKLM\...\KB979683) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB979687) (HKLM\...\KB979687) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB980195) (HKLM\...\KB980195) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB980218) (HKLM\...\KB980218) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB980232) (HKLM\...\KB980232) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB980436) (HKLM\...\KB980436) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB981322) (HKLM\...\KB981322) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB981852) (HKLM\...\KB981852) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB981957) (HKLM\...\KB981957) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB981997) (HKLM\...\KB981997) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB982132) (HKLM\...\KB982132) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB982214) (HKLM\...\KB982214) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB982665) (HKLM\...\KB982665) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB982802) (HKLM\...\KB982802) (Version: 1 - Microsoft Corporation)
Skins (Version: 2009.0211.2225.40219 - ATI) Hidden
Sony UP-DR150 Printer Driver (HKLM\...\{140B544B-805E-434A-B33E-2B1886A90F81}) (Version: 1.01.000 - )
Sound Blaster Audigy (HKLM\...\{1B1DDAD2-C704-49F8-8FC2-18DAAD9A87C5}) (Version: 1.0 - )
Spyder3Elite (HKLM\...\Spyder3Elite) (Version:  - )
SpyHunter (HKLM\...\{455F074C-814E-4520-B69B-5584BD90400C}) (Version: 4.17.6.4336 - Enigma Software Group USA, LLC)
Studie zur Verbesserung von HP Officejet Pro 8600 Produkten (HKLM\...\{5A6F6041-013B-4C45-861E-3E2BA6C894B8}) (Version: 25.0.619.0 - Hewlett-Packard Co.)
TeamViewer 7 (HKLM\...\TeamViewer 7) (Version: 7.0.17271 - TeamViewer)
Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (HKLM\...\{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB963707) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (HKLM\...\{3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2468871) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (HKLM\...\{3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2533523) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (HKLM\...\{3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2600217) (Version: 1 - Microsoft Corporation)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{A024FC7B-77DE-45DE-A058-1C049A17BFB3}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{E9A82945-BA29-4EE8-8F2A-2F49545E9CF2}) (Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition (HKLM\...\{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{EA54F104-79D2-48CC-9ABC-91A63C43D353}) (Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 (KB2863811) 32-Bit Edition (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{53DEC068-4690-4F6B-9946-7D21EF02236B}) (Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2880505) 32-Bit Edition (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{2720451F-5D04-43EC-AB1F-26D948FD971B}) (Version:  - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM\...\{90120000-0016-0407-0000-0000000FF1CE}_ENTERPRISE_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version:  - Microsoft)
Update für Microsoft Office Outlook 2007 Help (KB963677) (HKLM\...\{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{F6828576-6F79-470D-AB50-69D1BBADBD30}) (Version:  - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM\...\{90120000-0018-0407-0000-0000000FF1CE}_ENTERPRISE_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version:  - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (HKLM\...\{90120000-001B-0407-0000-0000000FF1CE}_ENTERPRISE_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version:  - Microsoft)
Update für Windows Internet Explorer 7 (KB976749) (Version: 1 - Microsoft Corporation) Hidden
Update für Windows Internet Explorer 7 (KB980182) (Version: 1 - Microsoft Corporation) Hidden
Update für Windows Internet Explorer 8 (KB2598845) (HKLM\...\KB2598845-IE8) (Version: 1 - Microsoft Corporation)
Update für Windows Internet Explorer 8 (KB2632503) (HKLM\...\KB2632503-IE8) (Version: 1 - Microsoft Corporation)
Update für Windows Internet Explorer 8 (KB976662) (HKLM\...\KB976662-IE8) (Version: 1 - Microsoft Corporation)
Update für Windows Internet Explorer 8 (KB980182) (HKLM\...\KB980182-IE8) (Version: 1 - Microsoft Corporation)
Update für Windows Internet Explorer 8 (KB980302) (HKLM\...\KB980302-IE8) (Version: 1 - Microsoft Corporation)
Update für Windows XP (KB2141007) (HKLM\...\KB2141007) (Version: 1 - Microsoft Corporation)
Update für Windows XP (KB2345886) (HKLM\...\KB2345886) (Version: 1 - Microsoft Corporation)
Update für Windows XP (KB2467659) (HKLM\...\KB2467659) (Version: 1 - Microsoft Corporation)
Update für Windows XP (KB2492386) (HKLM\...\KB2492386) (Version: 1 - Microsoft Corporation)
Update für Windows XP (KB2541763) (HKLM\...\KB2541763) (Version: 1 - Microsoft Corporation)
Update für Windows XP (KB2607712) (HKLM\...\KB2607712) (Version: 1 - Microsoft Corporation)
Update für Windows XP (KB2616676) (HKLM\...\KB2616676) (Version: 1 - Microsoft Corporation)
Update für Windows XP (KB2641690) (HKLM\...\KB2641690) (Version: 1 - Microsoft Corporation)
Update für Windows XP (KB2718704) (HKLM\...\KB2718704) (Version: 1 - Microsoft Corporation)
Update für Windows XP (KB2736233) (HKLM\...\KB2736233) (Version: 1 - Microsoft Corporation)
Update für Windows XP (KB2808679) (HKLM\...\KB2808679) (Version: 1 - Microsoft Corporation)
Update für Windows XP (KB2863058) (HKLM\...\KB2863058) (Version: 1 - Microsoft Corporation)
Update für Windows XP (KB2904266) (HKLM\...\KB2904266) (Version: 1 - Microsoft Corporation)
Update für Windows XP (KB2934207) (HKLM\...\KB2934207) (Version: 1 - Microsoft Corporation)
Update für Windows XP (KB951072-v2) (HKLM\...\KB951072-v2) (Version: 2 - Microsoft Corporation)
Update für Windows XP (KB951978) (Version: 1 - Microsoft Corporation) Hidden
Update für Windows XP (KB955759) (HKLM\...\KB955759) (Version: 1 - Microsoft Corporation)
Update für Windows XP (KB955839) (HKLM\...\KB955839) (Version: 1 - Microsoft Corporation)
Update für Windows XP (KB961503) (HKLM\...\KB961503) (Version: 1 - Microsoft Corporation)
Update für Windows XP (KB967715) (HKLM\...\KB967715) (Version: 1 - Microsoft Corporation)
Update für Windows XP (KB968389) (HKLM\...\KB968389) (Version: 1 - Microsoft Corporation)
Update für Windows XP (KB971029) (HKLM\...\KB971029) (Version: 1 - Microsoft Corporation)
Update für Windows XP (KB971737) (HKLM\...\KB971737) (Version: 1 - Microsoft Corporation)
Update für Windows XP (KB973687) (HKLM\...\KB973687) (Version: 1 - Microsoft Corporation)
Update für Windows XP (KB973815) (HKLM\...\KB973815) (Version: 1 - Microsoft Corporation)
VC 9.0 Runtime (Version: 1.0.0 - Check Point Software Technologies Ltd) Hidden
VC80CRTRedist - 8.0.50727.6195 (Version: 1.2.0 - DivX, Inc) Hidden
Visual Studio 2012 x86 Redistributables (HKLM\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
WebFldrs XP (Version: 9.50.5318 - Microsoft Corporation) Hidden
welcome (Version: 11.0.20000.0.0 - Nero AG) Hidden
Wichtiges Update für Windows Media Player 11 (KB959772) (HKLM\...\KB959772_WM11) (Version:  - Microsoft Corporation)
Winamp (HKLM\...\Winamp) (Version: 5.56  - Nullsoft, Inc)
Windows Genuine Advantage Notifications (KB905474) (HKLM\...\WgaNotify) (Version: 1.9.0040.0 - Microsoft Corporation)
Windows Genuine Advantage Validation Tool (KB892130) (HKLM\...\KB892130) (Version:  - Microsoft Corporation)
Windows Genuine Advantage Validation Tool (KB892130) (HKLM\...\WGA) (Version: 1.7.0069.2 - Microsoft Corporation)
Windows Imaging Component (HKLM\...\WIC) (Version: 3.0.0.0 - Microsoft Corporation)
Windows Internet Explorer 7 (Version: 20061107.210142 - Microsoft Corporation) Hidden
Windows Internet Explorer 8 (HKLM\...\ie8) (Version: 20090308.140743 - Microsoft Corporation)
Windows Live Call (Version: 14.0.8117.0416 - Microsoft Corporation) Hidden
Windows Live Communications Platform (Version: 14.0.8117.416 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM\...\WinLiveSuite_Wave3) (Version: 14.0.8117.0416 - Microsoft Corporation)
Windows Live Essentials (Version: 14.0.8117.416 - Microsoft Corporation) Hidden
Windows Live Family Safety (Version: 14.0.8118.427 - Microsoft Corporation) Hidden
Windows Live Fotogalerie (Version: 14.0.8117.416 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (HKLM\...\{0840B4D6-7DD1-4187-8523-E6FC0007EFB7}) (Version: 6.500.3165.0 - Microsoft Corporation)
Windows Live Mail (Version: 14.0.8117.0416 - Microsoft Corporation) Hidden
Windows Live Messenger (Version: 14.0.8117.0416 - Microsoft Corporation) Hidden
Windows Live Sync (HKLM\...\{586509F0-350D-48B5-B763-9CC2F8D96C4C}) (Version: 14.0.8117.416 - Microsoft Corporation)
Windows Live Toolbar (Version: 14.0.8117.416 - Microsoft Corporation) Hidden
Windows Live Writer (Version: 14.0.8117.0416 - Microsoft Corporation) Hidden
Windows Live-Uploadtool (HKLM\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation)
Windows Management Framework Core (HKLM\...\KB968930) (Version:  - Microsoft Corporation)
Windows Media Format 11 runtime (HKLM\...\Windows Media Format Runtime) (Version:  - )
Windows Media Format 11 runtime (Version:  - Microsoft Corporation) Hidden
Windows Media Player 11 (HKLM\...\Windows Media Player) (Version:  - )
Windows Media Player 11 (Version:  - Microsoft Corporation) Hidden
Windows Presentation Foundation (Version: 3.0.6920.0 - Microsoft Corporation) Hidden
Windows Presentation Foundation Language Pack (DEU) (Version: 3.0.6920.0 - Microsoft Corporation) Hidden
Windows Search 4.0 (HKLM\...\KB940157) (Version: 04.00.6001.503 - Microsoft Corporation)
Windows XP Service Pack 3 (HKLM\...\Windows XP Service Pack) (Version: 20080414.031514 - Microsoft Corporation)
WinRAR archiver (HKLM\...\WinRAR archiver) (Version:  - )
XING-Plugin (HKLM\...\{3D4B1570-C236-42B3-B24F-B3AAB422C983}) (Version: 3.4.0 - (c) XING AG)
XML Paper Specification Shared Components Language Pack 1.0 (Version:  - Microsoft Corporation) Hidden
XML Paper Specification Shared Components Pack 1.0 (Version:  - Microsoft Corporation) Hidden
Zebra Performance Class Printers (HKLM\...\{38E617E0-4DAC-4743-B109-EA259DF9187A}) (Version: 9.00.00 - Zebra Technologies)
ZebraNet Utilities (HKLM\...\{3D3C6E58-7BAA-11D5-8F8F-0010A4EC0ADE}) (Version:  - Zebra Technologies Corporation)

==================== Restore Points  =========================

Could not list Restore Points. Check "winmgmt" service or repair WMI.


==================== Hosts content: ==========================

2001-08-23 14:00 - 2012-06-25 22:58 - 00000850 ____N C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1       localhost
127.0.0.1	activate.adobe.com


==================== Scheduled Tasks (whitelisted) =============

Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\AdobeAAMUpdater-1.0-INTELLISTATION1-Harald Sahling.job => C:\Programme\Gemeinsame Dateien\Adobe\OOBE\PDApp\UWA\updaterstartuputility.exe
Task: C:\WINDOWS\Tasks\At1.job => C:\Programme\Hp\HP Officejet Pro 8600\Bin\HPCustPartic.exe
Task: C:\WINDOWS\Tasks\At2.job => C:\Programme\Hp\HP Officejet Pro 8600\Bin\HPCustPartic.exe
Task: C:\WINDOWS\Tasks\At3.job => C:\Programme\Hp\HP Officejet Pro 8600\Bin\HPCustPartic.exe
Task: C:\WINDOWS\Tasks\At4.job => C:\Programme\Hp\HP Officejet Pro 8600\Bin\HPCustPartic.exe
Task: C:\WINDOWS\Tasks\Ende des Supports für Microsoft Windows XP –  Benachrichtigung – Anmeldung.job => C:\WINDOWS\system32\xp_eos.exe
Task: C:\WINDOWS\Tasks\Ende des Supports für Microsoft Windows XP – Monatliche Benachrichtigung.job => C:\WINDOWS\system32\xp_eos.exe
Task: C:\WINDOWS\Tasks\ROC_JAN2013_TB_rmv.job => C:\Programme\AVG Secure Search\PostInstall\ROC.exe
Task: C:\WINDOWS\Tasks\ROC_PAID_JAN2013_TB_rmv.job => C:\Programme\AVG Secure Search\PostInstall\ROC.exe
Task: C:\WINDOWS\Tasks\Scheduled Update for Ask Toolbar.job => C:\Programme\Ask.com\UpdateTask.exe

==================== Loaded Modules (whitelisted) =============

2011-08-05 09:01 - 2011-08-05 09:01 - 00018784 _____ () C:\Programme\Acronis\TrueImageHome\ti_managers_proxy_stub.dll
2009-08-23 19:58 - 2009-08-23 19:58 - 00094208 _____ () C:\Programme\FileZilla FTP Client\fzshellext.dll
2013-12-18 20:43 - 2013-12-18 20:43 - 00301056 _____ () C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\PDFShell.DEU
2009-12-05 20:46 - 2010-03-15 11:28 - 00141824 _____ () C:\Programme\WinRAR\rarext.dll
2009-09-13 01:15 - 2006-10-26 20:08 - 00203264 _____ () C:\Programme\mp3Tag 5\tag_menu.dll
2001-08-23 14:00 - 2008-04-14 04:22 - 00014336 _____ () C:\WINDOWS\system32\msdmo.dll
2005-05-03 13:38 - 2005-05-03 13:38 - 00064512 ____R () C:\WINDOWS\system32\P17.dll
2007-03-26 15:14 - 2007-03-26 15:14 - 00126976 _____ () C:\WINDOWS\system32\HPDevEnm.dll
2014-01-10 07:26 - 2014-01-10 07:26 - 01861968 _____ () C:\Programme\DivX\DivX Update\DivXUpdate.exe
2014-01-10 07:28 - 2014-01-10 07:28 - 00100688 _____ () C:\Programme\DivX\DivX Update\DivXUpdateCheck.dll
2011-08-05 12:12 - 2011-08-05 12:12 - 13637608 _____ () C:\Programme\Acronis\TrueImageHome\Common\ti_managers.dll
2012-09-03 08:22 - 2011-05-25 14:08 - 00049152 _____ () C:\WINDOWS\system32\UMonit.exe
2011-05-30 16:55 - 2011-05-30 16:55 - 04910592 _____ () C:\Programme\Assmann\USB Device Server\Control Center.exe
2009-10-31 14:06 - 2009-10-31 14:06 - 00014848 _____ () C:\WINDOWS\assembly\GAC_MSIL\AxInterop.WBOCXLib\1.0.0.0__90ba9c70f846762e\AxInterop.WBOCXLib.dll
2013-05-22 20:50 - 2013-05-22 20:50 - 00400704 _____ () C:\Dokumente und Einstellungen\Harald Sahling\Lokale Einstellungen\Anwendungsdaten\Program Files\Amazon\MP3 Downloader\AmazonMP3DownloaderHelper.exe
2008-03-19 18:06 - 2008-03-19 18:00 - 06333954 _____ () C:\Programme\Datacolor\Spyder3Elite\Utility\Spyder3Utility.exe
2008-03-19 16:38 - 2008-03-19 17:54 - 00327680 _____ () C:\Programme\Datacolor\Spyder3Elite\Utility\CGamma.dll
2008-03-19 16:44 - 2008-03-19 16:37 - 00131072 _____ () C:\Programme\Datacolor\Spyder3Elite\Utility\CSensor.dll
2014-05-26 16:29 - 2014-05-26 16:29 - 00043008 _____ () C:\Dokumente und Einstellungen\Harald Sahling\Lokale Einstellungen\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmp68mvgz.dll
2013-08-23 21:01 - 2013-08-23 21:01 - 25100288 _____ () C:\Dokumente und Einstellungen\Harald Sahling\Anwendungsdaten\Dropbox\bin\libcef.dll
2013-12-18 20:43 - 2013-12-18 20:43 - 00123904 _____ () C:\Programme\Adobe\Acrobat 10.0\Acrobat\Locale\de_de\AcroIEFavClient.DEU
2007-05-01 22:48 - 2006-04-18 19:04 - 00034304 _____ () C:\Programme\Canon\Easy-WebPrint\EWPBrowseLoader.dll
2007-05-01 22:48 - 2006-04-18 19:04 - 00064000 _____ () C:\Programme\Canon\Easy-WebPrint\EWPCore.dll

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\WINDOWS:485C605C8F59BA9C
AlternateDataStreams: C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TEMP:661DFA1C

==================== Safe Mode (whitelisted) ===================

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\nm => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\nm.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\UploadMgr => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\vsmon => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver"

==================== EXE Association (whitelisted) =============


==================== Disabled items from MSCONFIG ==============


==================== Faulty Device Manager Devices =============

Could not list Devices. Check "winmgmt" service or repair WMI.


==================== Event log errors: =========================

Application errors:
==================
Error: (05/26/2014 04:26:48 PM) (Source: SamsungAllShareV2.0) (EventID: 0) (User: )
Description: Service cannot be started. System.Runtime.InteropServices.COMException (0x80070424): Der angegebene Dienst ist kein installierter Dienst. (Exception from HRESULT: 0x80070424)
   at System.Runtime.InteropServices.Marshal.ThrowExceptionForHRInternal(Int32 errorCode, IntPtr errorInfo)
   at System.Management.ManagementScope.InitializeGuts(Object o)
   at System.Management.ManagementScope.Initialize()
   at System.Management.ManagementEventWatcher.Initialize()
   at System.Management.ManagementEventWatcher.Start()
   at AllShareDmsUtil.Manager.AllShareDmsManager.InitEventWatcher()
   at AllShareDmsUtil.Manager.AllShareDmsManager.Initialize()
   at AllShareDmsUtil.Manager.AllShareDmsManager..ctor()
   at AllShareDmsUtil.Manager.AllShareDmsManager.get_Instance()
   at AllShareDMS.AllShareDMS.DoStart()
   at AllShareDMS.AllShareDMS.OnStart(String[] args)
   at System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)

Error: (05/26/2014 04:18:13 PM) (Source: SamsungAllShareV2.0) (EventID: 0) (User: )
Description: Service cannot be started. System.Runtime.InteropServices.COMException (0x80070424): Der angegebene Dienst ist kein installierter Dienst. (Exception from HRESULT: 0x80070424)
   at System.Runtime.InteropServices.Marshal.ThrowExceptionForHRInternal(Int32 errorCode, IntPtr errorInfo)
   at System.Management.ManagementScope.InitializeGuts(Object o)
   at System.Management.ManagementScope.Initialize()
   at System.Management.ManagementEventWatcher.Initialize()
   at System.Management.ManagementEventWatcher.Start()
   at AllShareDmsUtil.Manager.AllShareDmsManager.InitEventWatcher()
   at AllShareDmsUtil.Manager.AllShareDmsManager.Initialize()
   at AllShareDmsUtil.Manager.AllShareDmsManager..ctor()
   at AllShareDmsUtil.Manager.AllShareDmsManager.get_Instance()
   at AllShareDMS.AllShareDMS.DoStart()
   at AllShareDMS.AllShareDMS.OnStart(String[] args)
   at System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)

Error: (05/26/2014 03:41:50 PM) (Source: MsiInstaller) (EventID: 1013) (User: INTELLISTATION1)
Description: SA_Error1709: StandardAction(0xC00706AD): Produkt: AVG 2012 -- SA_Error25001: StandardAction(0xC00761A9): Die Installation kann mit diesem Installationspaket nicht erfolgen, weil eine neuere Version des Produks bereits installiert ist. Sie können das aktuelle Installationspaket herunterladen und ausführen, oder Sie wechseln zu Start -> Einstellungen -> Systemsteuerung -> Software (Programme ändern oder entfernen) und führen zu dem AVG Produkt den Befehl Ändern aus.(NULL)(NULL)(NULL)(NULL)

Error: (05/26/2014 03:14:38 PM) (Source: SamsungAllShareV2.0) (EventID: 0) (User: )
Description: Service cannot be started. System.Runtime.InteropServices.COMException (0x80070424): Der angegebene Dienst ist kein installierter Dienst. (Exception from HRESULT: 0x80070424)
   at System.Runtime.InteropServices.Marshal.ThrowExceptionForHRInternal(Int32 errorCode, IntPtr errorInfo)
   at System.Management.ManagementScope.InitializeGuts(Object o)
   at System.Management.ManagementScope.Initialize()
   at System.Management.ManagementEventWatcher.Initialize()
   at System.Management.ManagementEventWatcher.Start()
   at AllShareDmsUtil.Manager.AllShareDmsManager.InitEventWatcher()
   at AllShareDmsUtil.Manager.AllShareDmsManager.Initialize()
   at AllShareDmsUtil.Manager.AllShareDmsManager..ctor()
   at AllShareDmsUtil.Manager.AllShareDmsManager.get_Instance()
   at AllShareDMS.AllShareDMS.DoStart()
   at AllShareDMS.AllShareDMS.OnStart(String[] args)
   at System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)

Error: (05/26/2014 01:46:54 PM) (Source: SamsungAllShareV2.0) (EventID: 0) (User: )
Description: Service cannot be started. System.Runtime.InteropServices.COMException (0x80010002): Aufruf wurde durch Messagefilter abgebrochen. (Exception from HRESULT: 0x80010002 (RPC_E_CALL_CANCELED))
   at System.Runtime.InteropServices.Marshal.ThrowExceptionForHRInternal(Int32 errorCode, IntPtr errorInfo)
   at System.Management.ManagementScope.InitializeGuts(Object o)
   at System.Management.ManagementScope.Initialize()
   at System.Management.ManagementEventWatcher.Initialize()
   at System.Management.ManagementEventWatcher.Start()
   at AllShareDmsUtil.Manager.AllShareDmsManager.InitEventWatcher()
   at AllShareDmsUtil.Manager.AllShareDmsManager.Initialize()
   at AllShareDmsUtil.Manager.AllShareDmsManager..ctor()
   at AllShareDmsUtil.Manager.AllShareDmsManager.get_Instance()
   at AllShareDMS.AllShareDMS.DoStart()
   at AllShareDMS.AllShareDMS.OnStart(String[] args)
   at System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)

Error: (05/26/2014 01:40:22 PM) (Source: SamsungAllShareV2.0) (EventID: 0) (User: )
Description: Service cannot be started. System.Runtime.InteropServices.COMException (0x80010002): Aufruf wurde durch Messagefilter abgebrochen. (Exception from HRESULT: 0x80010002 (RPC_E_CALL_CANCELED))
   at System.Runtime.InteropServices.Marshal.ThrowExceptionForHRInternal(Int32 errorCode, IntPtr errorInfo)
   at System.Management.ManagementScope.InitializeGuts(Object o)
   at System.Management.ManagementScope.Initialize()
   at System.Management.ManagementEventWatcher.Initialize()
   at System.Management.ManagementEventWatcher.Start()
   at AllShareDmsUtil.Manager.AllShareDmsManager.InitEventWatcher()
   at AllShareDmsUtil.Manager.AllShareDmsManager.Initialize()
   at AllShareDmsUtil.Manager.AllShareDmsManager..ctor()
   at AllShareDmsUtil.Manager.AllShareDmsManager.get_Instance()
   at AllShareDMS.AllShareDMS.DoStart()
   at AllShareDMS.AllShareDMS.OnStart(String[] args)
   at System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)

Error: (05/26/2014 11:12:01 AM) (Source: SamsungAllShareV2.0) (EventID: 0) (User: )
Description: Service cannot be started. System.Runtime.InteropServices.COMException (0x80010002): Aufruf wurde durch Messagefilter abgebrochen. (Exception from HRESULT: 0x80010002 (RPC_E_CALL_CANCELED))
   at System.Runtime.InteropServices.Marshal.ThrowExceptionForHRInternal(Int32 errorCode, IntPtr errorInfo)
   at System.Management.ManagementScope.InitializeGuts(Object o)
   at System.Management.ManagementScope.Initialize()
   at System.Management.ManagementEventWatcher.Initialize()
   at System.Management.ManagementEventWatcher.Start()
   at AllShareDmsUtil.Manager.AllShareDmsManager.InitEventWatcher()
   at AllShareDmsUtil.Manager.AllShareDmsManager.Initialize()
   at AllShareDmsUtil.Manager.AllShareDmsManager..ctor()
   at AllShareDmsUtil.Manager.AllShareDmsManager.get_Instance()
   at AllShareDMS.AllShareDMS.DoStart()
   at AllShareDMS.AllShareDMS.OnStart(String[] args)
   at System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)

Error: (05/26/2014 10:44:26 AM) (Source: SamsungAllShareV2.0) (EventID: 0) (User: )
Description: Service cannot be started. System.Runtime.InteropServices.COMException (0x80010002): Aufruf wurde durch Messagefilter abgebrochen. (Exception from HRESULT: 0x80010002 (RPC_E_CALL_CANCELED))
   at System.Runtime.InteropServices.Marshal.ThrowExceptionForHRInternal(Int32 errorCode, IntPtr errorInfo)
   at System.Management.ManagementScope.InitializeGuts(Object o)
   at System.Management.ManagementScope.Initialize()
   at System.Management.ManagementEventWatcher.Initialize()
   at System.Management.ManagementEventWatcher.Start()
   at AllShareDmsUtil.Manager.AllShareDmsManager.InitEventWatcher()
   at AllShareDmsUtil.Manager.AllShareDmsManager.Initialize()
   at AllShareDmsUtil.Manager.AllShareDmsManager..ctor()
   at AllShareDmsUtil.Manager.AllShareDmsManager.get_Instance()
   at AllShareDMS.AllShareDMS.DoStart()
   at AllShareDMS.AllShareDMS.OnStart(String[] args)
   at System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)

Error: (05/26/2014 10:28:51 AM) (Source: SamsungAllShareV2.0) (EventID: 0) (User: )
Description: Service cannot be started. System.Runtime.InteropServices.COMException (0x80010002): Aufruf wurde durch Messagefilter abgebrochen. (Exception from HRESULT: 0x80010002 (RPC_E_CALL_CANCELED))
   at System.Runtime.InteropServices.Marshal.ThrowExceptionForHRInternal(Int32 errorCode, IntPtr errorInfo)
   at System.Management.ManagementScope.InitializeGuts(Object o)
   at System.Management.ManagementScope.Initialize()
   at System.Management.ManagementEventWatcher.Initialize()
   at System.Management.ManagementEventWatcher.Start()
   at AllShareDmsUtil.Manager.AllShareDmsManager.InitEventWatcher()
   at AllShareDmsUtil.Manager.AllShareDmsManager.Initialize()
   at AllShareDmsUtil.Manager.AllShareDmsManager..ctor()
   at AllShareDmsUtil.Manager.AllShareDmsManager.get_Instance()
   at AllShareDMS.AllShareDMS.DoStart()
   at AllShareDMS.AllShareDMS.OnStart(String[] args)
   at System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)

Error: (05/26/2014 10:13:13 AM) (Source: SamsungAllShareV2.0) (EventID: 0) (User: )
Description: Service cannot be started. System.Runtime.InteropServices.COMException (0x80010002): Aufruf wurde durch Messagefilter abgebrochen. (Exception from HRESULT: 0x80010002 (RPC_E_CALL_CANCELED))
   at System.Runtime.InteropServices.Marshal.ThrowExceptionForHRInternal(Int32 errorCode, IntPtr errorInfo)
   at System.Management.ManagementScope.InitializeGuts(Object o)
   at System.Management.ManagementScope.Initialize()
   at System.Management.ManagementEventWatcher.Initialize()
   at System.Management.ManagementEventWatcher.Start()
   at AllShareDmsUtil.Manager.AllShareDmsManager.InitEventWatcher()
   at AllShareDmsUtil.Manager.AllShareDmsManager.Initialize()
   at AllShareDmsUtil.Manager.AllShareDmsManager..ctor()
   at AllShareDmsUtil.Manager.AllShareDmsManager.get_Instance()
   at AllShareDMS.AllShareDMS.DoStart()
   at AllShareDMS.AllShareDMS.OnStart(String[] args)
   at System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)


System errors:
=============
Error: (05/27/2014 10:10:00 AM) (Source: Schedule) (EventID: 7901) (User: )
Description: Der Befehl "At1.job" konnte aufgrund folgenden Fehlers nicht ausgeführt werden: 
%%2147942405

Error: (05/26/2014 08:40:00 PM) (Source: Schedule) (EventID: 7901) (User: )
Description: Der Befehl "At2.job" konnte aufgrund folgenden Fehlers nicht ausgeführt werden: 
%%2147942405

Error: (05/26/2014 07:06:00 PM) (Source: Schedule) (EventID: 7901) (User: )
Description: Der Befehl "At3.job" konnte aufgrund folgenden Fehlers nicht ausgeführt werden: 
%%2147942405

Error: (05/26/2014 04:19:38 PM) (Source: DCOM) (EventID: 10009) (User: INTELLISTATION1)
Description: DCOM konnte mit dem Computer "GRAPHICSWS" unter Verwendung eines beliebigen, konfigurierten 
Protokolls keine Daten austauschen.

Error: (05/26/2014 01:52:30 PM) (Source: DCOM) (EventID: 10010) (User: NT-AUTORITÄT)
Description: Der Server "{8BC3F05E-D86B-11D0-A075-00C04FB68820}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.

Error: (05/26/2014 01:52:00 PM) (Source: DCOM) (EventID: 10010) (User: NT-AUTORITÄT)
Description: Der Server "{8BC3F05E-D86B-11D0-A075-00C04FB68820}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.

Error: (05/26/2014 01:51:30 PM) (Source: DCOM) (EventID: 10010) (User: NT-AUTORITÄT)
Description: Der Server "{8BC3F05E-D86B-11D0-A075-00C04FB68820}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.

Error: (05/26/2014 01:51:00 PM) (Source: DCOM) (EventID: 10010) (User: NT-AUTORITÄT)
Description: Der Server "{8BC3F05E-D86B-11D0-A075-00C04FB68820}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.

Error: (05/26/2014 01:50:30 PM) (Source: DCOM) (EventID: 10010) (User: NT-AUTORITÄT)
Description: Der Server "{8BC3F05E-D86B-11D0-A075-00C04FB68820}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.

Error: (05/26/2014 01:50:00 PM) (Source: DCOM) (EventID: 10010) (User: NT-AUTORITÄT)
Description: Der Server "{8BC3F05E-D86B-11D0-A075-00C04FB68820}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.


Microsoft Office Sessions:
=========================
Error: (11/05/2013 04:38:02 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6680.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 282891 seconds with 4260 seconds of active time.  This session ended with a crash.

Error: (09/19/2013 11:00:58 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6680.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 653 seconds with 180 seconds of active time.  This session ended with a crash.

Error: (08/31/2013 04:05:09 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6680.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 9281 seconds with 60 seconds of active time.  This session ended with a crash.

Error: (08/12/2013 11:49:44 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6668.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 274117 seconds with 1620 seconds of active time.  This session ended with a crash.

Error: (07/24/2013 03:06:29 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6668.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 23474 seconds with 180 seconds of active time.  This session ended with a crash.

Error: (07/24/2013 07:52:45 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6668.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 88696 seconds with 2220 seconds of active time.  This session ended with a crash.

Error: (07/24/2013 06:37:09 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6668.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 86287 seconds with 2280 seconds of active time.  This session ended with a crash.

Error: (06/22/2013 10:56:33 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6668.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 79740 seconds with 300 seconds of active time.  This session ended with a crash.

Error: (06/16/2013 05:31:05 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6668.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 252721 seconds with 1080 seconds of active time.  This session ended with a crash.

Error: (04/29/2013 05:35:58 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6668.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 69450 seconds with 840 seconds of active time.  This session ended with a crash.


==================== Memory info =========================== 

Percentage of memory in use: 40%
Total physical RAM: 3583.45 MB
Available physical RAM: 2138.46 MB
Total Pagefile: 5468.36 MB
Available Pagefile: 4033.4 MB
Total Virtual: 2047.88 MB
Available Virtual: 1958.03 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:136.73 GB) (Free:77.12 GB) NTFS ==>[Drive with boot components (Windows XP)]
Drive d: (DATARAID) (Fixed) (Total:34.25 GB) (Free:3.07 GB) NTFS
Drive f: (Raid_2012) (Fixed) (Total:1397.26 GB) (Free:24.08 GB) NTFS
Drive i: (PCTV Flash) (Removable) (Total:0.96 GB) (Free:0.72 GB) FAT32
Drive x: () (Network) (Total:226.4 GB) (Free:70.6 GB) NTFS
Drive y: (Raid_2013) (Network) (Total:1769.89 GB) (Free:69.09 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 137 GB) (Disk ID: 417FB7F2)
Partition 1: (Active) - (Size=137 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (Size: 34 GB) (Disk ID: 444C544E)
No partition Table on disk 1.

========================================================
Disk: 2 (MBR Code: Windows XP) (Size: 1397 GB) (Disk ID: C72C66CF)
Partition 1: (Not Active) - (Size=-698723990528) - (Type=42)

========================================================
Disk: 3 (Size: 997 MB) (Disk ID: 00000000)

Partition: GPT Partition Type.

==================== End Of Log ============================
         
PS Vielen Dank für den Support - echt toll dass es "Euch" gibt - kann man Euch fördern?

Alt 28.05.2014, 09:24   #5
schrauber
/// the machine
/// TB-Ausbilder
 

Gelöst aber richtig?/ LPD (GVA) Trojaner auf XP mit Verhinderung abgesicherter Systemstart - Standard

Gelöst aber richtig?/ LPD (GVA) Trojaner auf XP mit Verhinderung abgesicherter Systemstart



Zitat:
127.0.0.1 activate.adobe.com
Adobe Photoshop CS5 gekauft?

__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Antwort

Themen zu Gelöst aber richtig?/ LPD (GVA) Trojaner auf XP mit Verhinderung abgesicherter Systemstart
adobe, akamai, avg, bho, bonjour, converter, einstellungen, error, esgscanner.sys, firefox, flash player, format, helper, homepage, hängen, logfile, officejet, registry, rundll, scan, security, software, starten, trojaner, virus, windows, windows xp, ändern



Ähnliche Themen: Gelöst aber richtig?/ LPD (GVA) Trojaner auf XP mit Verhinderung abgesicherter Systemstart


  1. Tastertur funktioniert nicht richtig nach Systemstart
    Netzwerk und Hardware - 29.08.2014 (1)
  2. GVU Trojaner - abgesicherter Modus lässt sich starten, Screen aber "gesperrt"
    Plagegeister aller Art und deren Bekämpfung - 05.04.2014 (7)
  3. Firefox hat gesperrt, System scheint aber richtig zu laufen Win7 64-bit
    Plagegeister aller Art und deren Bekämpfung - 10.02.2014 (9)
  4. BKA-Trojaner weißer Bildschirm, aber abgesicherter Modus funktioniert auch nicht mehr, Rescue-CDs können nichts finden
    Plagegeister aller Art und deren Bekämpfung - 05.08.2013 (30)
  5. Windows 7: weißer Bildschirm nach Systemstart (auch im abgesicherter Modus)
    Plagegeister aller Art und deren Bekämpfung - 05.08.2013 (7)
  6. GVU-Trojaner - Problem gelöst?
    Alles rund um Windows - 29.01.2013 (2)
  7. Systemstart nicht richtig, taskleiste farbänderung, rechner langsam
    Plagegeister aller Art und deren Bekämpfung - 24.01.2013 (29)
  8. eigenes /etc/init.d Script startet manuell aber nicht beim Systemstart
    Alles rund um Mac OSX & Linux - 16.05.2011 (8)
  9. flacor.dat Fehlermeldung nach jedem Systemstart...aber sonst keine Auffälligkeiten...
    Plagegeister aller Art und deren Bekämpfung - 28.09.2010 (1)
  10. trojaner probs gelöst nach malwarebytes?
    Log-Analyse und Auswertung - 27.07.2009 (43)
  11. System Security, aber Abgesicherter Modus funktioniert nicht
    Plagegeister aller Art und deren Bekämpfung - 11.06.2009 (0)
  12. System neu aufsetzen, aber wie richtig?
    Plagegeister aller Art und deren Bekämpfung - 04.06.2009 (4)
  13. Probleme mit Trojanern - Selbst gelöst, aber was ist mit anderen Problemen?
    Log-Analyse und Auswertung - 13.01.2009 (1)
  14. WLHack.A in winlogon.exe // jetzt aber richtig?!
    Plagegeister aller Art und deren Bekämpfung - 31.03.2007 (2)
  15. PC Kaufen, aber richtig
    Netzwerk und Hardware - 29.08.2006 (1)
  16. K Ahnung, ob ich hier richtig bin, aber...
    Plagegeister aller Art und deren Bekämpfung - 24.11.2005 (1)
  17. phpBB - wer kennt sich aus? (Threads bewerten, aber richtig!)
    Alles rund um Windows - 31.07.2003 (3)

Zum Thema Gelöst aber richtig?/ LPD (GVA) Trojaner auf XP mit Verhinderung abgesicherter Systemstart - Habe/hatte den Virus mit der netten Seite der LPD und Heinzi Fischer... Ich habe mit OTLPE einen Scan gezogen: Code: Alles auswählen Aufklappen ATTFilter OTL logfile created on: 5/26/2014 1:00:56 - Gelöst aber richtig?/ LPD (GVA) Trojaner auf XP mit Verhinderung abgesicherter Systemstart...
Archiv
Du betrachtest: Gelöst aber richtig?/ LPD (GVA) Trojaner auf XP mit Verhinderung abgesicherter Systemstart auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.