Hallo noch,
hier nun noch der OTL Log
Das waren bei mir aber 2 FilesOTL Logfile: Code:
OTL Extras logfile created on: 05.09.2011 17:19:57 - Run 1
OTL by OldTimer - Version 3.2.27.0 Folder = F:\
Windows XP Professional Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
1,99 Gb Total Physical Memory | 1,17 Gb Available Physical Memory | 58,67% Memory free
3,33 Gb Paging File | 2,66 Gb Available in Paging File | 79,99% Paging File free
Paging file location(s): C:\pagefile.sys 1524 3048 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 68,02 Gb Total Space | 7,80 Gb Free Space | 11,46% Space Free | Partition Type: NTFS
Drive D: | 81,02 Gb Total Space | 13,88 Gb Free Space | 17,14% Space Free | Partition Type: NTFS
Drive F: | 118,04 Mb Total Space | 105,77 Mb Free Space | 89,60% Space Free | Partition Type: FAT32
Computer Name: LENOVO-GEWI1 | User Name: ***** | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
htmlfile [edit] -- "C:\Programme\Microsoft Office\Office\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Programme\Microsoft Office\Office\msohtmed.exe" /p %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002
"10243:TCP" = 10243:TCP:LocalSubNet:Enabled:Windows Media Player-Netzwerkfreigabedienst
"10280:UDP" = 10280:UDP:LocalSubNet:Enabled:Windows Media Player-Netzwerkfreigabedienst
"10281:UDP" = 10281:UDP:LocalSubNet:Enabled:Windows Media Player-Netzwerkfreigabedienst
"10282:UDP" = 10282:UDP:LocalSubNet:Enabled:Windows Media Player-Netzwerkfreigabedienst
"10283:UDP" = 10283:UDP:LocalSubNet:Enabled:Windows Media Player-Netzwerkfreigabedienst
"10284:UDP" = 10284:UDP:LocalSubNet:Enabled:Windows Media Player-Netzwerkfreigabedienst
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002
"10243:TCP" = 10243:TCP:LocalSubNet:Enabled:Windows Media Player-Netzwerkfreigabedienst
"10280:UDP" = 10280:UDP:LocalSubNet:Enabled:Windows Media Player-Netzwerkfreigabedienst
"10281:UDP" = 10281:UDP:LocalSubNet:Enabled:Windows Media Player-Netzwerkfreigabedienst
"10282:UDP" = 10282:UDP:LocalSubNet:Enabled:Windows Media Player-Netzwerkfreigabedienst
"10283:UDP" = 10283:UDP:LocalSubNet:Enabled:Windows Media Player-Netzwerkfreigabedienst
"10284:UDP" = 10284:UDP:LocalSubNet:Enabled:Windows Media Player-Netzwerkfreigabedienst
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\DATEV\PROGRAMM\DBMSTool\dvpcdbcockpit.exe" = C:\DATEV\PROGRAMM\DBMSTOOL\dvpcdbcockpit.exe:*:Enabled:dvpcdbcockpit.exe -- (DATEV eG)
"C:\DATEV\SYSTEM\DVBSPrintSrvDBRep.exe" = C:\DATEV\SYSTEM\DVBSPrintSrvDBRep.exe:*:Enabled:DVBSPrintSrvDBRep.exe
"C:\DATEV\SYSTEM\DVBSPrintSrvLog.exe" = C:\DATEV\SYSTEM\DVBSPrintSrvLog.exe:*:Enabled:DVBSPrintSrvLog.exe
"C:\DATEV\SYSTEM\PSNTServ.exe" = C:\DATEV\SYSTEM\PSNTServ.exe:*:Enabled:PSNTServ.exe
"C:\DATEV\PROGRAMM\DSERVICE\DVBSPrintSrvTDCTool.exe" = C:\DATEV\PROGRAMM\DSERVICE\DVBSPrintSrvTDCTool.exe:*:Enabled:DVBSPrintSrvTDCTool.exe
"C:\DATEV\PROGRAMM\DSERVICE\Psclean.exe" = C:\DATEV\PROGRAMM\DSERVICE\Psclean.exe:*:Enabled:Psclean.exe
"C:\DATEV\PROGRAMM\INSTALL\Execdll\ExecDllExe.exe" = C:\DATEV\PROGRAMM\INSTALL\Execdll\ExecDllExe.exe:*:Enabled:ExecDllExe.exe -- (DATEV eG)
"C:\DATEV\PROGRAMM\INSTALL\Uninstal.exe" = C:\DATEV\PROGRAMM\INSTALL\Uninstal.exe:*:Enabled:Uninstal.exe -- (DATEV eG)
"C:\DATEV\PROGRAMM\SRVTOOL\SrvTool.exe" = C:\DATEV\PROGRAMM\SRVTOOL\SrvTool.exe:*:Enabled:SrvTool.exe
"C:\DATEV\PROGRAMM\ASA\WIN32\CLIENT\dbeng6.exe" = C:\DATEV\PROGRAMM\ASA\WIN32\CLIENT\dbeng6.exe:*:Enabled:dbeng6.exe
"C:\DATEV\PROGRAMM\NESYMAND\NesyMand.exe" = C:\DATEV\PROGRAMM\NESYMAND\NesyMand.exe:*:Enabled:NesyMand.exe
"C:\DATEV\SYSTEM\DVNESYTrafo001.exe" = C:\DATEV\SYSTEM\DVNESYTrafo001.exe:*:Enabled:DVNESYTrafo001.exe
"C:\DATEV\PROGRAMM\NESYERF\NesyErf.exe" = C:\DATEV\PROGRAMM\NESYERF\NesyErf.exe:*:Enabled:NesyErf.exe
"C:\Programme\McAfee\Managed VirusScan\Agent\myAgtSvc.exe" = C:\Programme\McAfee\Managed VirusScan\Agent\myAgtSvc.exe:*:Enabled:Managed Services Agent -- (McAfee, Inc.)
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Programme\McAfee\Managed VirusScan\Agent\myAgtSvc.exe" = C:\Programme\McAfee\Managed VirusScan\Agent\myAgtSvc.exe:*:Enabled:Managed Services Agent -- (McAfee, Inc.)
"C:\Programme\HP\Digital Imaging\bin\hpofxm08.exe" = C:\Programme\HP\Digital Imaging\bin\hpofxm08.exe:*:Enabled:hpofxm08.exe -- (Hewlett-Packard Development Company, L.P.)
"C:\Programme\HP\Digital Imaging\bin\hposfx08.exe" = C:\Programme\HP\Digital Imaging\bin\hposfx08.exe:*:Enabled:hposfx08.exe -- (Hewlett-Packard Development Company, L.P.)
"C:\Programme\HP\Digital Imaging\bin\hposid01.exe" = C:\Programme\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe -- (Hewlett-Packard Development Company, L.P.)
"C:\Programme\HP\Digital Imaging\bin\hpqCopy.exe" = C:\Programme\HP\Digital Imaging\bin\hpqCopy.exe:*:Enabled:hpqcopy.exe -- (Hewlett-Packard Development Company, L.P.)
"C:\Programme\HP\Digital Imaging\bin\hpfccopy.exe" = C:\Programme\HP\Digital Imaging\bin\hpfccopy.exe:*:Enabled:hpfccopy.exe -- (Hewlett-Packard)
"C:\Programme\HP\Digital Imaging\bin\hpzwiz01.exe" = C:\Programme\HP\Digital Imaging\bin\hpzwiz01.exe:*:Enabled:hpzwiz01.exe -- (Hewlett-Packard Development Company, L.P.)
"C:\Programme\HP\Digital Imaging\Unload\HpqPhUnl.exe" = C:\Programme\HP\Digital Imaging\Unload\HpqPhUnl.exe:*:Enabled:hpqphunl.exe -- (Hewlett-Packard)
"C:\Programme\HP\Digital Imaging\Unload\HpqDIA.exe" = C:\Programme\HP\Digital Imaging\Unload\HpqDIA.exe:*:Enabled:hpqdia.exe -- ( )
"C:\Programme\HP\Digital Imaging\bin\hpoews01.exe" = C:\Programme\HP\Digital Imaging\bin\hpoews01.exe:*:Enabled:hpoews01.exe -- (Hewlett-Packard Development Company, L.P.)
"C:\Programme\Retrospect\Retrospect 7.5\Retrospect.exe" = C:\Programme\Retrospect\Retrospect 7.5\Retrospect.exe:*:Enabled:Retrospect -- (EMC Corporation)
"C:\DATEV\PROGRAMM\DBMSTool\dvpcdbcockpit.exe" = C:\DATEV\PROGRAMM\DBMSTOOL\dvpcdbcockpit.exe:*:Enabled:dvpcdbcockpit.exe -- (DATEV eG)
"C:\DATEV\SYSTEM\DVBSPrintSrvDBRep.exe" = C:\DATEV\SYSTEM\DVBSPrintSrvDBRep.exe:*:Enabled:DVBSPrintSrvDBRep.exe
"C:\DATEV\SYSTEM\DVBSPrintSrvLog.exe" = C:\DATEV\SYSTEM\DVBSPrintSrvLog.exe:*:Enabled:DVBSPrintSrvLog.exe
"C:\DATEV\SYSTEM\PSNTServ.exe" = C:\DATEV\SYSTEM\PSNTServ.exe:*:Enabled:PSNTServ.exe
"C:\DATEV\PROGRAMM\DSERVICE\DVBSPrintSrvTDCTool.exe" = C:\DATEV\PROGRAMM\DSERVICE\DVBSPrintSrvTDCTool.exe:*:Enabled:DVBSPrintSrvTDCTool.exe
"C:\DATEV\PROGRAMM\DSERVICE\Psclean.exe" = C:\DATEV\PROGRAMM\DSERVICE\Psclean.exe:*:Enabled:Psclean.exe
"C:\DATEV\PROGRAMM\INSTALL\Execdll\ExecDllExe.exe" = C:\DATEV\PROGRAMM\INSTALL\Execdll\ExecDllExe.exe:*:Enabled:ExecDllExe.exe -- (DATEV eG)
"C:\DATEV\PROGRAMM\INSTALL\Uninstal.exe" = C:\DATEV\PROGRAMM\INSTALL\Uninstal.exe:*:Enabled:Uninstal.exe -- (DATEV eG)
"C:\DATEV\PROGRAMM\SRVTOOL\SrvTool.exe" = C:\DATEV\PROGRAMM\SRVTOOL\SrvTool.exe:*:Enabled:SrvTool.exe
"C:\DATEV\PROGRAMM\ASA\WIN32\CLIENT\dbeng6.exe" = C:\DATEV\PROGRAMM\ASA\WIN32\CLIENT\dbeng6.exe:*:Enabled:dbeng6.exe
"C:\DATEV\PROGRAMM\NESYMAND\NesyMand.exe" = C:\DATEV\PROGRAMM\NESYMAND\NesyMand.exe:*:Enabled:NesyMand.exe
"C:\DATEV\SYSTEM\DVNESYTrafo001.exe" = C:\DATEV\SYSTEM\DVNESYTrafo001.exe:*:Enabled:DVNESYTrafo001.exe
"C:\DATEV\PROGRAMM\NESYERF\NesyErf.exe" = C:\DATEV\PROGRAMM\NESYERF\NesyErf.exe:*:Enabled:NesyErf.exe
"C:\Programme\Nokia\Nokia Home Media Server\Media Server\twonkymedia.exe" = C:\Programme\Nokia\Nokia Home Media Server\Media Server\twonkymedia.exe:*:Enabled:TwonkyMedia -- (PacketVideo)
"C:\Programme\Nokia\Nokia Home Media Server\Media Server\twonkymediaserver.exe" = C:\Programme\Nokia\Nokia Home Media Server\Media Server\twonkymediaserver.exe:*:Enabled:TwonkyMediaServer -- ()
"C:\Programme\Retrospect\Retrospect Express HD 2.5\Retrospect.exe" = C:\Programme\Retrospect\Retrospect Express HD 2.5\Retrospect.exe:*:Enabled:Retrospect Express HD -- (EMC Corporation)
"C:\Programme\Retrospect\Retrospect Express HD 2.5\retrorun.exe" = C:\Programme\Retrospect\Retrospect Express HD 2.5\retrorun.exe:*:Enabled:Retrospect Express HD Launcher service -- (EMC Corporation)
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00000407-78E1-11D2-B60F-006097C998E7}" = Microsoft Office 2000 Premium
"{00040407-78E1-11D2-B60F-006097C998E7}" = Microsoft Office 2000 Disc 2
"{028ED9C4-25EE-4DEE-9CF4-91034BC89B18}" = Microsoft SQL Server 2005 Express Edition (MSSMLBIZ)
"{03528A01-7E5E-4C5F-94DF-1D8012E969EF}" = Nokia Map Loader
"{075473F5-846A-448B-BCB3-104AA1760205}" = RecordNow Data
"{07629207-FAA0-4F1A-8092-BF5085BE511F}" = Unterstützungsdateien für das Microsoft SQL Server-Setup (Englisch)
"{0BA6B649-579C-4C8B-8B2D-9DD0A75E6E40}" = Nokia Photos
"{0CFF0BFE-B750-4ECA-882D-03B8C6A9F26A}" = Nokia Ovi Content Copier
"{1007F41F-7D69-468E-8017-3849A5A973C2}" = ThinkVantage Technologies Welcome Message
"{10DDCDDD-9A59-4496-9371-C17F1668D433}" = Windows Live Toolbar
"{1206EF92-2E83-4859-ACCB-2048C3CB7DA6}" = Sonic DLA
"{127AB854-E30D-4E60-A1AB-28415B3E0E82}" = Top50 V5 Viewer
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{18533287-862B-40B4-86CD-4C5A299D902A}" = WISE-FTP
"{1933FE45-AF8D-482D-9BC7-5F651BBF0A4F}" = Nokia Ovi System Utilities
"{1D1D8ADC-BF08-4E61-9393-5FA305B16864}" = Microsoft SQL Server Native Client
"{1FFBEF6F-98F3-4EEA-8103-7A85C1017D20}" = Geogrid®-Viewer
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{2376813B-2E5A-4641-B7B3-A0D5ADB55229}" = HPPhotoSmartExpress
"{2BAB23B0-70CE-4E7C-85B4-36154482CD57}" = Nokia Ovi Suite
"{2CC982C0-7EAE-11D4-ACC3-0050568AD318}" = Avery Zweckform DesignPro
"{2FA28330-2028-4033-BD10-425C87EB4D54}" = Nokia Software Updater
"{30465B6C-B53F-49A1-9EBA-A3F187AD502E}" = Sonic Update Manager
"{3248F0A8-6813-11D6-A77B-00B0D0150060}" = J2SE Runtime Environment 5.0 Update 6
"{3248F0A8-6813-11D6-A77B-00B0D0150070}" = J2SE Runtime Environment 5.0 Update 7
"{3248F0A8-6813-11D6-A77B-00B0D0160050}" = Java(TM) 6 Update 5
"{3248F0A8-6813-11D6-A77B-00B0D0160070}" = Java(TM) 6 Update 7
"{350C97B3-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{363790D2-DA98-41DD-9C9F-69FA36B169DE}" = PanoStandAlone
"{389D45C9-AA08-4034-A256-2A38C311999D}" = Iomega Discovery Tool Pro
"{45B8A76B-57EC-4242-B019-066400CD8428}" = BufferChm
"{48227AEB-DC8E-4A90-A274-0B4A39D699B1}" = Client Security Solution
"{4850B023-A9C0-4D15-8DE6-326028CAB499}" = Visual C++ 8.0 x86 Runtime Setup Package
"{4BDFD2CE-6329-42E4-9801-9B3D1F10D79B}" = Adobe® Photoshop® Album Starter Edition 3.0
"{4cb9f93c-9edc-4be9-ae61-af128ddbecfa}" = Business Contact Manager für Outlook 2007
"{4EA684E9-5C81-4033-A696-3019EC57AC3A}" = HPProductAssistant
"{50120000-1105-0000-0000-0000000FF1CE}" = Microsoft Office 2007 Primary Interop Assemblies
"{57573545-74EB-46D2-B362-AA05364E4ED8}" = LogMeIn
"{5C759B74-34F4-43C6-A5D9-039CB754C5E9}" = Microsoft SQL Server VSS Writer
"{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites
"{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}" = Sonic Express Labeler
"{66910000-8B30-4973-A159-6371345AFFA5}" = WebReg
"{66E6CE0C-5A1E-430C-B40A-0C90FF1804A8}" = eSupportQFolder
"{68763C27-235D-4165-A961-FDEA228CE504}" = AiOSoftwareNPI
"{6909F917-5499-482e-9AA1-FAD06A99F231}" = Toolbox
"{6994491D-D491-48F1-AE1F-E179C1FFFC2F}" = HP Photosmart Essential
"{6CEC5DEA-44D1-4C56-978E-56BFD84AF10D}" = Nokia Ovi One Touch Access
"{6D3A2A6C-59CD-4A6D-9516-0A34C393ED95}" = Nokia MTP driver
"{6F5E2F4A-377D-4700-B0E3-8F7F7507EA15}" = CustomerResearchQFolder
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{735DEB9C-61BD-4D31-994B-92395BBB4E45}" = Microsoft XML Parser
"{736C803C-DD3B-4015-BC51-AFB9E67B9076}" = Readme
"{7726CF62-7B45-4E6D-9266-615346816BCA}" = Rescue and Recovery
"{796E076A-82F7-4D49-98C8-DEC0C3BC733A}" = Diskeeper Lite
"{7E7B7865-6C80-4373-8BC1-C2EB9431F9DE}" = ProductContextNPI
"{7FC3BBEC-5A91-41B0-9CB8-960EC4421411}" = InterVideo WinDVD Creator 3
"{8215AC14-BFC2-4ECC-96D6-1030202F8BDF}" = Visual C++ 8.0 x86 Runtime Setup Package
"{8331C3EA-0C91-43AA-A4D4-27221C631139}" = Status
"{83622A51-877C-4FB8-92BB-2572B3B4F4B8}" = OOBE06_Exp2
"{8675339C-128C-44DD-83BF-0A5D6ABD8297}" = System Update
"{87E2B986-07E8-477a-93DC-AF0B6758B192}" = DocProcQFolder
"{8815F011-43AF-4F50-BBD8-D78ED3D6F5B9}" = VR-NetWorld
"{8937FCB2-2FC6-4FC3-9FB5-DE2C92DB9C38}" = Microsoft .NET Framework 2.0 Language Pack - DEU
"{8A4CE7FD-9657-4B06-9943-E1819F3D5D67}" = DocProc
"{8CE4E6E9-9D55-43FB-9DDB-688C976BFC05}" = Unload
"{8E9B3C8E-66BF-4345-97E5-FD16CD9A26AD}" = frankonia_international
"{90A40407-6000-11D3-8CFE-0150048383C9}" = Microsoft Office 2003 Web Components
"{90FF23FE-0E1B-40DF-A22E-B4C0372E5936}" = Iomega Product Registration
"{91810AFC-A4F8-4EBA-A5AA-B198BBC81144}" = InterVideo WinDVD
"{92596597-71B3-4608-8628-AD48F2664EB9}" = Retrospect 7.5
"{96963F83-7F17-4941-B16C-1E790455E93A}" = McAfee SiteAdvisor Enterprise Plus
"{986F64DC-FF15-449D-998F-EE3BCEC6666A}" = Help Center
"{996512CF-F35B-48DE-9291-557FA5316967}" = ScannerCopy
"{9C7C8898-DC29-4E8B-9E77-55A77C3250F6}" = PC Connectivity Solution
"{9D22599D-E1F4-4934-8B4D-2BBA46662251}" = System Migration Assistant
"{9FC8D8F8-AF3A-4488-98AF-51C6DEC732F2}" = c3100_Help
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A4E0CA0F-1903-440A-9B98-FEA6CB049999}" = Nokia Flashing Cable Driver
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A939D341-5A04-4E0A-BB55-3E65B386432D}" = Microsoft Office Small Business Connectivity Components
"{A9F6CFB0-806D-11E0-8EA1-B8AC6F97B88E}" = Google Earth Plug-in
"{AB5D51AE-EBC3-438D-872C-705C7C2084B0}" = DeviceManagementQFolder
"{AB708C9B-97C8-4AC9-899B-DBF226AC9382}" = RecordNow Audio
"{AC76BA86-7AD7-1031-7B44-A81300000003}" = Adobe Reader 8.1.3 - Deutsch
"{B12665F4-4E93-4AB4-B7FC-37053B524629}" = RecordNow Copy
"{B334D9AE-1393-423E-97C0-3BDC3360E692}" = Sonic Icons for Lenovo
"{B55690B9-756E-41C6-8418-84AB04A5A605}" = Nokia Ovi Music Manager
"{BB85ED9C-AFC9-43BD-B8DC-258C3C7DF72E}" = HP Software Update
"{BCC57687-98A2-4C4C-B0F8-BC6B6F52D4E3}" = Retrospect Express HD 2.5
"{BDBE2F3E-42DB-4d4a-8CB1-19BA765DBC6C}" = HP Photosmart, Officejet and Deskjet 7.0.A
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C3F19A5F-35A8-4FDB-A6ED-0F4CE398DA48}" = Nokia Connectivity Cable Driver
"{C54ED2B6-1AF2-416F-BBA8-5E2B8CDCB5C4}" = XP Themes
"{C6FA39A7-26B1-480A-BC74-6D17531AC222}" = Access Help
"{C7F54CF8-D6FB-4E0A-93A3-E68AE0D6C476}" = SolutionCenter
"{C8753E28-2680-49BF-BD48-DD38FD086EFE}" = AiO_Scan_CDA
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CF5737AF-8550-4546-A69B-0EA9EF5A9B55}" = ThinkVantage Productivity Center
"{D353C323-5E95-4873-9825-9FEC1C8A3794}" = Nokia Download!
"{D728E945-256D-4477-B377-6BBA693714AC}" = Ergänzung zu Productivity Center für ThinkCentre
"{DAC63ECB-4571-435F-9B19-51F54BC88109}" = Nokia Home Media Server
"{DBC20735-34E6-4E97-A9E5-2066B66B243D}" = TrayApp
"{E1B80DEE-A795-4258-8445-074C06AE3AB8}" = MarketResearch
"{E5343B27-55DF-40BD-9FCF-A643C1331E8A}" = Acronis True Image Home
"{E5BD02EF-36F1-478F-88B2-D3990C62C2CB}" = SQLXML4
"{E728E952-DD4F-4BCD-A5C8-40FBFEFF91FE}" = OpenOffice.org Installer 1.0
"{E78BFA60-5393-4C38-82AB-E8019E464EB4}" = Microsoft .NET Framework 1.1 German Language Pack
"{E7E836B8-4BDD-454F-82E6-5FEA17C83AD4}" = Message Center
"{E94603CA-2996-4154-8EE2-A5FCD4BFB500}" = Nokia Lifeblog 2.5
"{EB8C9964-09AC-48bf-8B98-027609C78251}" = C3100
"{F0A37341-D692-11D4-A984-009027EC0A9C}" = SoundMAX
"{F157460F-720E-482f-8625-AD7843891E5F}" = InstantShareDevicesMFC
"{F3760724-B29D-465B-BC53-E5D72095BCC4}" = Scan
"{F386C340-DF4B-4BBA-9503-420FB7EDB395}" = Wallpapers
"{F44F0A3A-2110-4705-B5EC-D5B6371F53C1}" = Visual C++ 8.0 x86 Runtime Setup Package
"{F6076EF9-08E1-442F-B6A2-BFB61B295A14}" = Fax_CDA
"{FA25FAF6-3097-43C9-BBB2-A77CE8AF1881}" = Nokia NSeries Multimedia Player
"{FB15E224-67C3-491F-9F5C-F257BC418412}" = Destinations
"{FBB980B0-63F8-4B48-8D65-90F1D9F81D9F}" = NewCopy_CDA
"{FC762E57-B09D-41AE-AA5F-3DAC3CBE453E}" = Nokia Ovi Application Installer
"{FD2DCBAA-63D7-4932-9C39-C261CF51D746}" = Microsoft SQL Server Desktop Engine (DATEV_CL_DE01)
"3A5DEFA413DDE699DBA6EBE0A63534ACA524D30F" = Windows-Treiberpaket - Nokia pccsmcfd (10/12/2007 6.85.4.0)
"Activation Assistant for the 2007 Microsoft Office suites" = Activation Assistant for the 2007 Microsoft Office suites
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"AFPL Ghostscript 8.51" = AFPL Ghostscript 8.51
"AFPL Ghostscript Fonts" = AFPL Ghostscript Fonts
"AwayTask" = ThinkVantage Away Manager
"Biet-O-Matic v2.8.2" = Biet-O-Matic v2.8.2
"Business Contact Manager für Outlook 2007" = Business Contact Manager für Outlook 2007
"CrossLoop_is1" = CrossLoop 2.10
"DasTelefonbuch GelbeSeiten Map & Route" = DasTelefonbuch GelbeSeiten Map & Route
"DATEVB00000482.0" = DATEV Installation V.2.6
"DVDFab Platinum 4_is1" = DVDFab Platinum 4.0.5.5 Ghosthunter release
"FreePDF_XP" = FreePDF XP (Remove only)
"Google Updater" = Google Updater
"HDMI" = Intel(R) Graphics Media Accelerator Driver
"HP Imaging Device Functions" = HP Imaging Device Functions 7.0
"HP Solution Center & Imaging Support Tools" = HP Solution Center 7.0
"HPExtendedCapabilities" = HP Customer Participation Program 7.0
"HPOCR" = OCR Software by I.R.I.S 7.0
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie7" = Windows Internet Explorer 7
"ie8" = Windows Internet Explorer 8
"Iomega StorCenter" = Iomega StorCenter
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware Version 1.51.1.1800
"McAfee Managed Firewall" = McAfee Firewall Protection Service
"McAfee Security Scan" = McAfee Security Scan Plus
"McAfeeBrowserProtection" = McAfee Browser Protection Service
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 2.0 Language Pack - DEU" = Microsoft .NET Framework 2.0 Language Pack - DEU
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft SQL Server 2005" = Microsoft SQL Server 2005
"MouseSuite98" = Mouse Suite
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"MVS" = McAfee Virus and Spyware Protection Service
"NeroMultiInstaller!UninstallKey" = Nero Suite
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"Nokia Ovi Application Installer" = Nokia Ovi Application Installer 6.85.3008
"Nokia Ovi Content Copier" = Nokia Ovi Content Copier 6.85.3008
"Nokia Ovi Music Manager" = Nokia Ovi Music Manager 6.85.3008
"Nokia Ovi One Touch Access" = Nokia Ovi One Touch Access 6.85.3008
"Nokia Ovi System Utilities" = Nokia Ovi System Utilities 6.85.3008
"Paint Shop Pro 5.03" = Paint Shop Pro 5.03 CD
"PC-Doctor 5 for Windows" = PC-Doctor 5 for Windows
"Picasa 3" = Picasa 3
"Redirection Port Monitor" = RedMon - Redirection Port Monitor
"Remove Multimedia Center" = Remove Multimedia Center
"ST5UNST #1" = QuickLOAD
"ST5UNST #2" = QuickDESIGN
"TwonkyvisionUPnPTwonkyMedia" = TwonkyMedia
"Ulead GIF Animator 4.0" = Ulead GIF Animator 4.0 Trial Version
"Wdf01005" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
"WIC" = Windows Imaging Component
"Windows Live Toolbar" = Windows Live Toolbar
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"WinGimp-2.0_is1" = The GIMP 2.2.13
"WinGTK-2_is1" = GTK+ 2.10.6-1 runtime environment
"WMCSetup" = Windows Media Connect
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01005" = Microsoft User-Mode Driver Framework Feature Pack 1.5
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 03.09.2011 05:44:41 | Computer Name = LENOVO-GEWI1 | Source = crypt32 | ID = 131083
Description = Die Extrahierung der Drittanbieterstammlisten aus der automatischen
Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>
ist fehlgeschlagen mit dem Fehler: Ein erforderliches Zertifikat befindet sich
nicht im Gültigkeitszeitraum gemessen an der aktuellen Systemzeit oder dem Zeitstempel
in der signierten Datei. .
Error - 03.09.2011 05:45:32 | Computer Name = LENOVO-GEWI1 | Source = simpleServer | ID = 3299
Description = simpleServer information: Error: Ignoring unknown directive "StartThread"
At
line 6 in C:\Dokumente und Einstellungen\GEWI\Lokale Einstellungen\Anwendungsdaten\sohoclient\cfg/sohoclient.conf
Make
sure the required module is loaded and the relevant handlers have been added. Ensure
the directive is after all LoadModule and AddHandler directives. .
Error - 05.09.2011 08:38:34 | Computer Name = LENOVO-GEWI1 | Source = Application Hang | ID = 1002
Description = Stillstehende Anwendung explorer.exe, Version 6.0.2900.3156, Stillstandmodul
hungapp, Version 0.0.0.0, Stillstandadresse 0x00000000.
Error - 05.09.2011 08:44:50 | Computer Name = LENOVO-GEWI1 | Source = Application Hang | ID = 1002
Description = Stillstehende Anwendung explorer.exe, Version 6.0.2900.3156, Stillstandmodul
hungapp, Version 0.0.0.0, Stillstandadresse 0x00000000.
Error - 05.09.2011 08:48:09 | Computer Name = LENOVO-GEWI1 | Source = crypt32 | ID = 131080
Description = Der automatische Aktualisierungsabruf der Drittanbieterstammlisten-Sequenznummer
von <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>
ist fehlgeschlagen mit dem Fehler: The server name or address could not be resolved
.
Error - 05.09.2011 08:48:11 | Computer Name = LENOVO-GEWI1 | Source = crypt32 | ID = 131080
Description = Der automatische Aktualisierungsabruf der Drittanbieterstammlisten-Sequenznummer
von <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>
ist fehlgeschlagen mit dem Fehler: Diese Netzwerkverbindung ist nicht vorhanden.
.
Error - 05.09.2011 08:48:21 | Computer Name = LENOVO-GEWI1 | Source = simpleServer | ID = 3299
Description = simpleServer information: Error: Ignoring unknown directive "StartThread"
At
line 6 in C:\Dokumente und Einstellungen\****\Lokale Einstellungen\Anwendungsdaten\sohoclient\cfg/sohoclient.conf
Make
sure the required module is loaded and the relevant handlers have been added. Ensure
the directive is after all LoadModule and AddHandler directives. .
Error - 05.09.2011 08:50:51 | Computer Name = LENOVO-GEWI1 | Source = crypt32 | ID = 131080
Description = Der automatische Aktualisierungsabruf der Drittanbieterstammlisten-Sequenznummer
von <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>
ist fehlgeschlagen mit dem Fehler: The server name or address could not be resolved
.
Error - 05.09.2011 08:50:51 | Computer Name = LENOVO-GEWI1 | Source = crypt32 | ID = 131080
Description = Der automatische Aktualisierungsabruf der Drittanbieterstammlisten-Sequenznummer
von <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>
ist fehlgeschlagen mit dem Fehler: Diese Netzwerkverbindung ist nicht vorhanden.
.
Error - 05.09.2011 11:17:59 | Computer Name = LENOVO-GEWI1 | Source = simpleServer | ID = 3299
Description = simpleServer information: Error: Ignoring unknown directive "StartThread"
At
line 6 in C:\Dokumente und Einstellungen\****\Lokale Einstellungen\Anwendungsdaten\sohoclient\cfg/sohoclient.conf
Make
sure the required module is loaded and the relevant handlers have been added. Ensure
the directive is after all LoadModule and AddHandler directives. .
[ System Events ]
Error - 03.09.2011 04:36:33 | Computer Name = LENOVO-GEWI1 | Source = Service Control Manager | ID = 7001
Description = Der Dienst "DHCP-Client" ist vom Dienst "NetBios über TCP/IP" abhängig,
der aufgrund folgenden Fehlers nicht gestartet wurde: %%31
Error - 03.09.2011 04:36:33 | Computer Name = LENOVO-GEWI1 | Source = Service Control Manager | ID = 7001
Description = Der Dienst "DNS-Client" ist vom Dienst "TCP/IP-Protokolltreiber" abhängig,
der aufgrund folgenden Fehlers nicht gestartet wurde: %%31
Error - 03.09.2011 04:36:33 | Computer Name = LENOVO-GEWI1 | Source = Service Control Manager | ID = 7001
Description = Der Dienst "TCP/IP-NetBIOS-Hilfsprogramm" ist vom Dienst "AFD" abhängig,
der aufgrund folgenden Fehlers nicht gestartet wurde: %%31
Error - 03.09.2011 04:36:33 | Computer Name = LENOVO-GEWI1 | Source = Service Control Manager | ID = 7001
Description = Der Dienst "McAfee Validation Trust Protection Service" ist vom Dienst
"McAfee Inc. mfehidk" abhängig, der aufgrund folgenden Fehlers nicht gestartet
wurde: %%31
Error - 03.09.2011 04:36:33 | Computer Name = LENOVO-GEWI1 | Source = Service Control Manager | ID = 7001
Description = Der Dienst "IPSEC-Dienste" ist vom Dienst "IPSEC-Treiber" abhängig,
der aufgrund folgenden Fehlers nicht gestartet wurde: %%31
Error - 03.09.2011 04:36:33 | Computer Name = LENOVO-GEWI1 | Source = Service Control Manager | ID = 7001
Description = Der Dienst "McAfee McShield" ist vom Dienst "McAfee Validation Trust
Protection Service" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1068
Error - 03.09.2011 04:36:33 | Computer Name = LENOVO-GEWI1 | Source = Service Control Manager | ID = 7001
Description = Der Dienst "McAfee Firewall Core Service" ist vom Dienst "McAfee Validation
Trust Protection Service" abhängig, der aufgrund folgenden Fehlers nicht gestartet
wurde: %%1068
Error - 03.09.2011 04:36:33 | Computer Name = LENOVO-GEWI1 | Source = Service Control Manager | ID = 7026
Description = Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
AFD Fips intelppm IPSec mfehidk mfetdi2k mfetdik MRxSmb NetBIOS NetBT RasAcd Rdbss Tcpip
Error - 03.09.2011 04:41:02 | Computer Name = LENOVO-GEWI1 | Source = DCOM | ID = 10005
Description = Bei DCOM ist der Fehler "%1084" aufgetreten, als der Dienst "EventSystem"
mit den Argumenten "" gestartet wurde, um den folgenden Server zu verwenden: {1BE1F766-5536-11D1-B726-00C04FB926AF}
Error - 03.09.2011 04:42:24 | Computer Name = LENOVO-GEWI1 | Source = Service Control Manager | ID = 7000
Description = Der Dienst "Upload-Manager" wurde aufgrund folgenden Fehlers nicht
gestartet: %%1079
< End of report > --- --- ---
File 2OTL Logfile: Code:
OTL logfile created on: 05.09.2011 17:19:57 - Run 1
OTL by OldTimer - Version 3.2.27.0 Folder = F:\
Windows XP Professional Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
1,99 Gb Total Physical Memory | 1,17 Gb Available Physical Memory | 58,67% Memory free
3,33 Gb Paging File | 2,66 Gb Available in Paging File | 79,99% Paging File free
Paging file location(s): C:\pagefile.sys 1524 3048 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 68,02 Gb Total Space | 7,80 Gb Free Space | 11,46% Space Free | Partition Type: NTFS
Drive D: | 81,02 Gb Total Space | 13,88 Gb Free Space | 17,14% Space Free | Partition Type: NTFS
Drive F: | 118,04 Mb Total Space | 105,77 Mb Free Space | 89,60% Space Free | Partition Type: FAT32
Computer Name: LENOVO-GEWI1 | User Name: ****| Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2011.09.05 05:20:24 | 000,581,120 | ---- | M] (OldTimer Tools) -- F:\OTL.exe
PRC - [2011.07.28 13:16:16 | 000,476,480 | ---- | M] (McAfee, Inc.) -- C:\Programme\McAfee\Managed VirusScan\DesktopUI\XTray.exe
PRC - [2011.07.28 13:11:04 | 000,291,064 | ---- | M] (McAfee, Inc.) -- C:\Programme\McAfee\Managed VirusScan\Agent\myAgtSvc.exe
PRC - [2011.07.06 19:52:38 | 000,366,640 | ---- | M] (Malwarebytes Corporation) -- C:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2011.07.06 16:32:20 | 000,136,584 | ---- | M] (LogMeIn, Inc.) -- C:\Programme\LogMeIn\x86\ramaint.exe
PRC - [2011.07.06 16:32:14 | 000,374,152 | ---- | M] (LogMeIn, Inc.) -- C:\Programme\LogMeIn\x86\LMIGuardianSvc.exe
PRC - [2011.05.12 11:48:20 | 000,324,928 | ---- | M] (McAfee, Inc.) -- C:\Programme\McAfee\SiteAdvisor Enterprise\McSACore.exe
PRC - [2011.01.19 11:18:20 | 000,145,936 | ---- | M] (McAfee, Inc.) -- C:\WINDOWS\system32\mfevtps.exe
PRC - [2011.01.12 15:10:58 | 000,155,712 | ---- | M] (McAfee, Inc.) -- C:\Programme\Gemeinsame Dateien\McAfee\SystemCore\mfefire.exe
PRC - [2011.01.12 15:10:08 | 000,033,648 | ---- | M] (McAfee, Inc.) -- C:\Programme\Gemeinsame Dateien\McAfee\SystemCore\mfeann.exe
PRC - [2011.01.12 15:09:44 | 000,159,320 | ---- | M] (McAfee, Inc.) -- C:\Programme\Gemeinsame Dateien\McAfee\SystemCore\mcshield.exe
PRC - [2011.01.11 19:04:04 | 000,390,528 | ---- | M] (LogMeIn, Inc.) -- C:\Programme\LogMeIn\x86\LogMeIn.exe
PRC - [2011.01.11 19:04:04 | 000,063,048 | ---- | M] (LogMeIn, Inc.) -- C:\Programme\LogMeIn\x86\LogMeInSystray.exe
PRC - [2010.01.15 14:49:20 | 000,255,536 | ---- | M] (McAfee, Inc.) -- C:\Programme\McAfee Security Scan\2.0.181\SSScheduler.exe
PRC - [2009.09.03 15:57:04 | 001,877,328 | ---- | M] (EMC) -- C:\Programme\Iomega StorCenter\sohoclient.exe
PRC - [2008.12.11 16:39:42 | 000,255,256 | ---- | M] (EMC Corporation) -- C:\Programme\Retrospect\Retrospect Express HD 2.5\Retrospect.exe
PRC - [2008.12.11 16:39:40 | 009,499,928 | ---- | M] (EMC Corporation) -- C:\Programme\Retrospect\Retrospect Express HD 2.5\RetroExpress.exe
PRC - [2008.12.11 16:39:40 | 000,120,088 | ---- | M] (EMC Corporation) -- C:\Programme\Retrospect\Retrospect Express HD 2.5\retrorun.exe
PRC - [2008.10.20 11:36:40 | 000,028,672 | ---- | M] (Lenovo Group Limited) -- c:\Programme\Lenovo\System Update\SUService.exe
PRC - [2008.07.17 13:12:44 | 001,011,712 | ---- | M] () -- C:\Programme\Gemeinsame Dateien\Nokia\MPlatform\NokiaMServer.exe
PRC - [2008.06.10 04:27:04 | 000,144,784 | ---- | M] (Sun Microsystems, Inc.) -- C:\Programme\Java\jre1.6.0_07\bin\jusched.exe
PRC - [2008.03.04 10:34:20 | 000,487,424 | ---- | M] (Lenovo Group Limited) -- C:\Programme\Gemeinsame Dateien\Lenovo\Scheduler\scheduler_proxy.exe
PRC - [2008.03.04 10:34:12 | 001,122,304 | ---- | M] (Lenovo Group Limited) -- C:\Programme\Gemeinsame Dateien\Lenovo\Scheduler\tvtsched.exe
PRC - [2007.09.26 18:34:46 | 000,644,408 | ---- | M] (Lenovo Group Limited) -- C:\Programme\Gemeinsame Dateien\Lenovo\tvt_reg_monitor_svc.exe
PRC - [2007.08.31 19:49:58 | 000,498,872 | ---- | M] () -- C:\Programme\Gemeinsame Dateien\Acronis\Fomatik\TrueImageTryStartService.exe
PRC - [2007.08.31 18:43:32 | 000,907,040 | ---- | M] (Acronis) -- C:\Programme\Acronis\TrueImageHome\TimounterMonitor.exe
PRC - [2007.08.31 18:38:08 | 000,140,568 | ---- | M] (Acronis) -- C:\Programme\Gemeinsame Dateien\Acronis\Schedule2\schedhlp.exe
PRC - [2007.08.31 18:38:04 | 000,427,288 | ---- | M] (Acronis) -- C:\Programme\Gemeinsame Dateien\Acronis\Schedule2\schedul2.exe
PRC - [2007.08.31 18:35:54 | 002,622,232 | ---- | M] (Acronis) -- C:\Programme\Acronis\TrueImageHome\TrueImageMonitor.exe
PRC - [2007.06.13 15:21:45 | 001,036,288 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2006.05.23 22:08:06 | 000,622,700 | ---- | M] (Diskeeper Corporation) -- C:\Programme\Diskeeper Corporation\Diskeeper\DkService.exe
PRC - [2006.05.18 17:24:06 | 000,196,696 | ---- | M] (Diskeeper Corporation) -- C:\Programme\Diskeeper Corporation\Diskeeper\DkIcon.exe
PRC - [2006.05.12 20:41:56 | 000,022,016 | ---- | M] () -- C:\Programme\Gemeinsame Dateien\Lenovo\Logger\logmon.exe
PRC - [2006.05.12 19:08:34 | 000,045,056 | ---- | M] () -- C:\Programme\Lenovo\Rescue and Recovery\ADM\IUService.exe
PRC - [2006.04.18 19:05:00 | 000,073,728 | ---- | M] (Lenovo Group Limited) -- C:\WINDOWS\system32\IPSSVC.EXE
PRC - [2006.04.18 19:05:00 | 000,069,632 | ---- | M] (Lenovo Group Limited) -- C:\Programme\Lenovo\AwayTask\AwaySch.EXE
PRC - [2006.03.13 17:38:56 | 000,041,472 | R--- | M] (Utimaco Safeware AG) -- C:\Programme\Lenovo\SafeGuard PrivateDisk\pdservice.exe
PRC - [2006.02.02 06:20:00 | 000,122,940 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\system32\DLA\DLACTRLW.EXE
PRC - [2005.06.23 20:33:00 | 000,057,344 | ---- | M] (Adobe Systems Incorporated) -- C:\Programme\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe
PRC - [2005.05.27 11:24:52 | 000,146,944 | ---- | M] (shbox.de) -- C:\Programme\FreePDF_XP\fpassist.exe
PRC - [2005.04.13 15:34:28 | 000,049,152 | ---- | M] (Primax Electronics Ltd.) -- C:\WINDOWS\system32\ico.exe
PRC - [2004.07.27 17:50:18 | 000,081,920 | ---- | M] (InstallShield Software Corporation) -- C:\Programme\Gemeinsame Dateien\InstallShield\UpdateService\issch.exe
PRC - [2003.11.06 16:51:32 | 000,020,480 | ---- | M] () -- C:\WINDOWS\system32\FSRremoS.EXE
========== Modules (No Company Name) ==========
MOD - [2010.06.11 18:11:24 | 000,212,992 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\5adb0f89d469632511aed9d88cfe05c4\System.ServiceProcess.ni.dll
MOD - [2010.06.11 18:11:03 | 000,971,264 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Configuration\631b3eba1ba5bd3c3f027f34011cadeb\System.Configuration.ni.dll
MOD - [2010.06.10 20:49:00 | 005,450,752 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Xml\563a54b98adb70fae862974042298348\System.Xml.ni.dll
MOD - [2010.06.10 20:48:53 | 012,430,848 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\2dfe045e4b1577fdea9a2f456db0afc2\System.Windows.Forms.ni.dll
MOD - [2010.06.10 20:48:36 | 001,587,200 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Drawing\f3440ea00eb3c40dc073b2fe03843638\System.Drawing.ni.dll
MOD - [2010.06.10 20:46:54 | 007,949,824 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\37217abe2c5164e59aba251860f4c79e\System.ni.dll
MOD - [2009.10.16 10:58:07 | 011,486,720 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\7124a40b9998f7b63c86bd1a2125ce26\mscorlib.ni.dll
MOD - [2009.09.03 15:57:05 | 006,463,488 | ---- | M] () -- C:\Programme\Iomega StorCenter\wxmsw28u_vc_custom.dll
MOD - [2009.07.09 12:10:00 | 004,988,928 | R--- | M] () -- C:\Programme\Retrospect\Retrospect Express HD 2.5\de\RetroExpress.resources.dll
MOD - [2008.07.17 13:12:44 | 001,900,544 | ---- | M] () -- C:\Programme\Gemeinsame Dateien\Nokia\MPlatform\MItemPlugins.dll
MOD - [2008.07.17 13:12:44 | 001,011,712 | ---- | M] () -- C:\Programme\Gemeinsame Dateien\Nokia\MPlatform\NokiaMServer.exe
MOD - [2008.02.12 15:37:37 | 000,311,296 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll
MOD - [2008.02.12 15:37:37 | 000,040,960 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.ServiceProcess.resources\2.0.0.0_de_b03f5f7f11d50a3a\System.ServiceProcess.resources.dll
MOD - [2007.08.31 19:49:58 | 000,498,872 | ---- | M] () -- C:\Programme\Gemeinsame Dateien\Acronis\Fomatik\TrueImageTryStartService.exe
MOD - [2007.08.31 17:13:50 | 001,336,600 | ---- | M] () -- C:\Programme\Acronis\TrueImageHome\fox.dll
MOD - [2006.05.12 20:41:56 | 000,022,016 | ---- | M] () -- C:\Programme\Gemeinsame Dateien\Lenovo\Logger\logmon.exe
MOD - [2006.05.12 20:41:26 | 000,139,264 | ---- | M] () -- C:\Programme\Lenovo\Rescue and Recovery\CDRecord.dll
MOD - [2006.05.12 19:08:34 | 000,045,056 | ---- | M] () -- C:\Programme\Lenovo\Rescue and Recovery\ADM\IUService.exe
MOD - [2006.03.22 18:10:00 | 000,057,344 | ---- | M] () -- C:\Programme\ThinkVantage\PrdCtr\GR\LPRESMGR.DLL
MOD - [2005.10.20 11:36:08 | 000,077,824 | R--- | M] () -- C:\Programme\HP\Digital Imaging\bin\crm\xmltok.dll
MOD - [2005.10.20 11:36:08 | 000,065,536 | R--- | M] () -- C:\Programme\HP\Digital Imaging\bin\crm\xmlparse.dll
MOD - [2005.01.06 18:33:30 | 000,116,224 | ---- | M] () -- C:\WINDOWS\system32\redmonnt.dll
MOD - [2003.11.06 16:51:32 | 000,020,480 | ---- | M] () -- C:\WINDOWS\system32\FSRremoS.EXE
MOD - [2003.02.25 20:19:56 | 000,094,274 | ---- | M] () -- C:\WINDOWS\system32\HPBHEALR.DLL
========== Win32 Services (SafeList) ==========
SRV - File not found [On_Demand | Stopped] -- -- (PsaSrv)
SRV - [2011.07.28 13:11:04 | 000,291,064 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Programme\McAfee\Managed VirusScan\Agent\myAgtSvc.exe -- (RumorServer)
SRV - [2011.07.28 13:11:04 | 000,291,064 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Programme\McAfee\Managed VirusScan\Agent\myAgtSvc.exe -- (myAgtSvc)
SRV - [2011.07.06 19:52:38 | 000,366,640 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2011.07.06 16:32:20 | 000,136,584 | ---- | M] (LogMeIn, Inc.) [Auto | Running] -- C:\Programme\LogMeIn\x86\RaMaint.exe -- (LMIMaint)
SRV - [2011.07.06 16:32:14 | 000,374,152 | ---- | M] (LogMeIn, Inc.) [Auto | Running] -- C:\Programme\LogMeIn\x86\LMIGuardianSvc.exe -- (LMIGuardianSvc)
SRV - [2011.05.12 11:48:20 | 000,324,928 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Programme\McAfee\SiteAdvisor Enterprise\McSACore.exe -- (McAfee SiteAdvisor Enterprise Service)
SRV - [2011.01.19 11:18:20 | 000,145,936 | ---- | M] (McAfee, Inc.) [Unknown | Running] -- C:\WINDOWS\system32\mfevtps.exe -- (mfevtp)
SRV - [2011.01.12 15:10:58 | 000,155,712 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Programme\Gemeinsame Dateien\McAfee\SystemCore\mfefire.exe -- (mfefire)
SRV - [2011.01.12 15:09:44 | 000,159,320 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Programme\Gemeinsame Dateien\McAfee\SystemCore\mcshield.exe -- (McShield)
SRV - [2011.01.11 19:04:04 | 000,390,528 | ---- | M] (LogMeIn, Inc.) [Auto | Running] -- C:\Programme\LogMeIn\x86\LogMeIn.exe -- (LogMeIn)
SRV - [2010.01.15 14:49:20 | 000,227,232 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Programme\McAfee Security Scan\2.0.181\McCHSvc.exe -- (McComponentHostService)
SRV - [2008.12.11 16:39:40 | 000,120,088 | ---- | M] (EMC Corporation) [Auto | Running] -- C:\Programme\Retrospect\Retrospect Express HD 2.5\retrorun.exe -- (RetroExpLauncher)
SRV - [2008.10.20 11:36:40 | 000,028,672 | ---- | M] (Lenovo Group Limited) [Auto | Running] -- c:\Programme\Lenovo\System Update\SUService.exe -- (SUService)
SRV - [2008.07.09 16:03:48 | 000,102,400 | ---- | M] (PacketVideo) [Auto | Stopped] -- C:\Programme\Nokia\Nokia Home Media Server\Media Server\TwonkyMedia.exe -- (TwonkyMedia)
SRV - [2008.05.30 13:32:16 | 000,572,416 | ---- | M] (Nokia.) [On_Demand | Stopped] -- C:\Programme\Nokia\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2008.03.04 10:34:12 | 001,122,304 | ---- | M] (Lenovo Group Limited) [Auto | Running] -- C:\Programme\Gemeinsame Dateien\Lenovo\Scheduler\tvtsched.exe -- (TVT Scheduler)
SRV - [2007.09.26 18:34:46 | 000,644,408 | ---- | M] (Lenovo Group Limited) [Auto | Running] -- C:\Programme\Gemeinsame Dateien\Lenovo\tvt_reg_monitor_svc.exe -- (ThinkVantage Registry Monitor Service)
SRV - [2007.08.31 19:49:58 | 000,498,872 | ---- | M] () [Auto | Running] -- C:\Programme\Gemeinsame Dateien\Acronis\Fomatik\TrueImageTryStartService.exe -- (TryAndDecideService)
SRV - [2007.08.31 18:38:04 | 000,427,288 | ---- | M] (Acronis) [Auto | Running] -- C:\Programme\Gemeinsame Dateien\Acronis\Schedule2\schedul2.exe -- (AcrSch2Svc)
SRV - [2006.10.26 15:03:08 | 000,145,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE -- (ose)
SRV - [2006.05.23 22:08:06 | 000,622,700 | ---- | M] (Diskeeper Corporation) [Auto | Running] -- C:\Programme\Diskeeper Corporation\Diskeeper\DkService.exe -- (Diskeeper)
SRV - [2006.05.12 19:08:34 | 000,045,056 | ---- | M] () [Auto | Running] -- C:\Programme\Lenovo\Rescue and Recovery\ADM\IUService.exe -- (tvtnetwk)
SRV - [2006.04.18 19:05:00 | 000,073,728 | ---- | M] (Lenovo Group Limited) [Auto | Running] -- C:\WINDOWS\system32\IPSSVC.EXE -- (IPSSVC)
SRV - [2005.11.14 02:06:04 | 000,069,632 | ---- | M] (Macrovision Corporation) [On_Demand | Stopped] -- C:\Programme\Gemeinsame Dateien\InstallShield\Driver\1150\Intel 32\IDriverT.exe -- (IDriverT)
========== Driver Services (SafeList) ==========
DRV - [2011.07.06 19:52:42 | 000,041,272 | ---- | M] (Malwarebytes Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mbamswissarmy.sys -- (MBAMSwissArmy)
DRV - [2011.07.06 19:52:42 | 000,022,712 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2011.07.06 16:32:50 | 000,083,360 | ---- | M] (LogMeIn, Inc.) [File_System | Disabled | Stopped] -- C:\WINDOWS\System32\LMIRfsClientNP.dll -- (LMIRfsClientNP)
DRV - [2011.01.19 11:18:20 | 000,436,728 | ---- | M] (McAfee, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\mfehidk.sys -- (mfehidk)
DRV - [2011.01.19 11:18:20 | 000,331,016 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mfefirek.sys -- (mfefirek)
DRV - [2011.01.19 11:18:20 | 000,171,296 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mfeavfk.sys -- (MfeAVFK)
DRV - [2011.01.19 11:18:20 | 000,116,104 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mfeapfk.sys -- (mfeapfk)
DRV - [2011.01.19 11:18:20 | 000,088,544 | ---- | M] (McAfee, Inc.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\mfetdi2k.sys -- (mfetdi2k)
DRV - [2011.01.19 11:18:20 | 000,085,152 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mferkdet.sys -- (mferkdet)
DRV - [2011.01.19 11:18:20 | 000,082,888 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mfendisk.sys -- (mfendiskmp)
DRV - [2011.01.19 11:18:20 | 000,082,888 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mfendisk.sys -- (mfendisk)
DRV - [2011.01.19 11:18:20 | 000,058,456 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mfebopk.sys -- (MfeBOPK)
DRV - [2011.01.11 19:04:04 | 000,047,640 | ---- | M] (LogMeIn, Inc.) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\LMIRfsDriver.sys -- (LMIRfsDriver)
DRV - [2011.01.11 19:04:04 | 000,012,856 | ---- | M] (LogMeIn, Inc.) [Kernel | Auto | Running] -- C:\Programme\LogMeIn\x86\rainfo.sys -- (LMIInfo)
DRV - [2009.12.15 15:29:52 | 000,055,304 | ---- | M] (McAfee, Inc.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\mfetdik.sys -- (mfetdik)
DRV - [2009.12.15 15:29:42 | 000,034,248 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mferkdk.sys -- (MfeRKDK)
DRV - [2008.06.06 10:24:44 | 000,008,064 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbser_lowerflt.sys -- (upperdev)
DRV - [2008.05.07 08:38:36 | 000,008,064 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbser_lowerfltj.sys -- (UsbserFilt)
DRV - [2008.05.07 08:38:20 | 000,020,864 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ccdcmbo.sys -- (nmwcdc)
DRV - [2008.05.07 08:38:20 | 000,017,536 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ccdcmb.sys -- (nmwcd)
DRV - [2008.04.13 14:32:56 | 000,441,760 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\timntr.sys -- (timounter)
DRV - [2008.04.13 14:32:56 | 000,044,416 | ---- | M] (Acronis) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\tifsfilt.sys -- (tifsfilter)
DRV - [2008.04.13 14:32:54 | 000,129,248 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\snapman.sys -- (snapman)
DRV - [2008.04.13 14:32:48 | 000,368,736 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\tdrpman.sys -- (tdrpman)
DRV - [2007.09.17 16:53:26 | 000,021,632 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2007.02.19 07:56:46 | 000,021,376 | ---- | M] (Lenovo (United States) Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\psadd.sys -- (psadd)
DRV - [2006.08.28 10:10:06 | 000,158,208 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\b57xp32.sys -- (b57w2k)
DRV - [2006.04.18 19:05:00 | 000,005,120 | ---- | M] (Lenovo Group Limited) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\PROCDD.SYS -- (PROCDD)
DRV - [2006.03.17 11:18:58 | 000,392,960 | ---- | M] (Sensaura) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\senfilt.sys -- (SenFiltService)
DRV - [2006.03.13 17:05:54 | 000,058,368 | R--- | M] (Utimaco Safeware AG) [Kernel | Auto | Running] -- C:\Programme\Lenovo\SafeGuard PrivateDisk\privatediskm.sys -- (PrivateDisk)
DRV - [2006.02.02 06:20:00 | 000,094,332 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLAUDFAM.SYS -- (DLAUDFAM)
DRV - [2006.02.02 06:20:00 | 000,087,036 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLAUDF_M.SYS -- (DLAUDF_M)
DRV - [2006.02.02 06:20:00 | 000,086,652 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLAIFS_M.SYS -- (DLAIFS_M)
DRV - [2006.02.02 06:20:00 | 000,025,628 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLABOIOM.SYS -- (DLABOIOM)
DRV - [2006.02.02 06:20:00 | 000,014,684 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLAOPIOM.SYS -- (DLAOPIOM)
DRV - [2006.02.02 06:20:00 | 000,006,364 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLAPoolM.SYS -- (DLAPoolM)
DRV - [2006.02.02 06:20:00 | 000,002,496 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLADResN.SYS -- (DLADResN)
DRV - [2005.11.18 13:02:50 | 000,005,660 | ---- | M] (Sonic Solutions) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\DLACDBHM.SYS -- (DLACDBHM)
DRV - [2005.11.18 13:02:10 | 000,022,684 | ---- | M] (Sonic Solutions) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\DLARTL_N.SYS -- (DLARTL_N)
DRV - [2005.01.07 18:07:16 | 000,145,920 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Hdaudio.sys -- (HdAudAddService)
DRV - [2003.02.11 14:25:14 | 000,009,216 | ---- | M] (Primax Electronics Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\PELUSBLF.SYS -- (pelusblf)
DRV - [2003.01.10 14:55:32 | 000,016,384 | ---- | M] (Primax Electronics Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\PELMOUSE.SYS -- (pelmouse)
DRV - [2001.08.18 05:33:12 | 000,322,432 | ---- | M] (Matrox Graphics Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\G400m.sys -- (G400)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = hxxp://g.msn.de/0SEDEDE/SAOS01?FORM=TOOLBR
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = hxxp://g.msn.de/0SEDEDE/SAOS01?FORM=TOOLBR
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = [Binary data over 100 bytes]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.gewi-schiesssport.de/
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Programme\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa2,version=2.0.0: C:\Programme\Picasa2\npPicasa2.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Programme\Picasa2\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pack.google.com/Google Updater;version=13: C:\Programme\Google\Google Updater\2.4.1536.6592\npCIDetect13.dll (Google)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Programme\Google\Update\1.3.21.65\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Programme\Google\Update\1.3.21.65\npGoogleUpdate3.dll (Google Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{B7082FAA-CB62-4872-9106-E42DD88EDE45}: C:\Programme\McAfee\SiteAdvisor Enterprise\ [2011.08.24 09:19:35 | 000,000,000 | ---D | M]
O1 HOSTS File: ([2004.08.04 14:00:00 | 000,000,820 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre1.6.0_07\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Programme\Gemeinsame Dateien\McAfee\SystemCore\ScriptSn.20110216175659.dll (McAfee, Inc.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programme\Google\GoogleToolbarNotifier\5.7.6406.1642\swg.dll (Google Inc.)
O2 - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - C:\Programme\McAfee\SiteAdvisor Enterprise\McIEPlg.dll (McAfee, Inc.)
O2 - BHO: (Windows Live Toolbar Helper) - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Programme\Windows Live Toolbar\msntb.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - C:\Programme\McAfee\SiteAdvisor Enterprise\McIEPlg.dll (McAfee, Inc.)
O3 - HKLM\..\Toolbar: (Windows Live Toolbar) - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Programme\Windows Live Toolbar\msntb.dll (Microsoft Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (Windows Live Toolbar) - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Programme\Windows Live Toolbar\msntb.dll (Microsoft Corporation)
O4 - HKLM..\Run: [Acronis Scheduler2 Service] C:\Programme\Gemeinsame Dateien\Acronis\Schedule2\schedhlp.exe (Acronis)
O4 - HKLM..\Run: [AcronisTimounterMonitor] C:\Programme\Acronis\TrueImageHome\TimounterMonitor.exe (Acronis)
O4 - HKLM..\Run: [Adobe Photo Downloader] C:\Programme\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AUTOSTARTEXECUTE] File not found
O4 - HKLM..\Run: [AwaySch] C:\Programme\Lenovo\AwayTask\AwaySch.EXE (Lenovo Group Limited)
O4 - HKLM..\Run: [DiskeeperSystray] C:\Programme\Diskeeper Corporation\Diskeeper\DkIcon.exe (Diskeeper Corporation)
O4 - HKLM..\Run: [DLA] C:\WINDOWS\system32\DLA\DLACTRLW.EXE (Sonic Solutions)
O4 - HKLM..\Run: [FreePDF Assistant] C:\Programme\FreePDF_XP\fpassist.exe (shbox.de)
O4 - HKLM..\Run: [ISUSPM Startup] C:\Programme\Gemeinsame Dateien\InstallShield\UpdateService\ISUSPM.exe (InstallShield Software Corporation)
O4 - HKLM..\Run: [ISUSScheduler] C:\Programme\Gemeinsame Dateien\InstallShield\UpdateService\issch.exe (InstallShield Software Corporation)
O4 - HKLM..\Run: [LogMeIn GUI] C:\Programme\LogMeIn\x86\LogMeInSystray.exe (LogMeIn, Inc.)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Programme\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [McAfee Managed Services Tray] File not found
O4 - HKLM..\Run: [Mouse Suite 98 Daemon] C:\WINDOWS\System32\ico.exe (Primax Electronics Ltd.)
O4 - HKLM..\Run: [MVS Splash] C:\Programme\McAfee\Managed VirusScan\DesktopUI\XTray.exe (McAfee, Inc.)
O4 - HKLM..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe (Ahead Software Gmbh)
O4 - HKLM..\Run: [NokiaMServer] C:\Programme\Gemeinsame Dateien\Nokia\MPlatform\NokiaMServer.exe ()
O4 - HKLM..\Run: [PDService.exe] C:\Programme\Lenovo\SafeGuard PrivateDisk\pdservice.exe (Utimaco Safeware AG)
O4 - HKLM..\Run: [RetroExpress] C:\Programme\Retrospect\Retrospect Express HD 2.5\RetroExpress.exe (EMC Corporation)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Programme\Java\jre1.6.0_07\bin\jusched.exe (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [TrueImageMonitor.exe] C:\Programme\Acronis\TrueImageHome\TrueImageMonitor.exe (Acronis)
O4 - HKLM..\Run: [TVT Scheduler Proxy] C:\Programme\Gemeinsame Dateien\Lenovo\Scheduler\scheduler_proxy.exe (Lenovo Group Limited)
O4 - HKLM..\Run: [UserFaultCheck] File not found
O4 - HKLM..\Run: [Verknüpfung mit der High Definition Audio-Eigenschaftenseite] C:\WINDOWS\System32\HdAShCut.exe (Windows (R) Server 2003 DDK provider)
O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\Iomega StorCenter.lnk = C:\Programme\Iomega StorCenter\sohoclient.exe (EMC)
O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\McAfee Security Scan Plus.lnk = C:\Programme\McAfee Security Scan\2.0.181\SSScheduler.exe (McAfee, Inc.)
O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\Microsoft Office.lnk = C:\Programme\Microsoft Office\Office\OSA9.EXE (Microsoft Corporation)
O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\Nokia Ovi Suite.lnk = C:\Programme\Nokia\Ovi\Suite\RunLauncher.exe (Nokia)
O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\VR-NetWorld Auftragsprüfung.lnk = File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableCAD = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: &Windows Live Search - C:\Programme\Windows Live Toolbar\msntb.dll (Microsoft Corporation)
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\WINDOWS\System32\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: Google Sidewiki... - C:\Programme\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll (Google Inc.)
O9 - Extra 'Tools' menuitem : ThinkVantage Password Manager... - {0045D4BC-5189-4b67-969C-83BB1906C421} - C:\Programme\Lenovo\Client Security Solution\tvtpwm_ie_com.dll (Lenovo Group Limited)
O9 - Extra 'Tools' menuitem : Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.6.0_07\bin\npjpi160_07.dll (Sun Microsystems, Inc.)
O15 - HKLM\..Trusted Domains: //about.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //Exclude.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //FWEvent.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //LanguageSelection.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //Message.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //MyAgttryCmd.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //MyAgttryNag.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //MyNotification.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //NOCLessUpdate.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //quarantine.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //ScanNow.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //strings.vbs/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //Template.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //Update.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //VirFound.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: mcafee.com ([*] http in Trusted sites)
O15 - HKLM\..Trusted Domains: mcafee.com ([*] https in Trusted sites)
O15 - HKLM\..Trusted Domains: mcafeeasap.com ([betavscan] http in Trusted sites)
O15 - HKLM\..Trusted Domains: mcafeeasap.com ([betavscan] https in Trusted sites)
O15 - HKLM\..Trusted Domains: mcafeeasap.com ([vs] http in Trusted sites)
O15 - HKLM\..Trusted Domains: mcafeeasap.com ([vs] https in Trusted sites)
O15 - HKLM\..Trusted Domains: mcafeeasap.com ([www] http in Trusted sites)
O15 - HKLM\..Trusted Domains: mcafeeasap.com ([www] https in Trusted sites)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab (Java Plug-in 1.5.0_06)
O16 - DPF: {CAFEEFAC-0015-0000-0007-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_07-windows-i586.cab (Java Plug-in 1.5.0_07)
O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab (Java Plug-in 1.6.0_05)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{E4B7129B-034A-4FE5-ACA9-630481015E7F}: NameServer = 192.168.0.254
O18 - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - C:\Programme\McAfee\SiteAdvisor Enterprise\McIEPlg.dll (McAfee, Inc.)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Web Components\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Handler\myrm {4D034FC3-013F-4b95-B544-44D49ABE3E76} - C:\Programme\McAfee\Managed VirusScan\Agent\MyRmProt5.0.0.811.dll (McAfee, Inc.)
O18 - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - C:\Programme\McAfee\SiteAdvisor Enterprise\McIEPlg.dll (McAfee, Inc.)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AwayNotify: DllName - C:\Programme\Lenovo\AwayTask\AwayNotify.dll - C:\Programme\Lenovo\AwayTask\AwayNotify.dll (Lenovo Group Limited)
O20 - Winlogon\Notify\dimsntfy: DllName - Reg Error: Value error. - Reg Error: Value error. File not found
O20 - Winlogon\Notify\LMIinit: DllName - LMIinit.dll - C:\WINDOWS\System32\LMIinit.dll (LogMeIn, Inc.)
O20 - Winlogon\Notify\NavLogon: DllName - Reg Error: Value error. - Reg Error: Value error. File not found
O24 - Desktop Components:0 (Die derzeitige Homepage) - About:Home
O30 - LSA: Authentication Packages - (relog_ap) - C:\WINDOWS\System32\relog_ap.dll (Acronis)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.01.27 04:18:40 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{0ed1ff72-04ca-11dd-a28f-001a4ddf12ec}\Shell - "" = AutoRun
O33 - MountPoints2\{0ed1ff72-04ca-11dd-a28f-001a4ddf12ec}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{0ed1ff72-04ca-11dd-a28f-001a4ddf12ec}\Shell\AutoRun\command - "" = J:\LaunchU3.exe -a
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 30 Days ==========
[2011.09.05 14:58:43 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\G. Winter\Anwendungsdaten\Malwarebytes
[2011.09.05 14:58:31 | 000,041,272 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2011.09.05 14:58:31 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Malwarebytes' Anti-Malware
[2011.09.05 14:58:29 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Malwarebytes
[2011.09.05 14:58:26 | 000,022,712 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2011.09.05 14:58:25 | 000,000,000 | ---D | C] -- C:\Programme\Malwarebytes' Anti-Malware
[2011.09.03 11:55:03 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\G. Winter\Lokale Einstellungen\Anwendungsdaten\LogMeIn
[2011.09.03 11:54:51 | 000,083,360 | ---- | C] (LogMeIn, Inc.) -- C:\WINDOWS\System32\LMIRfsClientNP.dll
[2011.09.03 11:54:51 | 000,029,568 | ---- | C] (LogMeIn, Inc.) -- C:\WINDOWS\System32\LMIport.dll
[2011.09.03 11:54:50 | 000,087,424 | ---- | C] (LogMeIn, Inc.) -- C:\WINDOWS\System32\LMIinit.dll
[2011.09.03 11:54:50 | 000,047,640 | ---- | C] (LogMeIn, Inc.) -- C:\WINDOWS\System32\drivers\LMIRfsDriver.sys
[2011.09.03 11:54:44 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\LogMeIn
[2011.09.03 11:54:27 | 000,000,000 | ---D | C] -- C:\Programme\LogMeIn
[2011.09.03 11:53:16 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\G. Winter\Lokale Einstellungen\Anwendungsdaten\Deployment
[2011.09.03 11:51:29 | 000,000,000 | -HSD | C] -- C:\Dokumente und Einstellungen\G. Winter\IECompatCache
[2011.09.03 11:49:07 | 000,000,000 | -HSD | C] -- C:\Dokumente und Einstellungen\G. Winter\PrivacIE
[2011.09.02 18:57:57 | 000,000,000 | ---D | C] -- D:\Dokumente und Einstellungen\G. Winter\Eigene Dateien\Outlook
[2011.09.02 02:58:00 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2011.09.01 16:48:10 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhid.sys
[2011.09.01 16:47:54 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hidserv.dll
[2011.08.31 17:00:21 | 000,000,000 | ---D | C] -- C:\WINDOWS\CSC
[2011.08.31 15:31:53 | 000,000,000 | -HSD | C] -- C:\Dokumente und Einstellungen\G. Winter\IETldCache
[2008.07.08 15:30:34 | 000,047,360 | ---- | C] (VSO Software) -- C:\Dokumente und Einstellungen\G. Winter\Anwendungsdaten\pcouffin.sys
[2 C:\*.tmp files -> C:\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2011.09.05 17:16:48 | 000,002,278 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011.09.05 17:16:48 | 000,001,086 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2011.09.05 17:13:28 | 000,001,044 | ---- | M] () -- C:\WINDOWS\tasks\Google Software Updater.job
[2011.09.05 17:13:09 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011.09.05 16:40:00 | 000,000,254 | ---- | M] () -- C:\WINDOWS\tasks\Auf Updates für Windows Live Toolbar prüfen.job
[2011.09.05 16:32:00 | 000,001,090 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2011.09.05 15:02:23 | 000,539,242 | ---- | M] () -- C:\WINDOWS\System32\perfh007.dat
[2011.09.05 15:02:23 | 000,506,282 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2011.09.05 15:02:23 | 000,118,810 | ---- | M] () -- C:\WINDOWS\System32\perfc007.dat
[2011.09.05 15:02:23 | 000,096,886 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2011.09.05 14:49:05 | 000,000,390 | ---- | M] () -- C:\Dokumente und Einstellungen\G. Winter\Desktop\Verknüpfung mit Desktop verknüpfungen.lnk
[2011.09.03 11:54:47 | 000,001,024 | ---- | M] () -- C:\.rnd
[2011.09.03 11:51:12 | 008,175,616 | ---- | M] () -- D:\Dokumente und Einstellungen\G. Winter\Eigene Dateien\outlook.pst
[2011.09.03 11:38:39 | 000,000,048 | ---- | M] () -- C:\WINDOWS\System32\PROCDB.INI
[2 C:\*.tmp files -> C:\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
========== Files Created - No Company Name ==========
[2011.09.05 14:49:05 | 000,000,390 | ---- | C] () -- C:\Dokumente und Einstellungen\G. Winter\Desktop\Verknüpfung mit Desktop verknüpfungen.lnk
[2011.09.03 11:54:46 | 000,001,024 | ---- | C] () -- C:\.rnd
[2011.09.03 11:49:41 | 008,175,616 | ---- | C] () -- D:\Dokumente und Einstellungen\G. Winter\Eigene Dateien\outlook.pst
[2011.03.28 00:58:27 | 000,178,088 | ---- | C] () -- C:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\Anwendungsdaten\FontCache3.0.0.0.dat
[2008.11.02 19:11:43 | 000,015,873 | ---- | C] () -- C:\WINDOWS\System32\Inetde.dll
[2008.09.10 21:21:37 | 000,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2008.08.28 09:14:48 | 000,001,788 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin
[2008.07.22 19:56:17 | 000,000,118 | ---- | C] () -- C:\WINDOWS\System32\MRT.INI
[2008.07.11 09:09:52 | 000,116,224 | ---- | C] () -- C:\WINDOWS\System32\redmonnt.dll
[2008.07.11 09:09:52 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\unredmon.exe
[2008.07.08 15:30:34 | 000,087,608 | ---- | C] () -- C:\Dokumente und Einstellungen\G. Winter\Anwendungsdaten\inst.exe
[2008.07.08 15:30:34 | 000,007,887 | ---- | C] () -- C:\Dokumente und Einstellungen\G. Winter\Anwendungsdaten\pcouffin.cat
[2008.07.08 15:30:34 | 000,001,144 | ---- | C] () -- C:\Dokumente und Einstellungen\G. Winter\Anwendungsdaten\pcouffin.inf
[2008.05.29 10:19:13 | 000,000,769 | ---- | C] () -- C:\WINDOWS\I_VIEW32.INI
[2008.04.20 14:51:29 | 000,009,216 | ---- | C] () -- C:\WINDOWS\System32\skypdfmonpro.dll
[2008.04.20 14:51:29 | 000,007,168 | ---- | C] () -- C:\WINDOWS\System32\skypdfmonuipro.dll
[2008.04.13 16:01:35 | 000,000,021 | ---- | C] () -- C:\WINDOWS\KurusDeinstall.INI
[2008.04.13 15:24:02 | 000,000,021 | ---- | C] () -- C:\WINDOWS\DvInesKurusOleServer002.INI
[2008.04.13 15:16:43 | 000,000,102 | ---- | C] () -- C:\WINDOWS\dvinesinstalllocation001.INI
[2008.04.13 15:16:35 | 000,000,102 | ---- | C] () -- C:\WINDOWS\dvinesinstart001.INI
[2008.04.13 15:16:13 | 000,000,507 | ---- | C] () -- C:\WINDOWS\System32\LENOVO-GEWI1.jrf.init
[2008.04.13 15:11:49 | 000,000,021 | ---- | C] () -- C:\WINDOWS\Startup.INI
[2008.03.09 23:50:46 | 000,000,097 | ---- | C] () -- C:\WINDOWS\MANUALS.INI
[2008.03.09 22:11:16 | 000,373,248 | ---- | C] () -- C:\WINDOWS\EyeCand3.INI
[2008.03.09 21:19:13 | 000,131,517 | ---- | C] () -- C:\WINDOWS\hpoins11.dat.temp
[2008.03.09 21:19:13 | 000,011,634 | ---- | C] () -- C:\WINDOWS\hpomdl11.dat.temp
[2008.03.09 21:11:59 | 000,077,824 | R--- | C] () -- C:\WINDOWS\System32\HPZIDS01.dll
[2008.03.09 21:05:58 | 000,130,939 | ---- | C] () -- C:\WINDOWS\hpoins11.dat
[2008.03.08 22:05:24 | 000,000,312 | ---- | C] () -- C:\WINDOWS\hpbvspst.ini
[2008.03.08 22:05:23 | 000,001,037 | ---- | C] () -- C:\WINDOWS\hpbvnstp.ini
[2008.03.08 22:05:03 | 000,196,608 | R--- | C] () -- C:\WINDOWS\System32\hpbvnstp.dll
[2008.03.08 22:05:03 | 000,000,254 | R--- | C] () -- C:\WINDOWS\System32\hpbvnstp.dat
[2008.03.08 21:35:55 | 000,001,523 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2008.03.07 18:08:35 | 000,000,142 | ---- | C] () -- C:\Dokumente und Einstellungen\G. Winter\Lokale Einstellungen\Anwendungsdaten\fusioncache.dat
[2008.02.12 23:32:19 | 000,447,120 | ---- | C] () -- C:\WINDOWS\System32\igmedkrn.dll
[2008.02.12 23:32:19 | 000,200,704 | ---- | C] () -- C:\WINDOWS\System32\igfxCoIn_v4704.dll
[2008.02.12 16:10:58 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2008.02.12 15:55:30 | 000,032,256 | ---- | C] () -- C:\WINDOWS\System32\drivers\psasrv.exe
[2008.02.12 15:51:09 | 000,000,040 | ---- | C] () -- C:\WINDOWS\System32\profile.dat
[2008.02.12 15:48:58 | 000,028,848 | ---- | C] () -- C:\WINDOWS\System32\drivers\USBkey.sys
[2008.02.12 15:48:30 | 000,000,156 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2008.02.12 15:46:56 | 000,204,800 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeW7.dll
[2008.02.12 15:46:56 | 000,200,704 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeA6.dll
[2008.02.12 15:46:56 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeP6.dll
[2008.02.12 15:46:56 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeM6.dll
[2008.02.12 15:46:56 | 000,188,416 | ---- | C] () -- C:\WINDOWS\System32\IVIresizePX.dll
[2008.02.12 15:46:56 | 000,020,480 | ---- | C] () -- C:\WINDOWS\System32\IVIresize.dll
[2008.02.12 15:42:01 | 000,024,576 | ---- | C] () -- C:\WINDOWS\System32\FSRremoC.DLL
[2008.02.12 15:42:01 | 000,020,480 | ---- | C] () -- C:\WINDOWS\System32\FSRremoS.EXE
[2008.02.12 15:42:01 | 000,005,528 | ---- | C] () -- C:\WINDOWS\System32\Setup2k.ini
[2008.02.12 15:42:01 | 000,000,296 | ---- | C] () -- C:\WINDOWS\System32\presetup.ini
[2008.02.12 15:37:40 | 000,000,138 | ---- | C] () -- C:\WINDOWS\System32\Softkbd.exe.config
[2006.06.14 18:26:54 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini
[2006.05.23 14:37:23 | 000,000,048 | ---- | C] () -- C:\WINDOWS\System32\PROCDB.INI
[2006.05.23 14:37:19 | 000,000,487 | ---- | C] () -- C:\WINDOWS\System32\IPSCtrl.INI
[2006.05.06 02:21:26 | 000,011,634 | ---- | C] () -- C:\WINDOWS\hpomdl11.dat
[2006.03.31 11:36:50 | 000,073,728 | ---- | C] () -- C:\WINDOWS\System32\DEVMAN.DLL
[2006.01.27 19:18:01 | 000,000,849 | ---- | C] () -- C:\WINDOWS\orun32.ini
[2006.01.27 19:05:14 | 000,002,963 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI
[2006.01.27 04:25:08 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2006.01.27 04:15:11 | 000,021,740 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2006.01.27 03:01:44 | 000,539,242 | ---- | C] () -- C:\WINDOWS\System32\perfh007.dat
[2006.01.27 03:01:44 | 000,269,480 | ---- | C] () -- C:\WINDOWS\System32\perfi007.dat
[2006.01.27 03:01:44 | 000,118,810 | ---- | C] () -- C:\WINDOWS\System32\perfc007.dat
[2006.01.27 03:01:44 | 000,034,478 | ---- | C] () -- C:\WINDOWS\System32\perfd007.dat
[2006.01.27 03:01:24 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2006.01.27 03:01:21 | 000,506,282 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2006.01.27 03:01:21 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2006.01.27 03:01:21 | 000,096,886 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2006.01.27 03:01:21 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2006.01.27 03:01:19 | 000,004,547 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2006.01.27 03:01:17 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2006.01.27 03:01:15 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2006.01.27 03:01:08 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2006.01.27 03:01:08 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2006.01.27 03:01:02 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2006.01.26 19:09:45 | 000,004,346 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2006.01.26 19:08:46 | 000,304,416 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2005.12.07 13:31:00 | 000,202,752 | R--- | C] () -- C:\WINDOWS\System32\CddbCdda.dll
[2005.07.08 02:06:00 | 000,114,688 | ---- | C] () -- C:\WINDOWS\desktopset.exe
[2003.02.25 20:19:56 | 000,094,274 | ---- | C] () -- C:\WINDOWS\System32\HPBHEALR.DLL
[2001.07.07 04:00:00 | 000,003,254 | ---- | C] () -- C:\WINDOWS\System32\HPTCPMON.INI
[2000.03.30 07:55:36 | 000,115,712 | ---- | C] () -- C:\WINDOWS\System32\vboxp403.dll
[1999.01.22 20:46:58 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\MSRTEDIT.DLL
< End of report > --- --- --- |