EDIT:
Hier deine 2. Anforderung: Code:
OTL logfile created on: 23.05.2012 13:06:30 - Run 1
OTL by OldTimer - Version 3.2.43.1 Folder = C:\Users\pmkurierdienst\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
2,93 Gb Total Physical Memory | 1,81 Gb Available Physical Memory | 61,63% Memory free
6,08 Gb Paging File | 4,90 Gb Available in Paging File | 80,60% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 223,12 Gb Total Space | 121,73 Gb Free Space | 54,56% Space Free | Partition Type: NTFS
Drive F: | 37,24 Gb Total Space | 19,69 Gb Free Space | 52,87% Space Free | Partition Type: FAT32
Computer Name: PMUNTERNEHMEN | User Name: pmkurierdienst | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2012.05.23 12:32:28 | 000,595,968 | ---- | M] (OldTimer Tools) -- C:\Users\pmkurierdienst\Desktop\OTL.exe
PRC - [2012.05.22 23:13:03 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\sched.exe
PRC - [2012.05.22 23:12:53 | 000,080,336 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\avshadow.exe
PRC - [2012.05.22 23:12:51 | 000,348,624 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\avgnt.exe
PRC - [2012.05.22 23:12:51 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\avguard.exe
PRC - [2012.05.22 18:05:21 | 000,204,800 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Users\PMKURI~1\AppData\Local\Temp\RtkBtMnt.exe
PRC - [2012.04.04 15:56:40 | 000,654,408 | ---- | M] (Malwarebytes Corporation) -- C:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2011.01.02 21:29:50 | 000,009,216 | ---- | M] (www.shadowexplorer.com) -- C:\Programme\ShadowExplorer\sesvc.exe
PRC - [2009.04.11 08:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2008.03.18 21:27:12 | 000,013,312 | ---- | M] (Agere Systems) -- C:\Windows\System32\agrsmsvc.exe
PRC - [2008.01.21 04:24:36 | 000,020,480 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\RacAgent.exe
========== Modules (No Company Name) ==========
========== Win32 Services (SafeList) ==========
SRV - [2012.05.22 23:13:03 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Programme\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2012.05.22 23:12:51 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Programme\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2012.04.26 08:50:06 | 000,129,976 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012.04.04 15:56:40 | 000,654,408 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2011.07.20 06:18:24 | 000,440,696 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Common Files\microsoft shared\OFFICE12\ODSERV.EXE -- (odserv)
SRV - [2011.01.02 21:29:50 | 000,009,216 | ---- | M] (www.shadowexplorer.com) [Auto | Running] -- C:\Programme\ShadowExplorer\sesvc.exe -- (sesvc)
SRV - [2008.03.18 21:27:12 | 000,013,312 | ---- | M] (Agere Systems) [Auto | Running] -- C:\Windows\System32\agrsmsvc.exe -- (AgereModemAudio)
SRV - [2008.01.21 04:25:33 | 000,896,512 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Windows Media Player\wmpnetwk.exe -- (WMPNetworkSvc)
SRV - [2008.01.21 04:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2006.10.26 14:03:08 | 000,145,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Common Files\microsoft shared\Source Engine\OSE.EXE -- (ose)
========== Driver Services (SafeList) ==========
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ipinip.sys -- (IpInIp)
DRV - [2012.05.22 23:13:05 | 000,137,928 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\avipbb.sys -- (avipbb)
DRV - [2012.05.22 23:13:05 | 000,083,392 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\System32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2012.04.04 15:56:40 | 000,022,344 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2011.09.16 16:08:07 | 000,036,000 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\avkmgr.sys -- (avkmgr)
DRV - [2010.11.17 10:41:52 | 000,115,712 | ---- | M] (HID Global Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\cxbu0wdm.sys -- (cxbu0wdm)
DRV - [2009.10.08 16:55:33 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2009.06.23 09:53:18 | 001,181,184 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\athr.sys -- (athr)
DRV - [2009.02.23 04:18:06 | 000,195,120 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Apfiltr.sys -- (ApfiltrService)
DRV - [2008.09.22 15:49:36 | 000,112,128 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\IntcHdmi.sys -- (IntcHdmiAddService) Intel(R)
DRV - [2008.09.04 06:12:56 | 000,223,232 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\k57nd60x.sys -- (k57nd60x) Broadcom NetLink (TM)
DRV - [2008.03.01 01:13:38 | 001,202,560 | ---- | M] (Agere Systems) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AGRSM.sys -- (AgereSoftModem)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/
IE - HKLM\..\SearchScopes,DefaultScope = {67A2568C-7A0A-4EED-AECC-B5405DE63B64}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW
IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = {67A2568C-7A0A-4EED-AECC-B5405DE63B64}
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = {67A2568C-7A0A-4EED-AECC-B5405DE63B64}
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-3486583838-2670660624-3414567642-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&s=2&o=vp32&d=0809&m=aspire_5738
IE - HKU\S-1-5-21-3486583838-2670660624-3414567642-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://global.acer.com [binary data]
IE - HKU\S-1-5-21-3486583838-2670660624-3414567642-1000\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKU\S-1-5-21-3486583838-2670660624-3414567642-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://global.acer.com [binary data]
IE - HKU\S-1-5-21-3486583838-2670660624-3414567642-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&s=2&o=vp32&d=0809&m=aspire_5738
IE - HKU\S-1-5-21-3486583838-2670660624-3414567642-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\S-1-5-21-3486583838-2670660624-3414567642-1000\..\URLSearchHook: {00000000-6E41-4FD3-8538-502F5495E5FC} - SOFTWARE\Classes\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC}\InprocServer32 File not found
IE - HKU\S-1-5-21-3486583838-2670660624-3414567642-1000\..\SearchScopes,DefaultScope = {67A2568C-7A0A-4EED-AECC-B5405DE63B64}
IE - HKU\S-1-5-21-3486583838-2670660624-3414567642-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKU\S-1-5-21-3486583838-2670660624-3414567642-1000\..\SearchScopes\{3533B82A-2791-48C7-8EDE-2B60B29D6E42}: "URL" = hxxp://websearch.ask.com/redirect?client=ie&tb=ORJ&o=100000027&src=kw&q={searchTerms}&locale=de_DE&apn_ptnrs=U3&apn_dtid=OSJ000YYDE&apn_uid=40942976-CC80-45BB-80CD-321C20CC6733&apn_sauid=88619F72-1300-4237-8DA3-D1ED4B00BA8B
IE - HKU\S-1-5-21-3486583838-2670660624-3414567642-1000\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW
IE - HKU\S-1-5-21-3486583838-2670660624-3414567642-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-3486583838-2670660624-3414567642-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
========== FireFox ==========
FF - user.js - File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@canon.com/MycameraPlugin: C:\Program Files\Canon\MyCamera Download Plugin\NPCIG.dll (CANON INC.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn2 [2010.04.19 22:08:15 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.04.26 08:50:06 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011.12.23 18:32:33 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn2 [2010.04.19 22:08:15 | 000,000,000 | ---D | M]
[2009.09.06 12:12:58 | 000,000,000 | ---D | M] (No name found) -- C:\Users\pmkurierdienst\AppData\Roaming\mozilla\Extensions
[2012.05.20 20:11:24 | 000,000,000 | ---D | M] (No name found) -- C:\Users\pmkurierdienst\AppData\Roaming\mozilla\Firefox\Profiles\agv5b8fz.default\extensions
[2012.01.08 16:23:03 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
[2012.04.26 08:50:06 | 000,097,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2011.11.10 06:54:13 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2012.02.13 11:10:31 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012.02.13 11:10:31 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2012.02.13 11:10:31 | 000,001,153 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml
[2012.02.13 11:10:31 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml
[2012.02.13 11:10:31 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml
[2012.02.13 11:10:31 | 000,001,105 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml
O1 HOSTS File: ([2012.05.22 19:30:39 | 000,000,734 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O3 - HKU\S-1-5-21-3486583838-2670660624-3414567642-1000\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Low Rights present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O7 - HKU\S-1-5-21-3486583838-2670660624-3414567642-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableTaskMgr = 1
O7 - HKU\S-1-5-21-3486583838-2670660624-3414567642-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: =
O7 - HKU\S-1-5-21-3486583838-2670660624-3414567642-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 1
O7 - HKU\S-1-5-21-3486583838-2670660624-3414567642-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegedit = 1
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - C:\Programme\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30)
O16 - DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{98787560-FC09-48DB-9C59-0271ED674386}: DhcpNameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{C50B5E64-FEB9-43A5-8D7F-A5168348F856}: DhcpNameServer = 192.168.178.1
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - c:\Programme\Common Files\microsoft shared\Information Retrieval\msitss.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\SYSTEM32\Userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\ScCertProp: DllName - (wlnotify.dll) - File not found
O24 - Desktop WallPaper: C:\Windows\Web\Wallpaper\img36.jpg
O24 - Desktop BackupWallPaper: C:\Windows\Web\Wallpaper\img36.jpg
O27 - HKLM IFEO\taskmgr.exe: Debugger - P9KDMF.EXE File not found
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2012.03.31 21:01:14 | 000,000,000 | ---D | M] - F:\Autos 2010 - Kopie -- [ FAT32 ]
O32 - AutoRun File - [2006.12.31 14:41:26 | 000,000,000 | ---D | M] - F:\Autos -- [ FAT32 ]
O32 - AutoRun File - [2012.05.20 20:01:48 | 004,338,401 | ---- | M] () - F:\Autos 001.jpg -- [ FAT32 ]
O32 - AutoRun File - [2012.05.20 20:01:48 | 004,816,096 | ---- | M] () - F:\Autos 002.jpg -- [ FAT32 ]
O32 - AutoRun File - [2012.05.20 20:01:48 | 004,529,091 | ---- | M] () - F:\Autos 003.jpg -- [ FAT32 ]
O32 - AutoRun File - [2012.05.20 20:01:48 | 004,265,245 | ---- | M] () - F:\Autos 004.jpg -- [ FAT32 ]
O32 - AutoRun File - [2012.05.20 20:01:48 | 005,153,861 | ---- | M] () - F:\Autos 005.jpg -- [ FAT32 ]
O32 - AutoRun File - [2012.05.20 20:01:48 | 004,872,301 | ---- | M] () - F:\Autos 006.jpg -- [ FAT32 ]
O32 - AutoRun File - [2012.05.20 20:01:48 | 005,426,093 | ---- | M] () - F:\Autos 007.jpg -- [ FAT32 ]
O32 - AutoRun File - [2012.05.20 20:01:48 | 005,528,343 | ---- | M] () - F:\Autos 008.jpg -- [ FAT32 ]
O32 - AutoRun File - [2012.05.20 20:01:48 | 003,765,474 | ---- | M] () - F:\Autos 009.jpg -- [ FAT32 ]
O32 - AutoRun File - [2012.05.20 20:01:48 | 005,393,754 | ---- | M] () - F:\Autos 010.jpg -- [ FAT32 ]
O32 - AutoRun File - [2012.05.20 20:01:48 | 004,102,407 | ---- | M] () - F:\Autos 015.jpg -- [ FAT32 ]
O32 - AutoRun File - [2012.05.20 20:01:48 | 005,236,070 | ---- | M] () - F:\Autos 019.jpg -- [ FAT32 ]
O32 - AutoRun File - [2012.05.20 20:01:48 | 005,110,779 | ---- | M] () - F:\Autos 027.jpg -- [ FAT32 ]
O32 - AutoRun File - [2012.05.20 20:01:48 | 004,812,011 | ---- | M] () - F:\Autos 028.jpg -- [ FAT32 ]
O32 - AutoRun File - [2012.05.20 20:01:48 | 005,041,549 | ---- | M] () - F:\Autos 029.jpg -- [ FAT32 ]
O32 - AutoRun File - [2012.05.20 20:01:48 | 005,293,491 | ---- | M] () - F:\Autos 030.jpg -- [ FAT32 ]
O32 - AutoRun File - [2012.05.20 20:01:48 | 004,784,916 | ---- | M] () - F:\Autos 031.jpg -- [ FAT32 ]
O32 - AutoRun File - [2012.05.20 20:01:48 | 005,580,293 | ---- | M] () - F:\Autos 032.jpg -- [ FAT32 ]
O32 - AutoRun File - [2012.05.20 20:01:48 | 005,257,244 | ---- | M] () - F:\Autos 033.jpg -- [ FAT32 ]
O32 - AutoRun File - [2012.05.20 20:01:48 | 005,554,716 | ---- | M] () - F:\Autos 034.jpg -- [ FAT32 ]
O32 - AutoRun File - [2012.05.20 20:01:48 | 005,536,782 | ---- | M] () - F:\Autos 035.jpg -- [ FAT32 ]
O32 - AutoRun File - [2012.05.20 20:01:48 | 003,912,909 | ---- | M] () - F:\Autos 036.jpg -- [ FAT32 ]
O32 - AutoRun File - [2012.05.20 20:01:48 | 003,991,196 | ---- | M] () - F:\Autos 037.jpg -- [ FAT32 ]
O32 - AutoRun File - [2012.05.20 20:01:50 | 004,974,732 | ---- | M] () - F:\Autos 038.jpg -- [ FAT32 ]
O32 - AutoRun File - [2012.05.20 20:01:50 | 005,459,807 | ---- | M] () - F:\Autos 039.jpg -- [ FAT32 ]
O32 - AutoRun File - [2012.05.20 20:01:50 | 004,467,279 | ---- | M] () - F:\Autos 040.jpg -- [ FAT32 ]
O32 - AutoRun File - [2012.05.20 20:01:50 | 004,595,802 | ---- | M] () - F:\Autos 041.jpg -- [ FAT32 ]
O32 - AutoRun File - [2012.05.20 20:01:50 | 005,959,535 | ---- | M] () - F:\Autos 042.jpg -- [ FAT32 ]
O32 - AutoRun File - [2012.05.20 20:01:50 | 004,197,122 | ---- | M] () - F:\Autos 043.jpg -- [ FAT32 ]
O32 - AutoRun File - [2012.05.20 20:01:50 | 004,312,908 | ---- | M] () - F:\Autos 044.jpg -- [ FAT32 ]
O32 - AutoRun File - [2012.05.20 20:01:50 | 004,655,612 | ---- | M] () - F:\Autos 045.jpg -- [ FAT32 ]
O32 - AutoRun File - [2012.05.20 20:01:50 | 004,943,304 | ---- | M] () - F:\Autos 046.jpg -- [ FAT32 ]
O32 - AutoRun File - [2012.05.20 20:01:50 | 004,978,881 | ---- | M] () - F:\Autos 047.jpg -- [ FAT32 ]
O32 - AutoRun File - [2012.05.20 20:01:50 | 005,158,723 | ---- | M] () - F:\Autos 048.jpg -- [ FAT32 ]
O32 - AutoRun File - [2012.05.20 20:01:50 | 004,306,676 | ---- | M] () - F:\Autos 049.jpg -- [ FAT32 ]
O32 - AutoRun File - [2012.05.20 20:01:50 | 004,633,373 | ---- | M] () - F:\Autos 050.jpg -- [ FAT32 ]
O32 - AutoRun File - [2012.05.20 20:01:50 | 004,598,885 | ---- | M] () - F:\Autos 051.jpg -- [ FAT32 ]
O32 - AutoRun File - [2012.05.20 20:01:50 | 005,065,205 | ---- | M] () - F:\Autos 052.jpg -- [ FAT32 ]
O32 - AutoRun File - [2012.05.20 20:01:50 | 006,032,962 | ---- | M] () - F:\Autos 053.jpg -- [ FAT32 ]
O32 - AutoRun File - [2012.05.20 20:01:50 | 005,376,078 | ---- | M] () - F:\Autos 054.jpg -- [ FAT32 ]
O32 - AutoRun File - [2012.05.20 20:01:50 | 003,601,549 | ---- | M] () - F:\Autos 055.jpg -- [ FAT32 ]
O32 - AutoRun File - [2012.05.20 20:01:50 | 005,844,928 | ---- | M] () - F:\Autos 056.jpg -- [ FAT32 ]
O32 - AutoRun File - [2012.05.20 20:01:50 | 006,158,680 | ---- | M] () - F:\Autos 057.jpg -- [ FAT32 ]
O32 - AutoRun File - [2012.05.20 20:01:50 | 004,074,457 | ---- | M] () - F:\Autos 058.jpg -- [ FAT32 ]
O32 - AutoRun File - [2012.05.20 20:01:52 | 006,321,030 | ---- | M] () - F:\Autos 059.jpg -- [ FAT32 ]
O32 - AutoRun File - [2012.05.20 20:01:52 | 006,502,032 | ---- | M] () - F:\Autos 060.jpg -- [ FAT32 ]
O32 - AutoRun File - [2012.05.20 20:01:52 | 006,104,518 | ---- | M] () - F:\Autos 061.jpg -- [ FAT32 ]
O32 - AutoRun File - [2012.05.20 20:01:52 | 004,526,218 | ---- | M] () - F:\Autos 062.jpg -- [ FAT32 ]
O32 - AutoRun File - [2012.05.20 20:01:52 | 005,201,013 | ---- | M] () - F:\Autos 063.jpg -- [ FAT32 ]
O32 - AutoRun File - [2012.05.20 20:01:52 | 006,386,035 | ---- | M] () - F:\Autos 064.jpg -- [ FAT32 ]
O32 - AutoRun File - [2012.05.20 20:01:52 | 005,518,926 | ---- | M] () - F:\Autos 065.jpg -- [ FAT32 ]
O32 - AutoRun File - [2012.05.20 20:01:52 | 005,060,839 | ---- | M] () - F:\Autos 066.jpg -- [ FAT32 ]
O32 - AutoRun File - [2012.05.20 20:01:52 | 005,210,577 | ---- | M] () - F:\Autos 067.jpg -- [ FAT32 ]
O32 - AutoRun File - [2012.05.20 20:01:52 | 005,842,028 | ---- | M] () - F:\Autos 068.jpg -- [ FAT32 ]
O32 - AutoRun File - [2012.05.20 20:01:52 | 005,683,485 | ---- | M] () - F:\Autos 069.jpg -- [ FAT32 ]
O32 - AutoRun File - [2012.05.20 20:01:52 | 005,312,641 | ---- | M] () - F:\Autos 070.jpg -- [ FAT32 ]
O32 - AutoRun File - [2012.05.20 20:01:52 | 005,806,967 | ---- | M] () - F:\Autos 071.jpg -- [ FAT32 ]
O32 - AutoRun File - [2012.05.20 20:01:52 | 005,292,781 | ---- | M] () - F:\Autos 072.jpg -- [ FAT32 ]
O32 - AutoRun File - [2012.05.20 20:01:52 | 006,022,935 | ---- | M] () - F:\Autos 073.jpg -- [ FAT32 ]
O32 - AutoRun File - [2012.05.20 20:01:52 | 005,479,740 | ---- | M] () - F:\Autos 074.jpg -- [ FAT32 ]
O32 - AutoRun File - [2012.05.20 20:01:52 | 005,049,654 | ---- | M] () - F:\Autos 082.jpg -- [ FAT32 ]
O32 - AutoRun File - [2012.05.20 20:01:52 | 005,061,500 | ---- | M] () - F:\Autos 084.jpg -- [ FAT32 ]
O32 - AutoRun File - [2012.05.20 20:01:52 | 004,619,585 | ---- | M] () - F:\Autos 085.jpg -- [ FAT32 ]
O32 - AutoRun File - [2012.05.20 20:01:52 | 004,221,920 | ---- | M] () - F:\Autos 086.jpg -- [ FAT32 ]
O32 - AutoRun File - [2012.05.20 20:01:52 | 005,404,357 | ---- | M] () - F:\Autos 087.jpg -- [ FAT32 ]
O32 - AutoRun File - [2012.05.20 20:01:52 | 004,034,512 | ---- | M] () - F:\Autos 088.jpg -- [ FAT32 ]
O32 - AutoRun File - [2012.05.20 20:01:52 | 004,250,627 | ---- | M] () - F:\Autos 089.jpg -- [ FAT32 ]
O32 - AutoRun File - [2012.05.20 20:01:52 | 004,380,564 | ---- | M] () - F:\Autos 090.jpg -- [ FAT32 ]
O32 - AutoRun File - [2012.05.20 20:01:52 | 001,663,311 | ---- | M] () - F:\Autos 091.jpg -- [ FAT32 ]
O32 - AutoRun File - [2012.05.20 20:01:52 | 006,456,267 | ---- | M] () - F:\Autos 093.jpg -- [ FAT32 ]
O32 - AutoRun File - [2012.05.20 20:01:54 | 005,332,705 | ---- | M] () - F:\Autos 094.jpg -- [ FAT32 ]
O32 - AutoRun File - [2012.05.20 20:01:54 | 005,440,099 | ---- | M] () - F:\Autos 095.jpg -- [ FAT32 ]
O32 - AutoRun File - [2012.05.20 20:01:54 | 004,391,526 | ---- | M] () - F:\Autos 096.jpg -- [ FAT32 ]
O32 - AutoRun File - [2012.05.20 20:01:54 | 005,646,437 | ---- | M] () - F:\Autos 097.jpg -- [ FAT32 ]
O32 - AutoRun File - [2012.05.20 20:01:54 | 005,601,406 | ---- | M] () - F:\Autos 098.jpg -- [ FAT32 ]
O32 - AutoRun File - [2012.05.20 20:01:54 | 004,585,547 | ---- | M] () - F:\Autos 100.jpg -- [ FAT32 ]
O32 - AutoRun File - [2012.05.20 20:01:54 | 004,337,785 | ---- | M] () - F:\Autos 102.jpg -- [ FAT32 ]
O32 - AutoRun File - [2012.05.20 20:01:54 | 004,876,233 | ---- | M] () - F:\Autos 103.jpg -- [ FAT32 ]
O32 - AutoRun File - [2012.05.20 20:01:54 | 004,589,212 | ---- | M] () - F:\Autos 104.jpg -- [ FAT32 ]
O32 - AutoRun File - [2012.05.20 20:01:54 | 004,262,856 | ---- | M] () - F:\Autos 121.jpg -- [ FAT32 ]
O33 - MountPoints2\{51bd73ce-207a-11e0-883a-001f16b23fc3}\Shell\AutoRun\command - "" = F:\InstallTomTomHOME.exe
O33 - MountPoints2\{761aa595-6e0d-11df-bbd6-001f16b23fc3}\Shell\AutoRun\command - "" = E:\Launcher.exe
O33 - MountPoints2\{c16b11c1-ee2b-11df-be1e-001f16b23fc3}\Shell\AutoRun\command - "" = F:\InstallTomTomHOME.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation)
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found
MsConfig - StartUpFolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk - C:\Programme\HP\Digital Imaging\bin\hpqtra08.exe - (Hewlett-Packard Co.)
MsConfig - StartUpFolder: C:^Users^pmkurierdienst^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^0.6454398216686165.exe.lnk - - File not found
MsConfig - StartUpReg: Adobe ARM - hkey= - key= - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
MsConfig - StartUpReg: Adobe Reader Speed Launcher - hkey= - key= - C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
MsConfig - StartUpReg: ApnUpdater - hkey= - key= - C:\Program Files\Ask.com\Updater\Updater.exe (Ask)
MsConfig - StartUpReg: Apoint - hkey= - key= - C:\Programme\Apoint2K\Apoint.exe (Alps Electric Co., Ltd.)
MsConfig - StartUpReg: APSDaemon - hkey= - key= - C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
MsConfig - StartUpReg: D658DB78 - hkey= - key= - File not found
MsConfig - StartUpReg: ehTray.exe - hkey= - key= - C:\Windows\ehome\ehtray.exe (Microsoft Corporation)
MsConfig - StartUpReg: GloboFleet - hkey= - key= - C:\Program Files\Buyond_GmbH\GloboFleet_CC_Plus\GloboFleet_CC_Plus.exe (Buyond GmbH)
MsConfig - StartUpReg: HotKeysCmds - hkey= - key= - File not found
MsConfig - StartUpReg: HP Software Update - hkey= - key= - C:\Programme\HP\HP Software Update\hpwuSchd2.exe (Hewlett-Packard)
MsConfig - StartUpReg: IgfxTray - hkey= - key= - File not found
MsConfig - StartUpReg: iTunesHelper - hkey= - key= - C:\Program Files\iTunes\iTunesHelper.exe (Apple Inc.)
MsConfig - StartUpReg: LManager - hkey= - key= - C:\Programme\Launch Manager\LManager.exe (Dritek System Inc.)
MsConfig - StartUpReg: SunJavaUpdateSched - hkey= - key= - C:\Program Files\Common Files\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)
MsConfig - StartUpReg: WMPNSCFG - hkey= - key= - C:\Programme\Windows Media Player\wmpnscfg.exe (Microsoft Corporation)
MsConfig - State: "services" - 0
MsConfig - State: "startup" - 2
SafeBootMin: AppMgmt - Service
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: HelpSvc - Service
SafeBootMin: NTDS - File not found
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: sacsvr - Service
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootNet: AppMgmt - Service
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: HelpSvc - Service
SafeBootNet: Messenger - Service
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: NTDS - File not found
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: rdsessmgr - Service
SafeBootNet: sacsvr - Service
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} -
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 11.0
ActiveX: {25FFAAD0-F4A3-4164-95FF-4461E9F35D51} - .NET Framework
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {3C3901C5-3455-3E0A-A214-0B093A5070A6} - .NET Framework
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} -
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\system32\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1
ActiveX: {D27CDB6E-AE6D-11CF-96B8-444553540000} - Adobe Flash Player
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\Windows\system32\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\system32\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: MSVideo8 - C:\Windows\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.)
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
========== Files/Folders - Created Within 30 Days ==========
[2012.05.23 12:32:35 | 000,595,968 | ---- | C] (OldTimer Tools) -- C:\Users\pmkurierdienst\Desktop\OTL.exe
[2012.05.23 12:24:01 | 000,000,000 | ---D | C] -- C:\Users\pmkurierdienst\AppData\Roaming\Malwarebytes
[2012.05.23 00:53:42 | 000,000,000 | ---D | C] -- C:\Users\pmkurierdienst\Desktop\Programm Files Sicherung
[2012.05.23 00:48:22 | 000,000,000 | ---D | C] -- C:\Users\pmkurierdienst\Desktop\OutlookSicherung
[2012.05.23 00:39:18 | 000,000,000 | ---D | C] -- C:\Users\pmkurierdienst\Desktop\Desktop Sicherung
[2012.05.23 00:30:21 | 000,000,000 | ---D | C] -- C:\Users\pmkurierdienst\AppData\Roaming\www.shadowexplorer.com
[2012.05.23 00:30:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ShadowExplorer
[2012.05.23 00:30:08 | 000,000,000 | ---D | C] -- C:\Program Files\ShadowExplorer
[2012.05.21 19:36:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
[2012.05.21 19:36:26 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2012.05.21 17:48:06 | 000,000,000 | -H-D | C] -- C:\ProgramData\Common Files
[2012.05.21 17:47:53 | 000,000,000 | ---D | C] -- C:\ProgramData\MFAData
[2012.05.21 17:14:01 | 000,000,000 | ---D | C] -- C:\Users\pmkurierdienst\AppData\Local\Temp
[2012.05.21 15:09:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012.05.21 15:09:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012.05.21 15:08:59 | 000,022,344 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2012.05.21 15:08:58 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2012.05.20 19:43:39 | 000,000,000 | ---D | C] -- C:\Users\pmkurierdienst\AppData\Roaming\Franncflmy
[2012.04.26 08:50:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Mozilla
[2012.04.26 08:50:10 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Maintenance Service
========== Files - Modified Within 30 Days ==========
[2012.05.23 12:32:28 | 000,595,968 | ---- | M] (OldTimer Tools) -- C:\Users\pmkurierdienst\Desktop\OTL.exe
[2012.05.23 12:31:10 | 000,632,252 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2012.05.23 12:31:10 | 000,598,900 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012.05.23 12:31:10 | 000,127,464 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2012.05.23 12:31:10 | 000,104,914 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012.05.23 12:11:34 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2012.05.23 12:11:33 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2012.05.23 12:11:17 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.05.23 12:11:08 | 3146,604,544 | -HS- | M] () -- C:\hiberfil.sys
[2012.05.23 01:27:02 | 000,000,117 | ---- | M] () -- C:\Windows\System32\decoder_del.bat
[2012.05.23 00:30:09 | 000,001,686 | ---- | M] () -- C:\Users\pmkurierdienst\Desktop\ShadowExplorer.lnk
[2012.05.22 23:47:33 | 000,006,656 | ---- | M] () -- C:\Users\pmkurierdienst\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012.05.22 23:13:05 | 000,137,928 | ---- | M] (Avira GmbH) -- C:\Windows\System32\drivers\avipbb.sys
[2012.05.22 23:13:05 | 000,083,392 | ---- | M] (Avira GmbH) -- C:\Windows\System32\drivers\avgntflt.sys
[2012.05.22 19:30:39 | 000,000,734 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts
[2012.05.21 14:49:15 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2012.05.21 14:49:15 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2012.05.21 07:13:25 | 000,340,208 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2012.05.11 21:50:50 | 000,481,078 | ---- | M] () -- C:\Windows\System32\winsh323
[2012.05.11 21:50:40 | 000,481,078 | ---- | M] () -- C:\Windows\System32\winsh322
[2012.05.11 21:50:32 | 000,481,078 | ---- | M] () -- C:\Windows\System32\winsh321
[2012.05.11 21:50:22 | 000,481,078 | ---- | M] () -- C:\Windows\System32\winsh320
[2012.05.02 15:47:28 | 000,019,458 | ---- | M] () -- C:\DecryptHelper-0.5.3.jar
[2012.04.28 13:25:15 | 000,014,970 | ---- | M] () -- C:\Users\pmkurierdienst\Desktop\JOtpjoGeqOQflEygUplrG
[2012.04.26 18:38:10 | 000,481,078 | ---- | M] () -- C:\Windows\System32\winsh325
[2012.04.26 18:37:48 | 000,481,078 | ---- | M] () -- C:\Windows\System32\winsh324
[2012.04.26 08:05:17 | 000,067,072 | ---- | M] () -- C:\Users\pmkurierdienst\Desktop\nuNsqvVGsyOXDoNsf
========== Files Created - No Company Name ==========
[2012.05.23 01:26:56 | 000,000,117 | ---- | C] () -- C:\Windows\System32\decoder_del.bat
[2012.05.23 00:30:09 | 000,001,686 | ---- | C] () -- C:\Users\pmkurierdienst\Desktop\ShadowExplorer.lnk
[2012.05.22 23:55:26 | 3146,604,544 | -HS- | C] () -- C:\hiberfil.sys
[2012.05.21 14:49:15 | 000,000,000 | RHS- | C] () -- C:\MSDOS.SYS
[2012.05.21 14:49:15 | 000,000,000 | RHS- | C] () -- C:\IO.SYS
[2012.05.20 19:44:34 | 000,481,078 | ---- | C] () -- C:\Windows\System32\winsh325
[2012.05.20 19:44:34 | 000,481,078 | ---- | C] () -- C:\Windows\System32\winsh324
[2012.05.20 19:44:34 | 000,481,078 | ---- | C] () -- C:\Windows\System32\winsh323
[2012.05.20 19:44:34 | 000,481,078 | ---- | C] () -- C:\Windows\System32\winsh322
[2012.05.20 19:44:33 | 000,481,078 | ---- | C] () -- C:\Windows\System32\winsh321
[2012.05.20 19:44:33 | 000,481,078 | ---- | C] () -- C:\Windows\System32\winsh320
[2012.05.02 15:47:28 | 000,019,458 | ---- | C] () -- C:\DecryptHelper-0.5.3.jar
[2012.02.27 15:49:17 | 000,000,215 | ---- | C] () -- C:\Windows\HBCIKRNL.ini
[2012.02.27 15:49:05 | 000,000,281 | ---- | C] () -- C:\Windows\{BABE1E59-F3A3-4B2B-80B1-41928543A042}_WiseFW.ini
[2012.02.27 15:47:19 | 000,000,032 | ---- | C] () -- C:\Windows\CD_Start.INI
[2011.02.11 18:40:40 | 000,004,096 | ---- | C] ( ) -- C:\Windows\System32\IGFXDEVLib.dll
[2010.08.25 20:30:02 | 000,439,308 | ---- | C] () -- C:\Windows\System32\igcompkrng500.bin
[2010.08.25 20:30:00 | 000,982,240 | ---- | C] () -- C:\Windows\System32\igkrng500.bin
[2010.08.25 20:30:00 | 000,092,356 | ---- | C] () -- C:\Windows\System32\igfcg500m.bin
[2010.08.25 19:57:00 | 000,000,151 | ---- | C] () -- C:\Windows\System32\GfxUI.exe.config
[2010.07.08 08:18:25 | 000,077,824 | ---- | C] () -- C:\Windows\System32\HPZIDS01.dll
========== LOP Check ==========
[2009.09.06 09:20:01 | 000,000,000 | -HSD | M] -- C:\Users\pmkurierdienst\AppData\Roaming\.#
[2012.05.20 20:11:10 | 000,000,000 | ---D | M] -- C:\Users\pmkurierdienst\AppData\Roaming\Acer GameZone Console
[2012.02.26 10:54:15 | 000,000,000 | ---D | M] -- C:\Users\pmkurierdienst\AppData\Roaming\Canon
[2011.06.14 18:19:05 | 000,000,000 | ---D | M] -- C:\Users\pmkurierdienst\AppData\Roaming\elsterformular
[2009.09.06 09:14:22 | 000,000,000 | ---D | M] -- C:\Users\pmkurierdienst\AppData\Roaming\eSobi
[2012.05.22 16:10:44 | 000,000,000 | ---D | M] -- C:\Users\pmkurierdienst\AppData\Roaming\Franncflmy
[2012.05.20 20:11:14 | 000,000,000 | ---D | M] -- C:\Users\pmkurierdienst\AppData\Roaming\Image Zone Express
[2010.05.07 21:43:04 | 000,000,000 | ---D | M] -- C:\Users\pmkurierdienst\AppData\Roaming\Printer Info Cache
[2009.09.06 09:17:05 | 000,000,000 | ---D | M] -- C:\Users\pmkurierdienst\AppData\Roaming\Template
[2012.05.23 00:30:21 | 000,000,000 | ---D | M] -- C:\Users\pmkurierdienst\AppData\Roaming\www.shadowexplorer.com
[2012.05.23 01:36:53 | 000,032,512 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
========== Purity Check ==========
========== Custom Scans ==========
< %ALLUSERSPROFILE%\Application Data\*. >
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
< %APPDATA%\*. >
[2009.09.06 09:20:01 | 000,000,000 | -HSD | M] -- C:\Users\pmkurierdienst\AppData\Roaming\.#
[2012.05.20 20:11:10 | 000,000,000 | ---D | M] -- C:\Users\pmkurierdienst\AppData\Roaming\Acer GameZone Console
[2009.09.06 12:09:44 | 000,000,000 | ---D | M] -- C:\Users\pmkurierdienst\AppData\Roaming\Adobe
[2012.04.01 15:49:16 | 000,000,000 | ---D | M] -- C:\Users\pmkurierdienst\AppData\Roaming\Apple Computer
[2012.03.27 15:03:05 | 000,000,000 | ---D | M] -- C:\Users\pmkurierdienst\AppData\Roaming\Avira
[2012.02.26 10:54:15 | 000,000,000 | ---D | M] -- C:\Users\pmkurierdienst\AppData\Roaming\Canon
[2011.06.14 18:19:05 | 000,000,000 | ---D | M] -- C:\Users\pmkurierdienst\AppData\Roaming\elsterformular
[2009.09.06 09:14:22 | 000,000,000 | ---D | M] -- C:\Users\pmkurierdienst\AppData\Roaming\eSobi
[2012.05.22 16:10:44 | 000,000,000 | ---D | M] -- C:\Users\pmkurierdienst\AppData\Roaming\Franncflmy
[2009.09.06 09:02:04 | 000,000,000 | ---D | M] -- C:\Users\pmkurierdienst\AppData\Roaming\Google
[2010.04.19 22:09:40 | 000,000,000 | ---D | M] -- C:\Users\pmkurierdienst\AppData\Roaming\HP
[2009.09.06 09:02:09 | 000,000,000 | ---D | M] -- C:\Users\pmkurierdienst\AppData\Roaming\Identities
[2012.05.20 20:11:14 | 000,000,000 | ---D | M] -- C:\Users\pmkurierdienst\AppData\Roaming\Image Zone Express
[2009.09.06 09:03:10 | 000,000,000 | ---D | M] -- C:\Users\pmkurierdienst\AppData\Roaming\Macromedia
[2012.05.23 12:24:01 | 000,000,000 | ---D | M] -- C:\Users\pmkurierdienst\AppData\Roaming\Malwarebytes
[2006.11.02 14:37:34 | 000,000,000 | ---D | M] -- C:\Users\pmkurierdienst\AppData\Roaming\Media Center Programs
[2012.05.23 00:22:47 | 000,000,000 | --SD | M] -- C:\Users\pmkurierdienst\AppData\Roaming\Microsoft
[2009.09.06 12:12:58 | 000,000,000 | ---D | M] -- C:\Users\pmkurierdienst\AppData\Roaming\Mozilla
[2010.05.07 21:43:04 | 000,000,000 | ---D | M] -- C:\Users\pmkurierdienst\AppData\Roaming\Printer Info Cache
[2009.09.06 09:17:05 | 000,000,000 | ---D | M] -- C:\Users\pmkurierdienst\AppData\Roaming\Template
[2012.05.23 00:30:21 | 000,000,000 | ---D | M] -- C:\Users\pmkurierdienst\AppData\Roaming\www.shadowexplorer.com
[2012.02.26 10:58:11 | 000,000,000 | ---D | M] -- C:\Users\pmkurierdienst\AppData\Roaming\ZoomBrowser EX
< %APPDATA%\*.exe /s >
< %SYSTEMDRIVE%\*.exe >
< MD5 for: AGP440.SYS >
[2008.01.21 04:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\drivers\AGP440.sys
[2008.01.21 04:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_51b95d75\AGP440.sys
[2008.01.21 04:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_f750e484\AGP440.sys
[2008.01.21 04:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6001.18000_none_ba12ed3bbeb0d97a\AGP440.sys
[2008.01.21 04:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6002.18005_none_bbfe6647bbd2a4c6\AGP440.sys
[2006.11.02 11:49:52 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=EF23439CDD587F64C2C1B8825CEAD7D8 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_920a2c1f\AGP440.sys
< MD5 for: ATAPI.SYS >
[2009.04.11 08:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\System32\drivers\atapi.sys
[2009.04.11 08:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_b12d8e84\atapi.sys
[2009.04.11 08:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6002.18005_none_df23a1261eab99e8\atapi.sys
[2008.01.21 04:23:00 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_cc18792d\atapi.sys
[2008.01.21 04:23:00 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.18000_none_dd38281a2189ce9c\atapi.sys
[2006.11.02 11:49:36 | 000,019,048 | ---- | M] (Microsoft Corporation) MD5=4F4FCB8B6EA06784FB6D475B7EC7300F -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_c6c2e699\atapi.sys
< MD5 for: CNGAUDIT.DLL >
[2006.11.02 11:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\System32\cngaudit.dll
[2006.11.02 11:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.0.6000.16386_none_e62d292932a96ce6\cngaudit.dll
< MD5 for: IASTOR.SYS >
[2009.02.12 18:26:18 | 000,407,576 | ---- | M] (Intel Corporation) MD5=1ADAA4F16073FD0C7270F451FD024E97 -- C:\Acer\Preload\Autorun\DRV\AHCI\X64\IaStor.sys
[2009.02.12 18:11:50 | 000,329,752 | ---- | M] (Intel Corporation) MD5=71ECC07BC7C5E24C3DD01D8A29A24054 -- C:\Acer\Preload\Autorun\DRV\AHCI\X86\IaStor.sys
[2009.02.12 18:11:50 | 000,329,752 | ---- | M] (Intel Corporation) MD5=71ECC07BC7C5E24C3DD01D8A29A24054 -- C:\Windows\System32\drivers\iaStor.sys
[2009.02.12 18:11:50 | 000,329,752 | ---- | M] (Intel Corporation) MD5=71ECC07BC7C5E24C3DD01D8A29A24054 -- C:\Windows\System32\DriverStore\FileRepository\iaahci.inf_ea118ff5\iaStor.sys
[2009.02.12 18:11:50 | 000,329,752 | ---- | M] (Intel Corporation) MD5=71ECC07BC7C5E24C3DD01D8A29A24054 -- C:\Windows\System32\DriverStore\FileRepository\iastor.inf_c491546e\iaStor.sys
< MD5 for: IASTORV.SYS >
[2008.01.21 04:23:23 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\System32\drivers\iaStorV.sys
[2008.01.21 04:23:23 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_c9df7691\iaStorV.sys
[2008.01.21 04:23:23 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.0.6001.18000_none_af11527887c7fa8f\iaStorV.sys
[2006.11.02 11:51:25 | 000,232,040 | ---- | M] (Intel Corporation) MD5=C957BF4B5D80B46C5017BF0101E6C906 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_37cdafa4\iaStorV.sys
< MD5 for: NETLOGON.DLL >
[2009.04.11 08:28:23 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\System32\netlogon.dll
[2009.04.11 08:28:23 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6002.18005_none_ffa3304f351bb3a3\netlogon.dll
[2008.01.21 04:24:05 | 000,592,384 | ---- | M] (Microsoft Corporation) MD5=A8EFC0B6E75B789F7FD3BA5025D4E37F -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6001.18000_none_fdb7b74337f9e857\netlogon.dll
< MD5 for: NVSTOR.SYS >
[2006.11.02 11:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) MD5=9E0BA19A28C498A6D323D065DB76DFFC -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_733654ff\nvstor.sys
[2008.01.21 04:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\System32\drivers\nvstor.sys
[2008.01.21 04:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_31c3d71d\nvstor.sys
[2008.01.21 04:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.0.6001.18000_none_39dac327befea467\nvstor.sys
< MD5 for: SCECLI.DLL >
[2008.01.21 04:24:50 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=28B84EB538F7E8A0FE8B9299D591E0B9 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6001.18000_none_380de25bd91b6f12\scecli.dll
[2009.04.11 08:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\System32\scecli.dll
[2009.04.11 08:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6002.18005_none_39f95b67d63d3a5e\scecli.dll
< MD5 for: USER32.DLL >
[2008.01.21 04:24:21 | 000,627,200 | ---- | M] (Microsoft Corporation) MD5=B974D9F06DC7D1908E825DC201681269 -- C:\Windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.0.6001.18000_none_cd386c416d5c7f32\user32.dll
[2009.04.11 08:28:25 | 000,627,712 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\user32.dll
[2009.04.11 08:28:25 | 000,627,712 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.0.6002.18005_none_cf23e54d6a7e4a7e\user32.dll
< MD5 for: USERINIT.EXE >
[2008.01.21 04:24:49 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\System32\userinit.exe
[2008.01.21 04:24:49 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6001.18000_none_dc28ba15d1aff80b\userinit.exe
< MD5 for: WININIT.EXE >
[2008.01.21 04:23:42 | 000,096,768 | ---- | M] (Microsoft Corporation) MD5=101BA3EA053480BB5D957EF37C06B5ED -- C:\Windows\System32\wininit.exe
[2008.01.21 04:23:42 | 000,096,768 | ---- | M] (Microsoft Corporation) MD5=101BA3EA053480BB5D957EF37C06B5ED -- C:\Windows\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.0.6001.18000_none_30f2b8cf0450a6a2\wininit.exe
< MD5 for: WINLOGON.EXE >
[2012.04.04 15:56:38 | 000,199,240 | ---- | M] () MD5=097D0E812D7A9A3101CE46CB2BE0474D -- C:\Program Files\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe
[2009.04.11 08:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\System32\winlogon.exe
[2009.04.11 08:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6002.18005_none_71ae7a22d2134741\winlogon.exe
[2008.01.21 04:24:49 | 000,314,880 | ---- | M] (Microsoft Corporation) MD5=C2610B6BDBEFC053BBDAB4F1B965CB24 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6001.18000_none_6fc30116d4f17bf5\winlogon.exe
< MD5 for: WS2IFSL.SYS >
[2008.01.21 04:24:47 | 000,015,872 | ---- | M] (Microsoft Corporation) MD5=E3A3CB253C0EC2494D4A61F5E43A389C -- C:\Windows\System32\drivers\ws2ifsl.sys
[2008.01.21 04:24:47 | 000,015,872 | ---- | M] (Microsoft Corporation) MD5=E3A3CB253C0EC2494D4A61F5E43A389C -- C:\Windows\winsxs\x86_microsoft-windows-w..rastructure-ws2ifsl_31bf3856ad364e35_6.0.6001.18000_none_4f86a0d4c7cda641\ws2ifsl.sys
< %systemroot%\system32\drivers\*.sys /lockedfiles >
< %systemroot%\System32\config\*.sav >
[2008.01.21 05:14:18 | 016,846,848 | ---- | M] () -- C:\Windows\System32\config\COMPONENTS.SAV
[2008.01.21 05:14:08 | 000,106,496 | ---- | M] () -- C:\Windows\System32\config\DEFAULT.SAV
[2008.01.21 05:14:18 | 000,020,480 | ---- | M] () -- C:\Windows\System32\config\SECURITY.SAV
[2006.11.02 12:34:08 | 010,133,504 | ---- | M] () -- C:\Windows\System32\config\SOFTWARE.SAV
[2006.11.02 12:34:08 | 001,826,816 | ---- | M] () -- C:\Windows\System32\config\SYSTEM.SAV
< %systemroot%\*. /mp /s >
< %systemroot%\system32\*.dll /lockedfiles >
< >
< End of report >
Code:
OTL Extras logfile created on: 23.05.2012 13:06:30 - Run 1
OTL by OldTimer - Version 3.2.43.1 Folder = C:\Users\pmkurierdienst\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
2,93 Gb Total Physical Memory | 1,81 Gb Available Physical Memory | 61,63% Memory free
6,08 Gb Paging File | 4,90 Gb Available in Paging File | 80,60% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 223,12 Gb Total Space | 121,73 Gb Free Space | 54,56% Space Free | Partition Type: NTFS
Drive F: | 37,24 Gb Total Space | 19,69 Gb Free Space | 52,87% Space Free | Partition Type: FAT32
Computer Name: PMUNTERNEHMEN | User Name: pmkurierdienst | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
[HKEY_USERS\S-1-5-21-3486583838-2670660624-3414567642-1000\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [Digital Photo Professional] -- C:\Program Files\Canon\Digital Photo Professional\DPPViewer.exe /path "%1" (CANON INC.)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\S-1-5-21-3486583838-2670660624-3414567642-1000]
"EnableNotifications" = 0
"EnableNotificationsRef" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0F638FA2-8680-4F22-8C5A-28A155F04CA9}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{1022633B-A7EC-4E05-B1F1-39655B0591CA}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{124789A3-1134-409D-93A8-8AB979B52067}" = rport=445 | protocol=6 | dir=out | app=system |
"{20EAC8B9-786A-4255-87D6-CB12AC731622}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{223F99ED-81E5-4CFB-9133-BA837A2626FA}" = lport=445 | protocol=6 | dir=in | app=system |
"{34D75B43-0928-40CD-B65C-43F87E76E1FD}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office12\outlook.exe |
"{48F96FB1-E6F6-4784-8CB9-5C0BBD77C0A7}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{4C6D076C-D735-4493-878E-20CC771C76D2}" = lport=138 | protocol=17 | dir=in | app=system |
"{5D06E7F5-C454-4209-9A49-0AA60B2636B3}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{614CB27F-DEA7-4EE2-8469-C7A768D745E9}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{9DD69EEC-7589-470F-A7E3-8AC836DE904D}" = lport=139 | protocol=6 | dir=in | app=system |
"{AB7BD5A8-6592-45CC-8218-317C91029FC4}" = lport=137 | protocol=17 | dir=in | app=system |
"{AE4C8F30-3CAA-46C1-A99A-6A339B654AF1}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{B375604E-06A2-454D-BA6D-165167C1A0BD}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{C3F27BEB-C2DC-4775-968F-798503960BE7}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{C6681832-4FF3-4236-B212-277C1C2DF333}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{D6BF5B16-3006-4F6D-9CA3-8943AB93EDC8}" = rport=138 | protocol=17 | dir=out | app=system |
"{DC6526BD-E4E3-4DAF-9743-C434CE9DFF58}" = rport=137 | protocol=17 | dir=out | app=system |
"{FCC15690-5023-445F-A5F8-09BF8810E888}" = rport=427 | protocol=17 | dir=in | svc=hpslpsvc | app=c:\windows\system32\svchost.exe |
"{FF0D2E58-2B15-4BB2-8AFF-7F004BFFABEC}" = rport=139 | protocol=6 | dir=out | app=system |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{062D7BFB-E42B-4E8A-9C02-944C625941BA}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{1B8EEF89-A395-4F2C-AF44-C097CC7B770E}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqste08.exe |
"{3FDECAC4-A40E-40A9-A2A8-5432BB4B6EEC}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpofxm08.exe |
"{45C6AFFA-B6A5-4D2B-AF36-581C4CD8602C}" = dir=in | app=c:\program files\hp\digital imaging\bin\hposfx08.exe |
"{50E7BFF4-4B87-419D-A63F-3942E13C63C5}" = protocol=17 | dir=in | app=c:\program files\cherry\smartdevice\ctcymconfig.exe |
"{5D32539D-8DC8-479F-B76F-3CCE3274B50A}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpzwiz01.exe |
"{62CEE012-5A58-48E9-8223-808F85CEAB73}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqkygrp.exe |
"{7138B98C-7B51-4E6E-B19A-D9E29AF4F311}" = dir=in | app=d:\setup\hpznui01.exe |
"{79A95A19-950B-4832-81BB-5D816500EDF8}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{95B4F0D1-E281-42AD-A3E0-AF5B9E04A0A6}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{9745BC55-A783-4112-9951-472B150DE27A}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqtra08.exe |
"{9DDDB5E2-E62E-4D60-9C30-397F637D184F}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{9F185C2D-8224-494A-A302-3F85E56619A4}" = dir=in | app=c:\program files\itunes\itunes.exe |
"{AD77C3A4-7BBB-4103-9495-A0B5DDE21AEA}" = dir=in | app=c:\program files\common files\apple\apple application support\webkit2webprocess.exe |
"{B11454CB-A462-44BC-9D0E-1CBFE158940B}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{C98AAC51-771A-4645-9E7B-2EA7B69CE821}" = dir=in | app=c:\program files\hp\digital imaging\bin\hposid01.exe |
"{DFB9AFB5-9B6E-4F34-A13B-E7483DD94759}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{F69536D6-328E-465E-9AFD-A59716D69B15}" = protocol=6 | dir=in | app=c:\program files\cherry\smartdevice\ctcymconfig.exe |
"{FA0E207D-FF6E-46EE-A07B-0F569E4872B3}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{03A7C57A-B2C8-409b-92E5-524A0DFD0DD3}" = Status
"{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu
"{087A66B8-1F0F-4a8d-A649-0CFE276AA7C0}" = WebReg
"{155CCA6C-F0D9-4406-B005-BD535C1B1378}" = Lis i Niedźwiedź
"{23B8A91D-680B-462B-87AD-3D70F7341731}" = iTunes
"{26A24AE4-039D-4CA4-87B4-2F83216027FF}" = Java(TM) 6 Update 30
"{2A329FB6-389D-4396-A974-29656D6864AE}" = MarketResearch
"{2EEA7AA4-C203-4b90-A34F-19FB7EF1C81C}" = BufferChm
"{38DAE5F5-EC70-4aa5-801B-D11CA0A33B41}" = BPDSoftware
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{464BE34B-44A8-4C44-AA14-C3482B2CFB2A}" = GloboFleet CC Plus
"{47ECCB1F-2811-49C0-B6A7-26778639ABA0}" = 32 Bit HP CIO Components Installer
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A70EF07-7F88-4434-BB61-D1DE8AE93DD4}" = SolutionCenter
"{4D304678-738E-42a0-931A-2B022F49DEB8}" = TrayApp
"{4E7C28C7-D5DA-4E9F-A1CA-60490B54AE35}" = UnloadSupport
"{57F60D52-630B-43C5-BD20-176F5CD4EED6}" = bpd_scan
"{62F7DA7E-CCCB-439C-A760-00C3926E761F}" = Microsoft Works
"{63FF21C9-A810-464F-B60A-3111747B1A6D}" = GPBaseService2
"{676981B7-A2D9-49D0-9F4C-03018F131DA9}" = DocProc
"{6AFCA4E1-9B78-3640-8F72-A7BF33448200}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{6CC080F1-2E00-41D5-BE47-A3BC784E9DFB}" = BPDSoftware_Ini
"{6EED4269-588D-45b8-A80C-26A9CA62EE4E}" = HPSSupply
"{7059BDA7-E1DB-442C-B7A1-6144596720A4}" = HP Update
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{79155F2B-9895-49D7-8612-D92580E0DE5B}" = Bonjour
"{800E784D-53E3-4948-B491-9E7FA5EACBDC}" = SmartWebPrinting
"{83C57C58-FDD7-4d86-BFCC-9D31CC4EFA71}" = 6500_E709n
"{83E2CFA9-E0EB-4E08-9F85-43E577FF3D60}" = Windows Live Anmelde-Assistent
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{86D4B82A-ABED-442A-BE86-96357B70F4FE}" = Ask Toolbar
"{87A9A9A9-FAB7-4224-9328-0FA2058C0FD5}" = Network
"{90120000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2007
"{90120000-0015-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2007
"{90120000-0019-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2007
"{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_ENTERPRISE_{A23BFC95-4A73-410F-9248-4C2B48E38C49}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-0020-0407-0000-0000000FF1CE}" = Compatibility Pack für 2007 Office System
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0044-0407-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2007
"{90120000-0044-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_ENTERPRISE_{A6353E8F-5B8D-47CC-8737-DFF032ED3973}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00BA-0407-0000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2007
"{90120000-00BA-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{9129B46A-51F0-431b-9838-DF7272F3204E}" = ProductContext
"{95120000-00AF-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (German)
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9AF0B106-56F1-461B-A270-95BC1682E282}" = Broadcom Gigabit NetLink Controller
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9CCCFD9C-248F-47FE-9496-1680E3E5C163}" = Scan
"{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}" = ALPS Touch Pad Driver
"{AC13BA3A-336B-45a4-B3FE-2D3058A7B533}" = Toolbox
"{AC76BA86-7AD7-1031-7B44-A92000000001}" = Adobe Reader 9.2 - Deutsch
"{BABE1E59-F3A3-4B2B-80B1-41928543A042}" = Cherry SmartCard Package V3.0 Build 8
"{C29C1940-CB85-4F3B-906C-33FEE0E67103}" = DocMgr
"{C43326F5-F135-4551-8270-7F7ABA0462E1}" = HPProductAssistant
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{DC24971E-1946-445D-8A82-CE685433FA7D}" = Realtek USB 2.0 Card Reader
"{DE13432E-F0C1-4842-A5BA-CC997DA72A70}" = 6500_E709_eDocs
"{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}" = Microsoft Office Suite Activation Assistant
"{EB21A812-671B-4D08-B974-2A347F0D8F70}" = HP Photosmart Essential
"{EB879750-CCBD-4013-BFD5-0294D4DA5BD0}" = Apple Application Support
"{EEEB604C-C1A7-4f8c-B03F-56F9C1C9C45F}" = Fax
"{EF9E56EE-0243-4BAD-88F4-5E7508AA7D96}" = Destination Component
"{EFC04D3F-A152-47E7-8517-EE0F6201AFEF}" = Apple Mobile Device Support
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F185B35D-38E5-4D88-B275-15C8C7FC4357}" = 6500_E709_Help
"{F750C986-5310-3A5A-95F8-4EC71C8AC01C}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{F769B78E-FF0E-4db5-95E2-9F4C8D6352FE}" = DeviceDiscovery
"{FA0F0A01-4631-4161-A6C2-948BF694382E}" = HP Officejet 6500 E709 Series
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Agere Systems Soft Modem" = Agere Systems HDA Modem
"Avira AntiVir Desktop" = Avira Free Antivirus
"CANON iMAGE GATEWAY Task" = CANON iMAGE GATEWAY Task for ZoomBrowser EX
"Canon MOV Decoder" = Canon MOV Decoder
"Canon MOV Encoder" = Canon MOV Encoder
"CCleaner" = CCleaner
"DPP" = Canon Utilities Digital Photo Professional 3.10
"ElsterFormular 12.2.1.6570k" = ElsterFormular
"ENTERPRISE" = Microsoft Office Enterprise 2007
"EOS Sample Music" = Canon Utilities EOS Sample Music
"EOS Utility" = Canon Utilities EOS Utility
"EOS Video Snapshot Task" = Canon Utilities EOS Video Snapshot Task for ZoomBrowser EX
"HDMI" = Intel(R) Graphics Media Accelerator Driver
"HP Document Manager" = HP Document Manager 2.0
"HP Imaging Device Functions" = HP Imaging Device Functions 12.0
"HP Smart Web Printing" = HP Smart Web Printing
"HP Solution Center & Imaging Support Tools" = HP Solution Center 13.0
"HPExtendedCapabilities" = HP Customer Participation Program 12.0
"HPOCR" = OCR Software by I.R.I.S. 12.0
"IrfanView" = IrfanView (remove only)
"LManager" = Launch Manager
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.61.0.1400
"Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"MovieEditTask" = Canon MovieEdit Task for ZoomBrowser EX
"MovieUploaderForYouTube" = Canon Utilities Movie Uploader for YouTube
"Mozilla Firefox 12.0 (x86 de)" = Mozilla Firefox 12.0 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"MyCamera Download Plugin" = CANON iMAGE GATEWAY MyCamera Download Plugin
"PhotoStitch" = Canon Utilities PhotoStitch
"Picture Style Editor" = Canon Utilities Picture Style Editor
"ShadowExplorer_is1" = ShadowExplorer 0.8
"Shop for HP Supplies" = Shop for HP Supplies
"ZoomBrowser EX" = Canon Utilities ZoomBrowser EX
"ZoomBrowser EX Memory Card Utility" = Canon ZoomBrowser EX Memory Card Utility
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-3486583838-2670660624-3414567642-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{79A765E1-C399-405B-85AF-466F52E918B0}" = Ask Toolbar Updater
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 09.05.2012 21:38:59 | Computer Name = pmunternehmen | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 16660470
Error - 09.05.2012 21:38:59 | Computer Name = pmunternehmen | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 16660470
Error - 09.05.2012 21:39:15 | Computer Name = pmunternehmen | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second
Error - 09.05.2012 21:39:15 | Computer Name = pmunternehmen | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 16676070
Error - 09.05.2012 21:39:15 | Computer Name = pmunternehmen | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 16676070
Error - 09.05.2012 21:39:30 | Computer Name = pmunternehmen | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second
Error - 09.05.2012 21:39:30 | Computer Name = pmunternehmen | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 16691670
Error - 09.05.2012 21:39:30 | Computer Name = pmunternehmen | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 16691670
Error - 09.05.2012 21:42:55 | Computer Name = pmunternehmen | Source = WinMgmt | ID = 10
Description =
Error - 09.05.2012 22:18:56 | Computer Name = pmunternehmen | Source = WinMgmt | ID = 10
Description =
[ Media Center Events ]
Error - 07.09.2009 08:30:21 | Computer Name = pmunternehmen | Source = Media Center Guide | ID = 0
Description = Ereignisinformationen: ERROR: SqmApiWrapper.SqmFlushSession failed;
Win32 GetLastError returned 0D Prozess: DefaultDomain Objektname: Media Center Guide
Error - 26.02.2012 05:05:03 | Computer Name = pmunternehmen | Source = Media Center Guide | ID = 0
Description = Ereignisinformationen: ERROR: SqmApiWrapper.TimerRecord failed; Win32
GetLastError returned 10000105 Prozess: DefaultDomain Objektname: Media Center Guide
Error - 01.04.2012 09:11:54 | Computer Name = pmunternehmen | Source = Media Center Guide | ID = 0
Description = Ereignisinformationen: ERROR: SqmApiWrapper.TimerRecord failed; Win32
GetLastError returned 10000105 Prozess: DefaultDomain Objektname: Media Center Guide
[ OSession Events ]
Error - 25.12.2010 17:36:12 | Computer Name = pmunternehmen | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 3, Application Name: Microsoft Office PowerPoint, Application
Version: 12.0.6500.5000, Microsoft Office Version: 12.0.6425.1000. This session
lasted 103 seconds with 60 seconds of active time. This session ended with a crash.
[ System Events ]
Error - 22.05.2012 17:53:50 | Computer Name = pmunternehmen | Source = DCOM | ID = 10005
Description =
Error - 22.05.2012 17:53:55 | Computer Name = pmunternehmen | Source = DCOM | ID = 10005
Description =
Error - 22.05.2012 17:54:09 | Computer Name = pmunternehmen | Source = Service Control Manager | ID = 7001
Description =
Error - 22.05.2012 17:54:09 | Computer Name = pmunternehmen | Source = Service Control Manager | ID = 7026
Description =
Error - 22.05.2012 17:55:40 | Computer Name = pmunternehmen | Source = SCardSvr | ID = 602
Description =
Error - 22.05.2012 17:55:40 | Computer Name = pmunternehmen | Source = SCardSvr | ID = 602
Description =
Error - 22.05.2012 17:57:09 | Computer Name = pmunternehmen | Source = Service Control Manager | ID = 7000
Description =
Error - 23.05.2012 06:11:28 | Computer Name = pmunternehmen | Source = SCardSvr | ID = 602
Description =
Error - 23.05.2012 06:11:28 | Computer Name = pmunternehmen | Source = SCardSvr | ID = 602
Description =
Error - 23.05.2012 06:12:13 | Computer Name = pmunternehmen | Source = Service Control Manager | ID = 7000
Description =
< End of report >
|
aswMBR.exe und speichere die Datei auf deinem Desktop.