paulibins | 06.02.2013 19:30 | Hallo Markus
danke für die Antwort. Leider kann ich den "Killer" nicht einsetzen, da das System jja nicht normal startet. Hier nochmal zu Erinnerung mein Problem:
Der Systemstart geht zunächst ganz normal bis die Meldung kommt Windows könne auf Grund von Änderungen....nicht gestartet werden mit der Auswahl der verschiedenen Startmodi. Gehe ich dann zB. auf den abgesicherten Modus, dann werden unten am Bildrand die Dateinamen in schneller Folge angezeigt (wie beim normalen Start) bis es plötzlich stoppt. Dann kommt ebenfalls unten die Meldung. Press ENTER to continue loading SPTD.sys. Danach wird, egal ob ich drücke der Schirm dunkel, und der Rechner startet neu.
Meine Aussage, das der Eset Scan nichts gefung´den hat, bezog sich leider nur auf die beiden Partitionen mit den mir wichtigen Datein. Ich habe nun auch die Systempartition rüberkopiert und wollte das Ganze auf meinem uralten, völlig leeren "Notrechner " mit ESET nochmal scannen. Das ging leider in die Hose. ESET läuft nicht, der Rechner ist sehr langsam, weil ihn irgendwelche Prozesse blockieren und wenn ich dann Strg Alt Entf drücke, kommt irgendwann : der Rechner wird gesperrt. Bevor ich die USB Platte ansteckte, lief er völlig normal.Ergo ist was faul. Bloß ist es mir auf dem Teil egal (läuft unter WIN 7) weil wie gesagt keinerlei Daten darauf sind und er eigentlich schon auf den Wertstoffhof sollte.
und hier nochmal die OTL Logfiles Code:
OTL logfile created on: 2/6/2013 4:12:15 PM - Run
OTLPE by OldTimer - Version 3.1.48.0 Folder = X:\Programs\OTLPE
Microsoft Windows XP Service Pack 2 (Version = 5.1.2600) - Type = SYSTEM
Internet Explorer (Version = 6.0.2900.2180)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
2.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 87.00% Memory free
2.00 Gb Paging File | 2.00 Gb Available in Paging File | 97.00% Paging File free
Paging file location(s): C:\pagefile.sys 3070 3070 [binary data]
%SystemDrive% = D: | %SystemRoot% = D:\WINDOWS | %ProgramFiles% = D:\Programme
Drive D: | 135.01 Gb Total Space | 113.71 Gb Free Space | 84.23% Space Free | Partition Type: NTFS
Drive F: | 410.15 Gb Total Space | 311.89 Gb Free Space | 76.04% Space Free | Partition Type: NTFS
Drive G: | 404.17 Gb Total Space | 273.50 Gb Free Space | 67.67% Space Free | Partition Type: NTFS
Drive H: | 99.96 Gb Total Space | 81.87 Gb Free Space | 81.90% Space Free | Partition Type: NTFS
Drive I: | 100.73 Gb Total Space | 35.54 Gb Free Space | 35.28% Space Free | Partition Type: NTFS
Drive J: | 130.07 Gb Total Space | 26.45 Gb Free Space | 20.34% Space Free | Partition Type: NTFS
Drive X: | 436.59 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
Computer Name: REATOGO | User Name: SYSTEM
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: Off | File Age = 30 Days
Using ControlSet: ControlSet005
========== Win32 Services (SafeList) ==========
SRV - File not found [Disabled] -- -- (FirebirdServerMAGIXInstance)
SRV - [2008/04/15 10:15:24 | 000,147,201 | ---- | M] (Avira GmbH) [Disabled] -- D:\Programme\AntiVir PersonalEdition Classic\avguard.exe -- (AntiVirService)
SRV - [2008/04/15 10:15:24 | 000,068,865 | ---- | M] (Avira GmbH) [Disabled] -- D:\Programme\AntiVir PersonalEdition Classic\sched.exe -- (AntiVirScheduler)
SRV - [2007/08/23 07:52:50 | 000,410,904 | ---- | M] (Acronis) [Disabled] -- D:\Programme\Gemeinsame Dateien\Maxtor\Schedule2\schedul2.exe -- (AcrSch2Svc)
SRV - [2007/03/08 17:01:58 | 000,075,568 | ---- | M] (Zone Labs, LLC) [Auto] -- D:\WINDOWS\System32\ZONELABS\vsmon.exe -- (vsmon)
SRV - [2006/09/20 12:44:10 | 000,069,632 | ---- | M] (Adobe Systems) [On_Demand] -- D:\Programme\Gemeinsame Dateien\Adobe Systems Shared\Service\Adobelmsvc.exe -- (Adobe LM Service)
SRV - [2006/02/28 19:10:20 | 000,069,632 | ---- | M] (CrypKey (Canada) Ltd.) [Disabled] -- D:\WINDOWS\System32\Crypserv.exe -- (Crypkey License)
SRV - [2004/10/21 19:24:18 | 000,073,728 | ---- | M] (Macrovision Corporation) [Disabled] -- D:\Programme\Gemeinsame Dateien\InstallShield\Driver\1050\Intel 32\IDriverT.exe -- (IDriverT)
SRV - [2004/05/17 07:57:00 | 000,184,320 | ---- | M] (O&O Software GmbH) [Auto] -- D:\WINDOWS\system32\oodag.exe -- (O&O Defrag)
SRV - [2003/07/28 05:28:22 | 000,089,136 | ---- | M] (Microsoft Corporation) [Disabled] -- D:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE -- (ose)
SRV - [2001/08/08 19:01:00 | 000,090,112 | ---- | M] (SEIKO EPSON CORPORATION) [Disabled] -- D:\Programme\Gemeinsame Dateien\EPSON\EBAPI\SAgent2.exe -- (EPSONStatusAgent2)
========== Driver Services (SafeList) ==========
DRV - File not found [Kernel | On_Demand] -- -- (WINFOXIO)
DRV - File not found [Kernel | On_Demand] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand] -- -- (TSMPacket)
DRV - File not found [Kernel | On_Demand] -- -- (SANDRA)
DRV - File not found [Kernel | On_Demand] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand] -- -- (PDCOMP)
DRV - File not found [Kernel | System] -- -- (PCIDump)
DRV - File not found [Kernel | On_Demand] -- -- (MEMSWEEP2)
DRV - File not found [Kernel | System] -- -- (lbrtfdc)
DRV - File not found [Kernel | System] -- -- (i2omgmt)
DRV - File not found [Kernel | On_Demand] -- -- (CrystalSysInfo)
DRV - File not found [Kernel | System] -- -- (Changer)
DRV - [2008/11/20 12:49:04 | 000,400,864 | ---- | M] (Acronis) [Kernel | Boot] -- D:\WINDOWS\system32\drivers\timntr.sys -- (timounter)
DRV - [2008/11/20 12:49:04 | 000,032,768 | ---- | M] (Acronis) [File_System | Auto] -- D:\WINDOWS\system32\drivers\tifsfilt.sys -- (tifsfilter)
DRV - [2008/11/20 12:48:54 | 000,120,992 | ---- | M] (Acronis) [Kernel | Boot] -- D:\WINDOWS\system32\drivers\snapman.sys -- (snapman)
DRV - [2008/04/15 10:15:24 | 000,079,424 | ---- | M] (Avira GmbH) [Kernel | System] -- D:\WINDOWS\system32\drivers\avipbb.sys -- (avipbb)
DRV - [2008/04/15 10:15:24 | 000,049,472 | ---- | M] (Avira GmbH) [File_System | On_Demand] -- D:\Programme\AntiVir PersonalEdition Classic\avgntflt.sys -- (avgntflt)
DRV - [2008/04/15 10:15:24 | 000,021,248 | ---- | M] (AVIRA GmbH) [Kernel | On_Demand] -- D:\WINDOWS\system32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2007/10/28 10:35:14 | 000,583,128 | ---- | M] (Protect Software GmbH) [Kernel | Auto] -- D:\WINDOWS\system32\drivers\ACEDRV10.sys -- (acedrv10)
DRV - [2007/10/26 08:53:46 | 000,250,560 | ---- | M] (Protect Software GmbH) [Kernel | Auto] -- D:\WINDOWS\system32\drivers\acehlp10.sys -- (acehlp10)
DRV - [2007/08/31 15:07:50 | 000,407,328 | ---- | M] (Sensaura) [Kernel | On_Demand] -- D:\WINDOWS\system32\drivers\dmxsens.sys -- (dmxsens)
DRV - [2007/08/31 15:07:40 | 000,099,680 | ---- | M] (Terratec Electronic GmbH) [Kernel | On_Demand] -- D:\WINDOWS\system32\drivers\dmx6fire.sys -- (dmxfire)
DRV - [2007/08/21 21:07:40 | 002,417,664 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand] -- D:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2007/06/14 06:41:00 | 000,466,048 | R--- | M] (LITEON) [Kernel | On_Demand] -- D:\WINDOWS\system32\drivers\Ltn_stk7070P.sys -- (Ltn_stk7070P)
DRV - [2007/06/13 11:30:20 | 000,013,440 | R--- | M] (LITEON) [Kernel | On_Demand] -- D:\WINDOWS\system32\drivers\Ltn_stkrc.sys -- (Ltn_stkrc)
DRV - [2007/04/22 02:06:36 | 000,011,840 | ---- | M] (Avira GmbH) [Kernel | System] -- D:\Programme\AntiVir PersonalEdition Classic\avgio.sys -- (avgio)
DRV - [2007/03/08 17:02:10 | 000,394,192 | ---- | M] (Zone Labs, LLC) [Kernel | System] -- D:\WINDOWS\system32\vsdatant.sys -- (vsdatant)
DRV - [2007/03/01 04:27:26 | 004,484,608 | R--- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand] -- D:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2007/01/17 22:39:20 | 000,050,416 | ---- | M] (Zone Labs, LLC) [Kernel | Boot] -- D:\WINDOWS\system32\ZoneLabs\srescan.sys -- (srescan)
DRV - [2006/10/17 07:22:26 | 000,009,216 | R--- | M] (VIA Technologies, Inc.) [Kernel | Boot] -- D:\WINDOWS\system32\drivers\videX32.sys -- (videX32)
DRV - [2006/10/11 07:10:30 | 000,008,864 | ---- | M] () [Kernel | Auto] -- D:\WINDOWS\system32\drivers\CDAC15BA.SYS -- (CdaC15BA)
DRV - [2006/01/25 09:14:06 | 000,472,644 | ---- | M] (Hauppauge Computer Works) [Kernel | On_Demand] -- D:\WINDOWS\system32\drivers\HCWBT8xx.sys -- (HCWBT8XX)
DRV - [2006/01/09 20:47:28 | 000,031,846 | ---- | M] () [Kernel | System] -- D:\WINDOWS\system32\ckldrv.sys -- (NetworkX)
DRV - [2004/08/03 20:08:36 | 000,013,824 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand] -- D:\WINDOWS\system32\drivers\atinmdxx.sys -- (MVDCODEC)
DRV - [2004/08/03 20:08:30 | 000,105,984 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand] -- D:\WINDOWS\system32\drivers\atinrvxx.sys -- (atinrvxx)
DRV - [2004/08/03 16:10:14 | 000,015,360 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- D:\WINDOWS\system32\drivers\MPE.sys -- (MPE)
DRV - [2004/08/03 16:08:22 | 000,010,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- D:\WINDOWS\system32\drivers\gameenum.sys -- (gameenum)
DRV - [2004/08/03 16:07:46 | 000,223,616 | ---- | M] (Microsoft Corporation) [Kernel | System] -- D:\WINDOWS\system32\drivers\tcpip6.sys -- (Tcpip6)
DRV - [2004/08/03 15:31:34 | 000,020,992 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand] -- D:\WINDOWS\system32\drivers\rtl8139.sys -- (rtl8139) NT-Treiber für Realtek RTL8139(A/B/C)
DRV - [2004/03/22 09:40:38 | 000,040,448 | R--- | M] (Susteen Inc.) [Kernel | On_Demand] -- D:\WINDOWS\system32\drivers\SUSCOM.SYS -- (SUSCOM)
DRV - [2003/09/16 04:00:10 | 000,019,153 | R--- | M] (FTDI Ltd.) [Kernel | On_Demand] -- D:\WINDOWS\system32\drivers\ftdibus.sys -- (FTDIBUS)
DRV - [2003/09/16 04:00:02 | 000,006,828 | R--- | M] (FTDI Ltd.) [Kernel | On_Demand] -- D:\WINDOWS\system32\drivers\ftlund.sys -- (FTLUND)
DRV - [2003/09/16 03:59:54 | 000,050,396 | R--- | M] (FTDI Ltd.) [Kernel | On_Demand] -- D:\WINDOWS\system32\drivers\ftser2k.sys -- (FTSER2K)
DRV - [2003/09/05 10:30:32 | 000,011,776 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand] -- D:\Dokumente und Einstellungen\All Users\Dokumente\Eigene Bilder\ATI BIOS\WinFlash\ATIXPGAA.SYS -- (ATIXPGAA)
DRV - [2002/08/13 08:27:22 | 000,074,338 | ---- | M] (3Com Corporation) [Kernel | On_Demand] -- D:\WINDOWS\system32\drivers\el90Xbc5.SYS -- (EL90Xbc)
DRV - [2001/08/17 07:00:04 | 000,002,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- D:\WINDOWS\system32\drivers\msmpu401.sys -- (ms_mpu401)
DRV - [2001/08/17 06:51:32 | 000,018,688 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- D:\WINDOWS\system32\drivers\irsir.sys -- (irsir)
DRV - [2001/08/10 00:00:00 | 000,003,252 | ---- | M] () [Kernel | System] -- D:\WINDOWS\System32\drivers\PQNTDRV.SYS -- (PQNTDrv)
========== Standard Registry (All) ==========
========== Internet Explorer ==========
IE - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
IE - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
IE - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
IE - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home
IE - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = hxxp://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
IE - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\gast_ON_D\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\ich_ON_D\Software\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKU\ich_ON_D\Software\Microsoft\Internet Explorer\Main,Page_Transitions = 1
IE - HKU\ich_ON_D\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
IE - HKU\ich_ON_D\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
IE - HKU\ich_ON_D\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - D:\WINDOWS\system32\shdocvw.dll (Microsoft Corporation)
IE - HKU\ich_ON_D\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\LocalService_ON_D\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\NetworkService_ON_D\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\systemprofile_ON_D\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.search.update: false
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "hxxp://www.kabeldeutschland.de/portal"
FF - prefs.js..network.proxy.ftp:
FF - prefs.js..network.proxy.ftp_port:
FF - prefs.js..network.proxy.gopher:
FF - prefs.js..network.proxy.gopher_port:
FF - prefs.js..network.proxy.http:
FF - prefs.js..network.proxy.http_port:
FF - prefs.js..network.proxy.no_proxies_on:
FF - prefs.js..network.proxy.socks:
FF - prefs.js..network.proxy.socks_port:
FF - prefs.js..network.proxy.ssl:
FF - prefs.js..network.proxy.ssl_port:
FF - prefs.js..network.proxy.type: 0
FF - prefs.js..network.proxy.autoconfig_url:
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: D:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@pack.google.com/Google Updater;version=13: D:\Programme\Google\Google Updater\2.4.1399.3742\npCIDetect13.dll (Google)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 2.0\extensions\\Components: D:\Mozilla\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 2.0\extensions\\Plugins: D:\Mozilla\Mozilla Firefox\plugins
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 2.0.0.12\extensions\\Components: D:\MOZILLA\MOZILL~2\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 2.0.0.12\extensions\\Plugins: D:\MOZILLA\MOZILL~2\Mozilla Firefox\plugins
[2008/12/26 02:06:54 | 000,000,000 | ---D | M] (No name found) -- D:\Dokumente und Einstellungen\ich\Anwendungsdaten\mozilla\Extensions
[2008/12/26 02:06:54 | 000,000,000 | ---D | M] (No name found) -- D:\Dokumente und Einstellungen\ich\Anwendungsdaten\mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
[2006/08/26 12:21:26 | 000,000,000 | ---D | M] (No name found) -- D:\Dokumente und Einstellungen\ich\Anwendungsdaten\mozilla\Firefox\Profiles\b73q4pp9.default\extensions
[2007/02/05 07:05:08 | 000,000,000 | ---D | M] (Adblock Plus) -- D:\Dokumente und Einstellungen\ich\Anwendungsdaten\mozilla\Firefox\Profiles\b73q4pp9.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}(2)
[2003/07/14 15:56:52 | 000,013,888 | ---- | M] (Microsoft Corporation) -- D:\Programme\mozilla firefox\plugins\NPOFFICE.DLL
[2006/09/01 03:56:06 | 000,139,305 | ---- | M] (RealNetworks, Inc.) -- D:\Programme\mozilla firefox\plugins\nppl3260.dll
[2006/09/01 03:56:22 | 000,024,621 | ---- | M] (RealNetworks, Inc.) -- D:\Programme\mozilla firefox\plugins\nprjplug.dll
[2006/09/01 03:56:02 | 000,081,967 | ---- | M] (RealNetworks, Inc.) -- D:\Programme\mozilla firefox\plugins\nprpjplug.dll
[2006/06/22 06:44:58 | 002,078,344 | ---- | M] () -- D:\Programme\mozilla firefox\plugins\NPSWF32.dll
O1 HOSTS File: ([2001/09/04 10:34:58 | 000,000,820 | ---- | M]) - D:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (AcroIEHlprObj Class) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - File not found
O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - File not found
O2 - BHO: (AcroIEToolbarHelper Class) - {AE7CD045-E861-484f-8273-0445EE161910} - File not found
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - D:\Programme\Google\GoogleToolbarNotifier\5.0.926.3450\swg.dll (Google Inc.)
O2 - BHO: (MSN Toolbar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - D:\Programme\MSN\Toolbar\3.0.0744.0\msneshellx.dll (Microsoft Corp.)
O3 - HKLM\..\Toolbar: (MSN Toolbar) - {1E61ED7C-7CB8-49d6-B9E9-AB4C880C8414} - D:\Programme\MSN\Toolbar\3.0.0744.0\msneshellx.dll (Microsoft Corp.)
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - File not found
O3 - HKU\ich_ON_D\..\Toolbar\ShellBrowser: (&Adresse) - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - D:\WINDOWS\system32\browseui.dll (Microsoft Corporation)
O3 - HKU\ich_ON_D\..\Toolbar\WebBrowser: (&Adresse) - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - D:\WINDOWS\system32\browseui.dll (Microsoft Corporation)
O3 - HKU\ich_ON_D\..\Toolbar\WebBrowser: (&Links) - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - D:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O3 - HKU\ich_ON_D\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - File not found
O4 - HKU\.DEFAULT..\Run: [CTFMON.EXE] D:\WINDOWS\system32\ctfmon.exe (Microsoft Corporation)
O4 - HKU\gast_ON_D..\Run: [CTFMON.EXE] D:\WINDOWS\system32\ctfmon.exe (Microsoft Corporation)
O4 - HKU\LocalService_ON_D..\Run: [CTFMON.EXE] D:\WINDOWS\system32\ctfmon.exe (Microsoft Corporation)
O4 - HKU\NetworkService_ON_D..\Run: [CTFMON.EXE] D:\WINDOWS\system32\ctfmon.exe (Microsoft Corporation)
O4 - HKU\systemprofile_ON_D..\Run: [CTFMON.EXE] D:\WINDOWS\system32\ctfmon.exe (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\gast_ON_D\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\ich_ON_D\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 95
O7 - HKU\LocalService_ON_D\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\NetworkService_ON_D\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\systemprofile_ON_D\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9 - Extra 'Tools' menuitem : Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - File not found
O9 - Extra Button: Recherchieren - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - File not found
O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Programme\Messenger\msmsgs.exe (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Programme\Messenger\msmsgs.exe (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - D:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - D:\WINDOWS\system32\winrnr.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - D:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - D:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - D:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - D:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - D:\WINDOWS\system32\rsvpsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - D:\WINDOWS\system32\rsvpsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - D:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - D:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - D:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - D:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - D:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - D:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - D:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - D:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - D:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - D:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000016 - D:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000017 - D:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000018 - D:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - D:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000020 - D:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000021 - D:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000022 - D:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000023 - D:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000024 - D:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000025 - D:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000026 - D:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000027 - D:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000028 - D:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000029 - D:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000030 - D:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000031 - D:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000032 - D:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000033 - D:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000034 - D:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000035 - D:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000036 - D:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000037 - D:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000038 - D:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000039 - D:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000040 - D:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000041 - D:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O16 - DPF: {33564D57-0000-0010-8000-00AA00389B71} hxxp://download.microsoft.com/download/F/6/E/F6E491A6-77E1-4E20-9F5F-94901338C922/wmv9VCM.CAB (Reg Error: Key error.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_02-windows-i586.cab (Java Plug-in 1.6.0_02)
O16 - DPF: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_02-windows-i586.cab (Java Plug-in 1.6.0_02)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_02-windows-i586.cab (Java Plug-in 1.6.0_02)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload.macromedia.com/get/flashplayer/current/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 83.169.184.161 83.169.184.225
O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - D:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - D:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - D:\WINDOWS\system32\msvidctl.dll (Microsoft Corporation)
O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - D:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - D:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\gopher {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - D:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\haufereader - No CLSID value found
O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - D:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - D:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - D:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - D:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - D:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - D:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp - No CLSID value found
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - D:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - D:\WINDOWS\system32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - D:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\lid {5C135180-9973-46D9-ABF4-148267CBB8BF} - D:\WINDOWS\system32\msvidctl.dll (Microsoft Corporation)
O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - D:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - D:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - D:\WINDOWS\system32\inetcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - D:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp - No CLSID value found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - D:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - D:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - D:\WINDOWS\system32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - D:\Programme\Gemeinsame Dateien\Microsoft Shared\Web Components\10\OWC10.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - D:\Programme\Gemeinsame Dateien\Microsoft Shared\Web Components\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - D:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\sysimage {76E67A63-06E9-11D2-A840-006008059382} - D:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - D:\WINDOWS\system32\msvidctl.dll (Microsoft Corporation)
O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - D:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\wia {13F3EA8B-91D7-4F0A-AD76-D2853AC8BECE} - D:\WINDOWS\system32\wiascr.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - D:\WINDOWS\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - D:\WINDOWS\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - D:\WINDOWS\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\Class Install Handler {32B533BB-EDAE-11d0-BD5A-00AA00B92AF1} - D:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\deflate {8f6b0360-b80d-11d0-a9b3-006097942311} - D:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\gzip {8f6b0360-b80d-11d0-a9b3-006097942311} - D:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\lzdhtml {8f6b0360-b80d-11d0-a9b3-006097942311} - D:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/webviewhtml {733AC4CB-F1A4-11d0-B951-00A0C90312E1} - D:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - D:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - D:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - D:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UIHost - (logonui.exe) - D:\WINDOWS\System32\logonui.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (rundll32 shell32) - D:\WINDOWS\System32\shell32.dll (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (Control_RunDLL "sysdm.cpl") - D:\WINDOWS\System32\sysdm.cpl (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - D:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O20 - Winlogon\Notify\crypt32chain: DllName - crypt32.dll - D:\WINDOWS\System32\crypt32.dll (Microsoft Corporation)
O20 - Winlogon\Notify\cryptnet: DllName - cryptnet.dll - D:\WINDOWS\System32\cryptnet.dll (Microsoft Corporation)
O20 - Winlogon\Notify\cscdll: DllName - cscdll.dll - D:\WINDOWS\System32\cscdll.dll (Microsoft Corporation)
O20 - Winlogon\Notify\ScCertProp: DllName - wlnotify.dll - D:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\Schedule: DllName - wlnotify.dll - D:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\sclgntfy: DllName - sclgntfy.dll - D:\WINDOWS\System32\sclgntfy.dll (Microsoft Corporation)
O20 - Winlogon\Notify\SensLogn: DllName - WlNotify.dll - D:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\termsrv: DllName - wlnotify.dll - D:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\wlballoon: DllName - wlnotify.dll - D:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O21 - SSODL: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} - D:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O21 - SSODL: PostBootReminder - {7849596a-48ea-486e-8937-a2a3009f31a9} - D:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O21 - SSODL: SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} - D:\WINDOWS\system32\stobject.dll (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - D:\WINDOWS\system32\webcheck.dll (Microsoft Corporation)
O22 - SharedTaskScheduler: {438755C2-A8BA-11D1-B96B-00A0C90312E1} - Browseui preloader - D:\WINDOWS\system32\browseui.dll (Microsoft Corporation)
O22 - SharedTaskScheduler: {8C7461EF-2B13-11d2-BE35-3078302C2030} - Component Categories cache daemon - D:\WINDOWS\system32\browseui.dll (Microsoft Corporation)
O24 - Desktop Components:0 (Die derzeitige Homepage) - About:Home
O24 - Desktop WallPaper:
O24 - Desktop BackupWallPaper:
O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - D:\WINDOWS\System32\shell32.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (msapsspc.dll) - D:\WINDOWS\System32\msapsspc.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (schannel.dll) - D:\WINDOWS\System32\schannel.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (digest.dll) - D:\WINDOWS\System32\digest.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (msnsspc.dll) - D:\WINDOWS\System32\msnsspc.dll (Microsoft Corporation)
O30 - LSA: Authentication Packages - (msv1_0) - D:\WINDOWS\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Authentication Packages - (relog_ap) - D:\WINDOWS\System32\relog_ap.dll (Acronis)
O30 - LSA: Security Packages - (kerberos) - D:\WINDOWS\System32\kerberos.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (msv1_0) - D:\WINDOWS\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (schannel) - D:\WINDOWS\System32\schannel.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (wdigest) - D:\WINDOWS\System32\wdigest.dll (Microsoft Corporation)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/08/26 07:04:08 | 000,000,000 | ---- | M] () - D:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2006/03/24 06:06:41 | 000,000,053 | R--- | M] () - X:\AUTORUN.INF -- [ CDFS ]
O33 - MountPoints2\{47ace141-6476-11dc-a858-806d6172696f}\Shell - "" = AutoRun
O33 - MountPoints2\{47ace141-6476-11dc-a858-806d6172696f}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{47ace141-6476-11dc-a858-806d6172696f}\Shell\AutoRun\command - "" = H:\Bin\assetup.exe
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O34 - HKLM BootExecute: (OODBS) - D:\WINDOWS\System32\OODBS.exe (O&O Software GmbH)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 30 Days ==========
[2013/01/29 13:02:44 | 000,000,000 | ---D | C] -- D:\_OTL
[2008/03/14 09:18:02 | 000,089,680 | ---- | C] (Microsoft Corporation) -- D:\Dokumente und Einstellungen\ich\MSSSerif120.fon
========== Files - Modified Within 30 Days ==========
[2013/01/31 20:08:14 | 000,786,432 | ---- | M] () -- D:\Dokumente und Einstellungen\gast\ntuser.dat
========== Files Created - No Company Name ==========
[2008/12/23 13:01:33 | 000,502,784 | ---- | C] () -- D:\WINDOWS\x2.64.exe
[2008/12/23 13:01:33 | 000,240,128 | ---- | C] () -- D:\WINDOWS\System32\x.264.exe
[2008/12/23 13:01:33 | 000,217,073 | ---- | C] () -- D:\WINDOWS\meta4.exe
[2008/12/23 13:01:33 | 000,066,560 | ---- | C] () -- D:\WINDOWS\MOTA113.exe
[2008/12/23 13:01:33 | 000,027,648 | ---- | C] () -- D:\WINDOWS\System32\AVSredirect.dll
[2008/12/10 11:19:18 | 000,000,109 | ---- | C] () -- D:\WINDOWS\oodcnt.INI
[2008/12/10 10:49:55 | 000,000,223 | ---- | C] () -- D:\Dokumente und Einstellungen\ich\Goya.ini
[2008/12/10 10:49:23 | 000,000,046 | ---- | C] () -- D:\WINDOWS\Goya.INI
[2008/12/04 10:42:18 | 006,815,744 | ---- | C] () -- D:\Dokumente und Einstellungen\ich\ntuser.dat
[2008/11/19 12:33:50 | 000,000,164 | ---- | C] () -- D:\WINDOWS\RECMGRUN.INI
[2008/11/19 12:32:53 | 000,003,455 | ---- | C] () -- D:\WINDOWS\RECVCALL.INI
[2008/11/18 11:53:32 | 000,000,004 | ---- | C] () -- D:\WINDOWS\vx86036.dat
[2008/11/18 11:53:23 | 000,000,067 | ---- | C] () -- D:\WINDOWS\Crypkey.ini
[2008/11/18 11:53:20 | 000,031,846 | ---- | C] () -- D:\WINDOWS\System32\Ckldrv.sys
[2008/11/18 11:53:20 | 000,027,648 | R--- | C] () -- D:\WINDOWS\Setup_ck.exe
[2008/11/18 11:53:20 | 000,018,432 | ---- | C] () -- D:\WINDOWS\Setup_ck.dll
[2008/11/18 11:53:20 | 000,011,776 | ---- | C] () -- D:\WINDOWS\Ckrfresh.exe
[2008/11/16 04:02:14 | 000,000,425 | ---- | C] () -- D:\WINDOWS\BRWMARK.INI
[2008/11/16 04:02:14 | 000,000,027 | ---- | C] () -- D:\WINDOWS\BRPP2KA.INI
[2008/11/16 03:59:10 | 000,000,050 | ---- | C] () -- D:\WINDOWS\System32\bridf07a.dat
[2008/11/16 03:58:08 | 000,106,496 | ---- | C] () -- D:\WINDOWS\System32\BrMuSNMP.dll
[2008/05/17 11:21:37 | 002,189,354 | -H-- | C] () -- D:\Dokumente und Einstellungen\ich\Lokale Einstellungen\Anwendungsdaten\IconCache.db
[2008/05/17 10:49:05 | 000,077,460 | ---- | C] () -- D:\WINDOWS\DIHELP.DAT
[2008/05/17 10:49:05 | 000,038,450 | ---- | C] () -- D:\WINDOWS\PQDI.exe
[2008/05/12 13:39:53 | 000,120,200 | ---- | C] () -- D:\WINDOWS\System32\DLLDEV32i.dll
[2008/05/12 13:38:22 | 000,006,768 | ---- | C] () -- D:\WINDOWS\mgxoschk.ini
[2008/05/04 11:08:49 | 000,020,480 | ---- | C] () -- D:\WINDOWS\System32\CPUINFO2.DLL
[2008/04/19 04:24:24 | 000,049,152 | R--- | C] () -- D:\WINDOWS\System32\ChCfg.exe
[2008/04/11 11:00:16 | 000,036,864 | ---- | C] () -- D:\WINDOWS\Algoui.exe
[2008/04/10 12:14:51 | 000,049,152 | RH-- | C] () -- D:\WINDOWS\System32\CoInst.dll
[2008/03/15 02:50:36 | 000,164,352 | ---- | C] () -- D:\WINDOWS\System32\unrar.dll
[2008/03/15 02:50:35 | 000,755,027 | ---- | C] () -- D:\WINDOWS\System32\xvidcore.dll
[2008/03/15 02:50:34 | 000,159,839 | ---- | C] () -- D:\WINDOWS\System32\xvidvfw.dll
[2008/03/15 02:50:33 | 000,007,680 | ---- | C] () -- D:\WINDOWS\System32\ff_vfw.dll
[2008/03/15 02:50:33 | 000,000,547 | ---- | C] () -- D:\WINDOWS\System32\ff_vfw.dll.manifest
[2008/02/16 10:56:28 | 000,000,038 | ---- | C] () -- D:\WINDOWS\AviSplitter.INI
[2008/02/10 11:54:09 | 000,035,328 | ---- | C] () -- D:\WINDOWS\System32\cygz.dll
[2008/02/10 11:54:09 | 000,035,328 | ---- | C] () -- D:\WINDOWS\cygz.dll
[2007/12/24 04:43:11 | 000,363,520 | ---- | C] () -- D:\WINDOWS\System32\PsisDecd.dll
[2007/11/16 11:46:44 | 000,786,432 | ---- | C] () -- D:\Dokumente und Einstellungen\gast\ntuser.dat
[2007/10/27 12:45:03 | 001,284,280 | ---- | C] () -- D:\WINDOWS\System32\XMNT2001.EXE
[2007/10/27 12:45:03 | 000,003,252 | ---- | C] () -- D:\WINDOWS\System32\drivers\PQNTDRV.SYS
[2007/10/16 11:26:41 | 000,069,632 | R--- | C] () -- D:\WINDOWS\System32\xmltok.dll
[2007/10/16 11:26:41 | 000,036,864 | R--- | C] () -- D:\WINDOWS\System32\xmlparse.dll
[2007/10/05 10:54:38 | 000,000,245 | ---- | C] () -- D:\WINDOWS\System32\regupdate.ini
[2007/09/18 20:21:28 | 000,009,384 | ---- | C] () -- D:\WINDOWS\Irremote.ini
[2007/09/18 19:50:55 | 000,593,920 | ---- | C] () -- D:\WINDOWS\System32\ati2sgag.exe
[2007/08/21 20:35:20 | 003,107,788 | ---- | C] () -- D:\WINDOWS\System32\ativvaxx.dat
[2007/08/21 20:35:20 | 003,107,788 | ---- | C] () -- D:\WINDOWS\System32\ativva5x.dat
[2007/08/21 20:35:20 | 000,972,072 | ---- | C] () -- D:\WINDOWS\System32\ativva6x.dat
[2007/08/03 05:28:35 | 000,002,508 | ---- | C] () -- D:\Dokumente und Einstellungen\gast\Anwendungsdaten\$_hpcst$.hpc
[2007/08/02 11:29:36 | 000,002,508 | ---- | C] () -- D:\Dokumente und Einstellungen\ich\Anwendungsdaten\$_hpcst$.hpc
[2007/07/05 10:48:35 | 000,000,092 | R--- | C] () -- D:\WINDOWS\System32\ftdiun2k.ini
[2007/06/07 14:10:48 | 000,020,480 | ---- | C] () -- D:\WINDOWS\System32\ac3config.exe
[2007/05/06 06:01:21 | 000,003,133 | ---- | C] () -- D:\WINDOWS\tm.ini
[2007/03/31 03:20:28 | 000,022,168 | ---- | C] () -- D:\WINDOWS\System32\imsinstall_loc0407.dll
[2007/03/31 03:20:28 | 000,018,072 | ---- | C] () -- D:\WINDOWS\System32\imslsp_install_loc0407.dll
[2007/02/14 12:21:26 | 000,796,584 | ---- | C] () -- D:\WINDOWS\System32\libeay32_0.9.6l.dll
[2007/02/13 10:00:56 | 000,233,868 | ---- | C] () -- D:\Dokumente und Einstellungen\All Users\Anwendungsdaten\firstlsp.reg.dat
[2007/02/07 06:30:09 | 000,000,161 | ---- | C] () -- D:\WINDOWS\wininit.ini
[2007/01/29 09:20:32 | 001,048,576 | ---- | C] () -- D:\WINDOWS\System32\SFMAN.DAT
[2006/12/19 03:50:26 | 002,244,084 | ---- | C] () -- D:\Dokumente und Einstellungen\gast\Gaggia Bedienungsanleitung.pdf
[2006/11/02 10:10:16 | 000,080,912 | ---- | C] () -- D:\WINDOWS\System32\sherlock2.exe
[2006/11/01 08:11:21 | 000,689,280 | ---- | C] () -- D:\WINDOWS\System32\aswBoot.exe
[2006/10/30 11:15:03 | 000,006,067 | ---- | C] () -- D:\WINDOWS\Unwise32.ini
[2006/10/30 11:15:02 | 000,148,992 | ---- | C] () -- D:\WINDOWS\Unwise32.exe
[2006/10/30 11:12:57 | 000,369,152 | ---- | C] () -- D:\Programme\Rufid.exe
[2006/10/30 11:12:01 | 000,000,092 | ---- | C] () -- D:\WINDOWS\KTEL.INI
[2006/10/11 07:10:29 | 000,008,864 | ---- | C] () -- D:\WINDOWS\System32\drivers\CDAC15BA.SYS
[2006/10/11 06:46:55 | 000,000,070 | ---- | C] () -- D:\WINDOWS\Ulead32.INI
[2006/09/20 03:19:12 | 000,000,116 | ---- | C] () -- D:\WINDOWS\NeroDigital.ini
[2006/09/07 07:34:16 | 000,154,624 | ---- | C] () -- D:\Dokumente und Einstellungen\ich\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2006/09/07 07:32:07 | 000,000,305 | ---- | C] () -- D:\Dokumente und Einstellungen\All Users\Anwendungsdaten\addr_file.html
[2006/09/05 09:38:38 | 000,000,020 | -HS- | C] () -- D:\Dokumente und Einstellungen\gast\ntuser.ini
[2006/09/04 13:29:45 | 000,000,514 | ---- | C] () -- D:\WINDOWS\ODBC.INI
[2006/08/31 06:04:05 | 000,005,824 | ---- | C] () -- D:\WINDOWS\System32\drivers\ASUSHWIO.SYS
[2006/08/31 04:15:11 | 000,000,407 | ---- | C] () -- D:\Programme\Verknüpfung (2) mit Outlook Express.lnk
[2006/08/31 04:14:36 | 000,000,407 | ---- | C] () -- D:\Programme\Verknüpfung mit Outlook Express.lnk
[2006/08/30 12:36:08 | 000,285,216 | ---- | C] () -- D:\WINDOWS\System32\drivers\Onsio.sys
[2006/08/30 12:36:08 | 000,007,680 | ---- | C] () -- D:\WINDOWS\System32\drivers\Onsreged.sys
[2006/08/28 14:33:53 | 000,004,212 | -H-- | C] () -- D:\WINDOWS\System32\zllictbl.dat
[2006/08/28 12:19:29 | 000,069,224 | ---- | C] () -- D:\Dokumente und Einstellungen\ich\Lokale Einstellungen\Anwendungsdaten\GDIPFONTCACHEV1.DAT
[2006/08/28 12:12:05 | 000,186,368 | ---- | C] () -- D:\WINDOWS\System32\encdec.dll
[2006/08/28 12:12:04 | 000,081,920 | ---- | C] () -- D:\WINDOWS\System32\ieencode.dll
[2006/08/28 12:12:02 | 000,270,848 | ---- | C] () -- D:\WINDOWS\System32\sbe.dll
[2006/08/26 13:43:41 | 000,262,144 | ---- | C] () -- D:\WINDOWS\system32\config\systemprofile\ntuser.dat
[2006/08/26 13:05:53 | 000,000,552 | ---- | C] () -- D:\WINDOWS\System32\d3d8caps.dat
[2006/08/26 12:21:25 | 000,000,000 | ---- | C] () -- D:\WINDOWS\nsreg.dat
[2006/08/26 12:21:16 | 000,003,418 | ---- | C] () -- D:\WINDOWS\mozver.dat
[2006/08/26 11:08:52 | 000,004,831 | ---- | C] () -- D:\WINDOWS\Ascd_tmp.ini
[2006/08/26 11:01:39 | 000,000,300 | -HS- | C] () -- D:\Dokumente und Einstellungen\ich\ntuser.ini
[2006/08/26 10:53:11 | 000,000,020 | -HS- | C] () -- D:\Dokumente und Einstellungen\LocalService\ntuser.ini
[2006/08/26 10:53:10 | 000,253,952 | ---- | C] () -- D:\Dokumente und Einstellungen\NetworkService\NTUSER.DAT
[2006/08/26 10:53:10 | 000,253,952 | ---- | C] () -- D:\Dokumente und Einstellungen\LocalService\NTUSER.DAT
[2006/08/26 10:53:10 | 000,000,190 | -HS- | C] () -- D:\Dokumente und Einstellungen\NetworkService\ntuser.ini
[2006/08/26 07:07:34 | 000,002,048 | --S- | C] () -- D:\WINDOWS\bootstat.dat
[2006/08/26 07:04:07 | 000,000,000 | ---- | C] () -- D:\WINDOWS\control.ini
[2006/08/26 07:02:54 | 000,000,488 | RH-- | C] () -- D:\WINDOWS\System32\logonui.exe.manifest
[2006/08/26 07:02:48 | 000,000,749 | RH-- | C] () -- D:\WINDOWS\System32\cdplayer.exe.manifest
[2006/08/26 07:00:51 | 000,021,740 | ---- | C] () -- D:\WINDOWS\System32\emptyregdb.dat
[2006/08/26 07:00:41 | 000,000,037 | ---- | C] () -- D:\WINDOWS\vbaddin.ini
[2006/08/26 07:00:41 | 000,000,036 | ---- | C] () -- D:\WINDOWS\vb.ini
[2006/08/26 06:59:56 | 000,027,055 | ---- | C] () -- D:\WINDOWS\System32\tslabels.ini
[2006/08/26 06:59:54 | 000,003,999 | ---- | C] () -- D:\WINDOWS\System32\msdtcprf.ini
[2006/08/26 06:50:43 | 000,946,822 | ---- | C] () -- D:\WINDOWS\System32\PerfStringBackup.INI
[2006/08/26 06:50:42 | 000,004,161 | ---- | C] () -- D:\WINDOWS\ODBCINST.INI
[2006/08/26 06:49:46 | 000,286,112 | ---- | C] () -- D:\WINDOWS\System32\FNTCACHE.DAT
[2006/06/01 10:22:00 | 001,662,976 | ---- | C] () -- D:\WINDOWS\System32\nvwdmcpl.dll
[2006/06/01 10:22:00 | 001,519,616 | ---- | C] () -- D:\WINDOWS\System32\nwiz.exe
[2006/06/01 10:22:00 | 001,466,368 | ---- | C] () -- D:\WINDOWS\System32\nview.dll
[2006/06/01 10:22:00 | 001,339,392 | ---- | C] () -- D:\WINDOWS\System32\nvdspsch.exe
[2006/06/01 10:22:00 | 001,019,904 | ---- | C] () -- D:\WINDOWS\System32\nvwimg.dll
[2006/06/01 10:22:00 | 000,581,632 | ---- | C] () -- D:\WINDOWS\System32\nvhwvid.dll
[2006/06/01 10:22:00 | 000,466,944 | ---- | C] () -- D:\WINDOWS\System32\nvShell.dll
[2006/06/01 10:22:00 | 000,442,368 | ---- | C] () -- D:\WINDOWS\System32\nvAppBar.exe
[2006/06/01 10:22:00 | 000,425,984 | ---- | C] () -- D:\WINDOWS\System32\keystone.exe
[2006/06/01 10:22:00 | 000,286,720 | ---- | C] () -- D:\WINDOWS\System32\nvnt4cpl.dll
[2006/06/01 10:22:00 | 000,196,608 | ---- | C] () -- D:\WINDOWS\System32\NVAPI.DLL
[2006/04/28 15:05:14 | 000,156,671 | ---- | C] () -- D:\WINDOWS\System32\atiicdxx.dat
[2004/08/02 07:20:40 | 000,004,569 | ---- | C] () -- D:\WINDOWS\System32\secupd.dat
[2003/02/20 10:53:42 | 000,005,702 | ---- | C] () -- D:\WINDOWS\System32\OUTLPERF.INI
[2001/10/10 01:57:58 | 000,073,786 | ---- | C] () -- D:\WINDOWS\System32\dntvmc23.dll
[2001/10/10 01:57:58 | 000,061,497 | ---- | C] () -- D:\WINDOWS\System32\dntvm23.dll
[2001/09/04 10:36:15 | 000,013,312 | ---- | C] () -- D:\WINDOWS\System32\win87em.dll
[2001/09/04 10:36:14 | 000,001,345 | ---- | C] () -- D:\WINDOWS\win.ini
[2001/09/04 10:36:11 | 000,001,157 | ---- | C] () -- D:\WINDOWS\System32\vwipxspx.exe
[2001/09/04 10:36:04 | 000,015,360 | ---- | C] () -- D:\WINDOWS\System32\tsd32.dll
[2001/09/04 10:36:01 | 000,053,478 | ---- | C] () -- D:\WINDOWS\System32\tcpmon.ini
[2001/09/04 10:36:00 | 000,000,327 | ---- | C] () -- D:\WINDOWS\system.ini
[2001/09/04 10:35:49 | 000,011,903 | ---- | C] () -- D:\WINDOWS\System32\setver.exe
[2001/09/04 10:35:49 | 000,000,882 | ---- | C] () -- D:\WINDOWS\System32\share.exe
[2001/09/04 10:35:46 | 000,027,440 | ---- | C] () -- D:\WINDOWS\System32\drivers\secdrv.sys
[2001/09/04 10:35:46 | 000,010,240 | ---- | C] () -- D:\WINDOWS\System32\scriptpw.dll
[2001/09/04 10:35:45 | 000,017,241 | ---- | C] () -- D:\WINDOWS\System32\rsvp.ini
[2001/09/04 10:35:44 | 000,003,358 | ---- | C] () -- D:\WINDOWS\System32\redir.exe
[2001/09/04 10:35:43 | 000,006,287 | ---- | C] () -- D:\WINDOWS\System32\rasctrs.ini
[2001/09/04 10:35:42 | 000,733,696 | ---- | C] () -- D:\WINDOWS\System32\qedwipes.dll
[2001/09/04 10:35:42 | 000,014,060 | ---- | C] () -- D:\WINDOWS\System32\pschdprf.ini
[2001/09/04 10:35:37 | 000,000,369 | ---- | C] () -- D:\WINDOWS\System32\prodspec.ini
[2001/09/04 10:35:36 | 000,408,618 | ---- | C] () -- D:\WINDOWS\System32\perfh007.dat
[2001/09/04 10:35:36 | 000,395,200 | ---- | C] () -- D:\WINDOWS\System32\perfh009.dat
[2001/09/04 10:35:36 | 000,272,128 | ---- | C] () -- D:\WINDOWS\System32\perfi009.dat
[2001/09/04 10:35:36 | 000,269,480 | ---- | C] () -- D:\WINDOWS\System32\perfi007.dat
[2001/09/04 10:35:36 | 000,034,478 | ---- | C] () -- D:\WINDOWS\System32\perfd007.dat
[2001/09/04 10:35:36 | 000,028,626 | ---- | C] () -- D:\WINDOWS\System32\perfd009.dat
[2001/09/04 10:35:36 | 000,004,438 | ---- | C] () -- D:\WINDOWS\System32\perfci.ini
[2001/09/04 10:35:36 | 000,004,233 | ---- | C] () -- D:\WINDOWS\System32\perfwci.ini
[2001/09/04 10:35:36 | 000,001,783 | ---- | C] () -- D:\WINDOWS\System32\perffilt.ini
[2001/09/04 10:35:35 | 000,071,598 | ---- | C] () -- D:\WINDOWS\System32\perfc007.dat
[2001/09/04 10:35:35 | 000,059,440 | ---- | C] () -- D:\WINDOWS\System32\perfc009.dat
[2001/09/04 10:35:33 | 013,107,200 | ---- | C] () -- D:\WINDOWS\System32\oembios.bin
[2001/09/04 10:35:33 | 000,004,463 | ---- | C] () -- D:\WINDOWS\System32\oembios.dat
[2001/09/04 10:35:30 | 000,003,262 | ---- | C] () -- D:\WINDOWS\System32\nw16.exe
[2001/09/04 10:35:28 | 000,035,648 | ---- | C] () -- D:\WINDOWS\System32\ntio411.sys
[2001/09/04 10:35:28 | 000,035,424 | ---- | C] () -- D:\WINDOWS\System32\ntio412.sys
[2001/09/04 10:35:28 | 000,034,560 | ---- | C] () -- D:\WINDOWS\System32\ntio804.sys
[2001/09/04 10:35:28 | 000,034,560 | ---- | C] () -- D:\WINDOWS\System32\ntio404.sys
[2001/09/04 10:35:28 | 000,034,032 | ---- | C] () -- D:\WINDOWS\System32\ntio.sys
[2001/09/04 10:35:27 | 000,029,370 | ---- | C] () -- D:\WINDOWS\System32\ntdos411.sys
[2001/09/04 10:35:27 | 000,029,274 | ---- | C] () -- D:\WINDOWS\System32\ntdos412.sys
[2001/09/04 10:35:27 | 000,029,146 | ---- | C] () -- D:\WINDOWS\System32\ntdos804.sys
[2001/09/04 10:35:27 | 000,029,146 | ---- | C] () -- D:\WINDOWS\System32\ntdos404.sys
[2001/09/04 10:35:27 | 000,027,914 | ---- | C] () -- D:\WINDOWS\System32\ntdos.sys
[2001/09/04 10:35:26 | 000,007,084 | ---- | C] () -- D:\WINDOWS\System32\nlsfunc.exe
[2001/09/04 10:35:26 | 000,000,741 | ---- | C] () -- D:\WINDOWS\System32\noise.dat
[2001/09/04 10:35:24 | 000,002,656 | ---- | C] () -- D:\WINDOWS\System32\netware.drv
[2001/09/04 10:35:14 | 000,094,282 | ---- | C] () -- D:\WINDOWS\System32\msencode.dll
[2001/09/04 10:35:14 | 000,014,336 | ---- | C] () -- D:\WINDOWS\System32\msdmo.dll
[2001/09/04 10:35:14 | 000,001,405 | ---- | C] () -- D:\WINDOWS\msdfmap.ini
[2001/09/04 10:35:14 | 000,000,817 | ---- | C] () -- D:\WINDOWS\System32\mscdexnt.exe
[2001/09/04 10:35:12 | 000,021,542 | ---- | C] () -- D:\WINDOWS\System32\mqperf.ini
[2001/09/04 10:35:09 | 000,673,088 | ---- | C] () -- D:\WINDOWS\System32\mlang.dat
[2001/09/04 10:35:08 | 000,046,258 | ---- | C] () -- D:\WINDOWS\System32\mib.bin
[2001/09/04 10:35:08 | 000,039,546 | ---- | C] () -- D:\WINDOWS\System32\mem.exe
[2001/09/04 10:35:06 | 000,001,273 | ---- | C] () -- D:\WINDOWS\System32\loadfix.com
[2001/09/04 10:35:04 | 000,042,809 | ---- | C] () -- D:\WINDOWS\System32\key01.sys
[2001/09/04 10:35:04 | 000,042,537 | ---- | C] () -- D:\WINDOWS\System32\keyboard.sys
[2001/09/04 10:35:03 | 000,014,816 | ---- | C] () -- D:\WINDOWS\System32\kb16.com
[2001/09/04 10:35:02 | 000,199,168 | ---- | C] () -- D:\WINDOWS\System32\ir32_32.dll
[2001/09/04 10:34:56 | 000,019,726 | ---- | C] () -- D:\WINDOWS\System32\graphics.com
[2001/09/04 10:34:56 | 000,004,992 | ---- | C] () -- D:\WINDOWS\System32\himem.sys
[2001/09/04 10:34:52 | 000,000,882 | ---- | C] () -- D:\WINDOWS\System32\fastopen.exe
[2001/09/04 10:34:51 | 000,008,584 | ---- | C] () -- D:\WINDOWS\System32\exe2bin.exe
[2001/09/04 10:34:50 | 001,015,477 | ---- | C] () -- D:\WINDOWS\System32\esentprf.ini
[2001/09/04 10:34:49 | 000,071,022 | ---- | C] () -- D:\WINDOWS\System32\edit.com
[2001/09/04 10:34:49 | 000,013,026 | ---- | C] () -- D:\WINDOWS\System32\edlin.exe
[2001/09/04 10:34:48 | 000,218,003 | ---- | C] () -- D:\WINDOWS\System32\dssec.dat
[2001/09/04 10:34:24 | 000,054,128 | ---- | C] () -- D:\WINDOWS\System32\dosx.exe
[2001/09/04 10:34:22 | 000,021,210 | ---- | C] () -- D:\WINDOWS\System32\debug.exe
[2001/09/04 10:34:21 | 000,001,788 | ---- | C] () -- D:\WINDOWS\System32\Dcache.bin
[2001/09/04 10:34:18 | 000,027,097 | ---- | C] () -- D:\WINDOWS\System32\country.sys
[2001/09/04 10:34:17 | 000,253,440 | ---- | C] () -- D:\WINDOWS\System32\compatUI.dll
[2001/09/04 10:34:17 | 000,052,777 | ---- | C] () -- D:\WINDOWS\System32\command.com
[2001/09/04 10:34:06 | 000,012,610 | ---- | C] () -- D:\WINDOWS\System32\append.exe
[2001/09/04 10:34:06 | 000,009,032 | ---- | C] () -- D:\WINDOWS\System32\ansi.sys
[2001/09/04 10:34:05 | 000,070,656 | ---- | C] () -- D:\WINDOWS\System32\amstream.dll
[2001/08/17 21:54:50 | 000,057,856 | ---- | C] () -- D:\WINDOWS\System32\dvdplay.exe
[2001/08/17 21:54:08 | 000,157,696 | ---- | C] () -- D:\WINDOWS\System32\paqsp.dll
[2001/03/07 01:02:30 | 000,229,431 | ---- | C] () -- D:\WINDOWS\System32\dnt23.dll
[2000/09/13 19:03:00 | 000,000,145 | ---- | C] () -- D:\WINDOWS\System32\EBPPORT.DAT
========== LOP Check ==========
[2007/02/14 13:22:50 | 000,000,000 | ---D | M] -- D:\Dokumente und Einstellungen\All Users\Anwendungsdaten\AntiVir PersonalEdition Classic
[2008/12/06 11:49:02 | 000,000,000 | ---D | M] -- D:\Dokumente und Einstellungen\All Users\Anwendungsdaten\ashampoo
[2006/12/02 02:57:24 | 000,000,000 | ---D | M] -- D:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Avg7
[2007/04/20 01:57:10 | 000,000,000 | ---D | M] -- D:\Dokumente und Einstellungen\All Users\Anwendungsdaten\BTrieve
[2007/04/20 01:55:44 | 000,000,000 | ---D | M] -- D:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Haufe
[2007/04/20 01:57:02 | 000,000,000 | ---D | M] -- D:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Lexware
[2008/05/12 13:45:42 | 000,000,000 | ---D | M] -- D:\Dokumente und Einstellungen\All Users\Anwendungsdaten\MAGIX
[2008/11/20 12:53:04 | 000,000,000 | ---D | M] -- D:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Maxtor
[2007/03/31 02:56:00 | 000,000,000 | ---D | M] -- D:\Dokumente und Einstellungen\All Users\Anwendungsdaten\My Pictures
[2007/12/24 04:49:28 | 000,000,000 | ---D | M] -- D:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Pinnacle
[2006/08/27 07:18:54 | 000,000,000 | ---D | M] -- D:\Dokumente und Einstellungen\All Users\Anwendungsdaten\T-DSL SpeedManager
[2008/11/19 11:37:10 | 000,000,000 | ---D | M] -- D:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TEMP
[2006/09/02 05:44:10 | 000,000,000 | ---D | M] -- D:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Ulead Systems
========== Purity Check ==========
========== Files - Unicode (All) ==========
[2008/11/19 11:07:44 | 000,000,000 | ---D | M](D:\WINDOWS\System32\??????????) -- D:\WINDOWS\System32\粑۰粒۫粒⁃睌
[2008/11/19 11:07:43 | 000,000,000 | ---D | C](D:\WINDOWS\System32\??????????) -- D:\WINDOWS\System32\粑۰粒۫粒⁃睌
< End of report > Code:
OTL Extras logfile created on: 2/6/2013 4:12:21 PM - Run
OTLPE by OldTimer - Version 3.1.48.0 Folder = X:\Programs\OTLPE
Microsoft Windows XP Service Pack 2 (Version = 5.1.2600) - Type = SYSTEM
Internet Explorer (Version = 6.0.2900.2180)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
2.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 87.00% Memory free
2.00 Gb Paging File | 2.00 Gb Available in Paging File | 97.00% Paging File free
Paging file location(s): C:\pagefile.sys 3070 3070 [binary data]
%SystemDrive% = D: | %SystemRoot% = D:\WINDOWS | %ProgramFiles% = D:\Programme
Drive D: | 135.01 Gb Total Space | 113.71 Gb Free Space | 84.23% Space Free | Partition Type: NTFS
Drive F: | 410.15 Gb Total Space | 311.89 Gb Free Space | 76.04% Space Free | Partition Type: NTFS
Drive G: | 404.17 Gb Total Space | 273.50 Gb Free Space | 67.67% Space Free | Partition Type: NTFS
Drive H: | 99.96 Gb Total Space | 81.87 Gb Free Space | 81.90% Space Free | Partition Type: NTFS
Drive I: | 100.73 Gb Total Space | 35.54 Gb Free Space | 35.28% Space Free | Partition Type: NTFS
Drive J: | 130.07 Gb Total Space | 26.45 Gb Free Space | 20.34% Space Free | Partition Type: NTFS
Drive X: | 436.59 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
Computer Name: REATOGO | User Name: SYSTEM
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: Off | File Age = 30 Days
Using ControlSet: ControlSet005
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.html [@ = FirefoxHTML] -- D:\MOZILLA\MOZILL~2\MOZILL~1\FIREFOX.EXE -requestPending -osint -url "%1"
.url [@ = InternetShortcut] -- rundll32.exe shdocvw.dll,OpenURL %l
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Programme\Internet Explorer\iexplore.exe" -nohome
htmlfile [opennew] -- "C:\Programme\Internet Explorer\iexplore.exe" %1
http [open] -- D:\MOZILLA\MOZILL~2\MOZILL~1\FIREFOX.EXE -requestPending -osint -url "%1"
https [open] -- D:\MOZILLA\MOZILL~2\MOZILL~1\FIREFOX.EXE -requestPending -osint -url "%1"
InternetShortcut [open] -- rundll32.exe shdocvw.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- C:\Programme\VideoLAN\VLC\vlc.exe --started-from-file --playlist-enqueue "%1"
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- C:\Programme\VideoLAN\VLC\vlc.exe --started-from-file --no-playlist-enqueue "%1"
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Programme\Internet Explorer\iexplore.exe" %1
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Programme\Internet Explorer\iexplore.exe"
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"AntiVirusDisableNotify" = 1
"FirewallDisableNotify" = 1
"UpdatesDisableNotify" = 1
"AntiVirusOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
"DisableMonitoring" = 1
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet005\Services\Sr]
"Start" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet005\Services\SrService]
"Start" = 2
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet005\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet005\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet005\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet005\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22008
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet005\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet005\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"C:\WINDOWS\System32\ZoneLabs\vsmon.exe" = C:\WINDOWS\System32\ZoneLabs\vsmon.exe:*:Enabled:TrueVector Service -- (Zone Labs, LLC)
"C:\Programme\Sony Ericsson\Update Service\ma3platform.exe" = C:\Programme\Sony Ericsson\Update Service\ma3platform.exe:*:Enabled:ma3platform
"C:\WINDOWS\System32\dpvsetup.exe" = C:\WINDOWS\System32\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test -- (Microsoft Corporation)
"C:\WINDOWS\System32\RUNDLL32.EXE" = C:\WINDOWS\System32\RUNDLL32.EXE:*:Enabled:Eine DLL-Datei als Anwendung ausführen -- (Microsoft Corporation)
"D:\Programme\Active sync\wcescomm.exe" = D:\Programme\Active sync\wcescomm.exe:*:Enabled:ActiveSync Connection Manager
"C:\WINDOWS\Temp\KD_installer.exe" = C:\WINDOWS\Temp\KD_installer.exe:*:Enabled:Kabel Deutschland Installer
"C:\Programme\VideoLAN\VLC\vlc.exe" = C:\Programme\VideoLAN\VLC\vlc.exe:*:Enabled:VLC media player
"D:\Mozilla\Mozilla Firefox(2)\Mozilla Firefox\firefox.exe" = D:\Mozilla\Mozilla Firefox(2)\Mozilla Firefox\firefox.exe:*:Enabled:Mozilla Firefox
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{03A70F27-D80E-4A22-A1B4-1C878FC6056A}" = Sony Ericsson Mobile Networking Wizard
"{0DD140D3-9563-481E-AA75-BA457CBDAEF2}" = PC Inspector File Recovery
"{123D40B5-66EF-4F41-A2BA-0B74D0D1C8B3}" = Steuer 2006
"{1D14373E-7970-4F2F-A467-ACA4F0EA21E3}" = Google Earth
"{1E04F83B-2AB9-4301-9EF7-E86307F79C72}" = Google Earth
"{1E5007FA-DA5E-4EDD-BDE5-14D128D66887}" = PowerQuest PartitionMagic 7.0
"{20D4A895-748C-4D88-871C-FDB1695B0169}" = Platform
"{238B8820-011B-11D6-9C28-0080C85A0C2D}" = Transparency Adaptor Calibrator
"{2C4A5877-21D1-4A15-9D20-24BA54A24093}" = Playlist tool
"{3248F0A8-6813-11D6-A77B-00B0D0160020}" = Java(TM) 6 Update 2
"{332CC6BF-E6C7-48EE-BA3D-435E576AD67F}" = PaperPort Image Printer
"{345C90FB-FA10-11D5-9C2A-0080C85A0C2D}" = ABBYY FineReader OCR Engine
"{350C97B3-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3A33D692-8679-4142-94C7-0BB784B9B3A3}" = DMX 6fire 24/96 ControlPanel
"{3B7458C7-3F03-4415-AC39-D51EDEACDCCC}" = Steuer 2007
"{4BC211DD-2BBC-4CDF-AB43-3B93444617E0}" = Steuer 2006
"{4D400407-6332-4101-8C78-506C85813506}" = Sony Ericsson OCS
"{53480520-7555-470E-8C69-750B0472B4BB}" = O&O Defrag Professional Edition
"{544FB392-069D-4BA5-9DC7-FFD47230AEE5}" = Photohands 1.0G
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{59C95D15-5F24-435E-898D-3806961FC79D}" = Steuer 2006
"{5E8C42DD-7E43-462C-84CC-99E5BBE3E101}" = Steuer 2007
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD
"{70B45586-B51E-4947-A258-A895596C5CED}" = Photo Loader 2.3G
"{7131646D-CD3C-40F4-97B9-CD9E4E6262EF}" = Microsoft .NET Framework 2.0
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{757AD3D4-036B-42FA-B0A4-96BD6F4605A0}" = Ulead VideoStudio 7 SE DVD
"{7AA828F3-BD67-495E-9742-BD9C3F196E78}" = PC Suite
"{81A60A13-224D-4637-8203-3EAC03B121A4}" = Maxtor*MaxBlast
"{8FBC9407-713D-4B8A-98D2-57210DA56049}" = MSN Toolbar
"{90110407-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{9075FCA2-7B7E-46A3-841A-52519270C1B2}" = PowerQuest Drive Image 5.0
"{909B62B0-8ACA-4061-A83B-09CAEF609619}" = MSXML 6.0 Parser
"{95E0E6DC-C308-4C96-BEDB-68C75A32FAF8}_is1" = Tetris
"{97A4D873-47B9-454A-A567-8AFF41C07155}" = EasyRecovery DataRecovery
"{98613C99-1399-416C-A07C-1EE1C585D872}" = SeaTools for Windows
"{A074DE55-29EB-459C-99C9-3F26C5669ECB}" = EasyRecovery DataRecovery Trial
"{A0E2CD91-BC77-411F-BD5D-5ABCA8C7C5B8}" = Sony Ericsson Mobile Phone Monitor
"{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}" = Brother MFL-Pro Suite
"{AC76BA86-1033-F400-7760-000000000002}" = Adobe Acrobat 7.0 Professional - English, Français, Deutsch
"{B08D262E-D902-11D5-9C28-0080C85A0C2D}" = ScanWizard 5
"{B754B683-E23C-4583-9312-50AD86836B42}" = Steuer Hilfesammlung
"{C00FAC7F-DAF5-4FD8-83E7-5959C882A811}" = Sony Ericsson File Manager
"{CBA04F21-D46C-46FC-9A8A-A5360F58CF94}" = Sony Ericsson Sync Station
"{D777130E-86A9-428C-B7E6-9EFBCAB4E4CC}" = Steuer Hilfesammlung
"{E03EE3F8-F081-4EF5-BE18-CC849459B070}" = Sony Ericsson Capability Manager
"{E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}" = Windows Media Encoder 9-Reihe
"{EA9FAF16-0E5C-42C4-9742-9AF8D5F6D69B}" = ATI Catalyst Control Center
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F38ADCA4-AF7C-4C73-9021-6F1EA15D15EA}" = Pinnacle TVCenter Pro
"{FDDC37C3-B2FC-4B5E-A854-1E69B2FFCA71}" = Steuer Update 14.01
"Ad-Aware SE Personal" = Ad-Aware SE Personal
"Adobe Acrobat 7.0 Professional - EFG" = Adobe Acrobat 7.0 Professional - English, Français, Deutsch
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player
"All ATI Software" = ATI - Software Uninstall Utility
"AntiVir PersonalEdition Classic" = Avira AntiVir Personal – Free Antivirus
"AsusUpdate" = AsusUpdate
"ATI Display Driver" = ATI Display Driver
"BetaPlayer" = BetaPlayer
"Digital Image Recovery_is1" = Digital Image Recovery 1.47
"EPSON Printer and Utilities" = EPSON-Drucker-Software
"EVEREST Home Edition_is1" = EVEREST Home Edition v2.20
"FFMPEG" = FFMPEG
"FLAC" = FLAC
"FTDICOMM" = SEMC DSS SyncStation Driver
"Google Updater" = Google Updater
"Hard Disk Low Level Format Tool_is1" = Hard Disk Low Level Format Tool 2.36 build 1181
"HijackThis" = HijackThis 1.99.1
"ImTOO 3GP Video Converter" = ImTOO 3GP Video Converter
"InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}" = VIA Plattform-Geräte-Manager
"InstallShield_{97A4D873-47B9-454A-A567-8AFF41C07155}" = EasyRecovery DataRecovery
"InstallShield_{A074DE55-29EB-459C-99C9-3F26C5669ECB}" = EasyRecovery DataRecovery Trial
"KlickTel99" = klickTel Mai 99 - 32-Bit
"KLiteCodecPack_is1" = K-Lite Codec Pack 3.8.0 Full
"Language pack for Ad-Aware SE" = Language pack for Ad-Aware SE
"MAGIX Fotos auf CD & DVD 7 deluxe D" = MAGIX Fotos auf CD & DVD 7 deluxe 7.0.2.0 (D)
"MediaCoder" = MediaCoder 0.6.2
"MediaInfo" = MediaInfo 0.7.6.1BETA
"Microsoft .NET Framework 2.0" = Microsoft .NET Framework 2.0
"Mozilla Firefox (2.0.0.12)" = Mozilla Firefox (2.0.0.12)
"Need For Speed III" = Need For Speed III
"OEMaster-Daten-ExportfürOutlookExpress" = OEMaster - DBX-Reader und Daten-Export für Outlook Express
"ProtectDisc Driver 10" = ProtectDisc Helper Driver 10
"S4Uninst" = Die Siedler IV
"ShockwaveFlash" = Adobe Flash Player 9 ActiveX
"ST6UNST #1" = Outlook Express Quick Backup
"VLC media player" = VLC media player 0.9.6
"Windows Media Encoder 9" = Windows Media Encoder 9-Reihe
"Windows Media Format Runtime" = Windows Media Format Runtime
"Windows XP Service Pack" = Windows XP Service Pack 2
"WinRAR archiver" = WinRAR Archivierer
"ZoneAlarm" = ZoneAlarm
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\gast_ON_D\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Dr. Hardware 2008_is1" = Dr. Hardware 2008 9.0.0d
"JAP" = JAP
"Mozilla Firefox (2.0)" = Mozilla Firefox (2.0)
"Stellar Phoenix DMR_is1" = Stellar Phoenix DMR 1.0
< End of report > Ich hoffe Ihr könnt was damit anfangen und findet den Übeltäter.
Danke und Gruß
Christian |