Uhulinchen | 29.08.2010 22:28 | Hallo Swiss,
hier bin ich wieder. Das "RootRepeal" eine Weile laufen wird, ist schlicht die Untertreibung des Jahrhunderts :crazy: Aber dafür ist mein Arbeitszimmer nun aufgeräumt, die Ablage ist gemacht und noch einige Dinge mehr :Boogie:
So und hier meine Logs:
Eset-Log Code:
ESETSmartInstaller@High as CAB hook log:
OnlineScanner.ocx - registred OK
# version=7
# iexplore.exe=8.00.6001.18702 (longhorn_ie8_rtm(wmbla).090308-0339)
# OnlineScanner.ocx=1.0.0.6211
# api_version=3.0.2
# EOSSerial=4b1316fd27f41149a07ebcb5c32a62d9
# end=finished
# remove_checked=true
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2010-08-29 10:54:01
# local_time=2010-08-29 12:54:01 (+0100, Westeuropäische Sommerzeit)
# country="Germany"
# lang=1033
# osver=5.1.2600 NT Service Pack 3
# compatibility_mode=512 16777215 100 0 0 0 0 0
# compatibility_mode=1797 16775145 100 100 326255 57968531 330966 0
# compatibility_mode=8192 67108863 100 0 189 189 0 0
# scanned=105531
# found=0
# cleaned=0
# scan_time=10876 Neuer OTL-Log: Code:
OTL logfile created on: 29.08.2010 13:02:59 - Run 2
OTL by OldTimer - Version 3.2.10.0 Folder = C:\Dokumente und Einstellungen\Gaby\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 74,00% Memory free
4,00 Gb Paging File | 3,00 Gb Available in Paging File | 84,00% Paging File free
Paging file location(s): C:\pagefile.sys 1344 2688 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 149,72 Gb Total Space | 129,87 Gb Free Space | 86,74% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
Drive E: | 148,37 Gb Total Space | 89,28 Gb Free Space | 60,17% Space Free | Partition Type: NTFS
Drive F: | 967,22 Mb Total Space | 773,02 Mb Free Space | 79,92% Space Free | Partition Type: FAT
Drive G: | 991,22 Mb Total Space | 990,95 Mb Free Space | 99,97% Space Free | Partition Type: FAT
Drive H: | 148,37 Gb Total Space | 89,28 Gb Free Space | 60,17% Space Free | Partition Type: NTFS
I: Drive not present or media not loaded
Drive U: | 148,37 Gb Total Space | 89,28 Gb Free Space | 60,17% Space Free | Partition Type: NTFS
Computer Name: NEUERPCKELLER
Current User Name: Gaby
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal
========== Processes (SafeList) ==========
PRC - C:\Dokumente und Einstellungen\Gaby\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Programme\PC Connectivity Solution\Transports\NclUSBSrv.exe (Nokia)
PRC - C:\Programme\PC Connectivity Solution\ServiceLayer.exe (Nokia)
PRC - C:\Programme\Gemeinsame Dateien\Nokia\MPlatform\NokiaMServer.exe (Nokia)
PRC - C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)
PRC - C:\Programme\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
PRC - C:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
PRC - C:\Programme\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
PRC - C:\Programme\Avira\AntiVir Desktop\avshadow.exe (Avira GmbH)
PRC - C:\Programme\PC Connectivity Solution\Transports\NclRSSrv.exe (Nokia)
PRC - C:\Programme\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
PRC - C:\WINDOWS\system32\FsUsbExService.Exe (Teruten)
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\Programme\IVT Corporation\BlueSoleil\BTNtService.exe ()
PRC - C:\Programme\IVT Corporation\BlueSoleil\BlueSoleil.exe (IVT Corporation.)
PRC - C:\Programme\IVT Corporation\BlueSoleil\StartSkysolSvc.exe ()
PRC - C:\Programme\Gemeinsame Dateien\LogiShrd\LVMVFM\LVPrcSrv.exe (Logitech Inc.)
PRC - C:\Programme\Gemeinsame Dateien\LogiShrd\LVCOMSER\LVComSer.exe (Logitech Inc.)
PRC - C:\Programme\Microsoft ActiveSync\wcescomm.exe (Microsoft Corporation)
PRC - C:\Programme\Microsoft ActiveSync\rapimgr.exe (Microsoft Corporation)
PRC - C:\Programme\FreePDF_XP\fpassist.exe (shbox.de)
========== Modules (SafeList) ==========
MOD - C:\Dokumente und Einstellungen\Gaby\Desktop\OTL.exe (OldTimer Tools)
MOD - C:\WINDOWS\system32\msscript.ocx (Microsoft Corporation)
MOD - C:\Programme\Gemeinsame Dateien\LogiShrd\LVMVFM\LVPrcInj.dll (Logitech Inc.)
========== Win32 Services (SafeList) ==========
SRV - (AppMgmt) -- C:\WINDOWS\System32\appmgmts.dll File not found
SRV - (ServiceLayer) -- C:\Programme\PC Connectivity Solution\ServiceLayer.exe (Nokia)
SRV - (AntiVirService) -- C:\Programme\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
SRV - (AntiVirSchedulerService) -- C:\Programme\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
SRV - (Cherry Device Interface) -- C:\Programme\Cherry\CDI\cdi.exe (ZF Electronics GmbH)
SRV - (FsUsbExService) -- C:\WINDOWS\system32\FsUsbExService.Exe (Teruten)
SRV - (odserv) -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE12\ODSERV.EXE (Microsoft Corporation)
SRV - (BlueSoleil Hid Service) -- C:\Programme\IVT Corporation\BlueSoleil\BTNtService.exe ()
SRV - (Start BT in service) -- C:\Programme\IVT Corporation\BlueSoleil\StartSkysolSvc.exe ()
SRV - (LVSrvLauncher) -- C:\Programme\Gemeinsame Dateien\LogiShrd\SrvLnch\SrvLnch.exe (Logitech Inc.)
SRV - (LVPrcSrv) -- C:\Programme\Gemeinsame Dateien\LogiShrd\LVMVFM\LVPrcSrv.exe (Logitech Inc.)
SRV - (LVCOMSer) -- C:\Programme\Gemeinsame Dateien\LogiShrd\LVCOMSER\LVComSer.exe (Logitech Inc.)
SRV - (NMIndexingService) -- C:\Programme\Gemeinsame Dateien\Nero\Lib\NMIndexingService.exe (Nero AG)
SRV - (ose) -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE (Microsoft Corporation)
SRV - (Pml Driver HPZ12) -- C:\WINDOWS\system32\HPZipm12.exe (HP)
========== Driver Services (SafeList) ==========
DRV - (AmdPPM) -- C:\WINDOWS\System32\DRIVERS\AmdPPM.sys File not found
DRV - (IntcAzAudAddService) Service for Realtek HD Audio (WDM) -- C:\WINDOWS\system32\drivers\RtkHDAud.sys (Realtek Semiconductor Corp.)
DRV - (avipbb) -- C:\WINDOWS\system32\drivers\avipbb.sys (Avira GmbH)
DRV - (UsbserFilt) -- C:\WINDOWS\system32\drivers\usbser_lowerfltj.sys (Nokia)
DRV - (upperdev) -- C:\WINDOWS\system32\drivers\usbser_lowerflt.sys (Nokia)
DRV - (nmwcdc) -- C:\WINDOWS\system32\drivers\ccdcmbo.sys (Nokia)
DRV - (nmwcd) -- C:\WINDOWS\system32\drivers\ccdcmb.sys (Nokia)
DRV - (nmwcdnsu) -- C:\WINDOWS\system32\drivers\nmwcdnsu.sys (Nokia)
DRV - (avgntflt) -- C:\WINDOWS\system32\drivers\avgntflt.sys (Avira GmbH)
DRV - (Monfilt) -- C:\WINDOWS\system32\drivers\Monfilt.sys (Creative Technology Ltd.)
DRV - (Ambfilt) -- C:\WINDOWS\system32\drivers\Ambfilt.sys (Creative)
DRV - (ssmdrv) -- C:\WINDOWS\system32\drivers\ssmdrv.sys (Avira GmbH)
DRV - (avgio) -- C:\Programme\Avira\AntiVir Desktop\avgio.sys (Avira GmbH)
DRV - (nv) -- C:\WINDOWS\system32\drivers\nv4_mini.sys (NVIDIA Corporation)
DRV - (FsUsbExDisk) -- C:\WINDOWS\system32\FsUsbExDisk.Sys ()
DRV - (pccsmcfd) -- C:\WINDOWS\system32\drivers\pccsmcfd.sys (Nokia)
DRV - (nvgts) -- C:\WINDOWS\system32\DRIVERS\nvgts.sys (NVIDIA Corporation)
DRV - (nvnetbus) -- C:\WINDOWS\system32\drivers\nvnetbus.sys (NVIDIA Corporation)
DRV - (NVENETFD) -- C:\WINDOWS\system32\drivers\NVENETFD.sys (NVIDIA Corporation)
DRV - (HDAudBus) -- C:\WINDOWS\system32\drivers\hdaudbus.sys (Windows (R) Server 2003 DDK provider)
DRV - (usbaudio) USB-Audiotreiber (WDM) -- C:\WINDOWS\system32\drivers\USBAUDIO.sys (Microsoft Corporation)
DRV - (LVcKap) -- C:\WINDOWS\system32\drivers\Lvckap.sys (Logitech Inc.)
DRV - (LVUSBSta) -- C:\WINDOWS\system32\drivers\LVUSBSta.sys (Logitech Inc.)
DRV - (PID_PEPI) Logitech QuickCam IM(PID_PEPI) -- C:\WINDOWS\system32\drivers\LV302V32.SYS (Logitech Inc.)
DRV - (pepifilter) -- C:\WINDOWS\system32\drivers\lv302af.sys (Logitech Inc.)
DRV - (LVPr2Mon) -- C:\WINDOWS\system32\drivers\LVPr2Mon.sys ()
DRV - (LVMVDrv) -- C:\WINDOWS\system32\drivers\LVMVdrv.sys (Logitech Inc.)
DRV - (Btcsrusb) -- C:\WINDOWS\system32\drivers\btcusb.sys (IVT Corporation.)
DRV - (BlueletSCOAudio) -- C:\WINDOWS\system32\drivers\BlueletSCOAudio.sys (IVT Corporation.)
DRV - (BlueletAudio) -- C:\WINDOWS\system32\drivers\blueletaudio.sys (IVT Corporation.)
DRV - (ss_mdm) -- C:\WINDOWS\system32\drivers\ss_mdm.sys (MCCI Corporation)
DRV - (ss_mdfl) -- C:\WINDOWS\system32\drivers\ss_mdfl.sys (MCCI Corporation)
DRV - (ss_bus) SAMSUNG Mobile USB Device 1.0 driver (WDM) -- C:\WINDOWS\system32\drivers\ss_bus.sys (MCCI Corporation)
DRV - (BT) -- C:\WINDOWS\system32\drivers\btnetdrv.sys (IVT Corporation.)
DRV - (BTHidMgr) -- C:\WINDOWS\System32\Drivers\BTHidMgr.sys (IVT Corporation.)
DRV - (BTHidEnum) -- C:\WINDOWS\System32\Drivers\vbtenum.sys (IVT Corporation.)
DRV - (VcommMgr) -- C:\WINDOWS\system32\drivers\VcommMgr.sys (IVT Corporation.)
DRV - (VComm) -- C:\WINDOWS\system32\drivers\VComm.sys (IVT Corporation.)
DRV - (AmdK8) -- C:\WINDOWS\system32\drivers\AmdK8.sys (Advanced Micro Devices)
DRV - (MTsensor) -- C:\WINDOWS\system32\drivers\ASACPI.sys ()
DRV - (DgiVecp) -- C:\WINDOWS\system32\drivers\DGIVECP.SYS (DeviceGuys, Inc.)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.conduit.com?SearchSource=10&ctid=CT2431245
IE - HKCU\..\URLSearchHook: {cc05a3e3-64c3-4af2-bfc1-af0d66b69065} - C:\Programme\softonic-de3\tbsof1.dll (Conduit Ltd.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..extensions.enabledItems: {AB2CE124-6272-4b12-94A9-7303C7397BD1}:4.2.0.5198
FF - prefs.js..extensions.enabledItems: {b8cbd8e0-e642-11dd-ba2f-0800200c9a66}:1.6
FF - prefs.js..extensions.enabledItems: {57B65ABB-F4E3-4358-8472-15AEE0833E11}:0.8.2
FF - prefs.js..extensions.enabledItems: {A27F3FEF-1113-4cfb-A032-8E12D7D8EE70}:7.3.3.42
FF - prefs.js..extensions.enabledItems: DeviceDetection@logitech.com:1.0.176.0
FF - prefs.js..extensions.enabledItems: {19503e42-ca3c-4c27-b1e2-9cdb2170ee34}:1.2.1.29
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - HKLM\software\mozilla\Firefox\Extensions\\bkmrksync@nokia.com: C:\Programme\Nokia6230i\Nokia PC Suite 7\bkmrksync\ [2009.05.29 13:48:32 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{A27F3FEF-1113-4cfb-A032-8E12D7D8EE70}: C:\Programme\Nokia\Nokia Ovi Suite\Connectors\Bookmarks Connector\FirefoxExtension\ [2010.07.08 21:29:01 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.8\extensions\\Components: C:\Programme\Mozilla Firefox\components [2010.08.05 21:11:27 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.8\extensions\\Plugins: C:\Programme\Mozilla Firefox\plugins [2010.07.26 16:31:43 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Thunderbird\Extensions\\{CCB7D94B-CA92-4E3F-B79D-ADE0F07ADC74}: C:\Programme\Nokia\Nokia Ovi Suite\Connectors\Thunderbird Connector\ThunderbirdExtension\ [2010.07.08 21:29:02 | 000,000,000 | ---D | M]
[2010.02.28 14:14:47 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Gaby\Anwendungsdaten\Mozilla\Extensions
[2010.08.29 08:22:05 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Gaby\Anwendungsdaten\Mozilla\Firefox\Profiles\f3x4w6c6.default\extensions
[2010.08.25 12:19:20 | 000,000,000 | ---D | M] (FlashGot) -- C:\Dokumente und Einstellungen\Gaby\Anwendungsdaten\Mozilla\Firefox\Profiles\f3x4w6c6.default\extensions\{19503e42-ca3c-4c27-b1e2-9cdb2170ee34}
[2010.08.07 11:01:24 | 000,000,000 | ---D | M] (Google Toolbar for Firefox) -- C:\Dokumente und Einstellungen\Gaby\Anwendungsdaten\Mozilla\Firefox\Profiles\f3x4w6c6.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}
[2010.06.10 05:53:19 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\Gaby\Anwendungsdaten\Mozilla\Firefox\Profiles\f3x4w6c6.default\extensions\{57B65ABB-F4E3-4358-8472-15AEE0833E11}
[2010.05.01 20:09:58 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\Gaby\Anwendungsdaten\Mozilla\Firefox\Profiles\f3x4w6c6.default\extensions\{b8cbd8e0-e642-11dd-ba2f-0800200c9a66}
[2010.08.17 07:40:47 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Gaby\Anwendungsdaten\Mozilla\Firefox\Profiles\f3x4w6c6.default\extensions\DeviceDetection@logitech.com
[2010.08.29 08:22:05 | 000,000,000 | ---D | M] -- C:\Programme\Mozilla Firefox\extensions
[2010.02.28 14:48:58 | 000,000,000 | ---D | M] (Skype extension for Firefox) -- C:\Programme\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}
[2010.08.28 16:43:35 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
[2010.08.28 16:43:26 | 000,423,656 | ---- | M] (Sun Microsystems, Inc.) -- C:\Programme\Mozilla Firefox\plugins\npdeployJava1.dll
[2010.01.16 03:15:29 | 000,001,392 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\amazondotcom-de.xml
[2010.01.16 03:15:29 | 000,002,344 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\eBay-de.xml
[2010.01.16 03:15:29 | 000,006,805 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\leo_ende_de.xml
[2010.01.16 03:15:29 | 000,001,178 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\wikipedia-de.xml
[2010.01.16 03:15:29 | 000,001,105 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\yahoo-de.xml
O1 HOSTS File: ([2008.04.14 14:00:00 | 000,000,820 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Programme\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programme\Google\GoogleToolbarNotifier\5.5.5126.1836\swg.dll (Google Inc.)
O2 - BHO: (softonic-de3 Toolbar) - {cc05a3e3-64c3-4af2-bfc1-af0d66b69065} - C:\Programme\softonic-de3\tbsof1.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Programme\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (softonic-de3 Toolbar) - {cc05a3e3-64c3-4af2-bfc1-af0d66b69065} - C:\Programme\softonic-de3\tbsof1.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Programme\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (softonic-de3 Toolbar) - {CC05A3E3-64C3-4AF2-BFC1-AF0D66B69065} - C:\Programme\softonic-de3\tbsof1.dll (Conduit Ltd.)
O4 - HKLM..\Run: [avgnt] C:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [FreePDF Assistant] C:\Programme\FreePDF_XP\fpassist.exe (shbox.de)
O4 - HKLM..\Run: [NokiaMServer] C:\Programme\Gemeinsame Dateien\Nokia\MPlatform\NokiaMServer.exe (Nokia)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe ()
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)
O4 - HKCU..\Run: [H/PC Connection Agent] C:\Programme\Microsoft ActiveSync\wcescomm.exe (Microsoft Corporation)
O4 - HKCU..\Run: [swg] C:\Programme\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\BlueSoleil.lnk = C:\Programme\IVT Corporation\BlueSoleil\gprs.exe (IVT Corporation.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: Google Sidewiki... - C:\Programme\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll (Google Inc.)
O8 - Extra context menu item: Nach Microsoft &Excel exportieren - C:\Programme\Microsoft Office\Office10\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - C:\Programme\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Programme\Microsoft ActiveSync\INetRepl.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Mobilen Favoriten erstellen... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Programme\Microsoft ActiveSync\INetRepl.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Programme\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O16 - DPF: {74DBCB52-F298-4110-951D-AD2FF67BC8AB} hxxp://www.nvidia.com/content/DriverDownload/nforce/NvidiaSmartScan.cab (NVIDIA Smart Scan)
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} hxxp://download.eset.com/special/eos/OnlineScanner.cab (OnlineScanner Control)
O16 - DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Web Components\10\OWC10.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Gemeinsame Dateien\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O24 - Desktop Components:0 (Die derzeitige Homepage) - About:Home
O28 - HKLM ShellExecuteHooks: {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Programme\Windows Desktop Search\MsnlNamespaceMgr.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.02.05 17:41:43 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 30 Days ==========
[2010.08.29 09:49:38 | 000,000,000 | ---D | C] -- C:\Programme\ESET
[2010.08.28 16:55:26 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Gaby\Anwendungsdaten\Malwarebytes
[2010.08.28 16:55:17 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010.08.28 16:55:16 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2010.08.28 16:55:16 | 000,000,000 | ---D | C] -- C:\Programme\Malwarebytes' Anti-Malware
[2010.08.28 16:55:16 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Malwarebytes
[2010.08.28 16:49:27 | 000,000,000 | ---D | C] -- C:\_OTL
[2010.08.28 16:43:44 | 000,000,000 | ---D | C] -- C:\Programme\Gemeinsame Dateien\Java
[2010.08.28 16:43:35 | 000,073,728 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javacpl.cpl
[2010.08.28 16:43:34 | 000,153,376 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe
[2010.08.28 16:43:34 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe
[2010.08.28 16:43:34 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe
[2010.08.28 16:43:23 | 000,000,000 | ---D | C] -- C:\Programme\Java
[2010.08.28 16:42:01 | 000,875,296 | ---- | C] (Sun Microsystems, Inc.) -- C:\Dokumente und Einstellungen\Gaby\Desktop\jre-6u21-windows-i586-iftw-rv.exe
[2010.08.28 07:21:11 | 000,000,000 | ---D | C] -- E:\_gaby\TheWork
[2010.08.26 11:38:17 | 000,000,000 | ---D | C] -- C:\WINDOWS\Minidump
[2010.08.26 10:30:07 | 000,575,488 | ---- | C] (OldTimer Tools) -- C:\Dokumente und Einstellungen\Gaby\Desktop\OTL.exe
[2010.08.25 18:23:54 | 000,000,000 | ---D | C] -- C:\Programme\Aida
[2010.08.25 18:09:25 | 000,000,000 | RH-D | C] -- C:\Dokumente und Einstellungen\Gaby\Recent
[2010.08.25 17:44:35 | 000,000,000 | ---D | C] -- C:\Programme\HiJackThis
[2010.08.25 17:05:02 | 002,195,429 | ---- | C] (No23) -- C:\Dokumente und Einstellungen\Gaby\Desktop\No23Recorder.exe
[2010.08.25 16:54:31 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Gaby\Anwendungsdaten\Cool Record Edit Pro
[2010.08.25 16:50:40 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Gaby\Anwendungsdaten\Free Sound Recorder 2010
[2010.08.25 16:50:32 | 000,344,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msvcr70.dll
[2010.08.25 12:26:00 | 000,000,000 | ---D | C] -- E:\_gaby\Sicherung
[2010.08.25 12:22:01 | 000,000,000 | ---D | C] -- C:\Programme\CCleaner
[2010.08.25 12:17:27 | 000,000,000 | ---D | C] -- C:\Programme\softonic-de3
[2010.08.25 12:17:27 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Gaby\Lokale Einstellungen\Anwendungsdaten\softonic-de3
[2010.08.18 03:38:11 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Gaby\Anwendungsdaten\WinRAR
[2010.08.17 13:20:37 | 000,000,000 | ---D | C] -- E:\_gaby\E443X My Documents
[2010.08.17 13:12:39 | 000,000,000 | ---D | C] -- C:\Programme\Microsoft ActiveSync
[2010.08.17 12:43:46 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Gaby\Anwendungsdaten\GoPal Assistant
[2010.08.17 12:43:29 | 000,000,000 | ---D | C] -- C:\Programme\Medion GoPal Assistant
[2010.08.17 12:42:30 | 000,000,000 | ---D | C] -- C:\Medion
[2010.08.17 12:27:24 | 000,000,000 | ---D | C] -- C:\Programme\WinRAR
[2010.08.17 10:59:12 | 000,000,000 | ---D | C] -- C:\Programme\JDownloader
[2010.08.17 10:58:48 | 000,000,000 | ---D | C] -- C:\Programme\Conduit
[2010.08.17 07:53:11 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Gaby\Logitech
[2010.08.17 07:52:48 | 000,000,000 | ---D | C] -- C:\Programme\Gemeinsame Dateien\Remote Control Software Common
[2010.08.17 07:52:39 | 000,000,000 | ---D | C] -- C:\Programme\Gemeinsame Dateien\Remote Control USB Driver
[2010.08.17 07:52:22 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Gaby\Anwendungsdaten\InstallShield
[2010.08.14 22:06:26 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Gaby\Anwendungsdaten\Nokia
[2010.08.08 09:31:59 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Gaby\Anwendungsdaten\Windows Search
[2010.08.03 20:51:48 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Gaby\Anwendungsdaten\Media Player Classic
[2010.08.03 20:51:18 | 001,294,336 | ---- | C] (HMS hxxp://hp.vector.co.jp/authors/VA012897/) -- C:\WINDOWS\System32\vorbis.acm
[2010.08.03 20:51:18 | 000,860,160 | ---- | C] (hxxp://www.mp3dev.org/) -- C:\WINDOWS\System32\lameACM.acm
[2010.08.03 20:51:18 | 000,287,744 | ---- | C] (Kristal StudioD
FileDescription) -- C:\WINDOWS\System32\divxa32.acm
[2010.08.03 20:51:18 | 000,232,448 | ---- | C] (Fraunhofer Institut Integrierte Schaltungen IIS) -- C:\WINDOWS\System32\mp3fhg.acm
[2010.08.03 20:51:17 | 000,630,784 | ---- | C] (On2.com) -- C:\WINDOWS\System32\vp7vfw.dll
[2010.08.03 20:51:17 | 000,438,272 | ---- | C] (On2.com) -- C:\WINDOWS\System32\vp6vfw.dll
[2010.08.03 20:51:17 | 000,391,680 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\I263_32.drv
[2010.08.03 20:51:17 | 000,217,088 | ---- | C] (www.helixcommunity.org) -- C:\WINDOWS\System32\yv12vfw.dll
[2010.08.03 20:51:17 | 000,118,784 | ---- | C] (fccHandler) -- C:\WINDOWS\System32\ac3acm.acm
[2010.08.03 20:51:17 | 000,039,936 | ---- | C] (Disappearing Inc.) -- C:\WINDOWS\System32\huffyuv.dll
[2010.08.03 20:51:16 | 000,683,520 | ---- | C] (DivX, Inc.) -- C:\WINDOWS\System32\divx.dll
[2010.08.03 20:51:16 | 000,081,920 | ---- | C] (DivX, Inc.) -- C:\WINDOWS\System32\dpl100.dll
[2010.08.03 20:51:14 | 000,000,000 | ---D | C] -- C:\Programme\K-Lite Codec Pack
[2010.08.03 20:35:09 | 000,000,000 | ---D | C] -- C:\Programme\AC3Filter
[2010.08.03 20:32:09 | 000,000,000 | ---D | C] -- C:\Programme\AVIcodec
========== Files - Modified Within 30 Days ==========
[2010.08.29 13:02:24 | 003,932,160 | -H-- | M] () -- C:\Dokumente und Einstellungen\Gaby\NTUSER.DAT
[2010.08.29 13:02:00 | 000,001,088 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2010.08.28 23:58:15 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2010.08.28 18:06:44 | 000,208,294 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
[2010.08.28 17:29:13 | 000,001,084 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2010.08.28 17:28:49 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010.08.28 17:28:47 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010.08.28 16:55:20 | 000,000,682 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2010.08.28 16:43:26 | 000,153,376 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe
[2010.08.28 16:43:26 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe
[2010.08.28 16:43:26 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe
[2010.08.28 16:43:26 | 000,073,728 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javacpl.cpl
[2010.08.28 16:43:25 | 000,423,656 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\deployJava1.dll
[2010.08.28 16:42:01 | 000,875,296 | ---- | M] (Sun Microsystems, Inc.) -- C:\Dokumente und Einstellungen\Gaby\Desktop\jre-6u21-windows-i586-iftw-rv.exe
[2010.08.28 07:20:48 | 000,343,812 | ---- | M] () -- E:\_gaby\AnleitungzuTheWork.pdf
[2010.08.28 07:20:24 | 000,200,546 | ---- | M] () -- E:\_gaby\Arbeitsblatt_UntersucheEineUberzeugung.pdf
[2010.08.28 07:20:10 | 000,294,091 | ---- | M] () -- E:\_gaby\Arbeitsblatt_UrteileUberDeinenNachsten.pdf
[2010.08.26 13:43:13 | 000,012,598 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010.08.26 12:02:56 | 000,000,300 | -HS- | M] () -- C:\Dokumente und Einstellungen\Gaby\ntuser.ini
[2010.08.26 11:20:08 | 000,000,184 | ---- | M] () -- C:\WINDOWS\hpbafd.ini
[2010.08.26 10:33:15 | 000,293,376 | ---- | M] () -- C:\Dokumente und Einstellungen\Gaby\Desktop\i4z2btbu.exe
[2010.08.26 10:29:27 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Dokumente und Einstellungen\Gaby\Desktop\OTL.exe
[2010.08.25 18:09:53 | 000,002,541 | ---- | M] () -- C:\Dokumente und Einstellungen\Gaby\Desktop\HiJackThis.lnk
[2010.08.25 17:05:16 | 002,195,429 | ---- | M] (No23) -- C:\Dokumente und Einstellungen\Gaby\Desktop\No23Recorder.exe
[2010.08.25 16:52:32 | 000,000,395 | ---- | M] () -- C:\Dokumente und Einstellungen\Gaby\Desktop\Verknüpfung mit __Musik.lnk
[2010.08.25 12:22:02 | 000,000,660 | ---- | M] () -- C:\Dokumente und Einstellungen\Gaby\Desktop\CCleaner.lnk
[2010.08.17 23:21:49 | 000,016,747 | ---- | M] () -- E:\_gaby\Mappe1.xlsx
[2010.08.17 13:20:37 | 000,001,347 | ---- | M] () -- C:\Dokumente und Einstellungen\Gaby\Desktop\E443X My Documents.LNK
[2010.08.17 10:59:20 | 000,000,734 | ---- | M] () -- C:\Dokumente und Einstellungen\Gaby\Desktop\JDownloader.lnk
[2010.08.17 07:53:09 | 000,001,968 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Logitech Harmony Remote Software 7.lnk
[2010.08.17 07:28:24 | 000,212,613 | ---- | M] () -- E:\_gaby\Tuchfabrik.jpg
[2010.08.17 07:28:24 | 000,003,270 | ---- | M] () -- C:\Dokumente und Einstellungen\Gaby\.recently-used.xbel
[2010.08.16 17:30:30 | 000,142,056 | ---- | M] () -- C:\Dokumente und Einstellungen\Gaby\Lokale Einstellungen\Anwendungsdaten\GDIPFONTCACHEV1.DAT
[2010.08.14 22:06:26 | 000,001,960 | ---- | M] () -- C:\Dokumente und Einstellungen\Gaby\Anwendungsdaten\NMM-MetaData.db
[2010.08.14 21:12:57 | 000,455,656 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010.08.11 06:51:26 | 000,000,690 | ---- | M] () -- C:\WINDOWS\win.ini
[2010.08.11 06:51:26 | 000,000,227 | ---- | M] () -- C:\WINDOWS\system.ini
[2010.08.11 06:51:26 | 000,000,223 | -HS- | M] () -- C:\boot.ini
[2010.08.03 22:57:36 | 000,290,816 | ---- | M] () -- E:\_gaby\Datenbank1.accdb
[2010.08.03 20:53:52 | 000,000,069 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2010.08.03 20:53:51 | 000,005,120 | ---- | M] () -- C:\Dokumente und Einstellungen\Gaby\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.08.03 20:28:36 | 000,000,064 | ---- | M] () -- C:\Dokumente und Einstellungen\Gaby\default.pls
========== Files Created - No Company Name ==========
[2010.08.28 16:55:20 | 000,000,682 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2010.08.28 07:20:48 | 000,343,812 | ---- | C] () -- E:\_gaby\AnleitungzuTheWork.pdf
[2010.08.28 07:20:24 | 000,200,546 | ---- | C] () -- E:\_gaby\Arbeitsblatt_UntersucheEineUberzeugung.pdf
[2010.08.28 07:20:10 | 000,294,091 | ---- | C] () -- E:\_gaby\Arbeitsblatt_UrteileUberDeinenNachsten.pdf
[2010.08.26 10:33:15 | 000,293,376 | ---- | C] () -- C:\Dokumente und Einstellungen\Gaby\Desktop\i4z2btbu.exe
[2010.08.25 17:44:35 | 000,002,541 | ---- | C] () -- C:\Dokumente und Einstellungen\Gaby\Desktop\HiJackThis.lnk
[2010.08.25 16:52:32 | 000,000,395 | ---- | C] () -- C:\Dokumente und Einstellungen\Gaby\Desktop\Verknüpfung mit __Musik.lnk
[2010.08.25 12:22:02 | 000,000,660 | ---- | C] () -- C:\Dokumente und Einstellungen\Gaby\Desktop\CCleaner.lnk
[2010.08.17 23:21:49 | 000,016,747 | ---- | C] () -- E:\_gaby\Mappe1.xlsx
[2010.08.17 13:20:37 | 000,001,347 | ---- | C] () -- C:\Dokumente und Einstellungen\Gaby\Desktop\E443X My Documents.LNK
[2010.08.17 10:59:20 | 000,000,734 | ---- | C] () -- C:\Dokumente und Einstellungen\Gaby\Desktop\JDownloader.lnk
[2010.08.17 07:53:09 | 000,001,968 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Logitech Harmony Remote Software 7.lnk
[2010.08.17 07:28:24 | 000,212,613 | ---- | C] () -- E:\_gaby\Tuchfabrik.jpg
[2010.08.17 07:28:24 | 000,003,270 | ---- | C] () -- C:\Dokumente und Einstellungen\Gaby\.recently-used.xbel
[2010.08.14 22:06:26 | 000,001,960 | ---- | C] () -- C:\Dokumente und Einstellungen\Gaby\Anwendungsdaten\NMM-MetaData.db
[2010.08.03 22:55:52 | 000,290,816 | ---- | C] () -- E:\_gaby\Datenbank1.accdb
[2010.08.03 20:51:19 | 000,164,352 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2010.08.03 20:51:19 | 000,000,038 | ---- | C] () -- C:\WINDOWS\avisplitter.ini
[2010.08.03 20:51:18 | 000,000,414 | ---- | C] () -- C:\WINDOWS\System32\lame_acm.xml
[2010.08.03 20:51:17 | 002,041,363 | ---- | C] () -- C:\WINDOWS\System32\x264vfw.dll
[2010.08.03 20:51:17 | 000,755,027 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2010.08.03 20:51:17 | 000,159,839 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2010.08.03 20:51:16 | 003,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll
[2010.08.03 20:51:15 | 000,007,680 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2010.08.03 20:51:15 | 000,000,547 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll.manifest
[2010.08.03 20:25:37 | 000,005,120 | ---- | C] () -- C:\Dokumente und Einstellungen\Gaby\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.03.31 06:56:44 | 000,000,766 | ---- | C] () -- C:\Programme\Gemeinsame Dateien\Will.ico
[2010.03.31 06:56:43 | 002,428,501 | ---- | C] () -- C:\Programme\Gemeinsame Dateien\Fontinfo.hlp
[2010.03.12 07:46:20 | 000,110,592 | ---- | C] () -- C:\WINDOWS\System32\FsUsbExDevice.Dll
[2010.03.12 07:46:20 | 000,036,608 | ---- | C] () -- C:\WINDOWS\System32\FsUsbExDisk.Sys
[2010.03.12 07:46:15 | 000,002,528 | ---- | C] () -- C:\Dokumente und Einstellungen\Gaby\Anwendungsdaten\$_hpcst$.hpc
[2010.02.28 22:17:41 | 000,116,224 | ---- | C] () -- C:\WINDOWS\System32\redmonnt.dll
[2010.02.28 13:51:12 | 000,059,500 | ---- | C] () -- C:\WINDOWS\System32\lvcoinst.ini
[2009.08.14 13:23:01 | 000,000,089 | ---- | C] () -- C:\WINDOWS\ULead32.ini
[2009.07.11 18:32:15 | 000,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2009.06.11 21:58:47 | 000,074,752 | ---- | C] () -- C:\WINDOWS\System32\jst.dll
[2009.06.11 21:58:47 | 000,061,440 | ---- | C] () -- C:\WINDOWS\System32\PMLJNI.dll
[2009.06.11 21:56:39 | 000,003,254 | R--- | C] () -- C:\WINDOWS\System32\hptcpmon.ini
[2009.06.11 21:56:39 | 000,000,148 | ---- | C] () -- C:\WINDOWS\System32\AddPort.ini
[2009.06.11 21:54:17 | 000,000,103 | ---- | C] () -- C:\WINDOWS\System32\hptrace.ini
[2009.06.11 21:53:38 | 000,013,143 | ---- | C] () -- C:\WINDOWS\hpclj2550.ini
[2009.05.27 21:11:19 | 000,000,184 | ---- | C] () -- C:\WINDOWS\hpbafd.ini
[2009.05.07 09:27:35 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\W2KUSBIF.DLL
[2009.05.07 09:27:35 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\spusbif.dll
[2009.05.07 09:27:35 | 000,001,593 | ---- | C] () -- C:\WINDOWS\System32\portex16.dll
[2009.04.23 21:04:52 | 000,000,400 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2009.04.22 11:17:15 | 000,001,746 | ---- | C] () -- C:\WINDOWS\Language_trs.ini
[2009.02.05 17:52:28 | 000,005,810 | R--- | C] () -- C:\WINDOWS\System32\drivers\ASACPI.sys
[2009.02.05 17:52:12 | 000,021,940 | ---- | C] () -- C:\WINDOWS\Ascd_tmp.ini
[2009.02.05 17:52:11 | 000,010,296 | ---- | C] () -- C:\WINDOWS\System32\drivers\ASUSHWIO.SYS
[2009.01.21 18:08:00 | 001,724,416 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll
[2009.01.21 18:08:00 | 001,507,328 | ---- | C] () -- C:\WINDOWS\System32\nview.dll
[2009.01.21 18:08:00 | 001,101,824 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll
[2009.01.21 18:08:00 | 000,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll
[2008.10.12 02:28:15 | 000,413,696 | ---- | C] () -- C:\WINDOWS\System32\WebRecDLg.dll
[2008.05.26 22:23:36 | 000,016,834 | ---- | C] () -- C:\WINDOWS\System32\gthrctr.ini
[2008.05.26 22:23:34 | 000,024,188 | ---- | C] () -- C:\WINDOWS\System32\idxcntrs.ini
[2008.05.26 22:23:32 | 000,016,568 | ---- | C] () -- C:\WINDOWS\System32\gsrvctr.ini
[2007.10.25 18:26:10 | 000,005,632 | ---- | C] () -- C:\WINDOWS\System32\drivers\StarOpen.sys
[2007.10.11 19:59:24 | 000,025,624 | ---- | C] () -- C:\WINDOWS\System32\drivers\LVPr2Mon.sys
[2004.03.03 08:59:50 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\HPB2550V.DLL
[2002.03.21 01:38:14 | 000,208,896 | ---- | C] () -- C:\WINDOWS\System32\lame.dll
[2002.03.21 00:38:14 | 000,208,896 | ---- | C] () -- C:\WINDOWS\System32\Recapr.dll
[2002.03.21 00:38:14 | 000,208,896 | ---- | C] () -- C:\WINDOWS\System32\lame_enc.dll
[2001.07.31 05:17:12 | 000,094,274 | ---- | C] () -- C:\WINDOWS\System32\HPBHEALR.DLL
< End of report > OTL-Extra-Log Code:
OTL Extras logfile created on: 29.08.2010 13:02:59 - Run 2
OTL by OldTimer - Version 3.2.10.0 Folder = C:\Dokumente und Einstellungen\Gaby\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 74,00% Memory free
4,00 Gb Paging File | 3,00 Gb Available in Paging File | 84,00% Paging File free
Paging file location(s): C:\pagefile.sys 1344 2688 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 149,72 Gb Total Space | 129,87 Gb Free Space | 86,74% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
Drive E: | 148,37 Gb Total Space | 89,28 Gb Free Space | 60,17% Space Free | Partition Type: NTFS
Drive F: | 967,22 Mb Total Space | 773,02 Mb Free Space | 79,92% Space Free | Partition Type: FAT
Drive G: | 991,22 Mb Total Space | 990,95 Mb Free Space | 99,97% Space Free | Partition Type: FAT
Drive H: | 148,37 Gb Total Space | 89,28 Gb Free Space | 60,17% Space Free | Partition Type: NTFS
I: Drive not present or media not loaded
Drive U: | 148,37 Gb Total Space | 89,28 Gb Free Space | 60,17% Space Free | Partition Type: NTFS
Computer Name: NEUERPCKELLER
Current User Name: Gaby
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Programme\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
htmlfile [edit] -- "C:\Programme\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Programme\Microsoft Office\Office12\msohtmed.exe" /p %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 1
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002
"26675:TCP" = 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0
"DoNotAllowExceptions" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002
"26675:TCP" = 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\Programme\Logitech\Logitech Harmony Remote Software 7\HarmonyRemote.exe" = C:\Programme\Logitech\Logitech Harmony Remote Software 7\HarmonyRemote.exe:*:Enabled:Logitech Harmony Remote Software 7 -- ()
"C:\Programme\Microsoft ActiveSync\rapimgr.exe" = C:\Programme\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager -- (Microsoft Corporation)
"C:\Programme\Microsoft ActiveSync\wcescomm.exe" = C:\Programme\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager -- (Microsoft Corporation)
"C:\Programme\Microsoft ActiveSync\WCESMgr.exe" = C:\Programme\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application -- (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Programme\IVT Corporation\BlueSoleil\BlueSoleil.exe" = C:\Programme\IVT Corporation\BlueSoleil\BlueSoleil.exe:*:Enabled:BlueSoleil -- (IVT Corporation.)
"C:\Programme\Hewlett-Packard\Toolbox\jre\bin\javaw.exe" = C:\Programme\Hewlett-Packard\Toolbox\jre\bin\javaw.exe:*:Enabled:javaw -- ()
"C:\Programme\BitTorrent\bittorrent.exe" = C:\Programme\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent -- File not found
"C:\Programme\Samsung\Samsung New PC Studio\npsasvr.exe" = C:\Programme\Samsung\Samsung New PC Studio\npsasvr.exe:*:Enabled:KTF MUSIC AoD Server -- (PeeringPortal)
"C:\Programme\Samsung\Samsung New PC Studio\npsvsvr.exe" = C:\Programme\Samsung\Samsung New PC Studio\npsvsvr.exe:*:Enabled:KTF MUSIC VoD Server -- (PeeringPortal)
"C:\Programme\Microsoft Office\Office12\OUTLOOK.EXE" = C:\Programme\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook -- (Microsoft Corporation)
"C:\Programme\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe" = C:\Programme\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe:*:Enabled:Nokia Ovi Suite 2 -- (Nokia)
"C:\Programme\Gemeinsame Dateien\Nokia\Service Layer\A\nsl_host_process.exe" = C:\Programme\Gemeinsame Dateien\Nokia\Service Layer\A\nsl_host_process.exe:*:Enabled:Nokia Service Layer Host Process -- (Nokia Corporation)
"C:\Programme\Logitech\Logitech Harmony Remote Software 7\HarmonyRemote.exe" = C:\Programme\Logitech\Logitech Harmony Remote Software 7\HarmonyRemote.exe:*:Enabled:Logitech Harmony Remote Software 7 -- ()
"C:\Programme\Java\jre6\bin\javaw.exe" = C:\Programme\Java\jre6\bin\javaw.exe:*:Enabled:Java(TM) Platform SE binary -- (Sun Microsystems, Inc.)
"C:\Programme\Microsoft ActiveSync\rapimgr.exe" = C:\Programme\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager -- (Microsoft Corporation)
"C:\Programme\Microsoft ActiveSync\wcescomm.exe" = C:\Programme\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager -- (Microsoft Corporation)
"C:\Programme\Microsoft ActiveSync\WCESMgr.exe" = C:\Programme\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application -- (Microsoft Corporation)
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{04B45310-A5FE-4425-BFCA-1A6D8920DE74}" = OpenOffice.org 3.0
"{1373559F-6DC6-44EA-9079-6ABDCCE8CDAD}" = OviMPlatform
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{212748BB-0DA5-46DE-82A1-403736DC9F27}" = MSVC80_x86
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{26A24AE4-039D-4CA4-87B4-2F83216021FF}" = Java(TM) 6 Update 21
"{29F563F4-8807-4496-8463-441EAA0E96AB}" = PC Connectivity Solution
"{2D10FC46-1D96-44C4-8855-85F21B9B011E}" = Ovi Desktop Sync Engine
"{350C97B3-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3921A67A-5AB1-4E48-9444-C71814CF3027}" = VCRedistSetup
"{45A66726-69BC-466B-A7A4-12FCBA4883D7}" = HiJackThis
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{523DF39E-DF7D-488F-8022-783946571031}" = Nero 8 Essentials
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{57C7C46A-D35D-492d-A328-4F8C9B5B4B52}" = PrintScreen
"{5C6F884D-680C-448B-B4C9-22296EE1B206}" = Logitech Harmony Remote Software 7
"{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}" = MSVC80_x86_v2
"{7694EC32-CB0E-4B35-9088-7B320CB1F4FE}" = Nokia PC Suite
"{7ABD6243-A825-46AE-B1B4-B5AE845AA7A9}" = hp color LaserJet 2550 series
"{8070452B-15D6-4169-B9B9-FCC3B54588AD}" = Nokia Ovi Suite
"{80F19EAA-44C4-47C2-AE87-1C7628E858D6}" = Logitech Harmony Remote Software 7
"{8471021C-F529-43DE-84DF-3612E10F58C4}" = Remote Control USB Driver
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90120000-0010-0407-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (German) 12
"{90120000-0012-0000-0000-0000000FF1CE}" = Microsoft Office Standard 2007
"{90120000-0012-0000-0000-0000000FF1CE}_STANDARD_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0012-0000-0000-0000000FF1CE}_STANDARD_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{90120000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2007
"{90120000-0015-0407-0000-0000000FF1CE}_PROR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_PROR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_PROR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2007
"{90120000-0019-0407-0000-0000000FF1CE}_PROR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2007
"{90120000-001A-0407-0000-0000000FF1CE}_PROR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_PROR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_PROR_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_PROR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_PROR_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_PROR_{322296D4-1EAE-4030-9FBC-D2787EB25FA2}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_PROR_{26454C26-D259-4543-AA60-3189E09C5F76}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90280407-6000-11D3-8CFE-0050048383C9}" = Microsoft Office XP Professional mit FrontPage
"{90B5E602-1867-449D-86FD-FC9DEA4434BF}" = HP Software Update
"{91120000-0014-0000-0000-0000000FF1CE}" = Microsoft Office Professional 2007
"{91120000-0014-0000-0000-0000000FF1CE}_PROR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-0014-0000-0000-0000000FF1CE}_PROR_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{945AC98B-3DC8-45BE-BAE0-22CEEE37A103}" = Logitech QuickCam
"{981029E0-7FC9-4CF3-AB39-6F133621921A}" = Skype Toolbars
"{99052DB7-9592-4522-A558-5417BBAD48EE}" = Microsoft ActiveSync
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{A0D65C73-F2C5-432F-8788-90F8A2E99B98}" = Nokia Ovi Suite Software Updater
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1031-7B44-A90000000001}" = Adobe Reader 9 - Deutsch
"{AC76BA86-7AD7-5760-0000-900000000003}" = Japanese Fonts Support For Adobe Reader 9
"{AF111648-99A1-453E-81DD-80DBBF6DAD0D}" = MSVC90_x86
"{B9A17C96-1348-45CB-BB0A-1BCB3A0F854E}" = Bluesoleil2.7.0.35 VoIP Release 080317
"{C151CE54-E7EA-4804-854B-F515368B0798}" = AMD Processor Driver
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.2
"{DC627AE5-A2B1-4D16-AF56-178D10EC3E81}" = KeyMan V4.0 Build 5
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F193FC0E-9E18-40FC-A974-509A1BDD240A}" = Samsung New PC Studio
"{F1FDAA01-988C-423F-AC12-0D8F333943FD}" = Nokia Connectivity Cable Driver
"3D MP3 Recorder 3.5_is1" = 3D MP3 Recorder 3.5
"504244733D18C8F63FF584AEB290E3904E791693" = Windows-Treiberpaket - Nokia pccsmcfd (08/22/2008 7.0.0.0)
"AC3Filter_is1" = AC3Filter 1.63b
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Alte Schriften" = Alte Schriften
"Audacity_is1" = Audacity 1.2.4
"AudibleManager" = AudibleManager
"AVIcodec" = AVIcodec (remove only)
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"CCleaner" = CCleaner
"D978F69D5F15B845BD6BC6F8BF9BCD36982A2087" = Windows-Treiberpaket - Nokia Modem (02/24/2009 4.0)
"E7F682214B951640C9C539C41FDA1A7F836FF7B6" = Windows-Treiberpaket - Nokia Modem (02/23/2009 7.01.0.2)
"ESET Online Scanner" = ESET Online Scanner v3
"Exact Audio Copy" = Exact Audio Copy 0.95b4
"FreePDF_XP" = FreePDF XP (Remove only)
"GPL Ghostscript 8.70" = GPL Ghostscript 8.70
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie8" = Windows Internet Explorer 8
"InstallShield_{F193FC0E-9E18-40FC-A974-509A1BDD240A}" = Samsung New PC Studio
"IrfanView" = IrfanView (remove only)
"JDownloader" = JDownloader
"KLiteCodecPack_is1" = K-Lite Codec Pack 4.1.6 (Full)
"lvdrivers_11.50" = Logitech QuickCam-Treiberpaket
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Medion GoPal Assistant" = Medion GoPal Assistant 4.03.003
"Mozilla Firefox (3.6.8)" = Mozilla Firefox (3.6.8)
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"Nokia Ovi Suite" = Nokia Ovi Suite
"Nokia PC Suite" = Nokia PC Suite
"NVIDIA Drivers" = NVIDIA Drivers
"PROR" = Microsoft Office Professional 2007
"Redirection Port Monitor" = RedMon - Redirection Port Monitor
"Samsung MFP 560 Series" = Samsung MFP 560 Series
"SAMSUNG Mobile Modem" = SAMSUNG Mobile Modem Driver Set
"Samsung Mobile phone USB driver" = Samsung Mobile phone USB driver Software
"SAMSUNG Mobile USB Modem" = SAMSUNG Mobile USB Modem Software
"SAMSUNG Mobile USB Modem 1.0" = SAMSUNG Mobile USB Modem 1.0 Software
"Scribus 1.3.3.13" = Scribus 1.3.3.13
"softonic-de3 Toolbar" = softonic-de3 Toolbar
"STANDARD" = Microsoft Office Standard 2007
"Ulead GIF Animator Lite Edition 1.0" = Ulead GIF Animator Lite Edition 1.0
"Wdf01009" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.9
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"WinGimp-2.0_is1" = GIMP 2.6.7
"WinRAR archiver" = WinRAR Archivierer
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01009" = Microsoft User-Mode Driver Framework Feature Pack 1.9
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 21.07.2010 16:18:44 | Computer Name = NEUERPCKELLER | Source = Application Error | ID = 1000
Description = Fehlgeschlagene Anwendung bluesoleil.exe, Version 2.7.0.35, fehlgeschlagenes
Modul bluesoleil.exe, Version 2.7.0.35, Fehleradresse 0x00096226.
Error - 27.07.2010 15:41:19 | Computer Name = NEUERPCKELLER | Source = Windows Search Service | ID = 3024
Description = Die Aktualisierung kann nicht gestartet werden, da kein Zugriff auf
die Inhaltsquellen bestand. Beheben Sie die Fehler, und starten Sie die Aktualisierung
erneut. Kontext: Anwendung, SystemIndex Katalog
Error - 28.07.2010 13:00:11 | Computer Name = NEUERPCKELLER | Source = crypt32 | ID = 131083
Description = Die Extrahierung der Drittanbieterstammlisten aus der automatischen
Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>
ist fehlgeschlagen mit dem Fehler: Ein erforderliches Zertifikat befindet sich
nicht im Gültigkeitszeitraum gemessen an der aktuellen Systemzeit oder dem Zeitstempel
in der signierten Datei. .
Error - 28.07.2010 13:00:11 | Computer Name = NEUERPCKELLER | Source = crypt32 | ID = 131083
Description = Die Extrahierung der Drittanbieterstammlisten aus der automatischen
Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>
ist fehlgeschlagen mit dem Fehler: Ein erforderliches Zertifikat befindet sich
nicht im Gültigkeitszeitraum gemessen an der aktuellen Systemzeit oder dem Zeitstempel
in der signierten Datei. .
Error - 30.07.2010 13:39:46 | Computer Name = NEUERPCKELLER | Source = Windows Search Service | ID = 3024
Description = Die Aktualisierung kann nicht gestartet werden, da kein Zugriff auf
die Inhaltsquellen bestand. Beheben Sie die Fehler, und starten Sie die Aktualisierung
erneut. Kontext: Anwendung, SystemIndex Katalog
Error - 02.08.2010 10:19:29 | Computer Name = NEUERPCKELLER | Source = Application Hang | ID = 1002
Description = Stillstehende Anwendung OUTLOOK.EXE, Version 12.0.6535.5005, Stillstandmodul
hungapp, Version 0.0.0.0, Stillstandadresse 0x00000000.
Error - 02.08.2010 10:43:39 | Computer Name = NEUERPCKELLER | Source = Microsoft Office 12 | ID = 2001
Description = Rejected Safe Mode action : Microsoft Office Outlook.
Error - 14.08.2010 15:13:44 | Computer Name = NEUERPCKELLER | Source = ESENT | ID = 490
Description = svchost (1140) Versuch, Datei "C:\WINDOWS\system32\CatRoot2\{127D0A1D-4EF2-11D1-8608-00C04FC295EE}\catdb"
für den Lese-/Schreibzugriff zu öffnen, ist mit Systemfehler 32 (0x00000020): "Der
Prozess kann nicht auf die Datei zugreifen, da sie von einem anderen Prozess verwendet
wird. " fehlgeschlagen. Fehler -1032 (0xfffffbf8) beim Öffnen von Dateien.
Error - 28.08.2010 10:47:43 | Computer Name = NEUERPCKELLER | Source = ESENT | ID = 490
Description = svchost (1140) Versuch, Datei "C:\WINDOWS\system32\CatRoot2\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\catdb"
für den Lese-/Schreibzugriff zu öffnen, ist mit Systemfehler 32 (0x00000020): "Der
Prozess kann nicht auf die Datei zugreifen, da sie von einem anderen Prozess verwendet
wird. " fehlgeschlagen. Fehler -1032 (0xfffffbf8) beim Öffnen von Dateien.
[ System Events ]
Error - 29.08.2010 07:04:11 | Computer Name = NEUERPCKELLER | Source = Service Control Manager | ID = 7001
Description = Der Dienst "RAS-Verbindungsverwaltung" ist vom Dienst "Telefonie"
abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: %%1058
Error - 29.08.2010 07:04:11 | Computer Name = NEUERPCKELLER | Source = Service Control Manager | ID = 7001
Description = Der Dienst "RAS-Verbindungsverwaltung" ist vom Dienst "Telefonie"
abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: %%1058
Error - 29.08.2010 07:04:13 | Computer Name = NEUERPCKELLER | Source = Service Control Manager | ID = 7001
Description = Der Dienst "RAS-Verbindungsverwaltung" ist vom Dienst "Telefonie"
abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: %%1058
Error - 29.08.2010 07:04:13 | Computer Name = NEUERPCKELLER | Source = Service Control Manager | ID = 7001
Description = Der Dienst "RAS-Verbindungsverwaltung" ist vom Dienst "Telefonie"
abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: %%1058
Error - 29.08.2010 07:04:14 | Computer Name = NEUERPCKELLER | Source = Service Control Manager | ID = 7001
Description = Der Dienst "RAS-Verbindungsverwaltung" ist vom Dienst "Telefonie"
abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: %%1058
Error - 29.08.2010 07:04:15 | Computer Name = NEUERPCKELLER | Source = Service Control Manager | ID = 7001
Description = Der Dienst "RAS-Verbindungsverwaltung" ist vom Dienst "Telefonie"
abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: %%1058
Error - 29.08.2010 07:04:15 | Computer Name = NEUERPCKELLER | Source = Service Control Manager | ID = 7001
Description = Der Dienst "RAS-Verbindungsverwaltung" ist vom Dienst "Telefonie"
abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: %%1058
Error - 29.08.2010 07:04:15 | Computer Name = NEUERPCKELLER | Source = Service Control Manager | ID = 7001
Description = Der Dienst "RAS-Verbindungsverwaltung" ist vom Dienst "Telefonie"
abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: %%1058
Error - 29.08.2010 07:04:17 | Computer Name = NEUERPCKELLER | Source = Service Control Manager | ID = 7001
Description = Der Dienst "RAS-Verbindungsverwaltung" ist vom Dienst "Telefonie"
abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: %%1058
Error - 29.08.2010 07:04:17 | Computer Name = NEUERPCKELLER | Source = Service Control Manager | ID = 7001
Description = Der Dienst "RAS-Verbindungsverwaltung" ist vom Dienst "Telefonie"
abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: %%1058
< End of report > RootRepeal-Log Code:
OTL Extras logfile created on: 29.08.2010 13:02:59 - Run 2
OTL by OldTimer - Version 3.2.10.0 Folder = C:\Dokumente und Einstellungen\Gaby\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 74,00% Memory free
4,00 Gb Paging File | 3,00 Gb Available in Paging File | 84,00% Paging File free
Paging file location(s): C:\pagefile.sys 1344 2688 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 149,72 Gb Total Space | 129,87 Gb Free Space | 86,74% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
Drive E: | 148,37 Gb Total Space | 89,28 Gb Free Space | 60,17% Space Free | Partition Type: NTFS
Drive F: | 967,22 Mb Total Space | 773,02 Mb Free Space | 79,92% Space Free | Partition Type: FAT
Drive G: | 991,22 Mb Total Space | 990,95 Mb Free Space | 99,97% Space Free | Partition Type: FAT
Drive H: | 148,37 Gb Total Space | 89,28 Gb Free Space | 60,17% Space Free | Partition Type: NTFS
I: Drive not present or media not loaded
Drive U: | 148,37 Gb Total Space | 89,28 Gb Free Space | 60,17% Space Free | Partition Type: NTFS
Computer Name: NEUERPCKELLER
Current User Name: Gaby
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Programme\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
htmlfile [edit] -- "C:\Programme\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Programme\Microsoft Office\Office12\msohtmed.exe" /p %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 1
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002
"26675:TCP" = 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0
"DoNotAllowExceptions" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002
"26675:TCP" = 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\Programme\Logitech\Logitech Harmony Remote Software 7\HarmonyRemote.exe" = C:\Programme\Logitech\Logitech Harmony Remote Software 7\HarmonyRemote.exe:*:Enabled:Logitech Harmony Remote Software 7 -- ()
"C:\Programme\Microsoft ActiveSync\rapimgr.exe" = C:\Programme\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager -- (Microsoft Corporation)
"C:\Programme\Microsoft ActiveSync\wcescomm.exe" = C:\Programme\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager -- (Microsoft Corporation)
"C:\Programme\Microsoft ActiveSync\WCESMgr.exe" = C:\Programme\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application -- (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Programme\IVT Corporation\BlueSoleil\BlueSoleil.exe" = C:\Programme\IVT Corporation\BlueSoleil\BlueSoleil.exe:*:Enabled:BlueSoleil -- (IVT Corporation.)
"C:\Programme\Hewlett-Packard\Toolbox\jre\bin\javaw.exe" = C:\Programme\Hewlett-Packard\Toolbox\jre\bin\javaw.exe:*:Enabled:javaw -- ()
"C:\Programme\BitTorrent\bittorrent.exe" = C:\Programme\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent -- File not found
"C:\Programme\Samsung\Samsung New PC Studio\npsasvr.exe" = C:\Programme\Samsung\Samsung New PC Studio\npsasvr.exe:*:Enabled:KTF MUSIC AoD Server -- (PeeringPortal)
"C:\Programme\Samsung\Samsung New PC Studio\npsvsvr.exe" = C:\Programme\Samsung\Samsung New PC Studio\npsvsvr.exe:*:Enabled:KTF MUSIC VoD Server -- (PeeringPortal)
"C:\Programme\Microsoft Office\Office12\OUTLOOK.EXE" = C:\Programme\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook -- (Microsoft Corporation)
"C:\Programme\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe" = C:\Programme\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe:*:Enabled:Nokia Ovi Suite 2 -- (Nokia)
"C:\Programme\Gemeinsame Dateien\Nokia\Service Layer\A\nsl_host_process.exe" = C:\Programme\Gemeinsame Dateien\Nokia\Service Layer\A\nsl_host_process.exe:*:Enabled:Nokia Service Layer Host Process -- (Nokia Corporation)
"C:\Programme\Logitech\Logitech Harmony Remote Software 7\HarmonyRemote.exe" = C:\Programme\Logitech\Logitech Harmony Remote Software 7\HarmonyRemote.exe:*:Enabled:Logitech Harmony Remote Software 7 -- ()
"C:\Programme\Java\jre6\bin\javaw.exe" = C:\Programme\Java\jre6\bin\javaw.exe:*:Enabled:Java(TM) Platform SE binary -- (Sun Microsystems, Inc.)
"C:\Programme\Microsoft ActiveSync\rapimgr.exe" = C:\Programme\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager -- (Microsoft Corporation)
"C:\Programme\Microsoft ActiveSync\wcescomm.exe" = C:\Programme\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager -- (Microsoft Corporation)
"C:\Programme\Microsoft ActiveSync\WCESMgr.exe" = C:\Programme\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application -- (Microsoft Corporation)
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{04B45310-A5FE-4425-BFCA-1A6D8920DE74}" = OpenOffice.org 3.0
"{1373559F-6DC6-44EA-9079-6ABDCCE8CDAD}" = OviMPlatform
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{212748BB-0DA5-46DE-82A1-403736DC9F27}" = MSVC80_x86
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{26A24AE4-039D-4CA4-87B4-2F83216021FF}" = Java(TM) 6 Update 21
"{29F563F4-8807-4496-8463-441EAA0E96AB}" = PC Connectivity Solution
"{2D10FC46-1D96-44C4-8855-85F21B9B011E}" = Ovi Desktop Sync Engine
"{350C97B3-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3921A67A-5AB1-4E48-9444-C71814CF3027}" = VCRedistSetup
"{45A66726-69BC-466B-A7A4-12FCBA4883D7}" = HiJackThis
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{523DF39E-DF7D-488F-8022-783946571031}" = Nero 8 Essentials
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{57C7C46A-D35D-492d-A328-4F8C9B5B4B52}" = PrintScreen
"{5C6F884D-680C-448B-B4C9-22296EE1B206}" = Logitech Harmony Remote Software 7
"{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}" = MSVC80_x86_v2
"{7694EC32-CB0E-4B35-9088-7B320CB1F4FE}" = Nokia PC Suite
"{7ABD6243-A825-46AE-B1B4-B5AE845AA7A9}" = hp color LaserJet 2550 series
"{8070452B-15D6-4169-B9B9-FCC3B54588AD}" = Nokia Ovi Suite
"{80F19EAA-44C4-47C2-AE87-1C7628E858D6}" = Logitech Harmony Remote Software 7
"{8471021C-F529-43DE-84DF-3612E10F58C4}" = Remote Control USB Driver
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90120000-0010-0407-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (German) 12
"{90120000-0012-0000-0000-0000000FF1CE}" = Microsoft Office Standard 2007
"{90120000-0012-0000-0000-0000000FF1CE}_STANDARD_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0012-0000-0000-0000000FF1CE}_STANDARD_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{90120000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2007
"{90120000-0015-0407-0000-0000000FF1CE}_PROR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_PROR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_PROR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2007
"{90120000-0019-0407-0000-0000000FF1CE}_PROR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2007
"{90120000-001A-0407-0000-0000000FF1CE}_PROR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_PROR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_PROR_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_PROR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_PROR_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_PROR_{322296D4-1EAE-4030-9FBC-D2787EB25FA2}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_PROR_{26454C26-D259-4543-AA60-3189E09C5F76}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90280407-6000-11D3-8CFE-0050048383C9}" = Microsoft Office XP Professional mit FrontPage
"{90B5E602-1867-449D-86FD-FC9DEA4434BF}" = HP Software Update
"{91120000-0014-0000-0000-0000000FF1CE}" = Microsoft Office Professional 2007
"{91120000-0014-0000-0000-0000000FF1CE}_PROR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-0014-0000-0000-0000000FF1CE}_PROR_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{945AC98B-3DC8-45BE-BAE0-22CEEE37A103}" = Logitech QuickCam
"{981029E0-7FC9-4CF3-AB39-6F133621921A}" = Skype Toolbars
"{99052DB7-9592-4522-A558-5417BBAD48EE}" = Microsoft ActiveSync
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{A0D65C73-F2C5-432F-8788-90F8A2E99B98}" = Nokia Ovi Suite Software Updater
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1031-7B44-A90000000001}" = Adobe Reader 9 - Deutsch
"{AC76BA86-7AD7-5760-0000-900000000003}" = Japanese Fonts Support For Adobe Reader 9
"{AF111648-99A1-453E-81DD-80DBBF6DAD0D}" = MSVC90_x86
"{B9A17C96-1348-45CB-BB0A-1BCB3A0F854E}" = Bluesoleil2.7.0.35 VoIP Release 080317
"{C151CE54-E7EA-4804-854B-F515368B0798}" = AMD Processor Driver
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.2
"{DC627AE5-A2B1-4D16-AF56-178D10EC3E81}" = KeyMan V4.0 Build 5
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F193FC0E-9E18-40FC-A974-509A1BDD240A}" = Samsung New PC Studio
"{F1FDAA01-988C-423F-AC12-0D8F333943FD}" = Nokia Connectivity Cable Driver
"3D MP3 Recorder 3.5_is1" = 3D MP3 Recorder 3.5
"504244733D18C8F63FF584AEB290E3904E791693" = Windows-Treiberpaket - Nokia pccsmcfd (08/22/2008 7.0.0.0)
"AC3Filter_is1" = AC3Filter 1.63b
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Alte Schriften" = Alte Schriften
"Audacity_is1" = Audacity 1.2.4
"AudibleManager" = AudibleManager
"AVIcodec" = AVIcodec (remove only)
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"CCleaner" = CCleaner
"D978F69D5F15B845BD6BC6F8BF9BCD36982A2087" = Windows-Treiberpaket - Nokia Modem (02/24/2009 4.0)
"E7F682214B951640C9C539C41FDA1A7F836FF7B6" = Windows-Treiberpaket - Nokia Modem (02/23/2009 7.01.0.2)
"ESET Online Scanner" = ESET Online Scanner v3
"Exact Audio Copy" = Exact Audio Copy 0.95b4
"FreePDF_XP" = FreePDF XP (Remove only)
"GPL Ghostscript 8.70" = GPL Ghostscript 8.70
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie8" = Windows Internet Explorer 8
"InstallShield_{F193FC0E-9E18-40FC-A974-509A1BDD240A}" = Samsung New PC Studio
"IrfanView" = IrfanView (remove only)
"JDownloader" = JDownloader
"KLiteCodecPack_is1" = K-Lite Codec Pack 4.1.6 (Full)
"lvdrivers_11.50" = Logitech QuickCam-Treiberpaket
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Medion GoPal Assistant" = Medion GoPal Assistant 4.03.003
"Mozilla Firefox (3.6.8)" = Mozilla Firefox (3.6.8)
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"Nokia Ovi Suite" = Nokia Ovi Suite
"Nokia PC Suite" = Nokia PC Suite
"NVIDIA Drivers" = NVIDIA Drivers
"PROR" = Microsoft Office Professional 2007
"Redirection Port Monitor" = RedMon - Redirection Port Monitor
"Samsung MFP 560 Series" = Samsung MFP 560 Series
"SAMSUNG Mobile Modem" = SAMSUNG Mobile Modem Driver Set
"Samsung Mobile phone USB driver" = Samsung Mobile phone USB driver Software
"SAMSUNG Mobile USB Modem" = SAMSUNG Mobile USB Modem Software
"SAMSUNG Mobile USB Modem 1.0" = SAMSUNG Mobile USB Modem 1.0 Software
"Scribus 1.3.3.13" = Scribus 1.3.3.13
"softonic-de3 Toolbar" = softonic-de3 Toolbar
"STANDARD" = Microsoft Office Standard 2007
"Ulead GIF Animator Lite Edition 1.0" = Ulead GIF Animator Lite Edition 1.0
"Wdf01009" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.9
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"WinGimp-2.0_is1" = GIMP 2.6.7
"WinRAR archiver" = WinRAR Archivierer
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01009" = Microsoft User-Mode Driver Framework Feature Pack 1.9
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 21.07.2010 16:18:44 | Computer Name = NEUERPCKELLER | Source = Application Error | ID = 1000
Description = Fehlgeschlagene Anwendung bluesoleil.exe, Version 2.7.0.35, fehlgeschlagenes
Modul bluesoleil.exe, Version 2.7.0.35, Fehleradresse 0x00096226.
Error - 27.07.2010 15:41:19 | Computer Name = NEUERPCKELLER | Source = Windows Search Service | ID = 3024
Description = Die Aktualisierung kann nicht gestartet werden, da kein Zugriff auf
die Inhaltsquellen bestand. Beheben Sie die Fehler, und starten Sie die Aktualisierung
erneut. Kontext: Anwendung, SystemIndex Katalog
Error - 28.07.2010 13:00:11 | Computer Name = NEUERPCKELLER | Source = crypt32 | ID = 131083
Description = Die Extrahierung der Drittanbieterstammlisten aus der automatischen
Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>
ist fehlgeschlagen mit dem Fehler: Ein erforderliches Zertifikat befindet sich
nicht im Gültigkeitszeitraum gemessen an der aktuellen Systemzeit oder dem Zeitstempel
in der signierten Datei. .
Error - 28.07.2010 13:00:11 | Computer Name = NEUERPCKELLER | Source = crypt32 | ID = 131083
Description = Die Extrahierung der Drittanbieterstammlisten aus der automatischen
Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>
ist fehlgeschlagen mit dem Fehler: Ein erforderliches Zertifikat befindet sich
nicht im Gültigkeitszeitraum gemessen an der aktuellen Systemzeit oder dem Zeitstempel
in der signierten Datei. .
Error - 30.07.2010 13:39:46 | Computer Name = NEUERPCKELLER | Source = Windows Search Service | ID = 3024
Description = Die Aktualisierung kann nicht gestartet werden, da kein Zugriff auf
die Inhaltsquellen bestand. Beheben Sie die Fehler, und starten Sie die Aktualisierung
erneut. Kontext: Anwendung, SystemIndex Katalog
Error - 02.08.2010 10:19:29 | Computer Name = NEUERPCKELLER | Source = Application Hang | ID = 1002
Description = Stillstehende Anwendung OUTLOOK.EXE, Version 12.0.6535.5005, Stillstandmodul
hungapp, Version 0.0.0.0, Stillstandadresse 0x00000000.
Error - 02.08.2010 10:43:39 | Computer Name = NEUERPCKELLER | Source = Microsoft Office 12 | ID = 2001
Description = Rejected Safe Mode action : Microsoft Office Outlook.
Error - 14.08.2010 15:13:44 | Computer Name = NEUERPCKELLER | Source = ESENT | ID = 490
Description = svchost (1140) Versuch, Datei "C:\WINDOWS\system32\CatRoot2\{127D0A1D-4EF2-11D1-8608-00C04FC295EE}\catdb"
für den Lese-/Schreibzugriff zu öffnen, ist mit Systemfehler 32 (0x00000020): "Der
Prozess kann nicht auf die Datei zugreifen, da sie von einem anderen Prozess verwendet
wird. " fehlgeschlagen. Fehler -1032 (0xfffffbf8) beim Öffnen von Dateien.
Error - 28.08.2010 10:47:43 | Computer Name = NEUERPCKELLER | Source = ESENT | ID = 490
Description = svchost (1140) Versuch, Datei "C:\WINDOWS\system32\CatRoot2\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\catdb"
für den Lese-/Schreibzugriff zu öffnen, ist mit Systemfehler 32 (0x00000020): "Der
Prozess kann nicht auf die Datei zugreifen, da sie von einem anderen Prozess verwendet
wird. " fehlgeschlagen. Fehler -1032 (0xfffffbf8) beim Öffnen von Dateien.
[ System Events ]
Error - 29.08.2010 07:04:11 | Computer Name = NEUERPCKELLER | Source = Service Control Manager | ID = 7001
Description = Der Dienst "RAS-Verbindungsverwaltung" ist vom Dienst "Telefonie"
abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: %%1058
Error - 29.08.2010 07:04:11 | Computer Name = NEUERPCKELLER | Source = Service Control Manager | ID = 7001
Description = Der Dienst "RAS-Verbindungsverwaltung" ist vom Dienst "Telefonie"
abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: %%1058
Error - 29.08.2010 07:04:13 | Computer Name = NEUERPCKELLER | Source = Service Control Manager | ID = 7001
Description = Der Dienst "RAS-Verbindungsverwaltung" ist vom Dienst "Telefonie"
abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: %%1058
Error - 29.08.2010 07:04:13 | Computer Name = NEUERPCKELLER | Source = Service Control Manager | ID = 7001
Description = Der Dienst "RAS-Verbindungsverwaltung" ist vom Dienst "Telefonie"
abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: %%1058
Error - 29.08.2010 07:04:14 | Computer Name = NEUERPCKELLER | Source = Service Control Manager | ID = 7001
Description = Der Dienst "RAS-Verbindungsverwaltung" ist vom Dienst "Telefonie"
abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: %%1058
Error - 29.08.2010 07:04:15 | Computer Name = NEUERPCKELLER | Source = Service Control Manager | ID = 7001
Description = Der Dienst "RAS-Verbindungsverwaltung" ist vom Dienst "Telefonie"
abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: %%1058
Error - 29.08.2010 07:04:15 | Computer Name = NEUERPCKELLER | Source = Service Control Manager | ID = 7001
Description = Der Dienst "RAS-Verbindungsverwaltung" ist vom Dienst "Telefonie"
abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: %%1058
Error - 29.08.2010 07:04:15 | Computer Name = NEUERPCKELLER | Source = Service Control Manager | ID = 7001
Description = Der Dienst "RAS-Verbindungsverwaltung" ist vom Dienst "Telefonie"
abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: %%1058
Error - 29.08.2010 07:04:17 | Computer Name = NEUERPCKELLER | Source = Service Control Manager | ID = 7001
Description = Der Dienst "RAS-Verbindungsverwaltung" ist vom Dienst "Telefonie"
abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: %%1058
Error - 29.08.2010 07:04:17 | Computer Name = NEUERPCKELLER | Source = Service Control Manager | ID = 7001
Description = Der Dienst "RAS-Verbindungsverwaltung" ist vom Dienst "Telefonie"
abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: %%1058
< End of report > Ich wünsche einen guten Start in die neue Woche.
Liebe Grüße
Gaby |