Ich habe keine Ahnung ob er die Datei ausgeführt hat. Habe jedenfalls die .zip Datei in meiner Downloadchronik gesehen und dann das Archiv gelöscht.
OTL Code:
OTL logfile created on: 11.11.2010 19:38:08 - Run 1
OTL by OldTimer - Version 3.2.17.3 Folder = C:\Users\xxx\Downloads
Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18975)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 41,00% Memory free
4,00 Gb Paging File | 3,00 Gb Available in Paging File | 64,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 74,52 Gb Total Space | 6,20 Gb Free Space | 8,31% Space Free | Partition Type: NTFS
Drive E: | 73,06 Gb Total Space | 8,66 Gb Free Space | 11,86% Space Free | Partition Type: NTFS
Computer Name: xxx-1337 | User Name: xxx | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - C:\Users\xxx\Downloads\OTL.exe (OldTimer Tools)
PRC - C:\Programme\Mozilla Firefox\plugin-container.exe (Mozilla Corporation)
PRC - C:\Programme\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Windows\System32\ZoneLabs\vsmon.exe (Check Point Software Technologies LTD)
PRC - C:\Programme\Zone Labs\ZoneAlarm\zlclient.exe (Check Point Software Technologies LTD)
PRC - C:\Programme\Avira\AntiVir PersonalEdition Classic\avscan.exe (Avira GmbH)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Programme\Avira\AntiVir PersonalEdition Classic\sched.exe (Avira GmbH)
PRC - C:\Programme\Avira\AntiVir PersonalEdition Classic\avguard.exe (Avira GmbH)
PRC - C:\Programme\Avira\AntiVir PersonalEdition Classic\avgnt.exe (Avira GmbH)
PRC - C:\Programme\Windows Media Player\wmpnetwk.exe (Microsoft Corporation)
PRC - C:\Programme\Windows Media Player\wmpnscfg.exe (Microsoft Corporation)
PRC - C:\Programme\Windows Sidebar\sidebar.exe (Microsoft Corporation)
PRC - C:\Programme\Windows Live\Messenger\msnmsgr.exe (Microsoft Corporation)
PRC - C:\Programme\Windows Live\Messenger\usnsvc.exe (Microsoft Corporation)
PRC - C:\Programme\DAEMON Tools\daemon.exe (DT Soft Ltd.)
PRC - C:\Programme\mIRC\mirc.exe (mIRC Co. Ltd.)
PRC - C:\Programme\Creative\Shared Files\CTDevSrv.exe (Creative Technology Ltd)
PRC - C:\Programme\Intel\Intel Matrix Storage Manager\IAANTmon.exe (Intel Corporation)
PRC - C:\Programme\TOSHIBA\ConfigFree\CFSvcs.exe (TOSHIBA CORPORATION)
========== Modules (SafeList) ==========
MOD - C:\Users\xxx\Downloads\OTL.exe (OldTimer Tools)
MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18523_none_5cdd65e20837faf2\comctl32.dll (Microsoft Corporation)
========== Win32 Services (SafeList) ==========
SRV - (TOSHIBA Bluetooth Service) -- c:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe File not found
SRV - (Automatisches LiveUpdate - Scheduler) -- C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe File not found
SRV - (Steam Client Service) -- C:\Program Files\Common Files\Steam\SteamService.exe (Valve Corporation)
SRV - (vsmon) -- C:\Windows\System32\ZoneLabs\vsmon.exe (Check Point Software Technologies LTD)
SRV - (Apple Mobile Device) -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.)
SRV - (WPFFontCache_v0400) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe (Microsoft Corporation)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (TeamViewer5) -- C:\Program Files\TeamViewer\Version5\TeamViewer_Service.exe (TeamViewer GmbH)
SRV - (TuneUp.ProgramStatisticsSvc) -- C:\Windows\System32\TUProgSt.exe (TuneUp Software)
SRV - (TuneUp.Defrag) -- C:\Windows\System32\TuneUpDefragService.exe (TuneUp Software)
SRV - (UxTuneUp) -- C:\Windows\System32\uxtuneup.dll (TuneUp Software)
SRV - (AntiVirScheduler) -- C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe (Avira GmbH)
SRV - (AntiVirService) -- C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe (Avira GmbH)
SRV - (FAH@E:+Games+Ubisoft+Far Cry 2+bin+FAH.exe) -- E:\Games\Ubisoft\Far Cry 2\bin\FAH.exe (Stanford University)
SRV - (CTUPnPSv) -- C:\Programme\Creative\Creative Centrale\CTUPnPSv.exe (Creative Technology Ltd)
SRV - (WinDefend) -- C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV - (WLSetupSvc) -- C:\Program Files\Windows Live\installer\WLSetupSvc.exe (Microsoft Corporation)
SRV - (TNaviSrv) -- C:\Programme\TOSHIBA\TOSHIBA DVD PLAYER\TNaviSrv.exe (TOSHIBA Corporation)
SRV - (CTDevice_Srv) -- C:\Programme\Creative\Shared Files\CTDevSrv.exe (Creative Technology Ltd)
SRV - (TosCoSrv) -- C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe (TOSHIBA Corporation)
SRV - (IAANTMON) Intel(R) -- C:\Programme\Intel\Intel Matrix Storage Manager\IAANTmon.exe (Intel Corporation)
SRV - (CFSvcs) -- C:\Programme\TOSHIBA\ConfigFree\CFSvcs.exe (TOSHIBA CORPORATION)
SRV - (AgereModemAudio) -- C:\Windows\System32\agrsmsvc.exe (Agere Systems)
SRV - (UleadBurningHelper) -- C:\Programme\Common Files\Ulead Systems\DVD\ULCDRSvr.exe (Ulead Systems, Inc.)
SRV - (TODDSrv) -- C:\Windows\System32\TODDSrv.exe (TOSHIBA Corporation)
SRV - (FirebirdServerMAGIXInstance) -- C:\Programme\MAGIX\Common\Database\bin\fbserver.exe (MAGIX®)
========== Driver Services (SafeList) ==========
DRV - (vsdatant7) -- C:\Windows\System32\drivers\vsdatant.win7.sys File not found
DRV - (TpChoice) -- C:\Windows\System32\DRIVERS\TpChoice.sys File not found
DRV - (NwlnkFwd) -- C:\Windows\System32\DRIVERS\nwlnkfwd.sys File not found
DRV - (NwlnkFlt) -- C:\Windows\System32\DRIVERS\nwlnkflt.sys File not found
DRV - (IpInIp) -- C:\Windows\System32\DRIVERS\ipinip.sys File not found
DRV - (igfx) -- C:\Windows\System32\DRIVERS\igdkmd32.sys File not found
DRV - (EagleNT) -- C:\Windows\System32\drivers\EagleNT.sys File not found
DRV - (blbdrive) -- C:\Windows\System32\drivers\blbdrive.sys File not found
DRV - (IntcAzAudAddService) Service for Realtek HD Audio (WDM) -- C:\Windows\System32\drivers\RTKVHDA.sys (Realtek Semiconductor Corp.)
DRV - (Vsdatant) -- C:\Windows\System32\drivers\vsdatant.sys (Check Point Software Technologies LTD)
DRV - (avipbb) -- C:\Windows\System32\drivers\avipbb.sys (Avira GmbH)
DRV - (avgntflt) -- C:\Programme\Avira\AntiVir PersonalEdition Classic\avgntflt.sys (Avira GmbH)
DRV - (avgio) -- C:\Programme\Avira\AntiVir PersonalEdition Classic\avgio.sys (Avira GmbH)
DRV - (vcool) -- C:\Windows\System32\vcool.sys (MPET)
DRV - (hamachi) -- C:\Windows\System32\drivers\hamachi.sys (LogMeIn, Inc.)
DRV - (usbaudio) USB-Audiotreiber (WDM) -- C:\Windows\System32\drivers\USBAUDIO.sys (Microsoft Corporation)
DRV - (NDNdisprot) -- C:\Windows\System32\drivers\NDNdisprot.sys (Windows (R) 2000 DDK provider)
DRV - (sptd) -- C:\Windows\System32\Drivers\sptd.sys ()
DRV - (atikmdag) -- C:\Windows\System32\drivers\atikmdag.sys (ATI Technologies Inc.)
DRV - (ssmdrv) -- C:\Windows\System32\drivers\ssmdrv.sys (AVIRA GmbH)
DRV - (SynTP) -- C:\Windows\System32\drivers\SynTP.sys (Synaptics, Inc.)
DRV - (RTL8169) -- C:\Windows\System32\drivers\Rtlh86.sys (Realtek Corporation )
DRV - (tos_sps32) -- C:\Windows\system32\DRIVERS\tos_sps32.sys (TOSHIBA Corporation)
DRV - (CplIR) -- C:\Windows\system32\DRIVERS\CplIR.SYS (COMPAL ELECTRONIC INC.)
DRV - (athr) -- C:\Windows\System32\drivers\athr.sys (Atheros Communications, Inc.)
DRV - (iaStor) -- C:\Windows\system32\DRIVERS\iaStor.sys (Intel Corporation)
DRV - (sfvfs02) StarForce Protection VFS Driver (version 2.x) -- C:\Windows\System32\drivers\sfvfs02.sys (Protection Technology (StarForce))
DRV - (FWLANUSB) -- C:\Windows\System32\drivers\fwlanusb.sys (AVM GmbH)
DRV - (avmeject) -- C:\Windows\System32\drivers\avmeject.sys (AVM Berlin)
DRV - (tifm21) -- C:\Windows\System32\drivers\tifm21.sys (Texas Instruments)
DRV - (KR10N) -- C:\Windows\system32\drivers\kr10n.sys (TOSHIBA CORPORATION)
DRV - (KR10I) -- C:\Windows\system32\drivers\kr10i.sys (TOSHIBA CORPORATION)
DRV - (AgereSoftModem) -- C:\Windows\System32\drivers\AGRSM.sys (Agere Systems)
DRV - (ql2300) -- C:\Windows\system32\drivers\ql2300.sys (QLogic Corporation)
DRV - (adp94xx) -- C:\Windows\system32\drivers\adp94xx.sys (Adaptec, Inc.)
DRV - (elxstor) -- C:\Windows\system32\drivers\elxstor.sys (Emulex)
DRV - (adpahci) -- C:\Windows\system32\drivers\adpahci.sys (Adaptec, Inc.)
DRV - (uliahci) -- C:\Windows\system32\drivers\uliahci.sys (ULi Electronics Inc.)
DRV - (iaStorV) -- C:\Windows\system32\drivers\iastorv.sys (Intel Corporation)
DRV - (adpu320) -- C:\Windows\system32\drivers\adpu320.sys (Adaptec, Inc.)
DRV - (ulsata2) -- C:\Windows\system32\drivers\ulsata2.sys (Promise Technology, Inc.)
DRV - (vsmraid) -- C:\Windows\system32\drivers\vsmraid.sys (VIA Technologies Inc.,Ltd)
DRV - (ql40xx) -- C:\Windows\system32\drivers\ql40xx.sys (QLogic Corporation)
DRV - (UlSata) -- C:\Windows\system32\drivers\ulsata.sys (Promise Technology, Inc.)
DRV - (adpu160m) -- C:\Windows\system32\drivers\adpu160m.sys (Adaptec, Inc.)
DRV - (nvraid) -- C:\Windows\system32\drivers\nvraid.sys (NVIDIA Corporation)
DRV - (nfrd960) -- C:\Windows\system32\drivers\nfrd960.sys (IBM Corporation)
DRV - (iirsp) -- C:\Windows\system32\drivers\iirsp.sys (Intel Corp./ICP vortex GmbH)
DRV - (SiSRaid4) -- C:\Windows\system32\drivers\sisraid4.sys (Silicon Integrated Systems)
DRV - (nvstor) -- C:\Windows\system32\drivers\nvstor.sys (NVIDIA Corporation)
DRV - (aic78xx) -- C:\Windows\system32\drivers\djsvs.sys (Adaptec, Inc.)
DRV - (arcsas) -- C:\Windows\system32\drivers\arcsas.sys (Adaptec, Inc.)
DRV - (LSI_SCSI) -- C:\Windows\system32\drivers\lsi_scsi.sys (LSI Logic)
DRV - (SiSRaid2) -- C:\Windows\system32\drivers\sisraid2.sys (Silicon Integrated Systems Corp.)
DRV - (HpCISSs) -- C:\Windows\system32\drivers\hpcisss.sys (Hewlett-Packard Company)
DRV - (arc) -- C:\Windows\system32\drivers\arc.sys (Adaptec, Inc.)
DRV - (iteraid) -- C:\Windows\system32\drivers\iteraid.sys (Integrated Technology Express, Inc.)
DRV - (iteatapi) -- C:\Windows\system32\drivers\iteatapi.sys (Integrated Technology Express, Inc.)
DRV - (LSI_SAS) -- C:\Windows\system32\drivers\lsi_sas.sys (LSI Logic)
DRV - (Symc8xx) -- C:\Windows\system32\drivers\symc8xx.sys (LSI Logic)
DRV - (LSI_FC) -- C:\Windows\system32\drivers\lsi_fc.sys (LSI Logic)
DRV - (Sym_u3) -- C:\Windows\system32\drivers\sym_u3.sys (LSI Logic)
DRV - (Mraid35x) -- C:\Windows\system32\drivers\mraid35x.sys (LSI Logic Corporation)
DRV - (Sym_hi) -- C:\Windows\system32\drivers\sym_hi.sys (LSI Logic)
DRV - (megasas) -- C:\Windows\system32\drivers\megasas.sys (LSI Logic Corporation)
DRV - (viaide) -- C:\Windows\system32\drivers\viaide.sys (VIA Technologies, Inc.)
DRV - (cmdide) -- C:\Windows\system32\drivers\cmdide.sys (CMD Technology, Inc.)
DRV - (aliide) -- C:\Windows\system32\drivers\aliide.sys (Acer Laboratories Inc.)
DRV - (Brserid) Brother MFC Serial Port Interface Driver (WDM) -- C:\Windows\system32\drivers\brserid.sys (Brother Industries Ltd.)
DRV - (BrUsbSer) -- C:\Windows\system32\drivers\brusbser.sys (Brother Industries Ltd.)
DRV - (BrFiltUp) -- C:\Windows\system32\drivers\brfiltup.sys (Brother Industries, Ltd.)
DRV - (BrFiltLo) -- C:\Windows\system32\drivers\brfiltlo.sys (Brother Industries, Ltd.)
DRV - (BrSerWdm) -- C:\Windows\system32\drivers\brserwdm.sys (Brother Industries Ltd.)
DRV - (BrUsbMdm) -- C:\Windows\system32\drivers\brusbmdm.sys (Brother Industries Ltd.)
DRV - (ntrigdigi) -- C:\Windows\system32\drivers\ntrigdigi.sys (N-trig Innovative Technologies)
DRV - (E1G60) Intel(R) -- C:\Windows\System32\drivers\E1G60I32.sys (Intel Corporation)
DRV - (tosrfec) -- C:\Windows\System32\drivers\tosrfec.sys (TOSHIBA Corporation)
DRV - (tdcmdpst) -- C:\Windows\System32\drivers\tdcmdpst.sys (TOSHIBA Corporation.)
DRV - (TVALZ) -- C:\Windows\system32\DRIVERS\TVALZ_O.SYS (TOSHIBA Corporation)
DRV - (speedfan) -- C:\Windows\system32\speedfan.sys (Windows (R) 2000 DDK provider)
DRV - (LPCFilter) -- C:\Windows\system32\DRIVERS\LPCFilter.sys (COMPAL ELECTRONIC INC.)
DRV - (sfdrv01) StarForce Protection Environment Driver (version 1.x) -- C:\Windows\System32\drivers\sfdrv01.sys (Protection Technology (StarForce))
DRV - (sfhlp02) StarForce Protection Helper Driver (version 2.x) -- C:\Windows\System32\drivers\sfhlp02.sys (Protection Technology (StarForce))
DRV - (ovt519) -- C:\Windows\System32\drivers\ov519vid.sys (OmniVision Technologies, Inc.)
DRV - (giveio) -- C:\Windows\system32\giveio.sys ()
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://securityresponse.symantec.com/avcenter/fix_homepage
IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://securityresponse.symantec.com/avcenter/fix_homepage
IE - HKU\S-1-5-21-473296999-2068794454-1557303209-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://start.qip.ru
IE - HKU\S-1-5-21-473296999-2068794454-1557303209-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\S-1-5-21-473296999-2068794454-1557303209-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-473296999-2068794454-1557303209-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = local
========== FireFox ==========
FF - prefs.js..browser.search.suggest.enabled: false
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "hxxp://www.t-online.de/c/00/00/04/46.html"
FF - prefs.js..network.proxy.http: "116.52.155.237"
FF - prefs.js..network.proxy.http_port: 8080
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.12\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010.11.01 14:45:48 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.12\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010.10.29 12:55:22 | 000,000,000 | ---D | M]
[2008.09.03 17:42:29 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\mozilla\Extensions
[2010.11.11 18:08:59 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\mozilla\Firefox\Profiles\ndzgttig.xxx\extensions
[2010.05.13 11:22:00 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\xxx\AppData\Roaming\mozilla\Firefox\Profiles\ndzgttig.xxx\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010.05.13 11:22:05 | 000,000,000 | ---D | M] (Stylish) -- C:\Users\xxx\AppData\Roaming\mozilla\Firefox\Profiles\ndzgttig.xxx\extensions\{46551EC9-40F0-4e47-8E18-8E5CF550CFB8}
[2010.05.13 11:22:06 | 000,000,000 | ---D | M] (NoScript) -- C:\Users\xxx\AppData\Roaming\mozilla\Firefox\Profiles\ndzgttig.xxx\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}
[2010.05.13 11:22:00 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Users\xxx\AppData\Roaming\mozilla\Firefox\Profiles\ndzgttig.xxx\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2010.07.08 12:24:49 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\mozilla\Firefox\Profiles\ndzgttig.xxx\extensions\DeviceDetection@logitech.com
[2010.09.14 19:07:56 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\mozilla\Firefox\Profiles\ndzgttig.xxx\extensions\spam@trashmail.net
[2009.07.24 12:21:53 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\mozilla\Firefox\Profiles\nuubgyo1.default\extensions
[2008.06.14 08:38:09 | 000,000,000 | ---D | M] (ReloadEvery) -- C:\Users\xxx\AppData\Roaming\mozilla\Firefox\Profiles\nuubgyo1.default\extensions\{888d99e7-e8b5-46a3-851e-1ec45da1e644}
[2008.06.14 08:38:04 | 000,000,000 | ---D | M] (Greasemonkey) -- C:\Users\xxx\AppData\Roaming\mozilla\Firefox\Profiles\nuubgyo1.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}
[2009.02.01 19:29:25 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\mozilla\Firefox\Profiles\nuubgyo1.default\extensions\firefox@tvunetworks.com
[2009.06.05 16:36:08 | 000,000,945 | ---- | M] () -- C:\Users\xxx\AppData\Roaming\Mozilla\FireFox\Profiles\nuubgyo1.default\searchplugins\youtube-videosuche.xml
[2010.11.11 18:08:59 | 000,000,000 | ---D | M] -- C:\Programme\Mozilla Firefox\extensions
[2010.06.24 13:52:33 | 000,001,392 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\amazondotcom-de.xml
[2010.06.24 13:52:33 | 000,002,344 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\eBay-de.xml
[2010.06.24 13:52:33 | 000,006,805 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\leo_ende_de.xml
[2010.06.24 13:52:33 | 000,001,178 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\wikipedia-de.xml
[2010.06.24 13:52:33 | 000,001,105 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\yahoo-de.xml
O1 HOSTS File: ([2010.10.18 03:13:08 | 000,000,794 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 download.qip.ru
O1 - Hosts: ::1 localhost
O4 - HKLM..\Run: [00TCrdMain] C:\Programme\TOSHIBA\FlashCards\TCrdMain.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [ZoneAlarm Client] C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe (Check Point Software Technologies LTD)
O4 - HKU\S-1-5-19..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-21-473296999-2068794454-1557303209-1000..\Run: [DAEMON Tools] C:\Programme\DAEMON Tools\daemon.exe (DT Soft Ltd.)
O4 - HKU\S-1-5-21-473296999-2068794454-1557303209-1000..\Run: [WMPNSCFG] C:\Programme\Windows Media Player\wmpnscfg.exe (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O9 - Extra Button: eBay - {C08CAF1D-C0A3-40D5-9970-06D067EAC017} - File not found
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab (Java Plug-in 1.6.0_16)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} hxxp://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab (Java Plug-in 1.6.0_16)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab (Java Plug-in 1.6.0_16)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.8.5.1302.1018.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.8.5.1302.1018.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - File not found
O24 - Desktop WallPaper: C:\Windows\Web\Wallpaper\img36.jpg
O24 - Desktop BackupWallPaper: C:\Windows\Web\Wallpaper\img36.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 22:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2008.11.03 23:03:11 | 000,000,000 | ---D | M] - E:\Automap -- [ NTFS ]
O33 - MountPoints2\{190889dd-13f1-11df-b2de-001b38aa8d2e}\Shell - "" = AutoRun
O33 - MountPoints2\{190889dd-13f1-11df-b2de-001b38aa8d2e}\Shell\AutoRun\command - "" = G:\pushinst.exe -- File not found
O33 - MountPoints2\{7d9c49aa-b61d-11dc-b7bf-001b38aa8d2e}\Shell - "" = AutoRun
O33 - MountPoints2\{7d9c49aa-b61d-11dc-b7bf-001b38aa8d2e}\Shell\AutoRun\command - "" = D:\Autorun.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
NetSvcs: UxTuneUp - C:\Windows\System32\uxtuneup.dll (TuneUp Software)
NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - File not found
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found
MsConfig - StartUpFolder: C:^Users^xxx^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenOffice.org 2.4.lnk - C:\Programme\OpenOffice.org 2.4\program\quickstart.exe - ()
MsConfig - StartUpReg: Adobe Reader Speed Launcher - hkey= - key= - C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
MsConfig - StartUpReg: Ask and Record FLV Service - hkey= - key= - C:\Program Files\Replay Media Catcher\FLVSrvc.exe (Applian Technologies, Inc.)
MsConfig - StartUpReg: AVMWlanClient - hkey= - key= - C:\Program Files\avmwlanstick\FRITZWLANMini.exe File not found
MsConfig - StartUpReg: Desktop SMS - hkey= - key= - C:\Program Files\IDM\Desktop SMS\DesktopSMS.exe (Interactive Digital Media)
MsConfig - StartUpReg: DivXUpdate - hkey= - key= - C:\Program Files\DivX\DivX Update\DivXUpdate.exe ()
MsConfig - StartUpReg: EA Core - hkey= - key= - C:\Program Files\Electronic Arts\EADM\Core.exe (Electronic Arts)
MsConfig - StartUpReg: HSON - hkey= - key= - File not found
MsConfig - StartUpReg: IAAnotif - hkey= - key= - C:\Programme\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
MsConfig - StartUpReg: iTunesHelper - hkey= - key= - C:\Program Files\iTunes\iTunesHelper.exe (Apple Inc.)
MsConfig - StartUpReg: KeNotify - hkey= - key= - C:\Programme\TOSHIBA\Utilities\KeNotify.exe ()
MsConfig - StartUpReg: NDSTray.exe - hkey= - key= - File not found
MsConfig - StartUpReg: QuickTime Task - hkey= - key= - C:\Program Files\QuickTime\QTTask.exe (Apple Inc.)
MsConfig - StartUpReg: RtHDVCpl - hkey= - key= - C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe (Realtek Semiconductor)
MsConfig - StartUpReg: SmoothView - hkey= - key= - File not found
MsConfig - StartUpReg: SoftAuto.exe - hkey= - key= - C:\Program Files\Creative\Software Update 3\SoftAuto.exe (Creative Technology Ltd)
MsConfig - StartUpReg: StartCCC - hkey= - key= - C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe ()
MsConfig - StartUpReg: Steam - hkey= - key= - e:\games\steam\steam.exe (Valve Corporation)
MsConfig - StartUpReg: SunJavaUpdateSched - hkey= - key= - C:\Program Files\Java\jre6\bin\jusched.exe (Sun Microsystems, Inc.)
MsConfig - StartUpReg: SVPWUTIL - hkey= - key= - C:\Program Files\TOSHIBA\Utilities\SVPWUTIL.exe (TOSHIBA)
MsConfig - StartUpReg: SynTPEnh - hkey= - key= - C:\Programme\Synaptics\SynTP\SynTPEnh.exe (Synaptics, Inc.)
MsConfig - StartUpReg: topi - hkey= - key= - C:\Program Files\TOSHIBA\Toshiba Online Product Information\topi.exe (TOSHIBA)
MsConfig - StartUpReg: Toshiba Registration - hkey= - key= - C:\Programme\TOSHIBA\Registration\ToshibaRegistration.exe (Toshiba)
MsConfig - StartUpReg: TPwrMain - hkey= - key= - File not found
MsConfig - StartUpReg: WinampAgent - hkey= - key= - C:\Program Files\Winamp\winampa.exe ()
MsConfig - StartUpReg: Windows Defender - hkey= - key= - File not found
MsConfig - State: "startup" - 2
MsConfig - State: "services" - 2
SafeBootMin: AppMgmt - Service
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: HelpSvc - Service
SafeBootMin: NTDS - File not found
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: sacsvr - Service
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: WinDefend - C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootNet: AppMgmt - Service
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: HelpSvc - Service
SafeBootNet: Messenger - Service
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: NTDS - File not found
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: rdsessmgr - Service
SafeBootNet: sacsvr - Service
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: vsmon - C:\Windows\System32\ZoneLabs\vsmon.exe (Check Point Software Technologies LTD)
SafeBootNet: WinDefend - C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} -
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 11.0
ActiveX: {233C1507-6A77-46A4-9443-F871F945D258} - Adobe Shockwave Director 10.2
ActiveX: {25FFAAD0-F4A3-4164-95FF-4461E9F35D51} - .NET Framework
ActiveX: {2A202491-F00D-11cf-87CC-0020AFEECF20} - Adobe Shockwave Director 10.2
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {3C3901C5-3455-3E0A-A214-0B093A5070A6} - .NET Framework
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} -
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\system32\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1
ActiveX: {D27CDB6E-AE6D-11CF-96B8-444553540000} - Adobe Flash Player
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\Windows\system32\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\system32\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
Drivers32: msacm.dvacm - C:\Programme\Common Files\Ulead Systems\vio\DVACM.acm (Ulead Systems, Inc.)
Drivers32: msacm.iac2 - C:\Windows\System32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.sl_anet - C:\Windows\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: MSVideo8 - C:\Windows\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.DIVX - C:\Windows\System32\DivX.dll (DivX, Inc.)
Drivers32: vidc.iv31 - C:\Windows\System32\ir32_32.dll (Intel(R) Corporation)
Drivers32: vidc.iv32 - C:\Windows\System32\ir32_32.dll (Intel(R) Corporation)
Drivers32: vidc.iv41 - C:\Windows\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\Windows\System32\ir50_32.dll (Intel Corporation)
Drivers32: vidc.yv12 - C:\Windows\System32\DivX.dll (DivX, Inc.)
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
========== Files/Folders - Created Within 30 Days ==========
[2010.11.11 19:35:06 | 000,000,000 | ---D | C] -- C:\_OTL
[2010.10.27 15:42:20 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Apphlpdm.dll
[2010.10.27 15:42:19 | 004,240,384 | ---- | C] (Microsoft) -- C:\Windows\System32\GameUXLegacyGDFs.dll
[2010.10.14 12:28:49 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msshsq.dll
[2010.10.14 00:09:50 | 008,147,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmploc.DLL
[2010.10.14 00:09:08 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netevent.dll
[2010.10.14 00:08:29 | 000,157,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\t2embed.dll
[2010.10.14 00:08:23 | 000,602,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2010.10.14 00:08:23 | 000,385,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\html.iec
[2010.10.14 00:08:23 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\licmgr10.dll
[2010.10.14 00:08:22 | 001,469,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2010.10.14 00:08:22 | 000,611,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mstime.dll
[2010.10.14 00:08:21 | 000,387,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2010.10.14 00:08:21 | 000,184,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll
[2010.10.14 00:08:21 | 000,164,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2010.10.14 00:08:21 | 000,133,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2010.10.14 00:08:21 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll
[2010.10.14 00:08:21 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll
[2010.10.14 00:08:20 | 001,638,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2010.10.14 00:08:20 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe
[2010.10.14 00:08:20 | 000,055,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll
[2010.10.14 00:08:20 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll
[2010.10.14 00:08:20 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2010.10.14 00:08:20 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe
[2010.10.14 00:08:16 | 000,954,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc40.dll
[2010.10.14 00:08:16 | 000,954,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc40u.dll
[2010.10.14 00:08:13 | 002,037,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2010.10.14 00:08:11 | 000,866,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmpmde.dll
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2010.11.11 19:04:40 | 000,003,696 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2010.11.11 19:04:40 | 000,003,696 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2010.11.11 19:00:08 | 000,000,522 | ---- | M] () -- C:\Windows\tasks\1-Klick-Wartung.job
[2010.11.11 18:11:14 | 000,000,418 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{E7D60EDB-4781-494E-909A-48A901A7EFA7}.job
[2010.11.11 18:06:10 | 000,000,553 | ---- | M] () -- C:\Users\xxx\Downloads\Documents\Meine freigegebenen Ordner.lnk
[2010.11.11 16:07:26 | 000,628,668 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2010.11.11 16:07:26 | 000,595,996 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2010.11.11 16:07:26 | 000,126,442 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2010.11.11 16:07:26 | 000,104,070 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2010.11.11 13:04:13 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010.11.11 13:03:21 | 2145,837,056 | -HS- | M] () -- C:\hiberfil.sys
[2010.11.10 11:55:33 | 000,010,795 | ---- | M] () -- C:\Users\xxx\Desktop\Bericht Praktikum.odt
[2010.11.06 01:33:22 | 000,000,598 | ---- | M] () -- C:\Users\xxx\Desktop\CoreTemp.ini
[2010.10.18 03:10:04 | 000,003,349 | ---- | M] () -- C:\Users\xxx\Desktop\Config.ini
[2010.10.14 16:59:29 | 000,274,824 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files Created - No Company Name ==========
[2010.11.10 11:55:32 | 000,010,795 | ---- | C] () -- C:\Users\xxx\Desktop\Bericht Praktikum.odt
[2010.10.18 03:10:26 | 000,003,349 | ---- | C] () -- C:\Users\xxx\Desktop\Config.ini
[2010.09.18 12:59:31 | 000,000,000 | ---- | C] () -- C:\ProgramData\N360BUOptions.ini
[2010.05.13 19:29:00 | 000,017,408 | ---- | C] () -- C:\Users\xxx\AppData\Local\WebpageIcons.db
[2010.03.08 19:00:56 | 000,237,568 | ---- | C] () -- C:\Windows\System32\rmc_rtspdl.dll
[2009.02.19 21:27:31 | 000,000,600 | ---- | C] () -- C:\Users\xxx\AppData\Local\PUTTY.RND
[2009.02.05 23:49:06 | 000,000,023 | ---- | C] () -- C:\Windows\System32\sysmwwod.dll
[2008.10.27 19:59:35 | 000,022,328 | ---- | C] () -- C:\Users\xxx\AppData\Roaming\PnkBstrK.sys
[2008.10.18 23:01:18 | 000,761,856 | ---- | C] () -- C:\Windows\System32\xvidcore.dll
[2008.10.08 17:08:21 | 000,027,648 | ---- | C] () -- C:\Windows\System32\AVSredirect.dll
[2008.10.04 21:06:16 | 000,000,083 | ---- | C] () -- C:\Windows\wwp.INI
[2008.09.28 19:11:57 | 000,000,016 | -H-- | C] () -- C:\Programme\Common Files\mxfilerelatedcache.mxc2
[2008.08.16 14:04:59 | 000,000,258 | ---- | C] () -- C:\Windows\kaillera.ini
[2008.07.08 20:43:01 | 000,000,016 | -H-- | C] () -- C:\Programme\mxfilerelatedcache.mxc2
[2008.06.17 21:32:18 | 000,383,238 | ---- | C] () -- C:\Windows\System32\libmp3lame-0.dll
[2008.05.13 14:51:04 | 000,022,328 | ---- | C] () -- C:\Windows\System32\drivers\PnkBstrK.sys
[2008.05.13 14:24:36 | 000,000,000 | ---- | C] () -- C:\Windows\ToDisc.INI
[2008.04.28 21:59:14 | 000,020,480 | ---- | C] () -- C:\Windows\System32\H@tKeysH@@k.DLL
[2008.04.28 20:39:38 | 000,000,510 | ---- | C] () -- C:\Windows\WORDPAD.INI
[2008.01.24 23:09:37 | 000,000,016 | -H-- | C] () -- C:\ProgramData\mxfilerelatedcache.mxc2
[2008.01.24 22:09:48 | 000,020,992 | ---- | C] () -- C:\Users\xxx\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2007.12.31 14:05:52 | 000,000,016 | -H-- | C] () -- C:\Users\xxx\AppData\Roaming\mxfilerelatedcache.mxc2
[2007.12.31 14:05:52 | 000,000,016 | -H-- | C] () -- C:\Users\xxx\AppData\Local\mxfilerelatedcache.mxc2
[2007.12.29 14:55:52 | 000,685,816 | ---- | C] () -- C:\Windows\System32\drivers\sptd.sys
[2007.12.25 02:26:22 | 000,001,356 | ---- | C] () -- C:\Users\xxx\AppData\Local\d3d9caps.dat
[2007.12.25 02:21:57 | 000,159,744 | ---- | C] () -- C:\Windows\System32\atitmmxx.dll
[2007.07.23 09:03:32 | 000,053,248 | ---- | C] () -- C:\Windows\System32\AgCPanelTraditionalChinese.dll
[2007.07.23 09:03:32 | 000,053,248 | ---- | C] () -- C:\Windows\System32\AgCPanelSwedish.dll
[2007.07.23 09:03:32 | 000,053,248 | ---- | C] () -- C:\Windows\System32\AgCPanelSpanish.dll
[2007.07.23 09:03:30 | 000,053,248 | ---- | C] () -- C:\Windows\System32\AgCPanelSimplifiedChinese.dll
[2007.07.23 09:03:30 | 000,053,248 | ---- | C] () -- C:\Windows\System32\AgCPanelPortugese.dll
[2007.07.23 09:03:30 | 000,053,248 | ---- | C] () -- C:\Windows\System32\AgCPanelKorean.dll
[2007.07.23 09:03:30 | 000,053,248 | ---- | C] () -- C:\Windows\System32\AgCPanelJapanese.dll
[2007.07.23 09:03:30 | 000,053,248 | ---- | C] () -- C:\Windows\System32\AgCPanelGerman.dll
[2007.07.23 09:03:30 | 000,053,248 | ---- | C] () -- C:\Windows\System32\AgCPanelFrench.dll
[2007.07.12 09:45:09 | 000,204,800 | ---- | C] () -- C:\Windows\System32\IVIresizeW7.dll
[2007.07.12 09:45:09 | 000,200,704 | ---- | C] () -- C:\Windows\System32\IVIresizeA6.dll
[2007.07.12 09:45:09 | 000,192,512 | ---- | C] () -- C:\Windows\System32\IVIresizeP6.dll
[2007.07.12 09:45:09 | 000,192,512 | ---- | C] () -- C:\Windows\System32\IVIresizeM6.dll
[2007.07.12 09:45:09 | 000,188,416 | ---- | C] () -- C:\Windows\System32\IVIresizePX.dll
[2007.07.12 09:45:09 | 000,020,480 | ---- | C] () -- C:\Windows\System32\IVIresize.dll
[2007.07.12 09:26:24 | 000,036,864 | ---- | C] () -- C:\Windows\System32\HWS_Ctrl.dll
[2007.04.16 07:35:21 | 000,006,642 | ---- | C] () -- C:\Windows\mgxoschk.ini
[2007.04.16 07:02:55 | 000,000,000 | ---- | C] () -- C:\Windows\NDSTray.INI
[2007.04.16 06:26:26 | 000,128,113 | ---- | C] () -- C:\Windows\System32\csellang.ini
[2007.04.16 06:26:26 | 000,045,056 | ---- | C] () -- C:\Windows\System32\csellang.dll
[2007.04.16 06:26:26 | 000,010,146 | ---- | C] () -- C:\Windows\System32\tosmreg.ini
[2007.04.16 06:26:26 | 000,007,671 | ---- | C] () -- C:\Windows\System32\cseltbl.ini
[2007.04.16 06:23:35 | 001,060,424 | ---- | C] () -- C:\Windows\System32\WdfCoInstaller01000.dll
[2007.04.16 05:38:28 | 000,204,800 | ---- | C] () -- C:\Windows\System32\igfxCoIn_v1227.dll
[2007.02.05 19:05:26 | 000,000,038 | ---- | C] () -- C:\Windows\AviSplitter.INI
[2006.12.05 12:05:06 | 000,114,688 | ---- | C] () -- C:\Windows\System32\TosBtAcc.dll
[2006.11.02 13:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006.11.02 08:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2005.11.23 13:55:42 | 000,024,576 | ---- | C] () -- C:\Windows\System32\SPCtl.dll
[2005.07.22 20:30:20 | 000,065,536 | ---- | C] () -- C:\Windows\System32\TosCommAPI.dll
[1996.04.03 20:33:26 | 000,005,248 | ---- | C] () -- C:\Windows\System32\giveio.sys
========== LOP Check ==========
[2008.10.15 19:04:01 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\Dev-Cpp
[2010.03.08 18:48:30 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\FlashGet
[2008.08.16 13:53:10 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\fltk.org
[2008.03.24 23:49:21 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\GMX
[2008.01.05 13:44:54 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\ICQ
[2009.04.28 15:59:07 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\IrfanView
[2008.10.23 22:25:46 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\Miranda
[2008.11.11 16:20:47 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\QIP
[2009.03.11 22:15:36 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\Remere's Map Editor
[2010.02.25 19:53:17 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\Sports Interactive
[2010.09.25 10:40:42 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\TeamViewer
[2009.04.10 17:20:47 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\temp
[2009.03.12 17:47:49 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\Tibia
[2009.10.28 00:21:47 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\TuneUp Software
[2009.07.31 22:17:54 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\uTorrent
[2010.07.09 14:33:01 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\wsIRC
[2010.11.11 19:00:08 | 000,000,522 | ---- | M] () -- C:\Windows\Tasks\1-Klick-Wartung.job
[2010.11.11 00:16:21 | 000,032,538 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2010.11.11 18:11:14 | 000,000,418 | -H-- | M] () -- C:\Windows\Tasks\User_Feed_Synchronization-{E7D60EDB-4781-494E-909A-48A901A7EFA7}.job
========== Purity Check ==========
========== Custom Scans ==========
< %ALLUSERSPROFILE%\Application Data\*. >
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
< %APPDATA%\*. >
[2009.08.06 21:53:40 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\Adobe
[2008.01.03 13:43:10 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\AdobeUM
[2010.08.09 22:09:32 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\Apple Computer
[2007.12.24 19:23:15 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\ATI
[2009.05.14 18:27:50 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\AVS4YOU
[2009.10.13 15:03:20 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\Creative
[2008.10.15 19:04:01 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\Dev-Cpp
[2008.10.23 22:29:53 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\Digsby
[2010.09.04 14:30:16 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\DivX
[2010.08.11 20:20:43 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\dvdcss
[2010.03.08 18:48:30 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\FlashGet
[2008.08.16 13:53:10 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\fltk.org
[2008.03.24 23:49:21 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\GMX
[2008.05.05 13:51:09 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\Hamachi
[2008.01.05 13:44:54 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\ICQ
[2007.12.24 19:22:25 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\Identities
[2007.12.24 19:20:59 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\InstallShield
[2009.04.28 15:59:07 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\IrfanView
[2008.01.24 23:03:25 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\Macromedia
[2006.11.02 13:37:34 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\Media Center Programs
[2008.01.24 22:47:42 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\Media Player Classic
[2008.10.13 16:53:18 | 000,000,000 | --SD | M] -- C:\Users\xxx\AppData\Roaming\Microsoft
[2008.10.23 22:25:46 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\Miranda
[2010.11.11 18:13:11 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\mIRC
[2008.09.03 17:42:29 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\Mozilla
[2010.11.11 18:09:52 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\OpenOffice.org2
[2008.11.11 16:20:47 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\QIP
[2009.03.11 22:15:36 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\Remere's Map Editor
[2010.04.26 15:38:07 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\Skype
[2010.04.26 15:08:05 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\skypePM
[2010.02.25 19:53:17 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\Sports Interactive
[2009.10.10 18:08:13 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\teamspeak2
[2010.09.25 10:40:42 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\TeamViewer
[2009.04.10 17:20:47 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\temp
[2009.03.12 17:47:49 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\Tibia
[2009.10.28 00:21:47 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\TuneUp Software
[2009.07.31 22:17:54 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\uTorrent
[2008.07.09 16:07:12 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\vlc
[2008.04.19 15:28:54 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\Winamp
[2007.12.28 18:16:34 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\WinRAR
[2010.07.09 14:33:01 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\wsIRC
< %APPDATA%\*.exe /s >
[2009.10.23 14:24:27 | 001,924,440 | ---- | M] (Adobe Systems Incorporated) -- C:\Users\xxx\AppData\Roaming\Macromedia\Flash Player\www.macromedia.com\bin\fpupdatepl\fpupdatepl.exe
[2008.03.17 02:27:34 | 000,010,134 | R--- | M] () -- C:\Users\xxx\AppData\Roaming\Microsoft\Installer\{31DABA20-10A1-4746-9D9F-57955B8DFF66}\ARPPRODUCTICON.exe
[2009.08.15 17:58:21 | 000,045,126 | R--- | M] () -- C:\Users\xxx\AppData\Roaming\Microsoft\Installer\{67E9E6C6-ECEF-4195-B719-8788754297C6}\_6A96DE5FCD56A19D363F54.exe
[2009.08.15 17:58:21 | 000,045,126 | R--- | M] () -- C:\Users\xxx\AppData\Roaming\Microsoft\Installer\{67E9E6C6-ECEF-4195-B719-8788754297C6}\_6FEFF9B68218417F98F549.exe
[2008.08.17 23:21:52 | 000,040,960 | R--- | M] (InstallShield Software Corp.) -- C:\Users\xxx\AppData\Roaming\Microsoft\Installer\{9559F7CA-5E34-4237-A2D9-D856464AD727}\ARPPRODUCTICON.exe
[2008.08.17 23:21:52 | 000,040,960 | R--- | M] (InstallShield Software Corp.) -- C:\Users\xxx\AppData\Roaming\Microsoft\Installer\{9559F7CA-5E34-4237-A2D9-D856464AD727}\NewShortcut1_9559F7CA5E344237A2D9D856464AD727.exe
[2008.08.17 23:21:53 | 000,008,854 | R--- | M] () -- C:\Users\xxx\AppData\Roaming\Microsoft\Installer\{9559F7CA-5E34-4237-A2D9-D856464AD727}\Uninstall_Project64__9559F7CA5E344237A2D9D856464AD727.exe
[2008.08.16 18:35:49 | 000,010,134 | R--- | M] () -- C:\Users\xxx\AppData\Roaming\Microsoft\Installer\{B42B3158-C8D0-4DD9-8E5D-C02FE29A1BD3}\ARPPRODUCTICON.exe
[2008.08.16 18:35:50 | 000,040,960 | R--- | M] (Macrovision Corporation) -- C:\Users\xxx\AppData\Roaming\Microsoft\Installer\{B42B3158-C8D0-4DD9-8E5D-C02FE29A1BD3}\NewShortcut1_B42B3158C8D04DD98E5DC02FE29A1BD3.exe
[2008.08.16 18:35:50 | 000,040,960 | R--- | M] (Macrovision Corporation) -- C:\Users\xxx\AppData\Roaming\Microsoft\Installer\{B42B3158-C8D0-4DD9-8E5D-C02FE29A1BD3}\NewShortcut2_B42B3158C8D04DD98E5DC02FE29A1BD3.exe
[2008.02.16 20:56:50 | 000,040,960 | R--- | M] (Macrovision Corporation) -- C:\Users\xxx\AppData\Roaming\Microsoft\Installer\{B42B3158-C8D0-4DD9-8E5D-C02FE29A1BD3}\NewShortcut3_B42B3158C8D04DD98E5DC02FE29A1BD3.exe
[2008.08.16 18:35:50 | 000,008,854 | R--- | M] () -- C:\Users\xxx\AppData\Roaming\Microsoft\Installer\{B42B3158-C8D0-4DD9-8E5D-C02FE29A1BD3}\UNINST_Uninstall_Bla_B42B3158C8D04DD98E5DC02FE29A1BD3.exe
< %SYSTEMDRIVE%\*.exe >
< MD5 for: AGP440.SYS >
[2008.01.19 08:42:25 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_f750e484\AGP440.sys
[2008.01.19 08:42:25 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6001.18000_none_ba12ed3bbeb0d97a\AGP440.sys
[2008.01.19 08:42:25 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6002.18005_none_bbfe6647bbd2a4c6\AGP440.sys
[2006.11.02 10:49:52 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=EF23439CDD587F64C2C1B8825CEAD7D8 -- C:\Windows\System32\drivers\AGP440.sys
[2006.11.02 10:49:52 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=EF23439CDD587F64C2C1B8825CEAD7D8 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_920a2c1f\AGP440.sys
< MD5 for: AHCIX86S.SYS >
[2007.12.19 23:45:00 | 000,170,000 | ---- | M] (AMD Technologies Inc.) MD5=0DEE2B628D4C6E23285BB91EFFDABFDE -- C:\ATI\SUPPORT\8-3_vista32_dd_ccc_wdm_enu_59752\Driver\Packages\Drivers\SBDrv\SB7xx\RAID\LH\ahcix86s.sys
[2006.12.29 00:51:56 | 000,110,592 | ---- | M] (ATI Technologies Inc.) MD5=67740F91B47434CC6173A35667A4BA66 -- C:\ATI\SUPPORT\7-12_vista32_dd_ccc_wdm_enu_55816\Driver\Packages\Drivers\SBDrv\SB6xx\RAID\LH\ahcix86s.sys
[2006.12.29 00:51:56 | 000,110,592 | ---- | M] (ATI Technologies Inc.) MD5=67740F91B47434CC6173A35667A4BA66 -- C:\ATI\SUPPORT\8-3_vista32_dd_ccc_wdm_enu_59752\Driver\Packages\Drivers\SBDrv\SB6xx\RAID\LH\ahcix86s.sys
< MD5 for: ATAPI.SYS >
[2009.04.11 07:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\SoftwareDistribution\Download\cde11068f5b77b180111333ef9781925\x86_mshdc.inf_31bf3856ad364e35_6.0.6002.18005_none_df23a1261eab99e8\atapi.sys
[2008.01.19 08:41:30 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\System32\drivers\atapi.sys
[2008.01.19 08:41:30 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_cc18792d\atapi.sys
[2008.01.19 08:41:30 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.18000_none_dd38281a2189ce9c\atapi.sys
[2006.11.02 10:49:36 | 000,019,048 | ---- | M] (Microsoft Corporation) MD5=4F4FCB8B6EA06784FB6D475B7EC7300F -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_c6c2e699\atapi.sys
[2008.02.14 03:08:34 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=B35CFCEF838382AB6490B321C87EDF17 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_7de13c21\atapi.sys
[2008.02.14 03:08:34 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=B35CFCEF838382AB6490B321C87EDF17 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6000.16632_none_db337a442479c42c\atapi.sys
[2008.02.14 03:08:33 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=E03E8C99D15D0381E02743C36AFC7C6F -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6000.20757_none_dbac78a93da31a8b\atapi.sys
< MD5 for: CNGAUDIT.DLL >
[2006.11.02 10:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\System32\cngaudit.dll
[2006.11.02 10:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.0.6000.16386_none_e62d292932a96ce6\cngaudit.dll
< MD5 for: EXPLORER.EXE >
[2008.10.29 07:20:29 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=37440D09DEAE0B672A04DCCF7ABF06BE -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16771_none_4f83bb287ccdb7e3\explorer.exe
[2008.10.29 07:29:41 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=4F554999D7D5F05DAAEBBA7B5BA1089D -- C:\Windows\explorer.exe
[2008.10.29 07:29:41 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=4F554999D7D5F05DAAEBBA7B5BA1089D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18164_none_5177ca9879e978e8\explorer.exe
[2008.10.30 04:59:17 | 002,927,616 | ---- | M] (Microsoft Corporation) MD5=50BA5850147410CDE89C523AD3BC606E -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.22298_none_51e4f8c7931bd1e1\explorer.exe
[2007.12.25 03:16:08 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=6D06CD98D954FE87FB2DB8108793B399 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16549_none_4fac29707cae347a\explorer.exe
[2007.12.25 03:16:07 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=BD06F0BF753BC704B653C3A50F89D362 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20668_none_501f261995dcf2cf\explorer.exe
[2009.04.11 07:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\SoftwareDistribution\Download\cde11068f5b77b180111333ef9781925\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6002.18005_none_53a0201e76de3a0b\explorer.exe
[2008.10.28 03:15:02 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=E7156B0B74762D9DE0E66BDCDE06E5FB -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20947_none_5033cb5995cd990b\explorer.exe
[2006.11.02 10:45:07 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=FD8C53FB002217F6F888BCF6F5D7084D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16386_none_4f7de5167cd15deb\explorer.exe
[2008.01.19 08:33:10 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=FFA764631CB70A30065C12EF8E174F9F -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18000_none_51b4a71279bc6ebf\explorer.exe
< MD5 for: IASTOR.SYS >
[2007.02.12 13:37:22 | 000,537,368 | ---- | M] (Intel Corporation) MD5=2EE127D5407DA3957EE54711C9AED6EC -- C:\Programme\Intel\Intel Matrix Storage Manager\driver64\IaStor.sys
[2007.02.12 13:37:22 | 000,537,368 | ---- | M] (Intel Corporation) MD5=2EE127D5407DA3957EE54711C9AED6EC -- C:\Toshiba\Drivers\Robson\Winall\Driver64\IaStor.sys
[2007.02.12 13:36:54 | 000,277,784 | ---- | M] (Intel Corporation) MD5=FD7F9D74C2B35DBDA400804A3F5ED5D8 -- C:\Programme\Intel\Intel Matrix Storage Manager\driver\iaStor.sys
[2007.02.12 13:36:54 | 000,277,784 | ---- | M] (Intel Corporation) MD5=FD7F9D74C2B35DBDA400804A3F5ED5D8 -- C:\Toshiba\Drivers\Robson\Winall\Driver\iaStor.sys
[2007.02.12 13:36:54 | 000,277,784 | ---- | M] (Intel Corporation) MD5=FD7F9D74C2B35DBDA400804A3F5ED5D8 -- C:\Windows\System32\drivers\iaStor.sys
[2007.02.12 13:36:54 | 000,277,784 | ---- | M] (Intel Corporation) MD5=FD7F9D74C2B35DBDA400804A3F5ED5D8 -- C:\Windows\System32\DriverStore\FileRepository\iaahci.inf_1cb29a96\iaStor.sys
< MD5 for: IASTORV.SYS >
[2008.01.19 08:42:51 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_c9df7691\iaStorV.sys
[2008.01.19 08:42:51 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.0.6001.18000_none_af11527887c7fa8f\iaStorV.sys
[2006.11.02 10:51:25 | 000,232,040 | ---- | M] (Intel Corporation) MD5=C957BF4B5D80B46C5017BF0101E6C906 -- C:\Windows\System32\drivers\iaStorV.sys
[2006.11.02 10:51:25 | 000,232,040 | ---- | M] (Intel Corporation) MD5=C957BF4B5D80B46C5017BF0101E6C906 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_37cdafa4\iaStorV.sys
< MD5 for: KR10N.SYS >
[2007.01.18 15:47:18 | 000,211,072 | ---- | M] (TOSHIBA CORPORATION) MD5=6E9922332386C2A49936B30B2B6FD298 -- C:\Toshiba\Drivers\Raid\Kr10i\KR10N.sys
[2007.01.18 15:47:18 | 000,211,072 | ---- | M] (TOSHIBA CORPORATION) MD5=6E9922332386C2A49936B30B2B6FD298 -- C:\Toshiba\Drivers\Raid\Kr10n\KR10N.sys
[2007.01.18 15:47:18 | 000,211,072 | ---- | M] (TOSHIBA CORPORATION) MD5=6E9922332386C2A49936B30B2B6FD298 -- C:\Windows\System32\drivers\KR10N.sys
[2007.01.18 15:47:18 | 000,211,072 | ---- | M] (TOSHIBA CORPORATION) MD5=6E9922332386C2A49936B30B2B6FD298 -- C:\Windows\System32\DriverStore\FileRepository\kr10.inf_95888b8d\KR10N.sys
< MD5 for: NETLOGON.DLL >
[2006.11.02 10:46:11 | 000,559,616 | ---- | M] (Microsoft Corporation) MD5=889A2C9F2AACCD8F64EF50AC0B3D553B -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6000.16386_none_fb80f5473b0ed783\netlogon.dll
[2009.04.11 07:28:23 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\SoftwareDistribution\Download\cde11068f5b77b180111333ef9781925\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6002.18005_none_ffa3304f351bb3a3\netlogon.dll
[2008.01.19 08:35:36 | 000,592,384 | ---- | M] (Microsoft Corporation) MD5=A8EFC0B6E75B789F7FD3BA5025D4E37F -- C:\Windows\System32\netlogon.dll
[2008.01.19 08:35:36 | 000,592,384 | ---- | M] (Microsoft Corporation) MD5=A8EFC0B6E75B789F7FD3BA5025D4E37F -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6001.18000_none_fdb7b74337f9e857\netlogon.dll
< MD5 for: NVSTOR.SYS >
[2006.11.02 10:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) MD5=9E0BA19A28C498A6D323D065DB76DFFC -- C:\Windows\System32\drivers\nvstor.sys
[2006.11.02 10:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) MD5=9E0BA19A28C498A6D323D065DB76DFFC -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_733654ff\nvstor.sys
[2008.01.19 08:42:09 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_31c3d71d\nvstor.sys
[2008.01.19 08:42:09 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.0.6001.18000_none_39dac327befea467\nvstor.sys
< MD5 for: SCECLI.DLL >
[2008.01.19 08:36:19 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=28B84EB538F7E8A0FE8B9299D591E0B9 -- C:\Windows\System32\scecli.dll
[2008.01.19 08:36:19 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=28B84EB538F7E8A0FE8B9299D591E0B9 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6001.18000_none_380de25bd91b6f12\scecli.dll
[2006.11.02 10:46:12 | 000,176,640 | ---- | M] (Microsoft Corporation) MD5=80E2839D05CA5970A86D7BE2A08BFF61 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6000.16386_none_35d7205fdc305e3e\scecli.dll
[2009.04.11 07:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\SoftwareDistribution\Download\cde11068f5b77b180111333ef9781925\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6002.18005_none_39f95b67d63d3a5e\scecli.dll
< MD5 for: USER32.DLL >
[2007.07.12 19:54:41 | 000,633,856 | ---- | M] (Microsoft Corporation) MD5=63B4F59D7C89B1BF5277F1FFEFD491CD -- C:\Windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.0.6000.16438_none_cb39bc5b7047127e\user32.dll
[2009.04.11 07:28:25 | 000,627,712 | ---- | M] (Microsoft Corporation) MD5=75510147B94598407666F4802797C75A -- C:\Windows\SoftwareDistribution\Download\cde11068f5b77b180111333ef9781925\x86_microsoft-windows-user32_31bf3856ad364e35_6.0.6002.18005_none_cf23e54d6a7e4a7e\user32.dll
[2007.07.12 19:54:42 | 000,633,856 | ---- | M] (Microsoft Corporation) MD5=9D9F061EDA75425FC67F0365E3467C86 -- C:\Windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.0.6000.20537_none_cbc258dc896598f1\user32.dll
[2006.11.02 10:46:13 | 000,633,856 | ---- | M] (Microsoft Corporation) MD5=E698A5437B89A285ACA3FF022356810A -- C:\Windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.0.6000.16386_none_cb01aa4570716e5e\user32.dll
[2008.01.19 08:36:46 | 000,627,200 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\user32.dll
[2008.01.19 08:36:46 | 000,627,200 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.0.6001.18000_none_cd386c416d5c7f32\user32.dll
< MD5 for: USERINIT.EXE >
[2008.01.19 08:33:33 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\System32\userinit.exe
[2008.01.19 08:33:33 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6001.18000_none_dc28ba15d1aff80b\userinit.exe
[2006.11.02 10:45:50 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=22027835939F86C3E47AD8E3FBDE3D11 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6000.16386_none_d9f1f819d4c4e737\userinit.exe
< MD5 for: WINLOGON.EXE >
[2009.04.11 07:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\SoftwareDistribution\Download\cde11068f5b77b180111333ef9781925\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6002.18005_none_71ae7a22d2134741\winlogon.exe
[2006.11.02 10:45:57 | 000,308,224 | ---- | M] (Microsoft Corporation) MD5=9F75392B9128A91ABAFB044EA350BAAD -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6000.16386_none_6d8c3f1ad8066b21\winlogon.exe
[2008.01.19 08:33:37 | 000,314,880 | ---- | M] (Microsoft Corporation) MD5=C2610B6BDBEFC053BBDAB4F1B965CB24 -- C:\Windows\System32\winlogon.exe
[2008.01.19 08:33:37 | 000,314,880 | ---- | M] (Microsoft Corporation) MD5=C2610B6BDBEFC053BBDAB4F1B965CB24 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6001.18000_none_6fc30116d4f17bf5\winlogon.exe
< MD5 for: WS2IFSL.SYS >
[2006.11.02 09:58:26 | 000,015,872 | ---- | M] (Microsoft Corporation) MD5=84620AECDCFD2A7A14E6263927D8C0ED -- C:\Windows\winsxs\x86_microsoft-windows-w..rastructure-ws2ifsl_31bf3856ad364e35_6.0.6000.16386_none_4d4fded8cae2956d\ws2ifsl.sys
[2008.01.19 06:56:49 | 000,015,872 | ---- | M] (Microsoft Corporation) MD5=E3A3CB253C0EC2494D4A61F5E43A389C -- C:\Windows\System32\drivers\ws2ifsl.sys
[2008.01.19 06:56:49 | 000,015,872 | ---- | M] (Microsoft Corporation) MD5=E3A3CB253C0EC2494D4A61F5E43A389C -- C:\Windows\winsxs\x86_microsoft-windows-w..rastructure-ws2ifsl_31bf3856ad364e35_6.0.6001.18000_none_4f86a0d4c7cda641\ws2ifsl.sys
< %systemroot%\system32\drivers\*.sys /lockedfiles >
[2007.12.29 14:55:52 | 000,685,816 | ---- | M] () Unable to obtain MD5 -- C:\Windows\System32\drivers\sptd.sys
[2010.05.15 15:30:46 | 000,457,304 | ---- | M] (Check Point Software Technologies LTD) Unable to obtain MD5 -- C:\Windows\System32\drivers\vsdatant.sys
< %systemroot%\System32\config\*.sav >
[2007.04.13 11:11:59 | 006,664,192 | ---- | M] () -- C:\Windows\System32\config\COMPONENTS.SAV
[2007.04.13 11:11:57 | 000,102,400 | ---- | M] () -- C:\Windows\System32\config\DEFAULT.SAV
[2007.04.13 11:11:59 | 000,020,480 | ---- | M] () -- C:\Windows\System32\config\SECURITY.SAV
[2007.04.13 11:12:07 | 015,720,448 | ---- | M] () -- C:\Windows\System32\config\SOFTWARE.SAV
[2007.04.13 11:12:08 | 006,008,832 | ---- | M] () -- C:\Windows\System32\config\SYSTEM.SAV
< %systemroot%\*. /mp /s >
< %systemroot%\system32\*.dll /lockedfiles >
[2008.01.19 08:38:03 | 000,242,744 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\rsaenh.dll
[2008.01.19 08:36:10 | 000,225,792 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\SLC.dll
========== Alternate Data Streams ==========
@Alternate Data Stream - 112 bytes -> C:\ProgramData\TEMP:C895616B
< End of report >
Extras Code:
OTL Extras logfile created on: 11.11.2010 19:38:08 - Run 1
OTL by OldTimer - Version 3.2.17.3 Folder = C:\Users\xxx\Downloads
Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18975)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 41,00% Memory free
4,00 Gb Paging File | 3,00 Gb Available in Paging File | 64,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 74,52 Gb Total Space | 6,20 Gb Free Space | 8,31% Space Free | Partition Type: NTFS
Drive E: | 73,06 Gb Total Space | 8,66 Gb Free Space | 11,86% Space Free | Partition Type: NTFS
Computer Name: xxx-1337 | User Name: xxx | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
[HKEY_USERS\S-1-5-21-473296999-2068794454-1557303209-1000\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [Browse with &IrfanView] -- "C:\Program Files\IrfanView\i_view32.exe" "%1 /thumbs" (Irfan Skiljan)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [MediaMonkey.1Play] -- "C:\Program Files\MediaMonkey\MediaMonkey.exe" "%1" (Ventis Media Inc.)
Directory [MediaMonkey.2PlayNext] -- "C:\Program Files\MediaMonkey\MediaMonkey.exe" /NEXT "%1" (Ventis Media Inc.)
Directory [MediaMonkey.3Enqueue] -- "C:\Program Files\MediaMonkey\MediaMonkey.exe" /ADD "%1" (Ventis Media Inc.)
Directory [Winamp.Bookmark] -- "C:\Program Files\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft)
Directory [Winamp.Enqueue] -- "C:\Program Files\Winamp\winamp.exe" /ADD "%1" (Nullsoft)
Directory [Winamp.Play] -- "C:\Program Files\Winamp\winamp.exe" "%1" (Nullsoft)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"UacDisableNotify" = 1
"InternetSettingsDisableNotify" = 1
"AutoUpdateDisableNotify" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0F6C8CF1-D1AB-45F2-9CF7-8D1025CFE956}" = lport=2869 | protocol=6 | dir=in | app=system |
"{18EAA3A4-371F-46A2-8BDA-B3EFC1BA7D50}" = lport=2869 | protocol=6 | dir=in | app=system |
"{42DCAEA8-3BC4-4C64-BEF2-BF55B6E2299B}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{4843A8FD-7234-4B9E-BDD2-7E6300CA6216}" = lport=2869 | protocol=6 | dir=in | app=system |
"{50C1857A-1401-47F7-A7D0-04766E61D2CA}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{62C5E30D-D86D-41BD-A8A7-E3CD2095CB43}" = lport=2869 | protocol=6 | dir=in | app=system |
"{9285FDB0-C6DE-4C10-8E7A-6AF1A2AF5F05}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{FCE3E46A-D313-4FD5-B6F2-54746B0C9861}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{04487FCC-19DD-43FE-93E1-C2F6BF6BA14B}" = protocol=17 | dir=in | app=e:\games\konami\pro evolution soccer 2008\pes2008.exe |
"{09D9F604-0523-4420-B69F-7BC40F5143B6}" = protocol=6 | dir=in | app=c:\windows\system32\pnkbstrb.exe |
"{0E8811C7-E254-472A-A893-2EB8203B6985}" = protocol=6 | dir=in | app=c:\windows\system32\pnkbstra.exe |
"{11ADC545-E0D0-4947-A7C3-A04646C64393}" = protocol=6 | dir=in | app=c:\program files\utorrent\utorrent.exe |
"{17172374-BBA6-4524-BF23-89AB1C47D520}" = protocol=6 | dir=in | app=e:\games\steam\steam.exe |
"{2385A010-96A7-4F5B-A5D9-A67EACFE3838}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"{289A1B4A-DCE2-4DB2-8427-6ED66F49AC2E}" = protocol=17 | dir=in | app=e:\games\steam\steamapps\xxxr\counter-strike source\hl2.exe |
"{38D7B929-6460-4F07-8938-AAE264149E42}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"{4C3E2DC4-54A8-43B4-BBE4-0D0B16298D57}" = protocol=17 | dir=in | app=c:\windows\system32\pnkbstra.exe |
"{4D53B353-C5E2-4465-8084-37A14B398568}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"{52BEB421-DBF1-489D-819D-178842E6C7DA}" = protocol=17 | dir=in | app=c:\windows\system32\zonelabs\vsmon.exe |
"{5BC784CA-9226-4F3C-AA2A-A7EDDC74CD24}" = dir=in | app=c:\program files\windows live\messenger\livecall.exe |
"{60C65981-02A0-4704-A3C3-9A2EC8968797}" = protocol=17 | dir=in | app=e:\games\steam\steam.exe |
"{6CDDAC8A-15EB-4B4E-889D-3C2F2A269628}" = protocol=6 | dir=in | app=e:\games\steam\steamapps\xxxr\counter-strike source\hl2.exe |
"{7043E32A-B500-44CC-AF94-CC67B008A076}" = protocol=17 | dir=in | app=c:\program files\skype\plugin manager\skypepm.exe |
"{71DCE7AE-EB7A-4FB6-819E-470002C07A8C}" = protocol=6 | dir=in | app=c:\windows\system32\zonelabs\vsmon.exe |
"{73ACD2F0-3F9E-4FFD-B1DF-5DB630E98314}" = protocol=17 | dir=in | app=c:\program files\teamviewer\version5\teamviewer.exe |
"{744FD514-5B6A-4878-B3BA-75D6B85E3CA3}" = dir=in | app=c:\program files\windows live\messenger\livecall.exe |
"{85832AAF-2A41-4681-B2B1-5F3FE6E00684}" = protocol=6 | dir=in | app=c:\program files\teamviewer\version5\teamviewer.exe |
"{9346E345-7AE3-47F8-8DAC-0971CF9EE8B6}" = protocol=17 | dir=in | app=c:\program files\utorrent\utorrent.exe |
"{948B8075-0367-4295-B453-B903E255AD17}" = protocol=17 | dir=in | app=c:\windows\system32\pnkbstrb.exe |
"{9C271732-A71C-4738-BDEB-27D87F7C8CAF}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"{A2A583CA-646A-4DB1-95C8-896917553BE3}" = protocol=17 | dir=in | app=c:\program files\itunes\itunes.exe |
"{B10E60B9-007A-4F98-8D91-31BA7EB1435E}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{C0570A0C-A394-49B9-B694-5BF46479BAED}" = protocol=6 | dir=in | app=e:\games\konami\pro evolution soccer 2008\pes2008.exe |
"{C1D5C11F-CFDA-4A23-8018-FFF3AE774068}" = protocol=17 | dir=in | app=c:\program files\utorrent\utorrent.exe |
"{C93C583B-4914-4E9C-8364-011B84EABF44}" = protocol=6 | dir=in | app=c:\program files\itunes\itunes.exe |
"{C99689AE-91FA-4603-AB9E-BB7CEBFEF433}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{CB8A538B-AB4E-4D91-9D43-87C6644BC04A}" = protocol=6 | dir=in | app=c:\program files\utorrent\utorrent.exe |
"{CF2E6AEC-B4A5-4C86-9BED-1BCCCED7BAD3}" = protocol=6 | dir=in | app=c:\program files\skype\plugin manager\skypepm.exe |
"{EE72763F-4197-41BD-995F-5057BE168B00}" = dir=in | app=c:\program files\windows live\messenger\livecall.exe |
"{FD4FE1B7-735A-43C2-95B1-E96AE8E5B063}" = dir=in | app=c:\program files\windows live\messenger\livecall.exe |
"{FFAA7548-3FB9-49F9-B757-90C3EF7C603C}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"TCP Query User{01BDDC00-AD39-4485-8696-9640158835C0}C:\program files\mirc\mirc.exe" = protocol=6 | dir=in | app=c:\program files\mirc\mirc.exe |
"TCP Query User{27DE1C69-E94C-4B43-AF9E-4FA15FFF9AA1}C:\program files\teamviewer\version5\teamviewer.exe" = protocol=6 | dir=in | app=c:\program files\teamviewer\version5\teamviewer.exe |
"TCP Query User{32845F4E-5795-43B4-A7D2-C2C90DDDA115}C:\program files\jeak.de\qip 2005\qip.exe" = protocol=6 | dir=in | app=c:\program files\jeak.de\qip 2005\qip.exe |
"TCP Query User{4E7EA3EA-7DB7-4A01-92E8-03C0EED111E2}C:\program files\jeak.de\qip 2005\qip.exe" = protocol=6 | dir=in | app=c:\program files\jeak.de\qip 2005\qip.exe |
"TCP Query User{C6B0CCBD-192C-45C1-96D1-EE01F2DACCC5}E:\games\steam\steamapps\michi500000@hotmail.com\counter-strike source\hl2.exe" = protocol=6 | dir=in | app=e:\games\steam\steamapps\michi500000@hotmail.com\counter-strike source\hl2.exe |
"TCP Query User{E4F333BA-98D8-492B-B5FB-983BA029C494}C:\program files\mirc\mirc.exe" = protocol=6 | dir=in | app=c:\program files\mirc\mirc.exe |
"UDP Query User{0E15D0A3-FA9A-4DA1-821A-BB0CE3EA2E33}C:\program files\mirc\mirc.exe" = protocol=17 | dir=in | app=c:\program files\mirc\mirc.exe |
"UDP Query User{2828CF6B-46AA-46C7-A5FB-559179CA0096}C:\program files\mirc\mirc.exe" = protocol=17 | dir=in | app=c:\program files\mirc\mirc.exe |
"UDP Query User{3D1EFFC0-E269-4D94-A2BC-789B2A4D232F}C:\program files\jeak.de\qip 2005\qip.exe" = protocol=17 | dir=in | app=c:\program files\jeak.de\qip 2005\qip.exe |
"UDP Query User{61CB86D9-295E-4737-8C50-9683B2C4B89F}E:\games\steam\steamapps\michi500000@hotmail.com\counter-strike source\hl2.exe" = protocol=17 | dir=in | app=e:\games\steam\steamapps\michi500000@hotmail.com\counter-strike source\hl2.exe |
"UDP Query User{B69D898F-5982-48EC-B7EF-C9930F9F4A6B}C:\program files\jeak.de\qip 2005\qip.exe" = protocol=17 | dir=in | app=c:\program files\jeak.de\qip 2005\qip.exe |
"UDP Query User{CFB6B010-0194-4C3D-863A-B8D371974CFE}C:\program files\teamviewer\version5\teamviewer.exe" = protocol=17 | dir=in | app=c:\program files\teamviewer\version5\teamviewer.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu
"{0A2A5039-B37F-489D-B1DC-A5258DF9E697}" = FIFA 08
"{0CA13800-EF17-741F-08BA-53F26908C8A8}" = ccc-utility
"{0CB9668D-F979-4F31-B8B8-67FE90F929F8}" = Bonjour
"{0F022A2E-7022-497D-90A5-0F46746D8275}" = Macromedia Extension Manager
"{11F6F2C9-4215-4CDF-8763-4BBDDDEAD601}" = Remere's Map Editor
"{12688FD7-CB92-4A5B-BEE4-5C8E0574434F}" = Utility Common Driver
"{12B3A009-A080-4619-9A2A-C6DB151D8D67}" = TOSHIBA Assist
"{14B78489-B0E7-4B36-FFFD-9E6BB1C9B14E}" = Catalyst Control Center Graphics Full New
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool
"{2202F1B7-3749-BFCD-6794-18C50307D3CA}" = Catalyst Control Center Graphics Previews Vista
"{22543949-70E8-45D0-A938-F38143EB8BF8}" = Catalyst Control Center - Branding
"{2290A680-4083-410A-ADCC-7092C67FC052}" = Toshiba Online Product Information
"{25E37249-2688-07EA-A892-C4F53EB86B22}" = CCC Help German
"{26A24AE4-039D-4CA4-87B4-2F83216016FF}" = Java(TM) 6 Update 16
"{28006915-2739-4EBE-B5E8-49B25D32EB33}" = Atheros Driver Installation Program
"{2B091530-69AA-442E-AB09-39ED06B58220}" = Windows Live Messenger
"{2FDFD600-7338-4738-90D5-FC4ACA08DC36}" = Pro Evolution Soccer 2008
"{31DABA20-10A1-4746-9D9F-57955B8DFF66}" = Free Games Offer, Desktop Shortcut
"{3248F0A8-6813-11D6-A77B-00B0D0160000}" = Java(TM) SE Runtime Environment 6
"{3248F0A8-6813-11D6-A77B-00B0D0160070}" = Java(TM) 6 Update 7
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3D9892BB-A751-4E48-ADC8-E4289956CE1D}" = QuickTime
"{43602F34-1AA3-44FB-AEB2-D08C2C73743F}" = Paint.NET v3.36
"{44025BD7-AD10-4769-99AE-6378FD0303D6}" = Macromedia Dreamweaver 8
"{4442AB48-DEC4-4B39-B067-1F75BF8017E7}" = Creative Centrale
"{45235788-142C-44BE-8A4D-DDE9A84492E5}" = AGEIA PhysX v7.09.13
"{4E5901EE-4746-88ED-3771-915CCCFB17D2}" = Catalyst Control Center Core Implementation
"{4F83393E-0105-0CA0-B0A1-423328E1B9D0}" = ATI Catalyst Install Manager
"{51B4E156-14A5-4904-9AE4-B1AA2A0E46BE}" = TOSHIBA Supervisor Password
"{5279374D-87FE-4879-9385-F17278EBB9D3}" = TOSHIBA Hardware Setup
"{55A29068-F2CE-456C-9148-C869879E2357}" = TuneUp Utilities 2009
"{5980B928-1C95-4B3E-957B-B02D8147FF9E}" = Desktop SMS
"{5DA0E02F-970B-424B-BF41-513A5018E4C0}" = TOSHIBA Disc Creator
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{617C36FD-0CBE-4600-84B2-441CEB12FADF}" = TOSHIBA Extended Tiles for Windows Mobility Center
"{620BBA5E-F848-4D56-8BDA-584E44584C5E}" = TOSHIBA Flash Cards Support Utility
"{67E9E6C6-ECEF-4195-B719-8788754297C6}" = inSSIDer
"{6C5F3BDC-0A1B-4436-A696-5939629D5C31}" = TOSHIBA DVD PLAYER
"{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}" = MSVC80_x86_v2
"{75E71ADD-042C-4F30-BFAC-A9EC42351313}" = Python 2.4.3
"{78C6A78A-8B03-48C8-A47C-78BA1FCA2307}" = TOSHIBA ConfigFree
"{7A7B0BF3-2F00-4F03-8A9B-6ABCC07B90C6}" = Windows Live installer
"{7B63B2922B174135AFC0E1377DD81EC2}" =
"{848F3E88-B442-06C0-B0C5-1DB8F1AEFD0C}" = Catalyst Control Center Graphics Full Existing
"{84FC6FDC-D076-BCB0-BC67-891A548AB4CA}" = ccc-core-static
"{85991ED2-010C-4930-96FA-52F43C2CE98A}" = Apple Mobile Device Support
"{86604C06-DA30-425E-AECE-47304FE81C45}" = Creative Software Update
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek 8169 PCI, 8168 and 8101E PCIe Ethernet Network Card Driver for Windows Vista
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel Matrix Storage Manager
"{90840407-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Excel Viewer 2003
"{9559F7CA-5E34-4237-A2D9-D856464AD727}" = Project64 1.6
"{9A200E68-D5F4-4E70-910F-2871753A0E2B}" = Worms World Party
"{9D986E6C-E3FA-17C5-11D4-C1B6B65B1284}" = Catalyst Control Center Graphics Light
"{9FE35071-CAB2-4E79-93E7-BFC6A2DC5C5D}" = CD/DVD Drive Acoustic Silencer
"{A6D4234C-CB02-4048-AC3E-AD09404FA35A}" = Emdedded IR Driver
"{AC76BA86-7AD7-1031-7B44-A91000000001}" = Adobe Reader 9.1 - Deutsch
"{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter
"{B2D328BE-45AD-4D92-96F9-2151490A203E}" = Apple Application Support
"{B42B3158-C8D0-4DD9-8E5D-C02FE29A1BD3}" = Blackd Proxy
"{B5FDA445-CAC4-4BA6-A8FB-A7212BD439DE}" = Microsoft XML Parser
"{BE6817F6-6CC1-9934-3DE4-BADA9471BCBD}" = Catalyst Control Center Graphics Previews Common
"{C1E11C46-E6EB-4BD2-9ADF-2A98ACBEB216}" = iTunes
"{C41300B9-185D-475E-BFEC-39EF732F19B1}" = Apple Software Update
"{C7340571-7773-4A8C-9EBC-4E4243B38C76}" = Microsoft XML Parser
"{CCD90636-D97D-4130-A44A-3AD4E63B9220}" = OpenOffice.org 2.4
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CEBB6BFB-D708-4F99-A633-BC2600E01EF6}" = Bluetooth Stack for Windows by Toshiba
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.2
"{D20559F7-7755-4811-BCD5-7F344BEC2215}" = QIP Infium 9040 Jeak-Edition
"{DB1440A2-8DE5-8ACF-4FD7-4DE42128CF5A}" = Catalyst Control Center Localization German
"{DB780B85-B4B5-4864-A49C-9B706B169C93}" = TIPCI
"{E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}" = Windows Media Encoder 9-Reihe
"{E5D1C4D5-1ECD-E689-FFCF-96D1FE7697FC}" = Skins
"{EBFF48F5-3CFA-436F-8FD5-94FB01D3A0A7}" = TOSHIBA SD Memory Utilities
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F214EAA4-A069-4BAF-9DA4-4DB8BEEDE485}" = DVD MovieFactory for TOSHIBA
"{F750C986-5310-3A5A-95F8-4EC71C8AC01C}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{F9FD80CE-0448-4D4F-8BCD-77FC514C3F99}" = Vista Codec Package
"{FE0646A7-19D0-41B4-A2BB-2C35D644270D}" = Windows Live OneCare safety scanner
"{FEDD27A0-B306-45EF-BF58-B527406B42C8}" = TOSHIBA Value Added Package
"7-Zip" = 7-Zip 4.58 beta
"Adobe Flash Player ActiveX" = Adobe Flash Player ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player
"AntiVir PersonalEdition Classic" = Avira AntiVir Personal - Free Antivirus
"AVS Update Manager_is1" = AVS Update Manager 1.0
"AVS4YOU Software Navigator_is1" = AVS4YOU Software Navigator 1.3
"AVS4YOU Video Converter 6_is1" = AVS Video Converter 6
"ClearSkinFX for Digital Cameras_is1" = ClearSkinFX for Digital Cameras
"Creative Centrale" = Creative Centrale
"Creative Removable Disk Manager" = Creative-Manager für Wechseldatenträger
"DivX Setup.divx.com" = DivX-Setup
"D-Link VGA Webcam" = D-Link VGA Webcam
"EADM" = EA Download Manager
"EVEREST Home Edition_is1" = EVEREST Home Edition v2.20
"Firebird SQL Server D" = Firebird SQL Server - MAGIX Edition 2.0.0.1 (D)
"FUSSBALL MANAGER 08" = FUSSBALL MANAGER 08
"FUSSBALL MANAGER 10" = FUSSBALL MANAGER 10
"Guardian Of Data_is1" = Guardian Of Data v2.1
"ImageMagick 6.5.0 Q16_is1" = ImageMagick 6.5.0-0 Q16 (2009-03-15)
"InstallShield_{2FDFD600-7338-4738-90D5-FC4ACA08DC36}" = Pro Evolution Soccer 2008
"InstallShield_{51B4E156-14A5-4904-9AE4-B1AA2A0E46BE}" = TOSHIBA Supervisorkennwort
"InstallShield_{5279374D-87FE-4879-9385-F17278EBB9D3}" = TOSHIBA Hardware Setup
"InstallShield_{617C36FD-0CBE-4600-84B2-441CEB12FADF}" = TOSHIBA Extended Tiles for Windows Mobility Center
"InstallShield_{620BBA5E-F848-4D56-8BDA-584E44584C5E}" = TOSHIBA Flash Cards Support Utility
"InstallShield_{A6D4234C-CB02-4048-AC3E-AD09404FA35A}" = Emdedded IR Driver
"InstallShield_{DB780B85-B4B5-4864-A49C-9B706B169C93}" = Texas Instruments PCIxx21/x515/xx12 drivers.
"InstallShield_{FEDD27A0-B306-45EF-BF58-B527406B42C8}" = TOSHIBA Value Added Package
"IrfanView" = IrfanView (remove only)
"MAGIX Digital Foto Maker SE D" = MAGIX Digital Foto Maker SE 4.1.0.835 (D)
"MAGIX Foto Suite D" = MAGIX Foto Suite 1.12.0.89 (D)
"MAGIX Online Druck Service D" = MAGIX Online Druck Service 2.3.2.0 (D)
"MediaMonkey_is1" = MediaMonkey 3.1
"Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"mIRC" = mIRC
"Mozilla Firefox (3.6.12)" = Mozilla Firefox (3.6.12)
"myphotobook" = myphotobook 3.1
"No-IP.com DUC" = No-IP.com DUC (remove only)
"OJOsoft Total Video Converter2.0.0.0430" = OJOsoft Total Video Converter
"PokerStars" = PokerStars
"PunkBusterSvc" = PunkBuster Services
"QIP 2005 8092 Jeak-Edition" = QIP 2005 8092 Jeak-Edition
"QIP 8070 Jeak Edition" = QIP 8070 Jeak Edition
"QIP2005" = QIP 2005 Uninstall
"Replay Media Catcher 3.11" = Replay Media Catcher
"SpeedFan" = SpeedFan (remove only)
"StarCraft II" = StarCraft II
"Steam App 240" = Counter-Strike: Source
"Steam App 300" = Day of Defeat: Source
"Steam App 320" = Half-Life 2: Deathmatch
"Steam App 340" = Half-Life 2: Lost Coast
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"Teamspeak 2 RC2_is1" = TeamSpeak 2 RC2
"TeamViewer 5" = TeamViewer 5
"Tibia Auto" = NSIS Example2
"Tibia_is1" = Tibia
"TMIPC" = Tibia MULTI-ip changer
"TOSHIBA Software Modem" = TOSHIBA Software Modem
"Trillian" = Trillian
"VCool" = VCool 1.7
"VLC media player" = VideoLAN VLC media player 0.8.6h
"Winamp" = Winamp
"Windows Live OneCare safety scanner" = Windows Live OneCare safety scanner
"Windows Media Encoder 9" = Windows Media Encoder 9-Reihe
"WinRAR archiver" = WinRAR
"Zattoo" = Zattoo 3.3.4 Beta
"Zattoo4" = Zattoo4 4.0.5
"ZENMozaicUG" = Creative ZEN Mozaic-Benutzerhandbuch
"Zero Assumption Recovery_is1" = Zero Assumption Recovery Version 8.4
"ZoneAlarm" = ZoneAlarm
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-473296999-2068794454-1557303209-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"QIP 2005" = QIP 2005 8092
"uTorrent" = µTorrent
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 09.11.2010 17:05:34 | Computer Name = xxx-1337 | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Windows\WinSxS\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.4053_none_cbf21254470d8752\MFC80.DLL".
Die
abhängige Assemblierung "Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0""
konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm
"sxstrace.exe".
Error - 09.11.2010 17:05:34 | Computer Name = xxx-1337 | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Windows\WinSxS\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.4053_none_cbf21254470d8752\MFC80.DLL".
Die
abhängige Assemblierung "Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0""
konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm
"sxstrace.exe".
Error - 09.11.2010 17:05:51 | Computer Name = xxx-1337 | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =
Error - 10.11.2010 05:30:44 | Computer Name = xxx-1337 | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Windows\WinSxS\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.4053_none_cbf21254470d8752\MFC80.DLL".
Die
abhängige Assemblierung "Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0""
konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm
"sxstrace.exe".
Error - 10.11.2010 05:30:44 | Computer Name = xxx-1337 | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Windows\WinSxS\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.4053_none_cbf21254470d8752\MFC80.DLL".
Die
abhängige Assemblierung "Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0""
konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm
"sxstrace.exe".
Error - 10.11.2010 05:31:01 | Computer Name = xxx-1337 | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =
Error - 11.11.2010 08:04:40 | Computer Name = xxx-1337 | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Windows\WinSxS\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.4053_none_cbf21254470d8752\MFC80.DLL".
Die
abhängige Assemblierung "Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0""
konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm
"sxstrace.exe".
Error - 11.11.2010 08:04:40 | Computer Name = xxx-1337 | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Windows\WinSxS\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.4053_none_cbf21254470d8752\MFC80.DLL".
Die
abhängige Assemblierung "Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0""
konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm
"sxstrace.exe".
Error - 11.11.2010 08:04:56 | Computer Name = xxx-1337 | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =
Error - 11.11.2010 14:36:49 | Computer Name = xxx-1337 | Source = Application Hang | ID = 1002
Description = Programm OTL.exe, Version 3.2.17.3 arbeitet nicht mehr mit Windows
zusammen und wurde beendet. Überprüfen Sie den Problemverlauf im Applet "Lösungen
für Probleme" in der Systemsteuerung, um nach weiteren Informationen über das Problem
zu suchen. Prozess-ID: 136c Anfangszeit: 01cb81ce813177e0 Zeitpunkt der Beendigung:
987
[ System Events ]
Error - 09.11.2010 19:21:29 | Computer Name = xxx-1337 | Source = DCOM | ID = 10010
Description =
Error - 10.11.2010 05:30:43 | Computer Name = xxx-1337 | Source = HTTP | ID = 15016
Description =
Error - 10.11.2010 05:31:07 | Computer Name = xxx-1337 | Source = Service Control Manager | ID = 7000
Description =
Error - 10.11.2010 05:31:07 | Computer Name = xxx-1337 | Source = Service Control Manager | ID = 7000
Description =
Error - 10.11.2010 05:31:07 | Computer Name = xxx-1337 | Source = Service Control Manager | ID = 7000
Description =
Error - 10.11.2010 19:15:46 | Computer Name = xxx-1337 | Source = DCOM | ID = 10010
Description =
Error - 11.11.2010 08:04:30 | Computer Name = xxx-1337 | Source = HTTP | ID = 15016
Description =
Error - 11.11.2010 08:05:07 | Computer Name = xxx-1337 | Source = Service Control Manager | ID = 7000
Description =
Error - 11.11.2010 08:05:07 | Computer Name = xxx-1337 | Source = Service Control Manager | ID = 7000
Description =
Error - 11.11.2010 08:05:07 | Computer Name = xxx-1337 | Source = Service Control Manager | ID = 7000
Description =
[ TuneUp Events ]
Error - 28.10.2009 08:52:25 | Computer Name = xxx-1337 | Source = TuneUp Program Statistics | ID = 131840
Description = SQL Error: near "s": syntax error; when executing SQL: INSERT INTO
ActiveApps (Started, Exe, ProcID, Resumed) VALUES ('2009-10-28 13:52:25', '\device\harddiskvolume2\program
files\remere's map editor\rme.exe','2012',0)
Error - 28.10.2009 08:57:12 | Computer Name = xxx-1337 | Source = TuneUp Program Statistics | ID = 131840
Description = SQL Error: near "s": syntax error; when executing SQL: INSERT INTO
ActiveApps (Started, Exe, ProcID, Resumed) VALUES ('2009-10-28 13:57:12', '\device\harddiskvolume2\program
files\remere's map editor\rme.exe','5068',0)
Error - 28.10.2009 08:57:32 | Computer Name = xxx-1337 | Source = TuneUp Program Statistics | ID = 131840
Description = SQL Error: near "s": syntax error; when executing SQL: INSERT INTO
ActiveApps (Started, Exe, ProcID, Resumed) VALUES ('2009-10-28 13:57:32', '\device\harddiskvolume2\program
files\remere's map editor\rme.exe','5712',0)
Error - 28.10.2009 09:01:48 | Computer Name = xxx-1337 | Source = TuneUp Program Statistics | ID = 131840
Description = SQL Error: near "s": syntax error; when executing SQL: INSERT INTO
ActiveApps (Started, Exe, ProcID, Resumed) VALUES ('2009-10-28 14:01:48', '\device\harddiskvolume2\program
files\remere's map editor\rme.exe','6020',0)
Error - 28.10.2009 09:06:07 | Computer Name = xxx-1337 | Source = TuneUp Program Statistics | ID = 131840
Description = SQL Error: near "s": syntax error; when executing SQL: INSERT INTO
ActiveApps (Started, Exe, ProcID, Resumed) VALUES ('2009-10-28 14:06:07', '\device\harddiskvolume2\program
files\remere's map editor\rme.exe','4620',0)
Error - 28.10.2009 09:07:27 | Computer Name = xxx-1337 | Source = TuneUp Program Statistics | ID = 131840
Description = SQL Error: near "s": syntax error; when executing SQL: INSERT INTO
ActiveApps (Started, Exe, ProcID, Resumed) VALUES ('2009-10-28 14:07:27', '\device\harddiskvolume2\program
files\remere's map editor\rme.exe','2364',0)
Error - 28.10.2009 18:04:49 | Computer Name = xxx-1337 | Source = TuneUp Program Statistics | ID = 131840
Description = SQL Error: near "s": syntax error; when executing SQL: INSERT INTO
ActiveApps (Started, Exe, ProcID, Resumed) VALUES ('2009-10-28 23:04:49', '\device\harddiskvolume2\program
files\remere's map editor\rme.exe','6632',0)
Error - 28.10.2009 20:04:51 | Computer Name = xxx-1337 | Source = TuneUp Program Statistics | ID = 131840
Description = SQL Error: near "s": syntax error; when executing SQL: INSERT INTO
ActiveApps (Started, Exe, ProcID, Resumed) VALUES ('2009-10-29 01:04:50', '\device\harddiskvolume2\program
files\remere's map editor\rme.exe','5596',0)
Error - 28.10.2009 20:17:02 | Computer Name = xxx-1337 | Source = TuneUp Program Statistics | ID = 131840
Description = SQL Error: near "s": syntax error; when executing SQL: INSERT INTO
ActiveApps (Started, Exe, ProcID, Resumed) VALUES ('2009-10-29 01:17:02', '\device\harddiskvolume2\program
files\remere's map editor\rme.exe','3596',0)
Error - 29.10.2009 15:59:45 | Computer Name = xxx-1337 | Source = TuneUp Program Statistics | ID = 131840
Description = SQL Error: near "s": syntax error; when executing SQL: INSERT INTO
ActiveApps (Started, Exe, ProcID, Resumed) VALUES ('2009-10-29 20:59:45', '\device\harddiskvolume2\program
files\remere's map editor\rme.exe','5512',0)
< End of report >
|
