Haltstop | 23.12.2011 23:15 | hier die OTL.txt
OTL Logfile: Code:
OTL logfile created on: 23.12.2011 22:48:07 - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Dokumente und Einstellungen\x\Eigene Dateien\Downloads
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
2,00 Gb Total Physical Memory | 1,50 Gb Available Physical Memory | 75,01% Memory free
3,35 Gb Paging File | 2,92 Gb Available in Paging File | 87,00% Paging File free
Paging file location(s): C:\pagefile.sys 1536 4096 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 232,88 Gb Total Space | 18,17 Gb Free Space | 7,80% Space Free | Partition Type: NTFS
Computer Name: x | User Name: x | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2011.12.23 22:41:52 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Dokumente und Einstellungen\x\Eigene Dateien\Downloads\OTL.exe
PRC - [2011.12.23 22:25:52 | 000,177,664 | ---- | M] () -- C:\Dokumente und Einstellungen\x\Anwendungsdaten\281E8\00001.exe
PRC - [2011.12.21 18:31:12 | 000,293,376 | ---- | M] () -- C:\Programme\LP\0152\38A.exe
PRC - [2011.12.21 17:04:29 | 000,193,536 | ---- | M] () -- C:\Programme\E86F1\lvvm.exe
PRC - [2011.10.11 14:00:02 | 000,080,336 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\avshadow.exe
PRC - [2011.10.11 13:59:49 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\sched.exe
PRC - [2011.10.11 13:59:37 | 000,258,512 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\avgnt.exe
PRC - [2011.10.11 13:59:37 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\avguard.exe
PRC - [2011.09.27 18:10:37 | 001,700,752 | ---- | M] (Bandoo Media, inc) -- C:\Programme\SearchCore for Browsers\SearchCore for Browsers\datamngrUI.exe
PRC - [2011.04.08 11:59:52 | 000,254,696 | ---- | M] (Sun Microsystems, Inc.) -- C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe
PRC - [2011.03.13 15:53:20 | 000,114,992 | R--- | M] (SweetIM Technologies Ltd.) -- C:\Programme\SweetIM\Messenger\SweetIM.exe
PRC - [2010.07.16 09:51:34 | 000,138,584 | ---- | M] () -- C:\Programme\Mobile Partner Manager\UIExec.exe
PRC - [2009.08.13 17:02:34 | 000,357,384 | ---- | M] (Logitech Inc.) -- C:\Programme\Logitech\GamePanel Software\LGDevAgt.exe
PRC - [2009.08.13 16:37:56 | 001,573,384 | ---- | M] (Logitech Inc.) -- C:\Programme\Logitech\GamePanel Software\LCD Manager\LCDMon.exe
PRC - [2009.08.13 16:37:44 | 000,522,760 | ---- | M] (Logitech Inc.) -- C:\Programme\Logitech\GamePanel Software\Applets\LCDMedia.exe
PRC - [2009.08.13 16:37:34 | 000,523,784 | ---- | M] (Logitech Inc.) -- C:\Programme\Logitech\GamePanel Software\Applets\LCDCountdown.exe
PRC - [2009.08.13 16:37:24 | 000,676,360 | ---- | M] (Logitech Inc.) -- C:\Programme\Logitech\GamePanel Software\Applets\LCDClock.exe
PRC - [2008.04.14 03:22:45 | 001,036,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007.02.24 21:38:29 | 000,618,496 | ---- | M] (Macrovision Corporation) -- C:\Programme\Gemeinsame Dateien\InstallShield\UpdateService\agent.exe
PRC - [2007.02.24 21:38:28 | 000,249,856 | ---- | M] (Macrovision Corporation) -- c:\Programme\Gemeinsame Dateien\InstallShield\UpdateService\ISUSPM.exe
PRC - [2007.02.12 14:50:40 | 000,020,480 | ---- | M] () -- C:\WINDOWS\FixCamera.exe
PRC - [2005.08.11 15:30:30 | 000,081,920 | ---- | M] (Macrovision Corporation) -- C:\Programme\Gemeinsame Dateien\InstallShield\UpdateService\issch.exe
PRC - [2005.07.07 18:12:38 | 000,491,520 | ---- | M] (TOSHIBA CORPORATION.) -- C:\Programme\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
PRC - [2005.04.14 21:52:16 | 000,262,144 | ---- | M] (TOSHIBA CORPORATION.) -- C:\Programme\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe
PRC - [2005.03.11 12:48:54 | 000,217,088 | ---- | M] (TOSHIBA CORPORATION.) -- C:\Programme\Toshiba\Bluetooth Toshiba Stack\TosBtHSP.exe
========== Modules (No Company Name) ==========
MOD - [2011.12.23 22:25:52 | 000,177,664 | ---- | M] () -- C:\Dokumente und Einstellungen\x\Anwendungsdaten\281E8\00001.exe
MOD - [2011.12.21 18:31:12 | 000,293,376 | ---- | M] () -- C:\Programme\LP\0152\38A.exe
MOD - [2011.12.21 17:04:29 | 000,193,536 | ---- | M] () -- C:\Programme\E86F1\lvvm.exe
MOD - [2011.10.11 13:59:51 | 000,398,288 | ---- | M] () -- C:\Programme\Avira\AntiVir Desktop\sqlite3.dll
MOD - [2010.07.16 09:51:34 | 000,138,584 | ---- | M] () -- C:\Programme\Mobile Partner Manager\UIExec.exe
MOD - [2010.05.20 15:44:18 | 000,033,792 | ---- | M] () -- C:\Programme\D9632D4510F7416586DDE7104EFA9E09\QWS.dll
MOD - [2009.02.27 17:41:26 | 000,311,296 | ---- | M] () -- C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\pdfshell.DEU
MOD - [2009.01.09 17:10:52 | 000,139,264 | ---- | M] () -- C:\Programme\Brother\BrUtilities\BrLogAPI.dll
MOD - [2008.06.20 17:02:46 | 000,247,296 | ---- | M] () -- \\?\globalroot\systemroot\system32\mswsock.dll
MOD - [2008.04.14 03:22:16 | 000,014,336 | ---- | M] () -- C:\WINDOWS\system32\msdmo.dll
MOD - [2007.02.12 14:50:40 | 000,020,480 | ---- | M] () -- C:\WINDOWS\FixCamera.exe
MOD - [2004.10.01 14:13:24 | 000,045,056 | ---- | M] () -- C:\Programme\Toshiba\Bluetooth Toshiba Stack\TosBtLoad.dll
MOD - [2004.09.22 10:09:06 | 000,065,536 | ---- | M] () -- C:\WINDOWS\system32\TosCommAPI.dll
MOD - [2003.07.29 15:33:26 | 000,061,440 | ---- | M] () -- C:\WINDOWS\system32\TosHidAPI.dll
========== Win32 Services (SafeList) ==========
SRV - File not found [On_Demand | Stopped] -- -- (RoxMediaDB)
SRV - File not found [On_Demand | Stopped] -- -- (AppMgmt)
SRV - [2011.10.11 13:59:49 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Programme\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2011.10.11 13:59:37 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Programme\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2010.10.26 13:43:56 | 000,029,504 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\WINDOWS\system32\uxtuneup.dll -- (UxTuneUp)
SRV - [2007.02.24 21:38:33 | 000,233,472 | ---- | M] (Sonic Solutions) [Auto | Stopped] -- C:\Programme\Gemeinsame Dateien\Roxio Shared\SharedCOM8\RoxLiveShare.exe -- (RoxLiveShare)
SRV - [2007.02.24 21:38:25 | 000,073,728 | ---- | M] (Macrovision Corporation) [On_Demand | Stopped] -- C:\Programme\Gemeinsame Dateien\InstallShield\Driver\1050\Intel 32\IDriverT.exe -- (IDriverT)
SRV - [2007.02.24 21:35:44 | 001,531,904 | ---- | M] (The Firebird Project) [On_Demand | Stopped] -- C:\MAGIX\Common\Database\bin\fbserver.exe -- (FirebirdServerMAGIXInstance)
========== Driver Services (SafeList) ==========
DRV - [2011.12.10 13:30:42 | 000,134,856 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avipbb.sys -- (avipbb)
DRV - [2011.10.11 14:00:01 | 000,074,640 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2011.10.11 14:00:01 | 000,036,000 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avkmgr.sys -- (avkmgr)
DRV - [2010.10.07 12:34:32 | 000,010,064 | ---- | M] (TuneUp Software) [Kernel | On_Demand | Stopped] -- C:\Programme\TuneUp Utilities 2011\TuneUpUtilitiesDriver32.sys -- (TuneUpUtilitiesDrv)
DRV - [2010.06.17 14:14:27 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2010.05.20 14:27:24 | 000,030,576 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nx6000.sys -- (MSHUSBVideo)
DRV - [2010.02.03 15:56:56 | 000,026,176 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hamachi.sys -- (hamachi)
DRV - [2010.01.18 11:21:00 | 000,105,088 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ZTEusbser6k.sys -- (ZTEusbser6k)
DRV - [2010.01.18 11:21:00 | 000,105,088 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ZTEusbnmea.sys -- (ZTEusbnmea)
DRV - [2010.01.18 11:21:00 | 000,105,088 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ZTEusbmdm6k.sys -- (ZTEusbmdm6k)
DRV - [2010.01.18 11:21:00 | 000,009,216 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\massfilter.sys -- (massfilter)
DRV - [2009.12.17 11:31:42 | 000,021,504 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\Ndisprot.sys -- (Ndisprot)
DRV - [2009.08.06 19:18:53 | 000,281,760 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\atksgt.sys -- (atksgt)
DRV - [2009.08.06 19:18:52 | 000,025,888 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\lirsgt.sys -- (lirsgt)
DRV - [2009.07.14 14:35:30 | 000,019,720 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LGBusEnum.sys -- (LGBusEnum)
DRV - [2009.06.12 12:53:47 | 000,097,792 | ---- | M] (Protect Software GmbH) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\ACEDRV05.sys -- (ACEDRV05)
DRV - [2008.01.09 12:28:34 | 000,027,632 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\seehcri.sys -- (seehcri)
DRV - [2007.12.11 14:46:42 | 000,101,120 | R--- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ewusbmdm.sys -- (hwdatacard)
DRV - [2007.12.10 14:22:22 | 000,110,120 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s3017unic.sys -- (s3017unic) Sony Ericsson Device 3017 USB Ethernet Emulation SEMC3017 (WDM)
DRV - [2007.12.10 14:22:22 | 000,100,648 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s3017obex.sys -- (s3017obex)
DRV - [2007.12.10 14:22:20 | 000,104,616 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s3017mgmt.sys -- (s3017mgmt) Sony Ericsson Device 3017 USB WMC Device Management Drivers (WDM)
DRV - [2007.12.10 14:22:20 | 000,025,512 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s3017nd5.sys -- (s3017nd5) Sony Ericsson Device 3017 USB Ethernet Emulation SEMC3017 (NDIS)
DRV - [2007.12.10 14:22:18 | 000,110,632 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s3017mdm.sys -- (s3017mdm)
DRV - [2007.12.10 14:22:18 | 000,015,016 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s3017mdfl.sys -- (s3017mdfl)
DRV - [2007.12.10 14:22:14 | 000,083,880 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s3017bus.sys -- (s3017bus) Sony Ericsson Device 3017 driver (WDM)
DRV - [2007.06.25 10:43:38 | 000,098,344 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s117obex.sys -- (s117obex)
DRV - [2007.06.25 10:43:36 | 000,108,456 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s117mdm.sys -- (s117mdm)
DRV - [2007.06.25 10:43:36 | 000,100,264 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s117mgmt.sys -- (s117mgmt) Sony Ericsson Device 117 USB WMC Device Management Drivers (WDM)
DRV - [2007.06.25 10:43:36 | 000,098,856 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s117unic.sys -- (s117unic) Sony Ericsson Device 117 USB Ethernet Emulation SEMC117 (WDM)
DRV - [2007.06.25 10:43:36 | 000,022,952 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s117nd5.sys -- (s117nd5) Sony Ericsson Device 117 USB Ethernet Emulation SEMC117 (NDIS)
DRV - [2007.06.25 10:43:26 | 000,014,888 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s117mdfl.sys -- (s117mdfl)
DRV - [2007.06.25 10:43:22 | 000,082,984 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s117bus.sys -- (s117bus) Sony Ericsson Device 117 driver (WDM)
DRV - [2007.05.30 19:15:08 | 000,013,184 | ---- | M] (ArcSoft, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ArcSoftKsUFilter.sys -- (ArcSoftKsUFilter)
DRV - [2007.04.03 12:57:54 | 000,099,080 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s116unic.sys -- (s116unic) Sony Ericsson Device 116 USB Ethernet Emulation SEMC116 (WDM)
DRV - [2007.04.03 12:57:52 | 000,098,696 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s116obex.sys -- (s116obex)
DRV - [2007.04.03 12:57:52 | 000,023,176 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s116nd5.sys -- (s116nd5) Sony Ericsson Device 116 USB Ethernet Emulation SEMC116 (NDIS)
DRV - [2007.04.03 12:57:50 | 000,100,488 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s116mgmt.sys -- (s116mgmt) Sony Ericsson Device 116 USB WMC Device Management Drivers (WDM)
DRV - [2007.04.03 12:57:48 | 000,108,680 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s116mdm.sys -- (s116mdm)
DRV - [2007.04.03 12:57:48 | 000,015,112 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s116mdfl.sys -- (s116mdfl)
DRV - [2007.04.03 12:57:42 | 000,083,336 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s116bus.sys -- (s116bus) Sony Ericsson Device 116 driver (WDM)
DRV - [2007.01.12 19:09:53 | 000,082,296 | ---- | M] (Protection Technology (StarForce)) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\sfvfs02.sys -- (sfvfs02) StarForce Protection VFS Driver (version 2.x)
DRV - [2006.11.10 15:05:00 | 000,018,688 | ---- | M] (Arcsoft, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\afc.sys -- (Afc)
DRV - [2006.11.10 08:47:18 | 000,090,800 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\se2Bunic.sys -- (se2Bunic) Sony Ericsson Device 043 USB Ethernet Emulation SEMC43 (WDM)
DRV - [2006.11.10 08:47:10 | 000,086,560 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\SE2Bobex.sys -- (SE2Bobex)
DRV - [2006.11.10 08:47:08 | 000,018,704 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\se2Bnd5.sys -- (se2Bnd5) Sony Ericsson Device 043 USB Ethernet Emulation SEMC43 (NDIS)
DRV - [2006.11.10 08:47:06 | 000,088,688 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\SE2Bmgmt.sys -- (SE2Bmgmt) Sony Ericsson Device 043 USB WMC Device Management Drivers (WDM)
DRV - [2006.11.10 08:47:00 | 000,097,184 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\SE2Bmdm.sys -- (SE2Bmdm)
DRV - [2006.11.10 08:46:58 | 000,009,360 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\SE2Bmdfl.sys -- (SE2Bmdfl)
DRV - [2006.11.10 08:46:52 | 000,061,600 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\SE2Bbus.sys -- (SE2Bbus) Sony Ericsson Device 043 Driver driver (WDM)
DRV - [2006.09.18 13:59:08 | 000,090,800 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\se27unic.sys -- (se27unic) Sony Ericsson Device 039 USB Ethernet Emulation SEMC39 (WDM)
DRV - [2006.09.18 13:59:02 | 000,086,560 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\SE27obex.sys -- (SE27obex)
DRV - [2006.09.18 13:59:00 | 000,018,704 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\se27nd5.sys -- (se27nd5) Sony Ericsson Device 039 USB Ethernet Emulation SEMC39 (NDIS)
DRV - [2006.09.18 13:58:58 | 000,088,688 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\SE27mgmt.sys -- (SE27mgmt) Sony Ericsson Device 039 USB WMC Device Management Drivers (WDM)
DRV - [2006.09.18 13:58:54 | 000,097,184 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\SE27mdm.sys -- (SE27mdm)
DRV - [2006.09.18 13:58:52 | 000,009,360 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\SE27mdfl.sys -- (SE27mdfl)
DRV - [2006.09.18 13:58:48 | 000,061,600 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\SE27bus.sys -- (SE27bus) Sony Ericsson Device 039 Driver driver (WDM)
DRV - [2006.07.10 17:19:58 | 000,027,032 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\sfsync02.sys -- (sfsync02) StarForce Protection Synchronization Driver (version 2.x)
DRV - [2006.07.05 13:46:06 | 000,063,352 | ---- | M] (Protection Technology (StarForce)) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\sfdrv01a.sys -- (sfdrv01a) StarForce Protection Environment Driver (version 1.x.a)
DRV - [2006.06.28 16:25:24 | 004,304,384 | R--- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2006.06.14 15:56:56 | 000,013,680 | ---- | M] (Protection Technology (StarForce)) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\sfhlp02.sys -- (sfhlp02) StarForce Protection Helper Driver (version 2.x)
DRV - [2006.05.17 12:00:00 | 000,040,960 | R--- | M] (Silicon Integrated Systems Corp.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\SiSGbeXP.sys -- (SiSGbeXP)
DRV - [2005.10.22 06:05:00 | 000,311,680 | ---- | M] (Sonic Solutions) [File_System | System | Running] -- C:\WINDOWS\System32\drivers\Cdudf_xp.sys -- (cdudf_xp)
DRV - [2005.10.22 06:05:00 | 000,119,168 | ---- | M] (Sonic Solutions) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\Pwd_2k.sys -- (pwd_2k)
DRV - [2005.10.22 06:05:00 | 000,027,264 | ---- | M] (Sonic Solutions) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\dvd_2k.sys -- (dvd_2K)
DRV - [2005.10.22 06:05:00 | 000,027,136 | ---- | M] (Sonic Solutions) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\mmc_2k.sys -- (mmc_2K)
DRV - [2005.09.13 17:32:00 | 000,034,816 | ---- | M] (TOSHIBA CORPORATION) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\tosrfusb.sys -- (Tosrfusb)
DRV - [2005.08.26 22:10:20 | 000,108,672 | ---- | M] (TOSHIBA CORPORATION) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\TosRfbd.sys -- (Tosrfbd)
DRV - [2005.08.10 13:44:04 | 000,050,688 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\sfdrv01.sys -- (sfdrv01) StarForce Protection Environment Driver (version 1.x)
DRV - [2005.06.27 18:48:08 | 000,053,504 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\TosRfhid.sys -- (Tosrfhid)
DRV - [2005.04.06 09:54:44 | 000,050,048 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\TosRfSnd.sys -- (TosRfSnd) Bluetooth Audio Device (WDM)
DRV - [2005.03.30 12:42:54 | 000,047,230 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Tosporte.sys -- (tosporte)
DRV - [2005.03.04 18:15:54 | 000,077,072 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\k600obex.sys -- (k600obex)
DRV - [2005.03.04 18:13:46 | 000,079,248 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\k600mgmt.sys -- (k600mgmt)
DRV - [2005.03.04 18:11:26 | 000,087,456 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\k600mdm.sys -- (k600mdm)
DRV - [2005.03.04 18:11:20 | 000,006,096 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\k600mdfl.sys -- (k600mdfl)
DRV - [2005.03.04 18:08:50 | 000,052,384 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\k600bus.sys -- (k600bus) Sony Ericsson 600i driver (WDM)
DRV - [2005.01.07 16:07:16 | 000,145,920 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Hdaudio.sys -- (HdAudAddService)
DRV - [2005.01.06 13:42:42 | 000,018,612 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\tosrfnds.sys -- (tosrfnds)
DRV - [2004.10.04 10:33:02 | 000,062,799 | ---- | M] (TOSHIBA Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\tosrfcom.sys -- (Tosrfcom)
DRV - [2004.07.08 17:07:34 | 000,036,531 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\tosrfbnp.sys -- (Tosrfbnp)
DRV - [2003.01.10 22:13:04 | 000,033,588 | ---- | M] (America Online, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\wanatw4.sys -- (wanatw) WAN Miniport (ATW)
DRV - [2002.10.16 13:55:48 | 000,002,851 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Toshidpt.sys -- (toshidpt)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://home.sweetim.com
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-2236574890-561679509-3735063344-1007\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Yahoo! Search
IE - HKU\S-1-5-21-2236574890-561679509-3735063344-1007\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = hxxp://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7
IE - HKU\S-1-5-21-2236574890-561679509-3735063344-1007\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.nb-town.de.dns.boreus.de/
IE - HKU\S-1-5-21-2236574890-561679509-3735063344-1007\..\URLSearchHook: {EEE6C35D-6118-11DC-9C72-001320C79847} - C:\Programme\SweetIM\Toolbars\Internet Explorer\mgHelper.dll (SweetIM Technologies Ltd.)
IE - HKU\S-1-5-21-2236574890-561679509-3735063344-1007\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1
IE - HKU\S-1-5-21-2236574890-561679509-3735063344-1007\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>
IE - HKU\S-1-5-21-2236574890-561679509-3735063344-1007\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:55939
IE - HKU\S-1-5-21-2236574890-561679509-3735063344-1011\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Yahoo! Search
IE - HKU\S-1-5-21-2236574890-561679509-3735063344-1011\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = hxxp://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7
IE - HKU\S-1-5-21-2236574890-561679509-3735063344-1011\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.ask.com/?o=13166&l=dis
IE - HKU\S-1-5-21-2236574890-561679509-3735063344-1011\..\URLSearchHook: - No CLSID value found
IE - HKU\S-1-5-21-2236574890-561679509-3735063344-1011\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Programme\ICQ6Toolbar\ICQToolBar.dll (ICQ)
IE - HKU\S-1-5-21-2236574890-561679509-3735063344-1011\..\URLSearchHook: {EEE6C35D-6118-11DC-9C72-001320C79847} - C:\Programme\SweetIM\Toolbars\Internet Explorer\mgHelper.dll (SweetIM Technologies Ltd.)
IE - HKU\S-1-5-21-2236574890-561679509-3735063344-1011\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1
IE - HKU\S-1-5-21-2236574890-561679509-3735063344-1011\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:52364
========== FireFox ==========
FF - prefs.js..browser.startup.homepage: "hxxp://www.searchqu.com/406"
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..keyword.URL: "hxxp://www.searchqu.com/web?src=ffb&appid=119&systemid=406&sr=0&q="
FF - prefs.js..network.proxy.http: "127.0.0.1"
FF - prefs.js..network.proxy.http_port: 55939
FF - prefs.js..network.proxy.type: 1
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Programme\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Programme\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@viewpoint.com/VMP: C:\Programme\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll ()
FF - HKLM\Software\MozillaPlugins\@zylom.com/ZylomGamesPlayer: C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Zylom\ZylomGamesPlayer\npzylomgamesplayer.dll (Zylom)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Programme\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0.1\extensions\\Components: C:\Programme\Mozilla Firefox\components [2011.11.23 19:22:22 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0.1\extensions\\Plugins: C:\Programme\Mozilla Firefox\plugins [2011.07.20 15:01:02 | 000,000,000 | ---D | M]
[2009.02.08 13:12:30 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\x\Anwendungsdaten\Mozilla\Extensions
[2011.12.23 22:45:38 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\x\Anwendungsdaten\Mozilla\Firefox\Profiles\z9gzau7d.default\extensions
[2010.11.15 16:21:29 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Dokumente und Einstellungen\x\Anwendungsdaten\Mozilla\Firefox\Profiles\z9gzau7d.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2011.12.23 22:45:38 | 000,000,000 | ---D | M] (Greasemonkey) -- C:\Dokumente und Einstellungen\x\Anwendungsdaten\Mozilla\Firefox\Profiles\z9gzau7d.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}
[2011.11.23 22:21:44 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
[2010.08.14 15:16:17 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAMME\JAVA\JRE6\LIB\DEPLOY\JQS\FF
[2011.11.23 19:22:22 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Programme\mozilla firefox\components\browsercomps.dll
[2011.05.04 03:52:23 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Programme\mozilla firefox\plugins\npdeployJava1.dll
[2006.09.26 12:03:14 | 000,098,304 | ---- | M] (Zylom) -- C:\Programme\mozilla firefox\plugins\npzylomgamesplayer.dll
[2011.10.04 21:23:30 | 000,001,392 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\amazondotcom-de.xml
[2011.10.04 21:23:30 | 000,002,252 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\bing.xml
[2011.10.04 21:23:30 | 000,001,153 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\eBay-de.xml
[2011.10.04 21:23:30 | 000,006,805 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\leo_ende_de.xml
[2011.10.02 22:58:32 | 000,002,520 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\SearchResults.xml
[2011.10.04 21:23:30 | 000,001,178 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\wikipedia-de.xml
[2011.10.04 21:23:30 | 000,001,105 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\yahoo-de.xml
O1 HOSTS File: ([2004.08.04 13:00:00 | 000,000,820 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (AskBar BHO) - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Programme\AskBarDis\bar\bin\askBar.dll (Ask.com)
O2 - BHO: (Conduit Engine ) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Programme\ConduitEngine\prxConduitEngine.dll (Conduit Ltd.)
O2 - BHO: (InternetDownloadToolBar) - {376CA00C-3F95-46F7-8F04-E69906E52A1F} - C:\Programme\E-Zsoft\YouTubeDownloader\IDTB.dll ()
O2 - BHO: (Eazel-DE Toolbar) - {69b6939f-c70d-45c5-9bbd-e2e2cc3dd8e5} - C:\Programme\Eazel-DE\prxtbEaz0.dll (Conduit Ltd.)
O2 - BHO: (QWBandToolBar) - {8270927A-FB8B-4647-8E21-C9459BB2610D} - C:\Programme\D9632D4510F7416586DDE7104EFA9E09\QWS.dll ()
O2 - BHO: (DVDVideoSoftTB Toolbar) - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Programme\DVDVideoSoftTB\prxtbDVD0.dll (Conduit Ltd.)
O2 - BHO: (Searchqu Toolbar) - {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\Programme\Windows iLivid Toolbar\Datamngr\ToolBar\searchqudtx.dll ()
O2 - BHO: (SearchCore for Browsers) - {9D717F81-9148-4f12-8568-69135F087DB0} - C:\Programme\SearchCore for Browsers\SearchCore for Browsers\BrowserConnection.dll (Bandoo Media, inc)
O2 - BHO: (SweetIM Toolbar Helper) - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Programme\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
O3 - HKLM\..\Toolbar: (Ask Toolbar) - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Programme\AskBarDis\bar\bin\askBar.dll (Ask.com)
O3 - HKLM\..\Toolbar: (Conduit Engine ) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Programme\ConduitEngine\prxConduitEngine.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (InternetDownloadToolBar) - {376CA00C-3F95-46F7-8F04-E69906E52A1F} - C:\Programme\E-Zsoft\YouTubeDownloader\IDTB.dll ()
O3 - HKLM\..\Toolbar: (Eazel-DE Toolbar) - {69b6939f-c70d-45c5-9bbd-e2e2cc3dd8e5} - C:\Programme\Eazel-DE\prxtbEaz0.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (QWBandToolBar) - {8270927A-FB8B-4647-8E21-C9459BB2610D} - C:\Programme\D9632D4510F7416586DDE7104EFA9E09\QWS.dll ()
O3 - HKLM\..\Toolbar: (ICQToolBar) - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Programme\ICQ6Toolbar\ICQToolBar.dll (ICQ)
O3 - HKLM\..\Toolbar: (DVDVideoSoftTB Toolbar) - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Programme\DVDVideoSoftTB\prxtbDVD0.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Searchqu Toolbar) - {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\Programme\Windows iLivid Toolbar\Datamngr\ToolBar\searchqudtx.dll ()
O3 - HKLM\..\Toolbar: (SweetIM Toolbar for Internet Explorer) - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Programme\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3 - HKU\S-1-5-21-2236574890-561679509-3735063344-1007\..\Toolbar\WebBrowser: (Ask Toolbar) - {3041D03E-FD4B-44E0-B742-2D9B88305F98} - C:\Programme\AskBarDis\bar\bin\askBar.dll (Ask.com)
O3 - HKU\S-1-5-21-2236574890-561679509-3735063344-1007\..\Toolbar\WebBrowser: (Conduit Engine ) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Programme\ConduitEngine\prxConduitEngine.dll (Conduit Ltd.)
O3 - HKU\S-1-5-21-2236574890-561679509-3735063344-1007\..\Toolbar\WebBrowser: (Eazel-DE Toolbar) - {69B6939F-C70D-45C5-9BBD-E2E2CC3DD8E5} - C:\Programme\Eazel-DE\prxtbEaz0.dll (Conduit Ltd.)
O3 - HKU\S-1-5-21-2236574890-561679509-3735063344-1007\..\Toolbar\WebBrowser: (DVDVideoSoftTB Toolbar) - {872B5B88-9DB5-4310-BDD0-AC189557E5F5} - C:\Programme\DVDVideoSoftTB\prxtbDVD0.dll (Conduit Ltd.)
O3 - HKU\S-1-5-21-2236574890-561679509-3735063344-1007\..\Toolbar\WebBrowser: (SweetIM Toolbar for Internet Explorer) - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Programme\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
O3 - HKU\S-1-5-21-2236574890-561679509-3735063344-1011\..\Toolbar\WebBrowser: (Ask Toolbar) - {3041D03E-FD4B-44E0-B742-2D9B88305F98} - C:\Programme\AskBarDis\bar\bin\askBar.dll (Ask.com)
O3 - HKU\S-1-5-21-2236574890-561679509-3735063344-1011\..\Toolbar\WebBrowser: (Eazel-DE Toolbar) - {69B6939F-C70D-45C5-9BBD-E2E2CC3DD8E5} - C:\Programme\Eazel-DE\prxtbEaz0.dll (Conduit Ltd.)
O3 - HKU\S-1-5-21-2236574890-561679509-3735063344-1011\..\Toolbar\WebBrowser: (DVDVideoSoftTB Toolbar) - {872B5B88-9DB5-4310-BDD0-AC189557E5F5} - C:\Programme\DVDVideoSoftTB\prxtbDVD0.dll (Conduit Ltd.)
O3 - HKU\S-1-5-21-2236574890-561679509-3735063344-1011\..\Toolbar\WebBrowser: (SweetIM Toolbar for Internet Explorer) - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Programme\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
O4 - HKLM..\Run: [38A.exe] C:\Programme\LP\0152\38A.exe ()
O4 - HKLM..\Run: [Adobe ARM] C:\Programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [ArcSoft Connection Service] C:\Programme\Gemeinsame Dateien\ArcSoft\Connection Service\Bin\ACDaemon.exe (ArcSoft Inc.)
O4 - HKLM..\Run: [avgnt] C:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [BluetoothAuthenticationAgent] C:\WINDOWS\System32\bthprops.cpl (Microsoft Corporation)
O4 - HKLM..\Run: [ControlCenter3] C:\Programme\Brother\ControlCenter3\brctrcen.exe (Brother Industries, Ltd.)
O4 - HKLM..\Run: [DATAMNGR] C:\Programme\SearchCore for Browsers\SearchCore for Browsers\datamngrUI.exe (Bandoo Media, inc)
O4 - HKLM..\Run: [FixCamera] C:\WINDOWS\FixCamera.exe ()
O4 - HKLM..\Run: [ISUSPM Startup] c:\Programme\Gemeinsame Dateien\InstallShield\UpdateService\isuspm.exe (Macrovision Corporation)
O4 - HKLM..\Run: [ISUSScheduler] C:\Programme\Gemeinsame Dateien\InstallShield\UpdateService\issch.exe (Macrovision Corporation)
O4 - HKLM..\Run: [Launch LCDMon] C:\Programme\Logitech\GamePanel Software\LCD Manager\LCDMon.exe (Logitech Inc.)
O4 - HKLM..\Run: [Launch LgDeviceAgent] C:\Programme\Logitech\GamePanel Software\LgDevAgt.exe (Logitech Inc.)
O4 - HKLM..\Run: [LifeCam] C:\Programme\Microsoft LifeCam\LifeExp.exe (Microsoft Corporation)
O4 - HKLM..\Run: [LogMeIn Hamachi Ui] C:\Programme\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn Inc.)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe ()
O4 - HKLM..\Run: [SSBkgdUpdate] C:\Programme\Gemeinsame Dateien\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe (Nuance Communications, Inc.)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [SweetIM] C:\Programme\SweetIM\Messenger\SweetIM.exe (SweetIM Technologies Ltd.)
O4 - HKLM..\Run: [UIExec] C:\Programme\Mobile Partner Manager\UIExec.exe ()
O4 - HKLM..\Run: [YouTubeDownloader_upgrade] C:\Programme\E-Zsoft\YouTubeDownloader\YouTubeDownloader.exe (Internet Downloader)
O4 - HKU\S-1-5-19..\Run: [4Y3Y0C3AWF7XWI5WMADZPI] C:\Recycle.Bin\B6232F3A624.exe File not found
O4 - HKU\S-1-5-20..\Run: [4Y3Y0C3AWF7XWI5WMADZPI] C:\Recycle.Bin\B6232F3A624.exe File not found
O4 - HKU\S-1-5-21-2236574890-561679509-3735063344-1007..\Run: [Sony Ericsson PC Suite] C:\Programme\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe (Sony Ericsson Mobile Communications AB)
O4 - HKU\S-1-5-21-2236574890-561679509-3735063344-1011..\Run: [Sony Ericsson PC Suite] C:\Programme\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe (Sony Ericsson Mobile Communications AB)
O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\Bluetooth Manager.lnk = C:\Programme\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe (TOSHIBA CORPORATION.)
F3 - HKU\S-1-5-21-2236574890-561679509-3735063344-1007 WinNT: Load - (C:\Programme\E86F1\lvvm.exe) -C:\Programme\E86F1\lvvm.exe ()
F3 - HKU\S-1-5-21-2236574890-561679509-3735063344-1011 WinNT: Load - (C:\Programme\E86F1\lvvm.exe) -C:\Programme\E86F1\lvvm.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-2236574890-561679509-3735063344-1007\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-2236574890-561679509-3735063344-1011\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: Öffnen mit WordPerfect - C:\Programme\WordPerfect Office X3\Programs\WPLauncher.hta ()
O9 - Extra Button: ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Programme\ICQ7.5\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Programme\ICQ7.5\ICQ.exe (ICQ, LLC.)
O9 - Extra Button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Dokumente und Einstellungen\x\Desktop\PartyPoker.lnk ()
O9 - Extra 'Tools' menuitem : PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Dokumente und Einstellungen\ x\Desktop\PartyPoker.lnk ()
O9 - Extra Button: PokerStars.net - {FA9B9510-9FCB-4ca0-818C-5D0987B47C4D} - C:\Programme\PokerStars.NET\PokerStarsUpdate.exe (PokerStars)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - %SystemRoot%\system32\wshbth.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - %SystemRoot%\system32\wshbth.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - %SystemRoot%\system32\wshbth.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - %SystemRoot%\system32\wshbth.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - %SystemRoot%\system32\wshbth.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - %SystemRoot%\system32\wshbth.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - %SystemRoot%\system32\wshbth.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - %SystemRoot%\system32\wshbth.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - %SystemRoot%\system32\wshbth.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - %SystemRoot%\system32\wshbth.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - %SystemRoot%\system32\wshbth.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - %SystemRoot%\system32\wshbth.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - %SystemRoot%\system32\wshbth.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - %SystemRoot%\system32\wshbth.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - %SystemRoot%\system32\wshbth.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000016 - %SystemRoot%\system32\wshbth.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000017 - %SystemRoot%\system32\wshbth.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000018 - %SystemRoot%\system32\wshbth.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - %SystemRoot%\system32\wshbth.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000020 - %SystemRoot%\system32\wshbth.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000021 - %SystemRoot%\system32\wshbth.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000022 - %SystemRoot%\system32\wshbth.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000023 - %SystemRoot%\system32\wshbth.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000024 - %SystemRoot%\system32\wshbth.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000025 - %SystemRoot%\system32\wshbth.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000026 - %SystemRoot%\system32\wshbth.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000027 - %SystemRoot%\system32\wshbth.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000028 - %SystemRoot%\system32\wshbth.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000029 - %SystemRoot%\system32\wshbth.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000030 - %SystemRoot%\system32\wshbth.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000031 - %SystemRoot%\system32\wshbth.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000032 - %SystemRoot%\system32\wshbth.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000033 - %SystemRoot%\system32\wshbth.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000034 - %SystemRoot%\system32\wshbth.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000035 - %SystemRoot%\system32\wshbth.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000036 - %SystemRoot%\system32\wshbth.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000037 - %SystemRoot%\system32\wshbth.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000038 - %SystemRoot%\system32\wshbth.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000039 - %SystemRoot%\system32\wshbth.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000040 - %SystemRoot%\system32\wshbth.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000041 - %SystemRoot%\system32\wshbth.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000042 - %SystemRoot%\system32\wshbth.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000043 - %SystemRoot%\system32\wshbth.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000044 - %SystemRoot%\system32\wshbth.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000045 - %SystemRoot%\system32\wshbth.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000046 - %SystemRoot%\system32\wshbth.dll File not found
O15 - HKU\S-1-5-21-2236574890-561679509-3735063344-1007\..Trusted Domains: qword.com ([]* in Trusted sites)
O15 - HKU\S-1-5-21-2236574890-561679509-3735063344-1011\..Trusted Domains: qword.com ([]* in Vertrauenswürdige Sites)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {8EB3FF4E-86A1-4717-884D-7BA2D38272CB} file://C:\F-Secure\ols\cd-db\fscax.cab (F-Secure Online Scanner)
O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: Microsoft XML Parser for Java file://C:\WINDOWS\Java\classes\xmldso.cab (Reg Error: Key error.)
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O20 - AppInit_DLLs: (C:\PROGRA~1\SEARCH~1\SEARCH~1\datamngr.dll) -C:\Programme\SearchCore for Browsers\SearchCore for Browsers\datamngr.dll (Bandoo Media, inc)
O20 - AppInit_DLLs: (C:\PROGRA~1\SEARCH~1\SEARCH~1\IEBHO.dll) -C:\Programme\SearchCore for Browsers\SearchCore for Browsers\IEBHO.dll (Bandoo Media, inc)
O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) -C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - HKU\S-1-5-21-2236574890-561679509-3735063344-1007 Winlogon: Shell - (explorer.exe) -C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKU\S-1-5-21-2236574890-561679509-3735063344-1007 Winlogon: Shell - (C:\Dokumente und Einstellungen\x\Anwendungsdaten\281E8\00001.exe) -C:\Dokumente und Einstellungen\x\Anwendungsdaten\281E8\00001.exe ()
O20 - HKU\S-1-5-21-2236574890-561679509-3735063344-1011 Winlogon: Shell - (explorer.exe) -C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKU\S-1-5-21-2236574890-561679509-3735063344-1011 Winlogon: Shell - (C:\Dokumente und Einstellungen\x\Anwendungsdaten\281E8\00001.exe) - File not found
O24 - Desktop Components:0 (Die derzeitige Homepage) - About:Home
O24 - Desktop WallPaper: C:\Dokumente und Einstellungen\x\Lokale Einstellungen\Anwendungsdaten\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Dokumente und Einstellungen\x\Lokale Einstellungen\Anwendungsdaten\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.08.21 20:53:05 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{207a2beb-e777-11df-84b4-00038a000015}\Shell\AutoRun\command - "" = K:\InstallTomTomHOME.exe
O33 - MountPoints2\{3ffb4be8-8ffd-11de-8229-00038a000015}\Shell - "" = AutoRun
O33 - MountPoints2\{3ffb4be8-8ffd-11de-8229-00038a000015}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{3ffb4be8-8ffd-11de-8229-00038a000015}\Shell\AutoRun\command - "" = E:\AutoRun.exe
O33 - MountPoints2\{3ffb4bea-8ffd-11de-8229-00038a000015}\Shell - "" = AutoRun
O33 - MountPoints2\{3ffb4bea-8ffd-11de-8229-00038a000015}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{3ffb4bea-8ffd-11de-8229-00038a000015}\Shell\AutoRun\command - "" = E:\AutoRun.exe
O33 - MountPoints2\{69266794-1f24-11df-82f5-00038a000015}\Shell - "" = AutoRun
O33 - MountPoints2\{69266794-1f24-11df-82f5-00038a000015}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{69266794-1f24-11df-82f5-00038a000015}\Shell\AutoRun\command - "" = E:\AutoRun.exe
O33 - MountPoints2\{bbc19eaa-e713-11dd-80db-0009dd501a54}\Shell - "" = AutoRun
O33 - MountPoints2\{bbc19eaa-e713-11dd-80db-0009dd501a54}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{bbc19eaa-e713-11dd-80db-0009dd501a54}\Shell\AutoRun\command - "" = E:\AutoRun.exe
O33 - MountPoints2\{da9471bc-e7af-11dd-80e1-00038a000015}\Shell - "" = AutoRun
O33 - MountPoints2\{da9471bc-e7af-11dd-80e1-00038a000015}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{da9471bc-e7af-11dd-80e1-00038a000015}\Shell\AutoRun\command - "" = E:\AutoRun.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
ActiveX: {03F998B2-0E00-11D3-A498-00104B6EB52E} - Viewpoint Media Player
ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Microsoft VM
ActiveX: {10072CEC-8CC1-11D1-986E-00A0C955B42F} - Vektorgrafik-Rendering (VML)
ActiveX: {1B00725B-C455-4DE6-BFB6-AD540AD427CD} - Viewpoint Media Player
ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - NetShow
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 6.4
ActiveX: {283807B5-2C60-11D0-A31D-00AA00B92C03} - DirectAnimation
ActiveX: {2A3320D6-C805-4280-B423-B665BDE33D8F} - Microsoft .NET Framework 1.1 Security Update (KB979906)
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {36f8ec70-c29a-11d1-b5c7-0000f8051515} - Dynamic HTML-Datenbindung für Java
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {3bf42070-b3b1-11d1-b5c5-0000f8051515} - Uniscribe
ActiveX: {411EDCF7-755D-414E-A74B-3DCD6583F589} - Microsoft .NET Framework 1.1 Service Pack 1 (KB867460)
ActiveX: {4278c270-a269-11d1-b5bf-0000f8051515} - Erweitertes Authoring
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install
ActiveX: {44BBA842-CC51-11CF-AAFA-00AA00B6015B} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT
ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - DirectShow
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f216970-c90c-11d1-b5c7-0000f8051515} - DirectAnimation Java Classes
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5945c046-1e7d-11d1-bc44-00c04fd912be} - Windows Messenger 5.1
ActiveX: {5A8D6EE0-3E18-11D0-821E-444553540000} - ICW
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7131646D-CD3C-40F4-97B9-CD9E4E6262EF} - .NET Framework
ActiveX: {73fa19d0-2d75-11d2-995d-00c04f98bbc9} - Web Folders
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install
ActiveX: {8937FCB2-2FC6-4FC3-9FB5-DE2C92DB9C38} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\WINDOWS\system32\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - c:\WINDOWS\system32\Rundll32.exe c:\WINDOWS\system32\mscories.dll,Install
ActiveX: {8b15971b-5355-4c82-8c07-7e181ea07608} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\fxsocm.inf,Fax.UnInstall.PerUser
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {94de52c8-2d59-4f1b-883e-79663d2d9a8c} - rundll32.exe C:\WINDOWS\system32\Setup\FxsOcm.dll,XP_UninstallProvider
ActiveX: {C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F} - .NET Framework
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} - .NET Framework
ActiveX: {CC2A9BA0-3BDD-11D0-821E-444553540000} - Taskplaner
ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1
ActiveX: {D27CDB6E-AE6D-11cf-96B8-444553540000} - Adobe Flash Player
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: {EFCE7BE0-510E-4932-9475-F44CD90DE16A} - Microsoft .NET Framework 1.1 Security Update (KB2572067)
ActiveX: <{12d0ed0d-0ee0-4f90-8827-78cefb8f4988} - C:\WINDOWS\system32\ieudinit.exe
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\WINDOWS\inf\unregmp2.exe /HideWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - %systemroot%\system32\shmgrate.exe OCInstallUserConfigIE
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP
ActiveX: >{881dd1c5-3dcf-431b-b061-f3f88e8be88a} - %systemroot%\system32\shmgrate.exe OCInstallUserConfigOE
NetSvcs: 6to4 - File not found
NetSvcs: AppMgmt - File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Nla - C:\WINDOWS\system32\mswsock.dll ()
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: UxTuneUp - C:\WINDOWS\system32\uxtuneup.dll (TuneUp Software)
NetSvcs: WmdmPmSp - File not found
MsConfig - StartUpFolder: C:^Dokumente und Einstellungen^All Users^Startmenü^Programme^Autostart^F-Secure 2006 OEM.lnk - - File not found
MsConfig - StartUpReg: Alcmtr - hkey= - key= - C:\WINDOWS\ALCMTR.EXE (Realtek Semiconductor Corp.)
MsConfig - StartUpReg: AOLDialer - hkey= - key= - C:\Programme\Gemeinsame Dateien\aol\ACS\AOLDial.exe (America Online, Inc)
MsConfig - StartUpReg: Corel Photo Downloader - hkey= - key= - C:\Programme\Corel\Corel Photo Album 6\MediaDetect.exe (Corel, Inc.)
MsConfig - StartUpReg: CTFMON.EXE - hkey= - key= - File not found
MsConfig - StartUpReg: F-Secure Manager - hkey= - key= - File not found
MsConfig - StartUpReg: F-Secure Startup Wizard - hkey= - key= - File not found
MsConfig - StartUpReg: F-Secure TNB - hkey= - key= - File not found
MsConfig - StartUpReg: ISUSPM Startup - hkey= - key= - C:\Programme\Gemeinsame Dateien\InstallShield\UpdateService\isuspm.exe (Macrovision Corporation)
MsConfig - StartUpReg: ISUSScheduler - hkey= - key= - C:\Programme\Gemeinsame Dateien\InstallShield\UpdateService\issch.exe (Macrovision Corporation)
MsConfig - StartUpReg: MSMSGS - hkey= - key= - C:\Programme\Messenger\Msmsgs.exe (Microsoft Corporation)
MsConfig - StartUpReg: Muscbrigade - hkey= - key= - c:\Musicbrigade\Musicbrigade.exe ( )
MsConfig - StartUpReg: NeroFilterCheck - hkey= - key= - File not found
MsConfig - StartUpReg: NvCplDaemon - hkey= - key= - File not found
MsConfig - StartUpReg: NvMediaCenter - hkey= - key= - File not found
MsConfig - StartUpReg: nwiz - hkey= - key= - File not found
MsConfig - StartUpReg: QuickFinder Scheduler - hkey= - key= - C:\Programme\WordPerfect Office X3\Programs\QFSCHD130.EXE (Corel Corporation)
MsConfig - StartUpReg: QuickTime Task - hkey= - key= - C:\Programme\QuickTime\qttask.exe (Apple Inc.)
MsConfig - StartUpReg: RoxioDragToDisc - hkey= - key= - C:\Programme\Roxio\WinOnCD 8\Drag to Disc\DrgToDsc.exe (Sonic Solutions)
MsConfig - StartUpReg: RoxWatchTray - hkey= - key= - C:\Programme\Gemeinsame Dateien\Roxio Shared\SharedCOM8\RoxWatchTray.exe ()
MsConfig - StartUpReg: RTHDCPL - hkey= - key= - C:\WINDOWS\RTHDCPL.EXE (Realtek Semiconductor Corp.)
MsConfig - StartUpReg: SkyTel - hkey= - key= - C:\WINDOWS\SkyTel.exe (Realtek Semiconductor Corp.)
MsConfig - StartUpReg: Sony Ericsson PC Suite - hkey= - key= - File not found
MsConfig - StartUpReg: Verknüpfung mit der High Definition Audio-Eigenschaftenseite - hkey= - key= - File not found
MsConfig - State: "system.ini" - 0
MsConfig - State: "win.ini" - 0
MsConfig - State: "bootini" - 0
MsConfig - State: "services" - 0
MsConfig - State: "startup" - 1
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
========== Files/Folders - Created Within 30 Days ==========
File not found -- C:\WINDOWS\System32\
[2011.12.23 22:27:37 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\x\Anwendungsdaten\searchqutoolbar
[2011.12.23 22:21:12 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\x\Anwendungsdaten\Avira
[2011.12.23 22:19:10 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\x\Anwendungsdaten\281E8
[2011.12.23 20:52:27 | 000,065,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\serial.sys
[2011.12.22 22:29:26 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\LocalService\Anwendungsdaten\Sun
[2011.12.22 00:10:19 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\LocalService\Anwendungsdaten\Macromedia
[2011.12.21 18:07:08 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\NetworkService\Anwendungsdaten\Macromedia
[2011.12.21 18:04:33 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\NetworkService\Anwendungsdaten\Adobe
[2011.12.21 17:02:52 | 000,000,000 | ---D | C] -- C:\Programme\E86F1
[2011.12.21 17:00:52 | 000,000,000 | ---D | C] -- C:\Programme\LP
[2010.11.03 19:42:51 | 000,148,736 | ---- | C] (Avanquest Software) -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\hpe1E.dll
[2009.02.12 21:04:07 | 000,053,248 | ---- | C] ( ) -- C:\WINDOWS\System32\csnp325.dll
[2008.07.15 18:35:51 | 002,203,648 | ---- | C] (Bibliographisches Institut & F. A. Brockhaus AG) -- C:\Programme\officebib.exe
[2008.07.15 18:35:39 | 000,499,712 | ---- | C] (Microsoft Corporation) -- C:\Programme\msvcp71.dll
[2008.07.15 18:35:39 | 000,348,160 | ---- | C] (Microsoft Corporation) -- C:\Programme\msvcr71.dll
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[13 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
File not found -- C:\WINDOWS\System32\
[2011.12.23 22:31:48 | 000,000,116 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2011.12.23 22:29:47 | 000,000,000 | ---- | M] () -- C:\Dokumente und Einstellungen\x\defogger_reenable
[2011.12.23 22:18:55 | 000,206,444 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
[2011.12.23 22:18:40 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011.12.23 16:00:25 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011.12.23 16:00:14 | 2146,029,568 | -HS- | M] () -- C:\hiberfil.sys
[2011.12.22 22:29:26 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2011.12.19 17:23:11 | 000,001,715 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Adobe Reader 9.lnk
[2011.12.14 23:24:04 | 000,683,312 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2011.12.14 20:30:04 | 000,001,393 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2011.12.12 13:18:54 | 000,001,682 | -HS- | M] () -- C:\WINDOWS\System32\KGyGaAvL.sys
[2011.12.10 15:20:04 | 000,054,156 | -H-- | M] () -- C:\WINDOWS\QTFont.qfn
[2011.12.10 15:20:04 | 000,001,409 | ---- | M] () -- C:\WINDOWS\QTFont.for
[2011.12.10 13:30:42 | 000,134,856 | ---- | M] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avipbb.sys
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[13 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
========== Files Created - No Company Name ==========
[2011.12.23 22:29:47 | 000,000,000 | ---- | C] () -- C:\Dokumente und Einstellungen\x\defogger_reenable
[2011.12.10 15:20:04 | 000,054,156 | -H-- | C] () -- C:\WINDOWS\QTFont.qfn
[2011.12.10 15:20:04 | 000,001,409 | ---- | C] () -- C:\WINDOWS\QTFont.for
[2011.10.16 23:26:48 | 000,000,127 | ---- | C] () -- C:\WINDOWS\System32\MRT.INI
[2011.08.11 23:36:25 | 000,488,784 | ---- | C] () -- C:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\Anwendungsdaten\FontCache3.0.0.0.dat
[2011.01.01 18:25:20 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2010.04.18 09:44:02 | 000,306,688 | ---- | C] () -- C:\WINDOWS\Uninstall Spielesammlung.exe
[2010.04.18 09:43:57 | 000,000,399 | ---- | C] () -- C:\WINDOWS\Uninstall Spielesammlung.ini
[2010.03.08 14:48:10 | 000,000,425 | ---- | C] () -- C:\WINDOWS\BRWMARK.INI
[2010.03.08 14:43:56 | 000,000,050 | ---- | C] () -- C:\WINDOWS\System32\bridf08b.dat
[2010.03.08 14:40:59 | 000,031,864 | ---- | C] () -- C:\WINDOWS\maxlink.ini
[2009.11.27 12:59:01 | 000,000,085 | -HS- | C] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\.zreglib
[2009.07.14 17:15:00 | 000,178,432 | ---- | C] () -- C:\WINDOWS\System32\xlive.dll.cat
[2009.07.04 18:53:50 | 000,000,000 | ---- | C] () -- C:\WINDOWS\popcreg.dat
[2009.07.04 17:54:03 | 000,000,025 | ---- | C] () -- C:\WINDOWS\popcinfot.dat
[2009.06.10 17:33:00 | 001,580,550 | ---- | C] () -- C:\WINDOWS\System32\nvdata.bin
[2009.06.10 07:29:34 | 001,724,416 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll
[2009.06.10 07:29:34 | 001,657,376 | ---- | C] () -- C:\WINDOWS\System32\nwiz.exe
[2009.06.10 07:29:34 | 001,101,824 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll
[2009.06.10 07:29:34 | 000,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll
[2009.06.10 07:29:34 | 000,449,056 | ---- | C] () -- C:\WINDOWS\System32\nvappbar.exe
[2009.06.10 07:29:34 | 000,436,768 | ---- | C] () -- C:\WINDOWS\System32\keystone.exe
[2009.06.10 07:29:32 | 001,507,328 | ---- | C] () -- C:\WINDOWS\System32\nview.dll
[2009.05.26 17:24:33 | 000,000,017 | ---- | C] () -- C:\WINDOWS\popcinfo.dat
[2009.04.19 19:02:55 | 000,000,044 | ---- | C] () -- C:\WINDOWS\memo.INI
[2009.04.12 13:16:29 | 000,000,000 | ---- | C] () -- C:\WINDOWS\iPlayer.INI
[2009.02.12 21:04:14 | 000,020,480 | ---- | C] () -- C:\WINDOWS\FixCamera.exe
[2009.02.12 09:40:25 | 000,001,755 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\QTSBandwidthCache
[2009.02.01 15:30:15 | 000,001,682 | -HS- | C] () -- C:\WINDOWS\System32\KGyGaAvL.sys
[2009.01.13 17:02:13 | 000,000,098 | ---- | C] () -- C:\WINDOWS\WirelessFTP.INI
[2009.01.09 19:20:36 | 000,000,054 | ---- | C] () -- C:\WINDOWS\G403gl_K.INI
[2008.12.27 12:57:01 | 000,000,000 | ---- | C] () -- C:\WINDOWS\tosOBEX.INI
[2008.10.16 16:55:05 | 000,000,054 | ---- | C] () -- C:\WINDOWS\G403ph_K.INI
[2008.10.07 08:13:22 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelTraditionalChinese.dll
[2008.10.07 08:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSwedish.dll
[2008.10.07 08:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSpanish.dll
[2008.10.07 08:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSimplifiedChinese.dll
[2008.10.07 08:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelPortugese.dll
[2008.10.07 08:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelKorean.dll
[2008.10.07 08:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelJapanese.dll
[2008.10.07 08:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelGerman.dll
[2008.10.07 08:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelFrench.dll
[2008.08.03 14:13:34 | 000,281,760 | ---- | C] () -- C:\WINDOWS\System32\drivers\atksgt.sys
[2008.08.03 14:13:34 | 000,025,888 | ---- | C] () -- C:\WINDOWS\System32\drivers\lirsgt.sys
[2008.07.15 18:37:34 | 000,000,091 | ---- | C] () -- C:\Programme\pclib.stp
[2008.07.15 18:36:19 | 000,010,701 | ---- | C] () -- C:\Programme\Mobile.html
[2008.07.15 18:36:19 | 000,001,605 | ---- | C] () -- C:\Programme\officebib.ini
[2008.07.15 18:36:19 | 000,000,034 | ---- | C] () -- C:\Programme\PC_BIB.FI
[2008.07.15 18:36:19 | 000,000,031 | ---- | C] () -- C:\Programme\PC_BIB.HIC
[2008.07.15 18:36:19 | 000,000,015 | ---- | C] () -- C:\Programme\PC_BIB.INF
[2008.07.15 18:36:18 | 000,000,009 | ---- | C] () -- C:\Programme\PC-BIB.INF
[2008.07.15 18:36:17 | 000,001,425 | R--- | C] () -- C:\Programme\SUFFIX.RUS
[2008.07.15 18:36:17 | 000,000,144 | R--- | C] () -- C:\Programme\SUFFIX.FRA
[2008.07.15 18:36:17 | 000,000,113 | R--- | C] () -- C:\Programme\SUFFIX.ITA
[2008.07.15 18:36:17 | 000,000,056 | R--- | C] () -- C:\Programme\SUFFIX.ESN
[2008.07.15 18:36:17 | 000,000,044 | R--- | C] () -- C:\Programme\SUFFIX.ENU
[2008.07.15 18:36:15 | 004,755,456 | ---- | C] () -- C:\Programme\qt-mt333.dll
[2008.07.15 18:35:55 | 000,323,584 | ---- | C] () -- C:\Programme\PCLib.exe
[2008.07.15 18:35:55 | 000,000,359 | R--- | C] () -- C:\Programme\PHONEM.ITA
[2008.07.15 18:35:55 | 000,000,313 | R--- | C] () -- C:\Programme\PHONEM.FRA
[2008.07.15 18:35:55 | 000,000,304 | R--- | C] () -- C:\Programme\PHONEM.DEU
[2008.07.15 18:35:55 | 000,000,303 | R--- | C] () -- C:\Programme\PHONEM.ESN
[2008.07.15 18:35:55 | 000,000,161 | R--- | C] () -- C:\Programme\PHONEM.ENU
[2008.07.15 18:35:55 | 000,000,130 | R--- | C] () -- C:\Programme\PHONEM.RUS
[2008.07.15 18:35:54 | 000,176,128 | ---- | C] () -- C:\Programme\PAGOFFBIB.dll
[2008.07.15 18:35:53 | 000,040,960 | ---- | C] () -- C:\Programme\oleacc.dll
[2008.07.15 18:35:53 | 000,026,794 | ---- | C] () -- C:\Programme\officebib_de.qm
[2008.07.15 18:35:40 | 000,761,045 | ---- | C] () -- C:\Programme\obres.bof
[2008.07.15 18:35:40 | 000,258,984 | ---- | C] () -- C:\Programme\ob4-win.chm
[2008.07.15 18:35:40 | 000,102,400 | ---- | C] () -- C:\Programme\obres.fsi
[2008.07.15 18:35:40 | 000,004,216 | ---- | C] () -- C:\Programme\obres.idx
[2008.07.15 18:35:40 | 000,004,176 | ---- | C] () -- C:\Programme\obres.dat
[2008.07.15 18:35:38 | 000,389,120 | ---- | C] () -- C:\Programme\assistant.exe
[2008.07.15 18:35:38 | 000,107,008 | ---- | C] () -- C:\Programme\bib.dll
[2008.07.15 18:35:38 | 000,013,071 | ---- | C] () -- C:\Programme\assistant_de.qm
[2008.07.15 18:35:37 | 000,049,152 | ---- | C] () -- C:\Programme\KDHook.dll
[2008.07.15 18:35:37 | 000,045,056 | ---- | C] () -- C:\Programme\KDMod.dll
[2008.07.15 18:35:37 | 000,032,768 | ---- | C] () -- C:\Programme\kapkey.dll
[2008.07.15 18:35:35 | 000,266,310 | ---- | C] () -- C:\Programme\ActivePG.dll
[2008.06.05 08:58:26 | 000,197,912 | ---- | C] () -- C:\WINDOWS\System32\physxcudart_20.dll
[2008.05.03 04:46:00 | 000,286,720 | ---- | C] () -- C:\WINDOWS\System32\nvnt4cpl.dll
[2008.01.28 17:21:51 | 000,135,168 | ---- | C] () -- C:\WINDOWS\System32\TXTUSER.EXE
[2008.01.15 15:51:27 | 000,000,054 | ---- | C] () -- C:\WINDOWS\G403bi_K.INI
[2008.01.15 15:19:29 | 000,350,208 | ---- | C] () -- C:\WINDOWS\System32\Rivet200.dll
[2008.01.15 15:13:24 | 000,000,054 | ---- | C] () -- C:\WINDOWS\G403me_K.INI
[2008.01.15 15:06:04 | 000,000,011 | ---- | C] () -- C:\WINDOWS\G403co_K.INI
[2007.10.02 18:00:56 | 000,000,057 | ---- | C] () -- C:\WINDOWS\System32\Eisbaer.ini
[2007.10.02 17:58:16 | 000,183,040 | ---- | C] () -- C:\WINDOWS\PI.EXE
[2007.07.08 18:04:39 | 000,000,151 | ---- | C] () -- C:\WINDOWS\PhotoSnapViewer.INI
[2007.04.17 15:29:55 | 000,006,550 | ---- | C] () -- C:\WINDOWS\jautoexp.dat
[2007.04.17 15:18:23 | 000,027,136 | ---- | C] () -- C:\WINDOWS\System32\QTUninst.dll
[2007.04.17 15:17:50 | 000,056,832 | ---- | C] () -- C:\WINDOWS\System32\Iyvu9_32.dll
[2007.04.17 15:16:15 | 000,000,054 | ---- | C] () -- C:\WINDOWS\G403ma_K.INI
[2007.04.17 15:15:43 | 000,375,296 | ---- | C] () -- C:\WINDOWS\System32\tx32.dll
[2007.04.17 15:15:42 | 000,000,202 | ---- | C] () -- C:\WINDOWS\System32\IC32.INI
[2007.02.10 11:46:39 | 000,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2007.02.09 20:10:28 | 000,021,840 | ---- | C] () -- C:\WINDOWS\System32\SIntfNT.dll
[2007.02.09 20:10:28 | 000,017,212 | ---- | C] () -- C:\WINDOWS\System32\SIntf32.dll
[2007.02.09 20:10:28 | 000,012,067 | ---- | C] () -- C:\WINDOWS\System32\SIntf16.dll
[2007.01.06 14:22:00 | 000,002,048 | ---- | C] () -- C:\WINDOWS\PC-BIB.DAT
[2007.01.06 14:21:56 | 000,000,019 | ---- | C] () -- C:\WINDOWS\BTB.INI
[2007.01.06 14:20:31 | 000,000,000 | ---- | C] () -- C:\WINDOWS\PROTOCOL.INI
[2006.12.27 23:49:31 | 000,000,335 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2006.11.20 15:08:53 | 000,091,648 | ---- | C] () -- C:\Dokumente und Einstellungen\x\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2006.11.19 15:39:00 | 000,000,402 | ---- | C] () -- C:\WINDOWS\LEXSTAT.INI
[2006.11.15 18:16:16 | 000,073,728 | ---- | C] () -- C:\WINDOWS\off-road-uninst.exe
[2006.09.10 15:05:21 | 000,000,000 | ---- | C] () -- C:\WINDOWS\Textart.INI
[2006.09.06 17:57:04 | 000,000,000 | ---- | C] () -- C:\WINDOWS\mngui.INI
[2006.09.06 13:52:44 | 000,000,143 | ---- | C] () -- C:\Dokumente und Einstellungen\x\Lokale Einstellungen\Anwendungsdaten\fusioncache.dat
[2006.09.06 11:56:14 | 000,010,240 | ---- | C] () -- C:\WINDOWS\System32\vidx16.dll
[2006.09.05 16:55:41 | 000,039,039 | ---- | C] () -- C:\WINDOWS\System32\compare.dat
[2006.08.21 22:09:24 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2006.08.21 22:05:09 | 000,000,059 | ---- | C] () -- C:\WINDOWS\WININIT.INI
[2006.08.21 21:47:46 | 000,204,800 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeW7.dll
[2006.08.21 21:47:46 | 000,200,704 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeA6.dll
[2006.08.21 21:47:46 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeP6.dll
[2006.08.21 21:47:46 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeM6.dll
[2006.08.21 21:47:46 | 000,188,416 | ---- | C] () -- C:\WINDOWS\System32\IVIresizePX.dll
[2006.08.21 21:47:46 | 000,020,480 | ---- | C] () -- C:\WINDOWS\System32\IVIresize.dll
[2006.08.21 21:46:39 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2006.08.21 21:46:18 | 000,019,968 | ---- | C] () -- C:\WINDOWS\System32\cpuinf32.dll
[2006.08.21 21:45:57 | 000,683,312 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2006.08.21 21:44:01 | 000,002,856 | ---- | C] () -- C:\WINDOWS\mgxoschk.ini
[2006.08.21 21:43:22 | 000,000,180 | ---- | C] () -- C:\WINDOWS\Option.ini
[2006.08.21 21:36:35 | 000,000,941 | ---- | C] () -- C:\WINDOWS\orun32.ini
[2006.08.21 20:55:56 | 000,000,778 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini
[2006.08.21 20:54:46 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2006.08.21 20:51:27 | 000,021,740 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2006.08.21 16:41:58 | 001,346,080 | ---- | C] () -- C:\WINDOWS\System32\nvdspsch.exe
[2006.08.21 16:35:26 | 000,460,762 | ---- | C] () -- C:\WINDOWS\System32\perfh007.dat
[2006.08.21 16:35:26 | 000,269,480 | ---- | C] () -- C:\WINDOWS\System32\perfi007.dat
[2006.08.21 16:35:26 | 000,085,626 | ---- | C] () -- C:\WINDOWS\System32\perfc007.dat
[2006.08.21 16:35:26 | 000,034,478 | ---- | C] () -- C:\WINDOWS\System32\perfd007.dat
[2006.08.21 16:35:22 | 000,442,894 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2006.08.21 16:35:22 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2006.08.21 16:35:22 | 000,072,160 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2006.08.21 16:35:22 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2006.08.21 16:35:22 | 000,004,711 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2006.08.21 16:35:22 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2006.08.21 16:35:21 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2006.08.21 16:35:21 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2006.08.21 16:35:20 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2006.08.21 16:35:20 | 000,247,296 | ---- | C] () -- C:\WINDOWS\System32\mswsock.dll
[2006.08.21 16:35:20 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2006.08.21 16:35:19 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2006.08.21 16:35:17 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin
[2006.03.31 10:22:50 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini
[2005.11.14 13:40:28 | 000,204,800 | ---- | C] () -- C:\WINDOWS\System32\CddbFileTaggerRoxio.dll
[2004.12.02 15:20:18 | 000,114,688 | ---- | C] () -- C:\WINDOWS\System32\TosBtAcc.dll
[2004.09.22 10:09:06 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\TosCommAPI.dll
[2004.07.20 17:04:02 | 000,094,208 | ---- | C] () -- C:\WINDOWS\System32\TosBtHcrpAPI.dll
[2004.01.15 14:43:28 | 000,114,688 | ---- | C] () -- C:\WINDOWS\System32\TBTMonUI.dll
[2003.07.29 15:33:26 | 000,061,440 | ---- | C] () -- C:\WINDOWS\System32\TosHidAPI.dll
========== LOP Check ==========
[2009.06.06 16:06:15 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Armagetron
[2009.02.16 20:59:47 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Avanquest Bluetooth SDK
[2011.10.02 23:16:50 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\boost_interprocess
[2006.09.05 18:03:57 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Borland
[2008.12.14 13:23:38 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\BVRP Software
[2010.02.09 19:59:42 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Codemasters
[2010.08.07 13:32:33 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Electronic Arts
[2009.08.05 16:02:55 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\FarmFrenzy2
[2011.01.16 18:38:34 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\FarmFrenzy3
[2011.08.21 13:56:56 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Fighters
[2010.12.11 20:33:32 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Gogii
[2011.05.30 18:13:35 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\ICQ
[2010.12.17 16:15:28 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\IntDreams
[2011.01.16 17:33:03 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Intenium
[2006.08.21 21:47:15 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\MAGIX
[2011.01.16 18:44:35 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Mushroom Age
[2010.06.01 18:44:32 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Newsoft
[2009.07.02 20:31:59 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\PlayFirst
[2011.01.16 19:03:48 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Playrix Entertainment
[2009.07.01 19:53:13 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\PopCap Games
[2010.03.15 19:32:08 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\ScanSoft
[2009.06.03 19:50:13 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\ScreenSeven
[2008.10.27 12:09:56 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\SpieleEntwicklungsKombinat
[2009.02.17 22:34:26 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\SweetIM
[2007.09.18 14:32:32 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Tandem
[2009.07.02 20:31:53 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TEMP
[2010.11.03 19:48:03 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TomTom
[2011.09.11 15:23:01 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TuneUp Software
[2008.12.25 10:15:46 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Viewpoint
[2009.01.10 17:55:58 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\WEBDE
[2010.03.11 14:15:44 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Zeon
[2009.05.26 16:41:07 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Zylom
[2011.09.11 15:21:21 | 000,000,000 | -HSD | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\{24036256-BFDB-4CD3-BE8A-A3D6160F2E16}
[2009.01.10 13:47:41 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\LocalService\Anwendungsdaten\SmartSurfer
[2011.04.19 16:22:37 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\x\Anwendungsdaten\.minecraft
[2011.12.23 22:25:52 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\x\Anwendungsdaten\281E8
[2010.07.10 18:57:59 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\ x\Anwendungsdaten\AlienDominion
[2009.06.06 16:20:43 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\x\Anwendungsdaten\Armagetron
[2010.02.12 16:30:36 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\x\Anwendungsdaten\Atari
[2009.07.07 18:13:49 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\x\Anwendungsdaten\BlackBean
[2010.04.10 11:02:37 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\x\Anwendungsdaten\casanova
[2007.02.26 18:40:49 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\x\Anwendungsdaten\F-Secure
[2007.08.13 12:01:56 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\x\Anwendungsdaten\Gearbox Software
[2011.09.20 15:52:04 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\x\Anwendungsdaten\ICQ
[2006.09.20 14:29:58 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\x\Anwendungsdaten\InterVideo
[2010.08.25 19:25:08 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\x\Anwendungsdaten\LG Electronics
[2008.04.18 15:52:47 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\x\Anwendungsdaten\MAGIX
[2007.11.30 18:29:45 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\x\Anwendungsdaten\Micrografx
[2010.04.10 14:54:07 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\x\Anwendungsdaten\monsterz
[2010.04.18 10:10:37 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\x\Anwendungsdaten\naev
[2010.04.10 10:40:05 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\x\Anwendungsdaten\Neverball
[2011.04.06 15:56:21 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\x\Anwendungsdaten\Nicalis
[2010.12.11 20:32:24 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\x\Anwendungsdaten\PeaceCraft2
[2008.11.17 17:48:19 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\x\Anwendungsdaten\PipeMania
[2009.07.02 20:31:59 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\x\Anwendungsdaten\PlayFirst
[2010.04.10 09:55:59 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\x\Anwendungsdaten\pokerth
[2011.09.07 22:23:53 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\x\Anwendungsdaten\PriceGong
[2009.05.21 08:18:04 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\x\Anwendungsdaten\ProtectDisc
[2009.08.08 08:15:15 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\x\Anwendungsdaten\Red Alert 3 Demo
[2010.01.10 14:34:51 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\x\Anwendungsdaten\runic games
[2010.03.13 11:11:19 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\x\Anwendungsdaten\ScanSoft
[2010.12.11 20:06:57 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\x\Anwendungsdaten\ScreenSeven
[2011.12.23 22:27:37 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\x\Anwendungsdaten\searchqutoolbar
[2009.01.10 17:55:46 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\x\Anwendungsdaten\SmartSurfer
[2010.04.18 10:16:35 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Tx\Anwendungsdaten\smc
[2008.10.27 12:28:58 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\x\Anwendungsdaten\SpieleEntwicklungsKombinat
[2007.07.08 08:14:04 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\x\Anwendungsdaten\Teleca
[2009.05.21 08:36:05 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\x\Anwendungsdaten\The Games Company
[2011.09.11 15:22:09 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\x\Anwendungsdaten\TuneUp Software
[2011.06.16 19:02:58 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\x\Anwendungsdaten\Uniblue
[2009.01.10 17:55:58 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\x\Anwendungsdaten\WEBDE
[2009.01.10 18:04:57 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\x\Anwendungsdaten\Wildlife Park 2
[2010.12.11 22:14:26 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\x\Anwendungsdaten\World-Loom
[2010.03.13 11:11:28 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\x\Anwendungsdaten\Zeon
[2009.05.26 16:41:09 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\x\Anwendungsdaten\Zylom
========== Purity Check ==========
========== Custom Scans ==========
< %SYSTEMDRIVE%\*. >
[2010.09.01 17:52:08 | 000,000,000 | ---D | M] -- C:\100 Gratisspiele
[2009.06.03 10:56:36 | 000,000,000 | ---D | M] -- C:\16dfd0d233123350ad44d32bc529f0
[2009.08.23 22:27:29 | 000,000,000 | ---D | M] -- C:\6a894e323600ceb2fffe13
[2009.12.13 19:31:44 | 000,000,000 | ---D | M] -- C:\811c4f7649811792144d
[2009.11.28 13:29:12 | 000,000,000 | ---D | M] -- C:\CloneDVDTemp
[2011.12.19 17:23:33 | 000,000,000 | -HSD | M] -- C:\Config.Msi
[2006.09.05 16:55:56 | 000,000,000 | ---D | M] -- C:\Corel_Office
[2008.08.10 20:06:44 | 000,000,000 | ---D | M] -- C:\d107d07baa984e953cdf
[2011.05.22 01:59:33 | 000,000,000 | ---D | M] -- C:\d3f22db24717164146b86bf8
[2009.05.15 17:45:50 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen
[2010.11.11 18:37:34 | 000,000,000 | ---D | M] -- C:\E-Zsoft
[2008.08.10 20:08:00 | 000,000,000 | ---D | M] -- C:\e13162b5f024cdd15071
[2006.09.05 16:55:56 | 000,000,000 | ---D | M] -- C:\F-Secure
[2009.02.01 17:32:46 | 000,000,000 | ---D | M] -- C:\firefox
[2006.09.05 16:55:56 | 000,000,000 | ---D | M] -- C:\FirstSteps
[2011.04.06 16:41:22 | 000,000,000 | ---D | M] -- C:\Games
[2006.12.18 14:12:43 | 000,000,000 | ---D | M] -- C:\Herdt-Verlag
[2006.09.05 16:55:56 | 000,000,000 | ---D | M] -- C:\ISP
[2009.08.08 19:31:04 | 000,000,000 | ---D | M] -- C:\LFS
[2006.08.21 21:47:10 | 000,000,000 | ---D | M] -- C:\MAGIX
[2006.09.05 16:55:56 | 000,000,000 | ---D | M] -- C:\Magix MediaSuite 2005
[2006.09.05 16:55:57 | 000,000,000 | ---D | M] -- C:\Musicbrigade
[2010.08.19 20:53:30 | 000,000,000 | -H-D | M] -- C:\My Music
[2009.08.06 15:34:35 | 000,000,000 | ---D | M] -- C:\NVIDIA
[2010.08.07 15:38:30 | 000,000,000 | ---D | M] -- C:\Program Files
[2010.08.07 13:00:51 | 000,000,000 | ---D | M] -- C:\ProgramData
[2011.12.21 17:02:52 | 000,000,000 | R--D | M] -- C:\Programme
[2006.09.05 16:55:55 | 000,000,000 | RHSD | M] -- C:\recover
[2009.08.03 14:26:00 | 000,000,000 | -HSD | M] -- C:\RECYCLER
[2006.08.21 16:34:10 | 000,000,000 | ---D | M] -- C:\SBSI
[2010.08.25 14:07:30 | 000,000,000 | ---D | M] -- C:\Sounds
[2008.12.23 20:38:42 | 000,000,000 | ---D | M] -- C:\spoolerlogs
[2011.12.23 21:02:05 | 000,000,000 | -HSD | M] -- C:\System Volume Information
[2011.03.04 20:32:22 | 000,000,000 | ---D | M] -- C:\temp
[2006.09.05 16:55:57 | 000,000,000 | ---D | M] -- C:\VOIP_Sipgate
[2011.12.21 17:05:37 | 000,000,000 | ---D | M] -- C:\WINDOWS
[2006.12.18 14:12:43 | 000,000,000 | ---D | M] -- C:\WinOnCdBasic
< %PROGRAMFILES%\*.exe >
[2005.01.19 13:48:00 | 000,389,120 | ---- | M] () -- C:\Programme\assistant.exe
[2005.03.29 14:22:06 | 002,203,648 | ---- | M] (Bibliographisches Institut & F. A. Brockhaus AG) -- C:\Programme\officebib.exe
[2005.01.19 13:48:00 | 000,323,584 | ---- | M] () -- C:\Programme\PCLib.exe
Invalid Environment Variable: LOCALAPPDATA
< %systemroot%\*. /mp /s >
< %systemroot%\system32\*.manifest /3 >
[13 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]
< MD5 for: AFD.SYS >
[2011.08.17 14:49:54 | 000,138,496 | ---- | M] (Microsoft Corporation) MD5=1E44BC1E83D8FD2305F8D452DB109CF9 -- C:\WINDOWS\system32\dllcache\afd.sys
[2011.08.17 14:49:54 | 000,138,496 | ---- | M] (Microsoft Corporation) MD5=1E44BC1E83D8FD2305F8D452DB109CF9 -- C:\WINDOWS\system32\drivers\afd.sys
[2008.04.13 20:19:23 | 000,138,112 | ---- | M] (Microsoft Corporation) MD5=322D0E36693D6E24A2398BEE62A268CD -- C:\WINDOWS\$NtUninstallKB951748$\afd.sys
[2008.04.13 20:19:23 | 000,138,112 | ---- | M] (Microsoft Corporation) MD5=322D0E36693D6E24A2398BEE62A268CD -- C:\WINDOWS\ServicePackFiles\i386\afd.sys
[2011.02.16 14:22:48 | 000,138,496 | ---- | M] (Microsoft Corporation) MD5=355556D9E580915118CD7EF736653A89 -- C:\WINDOWS\$NtUninstallKB2592799$\afd.sys
[2008.10.16 16:07:58 | 000,138,496 | ---- | M] (Microsoft Corporation) MD5=38D7B715504DA4741DF35E3594FE2099 -- C:\WINDOWS\$hf_mig$\KB2509553\SP3QFE\afd.sys
[2008.08.14 11:34:26 | 000,138,496 | ---- | M] (Microsoft Corporation) MD5=4D43E74F2A1239D53929B82600F1971C -- C:\WINDOWS\$hf_mig$\KB956803\SP3QFE\afd.sys
[2008.08.14 10:51:43 | 000,138,368 | ---- | M] (Microsoft Corporation) MD5=55E6E1C51B6D30E54335750955453702 -- C:\WINDOWS\$NtUninstallKB956803_1$\afd.sys
[2004.08.04 13:00:00 | 000,138,496 | ---- | M] (Microsoft Corporation) MD5=5AC495F4CB807B2B98AD2AD591E6D92E -- C:\recover\WINDOWS\system32\dllcache\afd.sys
[2004.08.04 13:00:00 | 000,138,496 | ---- | M] (Microsoft Corporation) MD5=5AC495F4CB807B2B98AD2AD591E6D92E -- C:\recover\WINDOWS\system32\drivers\afd.sys
[2004.08.04 13:00:00 | 000,138,496 | ---- | M] (Microsoft Corporation) MD5=5AC495F4CB807B2B98AD2AD591E6D92E -- C:\WINDOWS\$NtUninstallKB956803_0$\afd.sys
[2008.08.14 10:48:52 | 000,138,368 | ---- | M] (Microsoft Corporation) MD5=6A0397376853E604DE8E1E7A87FC08AC -- C:\WINDOWS\$hf_mig$\KB956803\SP2QFE\afd.sys
[2008.08.14 10:48:52 | 000,138,368 | ---- | M] (Microsoft Corporation) MD5=6A0397376853E604DE8E1E7A87FC08AC -- C:\WINDOWS\$NtServicePackUninstall$\afd.sys
[2008.10.16 15:43:01 | 000,138,496 | ---- | M] (Microsoft Corporation) MD5=7618D5218F2A614672EC61A80D854A37 -- C:\WINDOWS\$NtUninstallKB2503665$\afd.sys
[2008.08.14 11:04:36 | 000,138,496 | ---- | M] (Microsoft Corporation) MD5=7E775010EF291DA96AD17CA4B17137D7 -- C:\WINDOWS\$hf_mig$\KB956803\SP3GDR\afd.sys
[2011.02.16 14:25:05 | 000,138,496 | ---- | M] (Microsoft Corporation) MD5=8D499B1276012EB907E7A9E0F4D8FDA4 -- C:\WINDOWS\$hf_mig$\KB2503665\SP3QFE\afd.sys
[2008.06.20 12:48:03 | 000,138,496 | ---- | M] (Microsoft Corporation) MD5=D6EE6014241D034E63C49A50CB2B442A -- C:\WINDOWS\$hf_mig$\KB951748\SP3QFE\afd.sys
[2008.06.20 12:40:08 | 000,138,496 | ---- | M] (Microsoft Corporation) MD5=E3049B90FE06F3F740B7CFDA44995E2C -- C:\WINDOWS\$hf_mig$\KB951748\SP3GDR\afd.sys
[2008.06.20 12:40:08 | 000,138,496 | ---- | M] (Microsoft Corporation) MD5=E3049B90FE06F3F740B7CFDA44995E2C -- C:\WINDOWS\$NtUninstallKB956803$\afd.sys
[2011.08.17 14:41:46 | 000,138,496 | ---- | M] (Microsoft Corporation) MD5=F6B7B1ECD7B41736BDB6FF4B092BCB79 -- C:\WINDOWS\$hf_mig$\KB2592799\SP3QFE\afd.sys
< MD5 for: EXPLORER.EXE >
[2004.08.04 13:00:00 | 001,035,264 | ---- | M] (Microsoft Corporation) MD5=22FE1BE02EADDE1632E478E4125639E0 -- C:\recover\WINDOWS\$NtUninstallKB884883$\explorer.exe
[2004.08.04 13:00:00 | 001,035,264 | ---- | M] (Microsoft Corporation) MD5=22FE1BE02EADDE1632E478E4125639E0 -- C:\WINDOWS\$NtUninstallKB884883$\explorer.exe
[2008.04.14 03:22:45 | 001,036,800 | ---- | M] (Microsoft Corporation) MD5=418045A93CD87A352098AB7DABE1B53E -- C:\WINDOWS\explorer.exe
[2008.04.14 03:22:45 | 001,036,800 | ---- | M] (Microsoft Corporation) MD5=418045A93CD87A352098AB7DABE1B53E -- C:\WINDOWS\ServicePackFiles\i386\explorer.exe
[2005.04.07 19:46:59 | 001,035,264 | ---- | M] (Microsoft Corporation) MD5=64322E8399B205B7281FF883737A9B03 -- C:\recover\WINDOWS\explorer.exe
[2005.04.07 19:46:59 | 001,035,264 | ---- | M] (Microsoft Corporation) MD5=64322E8399B205B7281FF883737A9B03 -- C:\recover\WINDOWS\system32\dllcache\explorer.exe
[2005.04.07 19:46:59 | 001,035,264 | ---- | M] (Microsoft Corporation) MD5=64322E8399B205B7281FF883737A9B03 -- C:\WINDOWS\$NtServicePackUninstall$\explorer.exe
< MD5 for: IPSEC.SYS >
[2008.04.13 20:19:42 | 000,075,264 | ---- | M] (Microsoft Corporation) MD5=23C74D75E36E7158768DD63D92789A91 -- C:\WINDOWS\ServicePackFiles\i386\ipsec.sys
[2008.04.13 20:19:42 | 000,075,264 | ---- | M] (Microsoft Corporation) MD5=23C74D75E36E7158768DD63D92789A91 -- C:\WINDOWS\system32\drivers\ipsec.sys
[2004.08.04 13:00:00 | 000,074,752 | ---- | M] (Microsoft Corporation) MD5=64537AA5C003A6AFEEE1DF819062D0D1 -- C:\recover\WINDOWS\system32\dllcache\ipsec.sys
[2004.08.04 13:00:00 | 000,074,752 | ---- | M] (Microsoft Corporation) MD5=64537AA5C003A6AFEEE1DF819062D0D1 -- C:\recover\WINDOWS\system32\drivers\ipsec.sys
[2004.08.04 13:00:00 | 000,074,752 | ---- | M] (Microsoft Corporation) MD5=64537AA5C003A6AFEEE1DF819062D0D1 -- C:\WINDOWS\$NtServicePackUninstall$\ipsec.sys
< MD5 for: REGEDIT.EXE >
[2004.08.04 13:00:00 | 000,153,600 | ---- | M] (Microsoft Corporation) MD5=8193CE5FB09E83F2699FD65BBCBE2FD2 -- C:\recover\WINDOWS\I386\REGEDIT.EXE
[2004.08.04 13:00:00 | 000,153,600 | ---- | M] (Microsoft Corporation) MD5=8193CE5FB09E83F2699FD65BBCBE2FD2 -- C:\recover\WINDOWS\regedit.exe
[2004.08.04 13:00:00 | 000,153,600 | ---- | M] (Microsoft Corporation) MD5=8193CE5FB09E83F2699FD65BBCBE2FD2 -- C:\recover\WINDOWS\system32\dllcache\regedit.exe
[2004.08.04 13:00:00 | 000,153,600 | ---- | M] (Microsoft Corporation) MD5=8193CE5FB09E83F2699FD65BBCBE2FD2 -- C:\WINDOWS\$NtServicePackUninstall$\regedit.exe
[2004.08.04 13:00:00 | 000,153,600 | ---- | M] (Microsoft Corporation) MD5=8193CE5FB09E83F2699FD65BBCBE2FD2 -- C:\WINDOWS\I386\REGEDIT.EXE
[2008.04.14 03:22:58 | 000,153,600 | ---- | M] (Microsoft Corporation) MD5=AD9226BF3CED13636083BB9C76E9D2A2 -- C:\WINDOWS\regedit.exe
[2008.04.14 03:22:58 | 000,153,600 | ---- | M] (Microsoft Corporation) MD5=AD9226BF3CED13636083BB9C76E9D2A2 -- C:\WINDOWS\ServicePackFiles\i386\regedit.exe
< MD5 for: USERINIT.EXE >
[2008.04.14 03:23:03 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=788F95312E26389D596C0FA55834E106 -- C:\WINDOWS\ServicePackFiles\i386\userinit.exe
[2008.04.14 03:23:03 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=788F95312E26389D596C0FA55834E106 -- C:\WINDOWS\system32\userinit.exe
[2004.08.04 13:00:00 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=D1E53DC57143F2584B1DD53B036C0633 -- C:\recover\WINDOWS\system32\dllcache\userinit.exe
[2004.08.04 13:00:00 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=D1E53DC57143F2584B1DD53B036C0633 -- C:\recover\WINDOWS\system32\userinit.exe
[2004.08.04 13:00:00 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=D1E53DC57143F2584B1DD53B036C0633 -- C:\WINDOWS\$NtServicePackUninstall$\userinit.exe
< MD5 for: WINLOGON.EXE >
[2004.08.04 13:00:00 | 000,507,392 | ---- | M] (Microsoft Corporation) MD5=2B6A0BAF33A9918F09442D873848FF72 -- C:\recover\WINDOWS\$NtUninstallKB883529$\winlogon.exe
[2004.08.04 13:00:00 | 000,507,392 | ---- | M] (Microsoft Corporation) MD5=2B6A0BAF33A9918F09442D873848FF72 -- C:\WINDOWS\$NtUninstallKB883529$\winlogon.exe
[2004.08.25 17:59:56 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=325A82EBBD69248D75C5F831E8817D17 -- C:\recover\WINDOWS\system32\dllcache\winlogon.exe
[2004.08.25 17:59:56 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=325A82EBBD69248D75C5F831E8817D17 -- C:\recover\WINDOWS\system32\winlogon.exe
[2004.08.25 17:59:56 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=325A82EBBD69248D75C5F831E8817D17 -- C:\WINDOWS\$NtServicePackUninstall$\winlogon.exe
[2008.04.14 03:23:05 | 000,513,024 | ---- | M] (Microsoft Corporation) MD5=F09A527B422E25C478E38CAA0E44417A -- C:\WINDOWS\ServicePackFiles\i386\winlogon.exe
[2008.04.14 03:23:05 | 000,513,024 | ---- | M] (Microsoft Corporation) MD5=F09A527B422E25C478E38CAA0E44417A -- C:\WINDOWS\system32\winlogon.exe
< HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems|Windows /rs >
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems\\Kmode: %SystemRoot%\system32\win32k.sys [2011.11.23 15:40:13 | 001,859,712 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems\\Required: DebugWindows [binary data]
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems\\Windows: %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,3072,512 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ProfileControl=Off MaxRequestThreads=16
< HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU >
< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs >
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install\\LastSuccessTime: 2011-12-14 19:30:40
========== Hard Links - Junction Points - Mount Points - Symbolic Links ==========
[C:\WINDOWS\$NtUninstallKB40557$] -> Error: Cannot create file handle -> Unknown point type
========== Alternate Data Streams ==========
@Alternate Data Stream - 48 bytes -> C:\WINDOWS:82E5AD4155018770
< End of report > --- --- --- |