| SkydiverJB | 02.04.2012 16:09 |
OTL.txtOTL Logfile: Code:
OTL logfile created on: 02.04.2012 16:53:33 - Run 1
OTL by OldTimer - Version 3.2.39.2 Folder = C:\Dokumente und Einstellungen\Jörg\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
3,50 Gb Total Physical Memory | 2,86 Gb Available Physical Memory | 81,88% Memory free
5,34 Gb Paging File | 4,53 Gb Available in Paging File | 84,81% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 97,65 Gb Total Space | 56,94 Gb Free Space | 58,31% Space Free | Partition Type: NTFS
Drive D: | 368,10 Gb Total Space | 103,11 Gb Free Space | 28,01% Space Free | Partition Type: NTFS
Drive E: | 149,05 Gb Total Space | 76,00 Gb Free Space | 50,99% Space Free | Partition Type: NTFS
Computer Name: DELL-INSPIRON | User Name: Jörg | NOT logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2012.04.02 16:49:34 | 000,593,920 | ---- | M] (OldTimer Tools) -- C:\Dokumente und Einstellungen\Jörg\Desktop\OTL.exe
PRC - [2012.03.07 01:15:17 | 004,241,512 | ---- | M] (AVAST Software) -- C:\Programme\AVAST Software\Avast\AvastUI.exe
PRC - [2012.03.01 18:09:50 | 000,537,200 | ---- | M] () -- C:\Programme\Buhl finance\tax Steuersoftware 2012\taxaktuell.exe
PRC - [2011.10.14 22:35:37 | 000,100,088 | -H-- | M] () -- C:\Programme\ContourStoryteller\ContourAutoplay.exe
PRC - [2011.10.11 14:59:37 | 000,258,512 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\avgnt.exe
PRC - [2011.06.09 13:06:06 | 000,254,696 | ---- | M] (Sun Microsystems, Inc.) -- C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe
PRC - [2011.01.17 18:50:34 | 011,322,880 | ---- | M] (OpenOffice.org) -- C:\Programme\OpenOffice.org 3\program\soffice.exe
PRC - [2011.01.17 18:50:34 | 011,314,688 | ---- | M] (OpenOffice.org) -- C:\Programme\OpenOffice.org 3\program\soffice.bin
PRC - [2010.10.12 17:28:26 | 000,726,456 | ---- | M] (Citrix Systems, Inc.) -- C:\Programme\Citrix\ICA Client\wfcrun32.exe
PRC - [2010.10.12 17:24:38 | 000,304,568 | ---- | M] (Citrix Systems, Inc.) -- C:\Programme\Citrix\ICA Client\concentr.exe
PRC - [2009.09.30 21:33:44 | 000,198,160 | -H-- | M] (RealNetworks, Inc.) -- C:\Programme\Gemeinsame Dateien\Real\Update_OB\realsched.exe
PRC - [2009.07.27 11:54:46 | 001,287,680 | -H-- | M] (sw4you, Siegfried Weckmann) -- C:\Programme\Hardcopy\hardcopy.exe
PRC - [2009.02.23 19:43:12 | 000,576,000 | -H-- | M] (MagicISO, Inc.) -- C:\Programme\MagicDisc\MagicDisc.exe
PRC - [2008.04.14 04:22:45 | 001,036,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2008.04.09 10:00:54 | 000,826,880 | -H-- | M] () -- C:\Programme\dvd43\DVD43_Tray.exe
PRC - [2007.06.28 14:07:24 | 000,286,720 | ---- | M] (Dell) -- C:\Programme\Dell\MFP_DELL\deDvcStatus.exe
PRC - [2007.03.12 18:10:36 | 000,079,400 | ---- | M] (Nuance Communications, Inc.) -- C:\Programme\ScanSoft\OmniPageSE4\OpWareSE4.exe
PRC - [2007.02.20 05:10:26 | 000,282,624 | -H-- | M] (Eastman Kodak Company) -- C:\Programme\Kodak\Kodak EasyShare software\bin\EasyShare.exe
PRC - [2006.09.26 02:52:48 | 000,050,736 | ---- | M] (America Online, Inc.) -- C:\Programme\Gemeinsame Dateien\aol\1216492581\ee\aolsoftware.exe
PRC - [2004.05.10 21:05:50 | 000,156,784 | -H-- | M] (America Online, Inc.) -- C:\Programme\AOL 9.0\aoltray.exe
PRC - [2002.12.02 16:17:37 | 000,073,728 | -H-- | M] (Elaborate Bytes AG) -- C:\Programme\Elaborate Bytes\CloneCD\CloneCDTray.exe
========== Modules (No Company Name) ==========
MOD - [2012.03.01 18:09:50 | 000,537,200 | ---- | M] () -- C:\Programme\Buhl finance\tax Steuersoftware 2012\taxaktuell.exe
MOD - [2012.03.01 18:09:24 | 000,135,792 | ---- | M] () -- C:\Programme\Buhl finance\tax Steuersoftware 2012\rsodbc47.dll
MOD - [2012.03.01 18:09:21 | 000,028,672 | ---- | M] () -- C:\Programme\Buhl finance\tax Steuersoftware 2012\rsdcom47.dll
MOD - [2012.03.01 18:09:09 | 004,441,200 | ---- | M] () -- C:\Programme\Buhl finance\tax Steuersoftware 2012\wauff12.dll
MOD - [2012.03.01 18:09:01 | 001,965,168 | ---- | M] () -- C:\Programme\Buhl finance\tax Steuersoftware 2012\wfvie12.dll
MOD - [2012.03.01 18:06:04 | 001,616,496 | ---- | M] () -- C:\Programme\Buhl finance\tax Steuersoftware 2012\wreli12.dll
MOD - [2012.03.01 18:06:00 | 007,722,096 | ---- | M] () -- C:\Programme\Buhl finance\tax Steuersoftware 2012\wgui12.dll
MOD - [2012.03.01 18:05:38 | 002,973,296 | ---- | M] () -- C:\Programme\Buhl finance\tax Steuersoftware 2012\wcore12.dll
MOD - [2012.03.01 18:05:30 | 001,544,816 | ---- | M] () -- C:\Programme\Buhl finance\tax Steuersoftware 2012\wsteu12.dll
MOD - [2012.03.01 18:05:25 | 000,319,600 | ---- | M] () -- C:\Programme\Buhl finance\tax Steuersoftware 2012\rsguiwinapi47.dll
MOD - [2012.03.01 18:05:20 | 000,275,056 | ---- | M] () -- C:\Programme\Buhl finance\tax Steuersoftware 2012\rscorewinapi47.dll
MOD - [2012.01.25 12:01:03 | 000,720,896 | ---- | M] () -- C:\Programme\Buhl finance\tax Steuersoftware 2012\qtsqlrs47.dll
MOD - [2012.01.03 15:10:46 | 000,301,056 | ---- | M] () -- C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\PDFShell.DEU
MOD - [2011.11.04 14:47:20 | 000,865,280 | ---- | M] () -- C:\Programme\Buhl finance\tax Steuersoftware 2012\qtcluceners47.dll
MOD - [2011.11.04 14:47:18 | 000,271,872 | ---- | M] () -- C:\Programme\Buhl finance\tax Steuersoftware 2012\phononrs47.dll
MOD - [2011.11.04 14:47:16 | 011,163,648 | ---- | M] () -- C:\Programme\Buhl finance\tax Steuersoftware 2012\qtwebkitrs47.dll
MOD - [2011.11.04 14:47:14 | 000,108,544 | ---- | M] () -- C:\Programme\Buhl finance\tax Steuersoftware 2012\qttestrs47.dll
MOD - [2011.11.04 14:47:12 | 001,340,416 | ---- | M] () -- C:\Programme\Buhl finance\tax Steuersoftware 2012\qtscriptrs47.dll
MOD - [2011.11.04 14:47:12 | 000,281,088 | ---- | M] () -- C:\Programme\Buhl finance\tax Steuersoftware 2012\qtsvgrs47.dll
MOD - [2011.11.04 14:47:10 | 008,934,400 | ---- | M] () -- C:\Programme\Buhl finance\tax Steuersoftware 2012\qtguirs47.dll
MOD - [2011.11.04 14:47:10 | 002,395,648 | ---- | M] () -- C:\Programme\Buhl finance\tax Steuersoftware 2012\qt3supportrs47.dll
MOD - [2011.11.04 14:47:10 | 000,990,208 | ---- | M] () -- C:\Programme\Buhl finance\tax Steuersoftware 2012\qtnetworkrs47.dll
MOD - [2011.11.04 14:47:10 | 000,358,400 | ---- | M] () -- C:\Programme\Buhl finance\tax Steuersoftware 2012\qtxmlrs47.dll
MOD - [2011.11.04 14:47:08 | 002,356,736 | ---- | M] () -- C:\Programme\Buhl finance\tax Steuersoftware 2012\qtcorers47.dll
MOD - [2011.10.14 22:35:37 | 000,100,088 | -H-- | M] () -- C:\Programme\ContourStoryteller\ContourAutoplay.exe
MOD - [2011.09.10 19:53:43 | 002,052,096 | -H-- | M] () -- C:\Programme\Kodak\Kodak EasyShare software\bin\SkinuxCmp.dll
MOD - [2011.09.10 19:53:43 | 001,564,672 | -H-- | M] () -- C:\Programme\Kodak\Kodak EasyShare software\bin\areaifdll.dll
MOD - [2011.09.10 19:53:43 | 001,339,392 | -H-- | M] () -- C:\Programme\Kodak\Kodak EasyShare software\bin\SkinuxCommon.dll
MOD - [2011.09.10 19:53:43 | 001,035,264 | -H-- | M] () -- C:\Programme\Kodak\Kodak EasyShare software\bin\ESSkin.esx
MOD - [2011.09.10 19:53:43 | 000,835,584 | -H-- | M] () -- C:\Programme\Kodak\Kodak EasyShare software\bin\SkinuxBase.dll
MOD - [2011.09.10 19:53:43 | 000,786,432 | -H-- | M] () -- C:\Programme\Kodak\Kodak EasyShare software\bin\SkinuxXML2.dll
MOD - [2011.09.10 19:53:43 | 000,770,048 | -H-- | M] () -- C:\Programme\Kodak\Kodak EasyShare software\bin\SkinuxIm.dll
MOD - [2011.09.10 19:53:43 | 000,688,128 | -H-- | M] () -- C:\Programme\Kodak\Kodak EasyShare software\bin\LocVistaControls.dll
MOD - [2011.09.10 19:53:43 | 000,679,936 | -H-- | M] () -- C:\Programme\Kodak\Kodak EasyShare software\bin\VPrintOnline.dll
MOD - [2011.09.10 19:53:43 | 000,667,648 | -H-- | M] () -- C:\Programme\Kodak\Kodak EasyShare software\bin\ESEmail.esx
MOD - [2011.09.10 19:53:43 | 000,495,616 | -H-- | M] () -- C:\Programme\Kodak\Kodak EasyShare software\bin\SkinuxProc.dll
MOD - [2011.09.10 19:53:43 | 000,430,080 | -H-- | M] () -- C:\Programme\Kodak\Kodak EasyShare software\bin\SkinuxFF.dll
MOD - [2011.09.10 19:53:43 | 000,405,504 | -H-- | M] () -- C:\Programme\Kodak\Kodak EasyShare software\bin\ESCom.dll
MOD - [2011.09.10 19:53:43 | 000,338,944 | -H-- | M] () -- C:\Programme\Kodak\Kodak EasyShare software\bin\KFx.dll
MOD - [2011.09.10 19:53:43 | 000,338,944 | -H-- | M] () -- C:\Programme\Kodak\Kodak EasyShare software\bin\Atlas.dll
MOD - [2011.09.10 19:53:43 | 000,335,872 | -H-- | M] () -- C:\Programme\Kodak\Kodak EasyShare software\bin\VistaAdapter.esx
MOD - [2011.09.10 19:53:43 | 000,303,104 | -H-- | M] () -- C:\Programme\Kodak\Kodak EasyShare software\bin\VistaPrintOnline.esx
MOD - [2011.09.10 19:53:43 | 000,246,272 | -H-- | M] () -- C:\Programme\Kodak\Kodak EasyShare software\bin\AppCore.dll
MOD - [2011.09.10 19:53:43 | 000,232,448 | -H-- | M] () -- C:\Programme\Kodak\Kodak EasyShare software\bin\SpiffyExt.dll
MOD - [2011.09.10 19:53:43 | 000,223,744 | -H-- | M] () -- C:\Programme\Kodak\Kodak EasyShare software\bin\VistaControls.esx
MOD - [2011.09.10 19:53:43 | 000,171,008 | -H-- | M] () -- C:\Programme\Kodak\Kodak EasyShare software\bin\Pcd.esx
MOD - [2011.09.10 19:53:43 | 000,167,936 | -H-- | M] () -- C:\Programme\Kodak\Kodak EasyShare software\bin\LocESEmail.dll
MOD - [2011.09.10 19:53:43 | 000,151,552 | -H-- | M] () -- C:\Programme\Kodak\Kodak EasyShare software\bin\LocVistaCDBackup.dll
MOD - [2011.09.10 19:53:43 | 000,139,264 | -H-- | M] () -- C:\Programme\Kodak\Kodak EasyShare software\bin\VPrintOnlineHelper40.dll
MOD - [2011.09.10 19:53:43 | 000,120,832 | -H-- | M] () -- C:\Programme\Kodak\Kodak EasyShare software\bin\kpries40.dll
MOD - [2011.09.10 19:53:43 | 000,115,200 | -H-- | M] () -- C:\Programme\Kodak\Kodak EasyShare software\bin\IStorageMediaStore.esx
MOD - [2011.09.10 19:53:43 | 000,095,744 | -H-- | M] () -- C:\Programme\Kodak\Kodak EasyShare software\bin\VistaCDBackup.esx
MOD - [2011.09.10 19:53:43 | 000,094,208 | -H-- | M] () -- C:\Programme\Kodak\Kodak EasyShare software\bin\LocVistaPrintOnLine.dll
MOD - [2011.09.10 19:53:43 | 000,090,112 | -H-- | M] () -- C:\Programme\Kodak\Kodak EasyShare software\bin\LocAcqMod.dll
MOD - [2011.09.10 19:53:43 | 000,083,968 | -H-- | M] () -- C:\Programme\Kodak\Kodak EasyShare software\bin\keml40.dll
MOD - [2011.09.10 19:53:43 | 000,081,920 | -H-- | M] () -- C:\Programme\Kodak\Kodak EasyShare software\bin\UpdateChecker.esx
MOD - [2011.09.10 19:53:43 | 000,061,952 | -H-- | M] () -- C:\Programme\Kodak\Kodak EasyShare software\bin\DibLibIP.dll
MOD - [2011.09.10 19:53:43 | 000,057,344 | -H-- | M] () -- C:\Programme\Kodak\Kodak EasyShare software\bin\LocCamBack.dll
MOD - [2011.09.10 19:53:43 | 000,051,712 | -H-- | M] () -- C:\Programme\Kodak\Kodak EasyShare software\bin\KPCDInterface.dll
MOD - [2011.09.10 19:53:43 | 000,013,824 | -H-- | M] () -- C:\Programme\Kodak\Kodak EasyShare software\bin\MEshim.dll
MOD - [2011.09.10 19:53:43 | 000,010,240 | -H-- | M] () -- C:\Programme\Kodak\Kodak EasyShare software\bin\LocVistaAdapter.dll
MOD - [2011.09.10 19:53:43 | 000,009,216 | -H-- | M] () -- C:\Programme\Kodak\Kodak EasyShare software\bin\LocUpdateCheck.dll
MOD - [2011.09.10 19:53:43 | 000,009,216 | -H-- | M] () -- C:\Programme\Kodak\Kodak EasyShare software\bin\locPcd.dll
MOD - [2011.09.10 19:53:42 | 000,077,312 | -H-- | M] () -- C:\Programme\Kodak\Kodak EasyShare software\bin\DXRawFormatHandler.esx
MOD - [2011.09.02 21:14:31 | 000,971,776 | -H-- | M] () -- C:\Programme\ContourStoryteller\QtNetwork4.dll
MOD - [2011.09.02 21:14:30 | 008,191,488 | -H-- | M] () -- C:\Programme\ContourStoryteller\QtGui4.dll
MOD - [2011.09.02 21:14:30 | 002,296,320 | -H-- | M] () -- C:\Programme\ContourStoryteller\QtCore4.dll
MOD - [2011.06.24 22:56:36 | 000,087,328 | ---- | M] () -- C:\Programme\Gemeinsame Dateien\Apple\Apple Application Support\zlib1.dll
MOD - [2011.06.24 22:56:14 | 001,241,888 | ---- | M] () -- C:\Programme\Gemeinsame Dateien\Apple\Apple Application Support\libxml2.dll
MOD - [2011.06.11 09:51:45 | 000,985,088 | ---- | M] () -- C:\Programme\OpenOffice.org 3\program\libxml2.dll
MOD - [2009.07.27 10:36:09 | 000,444,416 | -H-- | M] () -- C:\Programme\Hardcopy\HcDllS.dll
MOD - [2009.06.10 06:19:51 | 000,057,344 | -H-- | M] () -- C:\Programme\Hardcopy\HcDLL2_29_Win32.dll
MOD - [2008.04.09 10:00:54 | 000,826,880 | -H-- | M] () -- C:\Programme\dvd43\DVD43_Tray.exe
MOD - [2007.09.20 18:34:58 | 000,129,024 | -H-- | M] () -- C:\Programme\WinRAR\RarExt.dll
MOD - [2007.06.09 19:18:38 | 000,086,016 | ---- | M] () -- C:\WINDOWS\system32\spool\drivers\w32x86\3\D1XP.DLL
MOD - [2007.02.22 02:29:00 | 000,192,512 | -H-- | M] () -- C:\Programme\Kodak\Kodak EasyShare software\AddIn\VistaPCD.cyx
MOD - [2007.02.22 02:28:08 | 000,094,208 | -H-- | M] () -- C:\Programme\Kodak\Kodak EasyShare software\AddIn\VPCD.dll
MOD - [2007.02.22 02:22:36 | 000,040,960 | -H-- | M] () -- C:\Programme\Kodak\Kodak EasyShare software\AddIn\LocVistaPCD.dll
MOD - [2003.11.20 13:18:06 | 000,045,056 | -H-- | M] () -- C:\Programme\Hardcopy\hardcopy.dll
========== Win32 Services (SafeList) ==========
SRV - File not found [On_Demand | Unknown] -- C:\Programme\Pinnacle\MediaServer\Microsoft SQL Server\MSSQL$PINNACLESYS\Binn\sqlagent.EXE -- (SQLAgent$PINNACLESYS)
SRV - File not found [Auto | Unknown] -- C:\Programme\Pinnacle\MediaServer\Microsoft SQL Server\MSSQL$PINNACLESYS\Binn\sqlservr.exe -- (MSSQL$PINNACLESYS)
SRV - File not found [Disabled | Unknown] -- %SystemRoot%\System32\hidserv.dll -- (HidServ)
SRV - File not found [On_Demand | Unknown] -- %SystemRoot%\System32\appmgmts.dll -- (AppMgmt)
SRV - [2012.03.07 01:15:14 | 000,044,768 | ---- | M] (AVAST Software) [Auto | Unknown] -- C:\Programme\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2011.10.24 22:32:00 | 000,055,144 | ---- | M] (Apple Inc.) [Auto | Unknown] -- C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2011.10.11 14:59:49 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Unknown] -- C:\Programme\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2011.10.11 14:59:37 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Unknown] -- C:\Programme\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2010.12.08 15:31:06 | 000,628,736 | ---- | M] (Nokia) [On_Demand | Unknown] -- C:\Programme\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2007.12.02 18:34:30 | 000,074,384 | R--- | M] (MicroVision Development, Inc.) [On_Demand | Unknown] -- C:\Programme\Gemeinsame Dateien\SureThing Shared\stllssvr.exe -- (stllssvr)
SRV - [2007.09.24 19:11:42 | 000,566,560 | ---- | M] (ABBYY (BIT Software)) [Auto | Unknown] -- C:\Programme\ABBYY FineReader 9.0\NetworkLicenseServer.exe -- (ABBYY.Licensing.FineReader.Professional.9.0)
SRV - [2007.06.28 14:05:40 | 000,131,072 | ---- | M] (Dell) [Auto | Unknown] -- C:\Programme\Dell\MFP_DELL\deMntrService.exe -- (deMntrService)
SRV - [2007.01.09 17:16:12 | 000,061,440 | -H-- | M] (Deutsche Telekom AG, Marmiko IT-Solutions GmbH) [Auto | Unknown] -- C:\Programme\Gemeinsame Dateien\Marmiko Shared\MZCCntrl.exe -- (MZCCntrl)
SRV - [2006.10.23 14:50:35 | 000,046,640 | ---- | M] (AOL LLC) [Auto | Unknown] -- C:\Programme\Gemeinsame Dateien\aol\ACS\AOLacsd.exe -- (AOL ACS)
SRV - [2006.01.19 09:22:20 | 000,049,152 | -H-- | M] (Pinnacle Systems) [Auto | Unknown] -- C:\Programme\Pinnacle\Shared Files\Programs\MediaServer\PMSHost.exe -- (PinnacleSys.MediaServer)
========== Driver Services (SafeList) ==========
DRV - File not found [Kernel | On_Demand | Unknown] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Unknown] -- system32\DRIVERS\usbser_lowerflt.sys -- (upperdev)
DRV - File not found [Kernel | Auto | Unknown] -- System32\Drivers\pmp3052v.sys -- (pmp3052v) Video Camera Device(EKEN)
DRV - File not found [Kernel | On_Demand | Unknown] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Unknown] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Unknown] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Unknown] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Unknown] -- -- (PCIDump)
DRV - File not found [Kernel | System | Unknown] -- -- (lbrtfdc)
DRV - File not found [Kernel | System | Unknown] -- -- (i2omgmt)
DRV - File not found [Kernel | System | Unknown] -- -- (Changer)
DRV - File not found [Kernel | Auto | Unknown] -- System32\Drivers\Ca1528av.sys -- (Ca1528av)
DRV - File not found [Kernel | On_Demand | Unknown] -- System32\Drivers\Bulk3052.sys -- (Bulk3052i) Still Camera Device(EKEN)
DRV - File not found [Kernel | On_Demand | Unknown] -- System32\Drivers\Bulk1528.sys -- (Bulk1528)
DRV - [2012.03.07 01:03:51 | 000,612,184 | ---- | M] (AVAST Software) [File_System | System | Unknown] -- C:\WINDOWS\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2012.03.07 01:03:38 | 000,337,880 | ---- | M] (AVAST Software) [Kernel | System | Unknown] -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2012.03.07 01:02:00 | 000,035,672 | ---- | M] (AVAST Software) [Kernel | System | Unknown] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2012.03.07 01:01:53 | 000,053,848 | ---- | M] (AVAST Software) [Kernel | System | Unknown] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2012.03.07 01:01:39 | 000,095,704 | ---- | M] (AVAST Software) [File_System | Auto | Unknown] -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2)
DRV - [2012.03.07 01:01:30 | 000,020,696 | ---- | M] (AVAST Software) [File_System | Auto | Unknown] -- C:\WINDOWS\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2012.03.07 00:58:29 | 000,024,920 | ---- | M] (AVAST Software) [Kernel | System | Unknown] -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4)
DRV - [2012.02.18 12:09:04 | 000,137,416 | ---- | M] (Avira GmbH) [Kernel | System | Unknown] -- C:\WINDOWS\system32\drivers\avipbb.sys -- (avipbb)
DRV - [2011.10.11 15:00:01 | 000,074,640 | ---- | M] (Avira GmbH) [File_System | Auto | Unknown] -- C:\WINDOWS\system32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2011.10.11 15:00:01 | 000,036,000 | ---- | M] (Avira GmbH) [Kernel | System | Unknown] -- C:\WINDOWS\system32\drivers\avkmgr.sys -- (avkmgr)
DRV - [2010.07.14 12:51:56 | 000,065,584 | ---- | M] (Citrix Systems, Inc.) [Kernel | System | Unknown] -- C:\WINDOWS\system32\drivers\ctxusbm.sys -- (ctxusbm)
DRV - [2010.06.17 15:14:27 | 000,028,520 | -H-- | M] (Avira GmbH) [Kernel | System | Unknown] -- C:\WINDOWS\system32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2009.11.17 11:13:04 | 000,014,592 | R--- | M] (Silicon Laboratories) [Kernel | On_Demand | Unknown] -- C:\WINDOWS\system32\drivers\SiUSBXp.sys -- (SIUSBXP)
DRV - [2009.02.24 18:42:14 | 000,116,736 | -H-- | M] (MagicISO, Inc.) [Kernel | On_Demand | Unknown] -- C:\WINDOWS\system32\drivers\mcdbus.sys -- (mcdbus)
DRV - [2008.08.26 10:26:12 | 000,018,816 | -H-- | M] (Nokia) [Kernel | On_Demand | Unknown] -- C:\WINDOWS\system32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2008.05.06 08:01:28 | 000,016,512 | -H-- | M] (Adaptec) [Kernel | Auto | Unknown] -- C:\WINDOWS\system32\drivers\ASPI32.SYS -- (Aspi32)
DRV - [2008.04.13 20:53:09 | 000,040,320 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Unknown] -- C:\WINDOWS\system32\drivers\nmnt.sys -- (nm)
DRV - [2008.01.15 19:17:58 | 004,652,544 | -H-- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Unknown] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2007.09.14 22:04:46 | 002,455,040 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Unknown] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2007.07.30 11:58:56 | 000,022,016 | -H-- | M] (NVIDIA Corporation) [Kernel | On_Demand | Unknown] -- C:\WINDOWS\system32\drivers\nvnetbus.sys -- (nvnetbus)
DRV - [2007.07.30 11:58:54 | 000,054,400 | -H-- | M] (NVIDIA Corporation) [Kernel | On_Demand | Unknown] -- C:\WINDOWS\system32\drivers\NVENETFD.sys -- (NVENETFD)
DRV - [2007.07.20 13:40:10 | 000,084,992 | -H-- | M] (ATI Research Inc.) [Kernel | On_Demand | Unknown] -- C:\WINDOWS\system32\drivers\AtiHdmi.sys -- (AtiHdmiService)
DRV - [2007.05.11 12:59:20 | 000,017,536 | ---- | M] (Olivetti-Engineering SA) [Kernel | On_Demand | Unknown] -- C:\WINDOWS\system32\drivers\desrvusb.sys -- (DESVUSB)
DRV - [2006.10.09 15:03:56 | 000,017,152 | -H-- | M] (Deutsche Telekom AG, Marmiko IT-Solutions GmbH) [Kernel | On_Demand | Unknown] -- C:\Programme\Gemeinsame Dateien\Marmiko Shared\MInfraIS\MIINPazx.sys -- (MIINPazX)
DRV - [2006.10.09 14:46:44 | 000,017,536 | -H-- | M] (Deutsche Telekom AG AG, Marmiko IT-Solutions GmbH) [Kernel | On_Demand | Unknown] -- C:\Programme\T-Online\T-Online_Software_6\Basis-Software\Basis1\MTOnlPktAlyx.sys -- (MTOnlPktAlyX)
DRV - [2006.10.04 09:14:26 | 000,017,280 | -H-- | M] (Marmiko IT-Solutions GmbH) [Kernel | On_Demand | Unknown] -- C:\Programme\Gemeinsame Dateien\Marmiko Shared\MAcNdis5.sys -- (MACNDIS5)
DRV - [2005.07.13 16:55:22 | 000,171,008 | -H-- | M] (Pinnacle Systems GmbH) [Kernel | On_Demand | Unknown] -- C:\WINDOWS\system32\drivers\MarvinBus.sys -- (MarvinBus)
DRV - [2005.02.23 18:40:26 | 000,011,264 | -H-- | M] (VOB Computersysteme GmbH) [Kernel | On_Demand | Unknown] -- C:\WINDOWS\system32\drivers\asapiW2k.sys -- (ASAPIW2K)
DRV - [2005.02.09 12:59:00 | 000,014,165 | -H-- | M] (Pinnacle Systems GmbH) [Kernel | System | Unknown] -- C:\WINDOWS\system32\drivers\Pclepci.sys -- (PCLEPCI)
DRV - [2003.01.10 23:13:04 | 000,033,588 | -H-- | M] (America Online, Inc.) [Kernel | On_Demand | Unknown] -- C:\WINDOWS\system32\drivers\wanatw4.sys -- (wanatw) WAN Miniport (ATW)
DRV - [2002.11.28 16:18:04 | 000,015,360 | -H-- | M] (Elaborate Bytes AG) [Kernel | On_Demand | Unknown] -- C:\WINDOWS\system32\drivers\ElbyCDFL.sys -- (ElbyCDFL)
DRV - [2002.04.08 00:00:00 | 000,013,924 | -H-- | M] (Padus, Inc.) [Kernel | On_Demand | Unknown] -- C:\WINDOWS\system32\drivers\pfc.sys -- (pfc)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
IE - HKCU\..\URLSearchHook: {8dbb6d8e-e4a6-4e3b-9753-af78b226441c} - C:\Programme\Softonic_Deutsch\prxtbSof0.dll (Conduit Ltd.)
IE - HKCU\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7GGLS_deDE402
IE - HKCU\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT1351351
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
========== FireFox ==========
FF - prefs.js..browser.search.defaultenginename: "Google"
FF - prefs.js..browser.search.defaulturl: "hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q="
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "hxxp://www.google.de/webhp?hl=de"
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: bkmrksync@nokia.com:1.0.0.736
FF - prefs.js..extensions.enabledItems: {ABDE892B-13A8-4d1b-88E6-365A6E755758}:1.0
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Programme\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@Citrix.com/npagee,version=9.3.50.3: C:\Programme\Citrix\Secure Access Client\npagee.dll (Citrix Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@garmin.com/GpsControl: C:\Programme\Garmin GPS Plugin\npGarmin.dll (GARMIN Corp.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Programme\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Programme\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Programme\Microsoft Silverlight\5.0.61118.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pack.google.com/Google Updater;version=14: C:\Programme\Google\Google Updater\2.4.2432.1652\npCIDetect14.dll (Google)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.12.448: c:\program files\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=1.0.3.448: c:\program files\real\realplayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.448: c:\program files\real\realplayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Programme\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Programme\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@viewpoint.com/VMP: C:\Programme\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll ()
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Programme\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{3112ca9c-de6d-4884-a869-9855de68056c}: C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Google\Toolbar for Firefox\{3112ca9c-de6d-4884-a869-9855de68056c} [2010.10.20 22:07:50 | 000,000,000 | -H-D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Programme\AVAST Software\Avast\WebRep\FF [2012.04.02 10:34:59 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 11.0\extensions\\Components: C:\Programme\Mozilla Firefox\components [2012.04.02 10:26:12 | 000,000,000 | -H-D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 11.0\extensions\\Plugins: C:\Programme\Mozilla Firefox\plugins [2012.01.24 21:19:15 | 000,000,000 | -H-D | M]
[2008.07.19 23:00:34 | 000,000,000 | -H-D | M] (No name found) -- C:\Dokumente und Einstellungen\Jörg\Anwendungsdaten\Mozilla\Extensions
[2012.04.02 10:46:17 | 000,000,000 | -H-D | M] (No name found) -- C:\Dokumente und Einstellungen\Jörg\Anwendungsdaten\Mozilla\Firefox\Profiles\8weltkgj.default\extensions
[2012.04.02 10:46:17 | 000,000,000 | -H-D | M] (Garmin Communicator) -- C:\Dokumente und Einstellungen\Jörg\Anwendungsdaten\Mozilla\Firefox\Profiles\8weltkgj.default\extensions\{195A3098-0BD5-4e90-AE22-BA1C540AFD1E}
[2010.07.01 22:31:00 | 000,000,000 | -H-D | M] (Microsoft .NET Framework Assistant) -- C:\Dokumente und Einstellungen\Jörg\Anwendungsdaten\Mozilla\Firefox\Profiles\8weltkgj.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010.02.05 19:42:24 | 000,002,017 | -H-- | M] () -- C:\Dokumente und Einstellungen\Jörg\Anwendungsdaten\Mozilla\Firefox\Profiles\8weltkgj.default\searchplugins\google-maps.xml
[2011.12.07 23:32:57 | 000,000,000 | -H-D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
[2011.10.23 14:33:25 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA}
File not found (No name found) -- C:\DOKUMENTE UND EINSTELLUNGEN\JöRG\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\8WELTKGJ.DEFAULT\EXTENSIONS\{195A3098-0BD5-4E90-AE22-BA1C540AFD1E}
[2012.04.02 10:34:59 | 000,000,000 | ---D | M] (avast! WebRep) -- C:\PROGRAMME\AVAST SOFTWARE\AVAST\WEBREP\FF
[2012.04.02 10:26:12 | 000,097,208 | -H-- | M] (Mozilla Foundation) -- C:\Programme\mozilla firefox\components\browsercomps.dll
[2010.10.12 16:33:32 | 000,124,344 | ---- | M] (Citrix Systems, Inc.) -- C:\Programme\mozilla firefox\plugins\CCMSDK.dll
[2010.10.12 16:37:06 | 000,070,592 | ---- | M] (Citrix Systems, Inc.) -- C:\Programme\mozilla firefox\plugins\CgpCore.dll
[2010.10.12 16:35:42 | 000,091,576 | ---- | M] (Citrix Systems, Inc.) -- C:\Programme\mozilla firefox\plugins\confmgr.dll
[2010.10.12 16:34:56 | 000,022,464 | ---- | M] (Citrix Systems, Inc.) -- C:\Programme\mozilla firefox\plugins\ctxlogging.dll
[2011.10.03 05:06:04 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Programme\mozilla firefox\plugins\npdeployJava1.dll
[2010.10.12 18:16:54 | 000,484,768 | ---- | M] () -- C:\Programme\mozilla firefox\plugins\npicaN.dll
[2010.10.12 16:37:02 | 000,024,000 | ---- | M] (Citrix Systems, Inc.) -- C:\Programme\mozilla firefox\plugins\TcpPServ.dll
[2012.04.02 10:26:08 | 000,001,392 | -H-- | M] () -- C:\Programme\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012.04.02 10:26:08 | 000,002,252 | -H-- | M] () -- C:\Programme\mozilla firefox\searchplugins\bing.xml
[2012.04.02 10:26:08 | 000,001,153 | -H-- | M] () -- C:\Programme\mozilla firefox\searchplugins\eBay-de.xml
[2012.04.02 10:26:08 | 000,006,805 | -H-- | M] () -- C:\Programme\mozilla firefox\searchplugins\leo_ende_de.xml
[2012.04.02 10:26:08 | 000,001,178 | -H-- | M] () -- C:\Programme\mozilla firefox\searchplugins\wikipedia-de.xml
[2012.04.02 10:26:08 | 000,001,105 | -H-- | M] () -- C:\Programme\mozilla firefox\searchplugins\yahoo-de.xml
========== Chrome ==========
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
CHR - plugin: Shockwave Flash (Enabled) = C:\Programme\Google\Chrome\Application\17.0.963.83\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Programme\Mozilla Firefox\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Programme\Mozilla Firefox\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Programme\Mozilla Firefox\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Programme\Mozilla Firefox\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Programme\Mozilla Firefox\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Programme\Mozilla Firefox\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Programme\Mozilla Firefox\plugins\npqtplugin7.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Programme\Mozilla Firefox\plugins\npqtplugin8.dll
CHR - plugin: Java Deployment Toolkit 6.0.260.3 (Enabled) = C:\Programme\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java(TM) Platform SE 6 U26 (Enabled) = C:\Programme\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Programme\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) (Enabled) = C:\Programme\Mozilla Firefox\plugins\nppl3260.dll
CHR - plugin: RealPlayer Version Plugin (Enabled) = C:\Programme\Mozilla Firefox\plugins\nprpjplug.dll
CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = C:\Programme\Windows Media Player\npdsplay.dll
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Programme\Google\Chrome\Application\17.0.963.83\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Programme\Google\Chrome\Application\17.0.963.83\pdf.dll
CHR - plugin: Windows Genuine Advantage (Enabled) = C:\Programme\Mozilla Firefox\plugins\npLegitCheckPlugin.dll
CHR - plugin: RealJukebox NS Plugin (Enabled) = C:\Programme\Mozilla Firefox\plugins\nprjplug.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Programme\Windows Media Player\npdrmv2.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Programme\Windows Media Player\npwmsdrm.dll
CHR - plugin: Garmin Communicator Plug-In (Enabled) = C:\Programme\Garmin GPS Plugin\npGarmin.dll
CHR - plugin: Google Earth Plugin (Enabled) = C:\Programme\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Google Updater (Enabled) = C:\Programme\Google\Google Updater\2.4.2432.1652\npCIDetect14.dll
CHR - plugin: Google Update (Enabled) = C:\Programme\Google\Update\1.3.21.69\npGoogleUpdate3.dll
CHR - plugin: MetaStream 3 Plugin (Enabled) = C:\Programme\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Programme\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
CHR - Extension: avast! WebRep = C:\Dokumente und Einstellungen\Jörg\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\7.0.1426_0\
O1 HOSTS File: ([2004.08.04 14:00:00 | 000,000,820 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - c:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (Softonic Deutsch Toolbar) - {8dbb6d8e-e4a6-4e3b-9753-af78b226441c} - C:\Programme\Softonic_Deutsch\prxtbSof0.dll (Conduit Ltd.)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Programme\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programme\Google\GoogleToolbarNotifier\5.7.7227.1100\swg.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Softonic Deutsch Toolbar) - {8dbb6d8e-e4a6-4e3b-9753-af78b226441c} - C:\Programme\Softonic_Deutsch\prxtbSof0.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Programme\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKCU\..\Toolbar\WebBrowser: (Softonic Deutsch Toolbar) - {8DBB6D8E-E4A6-4E3B-9753-AF78B226441C} - C:\Programme\Softonic_Deutsch\prxtbSof0.dll (Conduit Ltd.)
O4 - HKLM..\Run: [Adobe ARM] C:\Programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\Alcmtr.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [AOLDialer] C:\Programme\Gemeinsame Dateien\aol\ACS\AOLDial.exe (AOL LLC)
O4 - HKLM..\Run: [APSDaemon] C:\Programme\Gemeinsame Dateien\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [ATICCC] C:\Programme\ATI Technologies\ATI.ACE\CLIStart.exe ()
O4 - HKLM..\Run: [avast] C:\Programme\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [avgnt] C:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [BluetoothAuthenticationAgent] C:\WINDOWS\System32\bthprops.cpl (Microsoft Corporation)
O4 - HKLM..\Run: [CloneCDElbyCDFL] C:\Programme\Elaborate Bytes\CloneCD\ElbyCheck.exe (Elaborate Bytes AG)
O4 - HKLM..\Run: [CloneCDTray] C:\Programme\Elaborate Bytes\CloneCD\CloneCDTray.exe (Elaborate Bytes AG)
O4 - HKLM..\Run: [ConnectionCenter] C:\Programme\Citrix\ICA Client\concentr.exe (Citrix Systems, Inc.)
O4 - HKLM..\Run: [ContourCameraFinder] C:\Programme\ContourStoryteller\ContourAutoplay.exe ()
O4 - HKLM..\Run: [DeStatusMon] C:\Programme\Dell\MFP_DELL\deDvcStatus.exe (Dell)
O4 - HKLM..\Run: [dvd43] C:\Programme\dvd43\DVD43_Tray.exe ()
O4 - HKLM..\Run: [HostManager] C:\Programme\Gemeinsame Dateien\aol\1216492581\ee\aolsoftware.exe (America Online, Inc.)
O4 - HKLM..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe (Ahead Software Gmbh)
O4 - HKLM..\Run: [OpwareSE4] C:\Programme\ScanSoft\OmniPageSE4\OpwareSE4.exe (Nuance Communications, Inc.)
O4 - HKLM..\Run: [PinnacleDriverCheck] C:\WINDOWS\System32\\PSDrvCheck.exe ()
O4 - HKLM..\Run: [RealTray] C:\Programme\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER File not found
O4 - HKLM..\Run: [ScanSoft OmniPage SE 4-reminder] C:\Programme\ScanSoft\OmniPageSE4\Ereg\Ereg.exe (Nuance Communications, Inc.)
O4 - HKLM..\Run: [SSBkgdUpdate] C:\Programme\Gemeinsame Dateien\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe (Nuance Communications, Inc.)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [TkBellExe] C:\Programme\Gemeinsame Dateien\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [TrayServer] C:\Programme\MAGIX\Filme_fuer_unterwegs_3_Download-Version\TrayServer.exe File not found
O4 - HKCU..\Run: [ContourCameraFinder] C:\Programme\ContourStoryteller\ContourAutoplay.exe ()
O4 - HKCU..\Run: [Tok-Cirrhatus] "C:\Dokumente und Einstellungen\Jörg\Lokale Einstellungen\Anwendungsdaten\smss.exe" File not found
O4 - HKLM..\RunOnce: [aswAhAScr.dll] C:\Programme\AVAST Software\Avast\aswRegSvr.exe (AVAST Software)
O4 - HKLM..\RunOnce: [aswasOutExt.dll] C:\Programme\AVAST Software\Avast\aswRegSvr.exe (AVAST Software)
O4 - HKLM..\RunOnce: [aswaswOtl.dll] C:\Programme\AVAST Software\Avast\aswRegSvr.exe (AVAST Software)
O4 - HKLM..\RunOnceEx: [] File not found
O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\AOL 9.0 Tray-Symbol.lnk = C:\Programme\AOL 9.0\aoltray.exe (America Online, Inc.)
O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\Kodak EasyShare Software.lnk = C:\Programme\Kodak\Kodak EasyShare software\bin\EasyShare.exe (Eastman Kodak Company)
O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\t@x aktuell.lnk = C:\Programme\Buhl finance\tax Steuersoftware 2012\taxaktuell.exe ()
O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\z1info.exe ()
O4 - Startup: C:\Dokumente und Einstellungen\Jörg\Startmenü\Programme\Autostart\Hardcopy.LNK = C:\Programme\Hardcopy\hardcopy.exe (sw4you, Siegfried Weckmann)
O4 - Startup: C:\Dokumente und Einstellungen\Jörg\Startmenü\Programme\Autostart\MagicDisc.lnk = C:\Programme\MagicDisc\MagicDisc.exe (MagicISO, Inc.)
O4 - Startup: C:\Dokumente und Einstellungen\Jörg\Startmenü\Programme\Autostart\OpenOffice.org 3.3.lnk = C:\Programme\OpenOffice.org 3\program\quickstart.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: Google Sidewiki... - res://C:\Programme\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll/cmsidewiki.html File not found
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O15 - HKCU\..Trusted Domains: aol.com ([objects] * is out of zone range - 5)
O16 - DPF: {26FCCDF9-A7E1-452A-A73D-7BF7B4D0BA6C} hxxp://o.aolcdn.com/pictures/ap/Resources/v2.15/cab/aolpPlugins.10.6.0.8.cab (AOL Pictures Uploader Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{AF0061DD-1EAB-413D-8B6B-29CE40520781}: DhcpNameServer = 192.168.2.1
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-ica {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Programme\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica; charset=euc-jp {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Programme\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica; charset=ISO-8859-1 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Programme\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica; charset=MS936 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Programme\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica; charset=MS949 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Programme\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica; charset=MS950 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Programme\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica; charset=UTF8 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Programme\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica; charset=UTF-8 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Programme\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica;charset=euc-jp {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Programme\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica;charset=ISO-8859-1 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Programme\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica;charset=MS936 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Programme\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica;charset=MS949 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Programme\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica;charset=MS950 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Programme\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica;charset=UTF8 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Programme\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica;charset=UTF-8 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Programme\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\ica {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Programme\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O24 - Desktop Components:0 (Die derzeitige Homepage) - About:Home
O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Grüne Idylle.bmp
O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Grüne Idylle.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010.07.30 22:42:21 | 000,000,007 | -HS- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
ActiveX: {0213C6AF-5562-4D09-884C-2ADCFC8C2F35} - Microsoft .NET Framework 1.1 Security Update (KB2656353)
ActiveX: {03F998B2-0E00-11D3-A498-00104B6EB52E} - Viewpoint Media Player
ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX: {10072CEC-8CC1-11D1-986E-00A0C955B42F} - Vektorgrafik-Rendering (VML)
ActiveX: {1B00725B-C455-4DE6-BFB6-AD540AD427CD} - Viewpoint Media Player
ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - NetShow
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 6.4
ActiveX: {283807B5-2C60-11D0-A31D-00AA00B92C03} - DirectAnimation
ActiveX: {2A3320D6-C805-4280-B423-B665BDE33D8F} - Microsoft .NET Framework 1.1 Security Update (KB979906)
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {36f8ec70-c29a-11d1-b5c7-0000f8051515} - Dynamic HTML-Datenbindung für Java
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {3bf42070-b3b1-11d1-b5c5-0000f8051515} - Uniscribe
ActiveX: {3C3901C5-3455-3E0A-A214-0B093A5070A6} - .NET Framework
ActiveX: {411EDCF7-755D-414E-A74B-3DCD6583F589} - Microsoft .NET Framework 1.1 Service Pack 1 (KB867460)
ActiveX: {4278c270-a269-11d1-b5bf-0000f8051515} - Erweitertes Authoring
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install
ActiveX: {44BBA842-CC51-11CF-AAFA-00AA00B6015B} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT
ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - DirectShow
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f216970-c90c-11d1-b5c7-0000f8051515} - DirectAnimation Java Classes
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5945c046-1e7d-11d1-bc44-00c04fd912be} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser
ActiveX: {5A8D6EE0-3E18-11D0-821E-444553540000} - ICW
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7131646D-CD3C-40F4-97B9-CD9E4E6262EF} - .NET Framework
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\WINDOWS\system32\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\WINDOWS\system32\Rundll32.exe C:\WINDOWS\system32\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F} - .NET Framework
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} - .NET Framework
ActiveX: {CC2A9BA0-3BDD-11D0-821E-444553540000} - Taskplaner
ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1
ActiveX: {D27CDB6E-AE6D-11cf-96B8-444553540000} - Adobe Flash Player
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E78BFA60-5393-4C38-82AB-E8019E464EB4} - .NET Framework
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: <{12d0ed0d-0ee0-4f90-8827-78cefb8f4988} - C:\WINDOWS\system32\ieudinit.exe
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\WINDOWS\inf\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\WINDOWS\system32\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP
ActiveX: >{881dd1c5-3dcf-431b-b061-f3f88e8be88a} - %systemroot%\system32\shmgrate.exe OCInstallUserConfigOE
NetSvcs: 6to4 - File not found
NetSvcs: AppMgmt - %SystemRoot%\System32\appmgmts.dll File not found
NetSvcs: HidServ - %SystemRoot%\System32\hidserv.dll File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found
CREATERESTOREPOINT
Error creating restore point.
========== Files/Folders - Created Within 30 Days ==========
[2012.04.02 16:49:32 | 000,593,920 | ---- | C] (OldTimer Tools) -- C:\Dokumente und Einstellungen\Jörg\Desktop\OTL.exe
[2012.04.02 16:20:42 | 000,000,000 | RH-D | C] -- C:\Dokumente und Einstellungen\Jörg\Recent
[2012.04.02 11:25:57 | 000,000,000 | -H-D | C] -- C:\Dokumente und Einstellungen\Jörg\Startmenü\Programme\SMART HDD
[2012.03.27 21:16:47 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Garmin
[2012.03.18 11:29:21 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\t@x 2012
[8 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[5 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\*.tmp files -> C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\*.tmp -> ]
[1 C:\*.tmp files -> C:\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2012.04.02 16:49:34 | 000,593,920 | ---- | M] (OldTimer Tools) -- C:\Dokumente und Einstellungen\Jörg\Desktop\OTL.exe
[2012.04.02 16:48:02 | 000,001,090 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2012.04.02 16:17:55 | 000,000,000 | -H-- | M] () -- C:\Dokumente und Einstellungen\Jörg\defogger_reenable
[2012.04.02 16:16:32 | 000,050,477 | ---- | M] () -- C:\Dokumente und Einstellungen\Jörg\Desktop\Defogger.exe
[2012.04.02 15:59:17 | 000,110,606 | -H-- | M] () -- C:\logfile
[2012.04.02 15:56:09 | 000,003,001 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2012.04.02 15:53:22 | 000,520,940 | ---- | M] () -- C:\WINDOWS\System32\perfh007.dat
[2012.04.02 15:53:22 | 000,499,492 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2012.04.02 15:53:22 | 000,102,952 | ---- | M] () -- C:\WINDOWS\System32\perfc007.dat
[2012.04.02 15:53:22 | 000,087,352 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2012.04.02 15:50:30 | 000,000,184 | -H-- | M] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\-9LQtOeckanpcugr
[2012.04.02 15:50:30 | 000,000,000 | -H-- | M] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\-9LQtOeckanpcug
[2012.04.02 15:50:24 | 000,000,256 | -H-- | M] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\9LQtOeckanpcug
[2012.04.02 15:48:16 | 000,001,086 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2012.04.02 15:48:00 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2012.04.02 10:26:18 | 000,005,558 | -H-- | M] () -- C:\WINDOWS\Wininit.ini
[2012.04.02 10:23:26 | 000,040,960 | RH-- | M] () -- C:\Dokumente und Einstellungen\All Users\Dokumente\ESBK.mb
[2012.04.01 18:07:58 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2012.03.25 11:33:01 | 000,001,044 | ---- | M] () -- C:\WINDOWS\tasks\Google Software Updater.job
[2012.03.18 12:25:43 | 000,001,098 | -H-- | M] () -- C:\WINDOWS\wiso.ini
[2012.03.18 11:29:26 | 000,001,842 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\t@x aktuell.lnk
[2012.03.14 19:27:32 | 000,229,592 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2012.03.14 09:25:46 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2012.03.10 20:36:19 | 000,000,140 | -H-- | M] () -- C:\WINDOWS\ODBC.INI
[2012.03.07 01:15:19 | 000,041,184 | ---- | M] (AVAST Software) -- C:\WINDOWS\avastSS.scr
[2012.03.07 01:15:14 | 000,201,352 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\aswBoot.exe
[2012.03.07 01:03:51 | 000,612,184 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSnx.sys
[2012.03.07 01:03:38 | 000,337,880 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSP.sys
[2012.03.07 01:02:00 | 000,035,672 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys
[2012.03.07 01:01:53 | 000,053,848 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys
[2012.03.07 01:01:39 | 000,095,704 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys
[2012.03.07 01:01:35 | 000,089,048 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon.sys
[2012.03.07 01:01:30 | 000,020,696 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys
[2012.03.07 00:58:29 | 000,024,920 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys
[2012.03.05 20:56:01 | 000,000,664 | -H-- | M] () -- C:\Dokumente und Einstellungen\Jörg\Lokale Einstellungen\Anwendungsdaten\d3d9caps.dat
[8 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[5 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\*.tmp files -> C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\*.tmp -> ]
[1 C:\*.tmp files -> C:\*.tmp -> ]
========== Files Created - No Company Name ==========
[2012.04.02 16:17:55 | 000,000,000 | -H-- | C] () -- C:\Dokumente und Einstellungen\Jörg\defogger_reenable
[2012.04.02 16:16:30 | 000,050,477 | ---- | C] () -- C:\Dokumente und Einstellungen\Jörg\Desktop\Defogger.exe
[2012.04.02 11:25:58 | 000,000,184 | -H-- | C] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\-9LQtOeckanpcugr
[2012.04.02 11:25:58 | 000,000,000 | -H-- | C] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\-9LQtOeckanpcug
[2012.04.02 11:25:53 | 000,000,256 | -H-- | C] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\9LQtOeckanpcug
[2012.02.18 12:06:01 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2012.01.21 19:55:48 | 000,000,664 | -H-- | C] () -- C:\Dokumente und Einstellungen\Jörg\Lokale Einstellungen\Anwendungsdaten\d3d9caps.dat
[2011.09.17 19:26:12 | 000,116,224 | -H-- | C] () -- C:\WINDOWS\System32\pdfcmnnt.dll
[2011.09.17 18:49:48 | 000,116,224 | -H-- | C] () -- C:\WINDOWS\System32\redmonnt.dll
[2011.09.17 18:49:48 | 000,045,056 | -H-- | C] () -- C:\WINDOWS\System32\unredmon.exe
[2011.07.20 18:44:39 | 000,014,115 | -H-- | C] () -- C:\WINDOWS\twspmm.ini
[2011.05.02 19:59:06 | 000,000,018 | -H-- | C] () -- C:\Dokumente und Einstellungen\Jörg\Anwendungsdaten\SYS386LT.DAT
[2011.05.02 19:49:40 | 000,000,005 | -H-- | C] () -- C:\Dokumente und Einstellungen\Jörg\Anwendungsdaten\LZ1CPROT
[2010.12.02 22:55:37 | 000,000,355 | -H-- | C] () -- C:\WINDOWS\loggerconfig.ini
[2010.08.31 23:48:39 | 000,030,647 | -H-- | C] () -- C:\Dokumente und Einstellungen\Jörg\Anwendungsdaten\mdbu.bin
[2010.08.12 22:53:57 | 000,000,038 | -H-- | C] () -- C:\WINDOWS\AviSplitter.INI
[2010.07.30 22:48:32 | 000,012,407 | -H-- | C] () -- C:\Dokumente und Einstellungen\Jörg\Lokale Einstellungen\Anwendungsdaten\Bron.tok.A12.em.bin
[2010.07.30 22:43:08 | 000,012,407 | -H-- | C] () -- C:\Dokumente und Einstellungen\Jörg\Lokale Einstellungen\Anwendungsdaten\Update.12.Bron.Tok.bin
[2010.05.02 12:30:47 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\HOZ.INI
[2010.05.02 12:30:47 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\DAISY.INI
[2010.05.02 12:30:43 | 000,000,063 | -H-- | C] () -- C:\WINDOWS\VDDS_MMI.INI
[2010.05.02 12:24:44 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\dbsetup.INI
[2010.04.08 16:10:09 | 000,048,520 | -H-- | C] () -- C:\WINDOWS\System32\mlfcache.dat
========== LOP Check ==========
[2011.10.08 16:01:14 | 000,000,000 | -H-D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\AVAST Software
[2012.03.18 11:35:01 | 000,000,000 | -H-D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Buhl Data Service GmbH
[2011.12.03 00:27:05 | 000,000,000 | -H-D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Citrix
[2011.05.07 09:16:38 | 000,000,000 | -H-D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Installations
[2008.08.09 00:45:06 | 000,000,000 | -H-D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\MAGIX
[2009.10.04 14:31:34 | 000,000,000 | -H-D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\MovieJack 6
[2011.08.15 17:48:30 | 000,000,000 | -H-D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\NCH Swift Sound
[2009.01.24 18:43:53 | 000,000,000 | -H-D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\PC Suite
[2008.07.20 14:59:28 | 000,000,000 | -H-D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Pinnacle
[2008.07.20 14:59:43 | 000,000,000 | -H-D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Pinnacle Studio
[2010.08.31 23:46:07 | 000,000,000 | -H-D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Rossmann Fotoservice
[2008.07.21 19:25:13 | 000,000,000 | -H-D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\ScanSoft
[2008.08.18 20:07:53 | 000,000,000 | -H-D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\SlySoft
[2009.04.04 02:18:30 | 000,000,000 | -H-D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\SmartSound Software Inc
[2008.07.19 17:12:08 | 000,000,000 | -H-D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\T-Online
[2010.08.12 22:22:54 | 000,000,000 | -H-D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TechSmith
[2008.08.08 19:49:06 | 000,000,000 | -H-D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TEMP
[2008.07.20 18:59:02 | 000,000,000 | -H-D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Ulead Systems
[2008.08.02 15:38:20 | 000,000,000 | -H-D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Uninstall
[2008.07.19 16:48:09 | 000,000,000 | -H-D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Viewpoint
[2010.04.08 15:16:46 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2010.07.26 23:18:42 | 000,000,000 | -H-D | M] -- C:\Dokumente und Einstellungen\Jörg\Anwendungsdaten\Amazon
[2010.01.20 00:52:47 | 000,000,000 | -H-D | M] -- C:\Dokumente und Einstellungen\Jörg\Anwendungsdaten\AnvSoft
[2008.08.08 21:57:52 | 000,000,000 | -H-D | M] -- C:\Dokumente und Einstellungen\Jörg\Anwendungsdaten\Any DVD Converter Professional
[2008.08.08 19:47:47 | 000,000,000 | -H-D | M] -- C:\Dokumente und Einstellungen\Jörg\Anwendungsdaten\Any Video Converter
[2009.05.20 17:06:41 | 000,000,000 | -H-D | M] -- C:\Dokumente und Einstellungen\Jörg\Anwendungsdaten\Buhl Data Service
[2009.10.04 14:43:22 | 000,000,000 | -H-D | M] -- C:\Dokumente und Einstellungen\Jörg\Anwendungsdaten\Engelmann Media
[2011.09.17 18:39:04 | 000,000,000 | -H-D | M] -- C:\Dokumente und Einstellungen\Jörg\Anwendungsdaten\FileZilla
[2011.09.17 18:53:13 | 000,000,000 | -H-D | M] -- C:\Dokumente und Einstellungen\Jörg\Anwendungsdaten\FreePDF
[2010.08.12 21:53:29 | 000,000,000 | -H-D | M] -- C:\Dokumente und Einstellungen\Jörg\Anwendungsdaten\FreeScreenToVideo
[2011.06.18 09:29:25 | 000,000,000 | -H-D | M] -- C:\Dokumente und Einstellungen\Jörg\Anwendungsdaten\GARMIN
[2008.07.20 13:33:14 | 000,000,000 | -H-D | M] -- C:\Dokumente und Einstellungen\Jörg\Anwendungsdaten\ICAClient
[2008.07.19 23:17:30 | 000,000,000 | -H-D | M] -- C:\Dokumente und Einstellungen\Jörg\Anwendungsdaten\iGrafx
[2011.08.15 17:47:57 | 000,000,000 | -H-D | M] -- C:\Dokumente und Einstellungen\Jörg\Anwendungsdaten\NCH Swift Sound
[2008.09.07 17:26:09 | 000,000,000 | -H-D | M] -- C:\Dokumente und Einstellungen\Jörg\Anwendungsdaten\NettoPro
[2008.12.16 19:47:45 | 000,000,000 | -H-D | M] -- C:\Dokumente und Einstellungen\Jörg\Anwendungsdaten\Nokia
[2009.05.20 12:20:23 | 000,000,000 | -H-D | M] -- C:\Dokumente und Einstellungen\Jörg\Anwendungsdaten\OpenOffice.org
[2008.12.16 19:32:32 | 000,000,000 | -H-D | M] -- C:\Dokumente und Einstellungen\Jörg\Anwendungsdaten\PC Suite
[2011.09.17 19:26:14 | 000,000,000 | -H-D | M] -- C:\Dokumente und Einstellungen\Jörg\Anwendungsdaten\pdfforge
[2011.09.30 22:21:44 | 000,000,000 | -H-D | M] -- C:\Dokumente und Einstellungen\Jörg\Anwendungsdaten\PriceGong
[2008.07.21 19:25:14 | 000,000,000 | -H-D | M] -- C:\Dokumente und Einstellungen\Jörg\Anwendungsdaten\ScanSoft
[2008.08.25 22:30:47 | 000,000,000 | -H-D | M] -- C:\Dokumente und Einstellungen\Jörg\Anwendungsdaten\SuperEasy Software
[2008.07.19 17:12:20 | 000,000,000 | -H-D | M] -- C:\Dokumente und Einstellungen\Jörg\Anwendungsdaten\T-Online
[2012.01.15 18:52:11 | 000,000,000 | -H-D | M] -- C:\Dokumente und Einstellungen\Jörg\Anwendungsdaten\TeamViewer
[2011.12.11 13:46:15 | 000,000,000 | -H-D | M] -- C:\Dokumente und Einstellungen\Jörg\Anwendungsdaten\Tobit
[2008.07.20 18:59:41 | 000,000,000 | -H-D | M] -- C:\Dokumente und Einstellungen\Jörg\Anwendungsdaten\Ulead Systems
[2011.05.02 15:10:11 | 000,000,000 | -H-D | M] -- C:\Dokumente und Einstellungen\Jörg\Anwendungsdaten\Win LohnInfo
[2011.08.15 18:00:45 | 000,000,268 | -H-- | M] () -- C:\WINDOWS\Tasks\switchShakeIcon.job
========== Purity Check ==========
========== Custom Scans ==========
< %SYSTEMDRIVE%\*. >
[2011.08.13 15:30:16 | 000,000,000 | -H-D | M] -- C:\anwendungen
[2008.07.19 16:53:48 | 000,000,000 | -H-D | M] -- C:\dell
[2012.01.24 21:16:45 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen
[2011.09.17 19:00:49 | 000,000,000 | ---D | M] -- C:\FreePDF
[2008.07.19 16:47:56 | 000,000,000 | -H-D | M] -- C:\My Music
[2008.07.19 23:41:46 | 000,000,000 | -H-D | M] -- C:\NetObjects Fusion 7
[2010.12.02 22:54:49 | 000,000,000 | -H-D | M] -- C:\Program Files
[2012.03.22 07:43:25 | 000,000,000 | ---D | M] -- C:\Programme
[2008.07.20 13:24:57 | 000,000,000 | -H-D | M] -- C:\PROGRAMS
[2012.03.10 20:36:10 | 000,000,000 | -HSD | M] -- C:\RECYCLER
[2008.07.19 12:28:27 | 000,000,000 | -HSD | M] -- C:\System Volume Information
[2011.10.08 23:23:58 | 000,000,000 | -H-D | M] -- C:\temp
[2012.04.02 15:49:47 | 000,000,000 | ---D | M] -- C:\WINDOWS
< %PROGRAMFILES%\*.exe >
Invalid Environment Variable: LOCALAPPDATA
< %systemroot%\*. /mp /s >
< MD5 for: AGP440.SYS >
[2004.08.04 14:00:00 | 018,782,319 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:AGP440.sys
[2008.07.29 00:11:21 | 023,898,261 | -H-- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:AGP440.sys
[2008.07.29 00:11:21 | 023,898,261 | -H-- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:AGP440.sys
[2008.04.13 20:36:38 | 000,042,368 | -H-- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\ServicePackFiles\i386\agp440.sys
[2008.04.13 20:36:38 | 000,042,368 | -H-- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\system32\drivers\agp440.sys
< MD5 for: ATAPI.SYS >
[2004.08.04 14:00:00 | 018,782,319 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2008.07.29 00:11:21 | 023,898,261 | -H-- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2008.07.29 00:11:21 | 023,898,261 | -H-- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:atapi.sys
[2008.04.13 20:40:30 | 000,096,512 | -H-- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys
[2008.04.13 20:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys
< MD5 for: EVENTLOG.DLL >
[2008.04.14 04:22:10 | 000,056,320 | -H-- | M] (Microsoft Corporation) MD5=04955AA695448C181B367D964AF158AA -- C:\WINDOWS\ServicePackFiles\i386\eventlog.dll
[2008.04.14 04:22:10 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=04955AA695448C181B367D964AF158AA -- C:\WINDOWS\system32\eventlog.dll
< MD5 for: EXPLORER.EXE >
[2008.04.14 04:22:45 | 001,036,800 | ---- | M] (Microsoft Corporation) MD5=418045A93CD87A352098AB7DABE1B53E -- C:\WINDOWS\explorer.exe
[2008.04.14 04:22:45 | 001,036,800 | -H-- | M] (Microsoft Corporation) MD5=418045A93CD87A352098AB7DABE1B53E -- C:\WINDOWS\ServicePackFiles\i386\explorer.exe
< MD5 for: NETLOGON.DLL >
[2008.04.14 04:22:19 | 000,407,040 | -H-- | M] (Microsoft Corporation) MD5=0098D35F91DEAB9C127360A877F2CF84 -- C:\WINDOWS\ServicePackFiles\i386\netlogon.dll
[2008.04.14 04:22:19 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=0098D35F91DEAB9C127360A877F2CF84 -- C:\WINDOWS\system32\netlogon.dll
< MD5 for: SCECLI.DLL >
[2008.04.14 04:22:23 | 000,187,904 | -H-- | M] (Microsoft Corporation) MD5=5132443DF6FC3771A17AB4AE55DCBC28 -- C:\WINDOWS\ServicePackFiles\i386\scecli.dll
[2008.04.14 04:22:23 | 000,187,904 | ---- | M] (Microsoft Corporation) MD5=5132443DF6FC3771A17AB4AE55DCBC28 -- C:\WINDOWS\system32\scecli.dll
< MD5 for: USER32.DLL >
[2008.04.14 04:22:31 | 000,580,096 | -H-- | M] (Microsoft Corporation) MD5=B0050CC5340E3A0760DD8B417FF7AEBD -- C:\WINDOWS\ServicePackFiles\i386\user32.dll
[2008.04.14 04:22:31 | 000,580,096 | ---- | M] (Microsoft Corporation) MD5=B0050CC5340E3A0760DD8B417FF7AEBD -- C:\WINDOWS\system32\user32.dll
< MD5 for: USERINIT.EXE >
[2008.04.14 04:23:03 | 000,026,624 | -H-- | M] (Microsoft Corporation) MD5=788F95312E26389D596C0FA55834E106 -- C:\WINDOWS\ServicePackFiles\i386\userinit.exe
[2008.04.14 04:23:03 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=788F95312E26389D596C0FA55834E106 -- C:\WINDOWS\system32\userinit.exe
< MD5 for: WINLOGON.EXE >
[2008.04.14 04:23:05 | 000,513,024 | -H-- | M] (Microsoft Corporation) MD5=F09A527B422E25C478E38CAA0E44417A -- C:\WINDOWS\ServicePackFiles\i386\winlogon.exe
[2008.04.14 04:23:05 | 000,513,024 | ---- | M] (Microsoft Corporation) MD5=F09A527B422E25C478E38CAA0E44417A -- C:\WINDOWS\system32\winlogon.exe
< MD5 for: WS2IFSL.SYS >
[2004.08.04 14:00:00 | 000,012,032 | ---- | M] (Microsoft Corporation) MD5=6ABE6E225ADB5A751622A9CC3BC19CE8 -- C:\WINDOWS\system32\drivers\ws2ifsl.sys
< %systemroot%\system32\drivers\*.sys /lockedfiles >
< %systemroot%\System32\config\*.sav >
[2008.07.19 14:10:10 | 000,094,208 | ---- | M] () -- C:\WINDOWS\System32\config\default.sav
[2008.07.19 14:10:10 | 000,638,976 | ---- | M] () -- C:\WINDOWS\System32\config\software.sav
[2008.07.19 14:10:10 | 000,442,368 | ---- | M] () -- C:\WINDOWS\System32\config\system.sav
< %systemroot%\system32\*.dll /lockedfiles >
[8 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]
< %USERPROFILE%\*.* >
[2012.04.02 16:17:55 | 000,000,000 | -H-- | M] () -- C:\Dokumente und Einstellungen\Jörg\defogger_reenable
[2012.04.02 11:30:20 | 007,340,032 | -H-- | M] () -- C:\Dokumente und Einstellungen\Jörg\NTUSER.DAT
[2012.04.02 16:57:20 | 000,001,024 | -H-- | M] () -- C:\Dokumente und Einstellungen\Jörg\ntuser.dat.LOG
[2012.04.02 11:30:20 | 000,000,190 | -HS- | M] () -- C:\Dokumente und Einstellungen\Jörg\ntuser.ini
[2012.01.05 19:06:09 | 000,000,156 | -H-- | M] () -- C:\Dokumente und Einstellungen\Jörg\videoplayer.log
< %USERPROFILE%\Local Settings\Temp\*.exe >
< %USERPROFILE%\Local Settings\Temp\*.dll >
< %USERPROFILE%\Application Data\*.exe >
< HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems|Windows /rs >
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems\\Kmode: %SystemRoot%\system32\win32k.sys [2012.02.03 11:57:08 | 001,860,224 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems\\Required: DebugWindows [binary data]
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems\\Windows: %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,3072,512 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ProfileControl=Off MaxRequestThreads=16
< >
========== Alternate Data Streams ==========
@Alternate Data Stream - 72 bytes -> C:\WINDOWS:4E00425C67D4A07C
@Alternate Data Stream - 115 bytes -> C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TEMP:FB1B13D8
< End of report >
--- --- ---
Extra.txtOTL EXTRAS Logfile: Code:
OTL Extras logfile created on: 02.04.2012 16:53:33 - Run 1
OTL by OldTimer - Version 3.2.39.2 Folder = C:\Dokumente und Einstellungen\Jörg\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
3,50 Gb Total Physical Memory | 2,86 Gb Available Physical Memory | 81,88% Memory free
5,34 Gb Paging File | 4,53 Gb Available in Paging File | 84,81% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 97,65 Gb Total Space | 56,94 Gb Free Space | 58,31% Space Free | Partition Type: NTFS
Drive D: | 368,10 Gb Total Space | 103,11 Gb Free Space | 28,01% Space Free | Partition Type: NTFS
Drive E: | 149,05 Gb Total Space | 76,00 Gb Free Space | 50,99% Space Free | Partition Type: NTFS
Computer Name: DELL-INSPIRON | User Name: Jörg | NOT logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Programme\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
htmlfile [edit] -- Reg Error: Key error.
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Programme\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [CMDHere] -- C:\WINDOWS\system32\cmd.exe /x /k cd "%1" (Microsoft Corporation)
Directory [DosHere] -- C:\WINDOWS\system32\command.com ()
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Programme\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\Programme\Gemeinsame Dateien\aol\ACS\AOLDial.exe" = C:\Programme\Gemeinsame Dateien\aol\ACS\AOLDial.exe:*:Enabled:AOL -- (AOL LLC)
"C:\Programme\Gemeinsame Dateien\aol\ACS\AOLacsd.exe" = C:\Programme\Gemeinsame Dateien\aol\ACS\AOLacsd.exe:*:Enabled:AOL -- (AOL LLC)
"C:\Programme\AOL 9.0\waol.exe" = C:\Programme\AOL 9.0\waol.exe:*:Enabled:AOL 9.0 -- (America Online, Inc.)
"C:\Programme\Citrix\Secure Access Client\nsepa.exe" = C:\Programme\Citrix\Secure Access Client\nsepa.exe:*:Enabled:Citrix Access Gateway Endpoint Analysis -- (Citrix Systems, Inc)
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Programme\Gemeinsame Dateien\aol\ACS\AOLacsd.exe" = C:\Programme\Gemeinsame Dateien\aol\ACS\AOLacsd.exe:*:Enabled:AOL -- (AOL LLC)
"C:\Programme\Gemeinsame Dateien\aol\ACS\AOLDial.exe" = C:\Programme\Gemeinsame Dateien\aol\ACS\AOLDial.exe:*:Enabled:AOL -- (AOL LLC)
"C:\Programme\AOL 9.0\waol.exe" = C:\Programme\AOL 9.0\waol.exe:*:Enabled:AOL 9.0 -- (America Online, Inc.)
"C:\Programme\Gemeinsame Dateien\aol\1216492581\ee\aolsoftware.exe" = C:\Programme\Gemeinsame Dateien\aol\1216492581\ee\aolsoftware.exe:*:Enabled:AOL Shared Components -- (America Online, Inc.)
"C:\Programme\Pinnacle\Studio 10\programs\RM.exe" = C:\Programme\Pinnacle\Studio 10\programs\RM.exe:*:Enabled:Render Manager -- (Pinnacle Systems, Inc.)
"C:\Programme\Pinnacle\Studio 10\programs\Studio.exe" = C:\Programme\Pinnacle\Studio 10\programs\Studio.exe:*:Enabled:Studio -- (Pinnacle Systems)
"C:\Programme\Pinnacle\Studio 10\programs\PMSRegisterFile.exe" = C:\Programme\Pinnacle\Studio 10\programs\PMSRegisterFile.exe:*:Enabled:PMSRegisterFile -- ( )
"C:\Programme\Pinnacle\Studio 10\programs\umi.exe" = C:\Programme\Pinnacle\Studio 10\programs\umi.exe:*:Enabled:umi -- (Pinnacle Systems, Inc.)
"E:\Tobit ClipInc\Server\ClipInc-Server.exe" = E:\Tobit ClipInc\Server\ClipInc-Server.exe:*:Enabled:ClipInc Server
"E:\Tobit ClipInc\Player\ClipInc-Player.exe" = E:\Tobit ClipInc\Player\ClipInc-Player.exe:*:Enabled:ClipInc Player
"C:\Programme\Tobit ClipInc\Server\ClipInc-Server.exe" = C:\Programme\Tobit ClipInc\Server\ClipInc-Server.exe:*:Enabled:ClipInc Server
"C:\Programme\Tobit ClipInc\Player\ClipInc-Player.exe" = C:\Programme\Tobit ClipInc\Player\ClipInc-Player.exe:*:Enabled:ClipInc Player
"C:\Programme\Mozilla Firefox\firefox.exe" = C:\Programme\Mozilla Firefox\firefox.exe:*:Enabled:Firefox -- (Mozilla Corporation)
"C:\Programme\Zattoo\zattood.exe" = C:\Programme\Zattoo\zattood.exe:*:Disabled:zattood
"C:\Programme\Google\Google Earth\client\googleearth.exe" = C:\Programme\Google\Google Earth\client\googleearth.exe:*:Enabled:Google Earth -- (Google)
"C:\Programme\TeamViewer\Version6\TeamViewer.exe" = C:\Programme\TeamViewer\Version6\TeamViewer.exe:*:Enabled:Teamviewer Remote Control Application -- (TeamViewer GmbH)
"C:\Programme\TeamViewer\Version6\TeamViewer_Service.exe" = C:\Programme\TeamViewer\Version6\TeamViewer_Service.exe:*:Enabled:Teamviewer Remote Control Service -- (TeamViewer GmbH)
"C:\Programme\Google\Google Earth\plugin\geplugin.exe" = C:\Programme\Google\Google Earth\plugin\geplugin.exe:*:Enabled:Google Earth -- (Google)
"C:\Programme\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater.exe" = C:\Programme\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater.exe:*:Enabled:Kodak Software Updater -- ()
"C:\Programme\Kodak\Kodak EasyShare software\bin\EasyShare.exe" = C:\Programme\Kodak\Kodak EasyShare software\bin\EasyShare.exe:*:Enabled:EasyShare -- (Eastman Kodak Company)
"C:\NetObjects Fusion 7\Fusion.exe" = C:\NetObjects Fusion 7\Fusion.exe:*:Enabled:NetObjects Fusion -- (NetObjects)
"C:\Programme\Gemeinsame Dateien\Apple\Apple Application Support\WebKit2WebProcess.exe" = C:\Programme\Gemeinsame Dateien\Apple\Apple Application Support\WebKit2WebProcess.exe:*:Enabled:WebKit -- (Apple Inc.)
"C:\Programme\Citrix\Secure Access Client\nsepa.exe" = C:\Programme\Citrix\Secure Access Client\nsepa.exe:*:Enabled:Citrix Access Gateway Endpoint Analysis -- (Citrix Systems, Inc)
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator
"{0008546E-DF6E-4CC1-AFD0-2CB8E16C95A2}" = Notifier
"{00762C8C-31A8-4892-9960-587872CAE77C}" = Dell All-In-One Center
"{03EDED24-8375-407D-A721-4643D9768BE1}" = kgchlwn
"{073F22CE-9A5B-4A40-A604-C7270AC6BF34}" = ESSSONIC
"{08E81ABD-79F7-49C2-881F-FD6CB0975693}" = Roxio Creator Data
"{09760D42-E223-42AD-8C3E-55B47D0DDAC3}" = Roxio Creator DE
"{0E806605-5B82-4A4F-BC31-AA4FADA03C42}" = t@x 2012
"{11F3F858-4131-4FFA-A560-3FE282933B6E}" = kgchday
"{14D4ED84-6A9A-45A0-96F6-1753768C3CB5}" = ESSPCD
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{199C20D6-10D3-4210-B361-4760209F56AE}" = Citrix Online Plug-in (Web)
"{1A655D51-1423-48A3-B748-8F5A0BE294C8}" = Microsoft Visual J# .NET Redistributable Package 1.1
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F2899C5-8938-4232-98CC-7A075ECB3172}" = t@x 2010 Standard
"{1F54DAFA-9261-4A62-B59D-6C9F26B48FE4}" = Roxio Creator Tools
"{2107998E-852C-480D-BA17-A7EC723F2514}" = Dataloger
"{212748BB-0DA5-46DE-82A1-403736DC9F27}" = MSVC80_x86
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{26A24AE4-039D-4CA4-87B4-2F83216020FF}" = Java(TM) 6 Update 29
"{26A24AE4-039D-4CA4-87B4-2F83216022F0}" = Java(TM) 6 Update 22
"{280ED870-1DF3-4574-A679-E2C4A8163249}_is1" = Registry System Wizard
"{295C31E5-3F91-498E-9623-DA24D2FA2B6A}" = T-Online WLAN-Access Finder
"{2CCBABCB-6427-4A55-B091-49864623C43F}" = Google Toolbar for Firefox
"{2D03B6F8-DF36-4980-B7B6-5B93D5BA3A8F}" = essvatgt
"{30465B6C-B53F-49A1-9EBA-A3F187AD502E}" = Roxio Update Manager
"{3127F76D-5335-4AC7-BD1E-2F5247A23C24}" = iTunes
"{31A57C3E-30DD-421F-B5C7-974DACB0D05F}" = Canon Camera WIA Driver
"{343666E2-A059-48AC-AD67-230BF74E2DB2}" = Apple Application Support
"{350C97B3-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3CB05291-F546-458E-A796-B5BCF5A3CDC4}" = Studio 10
"{3D960387-76B3-4758-BAF7-D156B14A032F}" = Ulead PhotoImpact 8 SE
"{3ECCB578-504E-4F7A-A8B4-CF4F3B939B44}" = Citrix Online Plug-in (USB)
"{40030378-9EB9-482A-AC10-195097CA624D}" = t@x 2009 Standard
"{4216D328-0FE8-48B8-85B8-BD300E6F080F}" = Nokia Connectivity Cable Driver
"{4286716B-1287-48E7-9078-3DC8248DBA96}" = OpenOffice.org 3.3
"{42929F0F-CE14-47AF-9FC7-FF297A603021}" = Dell Resource CD
"{460CE8B9-6EC2-458A-90D4-691631ECE9D9}" = Pinnacle MediaServer
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A7FDA4D-F4D7-4A49-934A-066D59A43C7E}" = SmartSound Quicktracks Plugin
"{500ECB5F-B2E8-4A46-80FF-FFFDB7AFC103}" = ScanSoft OmniPage SE 4
"{5599E59C-07EE-45D4-A44D-F311F52C98EA}_is1" = KH-Lohn 2011
"{56AB063D-1450-4BDE-9F0D-E9C693429C51}" = netbrdg
"{570C2A84-A145-4DF0-AE9D-012584DF09DC}" = SPCA1528 PC Driver
"{5A3C1721-F8ED-11E0-8AFB-B8AC6F97B88E}" = Google Earth
"{605A4E39-613C-4A12-B56F-DEFBE6757237}" = SHASTA
"{65D85050-5610-4A91-A3B1-D5C744291AD4}" = PCDADDIN
"{65F9E1F3-A2C1-4AA9-9F33-A3AEB0255F0E}" = Garmin USB Drivers
"{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}" = Roxio Express Labeler 3
"{678094A1-6250-476B-9AFF-4376E48F135C}" = Citrix Online Plug-in (DV)
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD
"{693C08A7-9E76-43FF-B11E-9A58175474C4}" = kgckids
"{6A012D9C-2E2E-405A-B87C-E909F5297C3F}" = Studio 10 Bonus DVD
"{6C94A234-CA2C-4D3C-81E6-6AAA8069825D}" = Garmin WebUpdater
"{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}" = MSVC80_x86_v2
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{73861999-F41B-4DCE-8984-30BB3DD6EF12}" = EKEN PC Driver
"{73A4F29F-31AC-4EBD-AA1B-0CC5F18C8F83}" = Roxio Creator Audio
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{79155F2B-9895-49D7-8612-D92580E0DE5B}" = Bonjour
"{7BE15435-2D3E-4B58-867F-9C75BED0208C}" = QuickTime
"{8153ED9A-C94A-426E-9880-5E6775C08B62}" = Apple Mobile Device Support
"{87841AF8-C785-42FF-A76E-CC0F0C2816CC}" = ATI Catalyst Control Center
"{8943CE61-53BD-475E-90E1-A580869E98A2}" = staticcr
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A502E38-29C9-49FA-BCFA-D727CA062589}" = ESSTOOLS
"{8A8664E1-84C8-4936-891C-BC1F07797549}" = kgcvday
"{8E92D746-CD9F-4B90-9668-42B74C14F765}" = ESSini
"{91517631-A9F3-4B7C-B482-43E0068FD55A}" = ESSgui
"{999D43F4-9709-4887-9B1A-83EBB15A8370}" = VPRINTOL
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BD54685-1496-46A5-AB62-357CD140ED8B}" = kgcinvt
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D8FEE90-0377-49A9-AEFB-525BDE549BA4}" = ESScore
"{A1588373-1D86-4D44-86C9-78ABD190F9CC}" = kgcmove
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A77F3C2D-50CC-4A29-A1FB-1E018BE4DCA2}" = DiscAPI (Studio 10)
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1031-7B44-AA1000000001}" = Adobe Reader X (10.1.2) - Deutsch
"{AE1FA02D-E6A4-4EA0-8E58-6483CAC016DD}" = ESSCDBK
"{B0414A3B-3AE3-47B8-8FC0-2129781FF425}" = t@x 2011
"{B1275E23-717A-4D52-997A-1AD1E24BC7F3}" = T-Online 6.0
"{B162D0A6-9A1D-4B7C-91A5-88FB48113C45}" = OfotoXMI
"{B1EE1CC5-6CED-4801-BFFF-8454F21A245A}" = Garmin Communicator Plugin
"{B4B44FE7-41FF-4DAD-8C0A-E406DDA72992}" = CCScore
"{B6A26DE5-F2B5-4D58-9570-4FC760E00FCD}" = Roxio Creator Copy
"{B997C2A0-4383-41BF-B76E-9B8B7ECFB267}" = KSU
"{BEC98AB1-991D-4A2D-9FDD-10F3DEBAF568}" = Dell Photo AIO 928
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C329E2AE-B868-4BB3-A145-C6646EF87EDA}" = Citrix Access Gateway Endpoint Analysis
"{C6579A65-9CAE-4B31-8B6B-3306E0630A66}" = Apple Software Update
"{C99DCDA4-7407-4F72-A77E-C81C551D0C4E}" = PCDHELP
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D32470A1-B10C-4059-BA53-CF0486F68EBC}" = Kodak EasyShare Software
"{D4AEC53C-1720-41D9-B6D7-6A60DE62D444}" = PC Connectivity Solution
"{DB02F716-6275-42E9-B8D2-83BA2BF5100B}" = SFR
"{DE6E4530-4AB0-482E-91DE-7FE6309C6EF1}" = Camtasia Studio 7
"{E09B48B5-E141-427A-AB0C-D3605127224A}" = Microsoft SQL Server Desktop Engine (PINNACLESYS)
"{E18B549C-5D15-45DA-8D8F-8FD2BD946344}" = kgcbaby
"{E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}" = Windows Media Encoder 9-Reihe
"{E503B4BF-F7BB-3D5F-8BC8-F694B1CFF942}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022.218
"{E78BFA60-5393-4C38-82AB-E8019E464EB4}" = Microsoft .NET Framework 1.1 German Language Pack
"{E79987F0-0E34-42CC-B8FF-6C860AEEB26A}" = tooltips
"{ED439A64-F018-4DD4-8BA5-328D85AB09AB}" = Roxio Creator DE
"{EEECE229-49F6-4851-A73A-99B058221F8C}" = RAPID (Studio 10)
"{EF781A5C-58F5-4BFD-87F9-E4F14D382F25}" = Pinnacle Instant DVD Recorder
"{F0312AC6-988B-11DA-9C49-000476F770CC}" = CIB pdf brewer 2.5.25
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F22C222C-3CE2-4A4B-A83F-AF4681371ABE}" = kgcbase
"{F2AF3E5D-9697-485C-A5AC-E2B9468C446A}" = Safari
"{F4A2E7CC-60CA-4AFA-B67F-AD5E58173C3F}" = SKINXSDK
"{F4F11251-6E73-4EC2-969B-E094249DADEA}" = MovieJack 3.5
"{F750C986-5310-3A5A-95F8-4EC71C8AC01C}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{F8B51367-241D-4FE9-ACE2-55B320FDDA78}_is1" = Screeny LT
"{F9000000-0001-0000-0000-074957833700}" = ABBYY FineReader 9.0 Professional Edition
"{F9593CFB-D836-49BC-BFF1-0E669A411D9F}" = WIRELESS
"{FA2D08C9-BBAD-47BA-0001-F7D5C1599030}" = MovieJack*6
"{FA365307-1963-4D16-BD44-113C8F037AAD}" = Citrix Online Plug-in (HDX)
"{FDF9943A-3D5C-46B3-9679-586BD237DDEE}" = SKIN0001
"49CF605F02C7954F4E139D18828DE298CD59217C" = Windows Driver Package - Garmin (grmnusb) GARMIN Devices (06/03/2009 2.3.0.0)
"504244733D18C8F63FF584AEB290E3904E791693" = Windows-Treiberpaket - Nokia pccsmcfd (08/22/2008 7.0.0.0)
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"All ATI Software" = ATI - Dienstprogramm zur Deinstallation der Software
"Amazon MP3-Downloader" = Amazon MP3-Downloader 1.0.9
"Any Video Converter_is1" = Any Video Converter 3.0.1
"AOL Deinstallation" = AOL Deinstallation
"AOL Pictures" = AOL Fotocenter Plugin (Version 10.6.0.8)
"AOL YGP Screensaver" = AOL Meine Fotos Bildschirmschoner
"AOLCoach de" = AOL Coach Version 1.0(Build:20040229.1 de)
"ATI Display Driver" = ATI Display Driver
"Audiograbber" = Audiograbber 1.83 SE
"avast" = avast! Free Antivirus
"Avira AntiVir Desktop" = Avira Free Antivirus
"CitrixOnlinePluginPackWeb" = Citrix Online Plug-in - Web
"CloneCD" = CloneCD
"CloneDVD2" = CloneDVD2
"Contour Storyteller 3.0.6" = Contour Storyteller
"Dkill95" = Dkill95
"DVD Decrypter" = DVD Decrypter (Remove Only)
"DVD Shrink DE_is1" = DVD Shrink 3.2 deutsch (DeCSS-frei)
"DVD43_is1" = DVD43 v4.3.1
"DVDFab 6_is1" = DVDFab 6.0.2.2 (June 26, 2009)
"E.M. DVD Copy_is1" = E.M. DVD Copy 2.20
"Easy Edit Software" = Easy Edit Software
"EasyGPS_is1" = EasyGPS 4.28
"FileZilla Client" = FileZilla Client 3.5.1
"FormatFactory" = FormatFactory 2.60
"Fotosizer" = Fotosizer 1.29
"Free Screen To Video_is1" = Free Screen To Video V 1.2
"Google Chrome" = Google Chrome
"Google Updater" = Google Updater
"GPL Ghostscript 9.04" = GPL Ghostscript
"Hardcopy(C__Programme_Hardcopy)" = Hardcopy (C:\Programme\Hardcopy)
"HS Nettoeinkommen Pro 2008 TESTVERSION" = HS Nettoeinkommen Pro 2008 TESTVERSION
"HS Nettoeinkommen Pro 2009 TESTVERSION" = HS Nettoeinkommen Pro 2009 TESTVERSION
"HS Nettoeinkommen Pro 2010 TESTVERSION" = HS Nettoeinkommen Pro 2010 TESTVERSION
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie8" = Windows Internet Explorer 8
"InstallShield_{31A57C3E-30DD-421F-B5C7-974DACB0D05F}" = Canon EOS Kiss REBEL 300D WIA-Treiber
"InstallShield_{4A7FDA4D-F4D7-4A49-934A-066D59A43C7E}" = SmartSound Quicktracks Plugin
"InstallShield_{73861999-F41B-4DCE-8984-30BB3DD6EF12}" = EKEN PC Driver
"IrfanView" = IrfanView (remove only)
"LHTTSGED" = L&H TTS3000 Deutsch
"MagicDisc 2.7.106" = MagicDisc 2.7.106
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"Nero - Burning Rom!UninstallKey" = Nero OEM
"NeroVision!UninstallKey" = NeroVision Express 2
"NetObjects Fusion 7" = NetObjects Fusion 7
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"NMPUninstallKey" = Nero Media Player
"NVIDIA Drivers" = NVIDIA Drivers
"proDAD-Heroglyph-2.5" = proDAD Heroglyph 2.5
"RealPlayer 12.0" = RealPlayer
"Redirection Port Monitor" = RedMon - Redirection Port Monitor
"Rossmann Fotoservice_is1" = Rossmann Fotoservice
"ShrinkTo5Basic" = ShrinkTo5Basic
"SIUSBXP&10C4&EA61" = Silicon Laboratories USBXpress Device (Driver Removal)
"Softonic_Deutsch Toolbar" = Softonic_Deutsch Toolbar
"StreetPlugin" = Learn2 Player (Uninstall Only)
"Switch" = Switch Sound File Converter
"TeamViewer 6" = TeamViewer 6
"ViewpointMediaPlayer" = Viewpoint Media Player
"VLC media player" = VLC media player 1.0.1
"Wdf01007" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.7
"Windows Media Encoder 9" = Windows Media Encoder 9-Reihe
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinRAR archiver" = WinRAR
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01005" = Microsoft User-Mode Driver Framework Feature Pack 1.5
"XMedia Recode" = XMedia Recode 2.2.1.5
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Mozilla Firefox 11.0 (x86 de)" = Mozilla Firefox 11.0 (x86 de)
========== Last 10 Event Log Errors ==========
Error: Unable to start EventLog service!
< End of report >
--- --- --- |
