| Creative | 03.07.2012 07:13 |
Hatte heute schon wieder einen Polizei Sperrbildschirm. Aber einen anderen. hab gleichmal alles nochmal gescannt: Code:
Malwarebytes Anti-Malware 1.61.0.1400
www.malwarebytes.org
Datenbank Version: v2012.07.03.02
Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
Standard :: HP46822210828 [Administrator]
03.07.2012 08:13:31
mbam-log-2012-07-03 (08-27-04).txt
Art des Suchlaufs: Quick-Scan
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 266858
Laufzeit: 13 Minute(n), 12 Sekunde(n)
Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)
Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)
Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)
Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)
Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)
Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)
Infizierte Dateien: 1
C:\Dokumente und Einstellungen\Standard\Lokale Einstellungen\Temp\0_0u_l.exe (Spyware.Zeus) -> Keine Aktion durchgeführt.
(Ende)
OTL: Code:
OTL logfile created on: 03.07.2012 08:15:12 - Run 3
OTL by OldTimer - Version 3.2.53.0 Folder = C:\Dokumente und Einstellungen\Standard\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000C07 | Country: Österreich | Language: DEA | Date Format: dd.MM.yyyy
1,93 Gb Total Physical Memory | 1,12 Gb Available Physical Memory | 57,86% Memory free
4,68 Gb Paging File | 4,02 Gb Available in Paging File | 85,96% Paging File free
Paging file location(s): C:\pagefile.sys 2965 4092 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 216,87 Gb Total Space | 171,87 Gb Free Space | 79,25% Space Free | Partition Type: NTFS
Drive D: | 16,00 Gb Total Space | 11,85 Gb Free Space | 74,06% Space Free | Partition Type: NTFS
Drive S: | 135,66 Gb Total Space | 1,54 Gb Free Space | 1,13% Space Free | Partition Type: NTFS
Drive X: | 135,66 Gb Total Space | 1,54 Gb Free Space | 1,13% Space Free | Partition Type: NTFS
Computer Name: HP46822210828 | User Name: Standard | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2012.06.25 09:40:03 | 000,596,992 | ---- | M] (OldTimer Tools) -- C:\Dokumente und Einstellungen\Standard\Desktop\OTL.exe
PRC - [2012.06.15 00:17:36 | 000,913,888 | ---- | M] (Mozilla Corporation) -- C:\Programme\Mozilla Firefox\firefox.exe
PRC - [2012.04.04 15:56:38 | 000,981,680 | ---- | M] (Malwarebytes Corporation) -- C:\Programme\Malwarebytes' Anti-Malware\mbam.exe
PRC - [2012.03.26 17:08:12 | 000,931,200 | ---- | M] (Microsoft Corporation) -- C:\Programme\Microsoft Security Client\msseces.exe
PRC - [2012.03.26 17:03:40 | 000,011,552 | ---- | M] (Microsoft Corporation) -- C:\Programme\Microsoft Security Client\MsMpEng.exe
PRC - [2011.10.09 17:02:32 | 000,055,144 | ---- | M] (Apple Inc.) -- C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\AppleMobileDeviceService.exe
PRC - [2011.02.02 14:08:16 | 000,018,656 | ---- | M] () -- C:\Programme\Autodesk\Content Service\Connect.Service.ContentService.exe
PRC - [2010.07.13 11:53:20 | 003,152,384 | ---- | M] (Luis Cobian, CobianSoft) -- C:\Programme\Cobian Backup 10\cbInterface.exe
PRC - [2010.07.13 11:53:18 | 001,125,376 | ---- | M] (Luis Cobian, CobianSoft) -- C:\Programme\Cobian Backup 10\cbService.exe
PRC - [2010.07.13 11:45:40 | 000,067,584 | ---- | M] (CobianSoft, Luis Cobian) -- C:\Programme\Cobian Backup 10\cbVSCService.exe
PRC - [2009.12.16 17:44:36 | 003,750,400 | ---- | M] (SafeNet Inc.) -- C:\windows\system32\hasplms.exe
PRC - [2009.06.17 13:21:20 | 000,073,728 | ---- | M] (Hewlett-Packard Company) -- C:\Programme\Gemeinsame Dateien\LightScribe\LSSrvc.exe
PRC - [2009.06.17 13:13:36 | 002,363,392 | ---- | M] (Hewlett-Packard Company) -- C:\Programme\Gemeinsame Dateien\LightScribe\LightScribeControlPanel.exe
PRC - [2009.01.28 14:21:48 | 000,075,024 | ---- | M] (Bioscrypt Inc.) -- C:\Programme\Hewlett-Packard\IAM\Bin\asghost.exe
PRC - [2008.10.14 16:59:10 | 000,077,824 | ---- | M] (Hewlett-Packard) -- C:\Programme\Hewlett-Packard\File Sanitizer\HPFSService.exe
PRC - [2008.10.14 16:58:34 | 010,248,192 | ---- | M] (Hewlett-Packard) -- C:\Programme\Hewlett-Packard\File Sanitizer\CoreShredder.exe
PRC - [2008.10.03 13:33:12 | 001,185,016 | ---- | M] (AuthenTec, Inc.) -- C:\Programme\Fingerprint Sensor\AtService.exe
PRC - [2008.10.01 15:01:14 | 000,256,544 | ---- | M] (SafeBoot International) -- C:\Programme\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe
PRC - [2008.07.19 20:40:59 | 002,054,680 | ---- | M] (Intel Corporation) -- C:\Programme\Gemeinsame Dateien\Intel\Privacy Icon\UNS\UNS.exe
PRC - [2008.07.19 20:40:54 | 000,773,144 | ---- | M] (Intel Corporation) -- C:\Programme\Gemeinsame Dateien\Intel\Privacy Icon\PrivacyIconClient.exe
PRC - [2008.07.19 20:40:53 | 000,174,616 | ---- | M] (Intel Corporation) -- C:\Programme\Intel\AMT\LMS.exe
PRC - [2008.04.14 11:00:00 | 001,036,800 | ---- | M] (Microsoft Corporation) -- C:\windows\explorer.exe
PRC - [2007.11.27 17:42:14 | 000,185,896 | ---- | M] (ActivIdentity) -- C:\Programme\ActivIdentity\ActivClient\accoca.exe
PRC - [2007.11.27 17:42:12 | 000,093,736 | ---- | M] (ActivIdentity) -- C:\Programme\ActivIdentity\ActivClient\acevents.exe
PRC - [2007.11.27 17:40:42 | 000,298,536 | ---- | M] (ActivIdentity) -- C:\Programme\ActivIdentity\ActivClient\accrdsub.exe
PRC - [2007.07.24 11:15:14 | 000,185,632 | ---- | M] (Protexis Inc.) -- C:\Programme\Gemeinsame Dateien\Protexis\License Service\PsiService_2.exe
PRC - [2007.01.04 19:48:50 | 000,112,152 | ---- | M] (InterVideo) -- C:\Programme\Gemeinsame Dateien\InterVideo\RegMgr\iviRegMgr.exe
PRC - [2006.10.30 10:00:00 | 001,116,920 | ---- | M] (Roxio) -- C:\Programme\Roxio\Drag-to-Disc\DrgToDsc.exe
PRC - [2006.07.10 10:53:08 | 000,872,448 | ---- | M] () -- C:\windows\SMINST\Scheduler.exe
========== Modules (No Company Name) ==========
MOD - [2012.06.15 00:17:55 | 002,042,848 | ---- | M] () -- C:\Programme\Mozilla Firefox\mozjs.dll
MOD - [2012.06.14 08:17:16 | 001,211,904 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.WorkflowServ#\eed3da66d4b3306d756d3115df0f6bb1\System.WorkflowServices.ni.dll
MOD - [2012.06.14 08:15:39 | 000,221,696 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.ServiceProce#\9f4f7e7199d4544f6621af546956e84d\System.ServiceProcess.ni.dll
MOD - [2012.06.14 08:10:21 | 000,212,992 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\8b84bb74d7724e147a642a1d5358feb7\System.ServiceProcess.ni.dll
MOD - [2012.06.13 21:56:16 | 012,433,920 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\01abbadafaf265d9f4ac9bbb247acb98\System.Windows.Forms.ni.dll
MOD - [2012.06.13 21:56:08 | 001,592,320 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Drawing\d86f2038209a4cf0d0f5b30f6375c9b2\System.Drawing.ni.dll
MOD - [2012.06.13 21:55:22 | 002,048,000 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.Xml.dll
MOD - [2012.06.13 21:55:22 | 000,258,048 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.Security\2.0.0.0__b03f5f7f11d50a3a\System.Security.dll
MOD - [2012.06.13 21:55:21 | 003,186,688 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll
MOD - [2012.06.13 21:49:49 | 001,666,048 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Drawing\3d0c73f63305fa092666e6488634d025\System.Drawing.ni.dll
MOD - [2012.05.11 03:23:37 | 000,365,056 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.ServiceModel#\c59256d906eb8bf251fdcade8d3e8db8\System.ServiceModel.Routing.ni.dll
MOD - [2012.05.11 03:23:36 | 001,128,960 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.ServiceModel#\cac970090ee40f6eb194fcc66391d99f\System.ServiceModel.Discovery.ni.dll
MOD - [2012.05.11 03:23:35 | 000,082,432 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.ServiceModel#\76ba7b2f5232c390b8db9dfcd935af93\System.ServiceModel.Channels.ni.dll
MOD - [2012.05.11 03:23:22 | 001,387,520 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.ServiceModel#\49d13cef799a2cbb948f3292a87995fe\System.ServiceModel.Activities.ni.dll
MOD - [2012.05.11 03:23:19 | 001,072,128 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.IdentityModel\9c5381e06b81e9859210d9164288cd8b\System.IdentityModel.ni.dll
MOD - [2012.05.11 03:23:18 | 017,996,800 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.ServiceModel\8be0d48c6312a96e2ff0fd5bafb70469\System.ServiceModel.ni.dll
MOD - [2012.05.11 03:23:03 | 001,051,648 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.ServiceModel#\fb1dafd33ea1f8f4c8ced2c9299bd366\System.ServiceModel.Web.ni.dll
MOD - [2012.05.11 03:20:24 | 001,897,472 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Web.Services\e404c896d6d1a01caa638580ced9bec2\System.Web.Services.ni.dll
MOD - [2012.05.11 03:20:12 | 000,786,944 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.EnterpriseSe#\56d1e62510421b3721142688b44a581b\System.EnterpriseServices.ni.dll
MOD - [2012.05.11 03:20:12 | 000,236,032 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.EnterpriseSe#\56d1e62510421b3721142688b44a581b\System.EnterpriseServices.Wrapper.dll
MOD - [2012.05.11 03:20:11 | 000,646,656 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Transactions\530e202cb070fa04243f083c48c7723c\System.Transactions.ni.dll
MOD - [2012.05.11 03:20:10 | 001,020,928 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Runtime.Dura#\3434c23fcc8dfcf056d06f0328d2225d\System.Runtime.DurableInstancing.ni.dll
MOD - [2012.05.11 03:20:09 | 000,142,848 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\SMDiagnostics\13a7f21e234d2c7587f7a0b58a17d591\SMDiagnostics.ni.dll
MOD - [2012.05.11 03:20:08 | 002,637,312 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Runtime.Seri#\d0b065445b421ccf5e2beb5eecc45a48\System.Runtime.Serialization.ni.dll
MOD - [2012.05.11 03:14:04 | 002,295,296 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Core\38d07a5ac34b99d94fd14f42e779f625\System.Core.ni.dll
MOD - [2012.05.11 03:12:26 | 005,450,752 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Xml\3bba1b8b0b5ef0be238b011cc7a0575e\System.Xml.ni.dll
MOD - [2012.05.11 03:12:18 | 007,953,408 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\e4b5afc4da43b1c576f9322f9f2e1bfe\System.ni.dll
MOD - [2012.05.11 03:12:08 | 011,492,352 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\e337c89bc9f81b69d7237aa70e935900\mscorlib.ni.dll
MOD - [2012.05.11 03:04:26 | 006,798,336 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Data\6100a4d8635f4e12d3ab23545dbc7dcc\System.Data.ni.dll
MOD - [2012.05.11 03:04:16 | 005,618,176 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Xml\6e70ff4b74bed30aa8751253ed8aee56\System.Xml.ni.dll
MOD - [2012.05.11 03:04:15 | 007,052,800 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Core\0ad566912479454ed9ce37fb09de2715\System.Core.ni.dll
MOD - [2012.05.11 03:04:13 | 000,980,480 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Configuration\4b1f1878bf47391d09f9e256fde70e4b\System.Configuration.ni.dll
MOD - [2012.05.11 03:04:03 | 009,090,560 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System\5339ecdda252537e37def11dc77c77aa\System.ni.dll
MOD - [2012.05.11 03:03:54 | 014,413,824 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\mscorlib\1bdf7de454340e0ea9fc455aeaec49d9\mscorlib.ni.dll
MOD - [2012.04.04 07:53:56 | 000,301,056 | ---- | M] () -- C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\PDFShell.DEU
MOD - [2011.06.24 22:56:36 | 000,087,328 | ---- | M] () -- C:\Programme\Gemeinsame Dateien\Apple\Apple Application Support\zlib1.dll
MOD - [2011.06.24 22:56:14 | 001,241,888 | ---- | M] () -- C:\Programme\Gemeinsame Dateien\Apple\Apple Application Support\libxml2.dll
MOD - [2011.02.02 14:08:16 | 000,018,656 | ---- | M] () -- C:\Programme\Autodesk\Content Service\Connect.Service.ContentService.exe
MOD - [2009.10.13 02:26:07 | 000,430,080 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.Windows.Forms.resources\2.0.0.0_de_b77a5c561934e089\System.Windows.Forms.resources.dll
MOD - [2009.10.13 02:26:07 | 000,311,296 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll
MOD - [2009.10.13 02:26:07 | 000,208,896 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.resources\2.0.0.0_de_b77a5c561934e089\System.resources.dll
MOD - [2009.10.13 02:26:07 | 000,040,960 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.ServiceProcess.resources\2.0.0.0_de_b03f5f7f11d50a3a\System.ServiceProcess.resources.dll
MOD - [2009.10.13 02:26:07 | 000,024,576 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.Drawing.resources\2.0.0.0_de_b03f5f7f11d50a3a\System.Drawing.resources.dll
MOD - [2009.06.17 12:40:16 | 007,745,536 | ---- | M] () -- C:\Programme\Gemeinsame Dateien\LightScribe\QtGui4.dll
MOD - [2009.06.17 12:40:16 | 002,121,728 | ---- | M] () -- C:\Programme\Gemeinsame Dateien\LightScribe\QtCore4.dll
MOD - [2009.06.17 12:40:16 | 000,135,168 | ---- | M] () -- C:\Programme\Gemeinsame Dateien\LightScribe\plugins\imageformats\qjpeg4.dll
MOD - [2008.02.22 11:22:32 | 000,055,792 | ---- | M] () -- C:\windows\system32\DLAAPI_W.DLL
MOD - [2007.11.27 17:41:06 | 000,114,688 | ---- | M] () -- C:\windows\system32\aicext.dll
MOD - [2006.07.10 10:53:08 | 000,872,448 | ---- | M] () -- C:\windows\SMINST\Scheduler.exe
MOD - [2001.10.28 18:42:30 | 000,116,224 | ---- | M] () -- C:\windows\system32\pdfcmnnt.dll
========== Win32 Services (SafeList) ==========
SRV - File not found [Disabled | Stopped] -- %SystemRoot%\System32\hidserv.dll -- (HidServ)
SRV - File not found [On_Demand | Stopped] -- C:\Programme\NOS\bin\getPlus_Helper.dll -- (getPlusHelper) getPlus(R)
SRV - File not found [Auto | Stopped] -- C:\DOKUME~1\ADMINI~1\LOKALE~1\Temp\004432~1.EXE C:\PROGRA~1\GEMEIN~1\McAfee\INSTAL~1\cleanup.ini -- (0044321259253414mcinstcleanup) McAfee Application Installer Cleanup (0044321259253414)
SRV - [2012.06.15 00:17:46 | 000,113,120 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012.03.26 17:03:40 | 000,011,552 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)
SRV - [2011.10.09 17:02:32 | 000,055,144 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2011.07.22 09:03:02 | 001,044,816 | ---- | M] (Flexera Software, Inc.) [On_Demand | Stopped] -- C:\Programme\Gemeinsame Dateien\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2011.07.20 06:18:24 | 000,440,696 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE12\ODSERV.EXE -- (odserv)
SRV - [2011.02.02 14:08:16 | 000,018,656 | ---- | M] () [Auto | Running] -- C:\Programme\Autodesk\Content Service\Connect.Service.ContentService.exe -- (Autodesk Content Service)
SRV - [2010.07.13 11:53:18 | 001,125,376 | ---- | M] (Luis Cobian, CobianSoft) [Auto | Running] -- C:\Programme\Cobian Backup 10\cbService.exe -- (CobianBackup10)
SRV - [2010.07.13 11:45:40 | 000,067,584 | ---- | M] (CobianSoft, Luis Cobian) [Auto | Running] -- C:\Programme\Cobian Backup 10\cbVSCService.exe -- (cbVSCService)
SRV - [2009.12.16 17:44:36 | 003,750,400 | ---- | M] (SafeNet Inc.) [Auto | Running] -- C:\windows\system32\hasplms.exe -- (hasplms)
SRV - [2009.10.13 02:45:46 | 000,156,160 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\windows\system32\imapihp.exe -- (ImapiService)
SRV - [2009.06.17 13:21:20 | 000,073,728 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Programme\Gemeinsame Dateien\LightScribe\LSSrvc.exe -- (LightScribeService)
SRV - [2009.02.11 23:01:06 | 000,045,056 | ---- | M] (Hewlett-Packard Development Company, L.P) [On_Demand | Stopped] -- C:\Programme\Hewlett-Packard\HP ProtectTools Security Manager\PTChangeFilterService.exe -- (HP ProtectTools Service)
SRV - [2009.01.28 14:15:16 | 000,186,640 | ---- | M] (Bioscrypt Inc.) [Auto | Running] -- C:\Programme\Hewlett-Packard\IAM\Bin\ASWLNPkg.dll -- (ASBroker)
SRV - [2009.01.28 14:15:10 | 000,149,776 | ---- | M] (Bioscrypt Inc.) [Auto | Running] -- C:\Programme\Hewlett-Packard\IAM\Bin\ASChnl.dll -- (ASChannel)
SRV - [2008.10.14 16:59:10 | 000,077,824 | ---- | M] (Hewlett-Packard) [Auto | Running] -- C:\Programme\Hewlett-Packard\File Sanitizer\HPFSService.exe -- (HPFSService)
SRV - [2008.10.03 13:33:12 | 001,185,016 | ---- | M] (AuthenTec, Inc.) [Auto | Running] -- C:\Programme\Fingerprint Sensor\AtService.exe -- (ATService)
SRV - [2008.10.01 15:01:14 | 000,256,544 | ---- | M] (SafeBoot International) [Auto | Running] -- C:\Programme\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe -- (HpFkCryptService)
SRV - [2008.08.06 15:24:40 | 000,349,432 | ---- | M] (Hewlett-Packard Ltd) [On_Demand | Stopped] -- C:\windows\system32\flcdlock.exe -- (FLCDLOCK)
SRV - [2008.07.19 20:40:59 | 002,054,680 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Programme\Gemeinsame Dateien\Intel\Privacy Icon\UNS\UNS.exe -- (UNS) Intel(R)
SRV - [2008.07.19 20:40:53 | 000,174,616 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Programme\Intel\AMT\LMS.exe -- (LMS) Intel(R)
SRV - [2007.11.27 17:42:14 | 000,185,896 | ---- | M] (ActivIdentity) [Auto | Running] -- C:\Programme\ActivIdentity\ActivClient\accoca.exe -- (accoca)
SRV - [2007.07.24 11:15:14 | 000,185,632 | ---- | M] (Protexis Inc.) [Auto | Running] -- C:\Programme\Gemeinsame Dateien\Protexis\License Service\PsiService_2.exe -- (PSI_SVC_2)
SRV - [2007.01.04 19:48:50 | 000,112,152 | ---- | M] (InterVideo) [Auto | Running] -- C:\Programme\Gemeinsame Dateien\InterVideo\RegMgr\iviRegMgr.exe -- (IviRegMgr)
SRV - [2006.11.06 14:31:14 | 000,887,544 | ---- | M] (Sonic Solutions) [On_Demand | Stopped] -- C:\Programme\Gemeinsame Dateien\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe -- (RoxMediaDB9)
SRV - [2006.11.01 12:17:32 | 000,073,728 | R--- | M] (MicroVision Development, Inc.) [On_Demand | Stopped] -- C:\Programme\Gemeinsame Dateien\SureThing Shared\stllssvr.exe -- (stllssvr)
SRV - [2006.10.26 14:03:08 | 000,145,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE -- (ose)
SRV - [2004.10.22 04:24:18 | 000,073,728 | ---- | M] (Macrovision Corporation) [On_Demand | Stopped] -- C:\Programme\Roxio\Roxio MyDVD Basic v9\InstallShield\Driver\1050\Intel 32\IDriverT.exe -- (IDriverT)
========== Driver Services (SafeList) ==========
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - [2012.07.03 08:11:41 | 000,040,776 | ---- | M] (Malwarebytes Corporation) [Kernel | On_Demand | Running] -- C:\windows\system32\drivers\mbamswissarmy.sys -- (MBAMSwissArmy)
DRV - [2012.07.03 08:09:42 | 000,029,904 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Microsoft\Microsoft Antimalware\Definition Updates\{961BECB4-9616-4502-B6E7-E4384E02398A}\MpKsl9fef4e7f.sys -- (MpKsl9fef4e7f)
DRV - [2011.09.07 10:18:26 | 000,059,776 | ---- | M] (SCM Microsystems Inc.) [Kernel | On_Demand | Stopped] -- C:\windows\system32\drivers\SCR3XX2K.sys -- (SCR3XX2K)
DRV - [2009.12.09 22:27:18 | 000,588,800 | ---- | M] (SafeNet Inc.) [Kernel | Auto | Running] -- C:\windows\system32\drivers\hardlock.sys -- (hardlock)
DRV - [2009.08.20 08:01:50 | 000,356,864 | ---- | M] (Aladdin Knowledge Systems Ltd.) [Kernel | Auto | Running] -- C:\windows\system32\drivers\aksfridge.sys -- (aksfridge)
DRV - [2009.05.15 18:15:14 | 000,214,024 | ---- | M] (McAfee, Inc.) [Kernel | System | Running] -- C:\windows\system32\drivers\mfehidk.sys -- (mfehidk)
DRV - [2009.05.15 18:15:14 | 000,079,816 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\windows\system32\drivers\mfeavfk.sys -- (MfeAVFK)
DRV - [2009.05.15 18:15:14 | 000,055,336 | ---- | M] (McAfee, Inc.) [Kernel | System | Running] -- C:\windows\system32\drivers\mfetdik.sys -- (mfetdik)
DRV - [2009.05.15 18:15:14 | 000,035,272 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\windows\system32\drivers\mfebopk.sys -- (MfeBOPK)
DRV - [2009.05.15 18:15:14 | 000,034,248 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\windows\system32\drivers\mferkdk.sys -- (MfeRKDK)
DRV - [2009.03.13 12:55:26 | 000,238,208 | ---- | M] (Aladdin Knowledge Systems Ltd.) [Kernel | On_Demand | Stopped] -- C:\windows\system32\drivers\akshasp.sys -- (akshasp)
DRV - [2008.11.26 19:20:38 | 000,030,816 | ---- | M] (Intel Corporation ) [Kernel | On_Demand | Stopped] -- C:\windows\system32\drivers\iqvw32.sys -- (NAL)
DRV - [2008.10.24 20:32:24 | 000,149,600 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\windows\system32\drivers\e1k5132.sys -- (e1kexpress) Intel(R)
DRV - [2008.10.19 10:19:05 | 000,072,704 | ---- | M] (WIBU-SYSTEMS AG) [Kernel | Auto | Running] -- C:\windows\system32\drivers\WibuKey.sys -- (WIBUKEY)
DRV - [2008.10.01 15:02:04 | 000,051,408 | ---- | M] (SafeBoot N.V.) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\SbAlg.sys -- (SbAlg)
DRV - [2008.10.01 15:02:02 | 000,012,960 | ---- | M] (SafeBoot International) [File_System | Boot | Running] -- C:\WINDOWS\System32\drivers\SbFsLock.sys -- (SbFsLock)
DRV - [2008.10.01 15:02:00 | 000,012,528 | ---- | M] (SafeBoot International) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\rsvlock.sys -- (RsvLock)
DRV - [2008.10.01 15:01:58 | 000,109,216 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\SafeBoot.sys -- (SafeBoot)
DRV - [2008.08.06 14:43:30 | 000,032,256 | ---- | M] (Hewlett-Packard Development Company L.P.) [Kernel | On_Demand | Stopped] -- C:\windows\system32\drivers\DAMDrv.sys -- (DAMDrv)
DRV - [2008.07.19 20:40:47 | 000,040,832 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\windows\system32\drivers\HECI.sys -- (HECI) Intel(R)
DRV - [2008.04.14 02:04:34 | 000,019,455 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\windows\system32\drivers\wVchNTxx.sys -- (iAimFP4)
DRV - [2008.04.14 02:04:32 | 000,012,063 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\windows\system32\drivers\wSiINTxx.sys -- (iAimFP3)
DRV - [2008.04.14 02:04:30 | 000,033,599 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\windows\system32\drivers\wATV04nt.sys -- (iAimTV3)
DRV - [2008.04.14 02:04:30 | 000,029,311 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\windows\system32\drivers\wATV01nt.sys -- (iAimTV0)
DRV - [2008.04.14 02:04:30 | 000,025,471 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\windows\system32\drivers\wATV10nt.sys -- (iAimTV5)
DRV - [2008.04.14 02:04:30 | 000,023,615 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\windows\system32\drivers\wCh7xxNT.sys -- (iAimTV4)
DRV - [2008.04.14 02:04:30 | 000,022,271 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\windows\system32\drivers\wATV06nt.sys -- (iAimTV6)
DRV - [2008.04.14 02:04:30 | 000,019,551 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\windows\system32\drivers\wATV02NT.sys -- (iAimTV1)
DRV - [2008.04.14 02:04:28 | 000,161,020 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\windows\system32\drivers\i81xnt5.sys -- (i81x)
DRV - [2008.04.14 02:04:28 | 000,012,415 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\windows\system32\drivers\wADV01nt.sys -- (iAimFP0)
DRV - [2008.04.14 02:04:28 | 000,012,127 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\windows\system32\drivers\wADV02NT.sys -- (iAimFP1)
DRV - [2008.04.14 02:04:28 | 000,011,871 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\windows\system32\drivers\wADV09NT.sys -- (iAimFP7)
DRV - [2008.04.14 02:04:28 | 000,011,807 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\windows\system32\drivers\wADV07nt.sys -- (iAimFP5)
DRV - [2008.04.14 02:04:28 | 000,011,775 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\windows\system32\drivers\wADV05NT.sys -- (iAimFP2)
DRV - [2008.04.14 02:04:28 | 000,011,295 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\windows\system32\drivers\wADV08NT.sys -- (iAimFP6)
DRV - [2008.03.28 20:14:02 | 000,024,064 | ---- | M] (Sonic Focus, Inc) [Kernel | Boot | Running] -- C:\windows\system32\drivers\sfaudio.sys -- (SFAUDIO)
DRV - [2008.02.22 11:22:52 | 000,009,168 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\windows\system32\DLA\DLADResM.SYS -- (DLADResM)
DRV - [2008.02.22 11:22:38 | 000,094,384 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\windows\system32\DLA\DLAUDFAM.SYS -- (DLAUDFAM)
DRV - [2008.02.22 11:22:38 | 000,034,832 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\windows\system32\DLA\DLABMFSM.SYS -- (DLABMFSM)
DRV - [2008.02.22 11:22:36 | 000,097,584 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\windows\system32\DLA\DLAUDF_M.SYS -- (DLAUDF_M)
DRV - [2008.02.22 11:22:36 | 000,026,032 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\windows\system32\DLA\DLAOPIOM.SYS -- (DLAOPIOM)
DRV - [2008.02.22 11:22:34 | 000,032,208 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\windows\system32\DLA\DLABOIOM.SYS -- (DLABOIOM)
DRV - [2008.02.22 11:22:34 | 000,014,256 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\windows\system32\DLA\DLAPoolM.SYS -- (DLAPoolM)
DRV - [2008.02.22 11:22:32 | 000,104,240 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\windows\system32\DLA\DLAIFS_M.SYS -- (DLAIFS_M)
DRV - [2007.12.18 19:46:34 | 000,044,800 | ---- | M] (Infineon Technologies AG) [Kernel | On_Demand | Running] -- C:\windows\system32\drivers\ifxtpm.sys -- (IFXTPM)
DRV - [2007.04.17 20:09:28 | 000,011,032 | ---- | M] (InterVideo) [Kernel | Auto | Running] -- C:\windows\system32\drivers\regi.sys -- (regi)
DRV - [2007.02.08 21:05:30 | 000,028,120 | ---- | M] (Roxio) [File_System | System | Running] -- C:\windows\system32\drivers\DLARTL_M.SYS -- (DLARTL_M)
DRV - [2007.02.08 21:05:30 | 000,012,856 | ---- | M] (Roxio) [File_System | System | Running] -- C:\windows\system32\drivers\DLACDBHM.SYS -- (DLACDBHM)
DRV - [2006.11.22 11:01:48 | 000,100,096 | ---- | M] (Aladdin Knowledge Systems Ltd.) [Kernel | On_Demand | Stopped] -- C:\windows\system32\drivers\aksusb.sys -- (aksusb)
DRV - [2002.04.04 16:32:06 | 000,028,416 | R--- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\windows\system32\drivers\symmpi.sys -- (Symmpi)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.hp.com
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.hp.com
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.hp.com
IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.hp.com
IE - HKU\S-1-5-21-692657690-1026793429-2475828347-1009\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.at/
IE - HKU\S-1-5-21-692657690-1026793429-2475828347-1009\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-692657690-1026793429-2475828347-1009\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKU\S-1-5-21-692657690-1026793429-2475828347-1009\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7ADRA_de
IE - HKU\S-1-5-21-692657690-1026793429-2475828347-1009\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2736476
IE - HKU\S-1-5-21-692657690-1026793429-2475828347-1009\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-692657690-1026793429-2475828347-1009\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
========== FireFox ==========
FF - prefs.js..browser.startup.homepage: "hxxp://www.google.at/"
FF - prefs.js..network.proxy.no_proxies_on: "*.local"
FF - prefs.js..network.proxy.type: 0
FF - user.js - File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Programme\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Programme\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Programme\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Programme\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Programme\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Components: C:\Programme\Mozilla Firefox\components [2012.06.25 08:59:40 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Plugins: C:\Programme\Mozilla Firefox\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{1650a312-02bc-40ee-977e-83f158701739}: C:\Programme\SiteAdvisor\6173\FF\
[2012.06.25 09:00:08 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\Standard\Anwendungsdaten\Mozilla\Extensions
[2012.07.03 08:12:19 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\Standard\Anwendungsdaten\Mozilla\Firefox\Profiles\vspuk9cz.default\extensions
[2012.06.25 09:04:04 | 000,000,000 | ---D | M] (WOT) -- C:\Dokumente und Einstellungen\Standard\Anwendungsdaten\Mozilla\Firefox\Profiles\vspuk9cz.default\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
[2012.06.25 09:04:04 | 000,000,000 | ---D | M] (Ghostery) -- C:\Dokumente und Einstellungen\Standard\Anwendungsdaten\Mozilla\Firefox\Profiles\vspuk9cz.default\extensions\firefox@ghostery.com
[2012.07.03 08:12:19 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\Standard\Anwendungsdaten\Mozilla\Firefox\Profiles\vspuk9cz.default\extensions\staged
[2012.06.25 08:59:40 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
[2012.06.25 09:04:04 | 000,525,301 | ---- | M] () (No name found) -- C:\DOKUMENTE UND EINSTELLUNGEN\STANDARD\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\VSPUK9CZ.DEFAULT\EXTENSIONS\{73A6FE31-595D-460B-A920-FCC0F8843232}.XPI
[2012.06.15 00:19:07 | 000,085,472 | ---- | M] (Mozilla Foundation) -- C:\Programme\mozilla firefox\components\browsercomps.dll
[2012.06.15 00:46:57 | 000,001,392 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012.06.15 00:46:56 | 000,002,252 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\bing.xml
[2012.06.15 00:46:57 | 000,001,153 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\eBay-de.xml
[2012.06.15 00:46:57 | 000,006,805 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\leo_ende_de.xml
[2012.06.15 00:46:57 | 000,001,178 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\wikipedia-de.xml
[2012.06.15 00:46:56 | 000,001,105 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\yahoo-de.xml
O1 HOSTS File: ([2008.04.14 11:00:00 | 000,000,820 | ---- | M]) - C:\windows\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (BHO_Startup Class) - {3134413B-49B4-425C-98A5-893C1F195601} - C:\Programme\Hewlett-Packard\File Sanitizer\IEBHO.dll (Hewlett-Packard)
O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre1.6.0_07\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programme\Google\GoogleToolbarNotifier\5.7.7227.1100\swg.dll (Google Inc.)
O2 - BHO: (Credential Manager for HP ProtectTools) - {DF21F1DB-80C6-11D3-9483-B03D0EC10000} - C:\Programme\Hewlett-Packard\IAM\Bin\ItIEAddIn.dll (Bioscrypt Inc.)
O3 - HKLM\..\Toolbar: (no name) - {0BF43445-2F28-4351-9252-17FE6E806AA0} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - {7e111a5c-3d11-4f56-9463-5310c3c69025} - No CLSID value found.
O3 - HKU\S-1-5-21-692657690-1026793429-2475828347-1009\..\Toolbar\WebBrowser: (no name) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - No CLSID value found.
O3 - HKU\S-1-5-21-692657690-1026793429-2475828347-1009\..\Toolbar\WebBrowser: (no name) - {7E111A5C-3D11-4F56-9463-5310C3C69025} - No CLSID value found.
O4 - HKLM..\Run: [accrdsub] C:\Programme\ActivIdentity\ActivClient\accrdsub.exe (ActivIdentity)
O4 - HKLM..\Run: [Adobe ARM] C:\Programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [APSDaemon] C:\Programme\Gemeinsame Dateien\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [Cobian Backup 10 Interface] C:\Programme\Cobian Backup 10\cbInterface.exe (Luis Cobian, CobianSoft)
O4 - HKLM..\Run: [CognizanceTS] C:\Programme\Hewlett-Packard\IAM\Bin\ASTSVCC.dll (Bioscrypt Inc.)
O4 - HKLM..\Run: [File Sanitizer] C:\Programme\Hewlett-Packard\File Sanitizer\CoreShredder.exe (Hewlett-Packard)
O4 - HKLM..\Run: [MSC] C:\Programme\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4 - HKLM..\Run: [picon] C:\Programme\Gemeinsame Dateien\Intel\Privacy Icon\PrivacyIconClient.exe (Intel Corporation)
O4 - HKLM..\Run: [PTHOSTTR] C:\Programme\Hewlett-Packard\HP ProtectTools Security Manager\PTHOSTTR.EXE (Hewlett-Packard Development Company, L.P.)
O4 - HKLM..\Run: [Recguard] C:\windows\SMINST\Recguard.exe ()
O4 - HKLM..\Run: [Reminder] C:\windows\CREATOR\Remind_XP.exe ()
O4 - HKLM..\Run: [RoxioDragToDisc] C:\Programme\Roxio\Drag-to-Disc\DrgToDsc.exe (Roxio)
O4 - HKLM..\Run: [Scheduler] C:\windows\SMINST\Scheduler.exe ()
O4 - HKLM..\Run: [SetRefresh] C:\Programme\Compaq\SetRefresh\SetRefresh.exe (Hewlett-Packard Company)
O4 - HKU\.DEFAULT..\Run: [DWQueuedReporting] C:\Programme\Gemeinsame Dateien\Microsoft Shared\DW\DWTRIG20.EXE (Microsoft Corporation)
O4 - HKU\S-1-5-18..\Run: [DWQueuedReporting] C:\Programme\Gemeinsame Dateien\Microsoft Shared\DW\DWTRIG20.EXE (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [LightScribe Control Panel] C:\Programme\Gemeinsame Dateien\LightScribe\LightScribeControlPanel.exe (Hewlett-Packard Company)
O4 - HKU\S-1-5-21-692657690-1026793429-2475828347-1009..\Run: [LightScribe Control Panel] C:\Programme\Gemeinsame Dateien\LightScribe\LightScribeControlPanel.exe (Hewlett-Packard Company)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-692657690-1026793429-2475828347-1009\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: An vorhandene PDF-Datei anfügen - res://C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html File not found
O8 - Extra context menu item: Google Sidewiki... - res://C:\Programme\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_E11712C84EA7E12B.dll/cmsidewiki.html File not found
O8 - Extra context menu item: Linkziel an vorhandene PDF-Datei anhängen - res://C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html File not found
O8 - Extra context menu item: Linkziel in Adobe PDF konvertieren - res://C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html File not found
O9 - Extra 'Tools' menuitem : Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.6.0_07\bin\npjpi160_07.dll (Sun Microsystems, Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O15 - HKLM\..Trusted Domains: //about.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //Exclude.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //FWEvent.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //LanguageSelection.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //Message.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //MyAgttryCmd.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //MyAgttryNag.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //MyNotification.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //NOCLessUpdate.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //quarantine.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //ScanNow.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //strings.vbs/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //Template.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //Update.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //VirFound.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: mcafee.com ([*] http in Trusted sites)
O15 - HKLM\..Trusted Domains: mcafee.com ([*] https in Trusted sites)
O15 - HKLM\..Trusted Domains: mcafeeasap.com ([betavscan] http in Trusted sites)
O15 - HKLM\..Trusted Domains: mcafeeasap.com ([betavscan] https in Trusted sites)
O15 - HKLM\..Trusted Domains: mcafeeasap.com ([vs] http in Trusted sites)
O15 - HKLM\..Trusted Domains: mcafeeasap.com ([vs] https in Trusted sites)
O15 - HKLM\..Trusted Domains: mcafeeasap.com ([www] http in Trusted sites)
O15 - HKLM\..Trusted Domains: mcafeeasap.com ([www] https in Trusted sites)
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} hxxp://appldnld.apple.com.edgesuite.net/content.info.apple.com/QuickTime/qtactivex/qtplugin.cab (QuickTime Object)
O16 - DPF: {4B54A9DE-EF1C-4EBE-A328-7C28EA3B433A} hxxp://quickscan.bitdefender.com/qsax/qsax.cab (Bitdefender QuickScan Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{1B879D06-B03A-4FC1-8BAF-351BCE51440D}: NameServer = 195.3.96.67,195.3.96.68
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Web Components\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - AppInit_DLLs: (APSHook.dll) - C:\WINDOWS\System32\APSHook.dll (Bioscrypt Inc.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\windows\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\ackpbsc: DllName - (C:\WINDOWS\system32\ackpbsc.dll) - C:\windows\system32\ackpbsc.dll (ActivIdentity)
O20 - Winlogon\Notify\acunlock: DllName - (C:\Programme\ActivIdentity\ActivClient\acunlock.dll) - C:\Programme\ActivIdentity\ActivClient\acunlock.dll (ActivIdentity)
O20 - Winlogon\Notify\avldr: DllName - (avldr.dll) - File not found
O20 - Winlogon\Notify\OneCard: DllName - (C:\Programme\Hewlett-Packard\IAM\Bin\ASWLNPkg.dll) - C:\Programme\Hewlett-Packard\IAM\Bin\ASWLNPkg.dll (Bioscrypt Inc.)
O24 - Desktop Components:0 (Die derzeitige Homepage) - About:Home
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010.12.07 12:11:41 | 000,000,000 | ---- | M] () - C:\Autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2004.04.30 17:01:00 | 000,000,053 | -HS- | M] () - D:\Autorun.inf -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (MACHINE BootExecut)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
========== Files/Folders - Created Within 30 Days ==========
[2012.07.03 08:10:48 | 000,040,776 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2012.07.03 08:09:32 | 000,118,784 | ---- | C] (SoftThinks) -- C:\WINDOWS\System32\chg.exe
[2012.06.25 09:39:57 | 000,596,992 | ---- | C] (OldTimer Tools) -- C:\Dokumente und Einstellungen\Standard\Desktop\OTL.exe
[2012.06.25 08:59:52 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Standard\Lokale Einstellungen\Anwendungsdaten\Mozilla
[2012.06.25 08:59:52 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Standard\Anwendungsdaten\Mozilla
[2012.06.25 08:59:43 | 000,000,000 | ---D | C] -- C:\Programme\Mozilla Maintenance Service
[2012.06.25 08:59:43 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Mozilla
[2012.06.25 08:59:38 | 000,000,000 | ---D | C] -- C:\Programme\Mozilla Firefox
[2012.06.25 08:58:33 | 016,420,744 | ---- | C] (Mozilla) -- C:\Dokumente und Einstellungen\Standard\Desktop\Firefox Setup 13.0.1.exe
[2012.06.22 00:42:47 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\mnrvdmxilcwjniu
[2012.06.13 08:35:38 | 000,521,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\jsdbgui.dll
[2012.06.08 10:23:53 | 000,000,000 | ---D | C] -- C:\Kaspersky Rescue Disk 10.0
[2 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2012.07.03 08:14:00 | 000,531,410 | ---- | M] () -- C:\WINDOWS\System32\perfh007.dat
[2012.07.03 08:14:00 | 000,505,820 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2012.07.03 08:14:00 | 000,106,872 | ---- | M] () -- C:\WINDOWS\System32\perfc007.dat
[2012.07.03 08:14:00 | 000,089,284 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2012.07.03 08:11:41 | 000,040,776 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2012.07.03 08:11:09 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2012.07.03 08:09:32 | 000,118,784 | ---- | M] (SoftThinks) -- C:\WINDOWS\System32\chg.exe
[2012.07.03 08:09:31 | 000,001,090 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2012.07.03 08:08:53 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2012.07.03 08:03:00 | 004,503,728 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\l_u0_0.pad
[2012.07.03 08:02:00 | 000,001,094 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2012.06.28 10:31:37 | 000,000,161 | ---- | M] () -- C:\WINDOWS\dcramm.ini
[2012.06.27 08:50:32 | 000,000,181 | ---- | M] () -- C:\WINDOWS\dcbaug.ini
[2012.06.26 17:41:24 | 000,000,181 | ---- | M] () -- C:\WINDOWS\dcsick.ini
[2012.06.25 10:11:03 | 000,125,886 | ---- | M] () -- C:\Dokumente und Einstellungen\Standard\Desktop\Microsoft Security Essentials.JPG
[2012.06.25 09:40:03 | 000,596,992 | ---- | M] (OldTimer Tools) -- C:\Dokumente und Einstellungen\Standard\Desktop\OTL.exe
[2012.06.25 08:59:06 | 016,420,744 | ---- | M] (Mozilla) -- C:\Dokumente und Einstellungen\Standard\Desktop\Firefox Setup 13.0.1.exe
[2012.06.25 08:31:10 | 000,001,714 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Adobe Reader X.lnk
[2012.06.22 00:42:49 | 000,000,052 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\sdrcamuzxmisdwi
[2012.06.14 08:06:02 | 000,398,344 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2012.06.13 21:48:14 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2012.06.08 12:19:38 | 000,000,756 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Malwarebytes Anti-Malware.lnk
[2012.06.08 10:38:31 | 004,503,728 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\925#!~.pad
[2 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
========== Files Created - No Company Name ==========
[2012.07.03 02:19:08 | 004,503,728 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\l_u0_0.pad
[2012.06.25 10:11:02 | 000,125,886 | ---- | C] () -- C:\Dokumente und Einstellungen\Standard\Desktop\Microsoft Security Essentials.JPG
[2012.06.25 08:59:45 | 000,000,702 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Mozilla Firefox.lnk
[2012.06.25 08:31:10 | 000,002,347 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Adobe Reader X.lnk
[2012.06.25 08:31:10 | 000,001,714 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Adobe Reader X.lnk
[2012.06.22 00:42:45 | 000,000,052 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\sdrcamuzxmisdwi
[2012.06.07 02:11:36 | 004,503,728 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\925#!~.pad
[2012.02.16 13:41:34 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2011.11.07 13:13:55 | 000,074,764 | -H-- | C] () -- C:\WINDOWS\System32\mlfcache.dat
[2011.09.12 10:23:00 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2011.07.22 20:23:10 | 001,223,376 | ---- | C] () -- C:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\Anwendungsdaten\WPFFontCache_v0400-S-1-5-21-692657690-1026793429-2475828347-1009-0.dat
[2011.07.22 20:23:10 | 000,360,790 | ---- | C] () -- C:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\Anwendungsdaten\WPFFontCache_v0400-System.dat
[2011.07.22 09:03:21 | 000,000,143 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Microsoft.SqlServer.Compact.351.32.bc
[2011.05.05 18:07:21 | 000,045,769 | ---- | C] () -- C:\Dokumente und Einstellungen\Standard\.jose.user.preferences
[2011.05.02 18:23:35 | 000,296,089 | ---- | C] () -- C:\WINDOWS\System32\shimg.dll
[2011.04.01 14:51:50 | 000,210,944 | ---- | C] () -- C:\WINDOWS\System32\MSVCRT10.DLL
[2011.04.01 14:51:50 | 000,040,129 | ---- | C] () -- C:\WINDOWS\iccsigs.dat
[2011.04.01 14:51:49 | 000,000,149 | ---- | C] () -- C:\WINDOWS\KPCMS.INI
[2011.01.11 10:46:59 | 000,339,456 | ---- | C] () -- C:\WINDOWS\System32\TX32.DLL
[2011.01.11 10:46:58 | 000,079,872 | ---- | C] () -- C:\WINDOWS\System32\CSAPISTB.DLL
[2011.01.11 10:46:58 | 000,000,202 | ---- | C] () -- C:\WINDOWS\System32\IC32.INI
[2010.11.30 13:45:52 | 000,011,264 | ---- | C] () -- C:\WINDOWS\System32\KOAZ8J_L.DLL
[2010.11.22 17:47:34 | 000,007,168 | ---- | C] () -- C:\Dokumente und Einstellungen\Standard\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.11.08 13:06:34 | 000,000,181 | ---- | C] () -- C:\WINDOWS\dcwink.ini
[2010.11.08 13:06:34 | 000,000,181 | ---- | C] () -- C:\WINDOWS\dcvibro.ini
[2010.11.08 13:06:34 | 000,000,181 | ---- | C] () -- C:\WINDOWS\dcuntf.ini
[2010.11.08 13:06:34 | 000,000,181 | ---- | C] () -- C:\WINDOWS\dcsick.ini
[2010.11.08 13:06:34 | 000,000,181 | ---- | C] () -- C:\WINDOWS\dcsetz.ini
[2010.11.08 13:06:34 | 000,000,181 | ---- | C] () -- C:\WINDOWS\dcpfahl.ini
[2010.11.08 13:06:34 | 000,000,181 | ---- | C] () -- C:\WINDOWS\dcnagel.ini
[2010.11.08 13:06:34 | 000,000,181 | ---- | C] () -- C:\WINDOWS\dcinteg.ini
[2010.11.08 13:06:34 | 000,000,181 | ---- | C] () -- C:\WINDOWS\dcgrub.ini
[2010.11.08 13:06:34 | 000,000,181 | ---- | C] () -- C:\WINDOWS\dcgeotex.ini
[2010.11.08 13:06:34 | 000,000,181 | ---- | C] () -- C:\WINDOWS\dcfund.ini
[2010.11.08 13:06:34 | 000,000,181 | ---- | C] () -- C:\WINDOWS\dcboes.ini
[2010.11.08 13:06:34 | 000,000,181 | ---- | C] () -- C:\WINDOWS\dcbaug.ini
[2010.11.08 13:06:34 | 000,000,181 | ---- | C] () -- C:\WINDOWS\dcabsk.ini
[2010.02.16 08:54:37 | 000,008,627 | ---- | C] () -- C:\Dokumente und Einstellungen\Standard\PAV_FOG.OPC
[2009.11.30 15:26:16 | 000,000,146 | ---- | C] () -- C:\Dokumente und Einstellungen\Standard\Lokale Einstellungen\Anwendungsdaten\fusioncache.dat
========== LOP Check ==========
[2009.11.27 03:23:25 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\SampleView
[2012.02.10 15:47:06 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Autodesk
[2012.06.22 00:42:48 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\mnrvdmxilcwjniu
[2011.05.23 11:57:00 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\nC01811BdDjH01811
[2011.01.21 11:25:40 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Nitro PDF
[2009.12.02 18:19:55 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Panda Security
[2010.03.15 12:35:11 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\PDF Writer
[2009.11.27 03:23:26 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\{174892B1-CBE7-44F5-86FF-AB555EFD73A3}
[2011.11.07 12:16:52 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2009.11.27 03:23:25 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Default User\Anwendungsdaten\SampleView
[2011.09.26 10:42:11 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Standard\Anwendungsdaten\Acuw
[2012.02.10 15:47:06 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Standard\Anwendungsdaten\Autodesk
[2011.01.21 11:24:17 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Standard\Anwendungsdaten\Downloaded Installations
[2011.02.11 09:56:13 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Standard\Anwendungsdaten\GetRightToGo
[2011.01.27 02:46:33 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Standard\Anwendungsdaten\Nitro PDF
[2009.12.02 18:19:55 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Standard\Anwendungsdaten\Panda Security
[2010.03.15 12:35:11 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Standard\Anwendungsdaten\PDF Writer
[2012.04.25 18:32:56 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Standard\Anwendungsdaten\PriceGong
[2012.03.26 14:05:14 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Standard\Anwendungsdaten\QuickScan
[2009.11.27 03:23:25 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Standard\Anwendungsdaten\SampleView
[2011.09.22 21:48:36 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Standard\Anwendungsdaten\Saol
[2011.11.04 12:07:58 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Standard\Anwendungsdaten\TeamViewer
========== Purity Check ==========
< End of report >
Etras: Code:
OTL Extras logfile created on: 03.07.2012 08:15:12 - Run 3
OTL by OldTimer - Version 3.2.53.0 Folder = C:\Dokumente und Einstellungen\Standard\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000C07 | Country: Österreich | Language: DEA | Date Format: dd.MM.yyyy
1,93 Gb Total Physical Memory | 1,12 Gb Available Physical Memory | 57,86% Memory free
4,68 Gb Paging File | 4,02 Gb Available in Paging File | 85,96% Paging File free
Paging file location(s): C:\pagefile.sys 2965 4092 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 216,87 Gb Total Space | 171,87 Gb Free Space | 79,25% Space Free | Partition Type: NTFS
Drive D: | 16,00 Gb Total Space | 11,85 Gb Free Space | 74,06% Space Free | Partition Type: NTFS
Drive S: | 135,66 Gb Total Space | 1,54 Gb Free Space | 1,13% Space Free | Partition Type: NTFS
Drive X: | 135,66 Gb Total Space | 1,54 Gb Free Space | 1,13% Space Free | Partition Type: NTFS
Computer Name: HP46822210828 | User Name: Standard | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
[HKEY_USERS\S-1-5-21-692657690-1026793429-2475828347-1009\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Programme\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [ACDBrowse] -- C:\Programme\ACDSee32\ACDSee32.exe "%1" (ACD Systems, Ltd.)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Ö&ffnen als mb-Projekt] -- C:\mb2009\bin\PMVERS~1.EXE "%1" (mb AEC Software GmbH)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
"DisableMonitoring" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"3389:TCP" = 3389:TCP:*:Enabled:@xpsp2res.dll,-22009
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"3389:TCP" = 3389:TCP:*:Enabled:@xpsp2res.dll,-22009
"1947:TCP" = 1947:TCP:*:Enabled:HASP SRM
"1947:UDP" = 1947:UDP:*:Enabled:HASP SRM
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\Programme\McAfee\Managed VirusScan\Agent\myAgtSvc.exe" = C:\Programme\McAfee\Managed VirusScan\Agent\myAgtSvc.exe:*:Enabled:Managed Services Agent
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\WINDOWS\SMINST\Scheduler.exe" = C:\WINDOWS\SMINST\Scheduler.exe:*:Enabled:Scheduler -- ()
"C:\Programme\Google\Google Earth\client\googleearth.exe" = C:\Programme\Google\Google Earth\client\googleearth.exe:*:Disabled:Google Earth -- (Google)
"C:\WINDOWS\system32\hasplms.exe" = C:\WINDOWS\system32\hasplms.exe:*:Enabled:HASP LLM -- (SafeNet Inc.)
"C:\Programme\Google\Google Earth\plugin\geplugin.exe" = C:\Programme\Google\Google Earth\plugin\geplugin.exe:*:Enabled:Google Earth -- (Google)
"C:\windows\explorer.exe" = C:\windows\explorer.exe:*:Disabled:Windows Explorer -- (Microsoft Corporation)
"C:\Programme\Gemeinsame Dateien\Apple\Apple Application Support\WebKit2WebProcess.exe" = C:\Programme\Gemeinsame Dateien\Apple\Apple Application Support\WebKit2WebProcess.exe:*:Enabled:WebKit -- (Apple Inc.)
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator
"{00060000-0000-1004-8002-0000C06B5161}" = WIBU-KEY Setup (WIBU-KEY Remove)
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{0394CDC8-FABD-4ed8-B104-03393876DFDF}" = Roxio Creator Tools
"{06D3BAA7-8C97-4FF6-9F7B-99705BAC2169}" = Credential Manager for HP ProtectTools
"{07629207-FAA0-4F1A-8092-BF5085BE511F}" = Unterstützungsdateien für das Microsoft SQL Server-Setup (Englisch)
"{086F9A69-CD39-4893-A9FB-D3A0634CE3F7}" = Autodesk Content Service
"{0A0CADCF-78DA-33C4-A350-CD51849B9702}" = Microsoft .NET Framework 4 Extended
"{0D397393-9B50-4c52-84D5-77E344289F87}" = Roxio Creator Data
"{0F842B77-56EA-4AAF-8295-81A022350B5E}" = Microsoft Security Client
"{1280E900-35DA-4E08-A700-B79A5B2B8532}" = Microsoft Antimalware Service DE-DE Language Pack
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{29ED20C9-5E15-4969-9279-25BF3727A3DA}" = iTunes
"{2F4C24E6-CBD4-4AAC-B56F-C9FD44DE5668}" = Roxio Drag-to-Disc
"{3248F0A8-6813-11D6-A77B-00B0D0160070}" = Java(TM) 6 Update 7
"{350C97B3-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{35E1EC43-D4FC-4E4A-AAB3-20DDA27E8BB0}" = Sonic Activation Module
"{39A89121-CFCE-44EF-9DCD-2FE70124BED6}" = DC-Bodenmechanik
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3F9F7336-6DF8-476F-ABF6-C70A17FAF619}" = HP Backup and Recovery Manager
"{47E8611A-9CC0-4367-BAF3-2B6A911BA1B7}" = Ing+ 2009
"{485D80AA-AFD9-4FF1-91D4-A44978B99F3D}" = AuthenTec Fingerprint System
"{4921DACF-4937-4E5E-AC49-7C58803399D3}_is1" = ZFG-3000 2.0.0.4
"{498A4E3D-562E-4129-8722-6DCAB12384AE}" = Windows Communication Foundation Language Pack - DEU
"{50120000-1105-0000-0000-0000000FF1CE}" = Microsoft Office 2007 Primary Interop Assemblies
"{50779A29-834E-4E36-BBEB-B7CABC67A825}" = Microsoft Security Client DE-DE Language Pack
"{5545EEE1-FA36-4F76-B6BE-5696E7F4E2D6}" = VBA
"{5545EEE4-FA36-4F76-B6BE-5696E7F4E2D6}" = VBA
"{55B52830-024A-443E-AF61-61E1E71AFA1B}" = Device Access Manager for HP ProtectTools
"{5783F2D7-A001-0407-0002-0060B0CE6BBA}" = AutoCAD 2012 - Deutsch
"{5783F2D7-A001-0407-1002-0060B0CE6BBA}" = AutoCAD 2012 Language Pack - Deutsch
"{5783F2D7-A009-0407-0002-0060B0CE6BBA}" = AutoCAD LT 2012 - Deutsch
"{5783F2D7-A009-0407-1002-0060B0CE6BBA}" = AutoCAD LT 2012 Language Pack - Deutsch
"{5A3C1721-F8ED-11E0-8AFB-B8AC6F97B88E}" = Google Earth
"{5F19F151-A85C-4485-8D56-C13E01E7B815}" = HP ProtectTools Security Manager
"{5FEBF468-5AC2-4C66-AD80-DF85C085AA73}" = InterVideo WinDVD 8
"{619CDD8A-14B6-43a1-AB6C-0F4EE48CE048}" = Roxio Creator Copy
"{65420DC9-306E-4371-905F-F4DC3B418E52}" = Autodesk Material Library Base Resolution Image Library 2012
"{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites
"{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}" = Roxio Express Labeler 3
"{6B21C4FD-B224-4599-A9BC-F565FDB90301}" = HP JavaCard for HP ProtectTools
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7228FD8C-3B9E-4204-AE36-8A466107685B}" = Windows Workflow Foundation DE Language Pack
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{75D7BB3A-9AB7-4ad1-AD5E-0059B90C624B}" = HP ProtectTools Security Manager Suite
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{777AD08E-B32A-4456-AFE1-094DBECEB268}" = Intel(R) Network Connections 13.5.32.0
"{78584C1B-8F7B-4B24-80D1-02B309F67AB3}" = Privacy Manager for HP ProtectTools
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{789C97CE-9E17-4126-BDF4-11FF458BF705}" = File Sanitizer For HP ProtectTools
"{79155F2B-9895-49D7-8612-D92580E0DE5B}" = Bonjour
"{7B070BE0-4A7E-4914-8DF4-D5F1B3F9ED0E}" = Plaxis 8.x
"{7BD0BA37-109F-44ED-A2B6-1E93F04D6EBC}" = AutoCAD 2012 VBA Enabler
"{7BD0D8F8-A13C-48D2-B201-4AD29A48AF34}" = Google SketchUp 7
"{82EF29B1-9B60-4142-A155-0599216DD053}" = LightScribe System Software
"{83FFCFC7-88C6-41c6-8752-958A45325C82}" = Roxio Creator Audio
"{8937FCB2-2FC6-4FC3-9FB5-DE2C92DB9C38}" = Microsoft .NET Framework 2.0 Language Pack - DEU
"{8F0837C2-EE09-4903-88F3-1976FE7FFF4E}" = Autodesk Material Library 2012
"{90120000-0010-0407-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (German) 12
"{90120000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2007
"{90120000-0015-0407-0000-0000000FF1CE}_PROHYBRIDR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_PROHYBRIDR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_PROHYBRIDR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2007
"{90120000-0019-0407-0000-0000000FF1CE}_PROHYBRIDR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2007
"{90120000-001A-0407-0000-0000000FF1CE}_PROHYBRIDR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_PROHYBRIDR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_PROHYBRIDR_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_PROHYBRIDR_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_PROHYBRIDR_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_PROHYBRIDR_{A23BFC95-4A73-410F-9248-4C2B48E38C49}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-0020-0407-0000-0000000FF1CE}" = Compatibility Pack für 2007 Office System
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_PROHYBRIDR_{A6353E8F-5B8D-47CC-8737-DFF032ED3973}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{909B62B0-8ACA-4061-A83B-09CAEF609619}" = MSXML 6.0 Parser
"{90A40407-6000-11D3-8CFE-0150048383C9}" = Microsoft Office 2003 Web Components
"{91120000-0031-0000-0000-0000000FF1CE}" = Microsoft Office Professional Hybrid 2007
"{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{92DF2F1B-F63C-4D9A-B3E1-B2D11AE29790}" = Windows Presentation Foundation Language Pack (DEU)
"{938B1CD7-7C60-491E-AA90-1F1888168240}" = Roxio MyDVD Basic v9
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{951B0F30-9F1A-4BF6-B3DA-99EB0E917B1C}" = FARO LS 1.1.406.58
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A00B9A50-3090-4CFF-9CDA-82DA0BEDAA21}" = Apple Mobile Device Support
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A49BDCBE-590E-43A6-AB77-7C40E499B7C1}" = Autodesk Design Review 2012
"{A83279FD-CA4B-4206-9535-90974DE76654}" = Apple Application Support
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A939D341-5A04-4E0A-BB55-3E65B386432D}" = Microsoft Office Small Business Connectivity Components
"{A93C4E94-1005-489D-BEAA-B873C1AA6CFC}" = HP Help and Support
"{AC194855-F7AC-4D04-B4C9-07BA46FCB697}" = ActivClient 6.1 x86
"{AC76BA86-7AD7-1031-7B44-AA1000000001}" = Adobe Reader X (10.1.3) - Deutsch
"{B2544A03-10D0-4E5E-BA69-0362FFC20D18}" = OGA Notifier 2.0.0048.0
"{BAF78226-3200-4DB4-BE33-4D922A799840}" = Windows Presentation Foundation
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C4706C42-AA81-11D4-8C36-0080ADA77FA7}" = AUER Offert
"{C8B0680B-CDAE-4809-9F91-387B6DE00F7C}" = Roxio Creator Basic v9
"{C911A0C2-2236-3164-AA47-F2566C01AE5E}" = Microsoft .NET Framework 4 Extended DEU Language Pack
"{C9E14402-3631-4182-B377-6B0DFB1C0339}" = QuickTime
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{DBAB02D4-9444-405B-A920-53CBA8F8D055}" = Plaxis 8.6
"{E552C39C-C70E-464F-9733-8311331BDD90}" = Autodesk Inventor Fusion Plugin Language Pack for AutoCAD 2012
"{E6272A04-665C-4E7D-A6BA-EAF4C6C11B00}" = Drive Encryption for HP ProtectTools
"{E78BFA60-5393-4C38-82AB-E8019E464EB4}" = Microsoft .NET Framework 1.1 German Language Pack
"{EAB3AC1A-68FF-486B-9C6B-E48EBB4B05CC}" = Autodesk Inventor Fusion Plugin for AutoCAD 2012
"{EDCD48C2-355F-4EC5-B168-E5A63C6BB072}" = Panda Antivirus Pro 2010
"{F0A37341-D692-11D4-A984-009027EC0A9C}" = SoundMAX
"{F2A7F421-1679-48D5-B918-96999014ED53}" = Microsoft .NET Framework 3.0 German Language Pack
"{F6CBE802-676B-4892-AC47-A6D8FC65D140}" = BIOS Configuration for HP ProtectTools
"{F750C986-5310-3A5A-95F8-4EC71C8AC01C}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{F85B1A02-DCF9-4F04-977A-A412C877B517}" = DC-Grundbaustatik
"{FAF650B6-4A37-11D7-ACE3-00105A66859E}" = PlaxFlow
"{FFF5619F-6669-4EC5-A85E-9994F70A9E5D}" = Autodesk Inventor Fusion 2012
"{FFF7F80F-929E-497F-A112-B070DE816128}" = Autodesk Inventor Fusion 2012 Language Pack
"ACDSee 32" = ACDSee 32
"Activation Assistant for the 2007 Microsoft Office suites" = Activation Assistant for the 2007 Microsoft Office suites
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Photoshop 5.0 Limited Edition" = Adobe Photoshop 5.0 Limited Edition
"Adobe Shockwave Player" = Adobe Shockwave Player 11
"AutoCAD 2012 - Deutsch" = AutoCAD 2012 - Deutsch
"AutoCAD LT 2012 - Deutsch" = AutoCAD LT 2012 - Deutsch
"AutoCAD LT 2012 - Deutsch SP1" = AutoCAD LT 2012 - Deutsch SP1
"Autodesk Design Review 2012" = Autodesk Design Review 2012
"Autodesk Inventor Fusion 2012" = Autodesk Inventor Fusion 2012
"Autodesk Inventor Fusion Plugin for AutoCAD 2012" = Autodesk Inventor Fusion plug-in for AutoCAD 2012
"Bullzip PDF Printer_is1" = Bullzip PDF Printer 7.1.0.1159
"CobBackup10" = Cobian Backup 10
"Freeware.de Toolbar" = Freeware.de Toolbar
"GPL Ghostscript Lite_is1" = GPL Ghostscript Lite 8.70
"Hardlock Device Drivers" = Hardlock Device Drivers
"Hardlock Gerätetreiber" = Hardlock Gerätetreiber
"HDMI" = Intel(R) Graphics Media Accelerator Driver
"ie8" = Windows Internet Explorer 8
"InstallShield_{5FEBF468-5AC2-4C66-AD80-DF85C085AA73}" = InterVideo WinDVD 8
"Kyocera FS-C5100DN/FS-C5200DN/FS-C5300DN Product Library" = Kyocera FS-C5100DN/FS-C5200DN/FS-C5300DN Product Library
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.61.0.1400
"MESOL" = Intel® Active-Management-Technologie
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 2.0 Language Pack - DEU" = Microsoft .NET Framework 2.0 Language Pack - DEU
"Microsoft .NET Framework 3.0 German Language Pack" = Microsoft .NET Framework 3.0 German Language Pack
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft .NET Framework 4 Extended DEU Language Pack" = Microsoft .NET Framework 4 Extended DEU Language Pack
"Microsoft Security Client" = Microsoft Security Essentials
"Mozilla Firefox 13.0.1 (x86 de)" = Mozilla Firefox 13.0.1 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"PROHYBRIDR" = 2007 Microsoft Office system
"ST6UNST #1" = HSeil
"ST6UNST #2" = KEPP - Knickbemessung elastoplastisch gebetteter Pfähle
"ST6UNST #3" = ELGEB
"ST6UNST #4" = ELGEB (C:\Programme\ELGEB\)
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"WinZip" = WinZip
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"XpsEPSC" = XML Paper Specification Shared Components Pack 1.0
"XPSEPSCLP" = XML Paper Specification Shared Components Language Pack 1.0
"ZFG2000" = ZFG 2000
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 26.03.2012 03:41:32 | Computer Name = HP46822210828 | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 5844
Error - 26.03.2012 03:41:50 | Computer Name = HP46822210828 | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second
Error - 26.03.2012 03:41:50 | Computer Name = HP46822210828 | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 1938
Error - 26.03.2012 03:41:50 | Computer Name = HP46822210828 | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 1938
Error - 26.03.2012 04:02:05 | Computer Name = HP46822210828 | Source = Application Error | ID = 1000
Description = Fehlgeschlagene Anwendung smax4pnp.exe, Version 6.0.32.165, fehlgeschlagenes
Modul smax4pnp.exe, Version 6.0.32.165, Fehleradresse 0x000160a4.
Error - 27.03.2012 14:36:48 | Computer Name = HP46822210828 | Source = Application Hang | ID = 1002
Description = Stillstehende Anwendung acadlt.exe, Version 24.2.107.0, Stillstandmodul
hungapp, Version 0.0.0.0, Stillstandadresse 0x00000000.
Error - 02.04.2012 01:47:47 | Computer Name = HP46822210828 | Source = Microsoft Office 12 | ID = 1000
Description = Faulting application winword.exe, version 12.0.6612.1000, stamp 4e725e75,
faulting module koaz8j_x.dll, version 1.0.0.1, stamp 4b94543e, debug? 0, fault
address 0x0001c659.
Error - 02.04.2012 01:48:37 | Computer Name = HP46822210828 | Source = Application Hang | ID = 1002
Description = Stillstehende Anwendung WINWORD.EXE, Version 12.0.6612.1000, Stillstandmodul
hungapp, Version 0.0.0.0, Stillstandadresse 0x00000000.
Error - 06.04.2012 04:30:58 | Computer Name = HP46822210828 | Source = Application Hang | ID = 1002
Description = Stillstehende Anwendung DCNagel.exe, Version 3.2.4.0, Stillstandmodul
hungapp, Version 0.0.0.0, Stillstandadresse 0x00000000.
Error - 06.04.2012 04:31:47 | Computer Name = HP46822210828 | Source = MsiInstaller | ID = 11706
Description =
[ OSession Events ]
Error - 15.12.2009 07:04:40 | Computer Name = HP46822210828 | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
12.0.6514.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 608
seconds with 600 seconds of active time. This session ended with a crash.
Error - 09.04.2011 05:15:03 | Computer Name = HP46822210828 | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 8, Application Name: Microsoft Office Publisher, Application Version:
12.0.6546.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 20
seconds with 0 seconds of active time. This session ended with a crash.
Error - 19.04.2011 15:08:49 | Computer Name = HP46822210828 | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 289
seconds with 0 seconds of active time. This session ended with a crash.
Error - 21.12.2011 06:46:44 | Computer Name = HP46822210828 | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6562.5003, Microsoft Office Version: 12.0.6425.1000. This session lasted 187
seconds with 60 seconds of active time. This session ended with a crash.
Error - 21.12.2011 06:47:08 | Computer Name = HP46822210828 | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6562.5003, Microsoft Office Version: 12.0.6425.1000. This session lasted 7
seconds with 0 seconds of active time. This session ended with a crash.
Error - 02.04.2012 01:47:45 | Computer Name = HP46822210828 | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6612.1000, Microsoft Office Version: 12.0.6612.1000. This session lasted 130
seconds with 120 seconds of active time. This session ended with a crash.
Error - 23.05.2012 14:35:53 | Computer Name = HP46822210828 | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6661.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 88
seconds with 60 seconds of active time. This session ended with a crash.
[ System Events ]
Error - 03.07.2012 02:06:57 | Computer Name = HP46822210828 | Source = Service Control Manager | ID = 7001
Description = Der Dienst "DNS-Client" ist vom Dienst "TCP/IP-Protokolltreiber" abhängig,
der aufgrund folgenden Fehlers nicht gestartet wurde: %%31
Error - 03.07.2012 02:06:57 | Computer Name = HP46822210828 | Source = Service Control Manager | ID = 7001
Description = Der Dienst "TCP/IP-NetBIOS-Hilfsprogramm" ist vom Dienst "AFD" abhängig,
der aufgrund folgenden Fehlers nicht gestartet wurde: %%31
Error - 03.07.2012 02:06:57 | Computer Name = HP46822210828 | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Apple Mobile Device" ist vom Dienst "TCP/IP-Protokolltreiber"
abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: %%31
Error - 03.07.2012 02:06:57 | Computer Name = HP46822210828 | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Dienst "Bonjour"" ist vom Dienst "TCP/IP-Protokolltreiber"
abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: %%31
Error - 03.07.2012 02:06:57 | Computer Name = HP46822210828 | Source = Service Control Manager | ID = 7001
Description = Der Dienst "IPSEC-Dienste" ist vom Dienst "IPSEC-Treiber" abhängig,
der aufgrund folgenden Fehlers nicht gestartet wurde: %%31
Error - 03.07.2012 02:06:57 | Computer Name = HP46822210828 | Source = Service Control Manager | ID = 7026
Description = Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
AFD Fips intelppm IPSec mfehidk mfetdik MpFilter MRxSmb NetBIOS NetBT RasAcd Rdbss RsvLock Tcpip
Error - 03.07.2012 02:07:31 | Computer Name = HP46822210828 | Source = DCOM | ID = 10005
Description = Bei DCOM ist der Fehler "%1084" aufgetreten, als der Dienst "StiSvc"
mit den Argumenten "" gestartet wurde, um den folgenden Server zu verwenden: {A1F4E726-8CF1-11D1-BF92-0060081ED811}
Error - 03.07.2012 02:08:12 | Computer Name = HP46822210828 | Source = DCOM | ID = 10005
Description = Bei DCOM ist der Fehler "%1084" aufgetreten, als der Dienst "EventSystem"
mit den Argumenten "" gestartet wurde, um den folgenden Server zu verwenden: {1BE1F766-5536-11D1-B726-00C04FB926AF}
Error - 03.07.2012 02:11:07 | Computer Name = HP46822210828 | Source = Service Control Manager | ID = 7022
Description = Der Dienst "Autodesk Content Service" wurde nicht ordnungsgemäß gestartet.
Error - 03.07.2012 02:11:08 | Computer Name = HP46822210828 | Source = DCOM | ID = 10010
Description = Der Server "{0590AEC3-61EF-4C31-AAED-734A4E619247}" konnte innerhalb
des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
< End of report >
Hat sich erledigt. Trotzdem danke! |
