Hier der OTL Text....
OTL Logfile: Code:
OTL logfile created on: 06.07.2012 18:01:41 - Run 1
OTL by OldTimer - Version 3.2.53.1 Folder = D:\Virus
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
1014,36 Mb Total Physical Memory | 401,77 Mb Available Physical Memory | 39,61% Memory free
2,38 Gb Paging File | 1,68 Gb Available in Paging File | 70,55% Paging File free
Paging file location(s): C:\pagefile.sys 1524 3048 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 71,33 Gb Total Space | 28,87 Gb Free Space | 40,48% Space Free | Partition Type: NTFS
Drive D: | 71,84 Gb Total Space | 6,43 Gb Free Space | 8,96% Space Free | Partition Type: FAT32
Computer Name: ACER-747B59264E | User Name: Monteur | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2012.07.06 17:59:16 | 000,595,968 | ---- | M] (OldTimer Tools) -- D:\Virus\OTL.exe
PRC - [2012.06.28 16:15:12 | 000,913,888 | ---- | M] (Mozilla Corporation) -- C:\Programme\Mozilla Firefox\firefox.exe
PRC - [2012.05.04 19:29:46 | 000,161,664 | ---- | M] (Oracle Corporation) -- C:\Programme\Oracle\JavaFX 2.1 Runtime\bin\jqs.exe
PRC - [2012.04.04 15:56:40 | 000,654,408 | ---- | M] (Malwarebytes Corporation) -- C:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2012.03.18 12:35:49 | 000,208,896 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Dokumente und Einstellungen\Monteur\Lokale Einstellungen\Temp\RtkBtMnt.exe
PRC - [2012.01.17 11:07:54 | 000,252,296 | ---- | M] (Sun Microsystems, Inc.) -- C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe
PRC - [2011.07.01 21:34:28 | 000,269,480 | ---- | M] (Avira GmbH) -- C:\Programme\Avira\AntiVir Desktop\avguard.exe
PRC - [2011.04.21 07:53:10 | 000,076,968 | ---- | M] (Avira GmbH) -- C:\Programme\Avira\AntiVir Desktop\avshadow.exe
PRC - [2011.04.21 07:52:51 | 000,136,360 | ---- | M] (Avira GmbH) -- C:\Programme\Avira\AntiVir Desktop\sched.exe
PRC - [2011.04.21 07:52:36 | 000,281,768 | ---- | M] (Avira GmbH) -- C:\Programme\Avira\AntiVir Desktop\avgnt.exe
PRC - [2011.03.21 20:56:16 | 001,230,704 | ---- | M] () -- C:\Programme\DivX\DivX Update\DivXUpdate.exe
PRC - [2011.01.21 19:05:02 | 000,064,512 | ---- | M] (Nalpeiron Ltd.) -- C:\WINDOWS\system32\nlssrv32.exe
PRC - [2009.07.24 19:38:50 | 000,189,728 | ---- | M] (Protexis Inc.) -- c:\Programme\Gemeinsame Dateien\Protexis\License Service\PsiService_2.exe
PRC - [2009.03.31 10:39:36 | 000,233,472 | ---- | M] (Teruten) -- C:\WINDOWS\system32\FsUsbExService.Exe
PRC - [2009.02.23 11:48:50 | 000,030,312 | ---- | M] (Microsoft Corporation) -- C:\Programme\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe
PRC - [2008.10.24 16:35:44 | 000,128,296 | ---- | M] () -- C:\Programme\Akademische Arbeitsgemeinschaft\AAVUpdateManager\aavus.exe
PRC - [2008.04.14 04:22:45 | 001,036,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007.10.17 19:59:44 | 000,858,632 | ---- | M] (Dritek System Inc.) -- C:\Programme\Launch Manager\LManager.exe
PRC - [2007.07.04 11:44:00 | 000,475,136 | ---- | M] () -- C:\Acer\Empowering Technology\ePower\ePower_DMC.exe
PRC - [2007.03.01 18:21:52 | 000,024,576 | ---- | M] ( ) -- C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe
========== Modules (No Company Name) ==========
MOD - [2012.06.28 16:15:11 | 002,042,848 | ---- | M] () -- C:\Programme\Mozilla Firefox\mozjs.dll
MOD - [2011.03.21 20:57:34 | 000,096,112 | ---- | M] () -- C:\Programme\DivX\DivX Update\DivXUpdateCheck.dll
MOD - [2011.03.21 20:56:16 | 001,230,704 | ---- | M] () -- C:\Programme\DivX\DivX Update\DivXUpdate.exe
MOD - [2010.12.08 22:30:39 | 003,391,488 | ---- | M] () -- c:\windows\assembly\nativeimages1_v1.1.4322\mscorlib\1.0.5000.0__b77a5c561934e089_73a0c243\mscorlib.dll
MOD - [2010.12.08 22:30:36 | 000,835,584 | ---- | M] () -- c:\windows\assembly\nativeimages1_v1.1.4322\system.drawing\1.0.5000.0__b03f5f7f11d50a3a_6e71112c\system.drawing.dll
MOD - [2010.12.08 22:30:17 | 003,018,752 | ---- | M] () -- c:\windows\assembly\nativeimages1_v1.1.4322\system.windows.forms\1.0.5000.0__b77a5c561934e089_06b146aa\system.windows.forms.dll
MOD - [2010.12.08 22:30:09 | 001,966,080 | ---- | M] () -- c:\windows\assembly\nativeimages1_v1.1.4322\system\1.0.5000.0__b77a5c561934e089_fc85905d\system.dll
MOD - [2010.12.08 22:30:00 | 001,232,896 | ---- | M] () -- c:\windows\assembly\gac\system\1.0.5000.0__b77a5c561934e089\system.dll
MOD - [2010.01.28 13:59:50 | 000,355,688 | ---- | M] () -- C:\Programme\Avira\AntiVir Desktop\sqlite3.dll
MOD - [2008.10.24 16:35:44 | 000,128,296 | ---- | M] () -- C:\Programme\Akademische Arbeitsgemeinschaft\AAVUpdateManager\aavus.exe
MOD - [2007.08.10 12:43:58 | 000,466,944 | ---- | M] () -- c:\windows\assembly\gac\system.drawing\1.0.5000.0__b03f5f7f11d50a3a\system.drawing.dll
MOD - [2007.08.10 12:43:58 | 000,323,584 | ---- | M] () -- c:\windows\assembly\gac\system.runtime.remoting\1.0.5000.0__b77a5c561934e089\system.runtime.remoting.dll
MOD - [2007.08.10 12:43:58 | 000,126,976 | ---- | M] () -- c:\windows\assembly\gac\system.serviceprocess\1.0.5000.0__b03f5f7f11d50a3a\system.serviceprocess.dll
MOD - [2007.08.10 12:43:56 | 002,052,096 | ---- | M] () -- c:\windows\assembly\gac\system.windows.forms\1.0.5000.0__b77a5c561934e089\system.windows.forms.dll
MOD - [2007.07.04 11:44:00 | 000,475,136 | ---- | M] () -- C:\Acer\Empowering Technology\ePower\ePower_DMC.exe
MOD - [2005.10.20 17:20:24 | 000,208,896 | ---- | M] () -- C:\Acer\Empowering Technology\ePower\DialogDLL.dll
MOD - [2005.10.11 13:18:54 | 000,028,672 | ---- | M] () -- C:\Acer\Empowering Technology\ePower\SysHook.dll
MOD - [2003.06.07 22:30:08 | 000,057,344 | ---- | M] () -- C:\Programme\Launch Manager\PowerUtl.dll
========== Win32 Services (SafeList) ==========
SRV - File not found [Auto | Stopped] -- C:\WINDOWS\system32\uvxmbkxb.dll -- (wfsbsxkxj)
SRV - File not found [Auto | Stopped] -- C:\Programme\CyberLink\Shared Files\RichVideo.exe -- (RichVideo) Cyberlink RichVideo Service(CRVS)
SRV - File not found [Auto | Stopped] -- C:\WINDOWS\system32\uvxmbkxb.dll -- (ousla)
SRV - File not found [Disabled | Stopped] -- %SystemRoot%\System32\hidserv.dll -- (HidServ)
SRV - [2012.06.28 16:15:11 | 000,113,120 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012.06.25 00:50:17 | 000,250,056 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012.05.04 19:29:46 | 000,161,664 | ---- | M] (Oracle Corporation) [Auto | Running] -- C:\Programme\Oracle\JavaFX 2.1 Runtime\bin\jqs.exe -- (JavaQuickStarterService)
SRV - [2012.04.04 15:56:40 | 000,654,408 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2012.01.04 14:32:36 | 000,718,888 | ---- | M] (Nokia) [On_Demand | Stopped] -- C:\Programme\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2011.07.01 21:34:28 | 000,269,480 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Programme\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2011.04.21 07:52:51 | 000,136,360 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Programme\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2011.01.21 19:05:02 | 000,064,512 | ---- | M] (Nalpeiron Ltd.) [Auto | Running] -- C:\WINDOWS\system32\nlssrv32.exe -- (nlsX86cc)
SRV - [2010.12.08 01:25:00 | 004,159,984 | ---- | M] (INCA Internet Co., Ltd.) [On_Demand | Stopped] -- C:\WINDOWS\system32\GameMon.des -- (npggsvc)
SRV - [2009.07.24 19:38:50 | 000,189,728 | ---- | M] (Protexis Inc.) [Auto | Running] -- c:\Programme\Gemeinsame Dateien\Protexis\License Service\PsiService_2.exe -- (PSI_SVC_2)
SRV - [2009.03.31 10:39:36 | 000,233,472 | ---- | M] (Teruten) [Auto | Running] -- C:\WINDOWS\system32\FsUsbExService.Exe -- (FsUsbExService)
SRV - [2009.02.23 11:48:50 | 000,030,312 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe -- (BcmSqlStartupSvc)
SRV - [2008.11.04 02:06:28 | 000,441,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE12\ODSERV.EXE -- (odserv)
SRV - [2008.10.24 16:35:44 | 000,128,296 | ---- | M] () [Auto | Running] -- C:\Programme\Akademische Arbeitsgemeinschaft\AAVUpdateManager\aavus.exe -- (AAV UpdateService)
SRV - [2007.03.01 18:21:52 | 000,024,576 | ---- | M] ( ) [Auto | Running] -- C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe -- (eLockService)
SRV - [2006.10.26 14:03:08 | 000,145,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE -- (ose)
SRV - [2004.10.22 03:24:18 | 000,073,728 | ---- | M] (Macrovision Corporation) [On_Demand | Stopped] -- C:\Programme\Gemeinsame Dateien\InstallShield\Driver\1050\Intel 32\IDriverT.exe -- (IDriverT)
========== Driver Services (SafeList) ==========
DRV - File not found [Kernel | Boot | Stopped] -- System32\drivers\wqktbopa.sys -- (xukapatt)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- System32\Drivers\ulisa.sys -- (ulisa) Telekom ISDN-Adapter (USB)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\tsmpkt.sys -- (TSMPacket)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\PROGRA~1\GEMEIN~1\T-Com\DSLCheck\PCANDIS5.SYS -- (PCANDIS5)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ewusbmdm.sys -- (hwdatacard)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\dtwmnic5.sys -- (dtwmnic5)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - [2012.04.04 15:56:40 | 000,022,344 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2011.07.01 21:34:30 | 000,138,192 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avipbb.sys -- (avipbb)
DRV - [2011.07.01 21:34:30 | 000,066,616 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2011.06.02 11:08:34 | 000,011,336 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Programme\SystemRequirementsLab\cpudrv.sys -- (cpudrv)
DRV - [2009.10.08 17:55:33 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2009.09.29 16:05:15 | 000,011,608 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Programme\Avira\AntiVir Desktop\avgio.sys -- (avgio)
DRV - [2009.03.31 10:39:36 | 000,036,608 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\FsUsbExDisk.Sys -- (FsUsbExDisk)
DRV - [2009.03.20 11:01:26 | 000,121,856 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ss_bmdm.sys -- (ss_bmdm)
DRV - [2009.03.20 11:01:26 | 000,090,112 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ss_bbus.sys -- (ss_bbus) SAMSUNG USB Mobile Device (WDM)
DRV - [2009.03.20 11:01:26 | 000,014,976 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ss_bmdfl.sys -- (ss_bmdfl) SAMSUNG USB Mobile Modem (Filter)
DRV - [2008.08.26 10:26:12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2008.04.13 20:56:49 | 000,012,800 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usb8023.sys -- (USB_RNDIS)
DRV - [2007.12.10 17:59:36 | 000,014,544 | ---- | M] (EnTech Taiwan) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\TVicPort.sys -- (tvicport)
DRV - [2007.12.10 17:59:36 | 000,006,080 | ---- | M] (Zeal SoftStudio) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\zntport.sys -- (zntport)
DRV - [2007.12.10 17:59:34 | 000,014,120 | ---- | M] (Acer, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\int15.sys -- (int15)
DRV - [2007.09.21 06:26:48 | 001,123,328 | ---- | M] (Broadcom Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\BCMWL5.SYS -- (BCM43XX)
DRV - [2007.07.05 04:16:00 | 000,476,416 | R--- | M] (Ralink Technology, Corp.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\rt2870.sys -- (rt2870)
DRV - [2007.05.30 20:04:56 | 004,424,192 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2007.05.02 03:52:00 | 000,290,816 | ---- | M] (Texas Instruments) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\tifm21.sys -- (tifm21)
DRV - [2007.02.16 15:46:00 | 000,160,256 | R--- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\b57xp32.sys -- (b57w2k)
DRV - [2006.12.22 20:56:44 | 000,988,800 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\HSF_DPV.sys -- (HSF_DPV)
DRV - [2006.12.22 20:55:56 | 000,730,112 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys -- (winachsf)
DRV - [2005.01.13 14:46:16 | 000,069,632 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Acer\Empowering Technology\eRecovery\int15.sys -- (int15.sys)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-2749292441-3107483898-554129289-1008\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = hxxp://de.rd.yahoo.com/customize/ycomp/defaults/sp/*hxxp://de.yahoo.com
IE - HKU\S-1-5-21-2749292441-3107483898-554129289-1008\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Yahoo! Search
IE - HKU\S-1-5-21-2749292441-3107483898-554129289-1008\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = hxxp://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7
IE - HKU\S-1-5-21-2749292441-3107483898-554129289-1008\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
IE - HKU\S-1-5-21-2749292441-3107483898-554129289-1008\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - No CLSID value found
IE - HKU\S-1-5-21-2749292441-3107483898-554129289-1008\..\SearchScopes,DefaultScope = {658851C9-26FF-4702-8297-510A26C307D4}
IE - HKU\S-1-5-21-2749292441-3107483898-554129289-1008\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://search.live.com/results.aspx?q={searchTerms}&src=IE-SearchBox&Form=IE8SRC
IE - HKU\S-1-5-21-2749292441-3107483898-554129289-1008\..\SearchScopes\{658851C9-26FF-4702-8297-510A26C307D4}: "URL" = hxxp://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7
IE - HKU\S-1-5-21-2749292441-3107483898-554129289-1008\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2704262
IE - HKU\S-1-5-21-2749292441-3107483898-554129289-1008\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-2749292441-3107483898-554129289-1008\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = 145.254.22.10:8000
========== FireFox ==========
FF - prefs.js..browser.search.defaultenginename: "foxsearch"
FF - prefs.js..browser.search.order.1: "foxsearch"
FF - prefs.js..browser.search.selectedEngine: "foxsearch"
FF - prefs.js..browser.startup.homepage: "www.google.de"
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.3
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..keyword.URL: "hxxp://www.finduny.com?client=mozilla-firefox&cd=UTF-8&search=1&q="
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_3_300_262.dll ()
FF - HKLM\Software\MozillaPlugins\@canon.com/EPPEX: C:\Programme\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Programme\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: C:\Programme\DivX\DivX Player\npDivxPlayerPlugin.dll File not found
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Programme\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf: File not found
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.5.1: C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.5.1: C:\Programme\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@macromedia.com/FlashPlayer9: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll File not found
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKCU\Software\MozillaPlugins\@docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf: File not found
FF - HKCU\Software\MozillaPlugins\@macromedia.com/FlashPlayer9: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll File not found
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Programme\DivX\DivX Plus Web Player\firefox\html5video [2011.05.09 08:17:22 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{6904342A-8307-11DF-A508-4AE2DFD72085}: C:\Programme\DivX\DivX Plus Web Player\firefox\wpa [2011.05.09 08:17:22 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Components: C:\Programme\Mozilla Firefox\components [2012.06.28 16:15:13 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Plugins: C:\Programme\Mozilla Firefox\plugins [2012.07.03 20:30:02 | 000,000,000 | ---D | M]
[2010.12.07 18:13:26 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\Monteur\Anwendungsdaten\Mozilla\Extensions
[2012.07.04 17:25:05 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\Monteur\Anwendungsdaten\Mozilla\Firefox\Profiles\i8uwltd9.default\extensions
[2010.12.14 20:32:32 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Dokumente und Einstellungen\Monteur\Anwendungsdaten\Mozilla\Firefox\Profiles\i8uwltd9.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2012.06.06 16:33:51 | 000,000,000 | ---D | M] (FreeSoundRecorder Community Toolbar) -- C:\Dokumente und Einstellungen\Monteur\Anwendungsdaten\Mozilla\Firefox\Profiles\i8uwltd9.default\extensions\{32b29df0-2237-4370-9a29-37cebb730e9b}
[2012.03.18 12:17:59 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
[2012.07.04 17:25:05 | 000,743,290 | ---- | M] () (No name found) -- C:\DOKUMENTE UND EINSTELLUNGEN\MONTEUR\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\I8UWLTD9.DEFAULT\EXTENSIONS\{D10D0BF8-F5B5-C8B4-A8B2-2B9879E08C5D}.XPI
[2012.06.28 16:15:13 | 000,085,472 | ---- | M] (Mozilla Foundation) -- C:\Programme\mozilla firefox\components\browsercomps.dll
[2010.03.19 09:23:30 | 000,686,592 | ---- | M] (Synatix GmbH) -- C:\Programme\mozilla firefox\plugins\npmieze.dll
[2012.06.28 16:15:09 | 000,001,392 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012.06.28 16:15:09 | 000,002,252 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\bing.xml
[2012.06.28 16:15:09 | 000,001,153 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\eBay-de.xml
[2011.08.01 07:58:23 | 000,000,143 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\foxsearch.src
[2012.06.28 16:15:09 | 000,006,805 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\leo_ende_de.xml
[2012.06.28 16:15:09 | 000,001,178 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\wikipedia-de.xml
[2012.06.28 16:15:09 | 000,001,105 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\yahoo-de.xml
O1 HOSTS File: ([2012.03.18 13:32:13 | 000,441,471 | R--- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 www.008k.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 www.00hq.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 www.032439.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 www.0scan.com
O1 - Hosts: 127.0.0.1 0scan.com
O1 - Hosts: 127.0.0.1 1000gratisproben.com
O1 - Hosts: 127.0.0.1 www.1000gratisproben.com
O1 - Hosts: 127.0.0.1 1001namen.com
O1 - Hosts: 127.0.0.1 www.1001namen.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 www.100888290cs.com
O1 - Hosts: 127.0.0.1 www.100sexlinks.com
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 www.10sek.com
O1 - Hosts: 127.0.0.1 www.1-2005-search.com
O1 - Hosts: 127.0.0.1 1-2005-search.com
O1 - Hosts: 15173 more lines...
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Programme\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Programme\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (DivX HiQ) - {593DDEC6-7468-4cdd-90E1-42DADAA222E9} - C:\Programme\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (Acer eDataSecurity Management) - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\WINDOWS\system32\eDStoolbar.dll (HiTRUST)
O3 - HKU\S-1-5-21-2749292441-3107483898-554129289-1008\..\Toolbar\ShellBrowser: (Acer eDataSecurity Management) - {5CBE3B7C-1E47-477E-A7DD-396DB0476E29} - C:\WINDOWS\system32\eDStoolbar.dll (HiTRUST)
O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\Alcmtr.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [avgnt] C:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [AzMixerSel] C:\Programme\Realtek\InstallShield\AzMixerSel.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [DivXUpdate] C:\Programme\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [ePower_DMC] C:\Acer\Empowering Technology\ePower\ePower_DMC.exe ()
O4 - HKLM..\Run: [IAAnotif] C:\Programme\Intel\Intel Matrix Storage Manager\Iaanotif.exe (Intel Corporation)
O4 - HKLM..\Run: [IMJPMIG8.1] C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE (Microsoft Corporation)
O4 - HKLM..\Run: [LManager] C:\Programme\Launch Manager\LManager.exe (Dritek System Inc.)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Programme\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [MSPY2002] C:\WINDOWS\System32\IME\PINTLGNT\ImScInst.exe ()
O4 - HKLM..\Run: [NPSStartup] File not found
O4 - HKLM..\Run: [PHIME2002A] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE (Microsoft Corporation)
O4 - HKLM..\Run: [PHIME2002ASync] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE (Microsoft Corporation)
O4 - HKLM..\Run: [preload] C:\WINDOWS\RunXMLPL.exe (Wistron Corp.)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)
O4 - HKU\S-1-5-21-2749292441-3107483898-554129289-1008..\Run: [SpybotSD TeaTimer] C:\Programme\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\phase-6 Reminder.lnk = C:\Programme\phase-6\phase-6\reminder\reminder.exe (phase-6)
O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\WISO Mein Steuer-Sparbuch heute.lnk = C:\Programme\WISO\Steuersoftware 2012\mshaktuell.exe ()
O4 - Startup: C:\Dokumente und Einstellungen\Default User\Startmenü\Programme\Autostart\DSL-Manager.lnk = File not found
O4 - Startup: C:\Dokumente und Einstellungen\TEMP\Startmenü\Programme\Autostart\DSL-Manager.lnk = File not found
O4 - Startup: C:\Dokumente und Einstellungen\TEMP.ACER-747B59264E\Startmenü\Programme\Autostart\DSL-Manager.lnk = File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-2749292441-3107483898-554129289-1008\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Programme\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} hxxp://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1291745055078 (WUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{CAB51FB7-12AB-4306-9B5E-D1095E26253E}: DhcpNameServer = 192.168.2.1
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - c:\Programme\Gemeinsame Dateien\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Web Components\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O24 - Desktop Components:0 (Die derzeitige Homepage) - About:Home
O24 - Desktop WallPaper: C:\Dokumente und Einstellungen\Monteur\Anwendungsdaten\Mozilla\Firefox\Desktop-Hintergrund.bmp
O24 - Desktop BackupWallPaper: C:\Dokumente und Einstellungen\Monteur\Anwendungsdaten\Mozilla\Firefox\Desktop-Hintergrund.bmp
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{5a4540b0-aa39-11df-b83b-001f3a6db58e}\Shell - "" = AutoRun
O33 - MountPoints2\{5a4540b0-aa39-11df-b83b-001f3a6db58e}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{5a4540b0-aa39-11df-b83b-001f3a6db58e}\Shell\AutoRun\command - "" = F:\setup.exe
O33 - MountPoints2\{5f187887-c001-11df-b865-001f3a6db58e}\Shell - "" = AutoRun
O33 - MountPoints2\{5f187887-c001-11df-b865-001f3a6db58e}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{5f187887-c001-11df-b865-001f3a6db58e}\Shell\AutoRun\command - "" = F:\setup.exe
O33 - MountPoints2\{6852ef62-aaf8-11df-b83d-001f3a6db58e}\Shell - "" = AutoRun
O33 - MountPoints2\{6852ef62-aaf8-11df-b83d-001f3a6db58e}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{6852ef62-aaf8-11df-b83d-001f3a6db58e}\Shell\AutoRun\command - "" = F:\setup.exe
O33 - MountPoints2\{a0593a48-c60b-11dd-b71b-001f3a6db58e}\Shell - "" = AutoRun
O33 - MountPoints2\{a0593a48-c60b-11dd-b71b-001f3a6db58e}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{a0593a48-c60b-11dd-b71b-001f3a6db58e}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{a0593a4b-c60b-11dd-b71b-001f3a6db58e}\Shell - "" = AutoRun
O33 - MountPoints2\{a0593a4b-c60b-11dd-b71b-001f3a6db58e}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{a0593a4b-c60b-11dd-b71b-001f3a6db58e}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{b77fe586-aafa-11df-b83e-001f3a6db58e}\Shell - "" = AutoRun
O33 - MountPoints2\{b77fe586-aafa-11df-b83e-001f3a6db58e}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{b77fe586-aafa-11df-b83e-001f3a6db58e}\Shell\AutoRun\command - "" = F:\setup.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
NetSvcs: 6to4 - File not found
NetSvcs: HidServ - %SystemRoot%\System32\hidserv.dll File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: LanmanWorkstation - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: Sharedaccess - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: BITS - File not found
NetSvcs: ousla - C:\WINDOWS\system32\uvxmbkxb.dll File not found
NetSvcs: wfsbsxkxj - C:\WINDOWS\system32\uvxmbkxb.dll File not found
MsConfig - StartUpFolder: C:^Dokumente und Einstellungen^All Users^Startmenü^Programme^Autostart^Acer Empowering Technology.lnk - C:\Acer\Empowering Technology\Acer.Empowering.Framework.Launcher.exe - (Acer Inc.)
MsConfig - StartUpReg: Acer ePresentation HPD - hkey= - key= - C:\Acer\Empowering Technology\ePresentation\ePresentation.exe (Acer Inc.)
MsConfig - StartUpReg: Adobe Reader Speed Launcher - hkey= - key= - C:\Programme\Adobe\Reader 8.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
MsConfig - StartUpReg: AutoStartNPSAgent - hkey= - key= - C:\Programme\Samsung\Samsung New PC Studio\NPSAgent.exe (Samsung Electronics Co., Ltd.)
MsConfig - StartUpReg: Boot - hkey= - key= - C:\Acer\Empowering Technology\ePower\Boot.exe ()
MsConfig - StartUpReg: CanonSolutionMenu - hkey= - key= - C:\Programme\Canon\SolutionMenu\CNSLMAIN.exe (CANON INC.)
MsConfig - StartUpReg: eDataSecurity Loader - hkey= - key= - C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe (HiTRUST)
MsConfig - StartUpReg: eLockMonitor - hkey= - key= - File not found
MsConfig - StartUpReg: ePower_DMC - hkey= - key= - C:\Acer\Empowering Technology\ePower\ePower_DMC.exe ()
MsConfig - StartUpReg: eRecoveryService - hkey= - key= - C:\Acer\Empowering Technology\eRecovery\eRAgent.exe (Acer Inc.)
MsConfig - StartUpReg: LanguageShortcut - hkey= - key= - C:\Program Files\CyberLink\PowerDVD\Language\Language.exe ()
MsConfig - StartUpReg: MSMSGS - hkey= - key= - C:\Programme\Messenger\msmsgs.exe (Microsoft Corporation)
MsConfig - StartUpReg: RemoteControl - hkey= - key= - C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe (Cyberlink Corp.)
MsConfig - StartUpReg: SunJavaUpdateSched - hkey= - key= - C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)
MsConfig - StartUpReg: SynTPEnh - hkey= - key= - C:\Programme\Synaptics\SynTP\SynTPEnh.exe (Synaptics, Inc.)
MsConfig - StartUpReg: SynTPStart - hkey= - key= - C:\Programme\Synaptics\SynTP\SynTPStart.exe (Synaptics, Inc.)
MsConfig - State: "system.ini" - 0
MsConfig - State: "win.ini" - 0
MsConfig - State: "bootini" - 0
MsConfig - State: "services" - 0
MsConfig - State: "startup" - 2
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: sermouse.sys - Driver
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vds - Service
SafeBootMin: vga.sys - Driver
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: LanmanWorkstation - Service
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: sermouse.sys - Driver
SafeBootNet: SharedAccess - File not found
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: vga.sys - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX: {10072CEC-8CC1-11D1-986E-00A0C955B42F} - Vektorgrafik-Rendering (VML)
ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - NetShow
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 6.4
ActiveX: {283807B5-2C60-11D0-A31D-00AA00B92C03} - DirectAnimation
ActiveX: {2A3320D6-C805-4280-B423-B665BDE33D8F} - Microsoft .NET Framework 1.1 Security Update (KB979906)
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {2F6EFCE6-10DF-49F9-9E64-9AE3775B2588} - Microsoft .NET Framework 1.1 Security Update (KB2416447)
ActiveX: {36f8ec70-c29a-11d1-b5c7-0000f8051515} - Dynamic HTML-Datenbindung für Java
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {3bf42070-b3b1-11d1-b5c5-0000f8051515} - Uniscribe
ActiveX: {411EDCF7-755D-414E-A74B-3DCD6583F589} - Microsoft .NET Framework 1.1 Service Pack 1 (KB867460)
ActiveX: {4278c270-a269-11d1-b5bf-0000f8051515} - Erweitertes Authoring
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install
ActiveX: {44BBA842-CC51-11CF-AAFA-00AA00B6015B} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT
ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - DirectShow
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f216970-c90c-11d1-b5c7-0000f8051515} - DirectAnimation Java Classes
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.8
ActiveX: {5945c046-1e7d-11d1-bc44-00c04fd912be} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser
ActiveX: {5A8D6EE0-3E18-11D0-821E-444553540000} - ICW
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7131646D-CD3C-40F4-97B9-CD9E4E6262EF} - .NET Framework
ActiveX: {73fa19d0-2d75-11d2-995d-00c04f98bbc9} - Web Folders
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\WINDOWS\system32\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\WINDOWS\system32\Rundll32.exe C:\WINDOWS\system32\mscories.dll,Install
ActiveX: {8b15971b-5355-4c82-8c07-7e181ea07608} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\fxsocm.inf,Fax.Install.PerUser
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {94de52c8-2d59-4f1b-883e-79663d2d9a8c} - Fax Provider
ActiveX: {A6978264-6987-5A17-F83A-786E5FBAFCC8} - Microsoft Windows Media Player
ActiveX: {C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F} - .NET Framework
ActiveX: {C7592042-E471-DCA2-8658-D87088B41251} - Java (Sun)
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} - .NET Framework
ActiveX: {CC2A9BA0-3BDD-11D0-821E-444553540000} - Taskplaner
ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1
ActiveX: {D27CDB6E-AE6D-11cf-96B8-444553540000} - Adobe Flash Player
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: <{12d0ed0d-0ee0-4f90-8827-78cefb8f4988} - C:\WINDOWS\system32\ieudinit.exe
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\WINDOWS\inf\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - %systemroot%\system32\shmgrate.exe OCInstallUserConfigIE
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP
ActiveX: >{881dd1c5-3dcf-431b-b061-f3f88e8be88a} - %systemroot%\system32\shmgrate.exe OCInstallUserConfigOE
Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: MSVideo8 - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.DIVX - C:\WINDOWS\System32\DivX.dll (DivX, Inc.)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
Drivers32: vidc.XVID - C:\WINDOWS\System32\xvidvfw.dll ()
Drivers32: vidc.yv12 - C:\WINDOWS\System32\DivX.dll (DivX, Inc.)
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
========== Files/Folders - Created Within 30 Days ==========
[2012.07.05 21:41:11 | 000,000,000 | ---D | C] -- C:\Programme\ESET
[2012.07.05 19:48:42 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Monteur\Anwendungsdaten\Malwarebytes
[2012.07.05 19:48:37 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Malwarebytes' Anti-Malware
[2012.07.05 19:48:35 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Malwarebytes
[2012.07.05 19:48:34 | 000,022,344 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2012.07.05 19:48:34 | 000,000,000 | ---D | C] -- C:\Programme\Malwarebytes' Anti-Malware
[2012.07.04 21:43:04 | 000,335,504 | ---- | C] (BitDefender S.R.L.) -- C:\WINDOWS\System32\drivers\TrufosAlt.sys
[2012.07.03 20:57:03 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Monteur\Anwendungsdaten\.minecraft
[2012.07.03 20:48:49 | 000,000,000 | ---D | C] -- C:\Intel
[2012.07.03 20:47:38 | 000,000,000 | ---D | C] -- C:\Programme\SystemRequirementsLab
[2012.07.03 20:47:36 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Monteur\SystemRequirementsLab
[2012.06.17 14:49:40 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Monteur\Startmenü\Programme\VirtualDJ
[2012.06.17 14:49:20 | 000,000,000 | ---D | C] -- C:\Programme\VirtualDJ
[2012.06.17 14:49:17 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Monteur\Eigene Dateien\VirtualDJ
[2012.06.14 22:04:48 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Monteur\Lokale Einstellungen\Anwendungsdaten\Sun
[2012.06.14 22:04:28 | 000,000,000 | ---D | C] -- C:\Programme\Gemeinsame Dateien\Java
[2012.06.14 22:03:16 | 000,000,000 | ---D | C] -- C:\Programme\Oracle
[2012.06.14 22:02:10 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Monteur\Anwendungsdaten\Oracle
[2012.06.14 21:49:21 | 000,000,000 | RH-D | C] -- C:\Dokumente und Einstellungen\Monteur\Recent
[2012.06.14 21:36:00 | 000,000,000 | ---D | C] -- C:\Programme\CCleaner
[5 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2012.07.06 17:50:01 | 000,000,884 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2012.07.06 17:01:36 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2012.07.06 17:00:54 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2012.07.06 17:00:50 | 1063,702,528 | -HS- | M] () -- C:\hiberfil.sys
[2012.07.05 19:48:37 | 000,000,760 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Malwarebytes Anti-Malware.lnk
[2012.07.04 21:43:05 | 000,335,504 | ---- | M] (BitDefender S.R.L.) -- C:\WINDOWS\System32\drivers\TrufosAlt.sys
[2012.07.04 20:52:09 | 000,278,561 | ---- | M] () -- C:\Dokumente und Einstellungen\Monteur\Desktop\Minecraft.exe
[2012.07.03 21:47:06 | 000,099,328 | ---- | M] () -- C:\Dokumente und Einstellungen\Monteur\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012.06.26 09:44:22 | 000,968,649 | ---- | M] () -- C:\Dokumente und Einstellungen\Monteur\Desktop\CIMG3803.JPG
[2012.06.26 09:44:06 | 000,977,908 | ---- | M] () -- C:\Dokumente und Einstellungen\Monteur\Desktop\CIMG3802.JPG
[2012.06.18 11:49:35 | 002,248,184 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2012.06.17 14:49:41 | 000,000,697 | ---- | M] () -- C:\Dokumente und Einstellungen\Monteur\Desktop\VirtualDJ Home FREE.lnk
[2012.06.14 22:01:19 | 000,464,866 | ---- | M] () -- C:\WINDOWS\System32\perfh007.dat
[2012.06.14 22:01:19 | 000,446,152 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2012.06.14 22:01:19 | 000,087,052 | ---- | M] () -- C:\WINDOWS\System32\perfc007.dat
[2012.06.14 22:01:19 | 000,073,358 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2012.06.14 21:36:01 | 000,000,658 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\CCleaner.lnk
[5 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
========== Files Created - No Company Name ==========
[2012.07.05 19:48:37 | 000,000,760 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Malwarebytes Anti-Malware.lnk
[2012.07.04 21:56:00 | 000,013,312 | ---- | C] () -- C:\WINDOWS\Installer\{ea60ef8a-55c1-d2c3-2435-e470d16629cb}\U\80000000.@
[2012.07.04 20:52:06 | 000,278,561 | ---- | C] () -- C:\Dokumente und Einstellungen\Monteur\Desktop\Minecraft.exe
[2012.07.03 22:43:26 | 000,001,696 | ---- | C] () -- C:\WINDOWS\Installer\{ea60ef8a-55c1-d2c3-2435-e470d16629cb}\U\00000001.@
[2012.07.03 20:49:04 | 000,001,023 | ---- | C] () -- C:\WINDOWS\System32\igxpxa32.vp
[2012.07.03 20:49:03 | 001,674,683 | ---- | C] () -- C:\WINDOWS\System32\igxpxa32.cpa
[2012.07.03 20:49:03 | 001,498,560 | ---- | C] () -- C:\WINDOWS\System32\igkrng400.bin
[2012.06.26 09:43:34 | 000,977,908 | ---- | C] () -- C:\Dokumente und Einstellungen\Monteur\Desktop\CIMG3802.JPG
[2012.06.26 09:43:34 | 000,968,649 | ---- | C] () -- C:\Dokumente und Einstellungen\Monteur\Desktop\CIMG3803.JPG
[2012.06.17 14:49:41 | 000,000,697 | ---- | C] () -- C:\Dokumente und Einstellungen\Monteur\Desktop\VirtualDJ Home FREE.lnk
[2012.06.14 21:58:06 | 000,000,884 | ---- | C] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2012.06.14 21:36:01 | 000,000,658 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\CCleaner.lnk
[2012.04.16 20:32:42 | 000,786,432 | ---- | C] () -- C:\WINDOWS\System32\libhpdf.dll
[2012.04.16 20:23:04 | 000,338,432 | ---- | C] () -- C:\WINDOWS\System32\sqlite36_engine.dll
[2012.04.12 00:37:27 | 000,004,083 | ---- | C] () -- C:\WINDOWS\ProxyChecker.INI
[2011.12.14 22:03:07 | 000,013,661 | ---- | C] () -- C:\Dokumente und Einstellungen\Monteur\.recently-used.xbel
[2011.12.13 21:21:17 | 000,035,802 | ---- | C] () -- C:\WINDOWS\p69-a6b-21159.dll
[2011.12.01 14:06:25 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2011.10.21 14:48:41 | 000,000,463 | ---- | C] () -- C:\WINDOWS\Capictrl.INI
[2011.10.08 12:38:56 | 000,000,059 | ---- | C] () -- C:\WINDOWS\WINPHONE.INI
[2011.08.08 17:37:41 | 000,001,079 | ---- | C] () -- C:\WINDOWS\wiso.ini
[2011.06.23 15:31:53 | 000,148,195 | ---- | C] () -- C:\Programme\Gemeinsame Dateien\BookViewer.xap
[2011.06.23 14:32:16 | 000,002,828 | -HS- | C] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\KGyGaAvL.sys
[2011.06.23 14:32:16 | 000,000,008 | RHS- | C] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\892AF36172.sys
[2011.06.21 10:21:48 | 000,819,200 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2011.06.21 10:21:48 | 000,180,224 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2011.06.16 19:25:05 | 000,000,552 | ---- | C] () -- C:\WINDOWS\System32\d3d8caps.dat
[2011.06.16 00:41:38 | 000,401,576 | ---- | C] () -- C:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\Anwendungsdaten\FontCache3.0.0.0.dat
[2011.01.29 14:28:08 | 000,110,592 | ---- | C] () -- C:\WINDOWS\System32\FsUsbExDevice.Dll
[2011.01.29 14:28:08 | 000,036,608 | ---- | C] () -- C:\WINDOWS\System32\FsUsbExDisk.Sys
[2011.01.29 14:27:54 | 000,002,528 | ---- | C] () -- C:\Dokumente und Einstellungen\Monteur\Anwendungsdaten\$_hpcst$.hpc
[2010.09.12 19:53:34 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\HPPLVS.dll
[2009.04.07 09:34:05 | 000,099,328 | ---- | C] () -- C:\Dokumente und Einstellungen\Monteur\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008.10.17 18:42:56 | 000,000,140 | ---- | C] () -- C:\Dokumente und Einstellungen\Monteur\Lokale Einstellungen\Anwendungsdaten\fusioncache.dat
[2004.08.04 05:00:00 | 000,002,048 | -HS- | C] () -- C:\WINDOWS\Installer\{ea60ef8a-55c1-d2c3-2435-e470d16629cb}\@
[2004.08.04 05:00:00 | 000,002,048 | -HS- | C] () -- C:\Dokumente und Einstellungen\Monteur\Lokale Einstellungen\Anwendungsdaten\{ea60ef8a-55c1-d2c3-2435-e470d16629cb}\@
========== LOP Check ==========
[2011.08.01 08:11:17 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\AAV
[2011.08.15 19:16:05 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Bitstream
[2012.04.25 08:48:23 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Buhl Data Service GmbH
[2011.03.11 11:08:49 | 000,000,000 | -H-D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\CanonBJ
[2011.04.19 14:57:49 | 000,000,000 | -H-D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\CanonIJScan
[2012.01.19 20:43:01 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\NCH Swift Sound
[2012.03.09 00:53:51 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\NokiaInstallerCache
[2011.01.29 14:30:39 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\PC Suite
[2011.10.23 11:25:08 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Phase6
[2012.04.16 21:36:51 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\SF
[2009.04.01 16:53:30 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\T-Online
[2011.06.24 09:50:46 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Ulead Systems
[2010.09.13 17:51:08 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Vodafone
[2008.03.15 10:55:43 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\{174892B1-CBE7-44F5-86FF-AB555EFD73A3}
[2010.08.17 21:56:33 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\LocalService\Anwendungsdaten\Vodafone
[2012.07.03 21:08:13 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Monteur\Anwendungsdaten\.minecraft
[2011.06.16 18:45:49 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Monteur\Anwendungsdaten\advantage
[2012.02.07 20:13:39 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Monteur\Anwendungsdaten\Anyd
[2012.03.18 21:16:31 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Monteur\Anwendungsdaten\Atd
[2011.08.08 17:38:38 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Monteur\Anwendungsdaten\Buhl Data Service
[2011.08.15 15:21:09 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Monteur\Anwendungsdaten\Canon
[2012.01.12 20:35:36 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Monteur\Anwendungsdaten\Cool Record Edit Pro
[2012.01.25 23:43:10 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Monteur\Anwendungsdaten\FileZilla
[2012.01.12 20:28:18 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Monteur\Anwendungsdaten\Free Sound Recorder
[2011.07.18 10:12:06 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Monteur\Anwendungsdaten\GetRightToGo
[2011.12.13 21:36:45 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Monteur\Anwendungsdaten\gtk-2.0
[2011.08.01 07:59:43 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Monteur\Anwendungsdaten\Gutscheinmieze
[2012.02.23 20:41:45 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Monteur\Anwendungsdaten\inkscape
[2011.10.17 21:56:01 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Monteur\Anwendungsdaten\IrfanView
[2012.03.09 01:01:07 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Monteur\Anwendungsdaten\Nokia
[2012.06.14 22:02:10 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Monteur\Anwendungsdaten\Oracle
[2011.01.29 14:30:38 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Monteur\Anwendungsdaten\PC Suite
[2011.10.06 21:29:44 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Monteur\Anwendungsdaten\Phase6
[2011.12.29 22:38:47 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Monteur\Anwendungsdaten\PhotoScape
[2012.03.11 11:57:59 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Monteur\Anwendungsdaten\PriceGong
[2011.01.29 14:27:52 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Monteur\Anwendungsdaten\Samsung
[2012.02.08 19:55:51 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Monteur\Anwendungsdaten\Sob
[2010.08.17 21:56:38 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Monteur\Anwendungsdaten\Vodafone
========== Purity Check ==========
========== Custom Scans ==========
< %ALLUSERSPROFILE%\Application Data\*. >
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
< %APPDATA%\*. >
[2012.07.03 21:08:13 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Monteur\Anwendungsdaten\.minecraft
[2011.08.17 15:44:46 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Monteur\Anwendungsdaten\Adobe
[2011.06.16 18:45:49 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Monteur\Anwendungsdaten\advantage
[2012.02.07 20:13:39 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Monteur\Anwendungsdaten\Anyd
[2012.03.18 21:16:31 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Monteur\Anwendungsdaten\Atd
[2011.06.29 19:21:01 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Monteur\Anwendungsdaten\Avira
[2011.08.08 17:38:38 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Monteur\Anwendungsdaten\Buhl Data Service
[2011.08.15 15:21:09 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Monteur\Anwendungsdaten\Canon
[2012.01.12 20:35:36 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Monteur\Anwendungsdaten\Cool Record Edit Pro
[2011.06.23 13:54:04 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Monteur\Anwendungsdaten\Corel
[2009.04.07 11:24:03 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Monteur\Anwendungsdaten\CyberLink
[2011.05.22 20:59:31 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Monteur\Anwendungsdaten\DivX
[2011.11.05 14:35:11 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Monteur\Anwendungsdaten\dvdcss
[2012.01.25 23:43:10 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Monteur\Anwendungsdaten\FileZilla
[2012.01.12 20:28:18 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Monteur\Anwendungsdaten\Free Sound Recorder
[2011.07.18 10:12:06 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Monteur\Anwendungsdaten\GetRightToGo
[2011.12.13 21:36:45 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Monteur\Anwendungsdaten\gtk-2.0
[2011.08.01 07:59:43 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Monteur\Anwendungsdaten\Gutscheinmieze
[2012.03.18 14:39:06 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Monteur\Anwendungsdaten\Identities
[2012.02.23 20:41:45 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Monteur\Anwendungsdaten\inkscape
[2008.03.15 10:55:41 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Monteur\Anwendungsdaten\InstallShield
[2011.10.17 21:56:01 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Monteur\Anwendungsdaten\IrfanView
[2012.01.30 12:49:35 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Monteur\Anwendungsdaten\Macromedia
[2012.07.05 19:48:42 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Monteur\Anwendungsdaten\Malwarebytes
[2012.06.17 14:49:43 | 000,000,000 | --SD | M] -- C:\Dokumente und Einstellungen\Monteur\Anwendungsdaten\Microsoft
[2011.10.06 21:29:51 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Monteur\Anwendungsdaten\Mozilla
[2012.01.19 20:43:01 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Monteur\Anwendungsdaten\NCH Software
[2012.03.09 01:01:07 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Monteur\Anwendungsdaten\Nokia
[2012.06.14 22:02:10 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Monteur\Anwendungsdaten\Oracle
[2011.01.29 14:30:38 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Monteur\Anwendungsdaten\PC Suite
[2011.10.06 21:29:44 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Monteur\Anwendungsdaten\Phase6
[2011.12.29 22:38:47 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Monteur\Anwendungsdaten\PhotoScape
[2012.03.11 11:57:59 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Monteur\Anwendungsdaten\PriceGong
[2010.12.07 17:00:00 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Monteur\Anwendungsdaten\Real
[2011.01.29 14:27:52 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Monteur\Anwendungsdaten\Samsung
[2011.10.07 08:42:43 | 000,000,000 | RH-D | M] -- C:\Dokumente und Einstellungen\Monteur\Anwendungsdaten\SecuROM
[2012.02.08 19:55:51 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Monteur\Anwendungsdaten\Sob
[2009.02.24 14:17:18 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Monteur\Anwendungsdaten\Sun
[2012.06.17 16:18:27 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Monteur\Anwendungsdaten\vlc
[2010.08.17 21:56:38 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Monteur\Anwendungsdaten\Vodafone
[2009.04.07 09:31:15 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Monteur\Anwendungsdaten\WinRAR
< %APPDATA%\*.exe /s >
[2010.06.10 14:19:22 | 000,825,856 | ---- | M] (Synatix GmbH) -- C:\Dokumente und Einstellungen\Monteur\Anwendungsdaten\Gutscheinmieze\uninstall.exe
[2011.04.06 18:19:55 | 002,872,992 | ---- | M] (Adobe Systems, Inc.) -- C:\Dokumente und Einstellungen\Monteur\Anwendungsdaten\Macromedia\Flash Player\www.macromedia.com\bin\fpupdateax\fpupdateax.exe
[2011.11.08 11:08:58 | 003,760,800 | ---- | M] (Adobe Systems, Inc.) -- C:\Dokumente und Einstellungen\Monteur\Anwendungsdaten\Macromedia\Flash Player\www.macromedia.com\bin\fpupdatepl\fpupdatepl.exe
[2011.08.24 19:19:48 | 089,280,248 | ---- | M] (Samsung Electronics Co., Ltd. ) -- C:\Dokumente und Einstellungen\Monteur\Anwendungsdaten\Samsung\New PC Studio\LiveUpdate\Setup_For_Full_Update_IH2_7.exe
< %SYSTEMDRIVE%\*.exe >
< MD5 for: AGP440.SYS >
[2004.08.04 05:00:00 | 018,782,319 | ---- | M] () .cab file -- C:\I386\sp2.cab:AGP440.sys
[2004.08.04 05:00:00 | 018,782,319 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:AGP440.sys
[2010.12.07 22:50:48 | 001,517,606 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab: Invalid or corrupt .cab file
[2010.12.07 22:50:48 | 001,517,606 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab: Invalid or corrupt .cab file
[2008.04.13 20:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\ServicePackFiles\i386\agp440.sys
[2008.04.13 20:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\system32\drivers\agp440.sys
[2004.08.03 23:07:42 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=2C428FA0C3E3A01ED93C9B2A27D8D4BB -- C:\WINDOWS\$NtServicePackUninstall$\agp440.sys
< MD5 for: AHCIX86.SYS >
[2010.12.07 22:50:48 | 001,517,606 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab: Invalid or corrupt .cab file
[2010.12.07 22:50:48 | 001,517,606 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab: Invalid or corrupt .cab file
< MD5 for: AHCIX86S.SYS >
[2010.12.07 22:50:48 | 001,517,606 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab: Invalid or corrupt .cab file
[2010.12.07 22:50:48 | 001,517,606 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab: Invalid or corrupt .cab file
< MD5 for: ATAPI.SYS >
[2004.08.04 05:00:00 | 018,782,319 | ---- | M] () .cab file -- C:\I386\sp2.cab:atapi.sys
[2004.08.04 05:00:00 | 018,782,319 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2010.12.07 22:50:48 | 001,517,606 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab: Invalid or corrupt .cab file
[2010.12.07 22:50:48 | 001,517,606 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab: Invalid or corrupt .cab file
[2008.04.13 20:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys
[2008.04.13 20:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys
[2004.08.03 22:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\$NtServicePackUninstall$\atapi.sys
[2004.08.03 22:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\ReinstallBackups\0005\DriverFiles\i386\atapi.sys
< MD5 for: CNGAUDIT.DLL >
[2010.12.07 22:50:48 | 001,517,606 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab: Invalid or corrupt .cab file
[2010.12.07 22:50:48 | 001,517,606 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab: Invalid or corrupt .cab file
< MD5 for: ENETHOOK.DLL >
[2010.12.07 22:50:48 | 001,517,606 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab: Invalid or corrupt .cab file
[2010.12.07 22:50:48 | 001,517,606 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab: Invalid or corrupt .cab file
< MD5 for: EVENTLOG.DLL >
[2010.12.07 22:50:48 | 001,517,606 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab: Invalid or corrupt .cab file
[2010.12.07 22:50:48 | 001,517,606 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab: Invalid or corrupt .cab file
[2008.04.14 04:22:10 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=04955AA695448C181B367D964AF158AA -- C:\WINDOWS\ServicePackFiles\i386\eventlog.dll
[2008.04.14 04:22:10 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=04955AA695448C181B367D964AF158AA -- C:\WINDOWS\system32\eventlog.dll
[2004.08.04 05:00:00 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=B932C077D5A65B71B4512544AC404CB4 -- C:\WINDOWS\$NtServicePackUninstall$\eventlog.dll
< MD5 for: IASTOR.SYS >
[2010.12.07 22:50:48 | 001,517,606 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab: Invalid or corrupt .cab file
[2010.12.07 22:50:48 | 001,517,606 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab: Invalid or corrupt .cab file
[2007.03.21 12:58:56 | 000,304,920 | ---- | M] (Intel Corporation) MD5=997E8F5939F2D12CD9F2E6B395724C16 -- C:\Programme\Intel\Intel Matrix Storage Manager\Driver\IaStor.sys
[2007.03.21 12:58:56 | 000,304,920 | ---- | M] (Intel Corporation) MD5=997E8F5939F2D12CD9F2E6B395724C16 -- C:\WINDOWS\system32\drivers\iaStor.sys
[2007.03.21 12:58:56 | 000,304,920 | ---- | M] (Intel Corporation) MD5=997E8F5939F2D12CD9F2E6B395724C16 -- C:\WINDOWS\system32\ReinstallBackups\0013\DriverFiles\iaStor.sys
[2007.03.21 12:59:30 | 000,381,720 | ---- | M] (Intel Corporation) MD5=9D7ED4275702E2FC409F2CC563245740 -- C:\Programme\Intel\Intel Matrix Storage Manager\Driver64\IaStor.sys
< MD5 for: IASTORV.SYS >
[2010.12.07 22:50:48 | 001,517,606 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab: Invalid or corrupt .cab file
[2010.12.07 22:50:48 | 001,517,606 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab: Invalid or corrupt .cab file
< MD5 for: IDECHNDR.SYS >
[2010.12.07 22:50:48 | 001,517,606 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab: Invalid or corrupt .cab file
[2010.12.07 22:50:48 | 001,517,606 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab: Invalid or corrupt .cab file
< MD5 for: KR10N.SYS >
[2010.12.07 22:50:48 | 001,517,606 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab: Invalid or corrupt .cab file
[2010.12.07 22:50:48 | 001,517,606 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab: Invalid or corrupt .cab file
< MD5 for: LOGEVENT.DLL >
[2010.12.07 22:50:48 | 001,517,606 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab: Invalid or corrupt .cab file
[2010.12.07 22:50:48 | 001,517,606 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab: Invalid or corrupt .cab file
< MD5 for: NETLOGON.DLL >
[2010.12.07 22:50:48 | 001,517,606 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab: Invalid or corrupt .cab file
[2010.12.07 22:50:48 | 001,517,606 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab: Invalid or corrupt .cab file
[2008.04.14 04:22:19 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=0098D35F91DEAB9C127360A877F2CF84 -- C:\WINDOWS\ServicePackFiles\i386\netlogon.dll
[2008.04.14 04:22:19 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=0098D35F91DEAB9C127360A877F2CF84 -- C:\WINDOWS\system32\netlogon.dll
[2004.08.04 05:00:00 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=D27395EDCD3416AFD125A9370DCB585C -- C:\WINDOWS\$NtUninstallKB968389_0$\netlogon.dll
[2009.02.06 20:46:10 | 000,408,064 | ---- | M] (Microsoft Corporation) MD5=ED4BBAD725A21632FB205452749FC8F5 -- C:\WINDOWS\$NtServicePackUninstall$\netlogon.dll
[2009.02.06 20:46:10 | 000,408,064 | ---- | M] (Microsoft Corporation) MD5=ED4BBAD725A21632FB205452749FC8F5 -- C:\WINDOWS\$NtUninstallKB975467_0$\netlogon.dll
< MD5 for: NTELOGON.DLL >
[2010.12.07 22:50:48 | 001,517,606 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab: Invalid or corrupt .cab file
[2010.12.07 22:50:48 | 001,517,606 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab: Invalid or corrupt .cab file
< MD5 for: NVATA.SYS >
[2010.12.07 22:50:48 | 001,517,606 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab: Invalid or corrupt .cab file
[2010.12.07 22:50:48 | 001,517,606 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab: Invalid or corrupt .cab file
< MD5 for: NVATABUS.SYS >
[2010.12.07 22:50:48 | 001,517,606 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab: Invalid or corrupt .cab file
[2010.12.07 22:50:48 | 001,517,606 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab: Invalid or corrupt .cab file
< MD5 for: NVGTS.SYS >
[2010.12.07 22:50:48 | 001,517,606 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab: Invalid or corrupt .cab file
[2010.12.07 22:50:48 | 001,517,606 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab: Invalid or corrupt .cab file
< MD5 for: NVSTOR.SYS >
[2010.12.07 22:50:48 | 001,517,606 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab: Invalid or corrupt .cab file
[2010.12.07 22:50:48 | 001,517,606 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab: Invalid or corrupt .cab file
< MD5 for: NVSTOR32.SYS >
[2010.12.07 22:50:48 | 001,517,606 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab: Invalid or corrupt .cab file
[2010.12.07 22:50:48 | 001,517,606 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab: Invalid or corrupt .cab file
< MD5 for: SCECLI.DLL >
[2010.12.07 22:50:48 | 001,517,606 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab: Invalid or corrupt .cab file
[2010.12.07 22:50:48 | 001,517,606 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab: Invalid or corrupt .cab file
[2008.04.14 04:22:23 | 000,187,904 | ---- | M] (Microsoft Corporation) MD5=5132443DF6FC3771A17AB4AE55DCBC28 -- C:\WINDOWS\ServicePackFiles\i386\scecli.dll
[2008.04.14 04:22:23 | 000,187,904 | ---- | M] (Microsoft Corporation) MD5=5132443DF6FC3771A17AB4AE55DCBC28 -- C:\WINDOWS\system32\scecli.dll
[2004.08.04 05:00:00 | 000,186,880 | ---- | M] (Microsoft Corporation) MD5=64DC26B3CF7BCCAD431CE360A4C625D5 -- C:\WINDOWS\$NtServicePackUninstall$\scecli.dll
< MD5 for: SCECLT.DLL >
[2010.12.07 22:50:48 | 001,517,606 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab: Invalid or corrupt .cab file
[2010.12.07 22:50:48 | 001,517,606 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab: Invalid or corrupt .cab file
< MD5 for: USER32.DLL >
[2010.12.07 22:50:48 | 001,517,606 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab: Invalid or corrupt .cab file
[2010.12.07 22:50:48 | 001,517,606 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab: Invalid or corrupt .cab file
[2007.03.08 17:36:30 | 000,579,072 | ---- | M] (Microsoft Corporation) MD5=492E166CFD26A50FB9160DB536FF7D2B -- C:\WINDOWS\$NtServicePackUninstall$\user32.dll
[2004.08.04 05:00:00 | 000,578,560 | ---- | M] (Microsoft Corporation) MD5=56785FD5236D7B22CF471A6DA9DB46D8 -- C:\WINDOWS\$NtUninstallKB925902$\user32.dll
[2007.03.08 17:48:40 | 000,579,584 | ---- | M] (Microsoft Corporation) MD5=78785EFF8CB90CEC1862A4CCFD9A3C3A -- C:\WINDOWS\$hf_mig$\KB925902\SP2QFE\user32.dll
[2008.04.14 04:22:31 | 000,580,096 | ---- | M] (Microsoft Corporation) MD5=B0050CC5340E3A0760DD8B417FF7AEBD -- C:\WINDOWS\ServicePackFiles\i386\user32.dll
[2008.04.14 04:22:31 | 000,580,096 | ---- | M] (Microsoft Corporation) MD5=B0050CC5340E3A0760DD8B417FF7AEBD -- C:\WINDOWS\system32\user32.dll
< MD5 for: USERINIT.EXE >
[2010.12.07 22:50:48 | 001,517,606 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab: Invalid or corrupt .cab file
[2010.12.07 22:50:48 | 001,517,606 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab: Invalid or corrupt .cab file
[2008.04.14 04:23:03 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=788F95312E26389D596C0FA55834E106 -- C:\WINDOWS\ServicePackFiles\i386\userinit.exe
[2008.04.14 04:23:03 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=788F95312E26389D596C0FA55834E106 -- C:\WINDOWS\system32\userinit.exe
[2004.08.04 05:00:00 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=D1E53DC57143F2584B1DD53B036C0633 -- C:\WINDOWS\$NtServicePackUninstall$\userinit.exe
< MD5 for: VAXSCSI.SYS >
[2010.12.07 22:50:48 | 001,517,606 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab: Invalid or corrupt .cab file
[2010.12.07 22:50:48 | 001,517,606 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab: Invalid or corrupt .cab file
< MD5 for: VIAMRAID.SYS >
[2010.12.07 22:50:48 | 001,517,606 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab: Invalid or corrupt .cab file
[2010.12.07 22:50:48 | 001,517,606 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab: Invalid or corrupt .cab file
< MD5 for: VIASRAID.SYS >
[2010.12.07 22:50:48 | 001,517,606 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab: Invalid or corrupt .cab file
[2010.12.07 22:50:48 | 001,517,606 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab: Invalid or corrupt .cab file
< MD5 for: VIPRT.SYS >
[2010.12.07 22:50:48 | 001,517,606 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab: Invalid or corrupt .cab file
[2010.12.07 22:50:48 | 001,517,606 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab: Invalid or corrupt .cab file
< MD5 for: WININIT.EXE >
[2010.12.07 22:50:48 | 001,517,606 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab: Invalid or corrupt .cab file
[2010.12.07 22:50:48 | 001,517,606 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab: Invalid or corrupt .cab file
< MD5 for: WINLOGON.EXE >
[2010.12.07 22:50:48 | 001,517,606 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab: Invalid or corrupt .cab file
[2010.12.07 22:50:48 | 001,517,606 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab: Invalid or corrupt .cab file
[2012.04.04 15:56:38 | 000,199,240 | ---- | M] () MD5=097D0E812D7A9A3101CE46CB2BE0474D -- C:\Programme\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe
[2004.08.04 05:00:00 | 000,507,392 | ---- | M] (Microsoft Corporation) MD5=2B6A0BAF33A9918F09442D873848FF72 -- C:\WINDOWS\$NtServicePackUninstall$\winlogon.exe
[2008.04.14 04:23:05 | 000,513,024 | ---- | M] (Microsoft Corporation) MD5=F09A527B422E25C478E38CAA0E44417A -- C:\WINDOWS\ServicePackFiles\i386\winlogon.exe
[2008.04.14 04:23:05 | 000,513,024 | ---- | M] (Microsoft Corporation) MD5=F09A527B422E25C478E38CAA0E44417A -- C:\WINDOWS\system32\winlogon.exe
< MD5 for: WS2IFSL.SYS >
[2010.12.07 22:50:48 | 001,517,606 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab: Invalid or corrupt .cab file
[2010.12.07 22:50:48 | 001,517,606 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab: Invalid or corrupt .cab file
[2004.08.04 05:00:00 | 000,012,032 | ---- | M] (Microsoft Corporation) MD5=6ABE6E225ADB5A751622A9CC3BC19CE8 -- C:\WINDOWS\system32\dllcache\ws2ifsl.sys
[2004.08.04 05:00:00 | 000,012,032 | ---- | M] (Microsoft Corporation) MD5=6ABE6E225ADB5A751622A9CC3BC19CE8 -- C:\WINDOWS\system32\drivers\ws2ifsl.sys
< %systemroot%\system32\drivers\*.sys /lockedfiles >
< %systemroot%\System32\config\*.sav >
[2004.09.06 10:30:18 | 000,094,208 | ---- | M] () -- C:\WINDOWS\System32\config\default.sav
[2004.09.06 10:30:16 | 000,663,552 | ---- | M] () -- C:\WINDOWS\System32\config\software.sav
[2004.09.06 10:30:16 | 000,438,272 | ---- | M] () -- C:\WINDOWS\System32\config\system.sav
< %systemroot%\*. /mp /s >
< %systemroot%\system32\*.dll /lockedfiles >
[5 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]
< >
< End of report >
--- --- ---
[/code]
und hier noch, Ich weiss nicht obs wichtig ist, Extras.txt
OTL Logfile: Code:
OTL Extras logfile created on: 06.07.2012 18:01:42 - Run 1
OTL by OldTimer - Version 3.2.53.1 Folder = D:\Virus
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
1014,36 Mb Total Physical Memory | 401,77 Mb Available Physical Memory | 39,61% Memory free
2,38 Gb Paging File | 1,68 Gb Available in Paging File | 70,55% Paging File free
Paging file location(s): C:\pagefile.sys 1524 3048 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 71,33 Gb Total Space | 28,87 Gb Free Space | 40,48% Space Free | Partition Type: NTFS
Drive D: | 71,84 Gb Total Space | 6,43 Gb Free Space | 8,96% Space Free | Partition Type: FAT32
Computer Name: ACER-747B59264E | User Name: Monteur | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.js [@ = Reg Error: Value error.] -- Reg Error: Key error. File not found
[HKEY_USERS\S-1-5-21-2749292441-3107483898-554129289-1008\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Programme\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
jsfile [edit] -- Reg Error: Key error.
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Programme\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Mit Corel PaintShop Photo Pro X3 durchsuchen] -- "c:\Programme\Corel\Corel PaintShop Photo Pro\X3\PSPClassic\Corel Paint Shop Pro Photo.exe" "%L" (Corel, Inc.)
Directory [PlayWithVLC] -- "C:\Programme\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows NT\SystemRestore]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"_{DEAEB5DB-04FA-489D-94EF-8600898B93EE}" = Corel PaintShop Photo Pro X3
"{02F0B8AE-7501-4333-AFBE-6BAABFEC7637}" = WISO Steuer-Sparbuch 2011
"{0CC1DAFB-40C8-4903-953D-471E541477C7}" = WISO Steuer-Sparbuch 2012
"{1111706F-666A-4037-7777-211328764D10}" = JavaFX 2.1.1
"{116FF17B-1A30-4FC2-9B01-5BC5BD46B0B3}" = Acer eLock Management
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP540_series" = Canon MP540 series MP Drivers
"{13F3917B56CD4C25848BDC69916971BB}" = DivX Converter
"{1577A05B-EE62-4BBC-9DB7-FE748FA44EC2}" = NTI CD & DVD-Maker
"{1598034D-7147-432C-8CA8-888E0632D124}" = NTI Backup NOW! 4.7
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F2C8256-2773-46C7-9ABA-3E39C24ABB51}" = Acer eSettings Management
"{26A24AE4-039D-4CA4-87B4-2F83216012FF}" = Java(TM) 6 Update 24
"{26A24AE4-039D-4CA4-87B4-2F83217005FF}" = Java(TM) 7 Update 5
"{299C0434-4F4E-341F-A916-4E07AEB35E79}" = Microsoft Visual Studio Tools for Applications 2.0 Runtime
"{350C97B3-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3FC7CBBC4C1E11DCA1A752EA55D89593}" = DivX Version Checker
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4AD13F68-CADA-4C6B-9759-C33753F89908}" = Acer eDataSecurity Management
"{4cb9f93c-9edc-4be9-ae61-af128ddbecfa}" = Business Contact Manager für Outlook 2007 SP2
"{50120000-1105-0000-0000-0000000FF1CE}" = Microsoft Office 2007 Primary Interop Assemblies
"{58E5844B-7CE2-413D-83D1-99294BF6C74F}" = Acer ePower Management
"{5E1375CB-6792-4464-8715-CC3EC83D48FA}" = VirtualDJ Home FREE
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD
"{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}" = MSVC80_x86_v2
"{6F7EA6CA-79F4-44A0-A370-8E82BB16534A}" = NTI Shadow
"{76DAEC83-AF7B-333C-8A53-83D7C7D39199}" = Microsoft Visual Studio Tools for Applications 2.0 Runtime Language Pack - DEU
"{79DD56FC-DB8B-47F5-9C80-78B62E05F9BC}" = Acer ScreenSaver
"{7E84FAC8-C518-40F9-9807-7455301D6D25}" = SamsungConnectivityCableDriver
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{8927E07C-97F7-4A54-88FB-D976F50DD46E}" = Turbo Lister 2
"{8DC42D05-680B-41B0-8878-6C14D24602DB}" = QuickTime
"{8E87B944-4815-3C5E-947F-5035C9F64362}" = Microsoft Visual Studio Tools for Applications 2.0 Language Pack - DEU
"{90120000-0010-0407-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (German) 12
"{90120000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2007
"{90120000-0015-0407-0000-0000000FF1CE}_PROHYBRIDR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_PROHYBRIDR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_PROHYBRIDR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2007
"{90120000-0019-0407-0000-0000000FF1CE}_PROHYBRIDR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2007
"{90120000-001A-0407-0000-0000000FF1CE}_PROHYBRIDR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_PROHYBRIDR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_PROHYBRIDR_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_PROHYBRIDR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_PROHYBRIDR_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_PROHYBRIDR_{322296D4-1EAE-4030-9FBC-D2787EB25FA2}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_PROHYBRIDR_{26454C26-D259-4543-AA60-3189E09C5F76}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel(R) Matrix Storage Manager
"{90A40407-6000-11D3-8CFE-0150048383C9}" = Microsoft Office 2003 Web Components
"{91120000-0031-0000-0000-0000000FF1CE}" = Microsoft Office Professional Hybrid 2007
"{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{A2AA4204-C05A-4013-888A-AD153139297F}" = PC Connectivity Solution
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A939D341-5A04-4E0A-BB55-3E65B386432D}" = Microsoft Office Small Business Connectivity Components
"{AA4A4B2C-0465-3CF8-BA76-27A027D8ACAB}" = Microsoft Visual Studio Tools for Applications 2.0 - ENU
"{AB6097D9-D722-4987-BD9E-A076E2848EE2}" = Acer Empowering Technology
"{AC76BA86-7AD7-1033-7B44-A81000000003}" = Adobe Reader 8.1.0
"{AF111648-99A1-453E-81DD-80DBBF6DAD0D}" = MSVC90_x86
"{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B82157D3-6D31-4650-93B4-FC39BB08D6CE}" = AAVUpdateManager
"{BE1826A9-7EEE-492A-B3BC-DEF3DFAE37EE}" = TIPCI
"{BF839132-BD43-4056-ACBF-4377F4A88E2A}" = Acer ePresentation Management
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C5DA59CF-2BB8-48D5-8E5B-17F2E0F0FEE4}" = System Requirements Lab for Intel
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CE386A4E-D0DA-4208-8235-BCE43275C694}" = LightScribe 1.4.142.1
"{D3B3B9B2-FE73-44CB-8C0A-F737D92F991B}" = Broadcom Gigabit Integrated Controller
"{DE4BF4BE-3CDC-43B5-BBDA-DDDA73103111}" = Corel PaintShop Photo Pro X3
"{DE612A3D-0DCC-4055-BB6A-0036F31158A0}" = Setup
"{DE8B9311-ADE7-4EDE-B121-326CAA3D225D}" = PSPPContent
"{DE99075E-7D25-4B96-B32E-BFE6FBFAA644}" = IPM_PSP_CL
"{DEAEB5DB-04FA-489D-94EF-8600898B93EE}" = ICA
"{DEF1928A-FC01-48E7-A7E6-4651D42EF6A1}" = PSPPRO_DCRAW
"{DEF8C145-CC4F-4DAA-AD5C-E707C07AEE50}" = IPM_PSP_COM
"{E3B64CC5-C011-40C0-92BC-7316CD5E5688}" = Microsoft_VC100_CRT_SP1_x86
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F193FC0E-9E18-40FC-A974-509A1BDD240A}" = Samsung New PC Studio
"504244733D18C8F63FF584AEB290E3904E791693" = Windows-Treiberpaket - Nokia pccsmcfd (08/22/2008 7.0.0.0)
"Activation Assistant for the 2007 Microsoft Office suites" = Activation Assistant for the 2007 Microsoft Office suites
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"Business Contact Manager" = Business Contact Manager für Outlook 2007 SP2
"CanonSolutionMenu" = Canon Utilities Solution Menu
"CCleaner" = CCleaner
"CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2BFAOR2C06_118" = HDAUDIO Soft Data Fax Modem with SmartCP
"DivX Plus DirectShow Filters" = DivX Plus DirectShow Filters
"DivX Setup.divx.com" = DivX-Setup
"Easy-PhotoPrint EX" = Canon Utilities Easy-PhotoPrint EX
"ESET Online Scanner" = ESET Online Scanner v3
"Free Sound Recorder_is1" = Free Sound Recorder v9.2.7
"GridVista" = Acer GridVista
"HDMI" = Intel(R) Graphics Media Accelerator Driver
"HP LaserJet P1000 series" = HP LaserJet P1000 series
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie7" = Windows Internet Explorer 7
"ie8" = Windows Internet Explorer 8
"InstallShield_{1577A05B-EE62-4BBC-9DB7-FE748FA44EC2}" = NTI CD & DVD-Maker
"InstallShield_{1598034D-7147-432C-8CA8-888E0632D124}" = NTI Backup NOW! 4.7
"InstallShield_{4AD13F68-CADA-4C6B-9759-C33753F89908}" = Acer eDataSecurity Management 2.0.4088
"InstallShield_{6F7EA6CA-79F4-44A0-A370-8E82BB16534A}" = NTI Shadow
"InstallShield_{BE1826A9-7EEE-492A-B3BC-DEF3DFAE37EE}" = Texas Instruments PCIxx21/x515/xx12 drivers.
"InstallShield_{F193FC0E-9E18-40FC-A974-509A1BDD240A}" = Samsung New PC Studio
"IsoBuster_is1" = IsoBuster 2.8.5
"JDownloader" = JDownloader
"LManager" = Launch Manager
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.61.0.1400
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mozilla Firefox 13.0.1 (x86 de)" = Mozilla Firefox 13.0.1 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"MP Navigator EX 2.0" = Canon MP Navigator EX 2.0
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"phase-6" = phase-6 2.1.2.3b
"PhotoScape" = PhotoScape
"PROHYBRIDR" = 2007 Microsoft Office system
"SAMSUNG Mobile Composite Device" = SAMSUNG Mobile Composite Device Software
"SAMSUNG Mobile Modem" = SAMSUNG Mobile Modem Driver Set
"Samsung Mobile Modem Device" = Samsung Mobile Modem Device Software
"Samsung Mobile phone USB driver" = Samsung Mobile phone USB driver Software
"SAMSUNG Mobile USB Modem" = SAMSUNG Mobile USB Modem Software
"SAMSUNG Mobile USB Modem 1.0" = SAMSUNG Mobile USB Modem 1.0 Software
"SAMSUNG USB Mobile Device" = SAMSUNG USB Mobile Device Software
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"VLC media player" = VLC media player 1.0.5
"WIC" = Windows Imaging Component
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinRAR archiver" = WinRAR
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"Xvid_is1" = Xvid 1.2.2 final uninstall
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 29.06.2012 12:50:02 | Computer Name = ACER-747B59264E | Source = Application Error | ID = 1000
Description = Fehlgeschlagene Anwendung FlashPlayerUpdateService.exe, Version 11.3.300.262,
fehlgeschlagenes Modul ntdll.dll, Version 5.1.2600.6055, Fehleradresse 0x000113c0.
Error - 02.07.2012 00:46:52 | Computer Name = ACER-747B59264E | Source = Application Error | ID = 1000
Description = Fehlgeschlagene Anwendung svchost.exe, Version 5.1.2600.5512, fehlgeschlagenes
Modul rpcss.dll, Version 5.1.2600.5755, Fehleradresse 0x0001f47c.
Error - 02.07.2012 00:53:16 | Computer Name = ACER-747B59264E | Source = EventSystem | ID = 4609
Description = Das COM+-Ereignissystem hat einen ungültigen Rückgabecode während
der internen Verarbeitung erkannt. HRESULT war 800706BA von Zeile 44 von d:\comxp_sp3\com\com1x\src\events\tier1\eventsystemobj.cpp.
Wenden Sie sich an den Microsoft-Produktsuppor
Error - 03.07.2012 06:50:02 | Computer Name = ACER-747B59264E | Source = Application Error | ID = 1000
Description = Fehlgeschlagene Anwendung FlashPlayerUpdateService.exe, Version 11.3.300.262,
fehlgeschlagenes Modul ntdll.dll, Version 5.1.2600.6055, Fehleradresse 0x000113c0.
Error - 03.07.2012 15:05:28 | Computer Name = ACER-747B59264E | Source = Application Hang | ID = 1002
Description = Stillstehende Anwendung firefox.exe, Version 13.0.1.4548, Stillstandmodul
hungapp, Version 0.0.0.0, Stillstandadresse 0x00000000.
Error - 03.07.2012 15:12:32 | Computer Name = ACER-747B59264E | Source = Application Hang | ID = 1002
Description = Stillstehende Anwendung firefox.exe, Version 13.0.1.4548, Stillstandmodul
hungapp, Version 0.0.0.0, Stillstandadresse 0x00000000.
Error - 04.07.2012 11:50:23 | Computer Name = ACER-747B59264E | Source = Application Error | ID = 1000
Description = Fehlgeschlagene Anwendung FlashPlayerUpdateService.exe, Version 11.3.300.262,
fehlgeschlagenes Modul ntdll.dll, Version 5.1.2600.6055, Fehleradresse 0x000113c0.
Error - 04.07.2012 12:50:22 | Computer Name = ACER-747B59264E | Source = Application Error | ID = 1000
Description = Fehlgeschlagene Anwendung FlashPlayerUpdateService.exe, Version 11.3.300.262,
fehlgeschlagenes Modul ntdll.dll, Version 5.1.2600.6055, Fehleradresse 0x000113c0.
Error - 04.07.2012 17:50:03 | Computer Name = ACER-747B59264E | Source = Application Error | ID = 1000
Description = Fehlgeschlagene Anwendung FlashPlayerUpdateService.exe, Version 11.3.300.262,
fehlgeschlagenes Modul ntdll.dll, Version 5.1.2600.6055, Fehleradresse 0x000113c0.
Error - 05.07.2012 15:40:25 | Computer Name = ACER-747B59264E | Source = Application Hang | ID = 1002
Description = Stillstehende Anwendung mbam.exe, Version 1.60.0.80, Stillstandmodul
hungapp, Version 0.0.0.0, Stillstandadresse 0x00000000.
[ System Events ]
Error - 06.07.2012 12:05:15 | Computer Name = ACER-747B59264E | Source = Disk | ID = 262151
Description = Fehlerhafter Block bei Gerät \Device\Harddisk0\D.
Error - 06.07.2012 12:05:18 | Computer Name = ACER-747B59264E | Source = Disk | ID = 262151
Description = Fehlerhafter Block bei Gerät \Device\Harddisk0\D.
Error - 06.07.2012 12:05:20 | Computer Name = ACER-747B59264E | Source = Disk | ID = 262151
Description = Fehlerhafter Block bei Gerät \Device\Harddisk0\D.
Error - 06.07.2012 12:05:22 | Computer Name = ACER-747B59264E | Source = Disk | ID = 262151
Description = Fehlerhafter Block bei Gerät \Device\Harddisk0\D.
Error - 06.07.2012 12:05:24 | Computer Name = ACER-747B59264E | Source = Disk | ID = 262151
Description = Fehlerhafter Block bei Gerät \Device\Harddisk0\D.
Error - 06.07.2012 12:05:27 | Computer Name = ACER-747B59264E | Source = Disk | ID = 262151
Description = Fehlerhafter Block bei Gerät \Device\Harddisk0\D.
Error - 06.07.2012 12:05:29 | Computer Name = ACER-747B59264E | Source = Disk | ID = 262151
Description = Fehlerhafter Block bei Gerät \Device\Harddisk0\D.
Error - 06.07.2012 12:05:31 | Computer Name = ACER-747B59264E | Source = Disk | ID = 262151
Description = Fehlerhafter Block bei Gerät \Device\Harddisk0\D.
Error - 06.07.2012 12:05:34 | Computer Name = ACER-747B59264E | Source = Disk | ID = 262151
Description = Fehlerhafter Block bei Gerät \Device\Harddisk0\D.
Error - 06.07.2012 12:05:36 | Computer Name = ACER-747B59264E | Source = Disk | ID = 262151
Description = Fehlerhafter Block bei Gerät \Device\Harddisk0\D.
< End of report >
--- --- ---
Gruss Mike |
