eddiethehead | 05.04.2014 16:24 | Hallo Sandra,
vielen Dank, dass Du Dir die Zeit nimmst, mir zu helfen.
Hier die Inhalte der beiden Textdateien:
OTL Code:
OTL logfile created on: 4/6/2014 6:13:06 AM - Run
OTLPE by OldTimer - Version 3.1.48.0 Folder = X:\Programs\OTLPE
Microsoft Windows XP Service Pack 3 (Version = 5.1.2600) - Type = SYSTEM
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
2.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 88.00% Memory free
2.00 Gb Paging File | 2.00 Gb Available in Paging File | 97.00% Paging File free
Paging file location(s): C:\pagefile.sys 0 0 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 298.08 Gb Total Space | 276.88 Gb Free Space | 92.89% Space Free | Partition Type: NTFS
Drive X: | 436.59 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
Computer Name: REATOGO | User Name: SYSTEM
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: Off | File Age = 30 Days
Using ControlSet: ControlSet003
========== Win32 Services (SafeList) ==========
SRV - File not found [Auto] -- -- (JavaQuickStarterService)
SRV - [2014/03/29 18:10:48 | 000,180,224 | ---- | M] (Haarlems Dagblad, Inc) [Auto] -- C:\DOKUME~1\ALLUSE~1\ANWEND~1\9x49jx.gsa -- (winmgmt)
SRV - [2014/03/14 01:23:02 | 000,440,400 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto] -- C:\Programme\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2014/03/14 01:22:48 | 001,017,424 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto] -- C:\Programme\Avira\AntiVir Desktop\AVWEBGRD.EXE -- (AntiVirWebService)
SRV - [2014/03/14 01:22:44 | 000,896,592 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto] -- C:\Programme\Avira\AntiVir Desktop\avmailc.exe -- (AntiVirMailService)
SRV - [2014/03/14 01:22:43 | 000,440,400 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto] -- C:\Programme\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2010/03/18 06:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) [Auto] -- C:\Programme\Gemeinsame Dateien\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon)
SRV - [2006/07/25 04:48:30 | 000,613,376 | ---- | M] () [Auto] -- C:\Programme\Packard Bell\SrvCDEject.exe -- (SrvCDEject)
SRV - [2006/06/21 15:36:50 | 000,032,768 | ---- | M] (Softex Inc.) [Auto] -- C:\APPS\Softex\OmniPass\OmniServ.exe -- (omniserv)
SRV - [2005/10/20 01:15:00 | 000,090,112 | ---- | M] () [Auto] -- C:\Programme\Sonic\DigitalMedia LE v7\MyDVD LE\USBDeviceService.exe -- (USBDeviceService)
SRV - [2005/04/03 19:41:10 | 000,069,632 | ---- | M] (Macrovision Corporation) [Auto] -- C:\Programme\Gemeinsame Dateien\InstallShield\Driver\11\Intel 32\IDriverT.exe -- (IDriverT)
SRV - [2005/01/31 04:45:20 | 000,049,152 | ---- | M] (Ulead Systems, Inc.) [Auto] -- C:\Programme\Gemeinsame Dateien\Ulead Systems\DVD\ULCDRSvr.exe -- (UleadBurningHelper)
SRV - [2003/12/05 03:58:36 | 000,314,424 | ---- | M] (Eastman Kodak Company) [Auto] -- C:\WINDOWS\system32\drivers\KodakCCS.exe -- (KodakCCS)
SRV - [2003/07/28 07:28:22 | 000,089,136 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE -- (ose)
SRV - [2003/02/04 02:22:30 | 000,181,312 | ---- | M] () [Auto] -- C:\WINDOWS\system32\ScsiAccess.EXE -- (ScsiAccess)
SRV - [2001/11/12 08:31:48 | 000,020,480 | ---- | M] (X10) [Auto] -- C:\Programme\Common Files\X10\Common\X10nets.exe -- (x10nets)
========== Driver Services (SafeList) ==========
DRV - File not found [Kernel | On_Demand] -- -- (WDICA)
DRV - File not found [Kernel | System] -- -- (tpwucbza)
DRV - File not found [Kernel | On_Demand] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand] -- -- (PDCOMP)
DRV - File not found [Kernel | System] -- -- (PCIDump)
DRV - File not found [Kernel | System] -- -- (ogaplfir)
DRV - File not found [Kernel | System] -- -- (MpKslff622f3b)
DRV - File not found [Kernel | System] -- -- (MpKslff1818f4)
DRV - File not found [Kernel | System] -- -- (MpKsld3d291c7)
DRV - File not found [Kernel | System] -- -- (MpKslce95ac18)
DRV - File not found [Kernel | System] -- -- (MpKslcb049427)
DRV - File not found [Kernel | System] -- -- (MpKslb4b27b29)
DRV - File not found [Kernel | System] -- -- (MpKslb4645804)
DRV - File not found [Kernel | System] -- -- (MpKsla80b8245)
DRV - File not found [Kernel | System] -- -- (MpKsl7ecb664a)
DRV - File not found [Kernel | System] -- -- (MpKsl61514588)
DRV - File not found [Kernel | System] -- -- (MpKsl5fd3a8d1)
DRV - File not found [Kernel | System] -- -- (MpKsl5bd9148c)
DRV - File not found [Kernel | System] -- -- (MpKsl2372468e)
DRV - File not found [Kernel | System] -- -- (MpKsl17ae5a93)
DRV - File not found [Kernel | System] -- -- (lbrtfdc)
DRV - File not found [Kernel | System] -- -- (jqhtjwnv)
DRV - File not found [Kernel | System] -- -- (iseghspr)
DRV - File not found [Kernel | System] -- -- (dyvfpurr)
DRV - File not found [Kernel | System] -- -- (Changer)
DRV - [2013/12/19 04:49:50 | 000,135,648 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System] -- C:\WINDOWS\system32\drivers\avipbb.sys -- (avipbb)
DRV - [2013/12/19 04:49:50 | 000,090,400 | ---- | M] (Avira Operations GmbH & Co. KG) [File_System | Auto] -- C:\WINDOWS\system32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2013/11/26 01:22:18 | 000,037,352 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System] -- C:\WINDOWS\system32\drivers\avkmgr.sys -- (avkmgr)
DRV - [2012/12/17 15:11:34 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System] -- C:\WINDOWS\system32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2008/04/13 14:46:22 | 000,015,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\mpe.sys -- (MPE)
DRV - [2006/10/30 16:05:33 | 000,008,552 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | Auto] -- C:\WINDOWS\System32\drivers\asctrm.sys -- (ASCTRM)
DRV - [2006/07/18 16:07:56 | 001,675,776 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2006/06/21 15:21:46 | 000,130,048 | ---- | M] (AuthenTec, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\atswpdrv.sys -- (ATSWPDRV) AuthenTec TruePrint USB Driver (AES2500)
DRV - [2006/05/29 07:03:00 | 000,006,144 | ---- | M] (VIA Technologies, Inc.) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\viaidexp.sys -- (ViaIde)
DRV - [2006/05/16 11:32:58 | 004,275,712 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\RtkHDAud.Sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2006/04/28 10:34:00 | 000,882,688 | ---- | M] (Philips Semiconductors GmbH) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\3xHybrid.sys -- (3xHybrid)
DRV - [2005/11/28 05:45:16 | 000,007,040 | ---- | M] (X10 Wireless Technology, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\x10hid.sys -- (X10Hid)
DRV - [2005/09/23 10:38:44 | 000,316,928 | ---- | M] (AVM Berlin) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\NETFRITZ.SYS -- (NETFRITZ)
DRV - [2004/11/23 19:00:00 | 000,548,864 | ---- | M] (AVM Berlin) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\fpcibase.sys -- (fpcibase)
DRV - [2004/11/23 19:00:00 | 000,053,248 | ---- | M] (AVM GmbH) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\avmcowan.sys -- (AVMCOWAN)
DRV - [2003/12/05 04:00:14 | 000,148,529 | ---- | M] (Eastman Kodak Company) [Kernel | System] -- C:\WINDOWS\system32\drivers\ExportIt.sys -- (Exportit)
DRV - [2003/12/05 03:48:34 | 000,068,182 | ---- | M] (Eastman Kodak Company) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\DcPtp.sys -- (DcPTP)
DRV - [2003/12/05 03:40:20 | 000,036,918 | ---- | M] (Eastman Kodak Company) [Kernel | System] -- C:\WINDOWS\system32\drivers\DcCam.sys -- (DcCam)
DRV - [2003/11/16 13:50:06 | 000,038,737 | ---- | M] (Eastman Kodak Company) [Kernel | Auto] -- C:\WINDOWS\system32\drivers\DCFS2k.sys -- (DCFS2K)
DRV - [2003/09/30 12:00:08 | 000,061,564 | ---- | M] (Eastman Kodak Company) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\DcFpoint.sys -- (DcFpoint)
DRV - [2003/09/30 11:59:14 | 000,008,022 | ---- | M] (Eastman Kodak Company) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\DcLps.sys -- (DcLps)
DRV - [2003/01/10 17:13:04 | 000,033,588 | ---- | M] (America Online, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\wanatw4.sys -- (wanatw) WAN Miniport (ATW)
DRV - [2001/08/17 06:13:48 | 000,037,568 | ---- | M] (AVM GmbH) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\avmwan.sys -- (AVMWAN)
========== Standard Registry (All) ==========
========== Internet Explorer ==========
IE - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\Software\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKLM\Software\Microsoft\Internet Explorer\Main,Page_Transitions = 1
IE - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\Software\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkId=69157
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\Administrator_ON_C\Software\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKU\Administrator_ON_C\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
IE - HKU\Administrator_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = file://C:\APPS\IE\offline\ger.htm
IE - HKU\Administrator_ON_C\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\WINDOWS\system32\ieframe.dll (Microsoft Corporation)
IE - HKU\Administrator_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\*****_ON_C\Software\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKU\*****_ON_C\Software\Microsoft\Internet Explorer\Main,Page_Transitions = 1
IE - HKU\*****_ON_C\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896
IE - HKU\*****_ON_C\Software\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google
IE - HKU\*****_ON_C\Software\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
IE - HKU\*****_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
IE - HKU\*****_ON_C\..\URLSearchHook: {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Programme\Ask.com\GenericAskToolbar.dll (Ask)
IE - HKU\*****_ON_C\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\WINDOWS\system32\ieframe.dll (Microsoft Corporation)
IE - HKU\*****_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\*****_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = localhost
IE - HKU\NetworkService_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin:
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Programme\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Programme\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@viewpoint.com/VMP: C:\Programme\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll ()
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{3112ca9c-de6d-4884-a869-9855de68056c}: C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Mozilla\Firefox Extensions\{3112ca9c-de6d-4884-a869-9855de68056c} [2011/03/07 14:08:52 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{20a82645-c095-46ed-80e3-08825760534b}: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ [2010/04/19 15:41:16 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Programme\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010/09/30 11:49:40 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 2.0.0.7\extensions\\Components: C:\Programme\Mozilla Firefox\components [2011/03/10 06:15:29 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 2.0.0.7\extensions\\Plugins: C:\Programme\Mozilla Firefox\plugins [2011/12/31 12:21:53 | 000,000,000 | ---D | M]
[2011/02/09 10:32:27 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
[2007/12/02 10:27:51 | 000,000,000 | ---D | M] (Firefox (default)) -- C:\Programme\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2010/05/26 08:30:34 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2011/02/09 10:32:27 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
[2007/12/02 10:27:51 | 000,000,000 | ---D | M] (Google Settings) -- C:\Programme\Mozilla Firefox\extensions\google-cjk@partners.mozilla.com
[2007/12/02 10:27:54 | 000,000,000 | ---D | M] (Talkback) -- C:\Programme\Mozilla Firefox\extensions\talkback@mozilla.org
[2007/09/16 02:52:28 | 000,066,408 | ---- | M] (Mozilla Foundation) -- C:\Programme\mozilla firefox\components\jar50.dll
[2007/09/16 02:52:28 | 000,054,112 | ---- | M] (Mozilla Foundation) -- C:\Programme\mozilla firefox\components\jsd3250.dll
[2007/09/16 02:52:28 | 000,034,688 | ---- | M] (Mozilla Foundation) -- C:\Programme\mozilla firefox\components\myspell.dll
[2007/09/16 02:52:28 | 000,046,456 | ---- | M] (Mozilla Foundation) -- C:\Programme\mozilla firefox\components\spellchk.dll
[2007/09/16 02:52:28 | 000,171,880 | ---- | M] (Mozilla Foundation) -- C:\Programme\mozilla firefox\components\xpinstal.dll
[2010/11/12 13:53:06 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Programme\mozilla firefox\plugins\npdeployJava1.dll
[2007/09/16 02:52:28 | 000,022,400 | ---- | M] (mozilla.org) -- C:\Programme\mozilla firefox\plugins\npnul32.dll
[2007/03/22 13:23:30 | 000,017,248 | ---- | M] (Microsoft Corporation) -- C:\Programme\mozilla firefox\plugins\NPOFFICE.DLL
[2006/12/17 23:18:30 | 000,077,824 | ---- | M] (Adobe Systems Inc.) -- C:\Programme\mozilla firefox\plugins\nppdf32.dll
[2011/12/31 12:21:52 | 000,159,744 | ---- | M] (Apple Inc.) -- C:\Programme\mozilla firefox\plugins\npqtplugin.dll
[2011/12/31 12:21:52 | 000,159,744 | ---- | M] (Apple Inc.) -- C:\Programme\mozilla firefox\plugins\npqtplugin2.dll
[2011/12/31 12:21:52 | 000,159,744 | ---- | M] (Apple Inc.) -- C:\Programme\mozilla firefox\plugins\npqtplugin3.dll
[2011/12/31 12:21:52 | 000,159,744 | ---- | M] (Apple Inc.) -- C:\Programme\mozilla firefox\plugins\npqtplugin4.dll
[2011/12/31 12:21:52 | 000,159,744 | ---- | M] (Apple Inc.) -- C:\Programme\mozilla firefox\plugins\npqtplugin5.dll
[2011/12/31 12:21:52 | 000,159,744 | ---- | M] (Apple Inc.) -- C:\Programme\mozilla firefox\plugins\npqtplugin6.dll
[2011/12/31 12:21:52 | 000,159,744 | ---- | M] (Apple Inc.) -- C:\Programme\mozilla firefox\plugins\npqtplugin7.dll
[2006/08/24 17:07:50 | 000,001,525 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\amazondotcom-de.xml
[2006/08/24 17:07:50 | 000,001,063 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\eBay-de.xml
[2007/01/17 18:05:32 | 000,002,368 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\google.xml
[2006/11/10 07:42:00 | 000,000,998 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\wikipedia-de.xml
[2006/11/10 18:32:03 | 000,000,815 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\yahoo-de.xml
O1 HOSTS File: ([2004/08/10 09:00:00 | 000,000,820 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (HP Print Enhancer) - {0347C33E-8762-4905-BF09-768834316C61} - C:\Programme\HP\Digital Imaging\smart web printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Programme\Ask.com\GenericAskToolbar.dll (Ask)
O2 - BHO: (HP Smart BHO Class) - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Programme\HP\Digital Imaging\smart web printing\hpswp_BHO.dll (Hewlett-Packard Co.)
O3 - HKLM\..\Toolbar: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Programme\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Programme\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKU\*****_ON_C\..\Toolbar\ShellBrowser: (&Adresse) - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation)
O3 - HKU\*****_ON_C\..\Toolbar\WebBrowser: (&Adresse) - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation)
O3 - HKU\*****_ON_C\..\Toolbar\WebBrowser: (&Links) - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O3 - HKU\*****_ON_C\..\Toolbar\WebBrowser: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Programme\Ask.com\GenericAskToolbar.dll (Ask)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [ApnUpdater] C:\Programme\Ask.com\Updater\Updater.exe (Ask)
O4 - HKLM..\Run: [ArcSoft Connection Service] C:\Programme\Gemeinsame Dateien\ArcSoft\Connection Service\Bin\ACDaemon.exe (ArcSoft Inc.)
O4 - HKLM..\Run: [avgnt] C:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [Nikon Message Center 2] C:\Programme\Nikon\Nikon Message Center 2\NkMC2.exe (Nikon Corporation)
O4 - HKLM..\Run: [QuickTime Task] C:\Programme\QuickTime\QTTask.exe (Apple Inc.)
O4 - HKU\.DEFAULT..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (Microsoft Corporation)
O4 - HKU\.DEFAULT..\Run: [DWQueuedReporting] C:\Programme\Gemeinsame Dateien\Microsoft Shared\DW\DWTRIG20.EXE (Microsoft Corporation)
O4 - HKU\*****_ON_C..\Run: [360Amigo] C:\Program files\360Amigo\360Amigo.exe (360Amigo)
O4 - HKU\*****_ON_C..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (Microsoft Corporation)
O4 - HKU\*****_ON_C..\Run: [Google Update] C:\Dokumente und Einstellungen\*****\Lokale Einstellungen\Anwendungsdaten\Google\Update\GoogleUpdate.exe (Google Inc.)
O4 - HKU\LocalService_ON_C..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (Microsoft Corporation)
O4 - HKU\NetworkService_ON_C..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (Microsoft Corporation)
O4 - HKLM..\RunOnceEx: [] File not found
O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\Adobe Reader - Schnellstart.lnk = C:\Programme\Adobe\Acrobat 7.0\Reader\reader_sl.exe (Adobe Systems Incorporated)
O4 - Startup: C:\Dokumente und Einstellungen\*****\Startmenü\Programme\Autostart\Outlook Express.lnk = C:\Programme\Outlook Express\msimn.exe (Microsoft Corporation)
O4 - Startup: C:\Dokumente und Einstellungen\*****\Startmenü\Programme\Autostart\xj94x9.lnk = X:\I386\SYSTEM32\RUNDLL32.EXE (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallVisualStyle = C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles (Microsoft)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallTheme = C:\WINDOWS\Resources\Themes\Royale.theme ()
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\Administrator_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\*****_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\LocalService_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\NetworkService_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: Nach Microsoft &Excel exportieren - C:\Programme\Microsoft Office\office11\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: Recherchieren - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Programme\Microsoft Office\office11\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra Button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\shdocvw.dll (Microsoft Corporation)
O9 - Extra Button: HP Smart Web Printing ein- oder ausblenden - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Programme\HP\Digital Imaging\smart web printing\hpswp_BHO.dll (Hewlett-Packard Co.)
O9 - Extra 'Tools' menuitem : @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\network diagnostic\xpnetdiag.exe (Microsoft Corporation)
O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\WINDOWS\system32\winrnr.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Programme\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Programme\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\WINDOWS\system32\rsvpsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\WINDOWS\system32\rsvpsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000016 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000017 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000018 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000020 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000021 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000022 - C:\Programme\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} hxxp://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab (Symantec AntiVirus scanner)
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} hxxp://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab (Symantec RuFSI Utility Class)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} hxxp://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1271702138093 (MUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Reg Error: Key error.)
O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\WINDOWS\system32\msvidctl.dll (Microsoft Corporation)
O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\gopher {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp - No CLSID value found
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\system32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\WINDOWS\system32\inetcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp - No CLSID value found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\system32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Web Components\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\sysimage {76E67A63-06E9-11D2-A840-006008059382} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\WINDOWS\system32\msvidctl.dll (Microsoft Corporation)
O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\wia {13F3EA8B-91D7-4F0A-AD76-D2853AC8BECE} - C:\WINDOWS\system32\wiascr.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\Class Install Handler {32B533BB-EDAE-11d0-BD5A-00AA00B92AF1} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\deflate {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\gzip {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\lzdhtml {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/webviewhtml {733AC4CB-F1A4-11d0-B951-00A0C90312E1} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UIHost - (logonui.exe) - C:\WINDOWS\System32\logonui.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (rundll32 shell32) - C:\WINDOWS\System32\shell32.dll (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (Control_RunDLL "sysdm.cpl") - C:\WINDOWS\System32\sysdm.cpl (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O20 - Winlogon\Notify\crypt32chain: DllName - crypt32.dll - C:\WINDOWS\System32\crypt32.dll (Microsoft Corporation)
O20 - Winlogon\Notify\cryptnet: DllName - cryptnet.dll - C:\WINDOWS\System32\cryptnet.dll (Microsoft Corporation)
O20 - Winlogon\Notify\cscdll: DllName - cscdll.dll - C:\WINDOWS\System32\cscdll.dll (Microsoft Corporation)
O20 - Winlogon\Notify\dimsntfy: DllName - %SystemRoot%\System32\dimsntfy.dll - C:\WINDOWS\system32\dimsntfy.dll (Microsoft Corporation)
O20 - Winlogon\Notify\OPXPGina: DllName - C:\Apps\Softex\OmniPass\opxpgina.dll - C:\APPS\Softex\OmniPass\OPXPGina.dll ()
O20 - Winlogon\Notify\ScCertProp: DllName - wlnotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\Schedule: DllName - wlnotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\sclgntfy: DllName - sclgntfy.dll - C:\WINDOWS\System32\sclgntfy.dll (Microsoft Corporation)
O20 - Winlogon\Notify\SensLogn: DllName - WlNotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\termsrv: DllName - wlnotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\wlballoon: DllName - wlnotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O21 - SSODL: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O21 - SSODL: PostBootReminder - {7849596a-48ea-486e-8937-a2a3009f31a9} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O21 - SSODL: SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} - C:\WINDOWS\system32\stobject.dll (Microsoft Corporation)
O21 - SSODL: UPnPMonitor - {e57ce738-33e8-4c51-8354-bb4de9d215d1} - C:\WINDOWS\system32\upnpui.dll (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\WINDOWS\system32\webcheck.dll (Microsoft Corporation)
O22 - SharedTaskScheduler: {438755C2-A8BA-11D1-B96B-00A0C90312E1} - Browseui preloader - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation)
O22 - SharedTaskScheduler: {8C7461EF-2B13-11d2-BE35-3078302C2030} - Component Categories cache daemon - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation)
O24 - Desktop Components:0 (Die derzeitige Homepage) - About:Home
O24 - Desktop WallPaper:
O24 - Desktop BackupWallPaper:
O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - C:\WINDOWS\System32\shell32.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (msapsspc.dll) - C:\WINDOWS\System32\msapsspc.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (schannel.dll) - C:\WINDOWS\System32\schannel.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (digest.dll) - C:\WINDOWS\System32\digest.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (msnsspc.dll) - C:\WINDOWS\System32\msnsspc.dll (Microsoft Corporation)
O30 - LSA: Authentication Packages - (msv1_0) - C:\WINDOWS\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (kerberos) - C:\WINDOWS\System32\kerberos.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (msv1_0) - C:\WINDOWS\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (schannel) - C:\WINDOWS\System32\schannel.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (wdigest) - C:\WINDOWS\System32\wdigest.dll (Microsoft Corporation)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/03/24 07:06:41 | 000,000,053 | R--- | M] () - X:\AUTORUN.INF -- [ CDFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 30 Days ==========
[2014/03/29 18:10:48 | 000,180,224 | ---- | C] (Haarlems Dagblad, Inc) -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\9x49jx.gsa
[2014/03/29 17:38:08 | 000,000,000 | RH-D | C] -- C:\Dokumente und Einstellungen\*****\Recent
[2014/03/29 05:18:14 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xp_eos.exe
[2014/03/29 05:18:14 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\xp_eos.exe
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2014/04/05 19:12:44 | 001,048,576 | -H-- | M] () -- C:\Dokumente und Einstellungen\Administrator\NTUSER.DAT
[2014/04/05 01:49:27 | 000,262,144 | -H-- | M] () -- C:\Dokumente und Einstellungen\NetworkService\NTUSER.DAT
[2014/04/05 01:49:27 | 000,262,144 | -H-- | M] () -- C:\Dokumente und Einstellungen\LocalService\NTUSER.DAT
[2014/04/05 01:49:26 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2014/04/05 01:49:07 | 000,000,098 | ---- | M] () -- C:\WINDOWS\System32\mhncache.dat
[2014/04/05 01:49:07 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2014/04/05 01:49:00 | 000,000,240 | ---- | M] () -- C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job
[2014/04/05 01:46:57 | 000,000,116 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2014/04/05 01:46:46 | 2145,898,496 | -HS- | M] () -- C:\hiberfil.sys
[2014/04/05 01:06:12 | 000,001,102 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2014/04/05 01:06:10 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2014/04/03 02:35:33 | 003,407,872 | -H-- | M] () -- C:\Dokumente und Einstellungen\*****\NTUSER.DAT
[2014/04/03 02:27:27 | 000,001,238 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-424064516-3807386155-3977451521-1005UA.job
[2014/04/03 01:59:03 | 000,002,752 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Dokumente\DME-SETTINGS.xml
[2014/04/03 01:59:03 | 000,000,306 | ---- | M] () -- C:\WINDOWS\tasks\DMEPeriodicTask.job
[2014/04/03 01:52:07 | 095,027,928 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\xj94x9.bbr
[2014/04/03 01:52:02 | 000,001,098 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2014/04/03 01:52:01 | 000,000,236 | ---- | M] () -- C:\WINDOWS\tasks\Ende des Supports für Microsoft Windows XP – Benachrichtigung – Anmeldung.job
[2014/03/29 18:10:51 | 000,000,799 | ---- | M] () -- C:\Dokumente und Einstellungen\*****\Startmenü\Programme\Autostart\xj94x9.lnk
[2014/03/29 18:10:48 | 000,180,224 | ---- | M] (Haarlems Dagblad, Inc) -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\9x49jx.gsa
[2014/03/29 17:37:24 | 000,000,230 | ---- | M] () -- C:\WINDOWS\tasks\Ende des Supports für Microsoft Windows XP – Monatliche Benachrichtigung.job
[2014/03/29 05:21:52 | 000,002,434 | ---- | M] () -- C:\Dokumente und Einstellungen\*****\Anwendungsdaten\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2014/03/29 05:21:52 | 000,002,416 | ---- | M] () -- C:\Dokumente und Einstellungen\*****\Desktop\Google Chrome.lnk
[2014/03/14 09:18:25 | 000,273,376 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2014/03/08 04:24:01 | 000,001,186 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-424064516-3807386155-3977451521-1005Core.job
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
========== Files Created - No Company Name ==========
[2014/04/03 01:36:09 | 2145,898,496 | -HS- | C] () -- C:\hiberfil.sys
[2014/03/29 18:10:51 | 000,000,799 | ---- | C] () -- C:\Dokumente und Einstellungen\*****\Startmenü\Programme\Autostart\xj94x9.lnk
[2014/03/29 18:10:49 | 095,027,928 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\xj94x9.bbr
[2014/03/29 17:27:53 | 000,000,236 | ---- | C] () -- C:\WINDOWS\tasks\Ende des Supports für Microsoft Windows XP – Benachrichtigung – Anmeldung.job
[2014/03/29 17:27:52 | 000,000,230 | ---- | C] () -- C:\WINDOWS\tasks\Ende des Supports für Microsoft Windows XP – Monatliche Benachrichtigung.job
[2012/03/28 04:12:58 | 000,000,098 | ---- | C] () -- C:\WINDOWS\System32\mhncache.dat
[2012/02/15 12:16:07 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2012/01/02 17:38:32 | 000,000,000 | ---- | C] () -- C:\WINDOWS\ViewNX2.INI
[2011/12/31 12:22:31 | 000,000,268 | RH-- | C] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Workflows
[2011/12/31 12:22:31 | 000,000,268 | RH-- | C] () -- C:\Dokumente und Einstellungen\*****\Anwendungsdaten\Woodwinds
[2011/12/31 12:22:31 | 000,000,268 | RH-- | C] () -- C:\Dokumente und Einstellungen\*****\Anwendungsdaten\Woodwind
[2011/12/31 12:22:31 | 000,000,268 | RH-- | C] () -- C:\Dokumente und Einstellungen\*****\Anwendungsdaten\Widgets
[2011/12/31 12:22:31 | 000,000,268 | RH-- | C] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\designjet
[2011/12/31 12:22:31 | 000,000,268 | RH-- | C] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\business-inkjet
[2011/12/31 12:22:31 | 000,000,020 | -H-- | C] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\PKP_DLev.DAT
[2011/12/31 12:22:31 | 000,000,020 | -H-- | C] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\PKP_DLet.DAT
[2011/12/31 12:22:31 | 000,000,020 | -H-- | C] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\PKP_DLes.DAT
[2011/12/31 12:22:31 | 000,000,012 | RH-- | C] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\vhosts
[2011/10/15 02:54:19 | 000,000,118 | ---- | C] () -- C:\WINDOWS\System32\MRT.INI
[2010/09/30 11:35:41 | 000,179,391 | ---- | C] () -- C:\WINDOWS\hpoins38.dat
[2010/09/30 11:35:41 | 000,000,622 | ---- | C] () -- C:\WINDOWS\hpomdl38.dat
[2010/06/29 06:50:55 | 000,075,240 | ---- | C] () -- C:\Dokumente und Einstellungen\NetworkService\Lokale Einstellungen\Anwendungsdaten\GDIPFONTCACHEV1.DAT
[2010/04/10 07:43:28 | 000,000,130 | ---- | C] () -- C:\WINDOWS\EurekaLog.ini
[2010/04/10 07:36:42 | 000,000,004 | ---- | C] () -- C:\WINDOWS\msoffice.ini
[2008/05/14 06:21:52 | 000,441,705 | ---- | C] () -- C:\WINDOWS\System32\sqlite3.dll
[2007/12/02 09:34:39 | 000,011,776 | ---- | C] () -- C:\Dokumente und Einstellungen\*****\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2007/04/27 11:53:22 | 000,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2007/04/27 10:41:15 | 000,113,618 | ---- | C] () -- C:\WINDOWS\hpoins07.dat
[2007/04/27 10:41:15 | 000,021,124 | ---- | C] () -- C:\WINDOWS\hpomdl07.dat
[2007/04/15 10:55:29 | 005,913,880 | -H-- | C] () -- C:\Dokumente und Einstellungen\*****\Lokale Einstellungen\Anwendungsdaten\IconCache.db
[2007/04/15 10:55:29 | 000,074,472 | ---- | C] () -- C:\Dokumente und Einstellungen\*****\Lokale Einstellungen\Anwendungsdaten\GDIPFONTCACHEV1.DAT
[2007/04/15 10:55:29 | 000,000,145 | ---- | C] () -- C:\Dokumente und Einstellungen\*****\Lokale Einstellungen\Anwendungsdaten\fusioncache.dat
[2007/04/15 10:55:28 | 003,407,872 | -H-- | C] () -- C:\Dokumente und Einstellungen\*****\NTUSER.DAT
[2007/04/15 10:55:28 | 000,000,190 | -HS- | C] () -- C:\Dokumente und Einstellungen\*****\ntuser.ini
[2007/04/15 10:55:13 | 003,227,760 | -H-- | C] () -- C:\WINDOWS\system32\config\systemprofile\Lokale Einstellungen\Anwendungsdaten\IconCache.db
[2007/04/15 10:55:13 | 000,074,472 | ---- | C] () -- C:\WINDOWS\system32\config\systemprofile\Lokale Einstellungen\Anwendungsdaten\GDIPFONTCACHEV1.DAT
[2007/04/15 10:55:13 | 000,000,146 | ---- | C] () -- C:\WINDOWS\system32\config\systemprofile\Lokale Einstellungen\Anwendungsdaten\fusioncache.dat
[2006/10/30 16:34:12 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2006/10/30 16:18:31 | 000,000,400 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2006/10/30 16:12:59 | 000,000,626 | ---- | C] () -- C:\WINDOWS\System32\SETUPPC.INI
[2006/10/30 16:08:23 | 000,000,059 | ---- | C] () -- C:\WINDOWS\WININIT.INI
[2006/10/30 16:06:27 | 000,006,929 | ---- | C] () -- C:\WINDOWS\HDReg.ini
[2006/10/30 16:04:51 | 000,000,335 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2006/10/30 15:53:13 | 000,075,240 | ---- | C] () -- C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Anwendungsdaten\GDIPFONTCACHEV1.DAT
[2006/10/30 15:51:01 | 000,127,184 | ---- | C] () -- C:\WINDOWS\Unwise.exe
[2006/10/30 15:49:16 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\34CoInstaller.dll
[2006/10/30 15:49:06 | 000,559,104 | ---- | C] () -- C:\WINDOWS\mHotkey.exe
[2006/10/30 15:49:06 | 000,294,912 | ---- | C] () -- C:\WINDOWS\PIC.dll
[2006/10/30 15:49:06 | 000,244,736 | ---- | C] () -- C:\WINDOWS\CDCtr.exe
[2006/10/30 15:48:36 | 000,000,008 | ---- | C] () -- C:\WINDOWS\System32\drivers\RtkHDAud.dat
[2006/10/30 15:48:34 | 000,135,168 | ---- | C] () -- C:\WINDOWS\System32\RtlCPAPI.dll
[2006/10/30 15:48:34 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\ChCfg.exe
[2006/10/30 15:47:35 | 000,129,084 | ---- | C] () -- C:\WINDOWS\System32\atiicdxx.dat
[2006/10/30 15:43:29 | 000,000,146 | ---- | C] () -- C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Anwendungsdaten\fusioncache.dat
[2006/07/26 03:57:34 | 000,006,741 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI
[2006/06/29 08:58:52 | 000,030,808 | ---- | C] () -- C:\WINDOWS\Fonts\GlobalUserInterface.CompositeFont
[2006/06/29 08:53:56 | 000,026,489 | ---- | C] () -- C:\WINDOWS\Fonts\GlobalSansSerif.CompositeFont
[2006/04/18 09:39:28 | 000,029,779 | ---- | C] () -- C:\WINDOWS\Fonts\GlobalSerif.CompositeFont
[2006/04/18 09:39:28 | 000,026,040 | ---- | C] () -- C:\WINDOWS\Fonts\GlobalMonospace.CompositeFont
[2006/01/12 06:23:10 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini
[2005/10/17 10:44:55 | 001,930,896 | -H-- | C] () -- C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Anwendungsdaten\IconCache.db
[2005/10/17 10:35:22 | 000,000,190 | -HS- | C] () -- C:\Dokumente und Einstellungen\Administrator\ntuser.ini
[2005/10/17 10:35:20 | 001,048,576 | -H-- | C] () -- C:\Dokumente und Einstellungen\Administrator\NTUSER.DAT
[2005/10/17 10:34:53 | 000,262,144 | -H-- | C] () -- C:\Dokumente und Einstellungen\LocalService\NTUSER.DAT
[2005/10/17 10:34:53 | 000,000,020 | -HS- | C] () -- C:\Dokumente und Einstellungen\LocalService\ntuser.ini
[2005/10/17 10:34:52 | 000,262,144 | -H-- | C] () -- C:\Dokumente und Einstellungen\NetworkService\NTUSER.DAT
[2005/10/17 10:34:52 | 000,000,020 | -HS- | C] () -- C:\Dokumente und Einstellungen\NetworkService\ntuser.ini
[2005/10/17 10:33:56 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2005/10/17 10:28:33 | 000,000,000 | ---- | C] () -- C:\WINDOWS\control.ini
[2005/10/17 10:25:47 | 000,000,488 | RH-- | C] () -- C:\WINDOWS\System32\logonui.exe.manifest
[2005/10/17 10:25:37 | 000,000,749 | RH-- | C] () -- C:\WINDOWS\System32\cdplayer.exe.manifest
[2005/10/17 10:22:22 | 000,021,740 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2005/10/17 10:22:06 | 000,000,037 | ---- | C] () -- C:\WINDOWS\vbaddin.ini
[2005/10/17 10:22:06 | 000,000,036 | ---- | C] () -- C:\WINDOWS\vb.ini
[2005/10/17 10:20:19 | 000,027,055 | ---- | C] () -- C:\WINDOWS\System32\tslabels.ini
[2005/10/17 10:20:18 | 000,003,999 | ---- | C] () -- C:\WINDOWS\System32\msdtcprf.ini
[2005/10/17 10:15:24 | 001,026,018 | ---- | C] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2005/10/17 10:15:23 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2005/10/17 10:13:48 | 000,273,376 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2005/10/17 10:00:46 | 000,459,586 | ---- | C] () -- C:\WINDOWS\System32\perfh007.dat
[2005/10/17 10:00:46 | 000,269,480 | ---- | C] () -- C:\WINDOWS\System32\perfi007.dat
[2005/10/17 10:00:46 | 000,084,968 | ---- | C] () -- C:\WINDOWS\System32\perfc007.dat
[2005/10/17 10:00:46 | 000,034,478 | ---- | C] () -- C:\WINDOWS\System32\perfd007.dat
[2005/10/17 10:00:44 | 000,071,022 | ---- | C] () -- C:\WINDOWS\System32\edit.com
[2005/10/17 10:00:14 | 000,013,312 | ---- | C] () -- C:\WINDOWS\System32\win87em.dll
[2005/10/17 10:00:14 | 000,000,628 | ---- | C] () -- C:\WINDOWS\win.ini
[2005/10/17 10:00:12 | 000,001,157 | ---- | C] () -- C:\WINDOWS\System32\vwipxspx.exe
[2005/10/17 10:00:10 | 000,015,360 | ---- | C] () -- C:\WINDOWS\System32\tsd32.dll
[2005/10/17 10:00:09 | 000,053,478 | ---- | C] () -- C:\WINDOWS\System32\tcpmon.ini
[2005/10/17 10:00:09 | 000,000,227 | ---- | C] () -- C:\WINDOWS\system.ini
[2005/10/17 10:00:04 | 000,000,882 | ---- | C] () -- C:\WINDOWS\System32\share.exe
[2005/10/17 10:00:03 | 000,011,903 | ---- | C] () -- C:\WINDOWS\System32\setver.exe
[2005/10/17 10:00:03 | 000,010,240 | ---- | C] () -- C:\WINDOWS\System32\scriptpw.dll
[2005/10/17 10:00:03 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2005/10/17 10:00:02 | 000,291,840 | ---- | C] () -- C:\WINDOWS\System32\sbe.dll
[2005/10/17 10:00:02 | 000,017,241 | ---- | C] () -- C:\WINDOWS\System32\rsvp.ini
[2005/10/17 10:00:01 | 000,003,358 | ---- | C] () -- C:\WINDOWS\System32\redir.exe
[2005/10/17 10:00:00 | 000,733,696 | ---- | C] () -- C:\WINDOWS\System32\qedwipes.dll
[2005/10/17 10:00:00 | 000,014,060 | ---- | C] () -- C:\WINDOWS\System32\pschdprf.ini
[2005/10/17 10:00:00 | 000,006,287 | ---- | C] () -- C:\WINDOWS\System32\rasctrs.ini
[2005/10/17 10:00:00 | 000,000,369 | ---- | C] () -- C:\WINDOWS\System32\prodspec.ini
[2005/10/17 09:59:59 | 000,004,233 | ---- | C] () -- C:\WINDOWS\System32\perfwci.ini
[2005/10/17 09:59:58 | 000,441,750 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2005/10/17 09:59:58 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2005/10/17 09:59:58 | 000,071,686 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2005/10/17 09:59:58 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2005/10/17 09:59:58 | 000,004,613 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2005/10/17 09:59:58 | 000,004,438 | ---- | C] () -- C:\WINDOWS\System32\perfci.ini
[2005/10/17 09:59:58 | 000,001,783 | ---- | C] () -- C:\WINDOWS\System32\perffilt.ini
[2005/10/17 09:59:56 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2005/10/17 09:59:55 | 000,003,262 | ---- | C] () -- C:\WINDOWS\System32\nw16.exe
[2005/10/17 09:59:54 | 000,035,648 | ---- | C] () -- C:\WINDOWS\System32\ntio411.sys
[2005/10/17 09:59:54 | 000,035,424 | ---- | C] () -- C:\WINDOWS\System32\ntio412.sys
[2005/10/17 09:59:54 | 000,034,560 | ---- | C] () -- C:\WINDOWS\System32\ntio804.sys
[2005/10/17 09:59:54 | 000,034,560 | ---- | C] () -- C:\WINDOWS\System32\ntio404.sys
[2005/10/17 09:59:54 | 000,034,032 | ---- | C] () -- C:\WINDOWS\System32\ntio.sys
[2005/10/17 09:59:54 | 000,029,370 | ---- | C] () -- C:\WINDOWS\System32\ntdos411.sys
[2005/10/17 09:59:54 | 000,029,274 | ---- | C] () -- C:\WINDOWS\System32\ntdos412.sys
[2005/10/17 09:59:54 | 000,029,146 | ---- | C] () -- C:\WINDOWS\System32\ntdos804.sys
[2005/10/17 09:59:54 | 000,029,146 | ---- | C] () -- C:\WINDOWS\System32\ntdos404.sys
[2005/10/17 09:59:54 | 000,027,914 | ---- | C] () -- C:\WINDOWS\System32\ntdos.sys
[2005/10/17 09:59:53 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2005/10/17 09:59:52 | 000,007,084 | ---- | C] () -- C:\WINDOWS\System32\nlsfunc.exe
[2005/10/17 09:59:52 | 000,002,656 | ---- | C] () -- C:\WINDOWS\System32\netware.drv
[2005/10/17 09:59:45 | 000,094,282 | ---- | C] () -- C:\WINDOWS\System32\msencode.dll
[2005/10/17 09:59:45 | 000,021,542 | ---- | C] () -- C:\WINDOWS\System32\mqperf.ini
[2005/10/17 09:59:45 | 000,014,336 | ---- | C] () -- C:\WINDOWS\System32\msdmo.dll
[2005/10/17 09:59:45 | 000,001,405 | ---- | C] () -- C:\WINDOWS\msdfmap.ini
[2005/10/17 09:59:45 | 000,000,817 | ---- | C] () -- C:\WINDOWS\System32\mscdexnt.exe
[2005/10/17 09:59:41 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2005/10/17 09:59:41 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2005/10/17 09:59:41 | 000,039,546 | ---- | C] () -- C:\WINDOWS\System32\mem.exe
[2005/10/17 09:59:40 | 000,001,273 | ---- | C] () -- C:\WINDOWS\System32\loadfix.com
[2005/10/17 09:59:39 | 000,042,809 | ---- | C] () -- C:\WINDOWS\System32\key01.sys
[2005/10/17 09:59:39 | 000,042,537 | ---- | C] () -- C:\WINDOWS\System32\keyboard.sys
[2005/10/17 09:59:38 | 000,199,168 | ---- | C] () -- C:\WINDOWS\System32\ir32_32.dll
[2005/10/17 09:59:38 | 000,014,816 | ---- | C] () -- C:\WINDOWS\System32\kb16.com
[2005/10/17 09:59:34 | 000,019,726 | ---- | C] () -- C:\WINDOWS\System32\graphics.com
[2005/10/17 09:59:34 | 000,004,992 | ---- | C] () -- C:\WINDOWS\System32\himem.sys
[2005/10/17 09:59:32 | 001,015,477 | ---- | C] () -- C:\WINDOWS\System32\esentprf.ini
[2005/10/17 09:59:32 | 000,456,192 | ---- | C] () -- C:\WINDOWS\System32\encdec.dll
[2005/10/17 09:59:32 | 000,008,584 | ---- | C] () -- C:\WINDOWS\System32\exe2bin.exe
[2005/10/17 09:59:32 | 000,000,882 | ---- | C] () -- C:\WINDOWS\System32\fastopen.exe
[2005/10/17 09:59:31 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2005/10/17 09:59:31 | 000,013,026 | ---- | C] () -- C:\WINDOWS\System32\edlin.exe
[2005/10/17 09:59:25 | 000,054,128 | ---- | C] () -- C:\WINDOWS\System32\dosx.exe
[2005/10/17 09:59:24 | 000,021,210 | ---- | C] () -- C:\WINDOWS\System32\debug.exe
[2005/10/17 09:59:24 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin
[2005/10/17 09:59:23 | 000,027,097 | ---- | C] () -- C:\WINDOWS\System32\country.sys
[2005/10/17 09:59:22 | 000,253,440 | ---- | C] () -- C:\WINDOWS\System32\compatui.dll
[2005/10/17 09:59:22 | 000,052,777 | ---- | C] () -- C:\WINDOWS\System32\command.com
[2005/10/17 09:59:21 | 000,355,112 | ---- | C] () -- C:\WINDOWS\System32\msjetoledb40.dll
[2005/10/17 09:59:18 | 000,070,656 | ---- | C] () -- C:\WINDOWS\System32\amstream.dll
[2005/10/17 09:59:18 | 000,012,610 | ---- | C] () -- C:\WINDOWS\System32\append.exe
[2005/10/17 09:59:18 | 000,009,032 | ---- | C] () -- C:\WINDOWS\System32\ansi.sys
[2005/08/05 09:26:04 | 000,235,008 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2005/06/17 00:41:14 | 000,061,440 | ---- | C] () -- C:\WINDOWS\System32\vuins32.dll
[2003/02/20 12:53:42 | 000,005,702 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI
[2003/02/04 02:22:30 | 000,181,312 | ---- | C] () -- C:\WINDOWS\System32\ScsiAccess.EXE
[2001/08/17 23:54:50 | 000,057,856 | ---- | C] () -- C:\WINDOWS\System32\dvdplay.exe
[2001/08/17 23:54:08 | 000,157,696 | ---- | C] () -- C:\WINDOWS\System32\paqsp.dll
[2001/07/06 09:30:00 | 000,003,254 | ---- | C] () -- C:\WINDOWS\System32\HPTCPMON.INI
[2000/09/08 09:53:50 | 000,073,839 | ---- | C] () -- C:\WINDOWS\System32\KodakOneTouch.dll
========== LOP Check ==========
[2006/10/30 15:52:01 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\LocalService\Anwendungsdaten\X10 Commander
[2011/03/09 17:34:29 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\TeamViewer
[2010/04/19 13:42:21 | 000,000,000 | -HSD | M] -- C:\Dokumente und Einstellungen\*****\Anwendungsdaten\.#
[2012/12/17 15:18:51 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\*****\Anwendungsdaten\AskToolbar
[2014/03/29 18:11:01 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\*****\Anwendungsdaten\CallingID
[2012/09/12 11:26:17 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\*****\Anwendungsdaten\ElevatedDiagnostics
[2011/02/25 11:08:31 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\*****\Anwendungsdaten\Enho
[2007/04/27 11:27:40 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\*****\Anwendungsdaten\FRITZ!
[2010/09/29 04:07:57 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\*****\Anwendungsdaten\Image Zone Express
[2013/03/06 01:16:14 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\*****\Anwendungsdaten\Isyrz
[2013/03/03 07:46:28 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\*****\Anwendungsdaten\Kuve
[2012/01/02 17:38:15 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\*****\Anwendungsdaten\Nikon
[2010/11/17 13:51:21 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\*****\Anwendungsdaten\Norman
[2011/03/10 09:06:37 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\*****\Anwendungsdaten\QuickScan
[2010/03/08 15:17:19 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\*****\Anwendungsdaten\T-Online
[2012/03/28 03:51:54 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\*****\Anwendungsdaten\TeamViewer
[2010/04/10 08:05:23 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\*****\Anwendungsdaten\Ulead Systems
[2011/02/14 14:38:08 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\*****\Anwendungsdaten\Uxak
[2010/04/28 12:14:00 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\*****\Anwendungsdaten\VadeRetro
[2013/03/03 08:13:20 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\*****\Anwendungsdaten\Vuuzis
[2011/12/31 12:22:31 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Chiller
[2011/12/31 12:22:31 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\ColorSync
[2011/12/31 12:22:31 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\EnterNHelp
[2007/04/15 10:58:09 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\ISDNWatch
[2012/01/01 10:04:56 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Nikon
[2006/10/30 16:15:29 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\SmartSound Software Inc
[2011/02/09 10:20:44 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TEMP
[2006/10/30 16:15:39 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Ulead Systems
[2011/12/31 12:22:31 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Ultima_T15
[2011/03/09 11:22:02 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\VadeRetro
[2006/10/30 16:05:46 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Viewpoint
[2013/02/08 12:08:20 | 000,003,301 | ---- | M] () -- C:\WINDOWS\Tasks\apc.cache
[2014/04/03 01:59:03 | 000,000,306 | ---- | M] () -- C:\WINDOWS\Tasks\DMEPeriodicTask.job
[2014/04/03 01:52:01 | 000,000,236 | ---- | M] () -- C:\WINDOWS\Tasks\Ende des Supports für Microsoft Windows XP – Benachrichtigung – Anmeldung.job
[2014/03/29 17:37:24 | 000,000,230 | ---- | M] () -- C:\WINDOWS\Tasks\Ende des Supports für Microsoft Windows XP – Monatliche Benachrichtigung.job
[2014/04/05 01:49:00 | 000,000,240 | ---- | M] () -- C:\WINDOWS\Tasks\Scheduled Update for Ask Toolbar.job
========== Purity Check ==========
========== Files - Unicode (All) ==========
[2013/09/13 08:34:40 | 097,463,612 | ---- | M] ()(C:\WINDOWS\System32\??L) -- C:\WINDOWS\System32\顾L
[2013/09/13 08:34:40 | 097,463,612 | ---- | C] ()(C:\WINDOWS\System32\??L) -- C:\WINDOWS\System32\顾L
[2013/09/06 08:47:52 | 096,334,488 | ---- | M] ()(C:\WINDOWS\System32\??L) -- C:\WINDOWS\System32\㆛ᖛL
[2013/09/06 08:47:52 | 096,334,488 | ---- | C] ()(C:\WINDOWS\System32\??L) -- C:\WINDOWS\System32\㆛ᖛL
========== Alternate Data Streams ==========
@Alternate Data Stream - 106 bytes -> C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TEMP:DFC5A2B2
< End of report > Extras Code:
OTL Extras logfile created on: 4/6/2014 6:13:06 AM - Run
OTLPE by OldTimer - Version 3.1.48.0 Folder = X:\Programs\OTLPE
Microsoft Windows XP Service Pack 3 (Version = 5.1.2600) - Type = SYSTEM
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
2.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 88.00% Memory free
2.00 Gb Paging File | 2.00 Gb Available in Paging File | 97.00% Paging File free
Paging file location(s): C:\pagefile.sys 0 0 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 298.08 Gb Total Space | 276.88 Gb Free Space | 92.89% Space Free | Partition Type: NTFS
Drive X: | 436.59 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
Computer Name: REATOGO | User Name: SYSTEM
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: Off | File Age = 30 Days
Using ControlSet: ControlSet003
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 1
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 1
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 122945536
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\Sr]
"Start" = 4
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\SrService]
"Start" = 2
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DoNotAllowExceptions" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"C:\APPS\AOL 9.0\waol.exe" = C:\APPS\AOL 9.0\waol.exe:*:Enabled:AOL 9.0
"C:\Programme\AOL 9.0 VR\waol.exe" = C:\Programme\AOL 9.0 VR\waol.exe:*:Enabled:AOL 9.0 VR
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"C:\Programme\HP\Digital Imaging\bin\hpqtra08.exe" = C:\Programme\HP\Digital Imaging\bin\hpqtra08.exe:*:Enabled:hpqtra08.exe -- (Hewlett-Packard Co.)
"C:\Programme\HP\Digital Imaging\bin\hposid01.exe" = C:\Programme\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe -- (Hewlett-Packard Co.)
"C:\Programme\HP\Digital Imaging\bin\hpoews01.exe" = C:\Programme\HP\Digital Imaging\bin\hpoews01.exe:*:Enabled:hpoews01.exe -- (Hewlett-Packard Co.)
"C:\Programme\HP\Digital Imaging\bin\hpqusgm.exe" = C:\Programme\HP\Digital Imaging\bin\hpqusgm.exe:*:Enabled:hpqusgm.exe -- (Hewlett-Packard Co.)
"C:\Programme\HP\Digital Imaging\bin\hpqusgh.exe" = C:\Programme\HP\Digital Imaging\bin\hpqusgh.exe:*:Enabled:hpqusgh.exe -- (Hewlett-Packard Co.)
"C:\Programme\HP\HP Software Update\HPWUCli.exe" = C:\Programme\HP\HP Software Update\HPWUCli.exe:*:Enabled:hpwucli.exe
"C:\Programme\HP\Digital Imaging\smart web printing\SmartWebPrintExe.exe" = C:\Programme\HP\Digital Imaging\smart web printing\SmartWebPrintExe.exe:*:Enabled:smartwebprintexe.exe -- (Hewlett-Packard Co.)
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"C:\Programme\Gemeinsame Dateien\aol\System Information\sinf.exe" = C:\Programme\Gemeinsame Dateien\aol\System Information\sinf.exe:*:Enabled:AOL System Information -- (America Online, Inc.)
"C:\Programme\Messenger\msmsgs.exe" = C:\Programme\Messenger\msmsgs.exe:*:Enabled:Windows Messenger -- (Microsoft Corporation)
"C:\Programme\Kodak\KODAK Software Updater\7288971\Program\backWeb-7288971.exe" = C:\Programme\Kodak\KODAK Software Updater\7288971\Program\backWeb-7288971.exe:*:Enabled:backWeb-7288971 -- ()
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"C:\Programme\HP\Digital Imaging\bin\hpqtra08.exe" = C:\Programme\HP\Digital Imaging\bin\hpqtra08.exe:*:Enabled:hpqtra08.exe -- (Hewlett-Packard Co.)
"C:\Programme\HP\Digital Imaging\bin\hposid01.exe" = C:\Programme\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe -- (Hewlett-Packard Co.)
"C:\Programme\HP\Digital Imaging\bin\hpoews01.exe" = C:\Programme\HP\Digital Imaging\bin\hpoews01.exe:*:Enabled:hpoews01.exe -- (Hewlett-Packard Co.)
"C:\Programme\HP\Digital Imaging\bin\hpqusgm.exe" = C:\Programme\HP\Digital Imaging\bin\hpqusgm.exe:*:Enabled:hpqusgm.exe -- (Hewlett-Packard Co.)
"C:\Programme\HP\Digital Imaging\bin\hpqusgh.exe" = C:\Programme\HP\Digital Imaging\bin\hpqusgh.exe:*:Enabled:hpqusgh.exe -- (Hewlett-Packard Co.)
"C:\Programme\HP\Digital Imaging\smart web printing\SmartWebPrintExe.exe" = C:\Programme\HP\Digital Imaging\smart web printing\SmartWebPrintExe.exe:*:Enabled:smartwebprintexe.exe -- (Hewlett-Packard Co.)
"C:\WINDOWS\explorer.exe" = C:\WINDOWS\explorer.exe:*:Disabled:Windows Explorer -- (Microsoft Corporation)
"C:\APPS\skype\phone\Skype.exe" = C:\APPS\skype\phone\Skype.exe:*:Enabled:Skype -- ()
"C:\Programme\Internet Explorer\iexplore.exe" = C:\Programme\Internet Explorer\iexplore.exe:*:Disabled:Internet Explorer -- (Microsoft Corporation)
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0008546E-DF6E-4CC1-AFD0-2CB8E16C95A2}" = Notifier
"{015E4B8A-29B5-4AE3-BD08-38220FADFF4C}" = aspi
"{0611BD4E-4FE4-4a62-B0C0-18A4CC463428}" = CP_Package_Variety1
"{075473F5-846A-448B-BCB3-104AA1760205}" = Sonic RecordNow Data
"{07FB17D8-7DB6-4F06-80C4-8BE1719CB6A1}" = hpWLPGInstaller
"{0B33B738-AD79-4E32-90C5-E67BFB10BBFF}" = AiO_Scan
"{0F367CA3-3B2F-43F9-A44A-25A8EE69E45D}" = Scan
"{10E98E14-832C-4AF7-A4D1-6A9EF83B282E}" = VCAMCEN
"{14D4ED84-6A9A-45A0-96F6-1753768C3CB5}" = ESSPCD
"{154508C0-07C5-4659-A7A0-E49968750D21}" = HLPPDOCK
"{175F0111-2968-4935-8F70-33108C6A4DE3}" = MarketResearch
"{1C139D7D-9FEA-468d-A9C8-2A6E3BDE564A}" = CP_Package_Variety3
"{1E04F83B-2AB9-4301-9EF7-E86307F79C72}" = Google Earth
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{21657574-BD54-48A2-9450-EB03B2C7FC29}" = Sonic MyDVD LE
"{21A2F5EE-1DC5-488A-BE7E-E526F8C61488}" = DeviceDiscovery
"{26A24AE4-039D-4CA4-87B4-2F83216020FF}" = Java(TM) 6 Update 23
"{2852AC2C-B2FC-4F4A-A573-D466C872E688}" = ATI Catalyst Control Center
"{2CADCEAB-D5DA-44D6-B5FC-7DEE87AB3C0C}" = Unload
"{2EEA7AA4-C203-4b90-A34F-19FB7EF1C81C}" = BufferChm
"{350C97B3-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{432C3720-37BF-4BD7-8E49-F38E090246D0}" = CR2
"{43CDF946-F5D9-4292-B006-BA0D92013021}" = WebReg
"{469730CC-78DF-4CD3-B286-562D459EA619}" = ESSCAM
"{48C82F7A-F100-4DAB-A310-8E18BF2159E1}" = ESSvpot
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A70EF07-7F88-4434-BB61-D1DE8AE93DD4}" = SolutionCenter
"{4A7FDA4D-F4D7-4A49-934A-066D59A43C7E}" = SmartSound Quicktracks Plugin
"{54E3707F-808E-4fd4-95C9-15D1AB077E5D}" = NewCopy
"{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime
"{5D6AF536-BD05-4FC9-B47B-BFAC5C52F799}" = ATNavigation
"{5E8A1B08-0FBD-4543-9646-F2C2D0D05750}" = Macromedia Flash Player 8
"{61CF2C86-8E46-4210-A115-E4D6C65AF369}" = HP Photosmart B109a-m All-In-One Driver Software 13.0 Rel .6
"{63FF21C9-A810-464F-B60A-3111747B1A6D}" = GPBaseService2
"{643EAE81-920C-4931-9F0B-4B343B225CA6}" = ESSBrwr
"{65248369-7CB9-43A9-82C8-C438AE04DED4}" = 1500
"{656FDFA4-C7C6-40D9-99F7-F6F331412AEF}" = WarrantyExtension
"{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}" = Sonic Express Labeler
"{66E6CE0C-5A1E-430C-B40A-0C90FF1804A8}" = eSupportQFolder
"{68A10D12-0D0F-4212-BDE6-D87FAD32A8FA}" = SmartWebPrinting
"{69BD6399-3D8F-45B7-81D9-819361F5101D}" = PCDLNCH
"{6A57547D-4E32-4AA7-874E-6982B54BAAE4}" = AuthenTec Windows Fingerprint Software
"{6BB6627C-694F-4FDC-A3E5-C7F4BED4C724}" = DocProc
"{6BBA26E9-AB03-4FE7-831A-3535584CA002}" = Toolbox
"{6F5E2F4A-377D-4700-B0E3-8F7F7507EA15}" = CustomerResearchQFolder
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7782916E-3D46-4F1F-AC4B-3FB9D17049F4}" = Microsoft Antimalware Service DE-DE Language Pack
"{7850A6D2-CBEA-4728-9877-F1BEDEA9F619}" = AiOSoftware
"{78F79C84-BFD5-4D79-A07D-F39A3CF428DC}" = HLPIndex
"{7C9B95B7-B598-4398-B30F-7F6827192E6C}" = ProductContext
"{7D1D6A24-65D4-454C-8815-4F08A5FFF12C}" = Macromedia Shockwave Player
"{80FE5490-E9DD-4AE9-8537-3EB5EFB606FC}" = PS_AIO_06_B109a-m_SW_Min
"{81E06318-EEB9-4D55-8CD5-7AC9148D5E66}" = 1500_Help
"{86D4B82A-ABED-442A-BE86-96357B70F4FE}" = Ask Toolbar
"{87441A59-5E64-4096-A170-14EFE67200C3}" = Picture Control Utility
"{87843A41-7808-4F2E-B13F-25C1E67CF2FD}" = ESShelp
"{8937FCB2-2FC6-4FC3-9FB5-DE2C92DB9C38}" = Microsoft .NET Framework 2.0 Language Pack - DEU
"{8BB4B58A-A402-4DE8-8FCD-287E60B88DD8}" = ESSCT
"{8E92D746-CD9F-4B90-9668-42B74C14F765}" = ESSini
"{91120407-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Standard Edition 2003
"{91517631-A9F3-4B7C-B482-43E0068FD55A}" = ESSgui
"{92127AF5-FDD8-4ADF-BC40-C356C9EE0B7D}" = 32 Bit HP CIO Components Installer
"{923A7F5A-1E8C-4FBE-8DF6-85940A60A79F}" = Readme
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9941F0AA-B903-4AF4-A055-83A9815CC011}" = Sonic Encoders
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D1CF8B6-17B3-4832-B062-2C2DD0B57B04}" = CCHelp
"{9D8FEE90-0377-49A9-AEFB-525BDE549BA4}" = ESScore
"{A0AF08BA-3630-4505-BFB2-A41F3837B0D0}" = SFR2
"{A195B13E-A5E3-4BAF-A995-7F70F445CD06}" = ScannerCopy
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A5B3EB8A-4071-42F0-8E8E-7A8342AA8E69}" = ESSvpaht
"{A6F18A67-B771-4191-8A33-36D2E742D6D9}" = ESSANUP
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AB5D51AE-EBC3-438D-872C-705C7C2084B0}" = DeviceManagementQFolder
"{AB708C9B-97C8-4AC9-899B-DBF226AC9382}" = Sonic RecordNow Audio
"{AC76BA86-7AD7-1031-7B44-A70900000002}" = Adobe Reader 7.0.9 - Deutsch
"{AC76BA86-7AD7-5464-3428-7050000000A7}" = Adobe Reader 7.0.5 Language Support
"{AE1FA02D-E6A4-4EA0-8E58-6483CAC016DD}" = ESSCDBK
"{AE8705FB-E13C-40A9-8A2D-68D6733FBFC2}" = Status
"{AF20390E-5ADD-4CB0-BF9D-EDF6E7891AD9}" = B109a-m
"{B014EE44-9197-4513-9613-71E6EB1B514E}" = Nikon Message Center 2
"{B12665F4-4E93-4AB4-B7FC-37053B524629}" = Sonic RecordNow Copy
"{B26E3B0D-C2FA-4370-B068-7C476766F029}" = Microsoft Works
"{B4B44FE7-41FF-4DAD-8C0A-E406DDA72992}" = CCScore
"{B824B5C9-849F-4b9e-9EA7-6FD8CD8116DA}" = CP_Package_Variety2
"{B997C2A0-4383-41BF-B76E-9B8B7ECFB267}" = KSU
"{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}" = Destinations
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C354C9B6-A4E0-4BB0-A368-6DC6BCA0E314}" = SFR
"{C43326F5-F135-4551-8270-7F7ABA0462E1}" = HPProductAssistant
"{C75CDBA2-3C86-481e-BD10-BDDA758F9DFF}" = hpPrintProjects
"{CA60320D-6A16-49C8-A34F-84EEF4799567}" = ESSTUTOR
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CBA30674-A242-4531-82B5-586B31F90E04}" = 1500Trb
"{CE24344F-DFD8-40C8-8FD8-C9740B5F25AC}" = Fax
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D15E9DB5-6BEB-4534-901E-80C0A29BAB97}" = ESSAdpt
"{D49B1157-CC4B-48AF-A5A3-44C9FAEE175D}" = Inst5669
"{DC0A5F99-FD66-433F-9D3A-05DCBA64BE42}" = TrayApp
"{DDD62492-32A7-412B-8AF1-2CF032AD42E3}" = ViewNX 2
"{E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}" = Windows Media Encoder 9-Reihe
"{EE6097DD-05F4-4178-9719-D3170BF098E8}" = Apple Application Support
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F18046C5-1C4E-4BE1-A3D6-A6F970E2E8E8}" = ArcSoft Panorama Maker 5
"{F2D0C1B1-80FF-46F9-BA61-33B01A07FAFC}" = HLPCCTR
"{F4E57F49-84B4-4CF2-B0A1-8CA1752BDF7E}" = OmniPass 4.00.40
"{F71760CD-0F8B-4DCC-B7B7-6B223CC3843C}" = OTtBP
"{FCDB1C92-03C6-4C76-8625-371224256091}" = ESSPDock
"{FE64AE29-0883-4C70-8388-DC026019C900}" = HP Image Zone Express
"360Amigo" = 360Amigo System Speedup PRO
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Avira AntiVir Desktop" = Avira Antivirus Premium
"CCleaner" = CCleaner
"FRITZ! 2.0" = AVM FRITZ!
"HP Imaging Device Functions" = HP Imaging Device Functions 13.0
"HP Print Projects" = HP Print Projects 1.0
"HP Smart Web Printing" = HP Smart Web Printing 4.5
"HP Solution Center & Imaging Support Tools" = HP Solution Center 13.0
"HPExtendedCapabilities" = HP Customer Participation Program 13.0
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie7" = Windows Internet Explorer 7
"ie8" = Windows Internet Explorer 8
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 2.0 Language Pack - DEU" = Microsoft .NET Framework 2.0 Language Pack - DEU
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mozilla Firefox (2.0.0.7)" = Mozilla Firefox (2.0.0.7)
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"Picasa2" = Picasa 2
"VN_VUIns_Rhine_VIA" = VIA Rhine-Family Fast Ethernet Adapter
"WIC" = Windows Imaging Component
"Windows XP Service Pack" = Windows XP Service Pack 3
"X10Hardware" = X10 Hardware(TM)
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\*****_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{79A765E1-C399-405B-85AF-466F52E918B0}" = Ask Toolbar Updater
"Google Chrome" = Google Chrome
< End of report > Viele Grüße,
Eddie |