maxtor6000 | 23.08.2010 17:46 | Ich hab den OTL-Scan noch mal durchlaufen lassen, da ich beim vorherigen keine Haken bei LOP und Purity gemacht habe, sowie nicht die empfohlenen manuellen Scans hinzugefügt hatte, weiß aber nicht, ob das relevant war?
Ferner ist mir aufgefallen, dass der Malware Scan leider kein Vollscan war...?
OTL: Code:
OTL logfile created on: 23.08.2010 18:33:21 - Run 2
OTL by OldTimer - Version 3.2.10.0 Folder = D:\Backup 2
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.5512)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
1.023,00 Mb Total Physical Memory | 565,00 Mb Available Physical Memory | 55,00% Memory free
2,00 Gb Paging File | 2,00 Gb Available in Paging File | 86,00% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 6,83 Gb Total Space | 0,60 Gb Free Space | 8,83% Space Free | Partition Type: NTFS
Drive D: | 131,65 Gb Total Space | 9,74 Gb Free Space | 7,40% Space Free | Partition Type: NTFS
Drive E: | 76,32 Gb Total Space | 12,14 Gb Free Space | 15,90% Space Free | Partition Type: NTFS
Drive F: | 279,47 Gb Total Space | 6,54 Gb Free Space | 2,34% Space Free | Partition Type: NTFS
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: CYVER
Current User Name: TomTom
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal
========== Processes (SafeList) ==========
PRC - D:\Backup 2\OTL.exe (OldTimer Tools)
PRC - C:\WINDOWS\system\csrss.exe ()
PRC - D:\Programme\Miranda IM\miranda32.exe ( )
PRC - D:\Programme\Logitech\SetPointP\SetPoint.exe (Logitech, Inc.)
PRC - D:\Programme\Logitech\SetPointP\LBTWiz.exe (Logitech, Inc.)
PRC - C:\Programme\Gemeinsame Dateien\LogiShrd\KHAL3\KHALMNPR.exe (Logitech, Inc.)
PRC - C:\Programme\Gemeinsame Dateien\LogiShrd\Bluetooth\LBTServ.exe (Logitech, Inc.)
PRC - D:\Programme\PicPick\picpick.exe ()
PRC - C:\Programme\FreePDF_XP\fpassist.exe (shbox.de)
PRC - D:\Programme\RivaTuner v2.24\RivaTuner.exe ()
PRC - D:\Programme\DAEMON Tools Lite\daemon.exe (DT Soft Ltd)
PRC - C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe (Apple Inc.)
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\Programme\avmclient\bluefritz.exe (AVM Berlin)
PRC - C:\Programme\avmclient\AvmObex.exe (AVM Berlin)
PRC - C:\Programme\avmclient\avmbtservice.exe (AVM Berlin)
PRC - C:\Programme\avmclient\AvmObexService.exe (AVM Berlin)
PRC - C:\Programme\avmclient\panapp.exe (AVM Berlin)
PRC - D:\Programme\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe ()
PRC - C:\WINDOWS\CTHELPER.EXE (Creative Technology Ltd)
PRC - D:\Programme\BricoPacks\Vista Inspirat 2\YzShadow\YzShadow.exe (Y'z@Home)
PRC - D:\Programme\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon Manager.exe ()
PRC - D:\Programme\FRITZ!\FriWeb32.exe (AVM Berlin)
PRC - D:\Programme\FRITZ!\IWatch.exe (AVM Berlin)
PRC - D:\Programme\InterVideo\Common\Bin\WinCinemaMgr.exe (InterVideo Inc.)
PRC - D:\Programme\Winamp\winamp.exe (Nullsoft)
PRC - D:\Programme\Winamp\winampa.exe ()
PRC - D:\Programme\Adobe\Acrobat 7.0\Reader\reader_sl.exe (Adobe Systems Incorporated)
PRC - C:\WINDOWS\system32\nvraidservice.exe (NVIDIA Corporation)
PRC - C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb11.exe (HP)
PRC - C:\WINDOWS\system32\HPZipm12.exe (HP)
PRC - C:\WINDOWS\system32\slee503.exe ()
========== Modules (SafeList) ==========
MOD - D:\Backup 2\OTL.exe (OldTimer Tools)
MOD - C:\WINDOWS\system32\msscript.ocx (Microsoft Corporation)
MOD - D:\Programme\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.dll ()
MOD - C:\WINDOWS\system32\CTAGENT.DLL (Creative Technology Ltd)
MOD - D:\Programme\BricoPacks\Vista Inspirat 2\YzShadow\YzShadow.dll ()
MOD - D:\Programme\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon.dll ()
========== Win32 Services (SafeList) ==========
SRV - (NrConnmags) -- C:\WINDOWS\system\csrss.exe ()
SRV - (LBTServ) -- C:\Programme\Gemeinsame Dateien\LogiShrd\Bluetooth\LBTServ.exe (Logitech, Inc.)
SRV - (Apple Mobile Device) -- C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe (Apple Inc.)
SRV - (Adobe LM Service) -- C:\Programme\Gemeinsame Dateien\Adobe Systems Shared\Service\Adobelmsvc.exe (Adobe Systems)
SRV - (Macromedia Licensing Service) -- C:\Programme\Gemeinsame Dateien\Macromedia Shared\Service\Macromedia Licensing.exe ()
SRV - (AVM BT Connection Service) -- C:\Programme\avmclient\avmbtservice.exe (AVM Berlin)
SRV - (AvmObexService) -- C:\Programme\avmclient\AvmObexService.exe (AVM Berlin)
SRV - (AVM BT PAN Service) -- C:\Programme\avmclient\panapp.exe (AVM Berlin)
SRV - (de_serv) -- C:\Programme\Gemeinsame Dateien\AVM\De_serv.exe (AVM Berlin)
SRV - (Pml Driver HPZ12) -- C:\WINDOWS\system32\HPZipm12.exe (HP)
SRV - (HP Port Resolver) -- C:\WINDOWS\system32\hpbpro.exe (Hewlett-Packard Company)
SRV - (HP Status Server) -- C:\WINDOWS\system32\hpboid.exe (Hewlett-Packard Company)
SRV - (ose) -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE (Microsoft Corporation)
SRV - (SLEE_503_SERVICE) Steganos Live Encryption Engine (Version 503) -- C:\WINDOWS\system32\slee503.exe ()
========== Driver Services (SafeList) ==========
DRV - (LMouKE) -- C:\WINDOWS\System32\Drivers\LMouKE.sys File not found
DRV - (BTWUSB) -- C:\WINDOWS\System32\Drivers\btwusb.sys File not found
DRV - (btwmodem) -- C:\WINDOWS\System32\DRIVERS\btwmodem.sys File not found
DRV - (btwhid) -- C:\WINDOWS\System32\DRIVERS\btwhid.sys File not found
DRV - (BTDriver) -- C:\WINDOWS\System32\DRIVERS\btport.sys File not found
DRV - (btaudio) -- C:\WINDOWS\System32\drivers\btaudio.sys File not found
DRV - (nv) -- C:\WINDOWS\system32\drivers\nv4_mini.sys (NVIDIA Corporation)
DRV - (LUsbFilt) -- C:\WINDOWS\system32\drivers\LUsbFilt.sys (Logitech, Inc.)
DRV - (LMouFilt) -- C:\WINDOWS\system32\drivers\LMouFilt.Sys (Logitech, Inc.)
DRV - (LHidFilt) -- C:\WINDOWS\system32\drivers\LHidFilt.Sys (Logitech, Inc.)
DRV - (LBeepKE) -- C:\WINDOWS\system32\drivers\LBeepKE.sys (Logitech, Inc.)
DRV - (hamachi) -- C:\WINDOWS\system32\drivers\hamachi.sys (LogMeIn, Inc.)
DRV - (DFUBTUSB) -- C:\WINDOWS\system32\drivers\frmupgr.sys (Broadcom Corporation.)
DRV - (RivaTuner32) -- D:\Programme\RivaTuner v2.24\RivaTuner32.sys ()
DRV - (sptd) -- C:\WINDOWS\System32\Drivers\sptd.sys ()
DRV - (gameenum) -- C:\WINDOWS\system32\drivers\gameenum.sys (Microsoft Corporation)
DRV - (bfhubase) -- C:\WINDOWS\system32\drivers\bfhubase.sys (AVM Berlin)
DRV - (CAPI_CIP) -- C:\WINDOWS\system32\drivers\capi_cip.sys (AVM Berlin)
DRV - (AVMBTPARALLEL) -- C:\WINDOWS\system32\drivers\avmbtpar.sys (AVM GmbH)
DRV - (AVMBTSERIAL) -- C:\WINDOWS\system32\drivers\avmbtser.sys (AVM GmbH)
DRV - (AVMCOWAN) -- C:\WINDOWS\system32\drivers\avmcowan.sys (AVM GmbH)
DRV - (AVMBTSND) -- C:\WINDOWS\system32\drivers\avmbtsnd.sys (AVM GmbH)
DRV - (NETBFPAN) -- C:\WINDOWS\system32\drivers\netbfpan.sys (AVM Berlin)
DRV - (BFHU_CFG) -- C:\WINDOWS\system32\drivers\bfhu_cfg.sys (AVM Berlin)
DRV - (ctprxy2k) -- C:\WINDOWS\system32\drivers\ctprxy2k.sys (Creative Technology Ltd)
DRV - (ctaud2k) Creative Audio Driver (WDM) -- C:\WINDOWS\system32\drivers\ctaud2k.sys (Creative Technology Ltd)
DRV - (hap17v2k) -- C:\WINDOWS\system32\drivers\haP17v2k.sys (Creative Technology Ltd)
DRV - (ha10kx2k) -- C:\WINDOWS\system32\drivers\ha10kx2k.sys (Creative Technology Ltd)
DRV - (hap16v2k) -- C:\WINDOWS\system32\drivers\haP16v2k.sys (Creative Technology Ltd)
DRV - (ossrv) -- C:\WINDOWS\system32\drivers\ctoss2k.sys (Creative Technology Ltd.)
DRV - (ctsfm2k) -- C:\WINDOWS\system32\drivers\ctsfm2k.sys (Creative Technology Ltd)
DRV - (emupia) -- C:\WINDOWS\system32\drivers\emupia2k.sys (Creative Technology Ltd)
DRV - (ctac32k) -- C:\WINDOWS\system32\drivers\ctac32k.sys (Creative Technology Ltd)
DRV - (AmdTools) -- C:\WINDOWS\system32\drivers\AmdTools.sys (AMD, Inc.)
DRV - (ctdvda2k) -- C:\WINDOWS\system32\drivers\ctdvda2k.sys (Creative Technology Ltd)
DRV - (sfvfs02) StarForce Protection VFS Driver (version 2.x) -- C:\WINDOWS\System32\drivers\sfvfs02.sys (Protection Technology)
DRV - (NETFRITZ) -- C:\WINDOWS\system32\drivers\NETFRITZ.SYS (AVM Berlin)
DRV - (sfdrv01) StarForce Protection Environment Driver (version 1.x) -- C:\WINDOWS\System32\drivers\sfdrv01.sys (Protection Technology)
DRV - (sfhlp02) StarForce Protection Helper Driver (version 2.x) -- C:\WINDOWS\System32\drivers\sfhlp02.sys (Protection Technology)
DRV - (sfsync02) StarForce Protection Synchronization Driver (version 2.x) -- C:\WINDOWS\System32\drivers\sfsync02.sys (Protection Technology)
DRV - (nvnetbus) -- C:\WINDOWS\system32\drivers\nvnetbus.sys (NVIDIA Corporation)
DRV - (NVENETFD) -- C:\WINDOWS\system32\drivers\NVENETFD.sys (NVIDIA Corporation)
DRV - (nvraid) NVIDIA nForce(tm) -- C:\WINDOWS\system32\drivers\nvraid.sys (NVIDIA Corporation)
DRV - (nvatabus) -- C:\WINDOWS\system32\drivers\nvatabus.sys (NVIDIA Corporation)
DRV - (AVMPORT) -- C:\WINDOWS\System32\drivers\avmport.sys (AVM Berlin)
DRV - (SLEE_503_DRIVER) Steganos Live Encryption Engine (Version 503) -- C:\WINDOWS\system32\drivers\slee503.sys ()
DRV - (Aspi32) -- C:\WINDOWS\system32\drivers\ASPI32.SYS (Adaptec)
DRV - (ms_mpu401) -- C:\WINDOWS\system32\drivers\msmpu401.sys (Microsoft Corporation)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
O1 HOSTS File: ([2010.03.28 13:19:56 | 000,000,850 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 activate.adobe.com
O2 - BHO: (AcroIEHlprObj Class) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\Programme\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O4 - HKLM..\Run: [amd_dc_opt] C:\Programme\AMD\amd_dc_opt\amd_dc_opt.exe ()
O4 - HKLM..\Run: [AppleSyncNotifier] C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe (Apple Inc.)
O4 - HKLM..\Run: [AVMBlueClient] C:\Programme\avmclient\bluefritz.exe (AVM Berlin)
O4 - HKLM..\Run: [AVMBLUEOBEX] C:\Programme\avmclient\AvmObex.exe (AVM Berlin)
O4 - HKLM..\Run: [Bluetooth Connection Assistant] File not found
O4 - HKLM..\Run: [BluetoothAuthenticationAgent] C:\WINDOWS\System32\bthprops.cpl (Microsoft Corporation)
O4 - HKLM..\Run: [CTHelper] C:\WINDOWS\CTHELPER.EXE (Creative Technology Ltd)
O4 - HKLM..\Run: [CTxfiHlp] C:\WINDOWS\System32\CTXFIHLP.EXE (Creative Technology Ltd)
O4 - HKLM..\Run: [EvtMgr6] D:\Programme\Logitech\SetPointP\SetPoint.exe (Logitech, Inc.)
O4 - HKLM..\Run: [FreePDF Assistant] C:\Programme\FreePDF_XP\fpassist.exe (shbox.de)
O4 - HKLM..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb11.exe (HP)
O4 - HKLM..\Run: [HPHUPD06] D:\Programme\HP\{AAC4FC36-8F89-4587-8DD3-EBC57C83374D}\hphupd06.exe (Hewlett-Packard)
O4 - HKLM..\Run: [Kernel and Hardware Abstraction Layer] File not found
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [NVRaidService] C:\WINDOWS\system32\nvraidservice.exe (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\Programme\NVIDIA Corporation\nView\nwiz.exe ()
O4 - HKLM..\Run: [RivaTuner] D:\Programme\RivaTuner v2.24\RivaTuner.exe ()
O4 - HKLM..\Run: [TkBellExe] File not found
O4 - HKLM..\Run: [Tweak UI] C:\WINDOWS\System32\tweakui.cpl (Microsoft Corporation)
O4 - HKLM..\Run: [WinampAgent] d:\Programme\Winamp\winampa.exe ()
O4 - HKCU..\Run: [DAEMON Tools Lite] D:\Programme\DAEMON Tools Lite\daemon.exe (DT Soft Ltd)
O4 - HKCU..\Run: [PicPick Start] D:\Programme\PicPick\picpick.exe ()
O4 - HKCU..\Run: [RocketDock] D:\Programme\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe ()
O4 - HKCU..\Run: [UberIcon] D:\Programme\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon Manager.exe ()
O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\Adobe Gamma Loader.lnk = C:\Programme\Gemeinsame Dateien\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\Adobe Reader - Schnellstart.lnk = D:\Programme\Adobe\Acrobat 7.0\Reader\reader_sl.exe (Adobe Systems Incorporated)
O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\InterVideo WinCinema Manager.lnk = D:\Programme\InterVideo\Common\Bin\WinCinemaMgr.exe (InterVideo Inc.)
O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\ISDNWatch.lnk = D:\Programme\FRITZ!\IWatch.exe (AVM Berlin)
O4 - Startup: C:\Dokumente und Einstellungen\TomTom\Startmenü\Programme\Autostart\Adobe Gamma.lnk = C:\Programme\Gemeinsame Dateien\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
O4 - Startup: C:\Dokumente und Einstellungen\TomTom\Startmenü\Programme\Autostart\FRITZ!web.lnk = D:\Programme\FRITZ!\FriWeb32.exe (AVM Berlin)
O4 - Startup: C:\Dokumente und Einstellungen\TomTom\Startmenü\Programme\Autostart\Logitech . Produktregistrierung.lnk = C:\Programme\Gemeinsame Dateien\LogiShrd\eReg\SetPoint\eReg.exe (Leader Technologies/Logitech)
O4 - Startup: C:\Dokumente und Einstellungen\TomTom\Startmenü\Programme\Autostart\Miranda IM.lnk = D:\Programme\Miranda IM\miranda32.exe ( )
O4 - Startup: C:\Dokumente und Einstellungen\TomTom\Startmenü\Programme\Autostart\RocketDock.lnk = D:\Programme\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe ()
O4 - Startup: C:\Dokumente und Einstellungen\TomTom\Startmenü\Programme\Autostart\TransBar.lnk = D:\Programme\BricoPacks\Vista Inspirat 2\TransBar\TransBar.exe (AKSoftware)
O4 - Startup: C:\Dokumente und Einstellungen\TomTom\Startmenü\Programme\Autostart\UberIcon.lnk = D:\Programme\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon Manager.exe ()
O4 - Startup: C:\Dokumente und Einstellungen\TomTom\Startmenü\Programme\Autostart\Winamp.lnk = D:\Programme\Winamp\winamp.exe (Nullsoft)
O4 - Startup: C:\Dokumente und Einstellungen\TomTom\Startmenü\Programme\Autostart\Y'z Shadow.lnk = D:\Programme\BricoPacks\Vista Inspirat 2\YzShadow\YzShadow.exe (Y'z@Home)
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 91 00 00 00 [binary data]
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 0
O8 - Extra context menu item: Download with Xilisoft YouTube Video Converter - D:\Programme\Xilisoft\YouTube Video Converter\upod_link.HTM ()
O8 - Extra context menu item: Nach Microsoft &Excel exportieren - D:\Programme\Microsoft Office\OFFICE11\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: Recherchieren - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\Programme\Microsoft Office\OFFICE11\REFIEBAR.DLL (Microsoft Corporation)
O16 - DPF: DirectAnimation Java Classes file://C:\WINDOWS\Java\classes\dajava.cab (Reg Error: Key error.)
O16 - DPF: Microsoft XML Parser for Java file://C:\WINDOWS\Java\classes\xmldso.cab (Reg Error: Key error.)
O18 - Protocol\Handler\cetihpz {CF184AD3-CDCB-4168-A3F7-8E447D129300} - C:\Programme\HP\hpcoretech\comp\hpuiprot.dll (Hewlett-Packard Company)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Web Components\10\OWC10.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Web Components\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\LBTWlgn: DllName - c:\programme\gemeinsame dateien\logishrd\bluetooth\LBTWlgn.dll - c:\Programme\Gemeinsame Dateien\LogiShrd\Bluetooth\LBTWLgn.dll (Logitech, Inc.)
O24 - Desktop Components:0 (Die derzeitige Homepage) - About:Home
O24 - Desktop WallPaper: F:\Eigene Dateien\#Karriere\#Model\Pics\Friends\Misc\w\2010-03-19 08 22 53.jpg
O24 - Desktop BackupWallPaper: C:\Dokumente und Einstellungen\TomTom\Lokale Einstellungen\Anwendungsdaten\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2007.11.29 17:28:49 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2007.06.24 16:18:01 | 000,000,000 | ---- | M] () - E:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{51fd58a4-534f-11dd-a194-0013d430bd2d}\Shell\AutoRun\command - "" = B:\RECYCLER\S-1-5-21-2214276341-3544434524-6043330-4321\update.exe -- File not found
O33 - MountPoints2\{51fd58a4-534f-11dd-a194-0013d430bd2d}\Shell\explore\Command - "" = B:\RECYCLER\S-1-5-21-2214276341-3544434524-6043330-4321\update.exe -- File not found
O33 - MountPoints2\{51fd58a4-534f-11dd-a194-0013d430bd2d}\Shell\open\command - "" = B:\RECYCLER\S-1-5-21-2214276341-3544434524-6043330-4321\update.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
NetSvcs: 6to4 - File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found
MsConfig - StartUpReg: NeroFilterCheck - hkey= - key= - File not found
MsConfig - State: "system.ini" - 0
MsConfig - State: "win.ini" - 0
MsConfig - State: "bootini" - 0
MsConfig - State: "services" - 0
MsConfig - State: "startup" - 2
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: sermouse.sys - Driver
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vds - Service
SafeBootMin: vga.sys - Driver
SafeBootMin: WdfLoadGroup - Reg Error: Value error.
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: sermouse.sys - Driver
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: UploadMgr - Service
SafeBootNet: vga.sys - Driver
SafeBootNet: WdfLoadGroup - Reg Error: Value error.
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Microsoft VM
ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608555} - Internet Explorer Classes for Java
ActiveX: {10072CEC-8CC1-11D1-986E-00A0C955B42F} - Vektorgrafik-Rendering (VML)
ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - NetShow
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 6.4
ActiveX: {283807B5-2C60-11D0-A31D-00AA00B92C03} - DirectAnimation
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {36f8ec70-c29a-11d1-b5c7-0000f8051515} - Dynamic HTML-Datenbindung für Java
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {3bf42070-b3b1-11d1-b5c5-0000f8051515} - Uniscribe
ActiveX: {4278c270-a269-11d1-b5bf-0000f8051515} - Erweitertes Authoring
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install
ActiveX: {44BBA842-CC51-11CF-AAFA-00AA00B6015B} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT
ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - DirectShow
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f216970-c90c-11d1-b5c7-0000f8051515} - DirectAnimation Java Classes
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5056b317-8d4c-43ee-8543-b9d1e234b8f4} - Sicherheitsupdate für Windows XP (KB923789)
ActiveX: {5945c046-1e7d-11d1-bc44-00c04fd912be} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser
ActiveX: {5A8D6EE0-3E18-11D0-821E-444553540000} - ICW
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {73FA19D0-2D75-11D2-995D-00C04F98BBC9} - Webordner
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\WINDOWS\system32\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\WINDOWS\system32\Rundll32.exe C:\WINDOWS\system32\mscories.dll,Install
ActiveX: {9309DD7E-EBFE-3C95-8B47-30D3A012F606} - .NET Framework
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {B508B3F1-A24A-32C0-B310-85786919EF28} - .NET Framework
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {CC2A9BA0-3BDD-11D0-821E-444553540000} - Taskplaner
ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1
ActiveX: {D27CDB6E-AE6D-11cf-96B8-444553540000} - Adobe Flash Player
ActiveX: {D5EA9528-8E86-D020-900F-7C324317EB36} - NetShow
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: <{12d0ed0d-0ee0-4f90-8827-78cefb8f4988} - C:\WINDOWS\system32\ieudinit.exe
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\WINDOWS\inf\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - %systemroot%\system32\shmgrate.exe OCInstallUserConfigIE
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP
ActiveX: >{881dd1c5-3dcf-431b-b061-f3f88e8be88a} - %systemroot%\system32\shmgrate.exe OCInstallUserConfigOE
Drivers32: msacm.divxa32 - d:\Programme\ACE Mega CoDecS Pack\SystemS\DivX\divxa32.acm (Kristal StudioDFileDescription)
Drivers32: msacm.iac2 - d:\Programme\ACE Mega CoDecS Pack\SystemS\Intel\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.lameacm - d:\Programme\ACE Mega CoDecS Pack\SystemS\lameacm.acm (hxxp://www.mp3dev.org/)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: vidc.ap41 - d:\Programme\ACE Mega CoDecS Pack\SystemS\DivX\divxc32f.dll (Hacked with Joy !)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.div3 - d:\Programme\ACE Mega CoDecS Pack\SystemS\DivX\divxc32.dll (Hacked with Joy !)
Drivers32: vidc.div4 - d:\Programme\ACE Mega CoDecS Pack\SystemS\DivX\divxc32f.dll (Hacked with Joy !)
Drivers32: vidc.div5 - d:\Programme\ACE Mega CoDecS Pack\SystemS\DivX\divxc32.dll (Hacked with Joy !)
Drivers32: vidc.div6 - d:\Programme\ACE Mega CoDecS Pack\SystemS\DivX\divxc32f.dll (Hacked with Joy !)
Drivers32: vidc.DIVX - C:\WINDOWS\System32\DivX.dll (DivX, Inc.)
Drivers32: vidc.dv25 - D:\Programme\ACE Mega CoDecS Pack\SystemS\Matrox\digivcap.dll (Matrox Electronic Systems)
Drivers32: vidc.dv50 - D:\Programme\ACE Mega CoDecS Pack\SystemS\Matrox\digivcap.dll (Matrox Electronic Systems)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.mmes - D:\Programme\ACE Mega CoDecS Pack\SystemS\Matrox\digivcap.dll (Matrox Electronic Systems)
Drivers32: vidc.mmjp - D:\Programme\ACE Mega CoDecS Pack\SystemS\Matrox\digivcap.dll (Matrox Electronic Systems)
Drivers32: vidc.mpg3 - d:\Programme\ACE Mega CoDecS Pack\SystemS\DivX\divxc32.dll (Hacked with Joy !)
Drivers32: vidc.msmc - D:\Programme\ACE Mega CoDecS Pack\SystemS\Matrox\digivcap.dll (Matrox Electronic Systems)
Drivers32: vidc.mtx1 - D:\Programme\ACE Mega CoDecS Pack\SystemS\Matrox\digivcap.dll (Matrox Electronic Systems)
Drivers32: vidc.mtx2 - D:\Programme\ACE Mega CoDecS Pack\SystemS\Matrox\digivcap.dll (Matrox Electronic Systems)
Drivers32: vidc.mtx3 - D:\Programme\ACE Mega CoDecS Pack\SystemS\Matrox\digivcap.dll (Matrox Electronic Systems)
Drivers32: vidc.mtx4 - D:\Programme\ACE Mega CoDecS Pack\SystemS\Matrox\digivcap.dll (Matrox Electronic Systems)
Drivers32: vidc.mtx5 - D:\Programme\ACE Mega CoDecS Pack\SystemS\Matrox\digivcap.dll (Matrox Electronic Systems)
Drivers32: vidc.mtx6 - D:\Programme\ACE Mega CoDecS Pack\SystemS\Matrox\digivcap.dll (Matrox Electronic Systems)
Drivers32: vidc.mtx7 - D:\Programme\ACE Mega CoDecS Pack\SystemS\Matrox\digivcap.dll (Matrox Electronic Systems)
Drivers32: vidc.mtx8 - D:\Programme\ACE Mega CoDecS Pack\SystemS\Matrox\digivcap.dll (Matrox Electronic Systems)
Drivers32: vidc.mtx9 - D:\Programme\ACE Mega CoDecS Pack\SystemS\Matrox\digivcap.dll (Matrox Electronic Systems)
Drivers32: vidc.xvid - d:\Programme\ACE Mega CoDecS Pack\SystemS\XviD\xvidvfw.dll ()
Drivers32: vidc.yv12 - C:\WINDOWS\System32\DivX.dll (DivX, Inc.)
CREATERESTOREPOINT
Error starting restore point: System Restore is disabled.
Error closing restore point: System Restore is disabled.
========== Files/Folders - Created Within 30 Days ==========
[2010.08.23 15:33:25 | 000,000,000 | -HSD | C] -- C:\Dokumente und Einstellungen\TomTom\Recent
[2010.08.23 15:03:03 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\TomTom\Anwendungsdaten\Malwarebytes
[2010.08.23 15:02:46 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010.08.23 15:02:45 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2010.08.23 15:02:45 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Malwarebytes
[2010.08.19 23:39:57 | 000,153,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\irftp.exe
[2010.08.19 23:39:57 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wshirda.dll
[2010.08.19 23:36:55 | 000,016,400 | ---- | C] (Logitech, Inc.) -- C:\WINDOWS\System32\drivers\LNonPnP.sys
[2010.08.19 23:36:44 | 000,010,448 | ---- | C] (Logitech, Inc.) -- C:\WINDOWS\System32\drivers\LBeepKE.sys
[2010.08.19 23:36:43 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Dokumente\LogiShrd
[2010.08.19 23:36:38 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Logishrd
[2010.08.19 23:35:45 | 000,000,000 | ---D | C] -- C:\Programme\Gemeinsame Dateien\LogiShrd
[2010.08.19 23:35:41 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\TomTom\Anwendungsdaten\Logishrd
[2010.08.19 23:08:50 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\NVIDIA Corporation
[2010.08.19 23:08:46 | 000,000,000 | ---D | C] -- C:\Programme\NVIDIA Corporation
[2010.08.19 23:08:23 | 013,549,568 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvoglnt.dll
[2010.08.19 23:08:23 | 000,061,440 | ---- | C] (Khronos Group) -- C:\WINDOWS\System32\OpenCL.dll
[2010.08.19 23:08:21 | 010,260,480 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvcompiler.dll
[2010.08.19 23:08:21 | 004,595,712 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvcuda.dll
[2010.08.19 23:08:21 | 002,914,408 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvcuvid.dll
[2010.08.19 23:08:21 | 002,506,344 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvcuvenc.dll
[2010.08.19 23:08:21 | 001,388,544 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvapi.dll
[2010.08.19 23:08:21 | 000,236,136 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvcodins.dll
[2010.08.19 23:08:21 | 000,236,136 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvcod.dll
[2010.08.19 14:22:36 | 000,000,000 | ---D | C] -- F:\Eigene Dateien\Square Enix
[2010.08.19 14:20:40 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\TomTom\Lokale Einstellungen\Anwendungsdaten\119615131253941492
[2010.08.19 14:20:33 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\TomTom\Lokale Einstellungen\Anwendungsdaten\119611918618404084
[2010.08.19 14:19:17 | 000,000,000 | ---D | C] -- C:\Programme\OpenAL
[2010.08.19 14:19:11 | 000,528,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_6.dll
[2010.08.19 14:19:11 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_6.dll
[2010.08.19 14:19:11 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAPOFX1_4.dll
[2010.08.19 14:19:11 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\X3DAudio1_7.dll
[2010.08.19 14:19:10 | 005,501,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dcsx_42.dll
[2010.08.19 14:19:10 | 001,974,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_42.dll
[2010.08.19 14:19:10 | 000,515,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_5.dll
[2010.08.19 14:19:10 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_5.dll
[2010.08.19 14:19:10 | 000,235,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx11_42.dll
[2010.08.17 16:46:11 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\TomTom\Desktop\Trigger
[2010.08.02 19:29:21 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\TomTom\Desktop\petra
[2010.07.29 21:37:28 | 000,000,000 | ---D | C] -- C:\.ScratchLIVEBackup
[2010.07.26 18:29:37 | 000,000,000 | ---D | C] -- C:\Programme\FreePDF_XP
[2010.07.26 18:29:37 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\FreePDF
[2006.08.11 15:56:28 | 000,033,792 | ---- | C] ( ) -- C:\WINDOWS\System32\a3d.dll
[5 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2010.08.23 18:31:28 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010.08.23 18:31:25 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010.08.23 18:30:09 | 014,155,776 | -H-- | M] () -- C:\Dokumente und Einstellungen\TomTom\NTUSER.DAT
[2010.08.23 18:30:09 | 000,031,056 | ---- | M] () -- C:\WINDOWS\System32\BMXStateBkp-{00000005-00000000-00000006-00001102-00000004-20021102}.rfx
[2010.08.23 18:30:09 | 000,031,056 | ---- | M] () -- C:\WINDOWS\System32\BMXState-{00000005-00000000-00000006-00001102-00000004-20021102}.rfx
[2010.08.23 18:30:09 | 000,030,528 | ---- | M] () -- C:\WINDOWS\System32\BMXCtrlState-{00000005-00000000-00000006-00001102-00000004-20021102}.rfx
[2010.08.23 18:30:09 | 000,030,528 | ---- | M] () -- C:\WINDOWS\System32\BMXBkpCtrlState-{00000005-00000000-00000006-00001102-00000004-20021102}.rfx
[2010.08.23 18:30:09 | 000,011,564 | ---- | M] () -- C:\WINDOWS\System32\DVCState-{00000005-00000000-00000006-00001102-00000004-20021102}.rfx
[2010.08.23 18:30:09 | 000,001,080 | ---- | M] () -- C:\WINDOWS\System32\settingsbkup.sfm
[2010.08.23 18:30:09 | 000,001,080 | ---- | M] () -- C:\WINDOWS\System32\settings.sfm
[2010.08.23 18:29:53 | 000,000,155 | ---- | M] () -- C:\WINDOWS\winamp.ini
[2010.08.23 18:29:48 | 004,958,588 | ---- | M] () -- C:\WINDOWS\{00000005-00000000-00000006-00001102-00000004-20021102}.CDF
[2010.08.23 18:29:48 | 004,958,588 | ---- | M] () -- C:\WINDOWS\{00000005-00000000-00000006-00001102-00000004-20021102}.BAK
[2010.08.23 17:43:02 | 000,000,310 | ---- | M] () -- C:\WINDOWS\tasks\HP Usg Daily FY04.job
[2010.08.23 15:24:33 | 000,002,319 | ---- | M] () -- C:\Dokumente und Einstellungen\TomTom\Desktop\HiJackThis.lnk
[2010.08.23 15:04:11 | 000,000,564 | ---- | M] () -- C:\Dokumente und Einstellungen\TomTom\Desktop\CCleaner.lnk
[2010.08.23 15:02:48 | 000,000,558 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2010.08.23 13:47:42 | 000,000,521 | ---- | M] () -- C:\Dokumente und Einstellungen\TomTom\Desktop\Verknüpfung mit Mausbeschleunigung.lnk
[2010.08.22 16:48:39 | 001,052,434 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2010.08.22 16:48:39 | 000,452,418 | ---- | M] () -- C:\WINDOWS\System32\perfh007.dat
[2010.08.22 16:48:39 | 000,435,760 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010.08.22 16:48:39 | 000,081,482 | ---- | M] () -- C:\WINDOWS\System32\perfc007.dat
[2010.08.22 16:48:39 | 000,068,404 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010.08.22 12:44:02 | 000,000,967 | ---- | M] () -- C:\Dokumente und Einstellungen\TomTom\Startmenü\Programme\Autostart\Logitech . Produktregistrierung.lnk
[2010.08.21 19:16:29 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010.08.20 18:06:31 | 000,232,984 | ---- | M] () -- C:\WINDOWS\System32\nvdrsdb0.bin
[2010.08.20 18:06:31 | 000,000,001 | ---- | M] () -- C:\WINDOWS\System32\nvdrssel.bin
[2010.08.20 18:04:20 | 000,232,984 | ---- | M] () -- C:\WINDOWS\System32\nvdrsdb1.bin
[2010.08.20 17:52:40 | 000,000,327 | ---- | M] () -- C:\WINDOWS\RefreshLock.ini
[2010.08.20 12:15:47 | 000,016,400 | ---- | M] (Logitech, Inc.) -- C:\WINDOWS\System32\drivers\LNonPnP.sys
[2010.08.19 23:09:32 | 000,000,300 | -HS- | M] () -- C:\Dokumente und Einstellungen\TomTom\ntuser.ini
[2010.08.19 23:08:48 | 000,000,000 | ---- | M] () -- C:\WINDOWS\System32\nvdrswr.lk
[2010.08.19 14:19:55 | 000,000,606 | ---- | M] () -- C:\Dokumente und Einstellungen\TomTom\Desktop\Verknüpfung mit kl2.exe.lnk
[2010.08.19 14:19:17 | 000,444,952 | ---- | M] (Creative Labs) -- C:\WINDOWS\System32\wrap_oal.dll
[2010.08.19 14:19:17 | 000,109,080 | ---- | M] (Portions (C) Creative Labs Inc. and NVIDIA Corp.) -- C:\WINDOWS\System32\OpenAL32.dll
[2010.08.17 22:04:02 | 000,000,116 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2010.08.17 22:03:49 | 000,090,624 | ---- | M] () -- C:\Dokumente und Einstellungen\TomTom\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.08.16 19:44:07 | 012,911,271 | ---- | M] () -- C:\Dokumente und Einstellungen\TomTom\Desktop\DSC05847pre.psd
[2010.08.16 19:42:52 | 012,911,265 | ---- | M] () -- C:\Dokumente und Einstellungen\TomTom\Desktop\DSC05847.psd
[5 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
========== Files Created - No Company Name ==========
[2010.08.23 16:01:19 | 004,958,588 | ---- | C] () -- C:\WINDOWS\{00000005-00000000-00000006-00001102-00000004-20021102}.BAK
[2010.08.23 15:21:47 | 000,002,319 | ---- | C] () -- C:\Dokumente und Einstellungen\TomTom\Desktop\HiJackThis.lnk
[2010.08.23 15:04:11 | 000,000,564 | ---- | C] () -- C:\Dokumente und Einstellungen\TomTom\Desktop\CCleaner.lnk
[2010.08.23 15:02:48 | 000,000,558 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2010.08.23 14:44:20 | 000,771,584 | ---- | C] () -- C:\Dokumente und Einstellungen\TomTom\Desktop\ebook_v1.ppt
[2010.08.23 13:47:42 | 000,000,521 | ---- | C] () -- C:\Dokumente und Einstellungen\TomTom\Desktop\Verknüpfung mit Mausbeschleunigung.lnk
[2010.08.22 18:26:43 | 000,063,095 | ---- | C] () -- C:\Dokumente und Einstellungen\TomTom\Desktop\bookmarks.bak
[2010.08.22 18:20:53 | 000,063,095 | ---- | C] () -- C:\Dokumente und Einstellungen\TomTom\Desktop\bookmarks.html
[2010.08.20 17:52:13 | 000,000,327 | ---- | C] () -- C:\WINDOWS\RefreshLock.ini
[2010.08.19 23:37:20 | 000,000,967 | ---- | C] () -- C:\Dokumente und Einstellungen\TomTom\Startmenü\Programme\Autostart\Logitech . Produktregistrierung.lnk
[2010.08.19 23:08:49 | 000,232,984 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb0.bin
[2010.08.19 23:08:48 | 000,232,984 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb1.bin
[2010.08.19 23:08:48 | 000,000,001 | ---- | C] () -- C:\WINDOWS\System32\nvdrssel.bin
[2010.08.19 23:08:48 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\nvdrswr.lk
[2010.08.19 23:08:23 | 000,007,959 | ---- | C] () -- C:\WINDOWS\System32\nvinfo.pb
[2010.08.19 23:08:21 | 002,195,030 | ---- | C] () -- C:\WINDOWS\System32\nvdata.bin
[2010.08.19 16:01:42 | 000,046,080 | R--- | C] () -- C:\WINDOWS\System\csrss.exe
[2010.08.19 14:19:55 | 000,000,606 | ---- | C] () -- C:\Dokumente und Einstellungen\TomTom\Desktop\Verknüpfung mit kl2.exe.lnk
[2010.08.16 19:43:05 | 012,911,271 | ---- | C] () -- C:\Dokumente und Einstellungen\TomTom\Desktop\DSC05847pre.psd
[2010.08.15 20:18:47 | 012,911,265 | ---- | C] () -- C:\Dokumente und Einstellungen\TomTom\Desktop\DSC05847.psd
[2010.07.26 18:29:37 | 000,119,152 | ---- | C] () -- C:\WINDOWS\System32\redmon.hlp
[2010.07.26 18:29:37 | 000,116,224 | ---- | C] () -- C:\WINDOWS\System32\redmonnt.dll
[2010.07.26 18:29:37 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\unredmon.exe
[2009.04.14 15:48:41 | 000,036,864 | ---- | C] () -- C:\WINDOWS\System32\ODBCSTF.DLL
[2009.03.08 20:05:37 | 000,000,052 | ---- | C] () -- C:\WINDOWS\System32\winpeshl.ini
[2009.03.05 16:32:09 | 000,000,632 | ---- | C] () -- C:\WINDOWS\CoDUO.INI
[2009.03.04 15:51:13 | 000,000,737 | ---- | C] () -- C:\WINDOWS\CoD.INI
[2009.02.11 03:22:51 | 000,060,416 | ---- | C] () -- C:\WINDOWS\System32\zlib1.dll
[2009.02.11 03:18:20 | 000,000,028 | ---- | C] () -- C:\Dokumente und Einstellungen\TomTom\Anwendungsdaten\ClipExtractor-UpdatePerformed.txt
[2009.02.10 20:40:08 | 001,427,392 | ---- | C] () -- C:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\Anwendungsdaten\FontCache3.0.0.0.dat
[2009.02.10 15:12:24 | 000,717,296 | ---- | C] () -- C:\WINDOWS\System32\drivers\sptd.sys
[2008.12.16 00:11:36 | 000,089,088 | ---- | C] () -- C:\WINDOWS\System32\hpgt33.dll
[2008.10.28 18:40:48 | 000,173,552 | ---- | C] () -- C:\WINDOWS\System32\xlive.dll.cat
[2008.10.05 15:14:35 | 000,001,025 | ---- | C] () -- C:\WINDOWS\System32\sysprs7.dll
[2008.10.05 15:14:35 | 000,001,025 | ---- | C] () -- C:\WINDOWS\System32\clauth2.dll
[2008.10.05 15:14:35 | 000,001,025 | ---- | C] () -- C:\WINDOWS\System32\clauth1.dll
[2008.10.05 15:14:35 | 000,000,205 | ---- | C] () -- C:\WINDOWS\System32\lsprst7.dll
[2008.10.05 15:14:35 | 000,000,073 | ---- | C] () -- C:\WINDOWS\System32\ssprs.dll
[2008.03.22 11:17:45 | 000,000,508 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2008.02.04 19:31:04 | 000,204,800 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeW7.dll
[2008.02.04 19:31:04 | 000,200,704 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeA6.dll
[2008.02.04 19:31:04 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeP6.dll
[2008.02.04 19:31:04 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeM6.dll
[2008.02.04 19:31:04 | 000,188,416 | ---- | C] () -- C:\WINDOWS\System32\IVIresizePX.dll
[2008.02.04 19:31:04 | 000,020,480 | ---- | C] () -- C:\WINDOWS\System32\IVIresize.dll
[2008.02.04 19:30:53 | 000,122,880 | ---- | C] () -- C:\WINDOWS\System32\cddvdint.dll
[2008.01.06 20:34:26 | 000,000,754 | ---- | C] () -- C:\WINDOWS\WORDPAD.INI
[2007.12.23 22:20:22 | 000,022,328 | ---- | C] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys
[2007.12.23 22:20:22 | 000,022,328 | ---- | C] () -- C:\Dokumente und Einstellungen\TomTom\Anwendungsdaten\PnkBstrK.sys
[2007.12.23 22:19:47 | 000,000,308 | ---- | C] () -- C:\WINDOWS\game.ini
[2007.12.01 13:17:02 | 000,000,155 | ---- | C] () -- C:\WINDOWS\winamp.ini
[2007.12.01 13:10:12 | 000,152,064 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2007.12.01 13:10:12 | 000,019,968 | ---- | C] () -- C:\WINDOWS\System32\cpuinf32.dll
[2007.12.01 13:10:11 | 000,761,856 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2007.12.01 13:05:13 | 000,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2007.12.01 13:05:12 | 000,090,624 | ---- | C] () -- C:\Dokumente und Einstellungen\TomTom\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2007.11.30 18:35:52 | 000,000,370 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\hpzinstall.log
[2007.11.29 18:27:09 | 000,086,446 | ---- | C] () -- C:\WINDOWS\System32\instwdm.ini
[2007.11.29 18:27:09 | 000,024,576 | ---- | C] () -- C:\WINDOWS\CTXFIGER.DLL
[2007.11.29 18:27:09 | 000,000,191 | ---- | C] () -- C:\WINDOWS\System32\ctzapxx.ini
[2007.06.19 09:59:36 | 000,070,400 | ---- | C] () -- C:\WINDOWS\System32\PhysXLoader.dll
[2007.04.20 08:57:30 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelTraditionalChinese.dll
[2007.04.20 08:57:28 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSwedish.dll
[2007.04.20 08:57:28 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSpanish.dll
[2007.04.20 08:57:28 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSimplifiedChinese.dll
[2007.04.20 08:57:28 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelPortugese.dll
[2007.04.20 08:57:28 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelKorean.dll
[2007.04.20 08:57:28 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelJapanese.dll
[2007.04.20 08:57:28 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelGerman.dll
[2007.04.20 08:57:28 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelFrench.dll
[2006.08.11 15:57:18 | 000,037,888 | ---- | C] () -- C:\WINDOWS\System32\CTBURST.DLL
[2006.05.23 13:40:34 | 000,000,269 | ---- | C] () -- C:\WINDOWS\System32\KILL.INI
[2005.06.16 19:17:16 | 000,071,680 | ---- | C] () -- C:\WINDOWS\System32\CTMMACTL.DLL
[2003.02.20 17:53:42 | 000,005,702 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI
[2002.11.28 12:10:02 | 000,084,736 | ---- | C] () -- C:\WINDOWS\System32\drivers\slee503.sys
[2002.07.16 15:43:59 | 000,077,824 | ---- | C] () -- C:\WINDOWS\System32\hookmod.dll
========== LOP Check ==========
[2010.07.26 18:29:37 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\FreePDF
[2008.09.22 11:42:59 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\ISDNWatch
[2008.10.05 15:14:35 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Minnetonka Audio Software
[2010.03.17 20:47:01 | 000,000,000 | -HSD | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\System Restore
[2010.07.12 19:43:54 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Ubisoft
[2009.02.10 15:12:24 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\TomTom\Anwendungsdaten\DAEMON Tools
[2010.03.17 20:45:48 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\TomTom\Anwendungsdaten\FireShot
[2009.11.09 14:51:28 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\TomTom\Anwendungsdaten\fotofunXXL Software
[2008.09.24 16:07:30 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\TomTom\Anwendungsdaten\FRITZ!
[2008.02.04 19:31:40 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\TomTom\Anwendungsdaten\InterVideo
[2009.02.11 23:31:02 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\TomTom\Anwendungsdaten\Leadertech
[2008.10.04 19:22:19 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\TomTom\Anwendungsdaten\Opera
[2010.07.12 19:43:54 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\TomTom\Anwendungsdaten\Ubisoft
========== Purity Check ==========
========== Custom Scans ==========
< %ALLUSERSPROFILE%\Application Data\*. >
[2009.02.10 15:17:45 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Application Data\Ubisoft
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
< %APPDATA%\*. >
[2009.05.17 13:26:19 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\TomTom\Anwendungsdaten\Adobe
[2007.12.12 18:30:05 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\TomTom\Anwendungsdaten\AdobeUM
[2008.03.23 18:08:16 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\TomTom\Anwendungsdaten\Apple Computer
[2007.11.29 18:27:12 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\TomTom\Anwendungsdaten\Creative
[2009.02.10 15:12:24 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\TomTom\Anwendungsdaten\DAEMON Tools
[2009.11.01 20:42:49 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\TomTom\Anwendungsdaten\DivX
[2008.06.12 13:28:44 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\TomTom\Anwendungsdaten\dvdcss
[2010.03.17 20:45:48 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\TomTom\Anwendungsdaten\FireShot
[2009.11.09 14:51:28 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\TomTom\Anwendungsdaten\fotofunXXL Software
[2008.09.24 16:07:30 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\TomTom\Anwendungsdaten\FRITZ!
[2010.03.11 00:33:51 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\TomTom\Anwendungsdaten\Hamachi
[2007.11.29 17:31:28 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\TomTom\Anwendungsdaten\Identities
[2008.02.04 19:31:40 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\TomTom\Anwendungsdaten\InterVideo
[2009.02.11 23:31:02 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\TomTom\Anwendungsdaten\Leadertech
[2010.08.19 23:35:45 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\TomTom\Anwendungsdaten\Logishrd
[2010.08.19 23:35:41 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\TomTom\Anwendungsdaten\Logitech
[2007.11.30 20:22:13 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\TomTom\Anwendungsdaten\Macromedia
[2010.08.23 15:03:03 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\TomTom\Anwendungsdaten\Malwarebytes
[2010.03.09 12:59:21 | 000,000,000 | --SD | M] -- C:\Dokumente und Einstellungen\TomTom\Anwendungsdaten\Microsoft
[2009.02.16 15:37:53 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\TomTom\Anwendungsdaten\MSN6
[2008.10.04 19:22:19 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\TomTom\Anwendungsdaten\Opera
[2007.12.16 18:18:56 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\TomTom\Anwendungsdaten\Real
[2008.02.01 20:53:48 | 000,000,000 | RH-D | M] -- C:\Dokumente und Einstellungen\TomTom\Anwendungsdaten\SecuROM
[2009.02.10 23:54:46 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\TomTom\Anwendungsdaten\Sun
[2010.06.28 18:22:18 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\TomTom\Anwendungsdaten\U3
[2010.07.12 19:43:54 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\TomTom\Anwendungsdaten\Ubisoft
[2007.12.08 14:33:39 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\TomTom\Anwendungsdaten\vlc
[2007.12.16 18:39:55 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\TomTom\Anwendungsdaten\WinRAR
< %APPDATA%\*.exe /s >
[2008.03.02 13:55:32 | 000,057,344 | R--- | M] (InstallShield Software Corp.) -- C:\Dokumente und Einstellungen\TomTom\Anwendungsdaten\Microsoft\Installer\{3BDFCF84-67A3-4C52-A708-FDD4135CF64C}\NewShortcut1_7771B2A712EF4ED6B9E64A04820E098E.exe
[2008.03.02 13:55:32 | 000,057,344 | R--- | M] (InstallShield Software Corp.) -- C:\Dokumente und Einstellungen\TomTom\Anwendungsdaten\Microsoft\Installer\{3BDFCF84-67A3-4C52-A708-FDD4135CF64C}\NewShortcut7_7771B2A712EF4ED6B9E64A04820E098E.exe
[2010.08.19 23:37:20 | 000,053,248 | R--- | M] (Acresso Software Inc.) -- C:\Dokumente und Einstellungen\TomTom\Anwendungsdaten\Microsoft\Installer\{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}\ARPPRODUCTICON.exe
[2007.11.30 18:42:06 | 000,045,056 | R--- | M] (InstallShield Software Corp.) -- C:\Dokumente und Einstellungen\TomTom\Anwendungsdaten\Microsoft\Installer\{457791C5-D702-4143-A7B2-2744BE9573F2}\NewShortcut1_5B69D3033CA54B39B5ECE7D051297E77.exe
[2010.08.23 15:21:47 | 000,388,096 | R--- | M] (Trend Micro Inc.) -- C:\Dokumente und Einstellungen\TomTom\Anwendungsdaten\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
[2007.11.29 18:42:58 | 000,010,134 | R--- | M] () -- C:\Dokumente und Einstellungen\TomTom\Anwendungsdaten\Microsoft\Installer\{CE9DB414-A6E8-46D8-83CF-A3F6945D23E5}\ARPPRODUCTICON.exe
[2007.10.23 09:27:20 | 000,110,592 | ---- | M] () -- C:\Dokumente und Einstellungen\TomTom\Anwendungsdaten\U3\22437007E990EAFA\cleanup.exe
[2008.05.02 10:41:48 | 003,493,888 | ---- | M] (SanDisk Corporation) -- C:\Dokumente und Einstellungen\TomTom\Anwendungsdaten\U3\22437007E990EAFA\Launchpad Removal.exe
[2008.05.04 16:02:26 | 004,603,904 | ---- | M] () -- C:\Dokumente und Einstellungen\TomTom\Anwendungsdaten\U3\22437007E990EAFA\LaunchPad.exe
[2007.10.23 09:44:48 | 000,054,584 | ---- | M] () -- C:\Dokumente und Einstellungen\TomTom\Anwendungsdaten\U3\22437007E990EAFA\U3AccessGrant.exe
[2007.10.23 09:27:20 | 000,110,592 | ---- | M] () -- C:\Dokumente und Einstellungen\TomTom\Anwendungsdaten\U3\temp\cleanup.exe
[2008.05.02 10:41:48 | 003,493,888 | -H-- | M] (SanDisk Corporation) -- C:\Dokumente und Einstellungen\TomTom\Anwendungsdaten\U3\temp\Launchpad Removal.exe
< %SYSTEMDRIVE%\*.exe >
< MD5 for: AGP440.SYS >
[2004.08.04 02:10:00 | 018,782,319 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:AGP440.sys
[2008.04.14 09:03:54 | 020,108,202 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:AGP440.sys
[2004.08.04 02:10:00 | 018,782,319 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp2.cab:AGP440.sys
[2008.04.14 09:03:54 | 020,108,202 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:AGP440.sys
[2008.04.14 01:06:40 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\ServicePackFiles\i386\agp440.sys
[2008.04.14 01:06:40 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\system32\dllcache\agp440.sys
[2008.04.14 01:06:40 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\system32\drivers\agp440.sys
[2004.08.04 00:07:42 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=2C428FA0C3E3A01ED93C9B2A27D8D4BB -- C:\WINDOWS\$NtServicePackUninstall$\agp440.sys
< MD5 for: ATAPI.SYS >
[2002.08.29 03:52:58 | 010,180,476 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp1.cab:atapi.sys
[2004.08.04 02:10:00 | 018,782,319 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2008.04.14 09:03:54 | 020,108,202 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2004.08.04 02:10:00 | 018,782,319 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp2.cab:atapi.sys
[2008.04.14 09:03:54 | 020,108,202 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:atapi.sys
[2008.04.14 01:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys
[2008.04.14 01:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\dllcache\atapi.sys
[2008.04.14 01:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys
[2004.08.03 23:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\$NtServicePackUninstall$\atapi.sys
< MD5 for: EVENTLOG.DLL >
[2008.04.14 08:52:12 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=04955AA695448C181B367D964AF158AA -- C:\WINDOWS\ServicePackFiles\i386\eventlog.dll
[2008.04.14 08:52:12 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=04955AA695448C181B367D964AF158AA -- C:\WINDOWS\system32\eventlog.dll
[2004.08.04 01:57:20 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=B932C077D5A65B71B4512544AC404CB4 -- C:\WINDOWS\$NtServicePackUninstall$\eventlog.dll
< MD5 for: NETLOGON.DLL >
[2008.04.14 08:52:20 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=0098D35F91DEAB9C127360A877F2CF84 -- C:\WINDOWS\ServicePackFiles\i386\netlogon.dll
[2008.04.14 08:52:20 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=0098D35F91DEAB9C127360A877F2CF84 -- C:\WINDOWS\system32\netlogon.dll
[2004.08.04 01:57:32 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=D27395EDCD3416AFD125A9370DCB585C -- C:\WINDOWS\$NtServicePackUninstall$\netlogon.dll
< MD5 for: NVATABUS.SYS >
[2005.03.14 19:05:08 | 000,091,776 | ---- | M] (NVIDIA Corporation) MD5=52CAB126C3ED5B851FB80EBA0BEA5C4E -- C:\WINDOWS\OemDir\nvatabus.sys
[2005.03.14 19:05:08 | 000,091,776 | ---- | M] (NVIDIA Corporation) MD5=52CAB126C3ED5B851FB80EBA0BEA5C4E -- C:\WINDOWS\system32\ReinstallBackups\0003\DriverFiles\nvatabus.sys
[2004.11.04 05:58:20 | 000,086,144 | ---- | M] (NVIDIA Corporation) MD5=C8DAA008F9E390B9DA504C1CD0DA1EE9 -- C:\WINDOWS\system32\drivers\nvatabus.sys
[2004.11.04 05:58:20 | 000,086,144 | ---- | M] (NVIDIA Corporation) MD5=C8DAA008F9E390B9DA504C1CD0DA1EE9 -- C:\WINDOWS\system32\ReinstallBackups\0004\DriverFiles\nvatabus.sys
[2004.11.04 05:58:20 | 000,086,144 | ---- | M] (NVIDIA Corporation) MD5=C8DAA008F9E390B9DA504C1CD0DA1EE9 -- C:\WINDOWS\system32\ReinstallBackups\0005\DriverFiles\nvatabus.sys
< MD5 for: SCECLI.DLL >
[2008.04.14 08:52:24 | 000,187,904 | ---- | M] (Microsoft Corporation) MD5=5132443DF6FC3771A17AB4AE55DCBC28 -- C:\WINDOWS\ServicePackFiles\i386\scecli.dll
[2008.04.14 08:52:24 | 000,187,904 | ---- | M] (Microsoft Corporation) MD5=5132443DF6FC3771A17AB4AE55DCBC28 -- C:\WINDOWS\system32\scecli.dll
[2004.08.04 01:57:34 | 000,186,880 | ---- | M] (Microsoft Corporation) MD5=64DC26B3CF7BCCAD431CE360A4C625D5 -- C:\WINDOWS\$NtServicePackUninstall$\scecli.dll
< MD5 for: USER32.DLL >
[2005.03.02 20:09:46 | 000,578,560 | ---- | M] (Microsoft Corporation) MD5=3751D7CF0E0A113D84414992146BCE6A -- C:\WINDOWS\$NtUninstallKB925902$\user32.dll
[2007.03.08 17:36:30 | 000,579,072 | ---- | M] (Microsoft Corporation) MD5=492E166CFD26A50FB9160DB536FF7D2B -- C:\WINDOWS\$NtServicePackUninstall$\user32.dll
[2005.03.02 20:19:56 | 000,578,560 | ---- | M] (Microsoft Corporation) MD5=4C90159A69A5FD3EB39C71411F28FCFF -- C:\WINDOWS\$hf_mig$\KB890859\SP2QFE\user32.dll
[2004.08.04 01:57:38 | 000,578,560 | ---- | M] (Microsoft Corporation) MD5=56785FD5236D7B22CF471A6DA9DB46D8 -- C:\WINDOWS\$NtUninstallKB890859$\user32.dll
[2007.03.08 17:48:39 | 000,579,584 | ---- | M] (Microsoft Corporation) MD5=78785EFF8CB90CEC1862A4CCFD9A3C3A -- C:\WINDOWS\$hf_mig$\KB925902\SP2QFE\user32.dll
[2008.04.14 08:52:32 | 000,580,096 | ---- | M] (Microsoft Corporation) MD5=B0050CC5340E3A0760DD8B417FF7AEBD -- C:\WINDOWS\ServicePackFiles\i386\user32.dll
[2008.04.14 08:52:32 | 000,580,096 | ---- | M] (Microsoft Corporation) MD5=B0050CC5340E3A0760DD8B417FF7AEBD -- C:\WINDOWS\system32\user32.dll
< MD5 for: USERINIT.EXE >
[2008.04.14 08:53:04 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=788F95312E26389D596C0FA55834E106 -- C:\WINDOWS\ServicePackFiles\i386\userinit.exe
[2008.04.14 08:53:04 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=788F95312E26389D596C0FA55834E106 -- C:\WINDOWS\system32\userinit.exe
[2004.08.04 01:58:18 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=D1E53DC57143F2584B1DD53B036C0633 -- C:\WINDOWS\$NtServicePackUninstall$\userinit.exe
< MD5 for: WINLOGON.EXE >
[2004.08.04 01:58:20 | 000,507,392 | ---- | M] (Microsoft Corporation) MD5=2B6A0BAF33A9918F09442D873848FF72 -- C:\WINDOWS\$NtServicePackUninstall$\winlogon.exe
[2008.04.14 08:53:06 | 000,513,024 | ---- | M] (Microsoft Corporation) MD5=F09A527B422E25C478E38CAA0E44417A -- C:\WINDOWS\ServicePackFiles\i386\winlogon.exe
[2008.04.14 08:53:06 | 000,513,024 | ---- | M] (Microsoft Corporation) MD5=F09A527B422E25C478E38CAA0E44417A -- C:\WINDOWS\system32\winlogon.exe
< MD5 for: WS2IFSL.SYS >
[2001.08.18 12:00:00 | 000,012,032 | ---- | M] (Microsoft Corporation) MD5=6ABE6E225ADB5A751622A9CC3BC19CE8 -- C:\WINDOWS\system32\dllcache\ws2ifsl.sys
[2001.08.18 12:00:00 | 000,012,032 | ---- | M] (Microsoft Corporation) MD5=6ABE6E225ADB5A751622A9CC3BC19CE8 -- C:\WINDOWS\system32\drivers\ws2ifsl.sys
< %systemroot%\system32\drivers\*.sys /lockedfiles >
[2009.02.10 15:12:24 | 000,717,296 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\sptd.sys
< %systemroot%\System32\config\*.sav >
[2007.11.29 18:19:43 | 000,094,208 | ---- | M] () -- C:\WINDOWS\system32\config\default.sav
[2007.11.29 18:19:43 | 000,630,784 | ---- | M] () -- C:\WINDOWS\system32\config\software.sav
[2007.11.29 18:19:43 | 000,450,560 | ---- | M] () -- C:\WINDOWS\system32\config\system.sav
< %systemroot%\*. /mp /s >
< %systemroot%\system32\*.dll /lockedfiles >
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]
< End of report >
Extras: Code:
OTL Extras logfile created on: 23.08.2010 18:33:21 - Run 2
OTL by OldTimer - Version 3.2.10.0 Folder = D:\Backup 2
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.5512)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
1.023,00 Mb Total Physical Memory | 565,00 Mb Available Physical Memory | 55,00% Memory free
2,00 Gb Paging File | 2,00 Gb Available in Paging File | 86,00% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 6,83 Gb Total Space | 0,60 Gb Free Space | 8,83% Space Free | Partition Type: NTFS
Drive D: | 131,65 Gb Total Space | 9,74 Gb Free Space | 7,40% Space Free | Partition Type: NTFS
Drive E: | 76,32 Gb Total Space | 12,14 Gb Free Space | 15,90% Space Free | Partition Type: NTFS
Drive F: | 279,47 Gb Total Space | 6,54 Gb Free Space | 2,34% Space Free | Partition Type: NTFS
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: CYVER
Current User Name: TomTom
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html [@ = Reg Error: Value error.] -- Reg Error: Key error. File not found
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
htmlfile [edit] -- Reg Error: Key error.
http [open] -- Reg Error: Key error.
https [open] -- Reg Error: Key error.
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Winamp.Bookmark] -- "d:\Programme\Winamp\Winamp.exe" /BOOKMARK "%1" (Nullsoft)
Directory [Winamp.Enqueue] -- "d:\Programme\Winamp\Winamp.exe" /ADD "%1" (Nullsoft)
Directory [Winamp.Play] -- "d:\Programme\Winamp\Winamp.exe" "%1" (Nullsoft)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"AntiVirusDisableNotify" = 1
"FirewallDisableNotify" = 1
"UpdatesDisableNotify" = 1
"AntiVirusOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22008
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"D:\Programme\Miranda IM\miranda32.exe" = D:\Programme\Miranda IM\miranda32.exe:*:Enabled:Miranda IM -- ( )
"D:\Spiele\THQ\S.T.A.L.K.E.R. - Shadow of Chernobyl\bin\XR_3DA.exe" = D:\Spiele\THQ\S.T.A.L.K.E.R. - Shadow of Chernobyl\bin\XR_3DA.exe:*:Enabled:S.T.A.L.K.E.R. - Shadow of Chernobyl (CLI) -- File not found
"D:\Spiele\THQ\S.T.A.L.K.E.R. - Shadow of Chernobyl\bin\dedicated\XR_3DA.exe" = D:\Spiele\THQ\S.T.A.L.K.E.R. - Shadow of Chernobyl\bin\dedicated\XR_3DA.exe:*:Enabled:S.T.A.L.K.E.R. - Shadow of Chernobyl (SRV) -- File not found
"D:\Spiele\Electronic Arts\Medal of Honor Airborne\UnrealEngine3\Binaries\MOHA.exe" = D:\Spiele\Electronic Arts\Medal of Honor Airborne\UnrealEngine3\Binaries\MOHA.exe:*:Enabled:Medal of Honor Airborne -- (Electronic Arts Inc.)
"D:\Spiele\Blobby Volley\volley.exe" = D:\Spiele\Blobby Volley\volley.exe:*:Enabled:volley -- ()
"D:\Programme\InterVideo\DVD6\WinDVD.exe" = D:\Programme\InterVideo\DVD6\WinDVD.exe:*:Enabled:WinDVD -- (InterVideo Inc.)
"D:\Spiele\Valve\Condition Zero\czero.exe" = D:\Spiele\Valve\Condition Zero\czero.exe:*:Enabled:Condition Zero Launcher -- (Valve)
"D:\Spiele\Activision\Call of Duty 2\CoD2MP_s.exe" = D:\Spiele\Activision\Call of Duty 2\CoD2MP_s.exe:*:Enabled:CoD2MP_s -- ()
"D:\Spiele\Call of Duty\CoDMP.exe" = D:\Spiele\Call of Duty\CoDMP.exe:*:Enabled:CoDMP -- ()
"D:\Programme\iTunes\iTunes.exe" = D:\Programme\iTunes\iTunes.exe:*:Enabled:iTunes -- (Apple Inc.)
"D:\Spiele\Activision\Call of Duty 4 - Modern Warfare\iw3mp.exe" = D:\Spiele\Activision\Call of Duty 4 - Modern Warfare\iw3mp.exe:*:Enabled:Call of Duty(R) 4 - Modern Warfare(TM) -- ()
"D:\Spiele\Ubisoft\Far Cry 2\bin\FarCry2.exe" = D:\Spiele\Ubisoft\Far Cry 2\bin\FarCry2.exe:*:Enabled:Far Cry 2 -- (Ubisoft Entertainment)
"D:\Spiele\Ubisoft\Far Cry 2\bin\FC2Launcher.exe" = D:\Spiele\Ubisoft\Far Cry 2\bin\FC2Launcher.exe:*:Enabled:Far Cry 2 Updater -- (Ubisoft)
"D:\Spiele\Ubisoft\Far Cry 2\bin\FC2Editor.exe" = D:\Spiele\Ubisoft\Far Cry 2\bin\FC2Editor.exe:*:Enabled:Editor -- (Ubisoft Entertainment)
"D:\Spiele\Electronic Arts\Burnout(TM) Paradise The Ultimate Box\BurnoutLauncher.exe" = D:\Spiele\Electronic Arts\Burnout(TM) Paradise The Ultimate Box\BurnoutLauncher.exe:*:Enabled:Burnout(TM) Paradise The Ultimate Box -- (Electronic Arts)
"D:\Spiele\Electronic Arts\Burnout(TM) Paradise The Ultimate Box\BurnoutConfigTool.exe" = D:\Spiele\Electronic Arts\Burnout(TM) Paradise The Ultimate Box\BurnoutConfigTool.exe:*:Enabled:Burnout(TM) Paradise The Ultimate Box -- (Electronic Arts)
"D:\Spiele\Electronic Arts\Burnout(TM) Paradise The Ultimate Box\BurnoutParadise.exe" = D:\Spiele\Electronic Arts\Burnout(TM) Paradise The Ultimate Box\BurnoutParadise.exe:*:Enabled:Burnout(TM) Paradise The Ultimate Box -- (Electronic Arts)
"D:\Spiele\EA GAMES\Battlefield 2\BF2.exe" = D:\Spiele\EA GAMES\Battlefield 2\BF2.exe:*:Enabled:Battlefield 2 -- ()
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{04858915-9F49-4B2A-AED4-DC49A7DE6A7B}" = Battlefield 2(TM)
"{127B684B-A002-44C8-99A7-6CF8F1E26873}" = PunkBuster für Battlefield 1942
"{13F3917B56CD4C25848BDC69916971BB}" = DivX Converter
"{1545207E-C6F3-31D7-9918-BDBB65075FBF}" = Microsoft .NET Framework 3.5 Language Pack - deu
"{18D10072035C4515918F7E37EAFAACFC}" = AutoUpdate
"{216AB108-2AE1-4130-B3D5-20B2C4C80F8F}" = QuickTime
"{2405665A-16C9-4D3A-B70E-F006220E1472}" = Overland
"{25F28E39-FDBB-11DB-8314-0800200C9A66}" = Medal of Honor Airborne
"{26A24AE4-039D-4CA4-87B4-2F83216012FF}" = Java(TM) 6 Update 12
"{2BA00471-0328-3743-93BD-FA813353A783}" = Microsoft .NET Framework 3.0 Service Pack 1
"{2FC099BD-AC9B-33EB-809C-D332E1B27C40}" = Microsoft .NET Framework 3.5
"{350C97B3-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3AEF2F6C-F1D3-47CD-BF3B-A327F1FABE58}" = PSPrinters06
"{3BDFCF84-67A3-4C52-A708-FDD4135CF64C}" = Scratch LIVE 1.8 (18048)
"{3CF78481-FB7B-4B51-99A2-D5E0CD0B3AAF}" = HPSystemDiagnostics
"{3DE0053C-FD9A-483E-B7C9-B06E4392206E}" = iTunes
"{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}" = eReg
"{3FC7CBBC4C1E11DCA1A752EA55D89593}" = DivX Version Checker
"{41254D7B-EADF-4078-AE4A-BD73B300EE86}" = Unload
"{457791C5-D702-4143-A7B2-2744BE9573F2}" = HP Software Update
"{45A66726-69BC-466B-A7A4-12FCBA4883D7}" = HiJackThis
"{49C88E44-1B38-4FC6-824E-2BDA3063B0E3}" = Apple Mobile Device Support
"{4AA3D64E-9EC3-4B0F-AB91-5885AC55641F}" = Microsoft Games for Windows - LIVE
"{58AEE3E0-8746-11DD-81B6-000AE67E2618}_is1" = grafstat4
"{592ED299-14EF-4C0F-92B4-B627CD5A2EBE}_is1" = fotofunXXL 3.60
"{62A5F5BC-CDAC-4F44-A2A9-C30A1BCBCA6B}" = CIB pdf Plug-in 1.3.25
"{65F1CF63-31E0-450B-96F3-4A88BE7361A6}" = AGEIA PhysX v7.07.09
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{698D7E61-E4BF-4CA6-8A09-CF6BDBFDEF65}" = Battlefield 1942
"{6ACA2FD2-4C4A-42F3-AFB5-7B433BBDF6DB}" = InterVideo WinDVD 6
"{767CC44C-9BBC-438D-BAD3-FD4595DD148B}" = VC80CRTRedist - 8.0.50727.762
"{786C5747-1437-443D-B06E-79A00FE45110}" = Adobe Stock Photos 1.0
"{7B63B2922B174135AFC0E1377DD81EC2}" = DivX Codec
"{8777AC6D-89F9-4793-8266-DE406F343E89}" = QFolder
"{886C92E6-4AF1-4290-BB86-4B5064A1BB7D}" = AMD Dual-Core Optimizer
"{8A15B7D9-908A-4EF9-BA84-5AEDE61743EE}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch
"{8ADFC4160D694100B5B8A22DE9DCABD9}" = DivX Player
"{8EDBA74D-0686-4C99-BFDD-F894678E5102}" = Adobe Common File Installer
"{8FFC924C-ED06-44CB-8867-3CA778ECE903}" = Adobe Help Center 2.0
"{90110407-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{90120000-0020-0407-0000-0000000FF1CE}" = Compatibility Pack für 2007 Office System
"{926B245F-201A-45D8-B4CE-B5A114F23381}" = Steganos Security Suite 6.0
"{9309DD7E-EBFE-3C95-8B47-30D3A012F606}" = Microsoft .NET Framework 2.0 Service Pack 1 Language Pack - DEU
"{981FB376-8418-4EA8-BBED-9DE5AA63E7D5}" = SkinsHP1
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9A996B6A-846E-4A89-B9C4-17546B7BE49F}" = Burnout(TM) Paradise The Ultimate Box
"{A1071AEB-B0EF-3F5F-BC84-83A270EBE496}" = Microsoft .NET Framework 3.0 Service Pack 1 Language Pack - DEU
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{A96E97134CA649888820BCDE5E300BBD}" = H.264 Decoder
"{AAC389499AEF40428987B3D30CFC76C9}" = MKV Splitter
"{AAC4FC36-8F89-4587-8DD3-EBC57C83374D}" = Photosmart 320,370,7400,8100,8400 Series (deu)
"{AC76BA86-7AD7-1031-7B44-A70000000000}" = Adobe Reader 7.0 - Deutsch
"{AC86ECA1-FA14-11D1-B4F6-00609781F44C}" = Der Brockhaus multimedial
"{AE3D38A6-13B1-40B3-9423-D1FA9982FB6A}" = Adobe Bridge 1.0
"{AEF9DC35ADDF4825B049ACBFD1C6EB37}" = AAC Decoder
"{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter
"{B3D5D4E0-E965-41C4-ABFD-A7B1AD0663C2}" = Director
"{B508B3F1-A24A-32C0-B310-85786919EF28}" = Microsoft .NET Framework 2.0 Service Pack 1
"{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Web Player
"{B73B4A99-4173-4747-BBEC-0F05E966F9D2}" = Battlefield 1942: Secret Weapons of WWII
"{BF018D2F-C788-4AB1-AB95-1280EAB8F13E}" = TrayApp
"{CC419DDC-E0F0-4013-B25A-6FA036516F0D}" = Need for Speed™ ProStreet
"{CE9DB414-A6E8-46D8-83CF-A3F6945D23E5}" = SetPointPatch
"{CEF294F4-6A80-463E-8F68-E4D3A80147A4}" = PS8400
"{D057AA08-8CBF-42E3-9EAB-23B8FED1C279}" = Battlefield 1942: The Road To Rome
"{E48469CC-635E-4FD5-A122-1497C286D217}" = Call of Duty(R) 4 - Modern Warfare(TM)
"{E6D22FE1-AB5F-42CA-9480-6F70B96DDD88}" = Need for Speed™ Undercover
"{F2835483-37F2-4123-B4FE-0E77D58447F2}" = Far Cry 2
"{F65787F3-B356-45EC-8DD0-0E6758EDBCEE}" = WebReg
"{FA17A726-B229-4116-B793-A2AB1A4EAE2E}" = Adobe Premiere Pro 2.0
"{FD052FB9-FE90-4438-B355-15EDC89D8FB1}" = Microsoft Games for Windows - LIVE Redistributable
"{FF26F7EA-BCEE-478C-9A1B-6B4F88717D73}" = CueTour
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"{FFFF6D5C-E2F1-4B40-BC89-8923312E89EB}}_is1" = ACE Mega CoDecS Pack
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player Plugin
"Adobe Photoshop 7.0" = Adobe Photoshop 7.0
"Adobe Premiere Pro 2.0" = Adobe Premiere Pro 2.0
"Applian FLV Player2.0.24" = Applian FLV Player
"Audacity_is1" = Audacity 1.2.6
"Audio Conversion Wizard_is1" = Audio Conversion Wizard 1.68.1
"AudioConSole" = Creative-Audiokonsole
"AVM ISDN CAPI Port" = AVM ISDN CAPI Port
"AVMBLUECLI" = AVM BlueFRITZ! USB
"Call of Duty" = Call of Duty
"CCleaner" = CCleaner
"CTDVDAudio Plugin" = Creative DVD Audio Plugin for Audigy Series
"DATA BECKER Visitenkarten Druckerei 2002" = DATA BECKER Visitenkarten Druckerei 2002
"DivX Plus DirectShow Filters" = DivX Plus DirectShow Filters
"DVDx 2.2_is1" = DVDx 2.2
"Free PDF to Word Doc Converter_is1" = Free PDF to Word Doc Converter v1.1
"FreePDF_XP" = FreePDF (Remove only)
"FRITZ! 2.0" = AVM FRITZ!
"Hamachi" = Hamachi 1.0.1.5
"HP Photo & Imaging" = HP Image Zone 4.0
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie7" = Windows Internet Explorer 7
"InstallShield_{8A15B7D9-908A-4EF9-BA84-5AEDE61743EE}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch
"InstallShield_{E48469CC-635E-4FD5-A122-1497C286D217}" = Call of Duty(R) 4 - Modern Warfare(TM)
"IPIX ActiveX Viewer" = IPIX ActiveX Viewer
"IPIX Netscape Plugin Viewer" = IPIX Netscape Plugin Viewer
"IPIX Viewer" = IPIX Viewer
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 3.5" = Microsoft .NET Framework 3.5
"Microsoft .NET Framework 3.5 Language Pack - deu" = Microsoft .NET Framework 3.5 Language Pack - DEU
"Miranda IM" = Miranda IM 0.8.27
"Nero - Burning Rom!UninstallKey" = Nero 6 Ultra Edition
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"NVIDIA Display Control Panel" = NVIDIA Display Control Panel
"NVIDIA Drivers" = NVIDIA Drivers
"NVIDIA nView Desktop Manager" = NVIDIA nView Desktop Manager
"OpenAL" = OpenAL
"Pack Vista Inspirat 2" = Pack Vista Inspirat 2 1.0
"PicPick" = PicPick
"RealPlayer 6.0" = RealPlayer
"Redirection Port Monitor" = RedMon - Redirection Port Monitor
"RivaTuner" = RivaTuner v2.24 MSI Master Overclocking Arena 2009 edition
"SP6" = Logitech SetPoint 6.15
"UT2003" = Unreal Tournament 2003
"VLC media player" = VideoLAN VLC media player 0.8.5
"Wdf01005" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
"Winamp" = Winamp (remove only)
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Optimizer 2.2_is1" = Windows XP Optimizer 2.2
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinRAR archiver" = WinRAR
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Xilisoft YouTube Video Converter" = Xilisoft YouTube Video Converter
"XpsEPSC" = XML Paper Specification Shared Components Pack 1.0
"XPSEPSCLP" = XML Paper Specification Shared Components Language Pack 1.0
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 26.04.2010 14:11:40 | Computer Name = CYVER | Source = Microsoft Office 11 | ID = 2001
Description = Rejected Safe Mode action : Microsoft Office Outlook.
Error - 05.05.2010 16:18:41 | Computer Name = CYVER | Source = Microsoft Office 11 | ID = 2001
Description = Rejected Safe Mode action : Microsoft Office Outlook.
Error - 15.05.2010 08:58:41 | Computer Name = CYVER | Source = Microsoft Office 11 | ID = 2001
Description = Rejected Safe Mode action : Microsoft Office Outlook.
Error - 15.05.2010 09:20:11 | Computer Name = CYVER | Source = Microsoft Office 11 | ID = 2001
Description = Rejected Safe Mode action : Microsoft Office Outlook.
Error - 15.05.2010 09:20:22 | Computer Name = CYVER | Source = Microsoft Office 11 | ID = 2000
Description = Accepted Safe Mode action : Microsoft Office Outlook.
Error - 15.05.2010 09:52:22 | Computer Name = CYVER | Source = Microsoft Office 11 | ID = 2000
Description = Accepted Safe Mode action : Microsoft Office Outlook.
Error - 15.05.2010 09:52:38 | Computer Name = CYVER | Source = Microsoft Office 11 | ID = 2001
Description = Rejected Safe Mode action : Microsoft Office Outlook.
Error - 29.05.2010 10:01:15 | Computer Name = CYVER | Source = Microsoft Office 11 | ID = 2001
Description = Rejected Safe Mode action : Microsoft Office Outlook.
Error - 12.07.2010 12:21:25 | Computer Name = CYVER | Source = MsiInstaller | ID = 11327
Description = Produkt: NVIDIA PhysX -- Fehler 1327. Ungültiges Laufwerk: F:\
Error - 27.07.2010 11:29:56 | Computer Name = CYVER | Source = MsiInstaller | ID = 11706
Description = Produkt: Microsoft Office Professional Edition 2003 -- Fehler 1706.
Setup kann die benötigten Dateien nicht finden. Überprüfen Sie Ihre Verbindung
mit dem Netzwerk oder dem CD-ROM-Laufwerk. Weitere mögliche Lösungen für dieses
Problem erhalten Sie unter D:\Programme\Microsoft Office\OFFICE11\1031\SETUP.CHM.
[ System Events ]
Error - 23.08.2010 07:43:22 | Computer Name = CYVER | Source = BTHUSB | ID = 327696
Description = Die beiderseitige Authentifizierung zwischen dem lokalen Bluetooth-Funkgerät
und einem Gerät mit der Bluetooth-Funkgerätadresse (00:07:61:7f:b7:fb) ist fehlgeschlagen.
Error - 23.08.2010 10:03:44 | Computer Name = CYVER | Source = ParVdm | ID = 458754
Description = Zeiger für Geräteobjekt lässt sich nicht für Anschlussobjekt ermitteln.
Error - 23.08.2010 10:30:30 | Computer Name = CYVER | Source = NetBT | ID = 4307
Description = Initialisierung fehlgeschlagen, da die Transportschicht das Öffnen
der Anfangsadressen verweigerte.
Error - 23.08.2010 10:30:35 | Computer Name = CYVER | Source = ParVdm | ID = 458754
Description = Zeiger für Geräteobjekt lässt sich nicht für Anschlussobjekt ermitteln.
Error - 23.08.2010 10:32:38 | Computer Name = CYVER | Source = NetBT | ID = 4307
Description = Initialisierung fehlgeschlagen, da die Transportschicht das Öffnen
der Anfangsadressen verweigerte.
Error - 23.08.2010 10:32:43 | Computer Name = CYVER | Source = ParVdm | ID = 458754
Description = Zeiger für Geräteobjekt lässt sich nicht für Anschlussobjekt ermitteln.
Error - 23.08.2010 12:31:30 | Computer Name = CYVER | Source = NetBT | ID = 4307
Description = Initialisierung fehlgeschlagen, da die Transportschicht das Öffnen
der Anfangsadressen verweigerte.
Error - 23.08.2010 12:31:35 | Computer Name = CYVER | Source = ParVdm | ID = 458754
Description = Zeiger für Geräteobjekt lässt sich nicht für Anschlussobjekt ermitteln.
Error - 23.08.2010 12:33:31 | Computer Name = CYVER | Source = SRService | ID = 104
Description = Die Initialisierung der Systemwiederherstellung ist fehlgeschlagen.
Error - 23.08.2010 12:33:31 | Computer Name = CYVER | Source = Service Control Manager | ID = 7023
Description = Der Dienst "Systemwiederherstellungsdienst" wurde mit folgendem Fehler
beendet: %%2
< End of report > Hilfeee :crazy: |