FREEEAAAK | 07.10.2010 15:33 | Also hier sind meine Scan daten
OTL:OTL Logfile: Code:
OTL logfile created on: 07.10.2010 16:24:16 - Run 1
OTL by OldTimer - Version 3.2.14.1 Folder = G:\AAAA_Downloads
Windows XP Media Center Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000C07 | Country: Österreich | Language: DEA | Date Format: dd.MM.yyyy
2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 66,00% Memory free
4,00 Gb Paging File | 3,00 Gb Available in Paging File | 81,00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 116,44 Gb Total Space | 85,06 Gb Free Space | 73,05% Space Free | Partition Type: NTFS
Drive D: | 58,22 Gb Total Space | 53,79 Gb Free Space | 92,40% Space Free | Partition Type: NTFS
Drive E: | 58,22 Gb Total Space | 54,97 Gb Free Space | 94,43% Space Free | Partition Type: NTFS
F: Drive not present or media not loaded
Drive G: | 232,88 Gb Total Space | 64,30 Gb Free Space | 27,61% Space Free | Partition Type: NTFS
Drive H: | 116,50 Gb Total Space | 48,97 Gb Free Space | 42,03% Space Free | Partition Type: NTFS
Drive I: | 116,39 Gb Total Space | 20,72 Gb Free Space | 17,80% Space Free | Partition Type: NTFS
Computer Name: APEVIA
Current User Name: Christoph
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal
========== Processes (SafeList) ==========
PRC - G:\AAAA_Downloads\OTL.exe (OldTimer Tools)
PRC - C:\Programme\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Programme\cFosSpeed\spd.exe (cFos Software GmbH)
PRC - C:\Programme\cFosSpeed\cfosspeed.exe (cFos Software GmbH)
PRC - C:\Programme\DivX\DivX Update\DivXUpdate.exe ()
PRC - C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.)
PRC - C:\Fraps\fraps.exe (Beepa P/L)
PRC - C:\Programme\Gemeinsame Dateien\Research In Motion\Auto Update\RIMAutoUpdate.exe (Research In Motion Limited)
PRC - C:\Programme\Skype\Toolbars\Shared\SkypeNames2.exe (Skype Technologies S.A.)
PRC - C:\Programme\NVIDIA Corporation\System Update\UpdateCenterService.exe (NVIDIA)
PRC - C:\Programme\NVIDIA Corporation\nTune\nTuneService.exe (NVIDIA)
PRC - C:\Programme\NVIDIA Corporation\nTune\nTuneCmd.exe (NVIDIA)
PRC - C:\Programme\Gemeinsame Dateien\InstallShield\UpdateService\ISUSPM.exe (Macrovision Corporation)
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\Programme\Norton Ghost\Agent\VProSvc.exe (Symantec Corporation)
PRC - C:\Programme\Norton Ghost\Shared\Drivers\SymSnapService.exe (Symantec)
PRC - C:\Programme\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe (Rocket Division Software)
PRC - C:\Programme\Analog Devices\Core\smax4pnp.exe (Analog Devices, Inc.)
PRC - C:\Programme\Gemeinsame Dateien\Ahead\Lib\NMBgMonitor.exe (Nero AG)
PRC - C:\Programme\Gemeinsame Dateien\Ahead\Lib\NMIndexStoreSvr.exe (Nero AG)
PRC - C:\Programme\Analog Devices\SoundMAX\SMax4.exe (Analog Devices, Inc.)
PRC - C:\Programme\Vista Rainbar\Rainmeter.exe ()
PRC - C:\WINDOWS\system32\PAStiSvc.exe ()
PRC - C:\WINDOWS\system32\control.exe (Microsoft Corporation)
========== Modules (SafeList) ==========
MOD - G:\AAAA_Downloads\OTL.exe (OldTimer Tools)
MOD - C:\Fraps\fraps32.dll (Beepa P/L)
MOD - C:\WINDOWS\system32\msscript.ocx (Microsoft Corporation)
========== Win32 Services (SafeList) ==========
SRV - (FLEXnet Licensing Service) -- C:\Programme\Gemeinsame Dateien\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Acresso Software Inc.)
SRV - (Akamai) -- c:\Programme\Gemeinsame Dateien\Akamai\netsession_win_062a651.dll ()
SRV - (cFosSpeedS) -- C:\Programme\cFosSpeed\spd.exe (cFos Software GmbH)
SRV - (AVP) -- C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe (Kaspersky Lab)
SRV - (Apple Mobile Device) -- C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.)
SRV - (DfSdkS) -- C:\Programme\Ashampoo\Ashampoo WinOptimizer 2010 Advanced\Dfsdks.exe (mst software GmbH, Germany)
SRV - (UpdateCenterService) -- C:\Programme\NVIDIA Corporation\System Update\UpdateCenterService.exe (NVIDIA)
SRV - (nTuneService) -- C:\Programme\NVIDIA Corporation\nTune\nTuneService.exe (NVIDIA)
SRV - (RoxLiveShare9) -- C:\Programme\Gemeinsame Dateien\Roxio Shared\9.0\SharedCOM\RoxLiveShare9.exe (Sonic Solutions)
SRV - (RoxWatch9) -- C:\Programme\Gemeinsame Dateien\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe (Sonic Solutions)
SRV - (RoxMediaDB9) -- C:\Programme\Gemeinsame Dateien\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe (Sonic Solutions)
SRV - (Adobe LM Service) -- C:\Programme\Gemeinsame Dateien\Adobe Systems Shared\Service\Adobelmsvc.exe (Adobe Systems)
SRV - (Norton Ghost) -- C:\Programme\Norton Ghost\Agent\VProSvc.exe (Symantec Corporation)
SRV - (SymSnapService) -- C:\Programme\Norton Ghost\Shared\Drivers\SymSnapService.exe (Symantec)
SRV - (StarWindServiceAE) -- C:\Programme\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe (Rocket Division Software)
SRV - (odserv) -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE12\ODSERV.EXE (Microsoft Corporation)
SRV - (ose) -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE (Microsoft Corporation)
SRV - (STI Simulator) -- C:\WINDOWS\system32\PAStiSvc.exe ()
SRV - (IDriverT) -- C:\Programme\Gemeinsame Dateien\InstallShield\Driver\1050\Intel 32\IDriverT.exe (Macrovision Corporation)
========== Driver Services (SafeList) ==========
DRV - (Video3D) -- C:\WINDOWS\System32\Drivers\Video3D32.sys File not found
DRV - (sptd) -- C:\WINDOWS\System32\Drivers\sptd.sys ()
DRV - (cFosSpeed) -- C:\WINDOWS\system32\drivers\cfosspeed.sys (cFos Software GmbH)
DRV - (nv) -- C:\WINDOWS\system32\drivers\nv4_mini.sys (NVIDIA Corporation)
DRV - (atksgt) -- C:\WINDOWS\system32\drivers\atksgt.sys ()
DRV - (lirsgt) -- C:\WINDOWS\system32\drivers\lirsgt.sys ()
DRV - (KLIF) -- C:\WINDOWS\system32\drivers\klif.sys (Kaspersky Lab)
DRV - (kl1) -- C:\WINDOWS\system32\drivers\kl1.sys (Kaspersky Lab)
DRV - (klmouflt) -- C:\WINDOWS\system32\drivers\klmouflt.sys (Kaspersky Lab)
DRV - (klim5) -- C:\WINDOWS\system32\drivers\klim5.sys (Kaspersky Lab)
DRV - (nvoclock) -- C:\WINDOWS\system32\drivers\nvoclock.sys (NVIDIA Corp.)
DRV - (klbg) -- C:\WINDOWS\system32\drivers\klbg.sys (Kaspersky Lab)
DRV - (Aspi32) -- C:\WINDOWS\system32\drivers\ASPI32.SYS (Adaptec)
DRV - (HDAudBus) -- C:\WINDOWS\system32\drivers\hdaudbus.sys (Windows (R) Server 2003 DDK provider)
DRV - (WimFltr) -- C:\WINDOWS\system32\drivers\WimFltr.sys (Microsoft Corporation)
DRV - (v2imount) -- C:\WINDOWS\system32\drivers\v2imount.sys (Symantec Corporation)
DRV - (VProEventMonitor) -- C:\WINDOWS\system32\drivers\vproeventmonitor.sys (Symantec Corporation)
DRV - (symsnap) -- C:\WINDOWS\system32\DRIVERS\symsnap.sys (StorageCraft)
DRV - (asusgsb) -- C:\WINDOWS\system32\drivers\asusgsb.sys (ASUSTeK Computer Inc.)
DRV - (EIO) -- C:\WINDOWS\system32\drivers\EIO.sys (ASUSTeK Computer Inc.)
DRV - (ADIHdAudAddService) -- C:\WINDOWS\system32\drivers\ADIHdAud.sys (Analog Devices, Inc.)
DRV - (ADIDTSFiltService) -- C:\WINDOWS\system32\drivers\adidts.sys (Analog Devices, Inc.)
DRV - (nvata) -- C:\WINDOWS\system32\DRIVERS\nvata.sys (NVIDIA Corporation)
DRV - (nvnetbus) -- C:\WINDOWS\system32\drivers\nvnetbus.sys (NVIDIA Corporation)
DRV - (NVENETFD) -- C:\WINDOWS\system32\drivers\NVENETFD.sys (NVIDIA Corporation)
DRV - (imagesrv) -- C:\WINDOWS\system32\DRIVERS\imagesrv.sys (Ahead Software AG)
DRV - (imagedrv) -- C:\WINDOWS\System32\Drivers\imagedrv.sys (Ahead Software AG)
DRV - (PAC207) -- C:\WINDOWS\system32\drivers\PFC027.sys ()
DRV - (MTsensor) -- C:\WINDOWS\system32\drivers\ASACPI.sys ()
DRV - (prohlp02) -- C:\WINDOWS\System32\drivers\prohlp02.sys (Protection Technology)
DRV - (prodrv06) -- C:\WINDOWS\System32\drivers\prodrv06.sys (Protection Technology)
DRV - (sfhlp01) -- C:\WINDOWS\System32\drivers\sfhlp01.sys (Protection Technology)
DRV - (prosync1) -- C:\WINDOWS\System32\drivers\prosync1.sys (Protection Technology)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1644491937-839522115-747465256-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Google
IE - HKU\S-1-5-21-1644491937-839522115-747465256-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1644491937-839522115-747465256-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
========== FireFox ==========
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..extensions.enabledItems: linkfilter@kaspersky.ru:9.0.0.459
FF - prefs.js..extensions.enabledItems: {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.8
FF - prefs.js..extensions.enabledItems: {AB2CE124-6272-4b12-94A9-7303C7397BD1}:4.2.0.5198
FF - prefs.js..extensions.enabledItems: firebug@software.joehewitt.com:1.5.4
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.10\extensions\\Components: C:\Programme\Mozilla Firefox\components [2010.10.01 18:57:00 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.10\extensions\\Plugins: C:\Programme\Mozilla Firefox\plugins [2010.09.24 18:30:08 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Thunderbird\Extensions\\{eea12ec4-729d-4703-bc37-106ce9879ce2}: C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2010\THBExt [2010.01.23 16:52:24 | 000,000,000 | ---D | M]
[2010.01.23 14:21:24 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Christoph\Anwendungsdaten\Mozilla\Extensions
[2010.10.06 21:51:32 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Christoph\Anwendungsdaten\Mozilla\Firefox\Profiles\vf4blq8c.default\extensions
[2010.07.27 14:43:19 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Dokumente und Einstellungen\Christoph\Anwendungsdaten\Mozilla\Firefox\Profiles\vf4blq8c.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2010.06.03 12:02:25 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\Christoph\Anwendungsdaten\Mozilla\Firefox\Profiles\vf4blq8c.default\extensions\{e2c58150-9d72-11dd-ad8b-0800200c9a66}
[2010.06.03 12:02:27 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Christoph\Anwendungsdaten\Mozilla\Firefox\Profiles\vf4blq8c.default\extensions\cfxegreen@Bocan
[2010.06.30 12:54:08 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Christoph\Anwendungsdaten\Mozilla\Firefox\Profiles\vf4blq8c.default\extensions\firebug@software.joehewitt.com
[2010.06.03 12:02:14 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Christoph\Anwendungsdaten\Mozilla\Firefox\Profiles\vf4blq8c.default\extensions\nasanightlaunch@example.com
[2010.01.23 21:07:27 | 000,002,791 | ---- | M] () -- C:\Dokumente und Einstellungen\Christoph\Anwendungsdaten\Mozilla\Firefox\Profiles\vf4blq8c.default\searchplugins\world-of-warcraft-arsenal.xml
[2010.10.06 21:51:32 | 000,000,000 | ---D | M] -- C:\Programme\Mozilla Firefox\extensions
[2010.06.13 19:29:44 | 000,000,000 | ---D | M] (Skype extension for Firefox) -- C:\Programme\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}
[2010.01.23 16:52:37 | 000,000,000 | ---D | M] -- C:\Programme\Mozilla Firefox\extensions\linkfilter@kaspersky.ru
[2010.09.24 18:30:04 | 000,001,392 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\amazondotcom-de.xml
[2010.09.24 18:30:04 | 000,002,344 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\eBay-de.xml
[2010.09.24 18:30:04 | 000,006,805 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\leo_ende_de.xml
[2010.09.24 18:30:04 | 000,001,178 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\wikipedia-de.xml
[2010.09.24 18:30:04 | 000,001,105 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\yahoo-de.xml
O1 HOSTS File: ([2004.08.10 14:00:00 | 000,000,820 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (HP Print Enhancer) - {0347C33E-8762-4905-BF09-768834316C61} - C:\Programme\HP\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
O2 - BHO: (HP Print Clips) - {053F9267-DC04-4294-A72C-58F732D338C0} - C:\Programme\HP\Smart Web Printing\hpswp_framework.dll (Hewlett-Packard Co.)
O2 - BHO: (AcroIEHlprObj Class) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (IEVkbdBHO Class) - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2010\ievkbd.dll (Kaspersky Lab)
O2 - BHO: (AcroIEToolbarHelper Class) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Programme\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (FilterBHO Class) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll (Kaspersky Lab)
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Programme\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKU\S-1-5-21-1644491937-839522115-747465256-1003\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Programme\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [AVP] C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe (Kaspersky Lab)
O4 - HKLM..\Run: [BlackBerryAutoUpdate] C:\Programme\Gemeinsame Dateien\Research In Motion\Auto Update\RIMAutoUpdate.exe (Research In Motion Limited)
O4 - HKLM..\Run: [cFosSpeed] C:\Programme\cFosSpeed\cfosspeed.exe (cFos Software GmbH)
O4 - HKLM..\Run: [DivXUpdate] C:\Programme\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [NeroFilterCheck] C:\Programme\Gemeinsame Dateien\Ahead\Lib\NeroCheck.exe (Nero AG)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\Programme\NVIDIA Corporation\nView\nwiz.exe ()
O4 - HKLM..\Run: [RoxWatchTray] C:\Programme\Gemeinsame Dateien\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe (Sonic Solutions)
O4 - HKLM..\Run: [SoundMAX] C:\Programme\Analog Devices\SoundMAX\Smax4.exe (Analog Devices, Inc.)
O4 - HKLM..\Run: [SoundMAXPnP] C:\Programme\Analog Devices\Core\smax4pnp.exe (Analog Devices, Inc.)
O4 - HKU\S-1-5-21-1644491937-839522115-747465256-1003..\Run: [AlcoholAutomount] C:\Programme\Alcohol Soft\Alcohol 120\axcmd.exe (Alcohol Soft Development Team)
O4 - HKU\S-1-5-21-1644491937-839522115-747465256-1003..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] C:\Programme\Gemeinsame Dateien\Ahead\Lib\NMBgMonitor.exe (Nero AG)
O4 - HKU\S-1-5-21-1644491937-839522115-747465256-1003..\Run: [Fraps] C:\Fraps\fraps.exe (Beepa P/L)
O4 - HKU\S-1-5-21-1644491937-839522115-747465256-1003..\Run: [ISUSPM] C:\Programme\Gemeinsame Dateien\InstallShield\UpdateService\ISUSPM.exe (Macrovision Corporation)
O4 - HKU\S-1-5-21-1644491937-839522115-747465256-1003..\Run: [Vista Rainbar] C:\Programme\Vista Rainbar\Rainmeter.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveTrack = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallVisualStyle = C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles (Microsoft)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallTheme = C:\WINDOWS\Resources\Themes\Royale.theme ()
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1644491937-839522115-747465256-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: Ausgewählte Verknüpfungen in Adobe PDF konvertieren - C:\Programme\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Ausgewählte Verknüpfungen in vorhandene PDF-Datei konvertieren - C:\Programme\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Auswahl in Adobe PDF konvertieren - C:\Programme\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Auswahl in vorhandene PDF-Datei konvertieren - C:\Programme\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Hinzufügen zu Anti-Banner - C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2010\ie_banner_deny.htm ()
O8 - Extra context menu item: In Adobe PDF konvertieren - C:\Programme\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: In vorhandene PDF-Datei konvertieren - C:\Programme\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - C:\Programme\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Verknüpfungsziel in Adobe PDF konvertieren - C:\Programme\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Verknüpfungsziel in vorhandene PDF-Datei konvertieren - C:\Programme\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: &Virtuelle Tastatur - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll (Kaspersky Lab)
O9 - Extra Button: HP Sammelmappe - {58ECB495-38F0-49cb-A538-10282ABF65E7} - C:\Programme\HP\Smart Web Printing\hpswp_extensions.dll (Hewlett-Packard Co.)
O9 - Extra Button: HP Intelligente Auswahl - {700259D7-1666-479a-93B1-3250410481E8} - C:\Programme\HP\Smart Web Printing\hpswp_extensions.dll (Hewlett-Packard Co.)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Programme\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra Button: Li&nks untersuchen - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll (Kaspersky Lab)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {173D9E48-B527-4AA0-A929-30B446002AA8} hxxp://universum-77.dyndns.org:800/DVRemoteAx.cab (DVRemoteControl Class)
O16 - DPF: {369383F8-C8B7-42E1-819E-D47E3ABAD4BC} hxxp://10.0.0.18:8080/cgi-bin/QNAPG726.cab (G726 BE/LE Audio Decoder)
O16 - DPF: {4DA8C6E4-312A-4A8F-B02B-491B2BF09CF2} hxxp://10.0.0.18:8080/cgi-bin/QNAPQ264.cab (H264 Based Transform Filter)
O16 - DPF: {603E0052-7B06-496B-A04B-192419174876} hxxp://10.0.0.18:8080/cgi-bin/QNAPQIVG.cab (MJPG Based Transform Filter)
O16 - DPF: {937FE81C-FECF-4A55-9754-49D6D6550EDC} hxxp://10.0.0.18:8080/cgi-bin/NNVRVMon.cab (NAS NVR(V) Monitor)
O16 - DPF: {B824D61F-DAF3-40BF-BA5E-430D250FF51C} hxxp://10.0.0.18:8080/cgi-bin/QNAPQMP4.cab (QMPEG4 Based Transform Filter)
O16 - DPF: {F5F2CE2F-C516-4428-8758-7178B1E1ABAB} hxxp://10.0.0.18:8080/cgi-bin/QNAPQVivoTek.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.0.0.138
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Gemeinsame Dateien\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - AppInit_DLLs: (C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll) - C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2010\mzvkbd3.dll (Kaspersky Lab)
O20 - AppInit_DLLs: (C:\PROGRA~1\KASPER~1\KASPER~1\kloehk.dll) - C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2010\kloehk.dll (Kaspersky Lab)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\klogon: DllName - C:\WINDOWS\system32\klogon.dll - C:\WINDOWS\system32\klogon.dll (Kaspersky Lab)
O24 - Desktop Components:0 (Die derzeitige Homepage) - About:Home
O24 - Desktop WallPaper: C:\Dokumente und Einstellungen\Christoph\Lokale Einstellungen\Anwendungsdaten\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Dokumente und Einstellungen\Christoph\Lokale Einstellungen\Anwendungsdaten\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2019.09.14 18:32:27 | 000,000,000 | ---D | M] - C:\Autodesk -- [ NTFS ]
O32 - AutoRun File - [2008.08.21 14:11:47 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2007.12.05 19:29:02 | 000,000,000 | ---- | M] () - G:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{5bc08744-6f88-11dd-8550-806d6172696f}\Shell - "" = AutoRun
O33 - MountPoints2\{5bc08744-6f88-11dd-8550-806d6172696f}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{5bc08744-6f88-11dd-8550-806d6172696f}\Shell\AutoRun\command - "" = F:\Setup.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
NetSvcs: 6to4 - File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found
MsConfig - Services: "Adobe LM Service"
MsConfig - Services: "Bonjour Service"
MsConfig - Services: "HPSLPSVC"
MsConfig - Services: "hpqddsvc"
MsConfig - Services: "hpqcxs08"
MsConfig - StartUpFolder: C:^Dokumente und Einstellungen^All Users^Startmenü^Programme^Autostart^Adobe Acrobat - Schnellstart.lnk - C:\WINDOWS\Installer\{AC76BA86-1033-F400-7760-000000000002}\SC_Acrobat.exe - ()
MsConfig - StartUpFolder: C:^Dokumente und Einstellungen^All Users^Startmenü^Programme^Autostart^Desktop Manager.lnk - C:\PROGRA~1\RESEAR~1\BLACKB~1\DESKTO~1.EXE - File not found
MsConfig - StartUpFolder: C:^Dokumente und Einstellungen^All Users^Startmenü^Programme^Autostart^HP Digital Imaging Monitor.lnk - C:\Programme\HP\Digital Imaging\bin\hpqtra08.exe - (Hewlett-Packard Co.)
MsConfig - StartUpReg: Acrobat Assistant 7.0 - hkey= - key= - C:\Programme\Adobe\Acrobat 7.0\Distillr\Acrotray.exe (Adobe Systems Inc.)
MsConfig - StartUpReg: GameFace Messenger - hkey= - key= - C:\Programme\GameFace Messenger\GameFace.exe File not found
MsConfig - StartUpReg: iTunesHelper - hkey= - key= - C:\Programme\iTunes\iTunesHelper.exe (Apple Inc.)
MsConfig - StartUpReg: Norton Ghost 14.0 - hkey= - key= - C:\Programme\Norton Ghost\Agent\VProTray.exe (Symantec Corporation)
MsConfig - State: "system.ini" - 0
MsConfig - State: "win.ini" - 0
MsConfig - State: "bootini" - 0
MsConfig - State: "services" - 2
MsConfig - State: "startup" - 2
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: sermouse.sys - Driver
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vds - Service
SafeBootMin: vga.sys - Driver
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: sermouse.sys - Driver
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: vga.sys - Driver
SafeBootNet: {1a3e09be-1e45-494b-9174-d7385b45bbf5} - Reg Error: Value error.
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
ActiveX: {023A37CA-40DF-1AC3-F9D6-FED4687C0603} - NetShow
ActiveX: {10072CEC-8CC1-11D1-986E-00A0C955B42F} - Vektorgrafik-Rendering (VML)
ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - NetShow
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 6.4
ActiveX: {242234B4-98FE-EFC2-3997-1C143170B0ED} - Browseranpassungen
ActiveX: {283807B5-2C60-11D0-A31D-00AA00B92C03} - DirectAnimation
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {36f8ec70-c29a-11d1-b5c7-0000f8051515} - Dynamic HTML-Datenbindung für Java
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {3bf42070-b3b1-11d1-b5c5-0000f8051515} - Uniscribe
ActiveX: {4278c270-a269-11d1-b5bf-0000f8051515} - Erweitertes Authoring
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install
ActiveX: {44BBA842-CC51-11CF-AAFA-00AA00B6015B} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT
ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - DirectShow
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f216970-c90c-11d1-b5c7-0000f8051515} - DirectAnimation Java Classes
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5945c046-1e7d-11d1-bc44-00c04fd912be} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser
ActiveX: {5A8D6EE0-3E18-11D0-821E-444553540000} - ICW
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7131646D-CD3C-40F4-97B9-CD9E4E6262EF} - .NET Framework
ActiveX: {73fa19d0-2d75-11d2-995d-00c04f98bbc9} - Web Folders
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install
ActiveX: {85CA627E-4AFB-A09E-4A24-B08541E1D49F} - DirectAnimation
ActiveX: {8937FCB2-2FC6-4FC3-9FB5-DE2C92DB9C38} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\WINDOWS\system32\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - c:\WINDOWS\system32\Rundll32.exe c:\WINDOWS\system32\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {9A5CF3FD-4ED3-1624-1016-BE96C09A95CA} - Microsoft Windows Media Player
ActiveX: {AA9FA898-A5F0-6E98-E29D-9D1523F4358B} - NetShow
ActiveX: {C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F} - .NET Framework
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {CC2A9BA0-3BDD-11D0-821E-444553540000} - Taskplaner
ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1
ActiveX: {D27CDB6E-AE6D-11cf-96B8-444553540000} - Macromedia Shockwave Flash
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: {EA29D410-CE41-4953-A862-2DE706A1DAD7} - Microsoft .NET Framework 1.0 Service Pack 3
ActiveX: {EB278E48-ADD4-3272-CA4F-332A3FF9A3D9} - NetShow
ActiveX: {FDC11A6F-17D1-48f9-9EA3-9051954BAA24} - .NET Framework
ActiveX: <{12d0ed0d-0ee0-4f90-8827-78cefb8f4988} - C:\WINDOWS\system32\ieudinit.exe
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\WINDOWS\inf\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\WINDOWS\system32\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP
ActiveX: >{881dd1c5-3dcf-431b-b061-f3f88e8be88a} - %systemroot%\system32\shmgrate.exe OCInstallUserConfigOE
Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: MSVideo8 - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.DIVX - C:\WINDOWS\System32\DivX.dll (DivX, Inc.)
Drivers32: VIDC.FPS1 - C:\WINDOWS\System32\frapsvid.dll (Beepa P/L)
Drivers32: VIDC.I420 - C:\WINDOWS\System32\i420vfw.dll (www.helixcommunity.org)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
Drivers32: vidc.XVID - C:\WINDOWS\System32\xvidvfw.dll ()
Drivers32: vidc.yv12 - C:\WINDOWS\System32\yv12vfw.dll (www.helixcommunity.org)
CREATERESTOREPOINT
Restore point Set: OTL Restore Point (17746534284132352)
========== Files/Folders - Created Within 30 Days ==========
[2019.09.14 19:07:45 | 000,000,000 | ---D | C] -- C:\Programme\Gemeinsame Dateien\Macrovision Shared
[2019.09.14 19:06:08 | 000,000,000 | ---D | C] -- C:\Programme\Autodesk
[2019.09.14 19:06:08 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Christoph\Lokale Einstellungen\Anwendungsdaten\Autodesk
[2019.09.14 19:04:18 | 000,000,000 | ---D | C] -- C:\Programme\Gemeinsame Dateien\Autodesk Shared
[2019.09.14 19:01:10 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\XPSViewer
[2019.09.14 19:01:06 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\en-US
[2019.09.14 19:01:03 | 000,000,000 | ---D | C] -- C:\Programme\Reference Assemblies
[2019.09.14 19:00:36 | 001,676,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xpssvcs.dll
[2019.09.14 19:00:36 | 001,676,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\xpssvcs.dll
[2019.09.14 19:00:36 | 000,597,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\printfilterpipelinesvc.exe
[2019.09.14 19:00:36 | 000,575,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\xpsshhdr.dll
[2019.09.14 19:00:36 | 000,117,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\prntvpt.dll
[2019.09.14 19:00:36 | 000,089,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\filterpipelineprintproc.dll
[2019.09.14 19:00:35 | 000,000,000 | ---D | C] -- C:\5aeb9db06915bc7efb749c
[2019.09.14 18:38:48 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Christoph\Anwendungsdaten\Autodesk
[2019.09.14 18:38:48 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Autodesk
[2019.09.14 18:32:27 | 000,000,000 | ---D | C] -- C:\Autodesk
[2015.01.23 17:54:38 | 000,000,000 | ---D | C] -- C:\Programme\Alcohol Soft
[2010.10.06 17:19:11 | 001,700,864 | ---- | C] (Kai Pautsch) -- C:\Dokumente und Einstellungen\Christoph\Desktop\Wuerfel_v2-0_x86.exe
[2010.10.05 21:26:01 | 000,000,000 | ---D | C] -- C:\WINDOWS\LastGood
[2010.10.05 21:25:54 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Christoph\Lokale Einstellungen\Anwendungsdaten\NVIDIA Corporation
[2010.10.05 20:55:53 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Research In Motion
[2010.10.05 20:03:00 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Christoph\Desktop\Soziale Netzwerke
[2010.10.03 12:33:11 | 000,944,856 | ---- | C] (cFos Software GmbH) -- C:\WINDOWS\System32\drivers\cfosspeed.sys
[2010.10.03 12:33:11 | 000,334,040 | ---- | C] (cFos Software GmbH) -- C:\WINDOWS\System32\cfosspeed.dll
[2010.10.03 12:33:11 | 000,000,000 | ---D | C] -- C:\Programme\cFosSpeed
[2010.10.03 12:14:11 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Christoph\Eigene Dateien\Meine Scans
[2010.09.29 19:08:21 | 000,000,000 | ---D | C] -- C:\Programme\QNAP
[2010.09.24 18:29:47 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Christoph\Eigene Dateien\BlackBerry
[2010.09.14 19:19:01 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\FLEXnet
[2010.09.14 17:16:23 | 000,000,000 | ---D | C] -- C:\Programme\Gemeinsame Dateien\Akamai
[5 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2019.09.14 19:07:21 | 000,001,782 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\AutoCAD 2011 - Deutsch.lnk
[2019.09.14 19:03:03 | 001,100,816 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2019.09.14 19:03:03 | 000,487,054 | ---- | M] () -- C:\WINDOWS\System32\perfh007.dat
[2019.09.14 19:03:03 | 000,465,010 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2019.09.14 19:03:03 | 000,096,802 | ---- | M] () -- C:\WINDOWS\System32\perfc007.dat
[2019.09.14 19:03:03 | 000,081,576 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2015.01.23 17:52:09 | 000,000,282 | -H-- | M] () -- C:\WINDOWS\tasks\Microsoft_Hardware_Launch_IPoint_exe.job
[2015.01.23 17:51:55 | 000,716,272 | ---- | M] () -- C:\WINDOWS\System32\drivers\sptd.sys
[2010.10.06 22:16:34 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010.10.06 17:32:36 | 004,194,304 | ---- | M] () -- C:\Dokumente und Einstellungen\Christoph\ntuser.dat
[2010.10.06 15:59:21 | 000,039,936 | ---- | M] () -- C:\Dokumente und Einstellungen\Christoph\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.10.05 21:47:32 | 000,233,884 | ---- | M] () -- C:\WINDOWS\System32\nvdrsdb1.bin
[2010.10.05 21:47:32 | 000,233,884 | ---- | M] () -- C:\WINDOWS\System32\nvdrsdb0.bin
[2010.10.05 21:47:32 | 000,000,001 | ---- | M] () -- C:\WINDOWS\System32\nvdrssel.bin
[2010.10.05 21:39:11 | 000,000,114 | ---- | M] () -- C:\WINDOWS\System32\nvUnsupRes.dat
[2010.10.05 21:12:46 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010.10.05 21:12:42 | 2145,964,032 | -HS- | M] () -- C:\hiberfil.sys
[2010.10.05 21:10:46 | 000,176,132 | ---- | M] () -- C:\WINDOWS\System32\nvdb02.adghz
[2010.10.05 21:04:52 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010.10.05 19:40:05 | 000,000,069 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2010.10.05 19:39:59 | 000,000,316 | ---- | M] () -- C:\WINDOWS\WINCMD.INI
[2010.10.05 18:25:32 | 000,043,163 | ---- | M] () -- C:\Dokumente und Einstellungen\Christoph\Desktop\45651_146765595345440_100000360003812_309849_6367129_n.jpg
[2010.10.04 19:01:17 | 000,000,042 | ---- | M] () -- C:\Dokumente und Einstellungen\Christoph\default.pls
[2010.10.03 17:52:42 | 000,241,830 | ---- | M] () -- C:\Dokumente und Einstellungen\Christoph\Desktop\olol_06.bmp
[2010.10.03 16:47:46 | 001,168,794 | ---- | M] () -- C:\Dokumente und Einstellungen\Christoph\Desktop\ritter.bmp
[2010.10.03 15:47:06 | 003,932,214 | ---- | M] () -- C:\Dokumente und Einstellungen\Christoph\Desktop\WTF.bmp
[2010.10.03 12:34:24 | 000,000,686 | ---- | M] () -- C:\Dokumente und Einstellungen\Christoph\Desktop\cFos Traffic Shaping.lnk
[2010.10.03 12:33:15 | 000,001,592 | ---- | M] () -- C:\Dokumente und Einstellungen\Christoph\Desktop\cFosSpeed Features.lnk
[2010.10.03 12:11:53 | 000,001,607 | ---- | M] () -- C:\Dokumente und Einstellungen\Christoph\Desktop\Dienste.lnk
[2010.10.03 10:30:43 | 000,000,186 | ---- | M] () -- C:\Dokumente und Einstellungen\Christoph\Desktop\USB.lnk
[2010.09.30 19:56:22 | 000,000,861 | ---- | M] () -- C:\WINDOWS\win.ini
[2010.09.30 19:49:16 | 000,694,074 | ---- | M] () -- C:\Dokumente und Einstellungen\Christoph\Desktop\olol_05.bmp
[2010.09.30 19:31:01 | 001,581,882 | ---- | M] () -- C:\Dokumente und Einstellungen\Christoph\Desktop\olol_04.bmp
[2010.09.30 19:18:47 | 001,072,854 | ---- | M] () -- C:\Dokumente und Einstellungen\Christoph\Desktop\olol_03.bmp
[2010.09.30 18:47:05 | 000,304,186 | ---- | M] () -- C:\Dokumente und Einstellungen\Christoph\Desktop\olol_02.bmp
[2010.09.30 18:46:47 | 000,304,160 | ---- | M] () -- C:\StiImg.dat
[2010.09.30 18:32:05 | 000,304,186 | ---- | M] () -- C:\Dokumente und Einstellungen\Christoph\Desktop\olol_01.bmp
[2010.09.30 16:22:58 | 000,001,324 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2010.09.25 19:27:52 | 001,700,864 | ---- | M] (Kai Pautsch) -- C:\Dokumente und Einstellungen\Christoph\Desktop\Wuerfel_v2-0_x86.exe
[2010.09.24 18:18:33 | 000,000,256 | ---- | M] () -- C:\WINDOWS\System32\pool.bin
[2010.09.22 16:34:12 | 000,944,856 | ---- | M] (cFos Software GmbH) -- C:\WINDOWS\System32\drivers\cfosspeed.sys
[2010.09.22 16:34:08 | 000,334,040 | ---- | M] (cFos Software GmbH) -- C:\WINDOWS\System32\cfosspeed.dll
[2010.09.18 22:42:41 | 000,000,739 | ---- | M] () -- C:\Dokumente und Einstellungen\Christoph\Desktop\Filme.lnk
[2010.09.14 19:35:26 | 000,000,206 | -H-- | M] () -- C:\Dokumente und Einstellungen\Christoph\Eigene Dateien\Zeichnung1.dwl2
[2010.09.14 19:35:26 | 000,000,056 | -H-- | M] () -- C:\Dokumente und Einstellungen\Christoph\Eigene Dateien\Zeichnung1.dwl
[2010.09.14 19:16:50 | 000,121,200 | ---- | M] () -- C:\Dokumente und Einstellungen\Christoph\Lokale Einstellungen\Anwendungsdaten\GDIPFONTCACHEV1.DAT
[2010.09.14 19:16:12 | 000,412,672 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010.09.14 17:08:03 | 000,001,503 | ---- | M] () -- C:\Dokumente und Einstellungen\Christoph\Desktop\DivX Movies.lnk
[2010.09.14 17:07:53 | 000,000,778 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\DivX Plus Player.lnk
[2010.09.10 22:20:42 | 000,179,698 | ---- | M] () -- C:\Dokumente und Einstellungen\Christoph\Eigene Dateien\ts3_clientui-win32-11937-2010-09-10 22_20_41.031250.dmp
[2010.09.09 16:23:57 | 000,026,624 | ---- | M] () -- C:\Dokumente und Einstellungen\Christoph\Eigene Dateien\Endoskopie Zanhräder.doc
[5 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
========== Files Created - No Company Name ==========
[2019.09.14 19:07:21 | 000,001,782 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\AutoCAD 2011 - Deutsch.lnk
[2015.01.23 17:51:55 | 000,716,272 | ---- | C] () -- C:\WINDOWS\System32\drivers\sptd.sys
[2010.10.05 21:38:16 | 000,000,114 | ---- | C] () -- C:\WINDOWS\System32\nvUnsupRes.dat
[2010.10.05 18:25:31 | 000,043,163 | ---- | C] () -- C:\Dokumente und Einstellungen\Christoph\Desktop\45651_146765595345440_100000360003812_309849_6367129_n.jpg
[2010.10.03 17:52:42 | 000,241,830 | ---- | C] () -- C:\Dokumente und Einstellungen\Christoph\Desktop\olol_06.bmp
[2010.10.03 16:47:46 | 001,168,794 | ---- | C] () -- C:\Dokumente und Einstellungen\Christoph\Desktop\ritter.bmp
[2010.10.03 15:47:06 | 003,932,214 | ---- | C] () -- C:\Dokumente und Einstellungen\Christoph\Desktop\WTF.bmp
[2010.10.03 12:34:24 | 000,000,686 | ---- | C] () -- C:\Dokumente und Einstellungen\Christoph\Desktop\cFos Traffic Shaping.lnk
[2010.10.03 12:33:15 | 000,001,592 | ---- | C] () -- C:\Dokumente und Einstellungen\Christoph\Desktop\cFosSpeed Features.lnk
[2010.10.03 12:11:53 | 000,001,607 | ---- | C] () -- C:\Dokumente und Einstellungen\Christoph\Desktop\Dienste.lnk
[2010.10.03 10:30:17 | 000,000,186 | ---- | C] () -- C:\Dokumente und Einstellungen\Christoph\Desktop\USB.lnk
[2010.09.30 19:49:16 | 000,694,074 | ---- | C] () -- C:\Dokumente und Einstellungen\Christoph\Desktop\olol_05.bmp
[2010.09.30 19:31:00 | 001,581,882 | ---- | C] () -- C:\Dokumente und Einstellungen\Christoph\Desktop\olol_04.bmp
[2010.09.30 19:18:47 | 001,072,854 | ---- | C] () -- C:\Dokumente und Einstellungen\Christoph\Desktop\olol_03.bmp
[2010.09.30 18:47:05 | 000,304,186 | ---- | C] () -- C:\Dokumente und Einstellungen\Christoph\Desktop\olol_02.bmp
[2010.09.30 18:32:05 | 000,304,186 | ---- | C] () -- C:\Dokumente und Einstellungen\Christoph\Desktop\olol_01.bmp
[2010.09.30 18:31:28 | 000,304,160 | ---- | C] () -- C:\StiImg.dat
[2010.09.24 18:29:20 | 000,000,154 | ---- | C] () -- C:\Dokumente und Einstellungen\Christoph\Anwendungsdaten\Rim.Desktop.Exception.log
[2010.09.24 18:23:01 | 000,000,755 | ---- | C] () -- C:\Dokumente und Einstellungen\Christoph\Anwendungsdaten\Rim.Desktop.HttpServerSetup.log
[2010.09.18 22:42:41 | 000,000,739 | ---- | C] () -- C:\Dokumente und Einstellungen\Christoph\Desktop\Filme.lnk
[2010.09.17 15:59:39 | 001,321,600 | ---- | C] () -- C:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\Anwendungsdaten\FontCache3.0.0.0.dat
[2010.09.14 19:35:26 | 000,000,206 | -H-- | C] () -- C:\Dokumente und Einstellungen\Christoph\Eigene Dateien\Zeichnung1.dwl2
[2010.09.14 19:35:26 | 000,000,056 | -H-- | C] () -- C:\Dokumente und Einstellungen\Christoph\Eigene Dateien\Zeichnung1.dwl
[2010.09.10 22:20:41 | 000,179,698 | ---- | C] () -- C:\Dokumente und Einstellungen\Christoph\Eigene Dateien\ts3_clientui-win32-11937-2010-09-10 22_20_41.031250.dmp
[2010.09.09 16:23:57 | 000,026,624 | ---- | C] () -- C:\Dokumente und Einstellungen\Christoph\Eigene Dateien\Endoskopie Zanhräder.doc
[2010.07.22 18:27:02 | 000,021,840 | ---- | C] () -- C:\WINDOWS\System32\SIntfNT.dll
[2010.07.22 18:27:02 | 000,017,212 | ---- | C] () -- C:\WINDOWS\System32\SIntf32.dll
[2010.07.22 18:27:02 | 000,012,067 | ---- | C] () -- C:\WINDOWS\System32\SIntf16.dll
[2010.05.16 12:22:42 | 000,027,648 | ---- | C] () -- C:\WINDOWS\System32\AVSredirect.dll
[2010.01.31 16:11:22 | 000,271,360 | ---- | C] () -- C:\WINDOWS\System32\drivers\atksgt.sys
[2010.01.31 16:10:59 | 000,018,048 | ---- | C] () -- C:\WINDOWS\System32\drivers\lirsgt.sys
[2010.01.23 18:32:03 | 000,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2010.01.23 18:11:50 | 000,000,316 | ---- | C] () -- C:\WINDOWS\WINCMD.INI
[2010.01.23 14:49:08 | 000,000,236 | ---- | C] () -- C:\Programme\Gemeinsame Dateien\dx.reg
[2010.01.23 14:49:07 | 001,029,126 | ---- | C] () -- C:\WINDOWS\System32\d3d10.dll
[2010.01.23 14:49:07 | 000,874,502 | ---- | C] () -- C:\WINDOWS\System32\kernel32new.dll
[2010.01.23 14:49:07 | 000,681,478 | ---- | C] () -- C:\WINDOWS\System32\msvcrtnew.dll
[2010.01.23 14:49:07 | 000,187,398 | ---- | C] () -- C:\WINDOWS\System32\d3d10core.dll
[2008.08.22 22:14:44 | 000,039,936 | ---- | C] () -- C:\Dokumente und Einstellungen\Christoph\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008.08.22 11:22:21 | 000,000,142 | ---- | C] () -- C:\Dokumente und Einstellungen\Christoph\Lokale Einstellungen\Anwendungsdaten\fusioncache.dat
[2008.08.22 08:45:45 | 000,001,995 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\hpzinstall.log
[2008.08.21 14:30:12 | 000,000,400 | R--- | C] () -- C:\WINDOWS\System32\raidmgmt.ini
[2008.08.21 14:30:11 | 000,000,804 | R--- | C] () -- C:\WINDOWS\System32\AsusSetup.ini
[2008.08.21 14:29:51 | 000,026,124 | ---- | C] () -- C:\WINDOWS\Ascd_tmp.ini
[2008.08.21 14:29:51 | 000,005,810 | R--- | C] () -- C:\WINDOWS\System32\drivers\ASACPI.sys
[2008.08.21 14:29:41 | 000,010,288 | ---- | C] () -- C:\WINDOWS\System32\drivers\ASUSHWIO.SYS
[2007.06.28 18:43:00 | 000,286,720 | ---- | C] () -- C:\WINDOWS\System32\nvnt4cpl.dll
[2005.12.30 20:18:26 | 000,180,224 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2005.12.30 20:10:30 | 000,761,856 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2005.02.24 13:29:14 | 000,162,176 | ---- | C] () -- C:\WINDOWS\System32\drivers\PFC027.sys
[2005.01.25 16:15:42 | 000,010,240 | ---- | C] () -- C:\WINDOWS\System32\PA207USD.DLL
[2004.08.10 14:00:00 | 000,014,336 | ---- | C] () -- C:\WINDOWS\System32\msdmo(3).dll
[2004.08.10 14:00:00 | 000,014,336 | ---- | C] () -- C:\WINDOWS\System32\msdmo(2).dll
========== LOP Check ==========
[2010.09.14 19:24:19 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Autodesk
[2010.10.05 20:55:53 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Research In Motion
[2010.01.29 14:08:50 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Ubisoft
[2010.05.15 16:37:54 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2010.01.23 18:22:37 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\{755AC846-7372-4AC8-8550-C52491DAA8BD}
[2010.01.23 14:27:38 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}
[2010.07.19 10:36:49 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Christoph\Anwendungsdaten\Acreon
[2010.09.14 20:18:46 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Christoph\Anwendungsdaten\Autodesk
[2010.01.23 20:33:26 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Christoph\Anwendungsdaten\DVRemote
[2010.05.16 10:45:55 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Christoph\Anwendungsdaten\GetRightToGo
[2010.09.24 18:29:36 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Christoph\Anwendungsdaten\Research In Motion
[2010.10.01 20:08:52 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Christoph\Anwendungsdaten\TS3Client
[2010.01.29 14:09:30 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Christoph\Anwendungsdaten\Ubisoft
========== Purity Check ==========
========== Custom Scans ==========
< %ALLUSERSPROFILE%\Application Data\*. >
[2010.01.31 17:24:16 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Application Data\Microsoft
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
< %APPDATA%\*. >
[2010.07.19 10:36:49 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Christoph\Anwendungsdaten\Acreon
[2010.01.23 16:56:58 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Christoph\Anwendungsdaten\Adobe
[2010.07.01 18:15:24 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Christoph\Anwendungsdaten\AdobeUM
[2010.06.01 18:07:14 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Christoph\Anwendungsdaten\Ahead
[2010.01.23 18:23:45 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Christoph\Anwendungsdaten\Apple Computer
[2010.09.14 20:18:46 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Christoph\Anwendungsdaten\Autodesk
[2010.08.16 21:37:11 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Christoph\Anwendungsdaten\DivX
[2010.07.02 18:57:59 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Christoph\Anwendungsdaten\dvdcss
[2010.01.23 20:33:26 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Christoph\Anwendungsdaten\DVRemote
[2010.05.16 10:45:55 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Christoph\Anwendungsdaten\GetRightToGo
[2010.05.29 18:38:40 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Christoph\Anwendungsdaten\Help
[2008.08.22 08:56:22 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Christoph\Anwendungsdaten\HP
[2010.05.15 16:46:54 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Christoph\Anwendungsdaten\HPAppData
[2008.08.21 14:15:06 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Christoph\Anwendungsdaten\Identities
[2010.01.24 11:12:02 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Christoph\Anwendungsdaten\InstallShield
[2008.08.22 09:02:28 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Christoph\Anwendungsdaten\Macromedia
[2010.10.02 21:01:41 | 000,000,000 | --SD | M] -- C:\Dokumente und Einstellungen\Christoph\Anwendungsdaten\Microsoft
[2010.01.23 14:21:24 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Christoph\Anwendungsdaten\Mozilla
[2010.08.07 16:57:23 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Christoph\Anwendungsdaten\NVIDIA
[2010.09.24 18:29:36 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Christoph\Anwendungsdaten\Research In Motion
[2010.07.03 17:40:43 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Christoph\Anwendungsdaten\Roxio
[2010.10.07 16:23:12 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Christoph\Anwendungsdaten\Skype
[2010.10.07 16:20:56 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Christoph\Anwendungsdaten\skypePM
[2008.08.22 22:13:59 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Christoph\Anwendungsdaten\Symantec
[2010.10.01 20:08:52 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Christoph\Anwendungsdaten\TS3Client
[2010.01.29 14:09:30 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Christoph\Anwendungsdaten\Ubisoft
[2010.01.23 14:26:13 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Christoph\Anwendungsdaten\vlc
< %APPDATA%\*.exe /s >
[2010.07.19 10:36:56 | 000,272,384 | ---- | M] () -- C:\Dokumente und Einstellungen\Christoph\Anwendungsdaten\Acreon\WowMatrix\Modules\curl.exe
[2010.01.23 14:25:02 | 000,001,078 | R--- | M] () -- C:\Dokumente und Einstellungen\Christoph\Anwendungsdaten\Microsoft\Installer\{0F9196C6-58B4-445B-B56E-B1200FECC151}\_18be6784.exe
[2010.01.23 14:25:02 | 000,001,078 | R--- | M] () -- C:\Dokumente und Einstellungen\Christoph\Anwendungsdaten\Microsoft\Installer\{0F9196C6-58B4-445B-B56E-B1200FECC151}\_294823.exe
[2010.01.23 14:25:02 | 000,001,078 | R--- | M] () -- C:\Dokumente und Einstellungen\Christoph\Anwendungsdaten\Microsoft\Installer\{0F9196C6-58B4-445B-B56E-B1200FECC151}\_2cd672ae.exe
[2010.01.23 14:25:02 | 000,001,078 | R--- | M] () -- C:\Dokumente und Einstellungen\Christoph\Anwendungsdaten\Microsoft\Installer\{0F9196C6-58B4-445B-B56E-B1200FECC151}\_4ae13d6c.exe
< %SYSTEMDRIVE%\*.exe >
[2007.11.07 08:03:18 | 000,562,688 | ---- | M] (Microsoft Corporation) -- C:\install.exe
< MD5 for: AGP440.SYS >
[2004.08.10 14:00:00 | 017,006,491 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:AGP440.sys
[2008.04.14 08:03:54 | 020,108,202 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:AGP440.sys
[2008.04.14 08:03:54 | 020,108,202 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:AGP440.sys
[2008.04.14 00:06:40 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\ServicePackFiles\i386\agp440.sys
[2008.04.14 00:06:40 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\system32\drivers\agp440.sys
< MD5 for: ATAPI.SYS >
[2004.08.10 14:00:00 | 017,006,491 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2008.04.14 08:03:54 | 020,108,202 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2008.04.14 08:03:54 | 020,108,202 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:atapi.sys
[2008.04.14 00:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys
[2008.04.14 00:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys
[2004.08.10 14:00:00 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\$NtServicePackUninstall$\atapi.sys
[2004.08.10 14:00:00 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\ReinstallBackups\0001\DriverFiles\i386\atapi.sys
< MD5 for: EVENTLOG.DLL >
[2008.04.14 07:52:12 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=04955AA695448C181B367D964AF158AA -- C:\WINDOWS\ServicePackFiles\i386\eventlog.dll
[2008.04.14 07:52:12 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=04955AA695448C181B367D964AF158AA -- C:\WINDOWS\system32\eventlog.dll
[2004.08.10 14:00:00 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=B932C077D5A65B71B4512544AC404CB4 -- C:\WINDOWS\$NtServicePackUninstall$\eventlog.dll
< MD5 for: EXPLORER.EXE >
[2004.08.10 14:00:00 | 001,035,264 | ---- | M] (Microsoft Corporation) MD5=22FE1BE02EADDE1632E478E4125639E0 -- C:\WINDOWS\$NtServicePackUninstall$\explorer.exe
[2008.04.14 07:52:46 | 001,036,800 | ---- | M] (Microsoft Corporation) MD5=418045A93CD87A352098AB7DABE1B53E -- C:\WINDOWS\explorer.exe
[2008.04.14 07:52:46 | 001,036,800 | ---- | M] (Microsoft Corporation) MD5=418045A93CD87A352098AB7DABE1B53E -- C:\WINDOWS\ServicePackFiles\i386\explorer.exe
< MD5 for: NETLOGON.DLL >
[2008.04.14 07:52:20 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=0098D35F91DEAB9C127360A877F2CF84 -- C:\WINDOWS\ServicePackFiles\i386\netlogon.dll
[2008.04.14 07:52:20 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=0098D35F91DEAB9C127360A877F2CF84 -- C:\WINDOWS\system32\netlogon.dll
[2004.08.10 14:00:00 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=D27395EDCD3416AFD125A9370DCB585C -- C:\WINDOWS\$NtServicePackUninstall$\netlogon.dll
< MD5 for: NVATA.SYS >
[2006.09.21 09:39:16 | 000,105,344 | R--- | M] (NVIDIA Corporation) MD5=DC1F9954B5EDDD147AF7E5C420BE7B93 -- C:\WINDOWS\system32\drivers\nvata.sys
< MD5 for: SCECLI.DLL >
[2008.04.14 07:52:24 | 000,187,904 | ---- | M] (Microsoft Corporation) MD5=5132443DF6FC3771A17AB4AE55DCBC28 -- C:\WINDOWS\ServicePackFiles\i386\scecli.dll
[2008.04.14 07:52:24 | 000,187,904 | ---- | M] (Microsoft Corporation) MD5=5132443DF6FC3771A17AB4AE55DCBC28 -- C:\WINDOWS\system32\scecli.dll
[2004.08.10 14:00:00 | 000,186,880 | ---- | M] (Microsoft Corporation) MD5=64DC26B3CF7BCCAD431CE360A4C625D5 -- C:\WINDOWS\$NtServicePackUninstall$\scecli.dll
< MD5 for: USER32.DLL >
[2004.08.10 14:00:00 | 000,578,560 | ---- | M] (Microsoft Corporation) MD5=56785FD5236D7B22CF471A6DA9DB46D8 -- C:\WINDOWS\$NtServicePackUninstall$\user32.dll
[2008.04.14 07:52:32 | 000,580,096 | ---- | M] (Microsoft Corporation) MD5=B0050CC5340E3A0760DD8B417FF7AEBD -- C:\WINDOWS\ServicePackFiles\i386\user32.dll
[2008.04.14 07:52:32 | 000,580,096 | ---- | M] (Microsoft Corporation) MD5=B0050CC5340E3A0760DD8B417FF7AEBD -- C:\WINDOWS\system32\user32.dll
< MD5 for: USERINIT.EXE >
[2008.04.14 07:53:04 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=788F95312E26389D596C0FA55834E106 -- C:\WINDOWS\ServicePackFiles\i386\userinit.exe
[2008.04.14 07:53:04 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=788F95312E26389D596C0FA55834E106 -- C:\WINDOWS\system32\userinit.exe
[2004.08.10 14:00:00 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=D1E53DC57143F2584B1DD53B036C0633 -- C:\WINDOWS\$NtServicePackUninstall$\userinit.exe
< MD5 for: WINLOGON.EXE >
[2004.08.10 14:00:00 | 000,507,392 | ---- | M] (Microsoft Corporation) MD5=2B6A0BAF33A9918F09442D873848FF72 -- C:\WINDOWS\$NtServicePackUninstall$\winlogon.exe
[2008.04.14 07:53:06 | 000,513,024 | ---- | M] (Microsoft Corporation) MD5=F09A527B422E25C478E38CAA0E44417A -- C:\WINDOWS\ServicePackFiles\i386\winlogon.exe
[2008.04.14 07:53:06 | 000,513,024 | ---- | M] (Microsoft Corporation) MD5=F09A527B422E25C478E38CAA0E44417A -- C:\WINDOWS\system32\winlogon.exe
< MD5 for: WS2IFSL.SYS >
[2004.08.10 14:00:00 | 000,012,032 | ---- | M] (Microsoft Corporation) MD5=6ABE6E225ADB5A751622A9CC3BC19CE8 -- C:\WINDOWS\system32\dllcache\ws2ifsl.sys
[2004.08.10 14:00:00 | 000,012,032 | ---- | M] (Microsoft Corporation) MD5=6ABE6E225ADB5A751622A9CC3BC19CE8 -- C:\WINDOWS\system32\drivers\ws2ifsl.sys
< %systemroot%\system32\drivers\*.sys /lockedfiles >
[2015.01.23 17:51:55 | 000,716,272 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\sptd.sys
< %systemroot%\System32\config\*.sav >
[2008.08.21 15:57:41 | 000,094,208 | ---- | M] () -- C:\WINDOWS\system32\config\default.sav
[2008.08.21 15:57:41 | 000,663,552 | ---- | M] () -- C:\WINDOWS\system32\config\software.sav
[2008.08.21 15:57:41 | 000,475,136 | ---- | M] () -- C:\WINDOWS\system32\config\system.sav
< %systemroot%\*. /mp /s >
< %systemroot%\system32\*.dll /lockedfiles >
[2008.04.14 07:52:10 | 001,267,200 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\comsvcs.dll
[2008.04.14 07:52:20 | 001,384,479 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\msvbvm60.dll
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]
< End of report > --- --- ---
Extras:OTL Logfile: Code:
OTL Extras logfile created on: 07.10.2010 16:24:16 - Run 1
OTL by OldTimer - Version 3.2.14.1 Folder = G:\AAAA_Downloads
Windows XP Media Center Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000C07 | Country: Österreich | Language: DEA | Date Format: dd.MM.yyyy
2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 66,00% Memory free
4,00 Gb Paging File | 3,00 Gb Available in Paging File | 81,00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 116,44 Gb Total Space | 85,06 Gb Free Space | 73,05% Space Free | Partition Type: NTFS
Drive D: | 58,22 Gb Total Space | 53,79 Gb Free Space | 92,40% Space Free | Partition Type: NTFS
Drive E: | 58,22 Gb Total Space | 54,97 Gb Free Space | 94,43% Space Free | Partition Type: NTFS
F: Drive not present or media not loaded
Drive G: | 232,88 Gb Total Space | 64,30 Gb Free Space | 27,61% Space Free | Partition Type: NTFS
Drive H: | 116,50 Gb Total Space | 48,97 Gb Free Space | 42,03% Space Free | Partition Type: NTFS
Drive I: | 116,39 Gb Total Space | 20,72 Gb Free Space | 17,80% Space Free | Partition Type: NTFS
Computer Name: APEVIA
Current User Name: Christoph
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
[HKEY_USERS\S-1-5-21-1644491937-839522115-747465256-1003\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Programme\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
htmlfile [edit] -- "C:\Programme\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Programme\Microsoft Office\Office12\msohtmed.exe" /p %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Programme\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~1\MICROS~3\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Programme\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring" = 1
"" =
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002
"4481:TCP" = 4481:TCP:LocalSubNet:Enabled:BlackBerry Desktop Software music sync service data transfer
"4481:UDP" = 4481:UDP:LocalSubNet:Enabled:BlackBerry Desktop Software music sync service discovery
"4482:TCP" = 4482:TCP:LocalSubNet:Enabled:BlackBerry Desktop Software music sync service data transfer
"4482:UDP" = 4482:UDP:LocalSubNet:Enabled:BlackBerry Desktop Software music sync service discovery
"1876:TCP" = 1876:TCP:*:Enabled:Akamai NetSession Interface
"5000:UDP" = 5000:UDP:*:Enabled:Akamai NetSession Interface
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Programme\Microsoft Office\Office12\OUTLOOK.EXE" = C:\Programme\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook -- (Microsoft Corporation)
"C:\Programme\Microsoft Office\Office12\ONENOTE.EXE" = C:\Programme\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote -- (Microsoft Corporation)
"E:\Assassin's Creed\AssassinsCreed_Dx9.exe" = E:\Assassin's Creed\AssassinsCreed_Dx9.exe:*:Enabled:Assassin's Creed Dx9 -- File not found
"E:\Assassin's Creed\AssassinsCreed_Dx10.exe" = E:\Assassin's Creed\AssassinsCreed_Dx10.exe:*:Enabled:Assassin's Creed Dx10 -- File not found
"E:\Assassin's Creed\AssassinsCreed_Launcher.exe" = E:\Assassin's Creed\AssassinsCreed_Launcher.exe:*:Enabled:Assassin's Creed Update -- File not found
"F:\setup\HPZNUI01.EXE" = F:\setup\HPZNUI01.EXE:*:Enabled:hpznui01.exe -- File not found
"C:\Programme\HP\Digital Imaging\bin\hpofxm08.exe" = C:\Programme\HP\Digital Imaging\bin\hpofxm08.exe:*:Enabled:hpofxm08.exe -- (Hewlett-Packard Co.)
"C:\Programme\HP\Digital Imaging\bin\hposfx08.exe" = C:\Programme\HP\Digital Imaging\bin\hposfx08.exe:*:Enabled:hposfx08.exe -- (Hewlett-Packard Co.)
"C:\Programme\HP\Digital Imaging\bin\hposid01.exe" = C:\Programme\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe -- (Hewlett-Packard Co.)
"C:\Programme\HP\Digital Imaging\bin\hpzwiz01.exe" = C:\Programme\HP\Digital Imaging\bin\hpzwiz01.exe:*:Enabled:hpzwiz01.exe -- (Hewlett-Packard Co.)
"C:\Programme\HP\Digital Imaging\bin\hpoews01.exe" = C:\Programme\HP\Digital Imaging\bin\hpoews01.exe:*:Enabled:hpoews01.exe -- (Hewlett-Packard Co.)
"C:\Programme\iTunes\iTunes.exe" = C:\Programme\iTunes\iTunes.exe:*:Enabled:iTunes -- (Apple Inc.)
"C:\Programme\Research In Motion\BlackBerry Desktop\Rim.Desktop.exe" = C:\Programme\Research In Motion\BlackBerry Desktop\Rim.Desktop.exe:*:Enabled:BlackBerry Desktop Software -- File not found
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{001E7FB6-BB6B-4ED0-BEDC-B5404ED96D4E}" = DocProc
"{02B244A2-7F6A-42E8-A36F-8C385D7A1625}" = Gothic III
"{0F9196C6-58B4-445B-B56E-B1200FECC151}" = Microsoft Bootvis
"{10E1E87C-656C-4D08-86D6-5443D28583BE}" = TrayApp
"{13F00518-807A-4B3A-83B0-A7CD90F3A398}" = MarketResearch
"{1753255A-0AEB-4220-8C75-607B73F0C133}" = Copy
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{20535ABD-7D5E-472E-9077-6AF48480DD82}" = ASUS GameOSD Utility
"{22466889-7642-488d-AA0E-F619704CF7AB}" = DeviceDiscovery
"{28BE306E-5DA6-4F9C-BDB0-DBA3C8C6FFFD}" = QuickTime
"{29FA38B4-0AE4-4D0D-8A51-6165BB990BB0}" = WebReg
"{2E1A71D5-7897-4F3F-B0E3-B412C86A646D}" = Need for Speed™ ProStreet
"{2F28B3C9-2C89-4206-8B33-8ADC9577C49B}" = Scan
"{30C50520-1B5E-4FD1-A87B-444F86E21031}" = Nero 7 Premium
"{324CEC09-007A-48eb-90E0-9D42D4D5EB0A}" = NetDeviceManager
"{350C97B3-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{415CDA53-9100-476F-A7B2-476691E117C7}" = HP Smart Web Printing
"{44B2E182-DD85-45FC-9F51-326B81D7C7F1}" = Fax
"{487B0B9B-DCD4-440D-89A0-A6EDE1A545A3}" = HPSSupply
"{4D612FB2-1AE7-4E46-9377-35BB2F06A787}" = Roxio Media Manager
"{543E938C-BDC4-4933-A612-01293996845F}" = UnloadSupport
"{553255F3-78FD-40F1-A6F8-6882140265FE}" = Apple Application Support
"{5783F2D7-9001-0407-0002-0060B0CE6BBA}" = AutoCAD 2011 - Deutsch
"{5783F2D7-9001-0407-1002-0060B0CE6BBA}" = AutoCAD 2011 Language Pack - Deutsch
"{57B89E30-0BBA-4F20-9F2C-8E8CDE1CEDB6}" = DiRT
"{5ECB3A3C-980B-4D12-9724-25DCB07A1F47}" = iTunes
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{65A92AAA-3D05-4C94-9F70-731C05E60C16}" = NVIDIA System Update
"{66A9D30D-1464-4C7F-B2F3-507DADAF2595}" = Microsoft IntelliPoint 6.3
"{66E6CE0C-5A1E-430C-B40A-0C90FF1804A8}" = eSupportQFolder
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{6F5E2F4A-377D-4700-B0E3-8F7F7507EA15}" = CustomerResearchQFolder
"{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK
"{730837D4-FF5E-48DB-BA49-33E732DFF0B3}" = PanoStandAlone
"{7C7F30F4-94E7-4AA8-8941-90C4A80C68BF}" = NVIDIA Performance
"{824D3839-DAA1-4315-A822-7AE3E620E528}" = VideoToolkit01
"{8389382B-53BA-4A87-8854-91E3D80A5AC7}" = HP Photosmart Essential2.01
"{87E2B986-07E8-477a-93DC-AF0B6758B192}" = DocProcQFolder
"{8937FCB2-2FC6-4FC3-9FB5-DE2C92DB9C38}" = Microsoft .NET Framework 2.0 Language Pack - DEU
"{8A253629-0511-4854-8B4E-46E57E66005C}" = Bonjour
"{8A809006-C25A-4A3A-9DAB-94659BCDB107}" = NVIDIA PhysX
"{8CFA9151-6404-409A-AF22-4632D04582FD}" = Assassin's Creed
"{8EA4D12F-1571-4998-9BD1-D20C4A767D24}" = ASUS Utilities
"{90120000-0010-0407-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (German) 12
"{90120000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2007
"{90120000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0044-0407-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{90120000-00BA-0407-0000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2007
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{951B0F30-9F1A-4BF6-B3DA-99EB0E917B1C}" = FARO LS 1.1.406.58
"{981029E0-7FC9-4CF3-AB39-6F133621921A}" = Skype Toolbars
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9D8B0949-7C47-476F-9F06-F900D3B078EA}" = Kaspersky Internet Security 2010
"{9DE1BE03-AFE2-4CDB-BFEB-D06D736CD01A}" = Apple Mobile Device Support
"{9DEABCB6-B759-4D52-92F8-51B34A2B4D40}" = Autodesk Material Library 2011
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{AB40272D-92AB-4F30-B36B-22EDE16F8FE5}" = HP Update
"{AB5D51AE-EBC3-438D-872C-705C7C2084B0}" = DeviceManagementQFolder
"{AC76BA86-1033-F400-7760-000000000002}" = Adobe Acrobat 7.0 Professional - English, Français, Deutsch
"{AEA07F97-9088-497c-8821-0F36BD5DC251}" = HPProductAssistant
"{AF7FC1CA-79DF-43c3-90A3-33EFEB9294CE}" = AIO_Scan
"{AFAF626C-D2E6-455C-9A5A-ACDF049A6168}" = ASUS nVidia Driver
"{B0255743-165B-4BD5-8DA8-37DFB9930014}" = Norton Ghost
"{B7FB6B99-C93C-4818-825B-37EF4B64C80C}" = PS_AIO_02_Software
"{B8BF5CD8-B02D-48f9-96A9-7183F868D6EE}" = C6200_Help
"{BBF0A67B-5DBA-452F-9D2E-6F168BC226E4}" = Need for Speed™ SHIFT
"{BCD6CD1A-0DBE-412E-9F25-3B500D1E6BA1}" = SolutionCenter
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C14266F9-1464-4285-9094-043633EFC3B0}" = C6200
"{C4EE60C6-515F-4BAE-AB76-2D54DBC0875D}" = Trust WB-1200p Mini Webcam
"{CD1E078C-A6B9-47DA-B035-6365C85C7832}" = Autodesk Material Library 2011 Base Image library
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CE86E2F5-850C-4207-94A3-A58D647B1733}" = BlackBerry Desktop Software 5.0.1
"{D0E39A1D-0CEE-4D85-B4A2-E3BE990D075E}" = Destination Component
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.2
"{D25BDCF5-19F6-4d9e-B9C9-273FE81446C4}" = PS_AIO_02_ProductContext
"{D41EB7A7-1AAA-4282-AD6A-1FAC72BE55C5}" = C6200_doccd
"{D64BC2CF-0F12-47d7-B412-B4F3FD684253}" = HP Photosmart All-In-One Software 9.0
"{D9E52CD1-9DF1-4A8A-9BDC-1E5E53982F2B}" = Black & White® 2
"{E2662C24-B31E-4349-A084-32EB76E8B760}" = BufferChm
"{E9C18EBD-85BE-47D0-AA73-3FEDCC976B04}" = Toolbox
"{E9CFBE78-ED91-4FCF-9E6F-210E477E527D}" = NVIDIA System Monitor
"{EF0D2E55-6FE2-4e35-BE22-A742E85D84E3}" = PS_AIO_02_Software_min
"{F0A37341-D692-11D4-A984-009027EC0A9C}" = SoundMAX
"{F1E63043-54FC-429B-AB2C-31AF9FBA4BC7}" = 32 Bit HP CIO Components Installer
"{F535B2CF-C9BB-4162-B03A-02D6971F32CC}" = Microsoft Flight Simulator X
"{F72E2DDC-3DB8-4190-A21D-63883D955FE7}" = PSSWCORE
"{FD8D8B04-BEAD-4A55-AA1D-62D2373E7DEA}" = Status
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"Adobe Acrobat 7.0 Professional - EFG" = Adobe Acrobat 7.0 Professional - English, Français, Deutsch
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Akamai" = Akamai NetSession Interface
"Ashampoo WinOptimizer 2010 Advanced_is1" = Ashampoo WinOptimizer 2010 Advanced
"AutoCAD 2011 - Deutsch" = AutoCAD 2011 - Deutsch
"BlackBerry_{CE86E2F5-850C-4207-94A3-A58D647B1733}" = BlackBerry Desktop Software 5.0.1
"cFosSpeed" = cFosSpeed v6.02
"Diablo II" = Diablo II
"DirectX10 for Windows XP - Win2000, 2003,..._is1" = DirectX10 RC2 Pre Fix 3
"DivX Setup.divx.com" = DivX-Setup
"ENTERPRISE" = Microsoft Office Enterprise 2007
"EVEREST Home Edition_is1" = EVEREST Home Edition v2.20
"Fraps" = Fraps (remove only)
"HP Imaging Device Functions" = HP Imaging Device Functions 9.0
"HP Photosmart Essential" = HP Photosmart Essential 2.01
"HP Solution Center & Imaging Support Tools" = HP Solution Center 9.0
"HPExtendedCapabilities" = HP Customer Participation Program 9.0
"HPOCR" = HP OCR Software 9.0
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie7" = Windows Internet Explorer 7
"InstallShield_{65A92AAA-3D05-4C94-9F70-731C05E60C16}" = NVIDIA System Update
"InstallShield_{7C7F30F4-94E7-4AA8-8941-90C4A80C68BF}" = NVIDIA Performance
"InstallShield_{C4EE60C6-515F-4BAE-AB76-2D54DBC0875D}" = Trust WB-1200p Mini Webcam
"InstallShield_{E9CFBE78-ED91-4FCF-9E6F-210E477E527D}" = NVIDIA System Monitor
"InstallShield_{F535B2CF-C9BB-4162-B03A-02D6971F32CC}" = Microsoft Flight Simulator X
"InstallWIX_{9D8B0949-7C47-476F-9F06-F900D3B078EA}" = Kaspersky Internet Security 2010
"Microsoft .NET Framework 2.0 Language Pack - DEU" = Microsoft .NET Framework 2.0 Language Pack - DEU
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mozilla Firefox (3.6.10)" = Mozilla Firefox (3.6.10)
"Nero Sipps!UninstallKey" = Nero Sipps
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"NVIDIA Display Control Panel" = NVIDIA Display Control Panel
"NVIDIA Drivers" = NVIDIA Drivers
"NVIDIA nView Desktop Manager" = NVIDIA nView Desktop Manager
"QNAPSurveillanceStation" = QNAP Surveillance Station
"SUPER ©" = SUPER © Version 2010.bld.38 (May 2, 2010)
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"TrackMania_is1" = TrackMania
"Vista Rainbar 4.3" = Vista Rainbar 4.3
"VLC media player" = VLC media player 0.9.9
"Windows Media Format Runtime" = Windows Media Format Runtime
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinRAR archiver" = WinRAR Archivierer
"World of Warcraft" = World of Warcraft
"Xilisoft DVD Ripper Platinum 5" = Xilisoft DVD Ripper Platinum 5
"xvid" = XviD MPEG-4 Video Codec
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 03.10.2010 10:36:30 | Computer Name = APEVIA | Source = Microsoft Office 12 | ID = 1000
Description = Faulting application powerpnt.exe, version 12.0.4518.1014, stamp 45428035,
faulting module ppcore.dll, version 12.0.4518.1014, stamp 454281a3, debug? 0, fault
address 0x001af7b0.
Error - 05.10.2010 12:06:01 | Computer Name = APEVIA | Source = Application Error | ID = 1000
Description = Fehlgeschlagene Anwendung plugin-container.exe, Version 1.9.2.3909,
fehlgeschlagenes Modul ntdll.dll, Version 5.1.2600.5512, Fehleradresse 0x0000100b.
Error - 05.10.2010 12:14:15 | Computer Name = APEVIA | Source = Application Error | ID = 1000
Description = Fehlgeschlagene Anwendung fraps.exe, Version 3.2.2.11496, fehlgeschlagenes
Modul fraps.exe, Version 3.2.2.11496, Fehleradresse 0x000616f9.
Error - 05.10.2010 12:23:10 | Computer Name = APEVIA | Source = Application Error | ID = 1000
Description = Fehlgeschlagene Anwendung plugin-container.exe, Version 1.9.2.3909,
fehlgeschlagenes Modul ntdll.dll, Version 5.1.2600.5512, Fehleradresse 0x0000100b.
Error - 05.10.2010 14:55:30 | Computer Name = APEVIA | Source = MsiInstaller | ID = 11704
Description = Produkt: NVIDIA Performance -- Fehler 1704. Eine Installation von
BlackBerry Desktop Software 6.0 ist im Augenblick unterbrochen. Sie müssen die von
dieser Installation vorgenommenen Änderungen rückgängig machen, bevor Sie fortfahren
können. Möchten Sie diese Änderungen rückgängig machen?
Error - 05.10.2010 15:06:15 | Computer Name = APEVIA | Source = Media Center Scheduler | ID = 0
Description =
Error - 05.10.2010 15:14:16 | Computer Name = APEVIA | Source = Media Center Scheduler | ID = 0
Description =
Error - 06.10.2010 11:32:22 | Computer Name = APEVIA | Source = Microsoft Office 12 | ID = 1000
Description = Faulting application winword.exe, version 12.0.4518.1014, stamp 45428028,
faulting module hpz3r5ha.dll, version 61.71.244.0, stamp 45f91d42, debug? 0, fault
address 0x000467e8.
Error - 06.10.2010 11:32:26 | Computer Name = APEVIA | Source = Microsoft Office 12 | ID = 1000
Description = Faulting application powerpnt.exe, version 12.0.4518.1014, stamp 45428035,
faulting module ppcore.dll, version 12.0.4518.1014, stamp 454281a3, debug? 0, fault
address 0x001af7b0.
Error - 06.10.2010 16:21:07 | Computer Name = APEVIA | Source = Microsoft Office 12 | ID = 1000
Description = Faulting application powerpnt.exe, version 12.0.4518.1014, stamp 45428035,
faulting module ppcore.dll, version 12.0.4518.1014, stamp 454281a3, debug? 0, fault
address 0x001af7b0.
[ System Events ]
Error - 05.10.2010 15:02:21 | Computer Name = APEVIA | Source = DCOM | ID = 10005
Description = Bei DCOM ist der Fehler "%1058" aufgetreten, als der Dienst "wuauserv"
mit den Argumenten "" gestartet wurde, um den folgenden Server zu verwenden: {E60687F7-01A1-40AA-86AC-DB1CBF673334}
Error - 05.10.2010 15:05:46 | Computer Name = APEVIA | Source = Service Control Manager | ID = 7009
Description = Zeitüberschreitung (30000 ms) beim Verbindungsversuch mit Dienst Roxio
Hard Drive Watcher 9.
Error - 05.10.2010 15:13:44 | Computer Name = APEVIA | Source = Service Control Manager | ID = 7009
Description = Zeitüberschreitung (30000 ms) beim Verbindungsversuch mit Dienst Roxio
Hard Drive Watcher 9.
Error - 06.10.2010 09:57:07 | Computer Name = APEVIA | Source = Dhcp | ID = 1000
Description = Die Lease dieses Computers zu der IP-Adresse 10.0.0.4 über die Netzwerkkarte
mit der Netzwerkadresse 001D60EE3039 ist verloren gegangen.
Error - 06.10.2010 09:57:22 | Computer Name = APEVIA | Source = atapi | ID = 262153
Description = Das Gerät \Device\Ide\IdePort0 hat innerhalb der Fehlerwartezeit nicht
geantwortet.
Error - 06.10.2010 11:15:27 | Computer Name = APEVIA | Source = atapi | ID = 262153
Description = Das Gerät \Device\Ide\IdePort0 hat innerhalb der Fehlerwartezeit nicht
geantwortet.
Error - 06.10.2010 11:15:40 | Computer Name = APEVIA | Source = Service Control Manager | ID = 7034
Description = Dienst "HTTP-SSL" wurde unerwartet beendet. Dies ist bereits 1 Mal
passiert.
Error - 06.10.2010 15:36:10 | Computer Name = APEVIA | Source = atapi | ID = 262153
Description = Das Gerät \Device\Ide\IdePort0 hat innerhalb der Fehlerwartezeit nicht
geantwortet.
Error - 07.10.2010 10:21:14 | Computer Name = APEVIA | Source = atapi | ID = 262153
Description = Das Gerät \Device\Ide\IdePort0 hat innerhalb der Fehlerwartezeit nicht
geantwortet.
Error - 07.10.2010 10:21:34 | Computer Name = APEVIA | Source = Service Control Manager | ID = 7011
Description = Zeitüberschreitung (30000 ms) beim Warten auf eine Transaktionsrückmeldung
von Dienst stisvc.
< End of report > --- --- ---
ps: was macht eig dieses prog? |