Hallo Arne,
super vielen Dank für euren tollen Dienst hier!
Hoffe, ich habe soweit alles befolgt:
nachstehend der Vollscan mit Malwarebytes von heute (aktualisiert). Danach dann die OTL Logfiles. Würde mich sehr freuen zu hören, ob und wie es weiter gehen kann!!!! Danke Euch
Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org
Datenbank Version: 5150
Windows 5.1.2600 Service Pack 2
Internet Explorer 8.0.6001.18702
19.11.2010 17:08:32
mbam-log-2010-11-19 (17-08-32).txt
Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|E:\|)
Durchsuchte Objekte: 251462
Laufzeit: 1 Stunde(n), 7 Minute(n), 19 Sekunde(n)
Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 0
Infizierte Registrierungswerte: 0
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 0
Infizierte Dateien: 1
Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)
Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)
Infizierte Registrierungsschlüssel:
(Keine bösartigen Objekte gefunden)
Infizierte Registrierungswerte:
(Keine bösartigen Objekte gefunden)
Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)
Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)
Infizierte Dateien:
C:\System Volume Information\_restore{24289D6B-06F0-4CA6-9916-0832760BBC54}\RP764\A0082731.exe (Adware.ADON) -> Quarantined and deleted successfully. OTLOTL Logfile: Code:
OTL Extras logfile created on: 19.11.2010 17:20:27 - Run 1
OTL by OldTimer - Version 3.2.17.3 Folder = C:\Dokumente und Einstellungen\Mustermann\Desktop
Windows XP Home Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
511,00 Mb Total Physical Memory | 46,00 Mb Available Physical Memory | 9,00% Memory free
1,00 Gb Paging File | 1,00 Gb Available in Paging File | 44,00% Paging File free
Paging file location(s): C:\pagefile.sys 768 1536 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 125,46 Gb Total Space | 31,72 Gb Free Space | 25,28% Space Free | Partition Type: NTFS
Drive D: | 97,65 Gb Total Space | 6,52 Gb Free Space | 6,68% Space Free | Partition Type: NTFS
Drive E: | 9,76 Gb Total Space | 9,76 Gb Free Space | 100,00% Space Free | Partition Type: FAT32
Drive I: | 1,83 Gb Total Space | 1,83 Gb Free Space | 100,00% Space Free | Partition Type: FAT
Computer Name: NAME-4E62F3A7F1 | User Name: Mustermann| Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [dm Fotowelt] -- "C:\Programme\dm\dm Fotowelt\dm Fotowelt.exe" "%1" ()
Directory [dm Fotowelt.exe] -- "C:\Programme\dm\dm Fotowelt\dm Fotowelt.exe" "%1" ()
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 1
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"10243:TCP" = 10243:TCP:LocalSubNet:Enabled:Windows Media Player-Netzwerkfreigabedienst
"10280:UDP" = 10280:UDP:LocalSubNet:Enabled:Windows Media Player-Netzwerkfreigabedienst
"10281:UDP" = 10281:UDP:LocalSubNet:Enabled:Windows Media Player-Netzwerkfreigabedienst
"10282:UDP" = 10282:UDP:LocalSubNet:Enabled:Windows Media Player-Netzwerkfreigabedienst
"10283:UDP" = 10283:UDP:LocalSubNet:Enabled:Windows Media Player-Netzwerkfreigabedienst
"10284:UDP" = 10284:UDP:LocalSubNet:Enabled:Windows Media Player-Netzwerkfreigabedienst
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1935:TCP" = 1935:TCP:*:Enabled:Port
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"10243:TCP" = 10243:TCP:LocalSubNet:Enabled:Windows Media Player-Netzwerkfreigabedienst
"10280:UDP" = 10280:UDP:LocalSubNet:Enabled:Windows Media Player-Netzwerkfreigabedienst
"10281:UDP" = 10281:UDP:LocalSubNet:Enabled:Windows Media Player-Netzwerkfreigabedienst
"10282:UDP" = 10282:UDP:LocalSubNet:Enabled:Windows Media Player-Netzwerkfreigabedienst
"10283:UDP" = 10283:UDP:LocalSubNet:Enabled:Windows Media Player-Netzwerkfreigabedienst
"10284:UDP" = 10284:UDP:LocalSubNet:Enabled:Windows Media Player-Netzwerkfreigabedienst
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%ProgramFiles%\AOL 9.0\AOL.exe" = %ProgramFiles%\AOL 9.0\AOL.exe:*:enabled:AOL 9.0 -- File not found
"%ProgramFiles%\AOL 9.0\WAOL.exe" = %ProgramFiles%\AOL 9.0\WAOL.exe:*:enabled:AOL 9.0 -- File not found
"%CommonProgramFiles%\AOL\ACS\AOLACSD.exe" = %CommonProgramFiles%\AOL\ACS\AOLACSD.exe:*:enabled:AOL 9.0 (Connectivity Service) -- File not found
"%CommonProgramFiles%\AOL\ACS\AOLDIAL.exe" = %CommonProgramFiles%\AOL\ACS\AOLDIAL.exe:*:enabled:AOL 9.0 (Connectivity Service Dialer) -- File not found
"%WinDir%\system32\fxsclnt.exe" = %WinDir%\system32\fxsclnt.exe:*:enabled:Microsoft Fax Console -- (Microsoft Corporation)
"%ProgramFiles%\CA\eTrust Antivirus\InocIT.exe" = %ProgramFiles%\CA\eTrust Antivirus\InocIT.exe:*:enabled:eTrust Antivirus - Local Scanner -- File not found
"%ProgramFiles%\CA\eTrust Antivirus\Realmon.exe" = %ProgramFiles%\CA\eTrust Antivirus\Realmon.exe:*:enabled:eTrust Antivirus - Realtime monitor -- File not found
"%ProgramFiles%\CA\eTrust Antivirus\InoRpc.exe" = %ProgramFiles%\CA\eTrust Antivirus\InoRpc.exe:*:enabled:eTrust Antivirus - RPC Server -- File not found
"%ProgramFiles%\IVT Corporation\BlueSoleil\BlueSoleil.exe" = %ProgramFiles%\IVT Corporation\BlueSoleil\BlueSoleil.exe:*:enabled:BlueSoleil -- (IVT Corporation)
"C:\Programme\HP\Digital Imaging\bin\hposid01.exe" = C:\Programme\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe -- (Hewlett-Packard Co.)
"C:\Programme\HP\Digital Imaging\bin\hpqcopy2.exe" = C:\Programme\HP\Digital Imaging\bin\hpqcopy2.exe:*:Enabled:hpqcopy2.exe -- (Hewlett-Packard Co.)
"C:\Programme\HP\Digital Imaging\bin\hpfcCopy.exe" = C:\Programme\HP\Digital Imaging\bin\hpfcCopy.exe:*:Enabled:hpfccopy.exe -- ()
"C:\Programme\HP\Digital Imaging\bin\hpoews01.exe" = C:\Programme\HP\Digital Imaging\bin\hpoews01.exe:*:Enabled:hpoews01.exe -- (Hewlett-Packard Co.)
"C:\Programme\HP\Digital Imaging\bin\hpiscnapp.exe" = C:\Programme\HP\Digital Imaging\bin\hpiscnapp.exe:*:Enabled:hpiscnapp.exe -- (Hewlett-Packard)
"C:\Programme\HP\Digital Imaging\bin\hpqgplgtupl.exe" = C:\Programme\HP\Digital Imaging\bin\hpqgplgtupl.exe:*:Enabled:hpqgplgtupl.exe -- (Hewlett-Packard Co.)
"C:\Programme\HP\Digital Imaging\bin\hpqusgm.exe" = C:\Programme\HP\Digital Imaging\bin\hpqusgm.exe:*:Enabled:hpqusgm.exe -- (Hewlett-Packard Co.)
"C:\Programme\HP\Digital Imaging\bin\hpqusgh.exe" = C:\Programme\HP\Digital Imaging\bin\hpqusgh.exe:*:Enabled:hpqusgh.exe -- (Hewlett-Packard Co.)
"C:\Programme\HP\Digital Imaging\smart web printing\SmartWebPrintExe.exe" = C:\Programme\HP\Digital Imaging\smart web printing\SmartWebPrintExe.exe:*:Enabled:smartwebprintexe.exe -- (Hewlett-Packard Co.)
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Programme\Nero\Nero 7\Nero ShowTime\ShowTime.exe" = C:\Programme\Nero\Nero 7\Nero ShowTime\ShowTime.exe:*:Enabled:Nero ShowTime Essentials -- (Nero AG)
"C:\Programme\HP\Digital Imaging\smart web printing\SmartWebPrintExe.exe" = C:\Programme\HP\Digital Imaging\smart web printing\SmartWebPrintExe.exe:*:Enabled:smartwebprintexe.exe -- (Hewlett-Packard Co.)
"C:\Programme\HP\Digital Imaging\bin\hpiscnapp.exe" = C:\Programme\HP\Digital Imaging\bin\hpiscnapp.exe:*:Disabled:hpiscnapp.exe -- (Hewlett-Packard)
"C:\Programme\HP\Digital Imaging\bin\hpoews01.exe" = C:\Programme\HP\Digital Imaging\bin\hpoews01.exe:*:Disabled:hpoews01.exe -- (Hewlett-Packard Co.)
"C:\Programme\HP\Digital Imaging\bin\hposid01.exe" = C:\Programme\HP\Digital Imaging\bin\hposid01.exe:*:Disabled:hposid01.exe -- (Hewlett-Packard Co.)
"C:\Programme\HP\Digital Imaging\bin\hpqcopy2.exe" = C:\Programme\HP\Digital Imaging\bin\hpqcopy2.exe:*:Disabled:hpqcopy2.exe -- (Hewlett-Packard Co.)
"C:\Programme\HP\Digital Imaging\bin\hpqgplgtupl.exe" = C:\Programme\HP\Digital Imaging\bin\hpqgplgtupl.exe:*:Disabled:hpqgplgtupl.exe -- (Hewlett-Packard Co.)
"C:\Programme\HP\Digital Imaging\bin\hpqusgh.exe" = C:\Programme\HP\Digital Imaging\bin\hpqusgh.exe:*:Disabled:hpqusgh.exe -- (Hewlett-Packard Co.)
"C:\Programme\HP\Digital Imaging\bin\hpqusgm.exe" = C:\Programme\HP\Digital Imaging\bin\hpqusgm.exe:*:Disabled:hpqusgm.exe -- (Hewlett-Packard Co.)
"C:\WINDOWS\system32\fxsclnt.exe" = C:\WINDOWS\system32\fxsclnt.exe:*:Disabled:Microsoft Fax Console -- (Microsoft Corporation)
"C:\Programme\IVT Corporation\BlueSoleil\BlueSoleil.exe" = C:\Programme\IVT Corporation\BlueSoleil\BlueSoleil.exe:*:Disabled:Bluetooth Application -- (IVT Corporation)
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{05440044-64A6-4248-A026-9745C1E9E159}" = Microsoft Encarta Enzyklopädie 2005
"{07FB17D8-7DB6-4F06-80C4-8BE1719CB6A1}" = hpWLPGInstaller
"{0F367CA3-3B2F-43F9-A44A-25A8EE69E45D}" = Scan
"{0FF1922C-B6C4-40BB-AF30-BEF75A482444}" = Nokia Connectivity Cable Driver
"{175F0111-2968-4935-8F70-33108C6A4DE3}" = MarketResearch
"{1B58C9D2-1925-413F-B29A-C4E7596C43F5}" = Nokia PC Suite
"{1E02403C-C469-4937-9B94-7DF9F78888FA}" = Smart Manager
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{21A2F5EE-1DC5-488A-BE7E-E526F8C61488}" = DeviceDiscovery
"{261D0486-9127-4071-BA1D-FE784310752E}" = videon
"{2637C347-9DAD-11D6-9EA2-00055D0CA761}" = PowerCinema 3.0
"{2EEA7AA4-C203-4b90-A34F-19FB7EF1C81C}" = BufferChm
"{30C10EE3-EFB3-4B7A-9CDC-50790C2B5200}" = CA Licensing
"{34EB6245-C8D0-4D8A-B8D8-EEBFF7A91485}" = Firebird SQL Server - MAGIX Edition
"{350C97B3-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3D1A6B70-3E02-49BC-88B0-916C80274632}" = Informationen über Ihren PC
"{3EE51BAD-9916-49C7-90BA-3D500B031E0C}_is1" = VSO Image Resizer 2.0.1.9
"{3F262ADC-5AD2-48E5-A586-44315E04A9E2}" = Microsoft Picture It!-Bibliothek 10
"{42756145-9997-4D28-809B-8756BFD00106}" = Microsoft Picture It! Foto Premium 10
"{43CDF946-F5D9-4292-B006-BA0D92013021}" = WebReg
"{43DCF766-6838-4F9A-8C91-D92DA586DFA7}" = Microsoft Windows-Journal-Viewer
"{44E6DE02-8C0D-4A23-8675-2BB1F78B53BC}" = Dynamic Photo Manager
"{497072FE-0A75-4E5C-A5B7-EB1FA67F66F1}" = DJ_AIO_06_F4500_SW_MIN
"{4A70EF07-7F88-4434-BB61-D1DE8AE93DD4}" = SolutionCenter
"{54521902-EBDE-4F69-B524-3F2FFBCE357E}" = Lernspaß kompakt Mathe 1
"{5490B6EF-5A48-40B7-A9E0-D3B886D17A29}" = RT2500 USB Wireless LAN Card
"{55A7B938-3D1E-4819-A87B-F83E736EF52E}" = F4500
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{5F70EF2E-DE5D-4CE7-B92A-9F1FC0EE3CA7}" = InterVideo DVDCopy 4
"{63CFD835-FF50-4F8B-91CD-5662A8C640F8}" = Photo Transport
"{63FF21C9-A810-464F-B60A-3111747B1A6D}" = GPBaseService2
"{67E4EE98-59F4-4220-89A6-A20AF5BEC689}" = Microsoft AutoRoute 2005
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD
"{68A10D12-0D0F-4212-BDE6-D87FAD32A8FA}" = SmartWebPrinting
"{6B103F43-069C-11D6-9EA2-0050BAE317E1}" = Home Cinema
"{6B2FFB21-AC88-45C3-9A7D-4BB3E744EC91}" = HPSSupply
"{6BBA26E9-AB03-4FE7-831A-3535584CA002}" = Toolbox
"{7059BDA7-E1DB-442C-B7A1-6144596720A4}" = HP Update
"{7148F0A8-6813-11D6-A77B-00B0D0142050}" = Java 2 Runtime Environment, SE v1.4.2_05
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{76EFFC7C-17A6-479D-9E47-8E658C1695AE}" = Windows-Sicherungsprogramm
"{78EFA95D-3310-4035-815B-A46BA4D0C6FA}" = VOB2MPG 2.5
"{7E265513-8CDA-4631-B696-F40D983F3B07}_is1" = CDBurnerXP
"{7F08A772-2816-4F46-84F1-49578502AD28}" = HP Deskjet F4500 Printer Driver Software 13.0 Rel .6
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A25392D-C5D2-4E79-A2BD-C15DDC5B0959}" = Bonjour
"{8CD9282B-A8F4-4A6D-A11C-6B9738975B00}" = WISO Mein Geld 5
"{8FBC9407-713D-4B8A-98D2-57210DA56049}" = MSN Toolbar
"{90120000-0020-0407-0000-0000000FF1CE}" = Compatibility Pack für 2007 Office System
"{90280407-6000-11D3-8CFE-0050048383C9}" = Microsoft Office XP Professional mit FrontPage
"{911B0407-6000-11D3-8CFE-0050048383C9}" = Microsoft Word 2002
"{92127AF5-FDD8-4ADF-BC40-C356C9EE0B7D}" = 32 Bit HP CIO Components Installer
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9F7FC79B-3059-4264-9450-39EB368E3225}" = Microsoft Digital Image Library 9 - Blocker
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{A87B11AC-4344-4E5D-8B12-8F471A87DAD9}" = LightScribe 1.4.136.1
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{ABEB838C-A1A7-4C5D-B7E1-8B4314600133}" = MSN Messenger 6.2
"{AC76BA86-7AD7-1031-7B44-A70000000000}" = Adobe Reader 7.0 - Deutsch
"{AE8705FB-E13C-40A9-8A2D-68D6733FBFC2}" = Status
"{B2455727-ED8F-4643-8A6E-F4AB8DE3633D}" = Network
"{B26E3B0D-C2FA-4370-B068-7C476766F029}" = Microsoft Works
"{B28B351F-1232-46EA-85EF-B8EA91641031}" = Nero 7 Essentials
"{B7A0CE06-068E-11D6-97FD-0050BACBF861}" = PowerProducer
"{B9F499B8-D1F0-42FC-84BE-CC552123CCCB}" = BlueSoleil
"{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}" = Destinations
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C43326F5-F135-4551-8270-7F7ABA0462E1}" = HPProductAssistant
"{C438DF2B-C5DF-4783-9CA5-9B89E501FA62}" = Works Update
"{C6A12D9B-D86A-4ee6-B980-95E4B26A2E13}" = Microsoft Works Suite-Add-Ins für Microsoft Word
"{C75CDBA2-3C86-481e-BD10-BDDA758F9DFF}" = hpPrintProjects
"{C9E91711-8600-4919-AEF0-D4821F886797}_is1" = Gigaflat
"{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CD815603-AB71-4CFB-B3AC-522298037ACC}" = W83L518D
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D1955A3A-EA24-4682-8641-43B5B688B09A}" = USB Wireless Keyboard Driver
"{D36DD326-7280-11D8-97C8-000129760CBE}" = PhotoNow! 1.0
"{D5A9B7C0-8751-11D8-9D75-000129760D75}" = MediaShow 3.0
"{D8E4A66D-DB68-481F-ABA8-AC622566D4CB}" = PC Connectivity Solution
"{DC0A5F99-FD66-433F-9D3A-05DCBA64BE42}" = TrayApp
"{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF}" = Ad-Aware
"{E20AF7D9-BD01-4BC2-A880-F2624E86A0F4}" = Dynamic Photo Manager
"{E78BFA60-5393-4C38-82AB-E8019E464EB4}" = Microsoft .NET Framework 1.1 German Language Pack
"{EA1CB7AC-E221-4822-A789-0ADB051DC498}" = Generic USB CardReader 2.0
"{EABE2A27-9452-472E-9389-EFF410E956E1}" = DeviceControl
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}" = Visual C++ 2008 x86 Runtime - (v9.0.30729)
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01" = Visual C++ 2008 x86 Runtime - v9.0.30729.01
"{F958CA02-BB40-4007-894B-258729456EE4}" = QuickTime
"{FAF26102-09D7-4C58-AB01-0D59A2E517CA}" = Copy
"{FCE65C4E-B0E8-4FBD-AD16-EDCBE6CD591F}" = HighMAT-Erweiterung für den Microsoft Windows XP-Assistenten zum Schreiben von CDs
"0852D05415AB9A4F1EF451E342267F76C776ED2F" = Windows Driver Package - Nokia Modem (11/03/2006 6.82.0.1)
"4CFD94C379217A02D5EA067615FF789CD731BCDB" = Windows Driver Package - Nokia (WUDFRd) WPD (11/03/2006 6.82.26.2)
"Ad-Aware" = Ad-Aware
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Ashampoo ClipFinder HD_is1" = Ashampoo ClipFinder HD 2.04
"Audiograbber" = Audiograbber 1.83 SE
"Avi2Dvd" = Avi2Dvd 0.4.5 beta
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"CAL" = Canon Camera Access Library
"CameraWindowDVC5" = Canon Camera Window DC_DV 5 for ZoomBrowser EX
"CameraWindowDVC6" = Canon Camera Window DC_DV 6 for ZoomBrowser EX
"CameraWindowMC" = Canon Camera Window MC 6 for ZoomBrowser EX
"Canon G.726 WMP-Decoder" = Canon G.726 WMP-Decoder
"CANON iMAGE GATEWAY Task" = CANON iMAGE GATEWAY Task for ZoomBrowser EX
"Canon Internet Library for ZoomBrowser EX" = Canon Internet Library for ZoomBrowser EX
"CCleaner" = CCleaner (remove only)
"C-Media Audio Driver" = C-Media High Definition Audio Driver
"Creatix V.92 Data Fax Modem" = Creatix V.92 Data Fax Modem
"CSCLIB" = Canon Camera Support Core Library
"DivX Setup.divx.com" = DivX-Setup
"dm Fotowelt" = dm Fotowelt
"DVD Decrypter" = DVD Decrypter (Remove Only)
"DVDFab 8_is1" = DVDFab 8.0.2.1 (30/09/2010)
"EOS Utility" = Canon Utilities EOS Utility
"Froggit v4.2" = Froggit v4.2
"Google Chrome" = Google Chrome
"Hardcopy(C__Programme_Hardcopy)" = Hardcopy (C:\Programme\Hardcopy)
"HP Imaging Device Functions" = HP Imaging Device Functions 13.0
"HP Print Projects" = HP Print Projects 1.0
"HP Smart Web Printing" = HP Smart Web Printing 4.5
"HP Solution Center & Imaging Support Tools" = HP Solution Center 13.0
"HPExtendedCapabilities" = HP Customer Participation Program 13.0
"ie8" = Windows Internet Explorer 8
"JägermeisterRadioPlayer_is1" = Jägermeister RadioPlayer Version 2.00.4
"LetsTrade" = LetsTrade Komponenten
"Macromedia Shockwave Player" = Macromedia Shockwave Player
"MAGIX 3D Maker D" = MAGIX 3D Maker (embeded)
"MAGIX Foto Manager 2008 D" = MAGIX Foto Manager 2008 5.0.0.255 (D)
"MAGIX Fotobuch" = MAGIX Fotobuch 3.2
"MAGIX Fotos auf CD & DVD 7 D" = MAGIX Fotos auf CD & DVD 7 7.0.2.0 (D)
"MAGIX Goya burnR D" = MAGIX Goya burnR 1.3.1.3 (D)
"MAGIX Online Druck Service D" = MAGIX Online Druck Service
"MAGIX PC Visit D" = MAGIX PC Visit
"MAGIX Screenshare D" = MAGIX Screenshare
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"MovieEditTask" = Canon MovieEdit Task for ZoomBrowser EX
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"NAVIGON Fresh" = NAVIGON Fresh 3.2.0
"NVIDIA Drivers" = NVIDIA Drivers
"PhotoStitch" = Canon Utilities PhotoStitch
"PictureItPrem_v10" = Microsoft Picture It! Foto Premium 10
"RAW Image Task" = Canon RAW Image Task for ZoomBrowser EX
"RealPlayer 6.0" = RealPlayer
"RemoteCaptureTask" = Canon RemoteCapture Task for ZoomBrowser EX
"Rossmann Fotoservice_is1" = Rossmann Fotoservice
"SAMSUNG CDMA Modem" = SAMSUNG CDMA Modem Driver Set
"SAMSUNG Mobile Composite Device" = SAMSUNG Mobile Composite Device Software
"Samsung Mobile phone USB driver" = Samsung Mobile phone USB driver Software
"SAMSUNG Mobile USB Modem" = SAMSUNG Mobile USB Modem Software
"SAMSUNG Mobile USB Modem 1.0" = SAMSUNG Mobile USB Modem 1.0 Software
"Shockwave" = Shockwave
"Shop for HP Supplies" = Shop for HP Supplies
"StreetPlugin" = Learn2 Player (Uninstall Only)
"ViewpointMediaPlayer" = Viewpoint Media Player
"WIC" = Windows Imaging Component
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"WinRAR archiver" = WinRAR
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Works2005Setup" = Setup-Start von Microsoft Works 2005
"Wudf01005" = Microsoft User-Mode Driver Framework Feature Pack 1.5
"X10Hardware" = X10 Hardware(TM)
"XP Codec Pack" = XP Codec Pack
"Yahoo! Companion" = Yahoo! Toolbar
"YInstHelper" = Yahoo! Install Manager
"Youtube Downloader HD_is1" = Youtube Downloader HD v. 1.7
"Zahlenbuch 1" = Zahlenbuch 1
"Zahlenbuch 2" = Zahlenbuch 2
"ZoomBrowser EX" = Canon Utilities ZoomBrowser EX
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 26.10.2010 13:54:30 | Computer Name = NAME-4E62F3A7F1 | Source = Application Hang | ID = 1002
Description = Stillstehende Anwendung PowerDVD.exe, Version 5.0.0.1817, Stillstandmodul
hungapp, Version 0.0.0.0, Stillstandadresse 0x00000000.
Error - 03.11.2010 14:35:07 | Computer Name = NAME-4E62F3A7F1 | Source = Application Hang | ID = 1002
Description = Stillstehende Anwendung iexplore.exe, Version 8.0.6001.18702, Stillstandmodul
hungapp, Version 0.0.0.0, Stillstandadresse 0x00000000.
Error - 05.11.2010 03:35:11 | Computer Name = NAME-4E62F3A7F1 | Source = crypt32 | ID = 131083
Description = Die Extrahierung der Drittanbieterstammlisten aus der automatischen
Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>
ist fehlgeschlagen mit dem Fehler: Ein erforderliches Zertifikat befindet sich
nicht im Gültigkeitszeitraum gemessen an der aktuellen Systemzeit oder dem Zeitstempel
in der signierten Datei. .
Error - 05.11.2010 03:35:11 | Computer Name = NAME-4E62F3A7F1 | Source = crypt32 | ID = 131083
Description = Die Extrahierung der Drittanbieterstammlisten aus der automatischen
Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>
ist fehlgeschlagen mit dem Fehler: Ein erforderliches Zertifikat befindet sich
nicht im Gültigkeitszeitraum gemessen an der aktuellen Systemzeit oder dem Zeitstempel
in der signierten Datei. .
Error - 07.11.2010 12:15:58 | Computer Name = NAME-4E62F3A7F1 | Source = Microsoft Office 10 | ID = 2000
Description = Accepted Safe Mode action : Microsoft Word.
Error - 08.11.2010 12:12:17 | Computer Name = NAME-4E62F3A7F1 | Source = Application Hang | ID = 1002
Description = Stillstehende Anwendung iexplore.exe, Version 8.0.6001.18702, Stillstandmodul
hungapp, Version 0.0.0.0, Stillstandadresse 0x00000000.
Error - 15.11.2010 12:06:57 | Computer Name = NAME-4E62F3A7F1 | Source = ESENT | ID = 490
Description = svchost (948) Versuch, Datei "C:\WINDOWS\system32\CatRoot2\{127D0A1D-4EF2-11D1-8608-00C04FC295EE}\catdb"
für den Lese-/Schreibzugriff zu öffnen, ist mit Systemfehler 32 (0x00000020): "Der
Prozess kann nicht auf die Datei zugreifen, da sie von einem anderen Prozess verwendet
wird. " fehlgeschlagen. Fehler -1032 (0xfffffbf8) beim Öffnen von Dateien.
Error - 18.11.2010 12:09:21 | Computer Name = NAME-4E62F3A7F1 | Source = Lavasoft Ad-Aware Service | ID = 0
Description =
Error - 18.11.2010 15:24:59 | Computer Name = NAME-4E62F3A7F1 | Source = Application Hang | ID = 1002
Description = Stillstehende Anwendung WINWORD.EXE, Version 10.0.6612.0, Stillstandmodul
hungapp, Version 0.0.0.0, Stillstandadresse 0x00000000.
Error - 18.11.2010 15:44:28 | Computer Name = NAME-4E62F3A7F1 | Source = Application Hang | ID = 1002
Description = Stillstehende Anwendung iexplore.exe, Version 8.0.6001.18702, Stillstandmodul
hungapp, Version 0.0.0.0, Stillstandadresse 0x00000000.
[ System Events ]
Error - 18.11.2010 16:23:48 | Computer Name = NAME-4E62F3A7F1 | Source = Service Control Manager | ID = 7026
Description = Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
IntelIde
Error - 19.11.2010 05:00:25 | Computer Name = NAME-4E62F3A7F1 | Source = Wechselmediendienst | ID = 262255
Description = Der Wechselmediendienst konnte die Medien in Laufwerk Laufwerk 0 der
Bibliothek Generic MS/SD CombMMC/SD USB Device nicht laden.
Error - 19.11.2010 05:00:27 | Computer Name = NAME-4E62F3A7F1 | Source = Wechselmediendienst | ID = 262255
Description = Der Wechselmediendienst konnte die Medien in Laufwerk Laufwerk 0 der
Bibliothek Generic MS/SD CombMMC/SD USB Device nicht laden.
Error - 19.11.2010 05:06:44 | Computer Name = NAME-4E62F3A7F1 | Source = Wechselmediendienst | ID = 262255
Description = Der Wechselmediendienst konnte die Medien in Laufwerk Laufwerk 0 der
Bibliothek Generic MS/SD CombMMC/SD USB Device nicht laden.
Error - 19.11.2010 05:06:47 | Computer Name = NAME-4E62F3A7F1 | Source = Wechselmediendienst | ID = 262255
Description = Der Wechselmediendienst konnte die Medien in Laufwerk Laufwerk 0 der
Bibliothek Generic MS/SD CombMMC/SD USB Device nicht laden.
Error - 19.11.2010 05:09:37 | Computer Name = NAME-4E62F3A7F1 | Source = Wechselmediendienst | ID = 262255
Description = Der Wechselmediendienst konnte die Medien in Laufwerk Laufwerk 0 der
Bibliothek Generic MS/SD CombMMC/SD USB Device nicht laden.
Error - 19.11.2010 05:09:40 | Computer Name = NAME-4E62F3A7F1 | Source = Wechselmediendienst | ID = 262255
Description = Der Wechselmediendienst konnte die Medien in Laufwerk Laufwerk 0 der
Bibliothek Generic MS/SD CombMMC/SD USB Device nicht laden.
Error - 19.11.2010 05:51:09 | Computer Name = NAME-4E62F3A7F1 | Source = Wechselmediendienst | ID = 262255
Description = Der Wechselmediendienst konnte die Medien in Laufwerk Laufwerk 0 der
Bibliothek Generic MS/SD CombMMC/SD USB Device nicht laden.
Error - 19.11.2010 05:51:12 | Computer Name = NAME-4E62F3A7F1 | Source = Wechselmediendienst | ID = 262255
Description = Der Wechselmediendienst konnte die Medien in Laufwerk Laufwerk 0 der
Bibliothek Generic MS/SD CombMMC/SD USB Device nicht laden.
Error - 19.11.2010 12:15:28 | Computer Name = NAME-4E62F3A7F1 | Source = Service Control Manager | ID = 7026
Description = Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
IntelIde
< End of report >
--- --- ---
OTL Logfile: Code:
OTL logfile created on: 19.11.2010 17:20:27 - Run 1
OTL by OldTimer - Version 3.2.17.3 Folder = C:\Dokumente und Einstellungen\Mustermann\Desktop
Windows XP Home Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
511,00 Mb Total Physical Memory | 46,00 Mb Available Physical Memory | 9,00% Memory free
1,00 Gb Paging File | 1,00 Gb Available in Paging File | 44,00% Paging File free
Paging file location(s): C:\pagefile.sys 768 1536 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 125,46 Gb Total Space | 31,72 Gb Free Space | 25,28% Space Free | Partition Type: NTFS
Drive D: | 97,65 Gb Total Space | 6,52 Gb Free Space | 6,68% Space Free | Partition Type: NTFS
Drive E: | 9,76 Gb Total Space | 9,76 Gb Free Space | 100,00% Space Free | Partition Type: FAT32
Drive I: | 1,83 Gb Total Space | 1,83 Gb Free Space | 100,00% Space Free | Partition Type: FAT
Computer Name: NAME-4E62F3A7F1 | User Name: Mustermann | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - C:\Dokumente und Einstellungen\Mustermann\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Programme\Lavasoft\Ad-Aware\AAWService.exe (Lavasoft)
PRC - C:\Programme\Lavasoft\Ad-Aware\AAWTray.exe (Lavasoft)
PRC - C:\Programme\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
PRC - C:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
PRC - C:\Programme\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
PRC - C:\Programme\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware.com)
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\Programme\DivX\DivX Update\DivXUpdate.exe ()
PRC - C:\Programme\Avira\AntiVir Desktop\avshadow.exe (Avira GmbH)
PRC - C:\Programme\CDBurnerXP\NMSAccessU.exe ()
PRC - C:\Programme\Jägermeister\ps_timer.exe (phonostar)
PRC - C:\Programme\Jägermeister\ps_agent.exe (phonostar)
PRC - C:\Programme\Hardcopy\hardcopy.exe (sw4you, Siegfried Weckmann)
PRC - C:\Programme\Gemeinsame Dateien\Ahead\Lib\NMBgMonitor.exe (Nero AG)
PRC - C:\Programme\Gemeinsame Dateien\Ahead\Lib\NMIndexStoreSvr.exe (Nero AG)
PRC - C:\Programme\Gemeinsame Dateien\Ahead\Lib\NMIndexingService.exe (Nero AG)
PRC - C:\Programme\Gemeinsame Dateien\LightScribe\LSSrvc.exe (Hewlett-Packard Company)
PRC - C:\Programme\Nokia\Nokia PC Suite 6\LaunchApplication.exe (Nokia)
PRC - C:\Programme\PC Connectivity Solution\ServiceLayer.exe (Nokia.)
PRC - C:\Programme\Canon\CAL\CALMAIN.exe (Canon Inc.)
PRC - C:\Programme\InterVideo\Common\Bin\WinCinemaMgr.exe (InterVideo Inc.)
PRC - C:\Programme\Home Cinema\PowerCinema\PCMService.exe (CyberLink Corp.)
PRC - C:\Programme\IVT Corporation\BlueSoleil\BlueSoleil.exe (IVT Corporation)
PRC - C:\Programme\IVT Corporation\BlueSoleil\BTNtService.exe ()
PRC - C:\WINDOWS\Dit.exe (ICSI Technology Ltd.)
PRC - C:\WINDOWS\mHotkey.exe (Chicony)
PRC - C:\WINDOWS\CNYHKey.exe (Chicony)
PRC - C:\Programme\CA\SharedComponents\CA_LIC\LogWatNT.exe (Computer Associates)
PRC - C:\Programme\Common Files\X10\Common\X10nets.exe (X10)
========== Modules (SafeList) ==========
MOD - C:\Dokumente und Einstellungen\Mustermann\Desktop\OTL.exe (OldTimer Tools)
MOD - C:\Programme\Hardcopy\HcDLL2_26_Win32.dll ()
MOD - C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll (Microsoft Corporation)
MOD - C:\WINDOWS\system32\framedyn.dll (Microsoft Corporation)
MOD - C:\Programme\CyberLink\Shared Files\CLRCEngine.dll (CyberLink Corp.)
MOD - C:\WINDOWS\system32\mfc42.dll (Microsoft Corporation)
MOD - C:\WINDOWS\system32\mfc42loc.dll (Microsoft Corporation)
MOD - C:\WINDOWS\system32\hid.dll (Microsoft Corporation)
MOD - C:\WINDOWS\system32\serwvdrv.dll (Microsoft Corporation)
MOD - C:\WINDOWS\system32\umdmxfrm.dll (Microsoft Corporation)
MOD - C:\WINDOWS\HKCYDLL.dll ()
========== Win32 Services (SafeList) ==========
SRV - (AppMgmt) -- C:\WINDOWS\System32\appmgmts.dll File not found
SRV - (Lavasoft Ad-Aware Service) -- C:\Programme\Lavasoft\Ad-Aware\AAWService.exe (Lavasoft)
SRV - (AntiVirSchedulerService) -- C:\Programme\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
SRV - (AntiVirService) -- C:\Programme\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
SRV - (NMSAccessU) -- C:\Programme\CDBurnerXP\NMSAccessU.exe ()
SRV - (FirebirdServerMAGIXInstance) -- C:\Programme\Gemeinsame Dateien\MAGIX Services\Database\bin\fbserver.exe (MAGIX®)
SRV - (NMIndexingService) -- C:\Programme\Gemeinsame Dateien\Ahead\Lib\NMIndexingService.exe (Nero AG)
SRV - (LightScribeService) -- C:\Programme\Gemeinsame Dateien\LightScribe\LSSrvc.exe (Hewlett-Packard Company)
SRV - (UPnPService) -- C:\Programme\Gemeinsame Dateien\MAGIX Shared\UPnPService\UPnPService.exe (Magix AG)
SRV - (ServiceLayer) -- C:\Programme\PC Connectivity Solution\ServiceLayer.exe (Nokia.)
SRV - (CCALib8) -- C:\Programme\Canon\CAL\CALMAIN.exe (Canon Inc.)
SRV - (BlueSoleil Hid Service) -- C:\Programme\IVT Corporation\BlueSoleil\BTNtService.exe ()
SRV - (CA_LIC_SRVR) -- C:\Programme\CA\SharedComponents\CA_LIC\lic98rmtd.exe (Computer Associates)
SRV - (LogWatch) -- C:\Programme\CA\SharedComponents\CA_LIC\LogWatNT.exe (Computer Associates)
SRV - (CA_LIC_CLNT) -- C:\Programme\CA\SharedComponents\CA_LIC\lic98rmt.exe (Computer Associates)
SRV - (x10nets) -- C:\Programme\Common Files\X10\Common\X10nets.exe (X10)
========== Driver Services (SafeList) ==========
DRV - (wanatw) WAN Miniport (ATW) -- C:\WINDOWS\System32\DRIVERS\wanatw4.sys File not found
DRV - (USBAAPL) -- C:\WINDOWS\System32\Drivers\usbaapl.sys File not found
DRV - (CardReaderFilter) -- C:\WINDOWS\system32\drivers\USBCRFT.SYS (ICSI Technology Ltd.)
DRV - (Lavasoft Kernexplorer) -- C:\Programme\Lavasoft\Ad-Aware\kernexplorer.sys ()
DRV - (avipbb) -- C:\WINDOWS\system32\drivers\avipbb.sys (Avira GmbH)
DRV - (avgntflt) -- C:\WINDOWS\system32\drivers\avgntflt.sys (Avira GmbH)
DRV - (Lbd) -- C:\WINDOWS\system32\DRIVERS\Lbd.sys (Lavasoft AB)
DRV - (SASKUTIL) -- C:\Programme\SUPERAntiSpyware\SASKUTIL.SYS (SUPERAdBlocker.com and SUPERAntiSpyware.com)
DRV - (SASDIFSV) -- C:\Programme\SUPERAntiSpyware\sasdifsv.sys (SUPERAdBlocker.com and SUPERAntiSpyware.com)
DRV - (StarOpen) -- C:\WINDOWS\System32\drivers\StarOpen.sys ()
DRV - (ssmdrv) -- C:\WINDOWS\system32\drivers\ssmdrv.sys (Avira GmbH)
DRV - (avgio) -- C:\Programme\Avira\AntiVir Desktop\avgio.sys (Avira GmbH)
DRV - (Nokia USB Phone Parent) -- C:\WINDOWS\system32\drivers\nmwcd.sys (Nokia)
DRV - (Nokia USB Port) -- C:\WINDOWS\system32\drivers\nmwcdcj.sys (Nokia)
DRV - (Nokia USB Modem) -- C:\WINDOWS\system32\drivers\nmwcdcm.sys (Nokia)
DRV - (Nokia USB Generic) -- C:\WINDOWS\system32\drivers\nmwcdc.sys (Nokia)
DRV - (ss_mdm) -- C:\WINDOWS\system32\drivers\ss_mdm.sys (MCCI)
DRV - (ss_mdfl) -- C:\WINDOWS\system32\drivers\ss_mdfl.sys (MCCI)
DRV - (ss_bus) SAMSUNG Mobile USB Device 1.0 driver (WDM) -- C:\WINDOWS\system32\drivers\ss_bus.sys (MCCI)
DRV - (BTHidMgr) -- C:\WINDOWS\System32\Drivers\BTHidMgr.sys (IVT Corporation)
DRV - (Btcsrusb) -- C:\WINDOWS\system32\drivers\btcusb.sys (IVT Corporation)
DRV - (3xHybrid) -- C:\WINDOWS\system32\drivers\3xHybrid.sys (Philips Semiconductors GmbH)
DRV - (cmudax) -- C:\WINDOWS\system32\drivers\cmudax.sys (C-Media Inc.)
DRV - (VcommMgr) -- C:\WINDOWS\system32\drivers\VcommMgr.sys (IVT Corporation)
DRV - (VComm) -- C:\WINDOWS\system32\drivers\VComm.sys (IVT Corporation)
DRV - (BlueletAudio) -- C:\WINDOWS\system32\drivers\blueletaudio.sys (IVT Corporation)
DRV - (NPF) -- C:\WINDOWS\system32\drivers\packet.sys ()
DRV - (BTHidEnum) -- C:\WINDOWS\system32\drivers\vbtenum.sys ()
DRV - (BT) -- C:\WINDOWS\system32\drivers\BtNetDrv.sys (IVT Corporation)
DRV - (nv) -- C:\WINDOWS\system32\drivers\nv4_mini.sys (NVIDIA Corporation)
DRV - (RT2500USB) -- C:\WINDOWS\system32\drivers\rt2500usb.sys (Ralink Technology Inc.)
DRV - (61883) -- C:\WINDOWS\system32\drivers\61883.sys (Microsoft Corporation)
DRV - (Avc) -- C:\WINDOWS\system32\drivers\avc.sys (Microsoft Corporation)
DRV - (MSDV) -- C:\WINDOWS\system32\drivers\msdv.sys (Microsoft Corporation)
DRV - (usbaudio) USB-Audiotreiber (WDM) -- C:\WINDOWS\system32\drivers\USBAUDIO.sys (Microsoft Corporation)
DRV - (MPE) -- C:\WINDOWS\system32\drivers\MPE.sys (Microsoft Corporation)
DRV - (HDAudBus) -- C:\WINDOWS\system32\drivers\Hdaudbus.sys (Windows (R) Server 2003 DDK provider)
DRV - (HdAudAddService) -- C:\WINDOWS\system32\drivers\Hdaudio.sys (Windows (R) Server 2003 DDK provider)
DRV - (AgereSoftModem) -- C:\WINDOWS\system32\drivers\AGRSM.sys (Agere Systems)
DRV - (XUIF) -- C:\WINDOWS\system32\drivers\x10ufx2.sys (X10 Wireless Technology, Inc.)
DRV - (UKBFLT) -- C:\WINDOWS\system32\drivers\UKBFLT.sys (Chicony)
DRV - (pfc) -- C:\WINDOWS\system32\drivers\pfc.sys (Padus, Inc.)
DRV - (Iviaspi) -- C:\WINDOWS\system32\drivers\iviaspi.sys (InterVideo, Inc.)
DRV - (wbscr) -- C:\WINDOWS\system32\drivers\wbscr.sys (Winbond Electronics Corp.)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = hxxp://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://www.google.com/ie
IE - HKCU\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Programme\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
FF - HKLM\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Programme\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010.09.08 19:01:10 | 000,000,000 | ---D | M]
O1 HOSTS File: ([2004.08.04 13:00:00 | 000,000,820 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Programme\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
O2 - BHO: (HP Print Enhancer) - {0347C33E-8762-4905-BF09-768834316C61} - C:\Programme\HP\Digital Imaging\smart web printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
O2 - BHO: (AcroIEHlprObj Class) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (MSN Toolbar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Programme\MSN\Toolbar\3.0.0744.0\msneshellx.dll (Microsoft Corp.)
O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Programme\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dll (Yahoo! Inc)
O2 - BHO: (HP Smart BHO Class) - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Programme\HP\Digital Imaging\smart web printing\hpswp_BHO.dll (Hewlett-Packard Co.)
O3 - HKLM\..\Toolbar: (MSN Toolbar) - {1E61ED7C-7CB8-49d6-B9E9-AB4C880C8414} - C:\Programme\MSN\Toolbar\3.0.0744.0\msneshellx.dll (Microsoft Corp.)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Programme\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {604BC32A-9680-40D1-9AC6-E06B23A1BA4C} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Programme\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
O4 - HKLM..\Run: [avgnt] C:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [CHotkey] C:\WINDOWS\mHotkey.exe (Chicony)
O4 - HKLM..\Run: [Cmaudio] File not found
O4 - HKLM..\Run: [Dit] C:\WINDOWS\Dit.exe (ICSI Technology Ltd.)
O4 - HKLM..\Run: [DivXUpdate] C:\Programme\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [ledpointer] C:\WINDOWS\CNYHKey.exe (Chicony)
O4 - HKLM..\Run: [NeroFilterCheck] C:\Programme\Gemeinsame Dateien\Ahead\Lib\NeroCheck.exe (Nero AG)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe (NVIDIA Corporation)
O4 - HKLM..\Run: [PCMService] C:\Programme\Home Cinema\PowerCinema\PCMService.exe (CyberLink Corp.)
O4 - HKLM..\Run: [PCSuiteTrayApplication] C:\Programme\Nokia\Nokia PC Suite 6\LaunchApplication.exe (Nokia)
O4 - HKLM..\Run: [Verknüpfung mit der High Definition Audio-Eigenschaftenseite] C:\WINDOWS\System32\Hdaudpropshortcut.exe (Windows (R) Server 2003 DDK provider)
O4 - HKCU..\Run: [AOLMIcon] C:\Programme\Gemeinsame Dateien\AOLSHARE\AOLMIcon.exe File not found
O4 - HKCU..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] C:\Programme\Gemeinsame Dateien\Ahead\Lib\NMBgMonitor.exe (Nero AG)
O4 - HKCU..\Run: [PhonostarAgent] C:\Programme\Jägermeister\ps_agent.exe (phonostar)
O4 - HKCU..\Run: [PhonostarTimer] C:\Programme\Jägermeister\ps_timer.exe (phonostar)
O4 - HKCU..\Run: [SUPERAntiSpyware] C:\Programme\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware.com)
O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\Adobe Reader - Schnellstart.lnk = C:\Programme\Adobe\Acrobat 7.0\Reader\reader_sl.exe (Adobe Systems Incorporated)
O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\BlueSoleil.lnk = C:\Programme\IVT Corporation\BlueSoleil\BlueSoleil.exe (IVT Corporation)
O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\InterVideo WinCinema Manager.lnk = C:\Programme\InterVideo\Common\Bin\WinCinemaMgr.exe (InterVideo Inc.)
O4 - Startup: C:\Dokumente und Einstellungen\Mustermann\Startmenü\Programme\Autostart\Hardcopy.LNK = C:\Programme\Hardcopy\hardcopy.exe (sw4you, Siegfried Weckmann)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9 - Extra 'Tools' menuitem : Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - Reg Error: Key error. File not found
O9 - Extra Button: HP Smart Web Printing ein- oder ausblenden - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Programme\HP\Digital Imaging\smart web printing\hpswp_BHO.dll (Hewlett-Packard Co.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} hxxp://fpdownload.macromedia.com/get/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} C:\Programme\Yahoo!\Common\yinsthelper.dll (YInstStarter Class)
O16 - DPF: {3E68E405-C6DE-49FF-83AE-41EE9F4C36CE} hxxp://office.microsoft.com/officeupdate/content/opuc.cab (Office Update Installation Engine)
O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} hxxp://software-dl.real.com/12b59a1dbbc2c6658a05/netzip/RdxIE601_de.cab (RdxIE Class)
O16 - DPF: {59136DB4-6CA3-4B40-8F2F-BBF84B6F1E91} https://stream.web.de/mail/activex/mail_upload_11213.cab (Attachment Upload Control)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} hxxp://v5.windowsupdate.microsoft.com/v5consumer/V5Controls/en/x86/client/wuweb_site.cab?1097566082250 (WUWebControl Class)
O16 - DPF: {6F15128C-E66A-490C-B848-5000B5ABEEAC} https://h20436.www2.hp.com/ediags/dex/secure/HPDEXAXO.cab (HP Download Manager)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/products/plugin/autodl/jinstall-142-windows-i586.cab (Java Plug-in 1.4.2_05)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} hxxp://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0014-0002-0005-ABCDEFFEDCBA} hxxp://java.sun.com/products/plugin/autodl/jinstall-142-windows-i586.cab (Java Plug-in 1.4.2_05)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} https://fpdownload.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O18 - Protocol\Handler\cdo {CD00020A-8B95-11D1-82DB-00C04FB1625D} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Web Folders\PKMCDO.DLL (Microsoft Corporation)
O18 - Protocol\Handler\cetihpz {CF184AD3-CDCB-4168-A3F7-8E447D129300} - C:\Programme\HP\hpcoretech\comp\hpuiprot.dll (Hewlett-Packard Company)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Web Components\10\OWC10.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\!SASWinLogon: DllName - C:\Programme\SUPERAntiSpyware\SASWINLO.DLL - C:\Programme\SUPERAntiSpyware\SASWINLO.DLL (SUPERAntiSpyware.com)
O24 - Desktop Components:0 (Die derzeitige Homepage) - About:Home
O24 - Desktop WallPaper: C:\Dokumente und Einstellungen\Mustermann\Lokale Einstellungen\Anwendungsdaten\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Dokumente und Einstellungen\Mustermann\Lokale Einstellungen\Anwendungsdaten\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Programme\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2004.10.27 18:48:54 | 000,000,150 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{8d49a18a-2eb1-11df-9407-001109506ad0}\Shell\AutoRun\command - "" = L:\installer.exe -- File not found
O33 - MountPoints2\{8d49a18a-2eb1-11df-9407-001109506ad0}\Shell\verb\command - "" = L:\installer.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O34 - HKLM BootExecute: (lsdelete) - C:\WINDOWS\System32\lsdelete.exe ()
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 30 Days ==========
[2010.11.19 14:51:47 | 000,575,488 | ---- | C] (OldTimer Tools) -- C:\Dokumente und Einstellungen\Mustermann\Desktop\OTL.exe
[2010.11.18 21:39:25 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Mustermann\Anwendungsdaten\SUPERAntiSpyware.com
[2010.11.18 21:39:25 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\SUPERAntiSpyware.com
[2010.11.18 21:39:10 | 000,000,000 | ---D | C] -- C:\Programme\SUPERAntiSpyware
[2010.11.18 21:06:08 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Mustermann\Anwendungsdaten\Malwarebytes
[2010.11.18 21:05:58 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010.11.18 21:05:55 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Malwarebytes
[2010.11.18 21:05:54 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2010.11.18 21:05:54 | 000,000,000 | ---D | C] -- C:\Programme\Malwarebytes' Anti-Malware
[2010.11.18 17:13:43 | 000,064,288 | ---- | C] (Lavasoft AB) -- C:\WINDOWS\System32\drivers\Lbd.sys
[2010.11.18 17:13:38 | 000,098,392 | ---- | C] (Sunbelt Software) -- C:\WINDOWS\System32\drivers\SBREDrv.sys
[2010.11.18 17:09:30 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Mustermann\Lokale Einstellungen\Anwendungsdaten\Sunbelt Software
[2010.11.18 17:08:14 | 000,000,000 | -H-D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\{E961CE1B-C3EA-4882-9F67-F859B555D097}
[2010.11.18 17:07:28 | 000,000,000 | ---D | C] -- C:\Programme\Lavasoft
[2010.11.18 17:07:28 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Lavasoft
[2010.11.14 17:13:18 | 000,000,000 | RH-D | C] -- C:\Dokumente und Einstellungen\Mustermann\Recent
[2010.11.05 08:46:22 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\NtmsData
[2010.11.05 08:38:55 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Mustermann\Anwendungsdaten\Avira
[2010.11.05 08:04:21 | 000,000,000 | ---D | C] -- C:\Programme\NAVIGON
[2010.10.22 15:05:59 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Mustermann\Lokale Einstellungen\Anwendungsdaten\Xara
[2010.10.22 15:05:31 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Mustermann\Eigene Dateien\3D_Maker_embeded
[2010.10.22 15:03:44 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Mustermann\Eigene Dateien\MAGIX_Fotos_auf_CD_DVD_9_Download-Version
[2010.10.22 15:00:35 | 000,000,000 | ---D | C] -- C:\Programme\Gemeinsame Dateien\MAGIX Services
[2010.10.22 13:32:26 | 000,000,000 | ---D | C] -- C:\Programme\DVDFab 8
[2010.10.19 12:42:16 | 000,022,520 | ---- | C] (Fengtao Software Inc.) -- C:\Programme\DVDFabShellEx.dll
[2010.09.10 16:36:46 | 000,047,360 | ---- | C] (VSO Software) -- C:\Dokumente und Einstellungen\Mustermann\Anwendungsdaten\pcouffin.sys
[2009.09.04 18:01:10 | 000,525,656 | ---- | C] (Microsoft Corporation) -- C:\Programme\DXSETUP.exe
[2009.09.04 18:01:08 | 001,691,464 | ---- | C] (Microsoft Corporation) -- C:\Programme\dsetup32.dll
[2009.09.04 18:01:08 | 000,094,024 | ---- | C] (Microsoft Corporation) -- C:\Programme\DSETUP.dll
[2004.11.24 20:25:52 | 000,335,872 | ---- | C] ( ) -- C:\WINDOWS\System32\drvc.dll
[2 C:\Dokumente und Einstellungen\Mustermann\Eigene Dateien\*.tmp files -> C:\Dokumente und Einstellungen\Mustermann\Eigene Dateien\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2010.11.19 17:17:03 | 000,000,470 | ---- | M] () -- C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
[2010.11.19 17:14:07 | 000,017,408 | ---- | M] (ICSI Technology Ltd.) -- C:\WINDOWS\System32\drivers\USBCRFT.SYS
[2010.11.19 17:14:03 | 000,007,275 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
[2010.11.19 17:14:03 | 000,001,084 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2010.11.19 17:13:55 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010.11.19 17:13:53 | 536,399,872 | -HS- | M] () -- C:\hiberfil.sys
[2010.11.19 17:10:31 | 000,034,514 | ---- | M] () -- C:\Dokumente und Einstellungen\Mustermann\Anwendungsdaten\wklnhst.dat
[2010.11.19 16:52:01 | 000,001,088 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2010.11.19 14:51:05 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Dokumente und Einstellungen\Mustermann\Desktop\OTL.exe
[2010.11.18 21:39:13 | 000,001,646 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\SUPERAntiSpyware Free Edition.lnk
[2010.11.18 21:32:34 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010.11.18 21:06:01 | 000,000,680 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2010.11.18 20:32:30 | 000,000,211 | RHS- | M] () -- C:\boot.ini
[2010.11.18 17:13:38 | 000,098,392 | ---- | M] (Sunbelt Software) -- C:\WINDOWS\System32\drivers\SBREDrv.sys
[2010.11.18 17:08:10 | 000,000,851 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Ad-Aware.lnk
[2010.11.08 19:53:20 | 000,001,781 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Google Chrome.lnk
[2010.11.07 20:24:23 | 000,000,108 | ---- | M] () -- C:\Dokumente und Einstellungen\Mustermann\default.pls
[2010.11.07 20:22:22 | 000,000,069 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2010.11.05 08:42:51 | 000,126,856 | ---- | M] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avipbb.sys
[2010.11.05 08:42:51 | 000,060,936 | ---- | M] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avgntflt.sys
[2010.11.05 08:05:23 | 000,000,920 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\NAVIGON Fresh.lnk
[2010.10.31 09:11:33 | 000,454,160 | ---- | M] () -- C:\WINDOWS\System32\perfh007.dat
[2010.10.31 09:11:33 | 000,436,790 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010.10.31 09:11:33 | 000,083,324 | ---- | M] () -- C:\WINDOWS\System32\perfc007.dat
[2010.10.31 09:11:33 | 000,070,110 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010.10.28 17:09:50 | 000,079,360 | ---- | M] () -- C:\Dokumente und Einstellungen\Mustermann\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.10.23 07:46:03 | 000,343,424 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010.10.22 13:32:35 | 000,000,646 | ---- | M] () -- C:\Dokumente und Einstellungen\Mustermann\Desktop\DVDFab 8.lnk
[2010.10.22 12:41:27 | 000,087,608 | ---- | M] () -- C:\Dokumente und Einstellungen\Mustermann\Anwendungsdaten\inst.exe
[2010.10.22 12:41:27 | 000,047,360 | ---- | M] (VSO Software) -- C:\Dokumente und Einstellungen\Mustermann\Anwendungsdaten\pcouffin.sys
[2010.10.22 12:41:27 | 000,007,887 | ---- | M] () -- C:\Dokumente und Einstellungen\Mustermann\Anwendungsdaten\pcouffin.cat
[2010.10.22 12:41:26 | 000,001,144 | ---- | M] () -- C:\Dokumente und Einstellungen\Mustermann\Anwendungsdaten\pcouffin.inf
[2 C:\Dokumente und Einstellungen\Mustermann\Eigene Dateien\*.tmp files -> C:\Dokumente und Einstellungen\Mustermann\Eigene Dateien\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
========== Files Created - No Company Name ==========
[2010.11.18 21:39:13 | 000,001,646 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\SUPERAntiSpyware Free Edition.lnk
[2010.11.18 21:06:01 | 000,000,680 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2010.11.18 20:32:30 | 000,001,770 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\BlueSoleil.lnk
[2010.11.18 20:22:24 | 000,015,880 | ---- | C] () -- C:\WINDOWS\System32\lsdelete.exe
[2010.11.18 17:14:23 | 000,000,470 | ---- | C] () -- C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
[2010.11.18 17:08:10 | 000,000,851 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Ad-Aware.lnk
[2010.11.05 08:05:23 | 000,000,920 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\NAVIGON Fresh.lnk
[2010.10.22 13:32:35 | 000,000,646 | ---- | C] () -- C:\Dokumente und Einstellungen\Mustermann\Desktop\DVDFab 8.lnk
[2010.09.10 16:36:53 | 000,000,033 | ---- | C] () -- C:\Dokumente und Einstellungen\Mustermann\Anwendungsdaten\pcouffin.log
[2010.09.10 16:36:46 | 000,087,608 | ---- | C] () -- C:\Dokumente und Einstellungen\Mustermann\Anwendungsdaten\inst.exe
[2010.09.10 16:36:46 | 000,007,887 | ---- | C] () -- C:\Dokumente und Einstellungen\Mustermann\Anwendungsdaten\pcouffin.cat
[2010.09.10 16:36:46 | 000,001,144 | ---- | C] () -- C:\Dokumente und Einstellungen\Mustermann\Anwendungsdaten\pcouffin.inf
[2010.09.08 18:51:51 | 000,000,727 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\hpzinstall.log
[2010.05.21 10:11:30 | 000,000,016 | ---- | C] () -- C:\Dokumente und Einstellungen\NetworkService\Anwendungsdaten\qvjsge.dat
[2009.11.22 10:36:00 | 000,005,052 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\xqkcebzs.dik
[2009.09.04 18:01:20 | 001,550,796 | ---- | C] () -- C:\Programme\Nov2008_d3dx9_40_x86.cab
[2009.09.04 18:01:20 | 001,412,894 | ---- | C] () -- C:\Programme\OCT2006_d3dx9_31_x64.cab
[2009.09.04 18:01:20 | 001,127,209 | ---- | C] () -- C:\Programme\OCT2006_d3dx9_31_x86.cab
[2009.09.04 18:01:20 | 000,994,154 | ---- | C] () -- C:\Programme\Nov2008_d3dx10_40_x64.cab
[2009.09.04 18:01:20 | 000,273,960 | ---- | C] () -- C:\Programme\Nov2008_XAudio_x64.cab
[2009.09.04 18:01:20 | 000,272,603 | ---- | C] () -- C:\Programme\Nov2008_XAudio_x86.cab
[2009.09.04 18:01:20 | 000,182,361 | ---- | C] () -- C:\Programme\OCT2006_XACT_x64.cab
[2009.09.04 18:01:20 | 000,138,009 | ---- | C] () -- C:\Programme\OCT2006_XACT_x86.cab
[2009.09.04 18:01:20 | 000,121,786 | ---- | C] () -- C:\Programme\Nov2008_XACT_x64.cab
[2009.09.04 18:01:20 | 000,092,676 | ---- | C] () -- C:\Programme\Nov2008_XACT_x86.cab
[2009.09.04 18:01:20 | 000,086,029 | ---- | C] () -- C:\Programme\Oct2005_xinput_x64.cab
[2009.09.04 18:01:20 | 000,054,522 | ---- | C] () -- C:\Programme\Nov2008_X3DAudio_x64.cab
[2009.09.04 18:01:20 | 000,045,351 | ---- | C] () -- C:\Programme\Oct2005_xinput_x86.cab
[2009.09.04 18:01:20 | 000,021,843 | ---- | C] () -- C:\Programme\Nov2008_X3DAudio_x86.cab
[2009.09.04 18:01:18 | 001,906,870 | ---- | C] () -- C:\Programme\Nov2008_d3dx9_40_x64.cab
[2009.09.04 18:01:18 | 001,802,058 | ---- | C] () -- C:\Programme\Nov2007_d3dx9_36_x64.cab
[2009.09.04 18:01:18 | 001,709,360 | ---- | C] () -- C:\Programme\Nov2007_d3dx9_36_x86.cab
[2009.09.04 18:01:18 | 000,965,421 | ---- | C] () -- C:\Programme\Nov2008_d3dx10_40_x86.cab
[2009.09.04 18:01:18 | 000,803,876 | ---- | C] () -- C:\Programme\Nov2007_d3dx10_36_x86.cab
[2009.09.04 18:01:18 | 000,196,754 | ---- | C] () -- C:\Programme\NOV2007_XACT_x64.cab
[2009.09.04 18:01:18 | 000,148,264 | ---- | C] () -- C:\Programme\NOV2007_XACT_x86.cab
[2009.09.04 18:01:18 | 000,046,144 | ---- | C] () -- C:\Programme\NOV2007_X3DAudio_x64.cab
[2009.09.04 18:01:18 | 000,018,496 | ---- | C] () -- C:\Programme\NOV2007_X3DAudio_x86.cab
[2009.09.04 18:01:14 | 001,973,702 | ---- | C] () -- C:\Programme\Mar2009_d3dx9_41_x64.cab
[2009.09.04 18:01:14 | 001,612,446 | ---- | C] () -- C:\Programme\Mar2009_d3dx9_41_x86.cab
[2009.09.04 18:01:14 | 001,067,160 | ---- | C] () -- C:\Programme\Mar2009_d3dx10_41_x64.cab
[2009.09.04 18:01:14 | 001,040,737 | ---- | C] () -- C:\Programme\Mar2009_d3dx10_41_x86.cab
[2009.09.04 18:01:14 | 000,864,600 | ---- | C] () -- C:\Programme\Nov2007_d3dx10_36_x64.cab
[2009.09.04 18:01:14 | 000,275,036 | ---- | C] () -- C:\Programme\Mar2009_XAudio_x64.cab
[2009.09.04 18:01:14 | 000,273,010 | ---- | C] () -- C:\Programme\Mar2009_XAudio_x86.cab
[2009.09.04 18:01:14 | 000,251,186 | ---- | C] () -- C:\Programme\Mar2008_XAudio_x64.cab
[2009.09.04 18:01:14 | 000,226,242 | ---- | C] () -- C:\Programme\Mar2008_XAudio_x86.cab
[2009.09.04 18:01:14 | 000,122,336 | ---- | C] () -- C:\Programme\Mar2008_XACT_x64.cab
[2009.09.04 18:01:14 | 000,121,506 | ---- | C] () -- C:\Programme\Mar2009_XACT_x64.cab
[2009.09.04 18:01:14 | 000,093,726 | ---- | C] () -- C:\Programme\Mar2008_XACT_x86.cab
[2009.09.04 18:01:14 | 000,092,732 | ---- | C] () -- C:\Programme\Mar2009_XACT_x86.cab
[2009.09.04 18:01:14 | 000,054,600 | ---- | C] () -- C:\Programme\Mar2009_X3DAudio_x64.cab
[2009.09.04 18:01:14 | 000,021,867 | ---- | C] () -- C:\Programme\Mar2008_X3DAudio_x86.cab
[2009.09.04 18:01:14 | 000,021,298 | ---- | C] () -- C:\Programme\Mar2009_X3DAudio_x86.cab
[2009.09.04 18:01:12 | 001,769,862 | ---- | C] () -- C:\Programme\Mar2008_d3dx9_37_x64.cab
[2009.09.04 18:01:12 | 001,443,274 | ---- | C] () -- C:\Programme\Mar2008_d3dx9_37_x86.cab
[2009.09.04 18:01:12 | 000,844,884 | ---- | C] () -- C:\Programme\Mar2008_d3dx10_37_x64.cab
[2009.09.04 18:01:12 | 000,818,260 | ---- | C] () -- C:\Programme\Mar2008_d3dx10_37_x86.cab
[2009.09.04 18:01:12 | 000,269,620 | ---- | C] () -- C:\Programme\JUN2008_XAudio_x64.cab
[2009.09.04 18:01:12 | 000,269,016 | ---- | C] () -- C:\Programme\JUN2008_XAudio_x86.cab
[2009.09.04 18:01:12 | 000,121,054 | ---- | C] () -- C:\Programme\JUN2008_XACT_x64.cab
[2009.09.04 18:01:12 | 000,093,128 | ---- | C] () -- C:\Programme\JUN2008_XACT_x86.cab
[2009.09.04 18:01:12 | 000,055,050 | ---- | C] () -- C:\Programme\Mar2008_X3DAudio_x64.cab
[2009.09.04 18:01:12 | 000,021,905 | ---- | C] () -- C:\Programme\JUN2008_X3DAudio_x86.cab
[2009.09.04 18:01:10 | 001,792,600 | ---- | C] () -- C:\Programme\JUN2008_d3dx9_38_x64.cab
[2009.09.04 18:01:10 | 001,607,766 | ---- | C] () -- C:\Programme\JUN2007_d3dx9_34_x64.cab
[2009.09.04 18:01:10 | 001,607,278 | ---- | C] () -- C:\Programme\JUN2007_d3dx9_34_x86.cab
[2009.09.04 18:01:10 | 001,463,878 | ---- | C] () -- C:\Programme\JUN2008_d3dx9_38_x86.cab
[2009.09.04 18:01:10 | 001,362,796 | ---- | C] () -- C:\Programme\Feb2006_d3dx9_29_x64.cab
[2009.09.04 18:01:10 | 001,336,002 | ---- | C] () -- C:\Programme\Jun2005_d3dx9_26_x64.cab
[2009.09.04 18:01:10 | 001,064,925 | ---- | C] () -- C:\Programme\Jun2005_d3dx9_26_x86.cab
[2009.09.04 18:01:10 | 000,867,828 | ---- | C] () -- C:\Programme\JUN2008_d3dx10_38_x64.cab
[2009.09.04 18:01:10 | 000,849,919 | ---- | C] () -- C:\Programme\JUN2008_d3dx10_38_x86.cab
[2009.09.04 18:01:10 | 000,699,044 | ---- | C] () -- C:\Programme\JUN2007_d3dx10_34_x64.cab
[2009.09.04 18:01:10 | 000,698,464 | ---- | C] () -- C:\Programme\JUN2007_d3dx10_34_x86.cab
[2009.09.04 18:01:10 | 000,197,114 | ---- | C] () -- C:\Programme\JUN2007_XACT_x64.cab
[2009.09.04 18:01:10 | 000,178,359 | ---- | C] () -- C:\Programme\Feb2006_XACT_x64.cab
[2009.09.04 18:01:10 | 000,152,901 | ---- | C] () -- C:\Programme\JUN2007_XACT_x86.cab
[2009.09.04 18:01:10 | 000,055,154 | ---- | C] () -- C:\Programme\JUN2008_X3DAudio_x64.cab
[2009.09.04 18:01:08 | 013,264,168 | ---- | C] () -- C:\Programme\dxnt.cab
[2009.09.04 18:01:08 | 001,247,499 | ---- | C] () -- C:\Programme\Feb2005_d3dx9_24_x64.cab
[2009.09.04 18:01:08 | 001,084,712 | ---- | C] () -- C:\Programme\Feb2006_d3dx9_29_x86.cab
[2009.09.04 18:01:08 | 001,013,225 | ---- | C] () -- C:\Programme\Feb2005_d3dx9_24_x86.cab
[2009.09.04 18:01:08 | 000,194,667 | ---- | C] () -- C:\Programme\FEB2007_XACT_x64.cab
[2009.09.04 18:01:08 | 000,180,777 | ---- | C] () -- C:\Programme\JUN2006_XACT_x64.cab
[2009.09.04 18:01:08 | 000,147,983 | ---- | C] () -- C:\Programme\FEB2007_XACT_x86.cab
[2009.09.04 18:01:08 | 000,133,663 | ---- | C] () -- C:\Programme\JUN2006_XACT_x86.cab
[2009.09.04 18:01:08 | 000,132,409 | ---- | C] () -- C:\Programme\Feb2006_XACT_x86.cab
[2009.09.04 18:01:08 | 000,095,637 | ---- | C] () -- C:\Programme\dxupdate.cab
[2009.09.04 18:01:08 | 000,044,440 | ---- | C] () -- C:\Programme\dxdllreg_x86.cab
[2009.09.04 18:01:06 | 000,145,591 | ---- | C] () -- C:\Programme\DEC2006_XACT_x86.cab
[2009.09.04 18:01:04 | 003,319,732 | ---- | C] () -- C:\Programme\Aug2009_d3dcsx_42_x86.cab
[2009.09.04 18:01:04 | 003,112,103 | ---- | C] () -- C:\Programme\Aug2009_d3dcsx_42_x64.cab
[2009.09.04 18:01:04 | 001,574,376 | ---- | C] () -- C:\Programme\DEC2006_d3dx9_32_x86.cab
[2009.09.04 18:01:04 | 001,571,154 | ---- | C] () -- C:\Programme\DEC2006_d3dx9_32_x64.cab
[2009.09.04 18:01:04 | 001,357,968 | ---- | C] () -- C:\Programme\Dec2005_d3dx9_28_x64.cab
[2009.09.04 18:01:04 | 001,155,483 | ---- | C] () -- C:\Programme\BDANT.cab
[2009.09.04 18:01:04 | 001,079,448 | ---- | C] () -- C:\Programme\Dec2005_d3dx9_28_x86.cab
[2009.09.04 18:01:04 | 000,975,148 | ---- | C] () -- C:\Programme\BDAXP.cab
[2009.09.04 18:01:04 | 000,930,108 | ---- | C] () -- C:\Programme\Aug2009_d3dx9_42_x64.cab
[2009.09.04 18:01:04 | 000,919,036 | ---- | C] () -- C:\Programme\Aug2009_D3DCompiler_42_x64.cab
[2009.09.04 18:01:04 | 000,900,598 | ---- | C] () -- C:\Programme\Aug2009_D3DCompiler_42_x86.cab
[2009.09.04 18:01:04 | 000,728,456 | ---- | C] () -- C:\Programme\Aug2009_d3dx9_42_x86.cab
[2009.09.04 18:01:04 | 000,273,264 | ---- | C] () -- C:\Programme\Aug2009_XAudio_x64.cab
[2009.09.04 18:01:04 | 000,272,634 | ---- | C] () -- C:\Programme\Aug2009_XAudio_x86.cab
[2009.09.04 18:01:04 | 000,271,404 | ---- | C] () -- C:\Programme\Aug2008_XAudio_x64.cab
[2009.09.04 18:01:04 | 000,271,038 | ---- | C] () -- C:\Programme\Aug2008_XAudio_x86.cab
[2009.09.04 18:01:04 | 000,232,635 | ---- | C] () -- C:\Programme\Aug2009_d3dx10_42_x64.cab
[2009.09.04 18:01:04 | 000,212,799 | ---- | C] () -- C:\Programme\DEC2006_d3dx10_00_x64.cab
[2009.09.04 18:01:04 | 000,192,467 | ---- | C] () -- C:\Programme\DEC2006_XACT_x64.cab
[2009.09.04 18:01:04 | 000,192,131 | ---- | C] () -- C:\Programme\Aug2009_d3dx10_42_x86.cab
[2009.09.04 18:01:04 | 000,191,712 | ---- | C] () -- C:\Programme\DEC2006_d3dx10_00_x86.cab
[2009.09.04 18:01:04 | 000,136,301 | ---- | C] () -- C:\Programme\Aug2009_d3dx11_42_x64.cab
[2009.09.04 18:01:04 | 000,122,408 | ---- | C] () -- C:\Programme\Aug2009_XACT_x64.cab
[2009.09.04 18:01:04 | 000,121,764 | ---- | C] () -- C:\Programme\Aug2008_XACT_x64.cab
[2009.09.04 18:01:04 | 000,105,036 | ---- | C] () -- C:\Programme\Aug2009_d3dx11_42_x86.cab
[2009.09.04 18:01:04 | 000,093,098 | ---- | C] () -- C:\Programme\Aug2009_XACT_x86.cab
[2009.09.04 18:01:04 | 000,092,996 | ---- | C] () -- C:\Programme\Aug2008_XACT_x86.cab
[2009.09.04 18:01:02 | 001,464,664 | ---- | C] () -- C:\Programme\Aug2008_d3dx9_39_x86.cab
[2009.09.04 18:01:00 | 001,800,152 | ---- | C] () -- C:\Programme\AUG2007_d3dx9_35_x64.cab
[2009.09.04 18:01:00 | 001,794,076 | ---- | C] () -- C:\Programme\Aug2008_d3dx9_39_x64.cab
[2009.09.04 18:01:00 | 001,708,144 | ---- | C] () -- C:\Programme\AUG2007_d3dx9_35_x86.cab
[2009.09.04 18:01:00 | 001,350,534 | ---- | C] () -- C:\Programme\Aug2005_d3dx9_27_x64.cab
[2009.09.04 18:01:00 | 001,077,644 | ---- | C] () -- C:\Programme\Aug2005_d3dx9_27_x86.cab
[2009.09.04 18:01:00 | 000,867,604 | ---- | C] () -- C:\Programme\Aug2008_d3dx10_39_x64.cab
[2009.09.04 18:01:00 | 000,852,286 | ---- | C] () -- C:\Programme\AUG2007_d3dx10_35_x64.cab
[2009.09.04 18:01:00 | 000,849,167 | ---- | C] () -- C:\Programme\Aug2008_d3dx10_39_x86.cab
[2009.09.04 18:01:00 | 000,796,859 | ---- | C] () -- C:\Programme\AUG2007_d3dx10_35_x86.cab
[2009.09.04 18:01:00 | 000,198,088 | ---- | C] () -- C:\Programme\AUG2007_XACT_x64.cab
[2009.09.04 18:01:00 | 000,182,903 | ---- | C] () -- C:\Programme\AUG2006_XACT_x64.cab
[2009.09.04 18:01:00 | 000,153,004 | ---- | C] () -- C:\Programme\AUG2007_XACT_x86.cab
[2009.09.04 18:01:00 | 000,137,235 | ---- | C] () -- C:\Programme\AUG2006_XACT_x86.cab
[2009.09.04 18:01:00 | 000,096,817 | ---- | C] () -- C:\Programme\APR2007_xinput_x64.cab
[2009.09.04 18:01:00 | 000,087,142 | ---- | C] () -- C:\Programme\AUG2006_xinput_x64.cab
[2009.09.04 18:01:00 | 000,053,294 | ---- | C] () -- C:\Programme\APR2007_xinput_x86.cab
[2009.09.04 18:01:00 | 000,046,058 | ---- | C] () -- C:\Programme\AUG2006_xinput_x86.cab
[2009.09.04 18:00:58 | 004,162,630 | ---- | C] () -- C:\Programme\Apr2006_MDX1_x86_Archive.cab
[2009.09.04 18:00:58 | 001,607,358 | ---- | C] () -- C:\Programme\APR2007_d3dx9_33_x64.cab
[2009.09.04 18:00:58 | 001,606,031 | ---- | C] () -- C:\Programme\APR2007_d3dx9_33_x86.cab
[2009.09.04 18:00:58 | 000,916,430 | ---- | C] () -- C:\Programme\Apr2006_MDX1_x86.cab
[2009.09.04 18:00:58 | 000,698,612 | ---- | C] () -- C:\Programme\APR2007_d3dx10_33_x64.cab
[2009.09.04 18:00:58 | 000,695,857 | ---- | C] () -- C:\Programme\APR2007_d3dx10_33_x86.cab
[2009.09.04 18:00:58 | 000,195,758 | ---- | C] () -- C:\Programme\APR2007_XACT_x64.cab
[2009.09.04 18:00:58 | 000,179,125 | ---- | C] () -- C:\Programme\Apr2006_XACT_x64.cab
[2009.09.04 18:00:58 | 000,151,225 | ---- | C] () -- C:\Programme\APR2007_XACT_x86.cab
[2009.09.04 18:00:58 | 000,133,095 | ---- | C] () -- C:\Programme\Apr2006_XACT_x86.cab
[2009.09.04 18:00:58 | 000,087,101 | ---- | C] () -- C:\Programme\Apr2006_xinput_x64.cab
[2009.09.04 18:00:58 | 000,046,002 | ---- | C] () -- C:\Programme\Apr2006_xinput_x86.cab
[2009.09.04 18:00:56 | 001,397,822 | ---- | C] () -- C:\Programme\Apr2006_d3dx9_30_x64.cab
[2009.09.04 18:00:56 | 001,347,354 | ---- | C] () -- C:\Programme\Apr2005_d3dx9_25_x64.cab
[2009.09.04 18:00:56 | 001,115,221 | ---- | C] () -- C:\Programme\Apr2006_d3dx9_30_x86.cab
[2009.09.04 18:00:56 | 001,078,954 | ---- | C] () -- C:\Programme\Apr2005_d3dx9_25_x86.cab
[2009.04.15 19:57:44 | 000,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2009.04.10 13:12:39 | 000,000,000 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\LauncherAccess.dt
[2009.04.10 13:08:00 | 000,007,168 | ---- | C] () -- C:\WINDOWS\System32\drivers\StarOpen.sys
[2008.12.23 11:52:05 | 000,000,038 | ---- | C] () -- C:\WINDOWS\AviSplitter.INI
[2008.12.19 16:15:58 | 004,338,246 | ---- | C] () -- C:\WINDOWS\System32\libavcodec.dll
[2008.12.17 18:41:18 | 000,884,237 | ---- | C] () -- C:\WINDOWS\System32\ff_x264.dll
[2008.12.17 18:22:58 | 000,093,184 | ---- | C] () -- C:\WINDOWS\System32\ff_wmv9.dll
[2008.12.17 18:22:48 | 000,057,344 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2008.12.17 18:17:34 | 000,239,247 | ---- | C] () -- C:\WINDOWS\System32\ff_theora.dll
[2008.12.17 17:59:54 | 000,560,802 | ---- | C] () -- C:\WINDOWS\System32\libmplayer.dll
[2008.12.10 20:09:03 | 000,000,512 | ---- | C] () -- C:\Dokumente und Einstellungen\Mustermann\Anwendungsdaten\TheLastRipper.xml
[2008.06.05 05:49:17 | 000,004,591 | ---- | C] () -- C:\Dokumente und Einstellungen\Mustermann\Anwendungsdaten\NMM-MetaData.db
[2008.05.06 17:07:01 | 000,000,073 | ---- | C] () -- C:\WINDOWS\ben5.ini
[2008.05.05 20:30:33 | 000,120,200 | ---- | C] () -- C:\WINDOWS\System32\DLLDEV32i.dll
[2008.05.05 20:30:03 | 000,007,119 | ---- | C] () -- C:\WINDOWS\mgxoschk.ini
[2008.04.14 19:35:30 | 000,001,025 | ---- | C] () -- C:\WINDOWS\System32\sysprs7.dll
[2008.04.14 19:35:30 | 000,001,025 | ---- | C] () -- C:\WINDOWS\System32\clauth2.dll
[2008.04.14 19:35:30 | 000,001,025 | ---- | C] () -- C:\WINDOWS\System32\clauth1.dll
[2008.04.14 19:35:30 | 000,000,205 | ---- | C] () -- C:\WINDOWS\System32\lsprst7.dll
[2008.04.14 19:35:30 | 000,000,073 | ---- | C] () -- C:\WINDOWS\System32\ssprs.dll
[2008.03.24 12:08:46 | 000,000,022 | ---- | C] () -- C:\WINDOWS\lmps.INI
[2008.02.16 16:42:45 | 000,000,570 | ---- | C] () -- C:\Dokumente und Einstellungen\Mustermann\Anwendungsdaten\AutoGK.ini
[2008.01.27 17:36:26 | 000,000,071 | ---- | C] () -- C:\WINDOWS\benEdu2.ini
[2007.11.28 20:13:43 | 000,033,649 | ---- | C] () -- C:\Dokumente und Einstellungen\Mustermann\Anwendungsdaten\mdb.bin
[2007.11.25 10:56:30 | 000,034,514 | ---- | C] () -- C:\Dokumente und Einstellungen\Mustermann\Anwendungsdaten\wklnhst.dat
[2007.11.13 17:16:03 | 000,000,305 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\addr_file.html
[2007.11.13 17:01:37 | 000,004,585 | ---- | C] () -- C:\WINDOWS\hpdj5100.ini
[2007.11.13 16:47:27 | 000,000,002 | ---- | C] () -- C:\WINDOWS\msoffice.ini
[2007.11.13 14:24:39 | 000,079,360 | ---- | C] () -- C:\Dokumente und Einstellungen\Mustermann\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2007.11.13 14:24:39 | 000,000,144 | ---- | C] () -- C:\Dokumente und Einstellungen\Mustermann\Lokale Einstellungen\Anwendungsdaten\fusioncache.dat
[2005.12.07 10:31:00 | 000,202,752 | R--- | C] () -- C:\WINDOWS\System32\CddbCdda.dll
[2004.10.27 20:14:14 | 000,000,000 | ---- | C] () -- C:\WINDOWS\muveeapp.INI
[2004.10.18 00:12:17 | 000,000,134 | ---- | C] () -- C:\WINDOWS\WISO.INI
[2004.10.17 23:32:19 | 000,000,400 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2004.10.17 18:30:59 | 000,005,224 | -HS- | C] () -- C:\WINDOWS\System32\KGyGaAvL.sys
[2004.10.17 18:30:59 | 000,000,008 | RHS- | C] () -- C:\WINDOWS\System32\32828BBAAC.sys
[2004.10.17 17:02:06 | 000,013,299 | ---- | C] () -- C:\WINDOWS\System32\drivers\packet.sys
[2004.10.17 17:02:06 | 000,011,604 | ---- | C] () -- C:\WINDOWS\System32\drivers\vbtenum.sys
[2004.10.13 11:33:31 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2004.10.12 11:46:57 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\GetOSVer.dll
[2004.10.12 11:39:19 | 000,363,520 | ---- | C] () -- C:\WINDOWS\System32\PsisDecd.dll
[2004.10.12 10:22:46 | 000,000,429 | ---- | C] () -- C:\WINDOWS\cdplayer.ini
[2004.10.12 07:02:59 | 000,000,047 | ---- | C] () -- C:\WINDOWS\InoSetup.ini
[2004.10.12 06:44:14 | 000,049,152 | ---- | C] () -- C:\WINDOWS\CNYUSB.dll
[2004.10.12 06:44:14 | 000,024,576 | ---- | C] () -- C:\WINDOWS\HKCYDLL.dll
[2004.10.12 06:44:14 | 000,000,360 | ---- | C] () -- C:\WINDOWS\CNYHKey.ini
[2004.10.12 06:44:13 | 000,532,544 | ---- | C] () -- C:\WINDOWS\PIC.dll
[2004.10.12 06:44:13 | 000,011,776 | ---- | C] () -- C:\WINDOWS\HIDMNT.dll
[2004.10.12 06:43:20 | 000,073,728 | ---- | C] () -- C:\WINDOWS\System32\Install2500USB.dll
[2004.10.12 06:43:20 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\DEDriverDLL.dll
[2004.10.12 06:41:32 | 000,000,269 | ---- | C] () -- C:\WINDOWS\Dit.INI
[2004.10.12 06:30:55 | 000,003,776 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini
[2004.10.12 04:46:14 | 000,000,970 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini
[2004.10.11 20:51:38 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2004.10.11 20:03:15 | 000,000,892 | ---- | C] () -- C:\WINDOWS\orun32.ini
[2004.10.10 21:39:47 | 000,028,672 | ---- | C] () -- C:\WINDOWS\System32\cmirmdrv.dll
[2004.10.03 18:50:54 | 000,129,024 | ---- | C] () -- C:\WINDOWS\System32\ff_mpeg2enc.dll
[2004.10.01 15:35:45 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\34CoInstaller.dll
[2004.09.28 22:54:30 | 003,375,104 | ---- | C] () -- C:\WINDOWS\System32\qt-mt331.dll
========== Alternate Data Streams ==========
@Alternate Data Stream - 88 bytes -> C:\WINDOWS\explorer.exe: SummaryInformation
@Alternate Data Stream - 115 bytes -> C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TEMP:FB1B13D8
< End of report >
--- --- --- |
