| Schwubbel | 29.12.2010 17:41 |
Hier ist das Ergebnis von OTL.txt:OTL Logfile: Code:
OTL logfile created on: 29.12.2010 17:15:25 - Run 1
OTL by OldTimer - Version 3.2.18.1 Folder = C:\Users\xxx\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18999)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 52,00% Memory free
6,00 Gb Paging File | 5,00 Gb Available in Paging File | 74,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 111,88 Gb Total Space | 61,49 Gb Free Space | 54,96% Space Free | Partition Type: NTFS
Drive D: | 111,00 Gb Total Space | 102,22 Gb Free Space | 92,09% Space Free | Partition Type: NTFS
Drive F: | 614,91 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: UDF
Drive G: | 1396,61 Gb Total Space | 1267,48 Gb Free Space | 90,75% Space Free | Partition Type: NTFS
Drive H: | 3,73 Gb Total Space | 3,32 Gb Free Space | 89,19% Space Free | Partition Type: FAT32
Drive I: | 504,97 Mb Total Space | 254,88 Mb Free Space | 50,47% Space Free | Partition Type: FAT
Computer Name: HEIM-PC | User Name: xxx | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2010.12.29 16:45:08 | 000,601,600 | ---- | M] (OldTimer Tools) -- C:\Users\xxx\Desktop\OTL.exe
PRC - [2010.11.10 16:20:54 | 000,365,336 | ---- | M] (Kaspersky Lab ZAO) -- C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe
PRC - [2010.05.28 14:45:20 | 002,480,048 | ---- | M] (Acronis) -- C:\Programme\Common Files\Acronis\CDP\afcdpsrv.exe
PRC - [2010.03.15 09:46:54 | 000,202,256 | ---- | M] (RealNetworks, Inc.) -- C:\Programme\Common Files\Real\Update_OB\realsched.exe
PRC - [2009.11.13 11:29:40 | 002,057,536 | ---- | M] (WDC) -- C:\Programme\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe
PRC - [2009.11.13 11:28:04 | 000,110,592 | ---- | M] (WDC) -- C:\Programme\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe
PRC - [2009.11.12 13:48:56 | 000,071,096 | ---- | M] () -- C:\Programme\CDBurnerXP\NMSAccessU.exe
PRC - [2009.10.31 04:48:42 | 000,362,032 | ---- | M] (Acronis) -- C:\Programme\Common Files\Acronis\Schedule2\schedhlp.exe
PRC - [2009.10.31 04:48:40 | 000,661,072 | ---- | M] (Acronis) -- C:\Programme\Common Files\Acronis\Schedule2\schedul2.exe
PRC - [2009.10.31 04:48:08 | 005,140,952 | ---- | M] (Acronis) -- C:\Programme\Acronis\TrueImageHome\TrueImageMonitor.exe
PRC - [2009.08.18 10:29:22 | 001,529,728 | ---- | M] (Microsoft Corporation) -- C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
PRC - [2009.08.18 10:29:22 | 000,183,152 | ---- | M] (Microsoft Corporation) -- C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
PRC - [2009.07.15 13:43:46 | 000,109,168 | ---- | M] (Portrait Displays, Inc.) -- C:\Programme\Common Files\Portrait Displays\Drivers\pdisrvc.exe
PRC - [2009.06.16 08:58:08 | 000,020,480 | ---- | M] (Memeo) -- C:\Programme\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe
PRC - [2009.05.27 02:27:04 | 029,262,680 | ---- | M] (Microsoft Corporation) -- C:\Programme\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe
PRC - [2009.05.26 20:16:31 | 001,468,296 | ---- | M] (Microsoft Corporation) -- C:\Programme\Microsoft IntelliPoint\ipoint.exe
PRC - [2009.05.21 19:25:15 | 001,501,064 | ---- | M] (Microsoft Corporation) -- C:\Programme\Microsoft IntelliType Pro\itype.exe
PRC - [2009.05.19 10:36:18 | 000,240,512 | ---- | M] (Microsoft Corporation) -- C:\Programme\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
PRC - [2009.04.11 07:28:15 | 000,244,224 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wisptis.exe
PRC - [2009.04.11 07:28:06 | 000,304,128 | ---- | M] (Microsoft Corporation) -- C:\Programme\Common Files\microsoft shared\ink\TabTip.exe
PRC - [2009.04.11 07:28:03 | 001,233,920 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Sidebar\sidebar.exe
PRC - [2009.04.11 07:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2009.04.11 07:27:28 | 000,069,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conime.exe
PRC - [2008.11.24 22:31:12 | 000,087,904 | ---- | M] (Microsoft Corporation) -- C:\Programme\Microsoft SQL Server\90\Shared\sqlwriter.exe
PRC - [2008.11.24 22:31:08 | 000,239,968 | ---- | M] (Microsoft Corporation) -- C:\Programme\Microsoft SQL Server\90\Shared\sqlbrowser.exe
PRC - [2008.07.22 21:44:06 | 000,357,376 | ---- | M] (shbox.de) -- C:\Programme\FreePDF_XP\fpassist.exe
PRC - [2008.06.06 11:42:10 | 000,324,096 | ---- | M] (Portrait Displays, Inc) -- C:\Programme\Acer Display\eDisplay Management\dthtml.exe
PRC - [2008.06.06 11:40:00 | 000,069,632 | ---- | M] () -- C:\Programme\Common Files\Portrait Displays\Shared\DTSRVC.exe
PRC - [2008.06.06 11:39:52 | 000,114,688 | ---- | M] (Portrait Displays Inc.) -- C:\Programme\Common Files\Portrait Displays\Shared\HookManager.exe
PRC - [2008.05.23 06:11:56 | 000,819,200 | ---- | M] (Intel(R) Corporation) -- C:\Programme\Intel\WiFi\bin\EvtEng.exe
PRC - [2008.05.23 05:43:52 | 000,466,944 | ---- | M] (Intel(R) Corporation) -- C:\Programme\Common Files\Intel\WirelessCommon\RegSrvc.exe
PRC - [2008.05.22 09:33:54 | 000,688,128 | ---- | M] (SAMSUNG Electronics) -- C:\Programme\Samsung\Easy Display Manager\dmhkcore.exe
PRC - [2008.04.25 13:31:34 | 000,565,248 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Programme\Samsung\EasySpeedUpManager\EasySpeedUpManager.exe
PRC - [2008.04.17 07:26:46 | 000,352,256 | ---- | M] (SAMSUNG Electronics co., LTD.) -- C:\Programme\Samsung\EBM\EasyBatteryMgr3.exe
PRC - [2008.04.17 03:50:00 | 006,111,232 | ---- | M] (Realtek Semiconductor) -- C:\Windows\RtHDVCpl.exe
PRC - [2008.04.03 09:45:36 | 000,151,552 | ---- | M] (CyberLink Corp.) -- C:\Programme\CyberLink\PCM4Everio\EverioService.exe
PRC - [2008.01.21 03:25:33 | 000,896,512 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Media Player\wmpnetwk.exe
PRC - [2008.01.21 03:25:33 | 000,202,240 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Media Player\wmpnscfg.exe
PRC - [2008.01.21 03:25:32 | 000,198,656 | ---- | M] (Microsoft Corporation) -- C:\Programme\Common Files\microsoft shared\ink\InputPersonalization.exe
PRC - [2008.01.21 03:23:32 | 001,008,184 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Defender\MSASCui.exe
PRC - [2008.01.16 09:51:44 | 000,030,312 | ---- | M] (Microsoft Corporation) -- C:\Programme\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe
PRC - [2007.07.04 23:41:42 | 000,045,056 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Programme\Samsung\Samsung Magic Doctor\MagicDoctorKbdHk.exe
PRC - [2007.04.12 14:21:16 | 000,033,280 | R--- | M] () -- C:\Programme\Prolific\PL2571 One Button\OneBtn.exe
PRC - [2007.02.09 12:17:30 | 000,694,008 | ---- | M] () -- C:\Programme\Portrait Displays\Pivot Software\Floater.exe
PRC - [2007.02.09 12:17:26 | 000,694,008 | ---- | M] () -- C:\Programme\Portrait Displays\Pivot Software\wpCtrl.exe
PRC - [2006.10.11 11:45:12 | 000,075,304 | ---- | M] (ScanSoft, Inc.) -- C:\Programme\ScanSoft\OmniPageSE4.0\OpWareSE4.exe
PRC - [2005.02.16 15:15:20 | 000,081,920 | ---- | M] (InstallShield Software Corporation) -- C:\Programme\Common Files\InstallShield\UpdateService\issch.exe
========== Modules (SafeList) ==========
MOD - [2010.12.29 16:45:08 | 000,601,600 | ---- | M] (OldTimer Tools) -- C:\Users\xxx\Desktop\OTL.exe
MOD - [2010.08.31 16:43:52 | 001,686,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll
MOD - [2009.04.11 07:28:24 | 000,380,416 | ---- | M] (Microsoft Corporation) -- C:\Programme\Common Files\microsoft shared\ink\tiptsf.dll
========== Win32 Services (SafeList) ==========
SRV - [2010.11.10 16:20:54 | 000,365,336 | ---- | M] (Kaspersky Lab ZAO) [Auto | Running] -- C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe -- (AVP)
SRV - [2010.05.28 14:45:20 | 002,480,048 | ---- | M] (Acronis) [Auto | Running] -- C:\Programme\Common Files\Acronis\CDP\afcdpsrv.exe -- (afcdpsrv)
SRV - [2010.03.18 12:16:28 | 000,753,504 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe -- (WPFFontCache_v0400)
SRV - [2010.03.18 12:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009.11.13 11:28:04 | 000,110,592 | ---- | M] (WDC) [Auto | Running] -- C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe -- (WDDMService)
SRV - [2009.11.12 13:48:56 | 000,071,096 | ---- | M] () [Auto | Running] -- C:\Programme\CDBurnerXP\NMSAccessU.exe -- (NMSAccessU)
SRV - [2009.10.31 04:48:40 | 000,661,072 | ---- | M] (Acronis) [Auto | Running] -- C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe -- (AcrSch2Svc)
SRV - [2009.09.25 02:27:04 | 000,793,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\FntCache.dll -- (FontCache)
SRV - [2009.07.15 13:43:46 | 000,109,168 | ---- | M] (Portrait Displays, Inc.) [Auto | Running] -- C:\Programme\Common Files\Portrait Displays\Drivers\pdisrvc.exe -- (PdiService)
SRV - [2009.06.16 08:58:08 | 000,020,480 | ---- | M] (Memeo) [Auto | Running] -- C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe -- (WDSmartWareBackgroundService)
SRV - [2009.05.19 10:36:18 | 000,240,512 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe -- (SeaPort)
SRV - [2008.06.06 11:40:00 | 000,069,632 | ---- | M] () [Auto | Running] -- C:\Programme\Common Files\Portrait Displays\Shared\DTSRVC.exe -- (DTSRVC)
SRV - [2008.05.23 06:11:56 | 000,819,200 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Programme\Intel\WiFi\bin\EvtEng.exe -- (EvtEng)
SRV - [2008.05.23 05:43:52 | 000,466,944 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Programme\Common Files\Intel\WirelessCommon\RegSrvc.exe -- (RegSrvc)
SRV - [2008.01.21 03:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2008.01.16 09:51:44 | 000,030,312 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe -- (BcmSqlStartupSvc)
========== Driver Services (SafeList) ==========
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\ivusb.sys -- (ivusb)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\ipinip.sys -- (IpInIp)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Users\xxx\AppData\Local\Temp\__Samsung_Update\ADDMEM.SYS -- (ADDMEM)
DRV - [2010.10.01 10:37:42 | 000,488,536 | ---- | M] (Kaspersky Lab) [File_System | System | Running] -- C:\Windows\System32\drivers\klif.sys -- (KLIF)
DRV - [2010.06.09 16:43:52 | 000,011,352 | ---- | M] (Kaspersky Lab ZAO) [Kernel | System | Running] -- C:\Windows\System32\drivers\kl2.sys -- (kl2)
DRV - [2010.06.09 16:43:50 | 000,132,184 | ---- | M] (Kaspersky Lab ZAO) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\kl1.sys -- (kl1)
DRV - [2010.05.28 14:45:21 | 000,160,288 | ---- | M] (Acronis) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\afcdp.sys -- (afcdp)
DRV - [2010.05.28 14:45:15 | 000,911,680 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\tdrpm258.sys -- (tdrpman258) Acronis Try&Decide and Restore Points filter (build 258)
DRV - [2010.05.28 14:45:07 | 000,581,984 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\timntr.sys -- (timounter)
DRV - [2010.05.28 14:44:47 | 000,158,272 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\snapman.sys -- (snapman)
DRV - [2010.04.22 18:07:34 | 000,022,104 | ---- | M] (Kaspersky Lab ZAO) [Kernel | System | Running] -- C:\Windows\System32\drivers\klim6.sys -- (KLIM6)
DRV - [2009.12.17 16:02:20 | 001,203,712 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\athr.sys -- (athr)
DRV - [2009.11.12 13:48:56 | 000,007,168 | ---- | M] () [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\StarOpen.sys -- (StarOpen)
DRV - [2009.11.02 19:27:16 | 000,019,984 | ---- | M] (Kaspersky Lab) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\klmouflt.sys -- (klmouflt)
DRV - [2009.07.15 13:43:32 | 000,017,136 | ---- | M] (Portrait Displays, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\PdiPorts.sys -- (PdiPorts)
DRV - [2009.06.26 21:55:12 | 000,066,080 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvhda32v.sys -- (NVHDA)
DRV - [2009.05.09 02:14:21 | 000,030,088 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\point32k.sys -- (Point32)
DRV - [2009.04.11 05:42:54 | 000,073,216 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\USBAUDIO.sys -- (usbaudio) USB-Audiotreiber (WDM)
DRV - [2009.02.13 11:02:52 | 000,011,520 | ---- | M] (Western Digital Technologies) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\wdcsam.sys -- (WDC_SAM)
DRV - [2009.01.29 16:15:54 | 000,023,680 | ---- | M] (Motorola) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\motmodem.sys -- (motmodem)
DRV - [2008.07.27 04:24:00 | 007,548,000 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2008.07.22 15:33:02 | 000,319,000 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\iaStor.sys -- (iaStor)
DRV - [2008.05.20 20:36:12 | 003,663,360 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\NETw5v32.sys -- (NETw5v32) Intel(R)
DRV - [2008.04.17 08:31:00 | 002,098,904 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\RTKVHDA.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2008.04.05 06:56:26 | 000,242,560 | ---- | M] (Vimicro Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\vmc302.sys -- (VMC302)
DRV - [2008.02.14 00:17:10 | 000,080,424 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\btwaudio.sys -- (btwaudio)
DRV - [2008.01.21 03:23:27 | 000,386,616 | ---- | M] (LSI Corporation, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\megasr.sys -- (MegaSR)
DRV - [2008.01.21 03:23:27 | 000,149,560 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu320.sys -- (adpu320)
DRV - [2008.01.21 03:23:27 | 000,031,288 | ---- | M] (LSI Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\megasas.sys -- (megasas)
DRV - [2008.01.21 03:23:26 | 000,101,432 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu160m.sys -- (adpu160m)
DRV - [2008.01.21 03:23:26 | 000,074,808 | ---- | M] (Silicon Integrated Systems) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sisraid4.sys -- (SiSRaid4)
DRV - [2008.01.21 03:23:26 | 000,040,504 | ---- | M] (Hewlett-Packard Company) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\hpcisss.sys -- (HpCISSs)
DRV - [2008.01.21 03:23:25 | 000,300,600 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpahci.sys -- (adpahci)
DRV - [2008.01.21 03:23:25 | 000,089,656 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_sas.sys -- (LSI_SAS)
DRV - [2008.01.21 03:23:24 | 001,122,360 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql2300.sys -- (ql2300)
DRV - [2008.01.21 03:23:24 | 000,118,784 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\E1G60I32.sys -- (E1G60) Intel(R)
DRV - [2008.01.21 03:23:24 | 000,079,928 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arcsas.sys -- (arcsas)
DRV - [2008.01.21 03:23:23 | 000,235,064 | ---- | M] (Intel Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iastorv.sys -- (iaStorV)
DRV - [2008.01.21 03:23:23 | 000,130,616 | ---- | M] (VIA Technologies Inc.,Ltd) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\vsmraid.sys -- (vsmraid)
DRV - [2008.01.21 03:23:23 | 000,115,816 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata2.sys -- (ulsata2)
DRV - [2008.01.21 03:23:23 | 000,096,312 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_scsi.sys -- (LSI_SCSI)
DRV - [2008.01.21 03:23:23 | 000,096,312 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_fc.sys -- (LSI_FC)
DRV - [2008.01.21 03:23:23 | 000,079,416 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arc.sys -- (arc)
DRV - [2008.01.21 03:23:22 | 000,342,584 | ---- | M] (Emulex) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\elxstor.sys -- (elxstor)
DRV - [2008.01.21 03:23:21 | 000,422,968 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adp94xx.sys -- (adp94xx)
DRV - [2008.01.21 03:23:21 | 000,102,968 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvraid.sys -- (nvraid)
DRV - [2008.01.21 03:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvstor.sys -- (nvstor)
DRV - [2008.01.21 03:23:20 | 002,225,664 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\NETw3v32.sys -- (NETw3v32) Intel(R)
DRV - [2008.01.21 03:23:20 | 000,238,648 | ---- | M] (ULi Electronics Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\uliahci.sys -- (uliahci)
DRV - [2008.01.21 03:23:00 | 000,020,024 | ---- | M] (VIA Technologies, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\viaide.sys -- (viaide)
DRV - [2008.01.21 03:23:00 | 000,019,000 | ---- | M] (CMD Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\cmdide.sys -- (cmdide)
DRV - [2008.01.21 03:23:00 | 000,017,464 | ---- | M] (Acer Laboratories Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\aliide.sys -- (aliide)
DRV - [2007.12.28 02:51:00 | 000,298,496 | ---- | M] (Marvell) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\yk60x86.sys -- (yukonwlh)
DRV - [2007.10.26 06:39:08 | 000,193,456 | ---- | M] (Synaptics, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\SynTP.sys -- (SynTP)
DRV - [2007.07.15 23:20:26 | 000,016,168 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\btwrchid.sys -- (btwrchid)
DRV - [2007.07.15 23:20:24 | 000,080,936 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\btwavdt.sys -- (btwavdt)
DRV - [2007.05.23 09:13:10 | 000,013,312 | ---- | M] (SAMSUNG ELECTRONICS CO., LTD.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\KMDFMEMIO.sys -- (KMDFMEMIO)
DRV - [2007.03.14 14:34:16 | 000,041,984 | ---- | M] (Samsung Electronics Co., Ltd.) [Kernel | Auto | Stopped] -- C:\Windows\System32\drivers\DGIVECP.SYS -- (DgiVecp)
DRV - [2007.03.14 14:34:16 | 000,005,120 | ---- | M] (Samsung Electronics) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\SSPORT.SYS -- (SSPORT)
DRV - [2006.11.28 08:11:00 | 001,161,888 | ---- | M] (Agere Systems) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\AGRSM.sys -- (AgereSoftModem)
DRV - [2006.11.02 10:50:35 | 000,106,088 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql40xx.sys -- (ql40xx)
DRV - [2006.11.02 10:50:35 | 000,098,408 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata.sys -- (UlSata)
DRV - [2006.11.02 10:50:19 | 000,045,160 | ---- | M] (IBM Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nfrd960.sys -- (nfrd960)
DRV - [2006.11.02 10:50:17 | 000,041,576 | ---- | M] (Intel Corp./ICP vortex GmbH) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iirsp.sys -- (iirsp)
DRV - [2006.11.02 10:50:11 | 000,071,272 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\djsvs.sys -- (aic78xx)
DRV - [2006.11.02 10:50:09 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteraid.sys -- (iteraid)
DRV - [2006.11.02 10:50:07 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteatapi.sys -- (iteatapi)
DRV - [2006.11.02 10:50:05 | 000,035,944 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\symc8xx.sys -- (Symc8xx)
DRV - [2006.11.02 10:50:03 | 000,034,920 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_u3.sys -- (Sym_u3)
DRV - [2006.11.02 10:49:59 | 000,033,384 | ---- | M] (LSI Logic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\mraid35x.sys -- (Mraid35x)
DRV - [2006.11.02 10:49:56 | 000,031,848 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_hi.sys -- (Sym_hi)
DRV - [2006.11.02 09:25:24 | 000,071,808 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserid.sys -- (Brserid) Brother MFC Serial Port Interface Driver (WDM)
DRV - [2006.11.02 09:24:47 | 000,011,904 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brusbser.sys -- (BrUsbSer)
DRV - [2006.11.02 09:24:46 | 000,005,248 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltup.sys -- (BrFiltUp)
DRV - [2006.11.02 09:24:45 | 000,013,568 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltlo.sys -- (BrFiltLo)
DRV - [2006.11.02 09:24:44 | 000,062,336 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserwdm.sys -- (BrSerWdm)
DRV - [2006.11.02 09:24:44 | 000,012,160 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brusbmdm.sys -- (BrUsbMdm)
DRV - [2006.11.02 08:36:50 | 000,020,608 | ---- | M] (N-trig Innovative Technologies) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ntrigdigi.sys -- (ntrigdigi)
DRV - [2006.11.02 08:30:53 | 000,045,056 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\bcm4sbxp.sys -- (bcm4sbxp)
DRV - [2006.10.19 03:10:57 | 001,380,864 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\igdkmd32.sys -- (ialm)
DRV - [2004.04.20 09:05:10 | 000,057,404 | ---- | M] (FTDI Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ftser2k.sys -- (FTSER2K)
DRV - [2004.04.20 09:04:56 | 000,024,209 | ---- | M] (FTDI Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ftdibus.sys -- (FTDIBUS)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http:\\SAMSUNG NOTEBOOK PC
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http:\\SAMSUNG NOTEBOOK PC
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = iGoogle
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.search.selectedEngine: "Ixquick HTTPS - Deutsch"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "hxxp://ixquick.com/deu/advanced-search.html"
FF - prefs.js..extensions.enabledItems: linkfilter@kaspersky.ru:11.0.2.556
FF - prefs.js..extensions.enabledItems: {e001c731-5e37-4538-a5cb-8168736a2360}:0.9.9.63
FF - prefs.js..extensions.enabledItems: {e0204bd5-9d31-402b-a99d-a6aa8ffebdca}:1.2.5
FF - prefs.js..extensions.enabledItems: {73a6fe31-595d-460b-a920-fcc0f8843232}:2.0.8.1
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: KavAntiBanner@Kaspersky.ru:11.0.2.556
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - HKLM\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn2 [2010.12.13 18:42:49 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010.12.11 10:02:27 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010.12.11 10:02:27 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Thunderbird 3.0.4\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2010.10.29 09:46:20 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Thunderbird 3.0.4\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins
FF - HKLM\software\mozilla\Thunderbird\Extensions\\{8C17574E-F5C5-41b8-8B36-333FC7E67980}: C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\THBExt_2_x [2010.10.16 14:10:38 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Thunderbird\Extensions\\{FD9B3EC6-8265-41fb-8A2F-4C5A22A95A7B}: C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\THBExt_3_1_x [2010.10.16 14:10:39 | 000,000,000 | ---D | M]
[2010.06.03 08:52:51 | 000,000,000 | ---D | M] (No name found) -- C:\Users\xxx\AppData\Roaming\mozilla\Extensions
[2010.06.03 08:52:51 | 000,000,000 | ---D | M] (No name found) -- C:\Users\xxx\AppData\Roaming\mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}
[2010.12.28 17:49:27 | 000,000,000 | ---D | M] (No name found) -- C:\Users\xxx\AppData\Roaming\mozilla\Firefox\Profiles\ahpwftci.default\extensions
[2010.05.01 09:20:14 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\xxx\AppData\Roaming\mozilla\Firefox\Profiles\ahpwftci.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010.12.15 10:04:36 | 000,000,000 | ---D | M] (NoScript) -- C:\Users\xxx\AppData\Roaming\mozilla\Firefox\Profiles\ahpwftci.default\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}
[2010.12.18 21:43:21 | 000,000,000 | ---D | M] ("BitDefender QuickScan") -- C:\Users\xxx\AppData\Roaming\mozilla\Firefox\Profiles\ahpwftci.default\extensions\{e001c731-5e37-4538-a5cb-8168736a2360}
[2010.05.23 21:30:22 | 000,000,000 | ---D | M] (Torbutton) -- C:\Users\xxx\AppData\Roaming\mozilla\Firefox\Profiles\ahpwftci.default\extensions\{e0204bd5-9d31-402b-a99d-a6aa8ffebdca}
[2008.12.11 10:01:22 | 000,000,000 | ---D | M] (No name found) -- C:\Users\xxx\AppData\Roaming\mozilla\Firefox\Profiles\ahpwftci.default\extensions\toolbar_extras@de.yahoo.com
[2010.12.28 17:49:37 | 000,001,617 | ---- | M] () -- C:\Users\xxx\AppData\Roaming\Mozilla\FireFox\Profiles\ahpwftci.default\searchplugins\ixquick-https---deutsch.xml
[2010.10.25 19:05:17 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
[2010.06.21 09:13:17 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010.10.25 19:05:17 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
[2010.10.16 14:14:11 | 000,000,000 | ---D | M] (Anti-Banner) -- C:\Programme\Mozilla Firefox\extensions\KavAntiBanner@Kaspersky.ru
[2010.10.16 14:14:04 | 000,000,000 | ---D | M] (Modul zur Link-Untersuchung) -- C:\Programme\Mozilla Firefox\extensions\linkfilter@kaspersky.ru
[2008.12.11 10:00:54 | 000,000,000 | ---D | M] (Yahoo! Deutschland Toolbar und Extras) -- C:\Programme\Mozilla Firefox\extensions\toolbar_extras@de.yahoo.com
[2008.12.28 12:32:01 | 000,000,000 | ---D | M] (Java Console) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}
[2009.03.30 11:27:27 | 000,000,000 | ---D | M] (Java Console) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}
[2009.08.05 09:43:37 | 000,000,000 | ---D | M] (Java Console) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}
[2009.12.02 20:54:26 | 000,000,000 | ---D | M] (Java Console) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}
[2010.03.31 14:15:56 | 000,000,000 | ---D | M] (Java Console) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA}
[2010.06.21 09:13:17 | 000,000,000 | ---D | M] (Java Console) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010.10.25 19:05:17 | 000,000,000 | ---D | M] (Java Console) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
[2010.10.16 14:14:11 | 000,000,000 | ---D | M] (Anti-Banner) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\KAVANTIBANNER@KASPERSKY.RU
[2010.10.16 14:14:04 | 000,000,000 | ---D | M] (Modul zur Link-Untersuchung) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\LINKFILTER@KASPERSKY.RU
[2010.09.15 03:50:38 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Programme\Mozilla Firefox\plugins\npdeployJava1.dll
[2010.01.20 10:49:24 | 000,164,120 | ---- | M] (Tracker Software Products Ltd.) -- C:\Programme\Mozilla Firefox\plugins\npPDFXCviewNPPlugin.dll
[2010.10.28 15:56:03 | 000,001,392 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\amazondotcom-de.xml
[2010.10.28 15:56:04 | 000,002,344 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\eBay-de.xml
[2010.10.28 15:56:04 | 000,006,805 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\leo_ende_de.xml
[2010.10.28 15:56:04 | 000,001,178 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\wikipedia-de.xml
[2010.10.28 15:56:04 | 000,001,105 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\yahoo-de.xml
Hosts file not found
O2 - BHO: (Skype add-on (mastermind)) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Programme\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
O2 - BHO: (IEVkbdBHO Class) - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2011\ievkbd.dll (Kaspersky Lab ZAO)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Search Helper) - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Programme\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation)
O2 - BHO: (CDelHotkeys Object) - {78875F5C-A685-4405-8DC5-D48DC65452B0} - C:\Programme\Delicious Add-on for Internet Explorer\DeliciousExtension.dll (Yahoo!)
O2 - BHO: (Windows Live ID-Anmelde-Hilfsprogramm) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (Windows Live Toolbar Helper) - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Programme\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O2 - BHO: (FilterBHO Class) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2011\klwtbbho.dll (Kaspersky Lab ZAO)
O2 - BHO: (HP Smart BHO Class) - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Programme\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
O3 - HKLM\..\Toolbar: (no name) - - No CLSID value found.
O3 - HKLM\..\Toolbar: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Programme\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (Delicious Toolbar) - {61D1C847-DF80-423A-8C6D-DC03B97E6EBE} - C:\Programme\Delicious Add-on for Internet Explorer\DeliciousExtension.dll (Yahoo!)
O3 - HKCU\..\Toolbar\WebBrowser: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Programme\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (Delicious Toolbar) - {61D1C847-DF80-423A-8C6D-DC03B97E6EBE} - C:\Programme\Delicious Add-on for Internet Explorer\DeliciousExtension.dll (Yahoo!)
O4 - HKLM..\Run: [Acronis Scheduler2 Service] C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe (Acronis)
O4 - HKLM..\Run: [AVP] C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe (Kaspersky Lab ZAO)
O4 - HKLM..\Run: [DT ACR] C:\Program Files\Common Files\Portrait Displays\Shared\DT_startup.exe ()
O4 - HKLM..\Run: [EverioService] C:\Program Files\CyberLink\PCM4Everio\EverioService.exe (CyberLink Corp.)
O4 - HKLM..\Run: [FreePDF Assistant] C:\Programme\FreePDF_XP\fpassist.exe (shbox.de)
O4 - HKLM..\Run: [ISUSScheduler] C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe (InstallShield Software Corporation)
O4 - HKLM..\Run: [LanguageShortcut] C:\Program Files\CyberLink\PowerDVD\Language\Language.exe ()
O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\Windows\System32\NvMcTray.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [OpwareSE4] C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe (ScanSoft, Inc.)
O4 - HKLM..\Run: [PivotSoftware] C:\Program Files\Portrait Displays\Pivot Software\wpctrl.exe ()
O4 - HKLM..\Run: [Prolific2571_OneButton] C:\Programme\Prolific\PL2571 One Button\OneBtn.exe ()
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [SSBkgdUpdate] C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe (Nuance Communications, Inc.)
O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [TrueImageMonitor.exe] C:\Programme\Acronis\TrueImageHome\TrueImageMonitor.exe (Acronis)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKCU..\Run: [ISUSPM Startup] C:\Programme\Common Files\InstallShield\UpdateService\ISUSPM.exe (InstallShield Software Corporation)
O4 - HKCU..\Run: [LightScribe Control Panel] C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe File not found
O4 - HKCU..\Run: [WMPNSCFG] C:\Programme\Windows Media Player\wmpnscfg.exe (Microsoft Corporation)
O4 - HKLM..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - Startup: C:\Users\xxx\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\explorer - Verknüpfung.lnk = C:\Windows\explorer.exe (Microsoft Corporation)
O4 - Startup: C:\Users\xxx\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\firefox - Verknüpfung.lnk = C:\Programme\Mozilla Firefox\firefox.exe (Mozilla Corporation)
O4 - Startup: C:\Users\xxx\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OUTLOOK - Verknüpfung.lnk = C:\Programme\Microsoft Office\Office12\OUTLOOK.EXE (Microsoft Corporation)
O4 - Startup: C:\Users\xxx\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\WINWORD - Verknüpfung.lnk = C:\Programme\Microsoft Office\Office12\WINWORD.EXE (Microsoft Corporation)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Low Rights present
O8 - Extra context menu item: Hinzufügen zu Anti-Banner - C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2011\ie_banner_deny.htm ()
O8 - Extra context menu item: Markierte Adresse als Outlook-Kontakt speichern - C:\Programme\SmartTools\Outlook Add-Ins\STPAdrAssIE.hat ()
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - C:\Programme\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: In Blog veröffentlichen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : In Windows Live Writer in Blog veröffentliche&n - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra Button: Delicious - {2C887991-08F0-11DC-A9B2-0012F0B227DD} - C:\Programme\Delicious Add-on for Internet Explorer\DeliciousExtension.dll (Yahoo!)
O9 - Extra Button: Bookmarks - {2C887992-08F0-11DC-A9B2-0012F0B227DD} - C:\Programme\Delicious Add-on for Internet Explorer\DeliciousExtension.dll (Yahoo!)
O9 - Extra Button: Tag - {2C887993-08F0-11DC-A9B2-0012F0B227DD} - C:\Programme\Delicious Add-on for Internet Explorer\DeliciousExtension.dll (Yahoo!)
O9 - Extra Button: &Virtuelle Tastatur - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2011\klwtbbho.dll (Kaspersky Lab ZAO)
O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Programme\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Programme\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Programme\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: Li&nks untersuchen - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2011\klwtbbho.dll (Kaspersky Lab ZAO)
O9 - Extra Button: HP Intelligente Auswahl - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Programme\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: spdfraktion.de ([www] http in Vertrauenswürdige Sites)
O16 - DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} hxxp://download.microsoft.com/download/e/4/9/e494c802-dd90-4c6b-a074-469358f075a6/OGAControl.cab (Office Genuine Advantage Validation Tool)
O16 - DPF: {0742B9EF-8C83-41CA-BFBA-830A59E23533} https://oas.support.microsoft.com/ActiveX/MSDcode.cab (Microsoft Data Collection Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.14.0.8064.0206.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.14.0.8064.0206.dll (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Programme\Common Files\microsoft shared\Web Components\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Programme\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - AppInit_DLLs: (C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll) - C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2011\mzvkbd3.dll (Kaspersky Lab ZAO)
O20 - AppInit_DLLs: (C:\PROGRA~1\KASPER~1\KASPER~1\kloehk.dll) - C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2011\kloehk.dll (Kaspersky Lab ZAO)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\klogon: DllName - C:\Windows\system32\klogon.dll - C:\Windows\System32\klogon.dll (Kaspersky Lab ZAO)
O24 - Desktop WallPaper: C:\Users\xxx\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
O24 - Desktop BackupWallPaper: C:\Users\xxx\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 22:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2009.06.18 22:12:18 | 000,000,088 | ---- | M] () - F:\autorun.inf -- [ UDF ]
O33 - MountPoints2\{22ce95ce-1656-11de-96b2-dd8507f2d85c}\Shell - "" = AutoRun
O33 - MountPoints2\{22ce95ce-1656-11de-96b2-dd8507f2d85c}\Shell\AutoRun\command - "" = G:\LaunchU3.exe -- File not found
O33 - MountPoints2\{5d058ec2-52a3-11df-9e52-be1537730927}\Shell\AutoRun\command - "" = H:\setup.exe -- File not found
O33 - MountPoints2\{c53a50df-47bd-11df-b438-854fa22717a2}\Shell\AutoRun\command - "" = F:\Menu.exe -- File not found
O33 - MountPoints2\{d28da225-3009-11df-96f2-f4f547d85e09}\Shell - "" = AutoRun
O33 - MountPoints2\{d28da225-3009-11df-96f2-f4f547d85e09}\Shell\AutoRun\command - "" = G:\WD SmartWare.exe -- File not found
O33 - MountPoints2\{d28da234-3009-11df-96f2-f4f547d85e09}\Shell - "" = AutoRun
O33 - MountPoints2\{d28da234-3009-11df-96f2-f4f547d85e09}\Shell\AutoRun\command - "" = F:\WD SmartWare.exe -- [2009.11.13 20:25:22 | 003,280,672 | ---- | M] (Western Digital)
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - File not found
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found
Drivers32: aux - C:\Windows\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: aux1 - C:\Windows\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: aux2 - C:\Windows\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: aux3 - C:\Windows\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: aux4 - C:\Windows\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: aux5 - C:\Windows\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: aux6 - C:\Windows\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: midi - C:\Windows\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: midi1 - C:\Windows\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: midi2 - C:\Windows\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: midi3 - C:\Windows\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: midi4 - C:\Windows\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: midi5 - C:\Windows\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: midi6 - C:\Windows\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: midi7 - C:\Windows\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: midimapper - C:\Windows\System32\midimap.dll (Microsoft Corporation)
Drivers32: mixer - C:\Windows\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: mixer1 - C:\Windows\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: mixer2 - C:\Windows\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: mixer3 - C:\Windows\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: mixer4 - C:\Windows\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: mixer5 - C:\Windows\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: mixer6 - C:\Windows\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: mixer7 - C:\Windows\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: msacm.clmp3enc - C:\Programme\CyberLink\Power2Go\CLMP3Enc.ACM (CyberLink Corp.)
Drivers32: msacm.imaadpcm - C:\Windows\System32\imaadp32.acm (Microsoft Corporation)
Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3codecp - C:\Windows\System32\l3codecp.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.msadpcm - C:\Windows\System32\msadp32.acm (Microsoft Corporation)
Drivers32: msacm.msg711 - C:\Windows\System32\msg711.acm (Microsoft Corporation)
Drivers32: msacm.msgsm610 - C:\Windows\System32\msgsm32.acm (Microsoft Corporation)
Drivers32: msacm.siren - C:\Windows\System32\sirenacm.dll (Microsoft Corporation)
Drivers32: MSVideo8 - C:\Windows\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.i420 - C:\Windows\System32\iyuv_32.dll (Microsoft Corporation)
Drivers32: VIDC.IYUV - C:\Windows\System32\iyuv_32.dll (Microsoft Corporation)
Drivers32: vidc.mrle - C:\Windows\System32\msrle32.dll (Microsoft Corporation)
Drivers32: vidc.msvc - C:\Windows\System32\msvidc32.dll (Microsoft Corporation)
Drivers32: VIDC.UYVY - C:\Windows\System32\msyuv.dll (Microsoft Corporation)
Drivers32: VIDC.YUY2 - C:\Windows\System32\msyuv.dll (Microsoft Corporation)
Drivers32: VIDC.YVU9 - C:\Windows\System32\tsbyuv.dll (Microsoft Corporation)
Drivers32: VIDC.YVYU - C:\Windows\System32\msyuv.dll (Microsoft Corporation)
Drivers32: wave - C:\Windows\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: wave1 - C:\Windows\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: wave2 - C:\Windows\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: wave3 - C:\Windows\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: wave4 - C:\Windows\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: wave5 - C:\Windows\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: wave6 - C:\Windows\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: wave7 - C:\Windows\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: wavemapper - C:\Windows\System32\msacm32.drv (Microsoft Corporation)
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
========== Files/Folders - Created Within 30 Days ==========
[2010.12.29 16:48:59 | 000,000,000 | ---D | C] -- C:\Users\xxx\AppData\Roaming\Malwarebytes
[2010.12.29 16:48:39 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2010.12.29 16:48:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2010.12.29 16:48:35 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2010.12.29 16:48:35 | 000,000,000 | ---D | C] -- C:\Programme\Malwarebytes' Anti-Malware
[2010.12.29 16:45:06 | 000,601,600 | ---- | C] (OldTimer Tools) -- C:\Users\xxx\Desktop\OTL.exe
[2010.12.19 13:22:25 | 000,000,000 | ---D | C] -- C:\Programme\7-Zip
[2010.12.19 09:25:22 | 000,000,000 | ---D | C] -- C:\Programme\TORPIDRemoval Tool
[2010.12.18 22:32:22 | 000,000,000 | ---D | C] -- C:\Programme\Emsisoft Anti-Malware
[2010.12.18 22:32:22 | 000,000,000 | ---D | C] -- C:\Users\xxx\Documents\Anti-Malware
[2010.12.13 18:55:20 | 000,000,000 | ---D | C] -- C:\ProgramData\WEBREG
[2010.12.13 18:44:04 | 000,000,000 | ---D | C] -- C:\Users\xxx\AppData\Roaming\HP
[2010.12.13 18:43:57 | 000,000,000 | ---D | C] -- C:\Users\xxx\AppData\Local\HP
[2010.12.13 18:41:51 | 000,000,000 | ---D | C] -- C:\ProgramData\HP Product Assistant
[2010.12.13 18:36:29 | 000,000,000 | ---D | C] -- C:\Windows\hpojp8500a909
[2010.12.13 18:09:17 | 000,000,000 | ---D | C] -- C:\Programme\Common Files\HP
[2010.12.13 18:09:16 | 000,000,000 | ---D | C] -- C:\Programme\Common Files\Hewlett-Packard
[2010.12.13 18:09:14 | 000,000,000 | ---D | C] -- C:\Programme\Hewlett-Packard
[2010.12.13 18:06:42 | 000,000,000 | ---D | C] -- C:\Programme\HP
[2010.12.13 18:06:39 | 000,000,000 | -H-D | C] -- C:\Config.Msi
[2010.12.13 18:04:19 | 000,000,000 | ---D | C] -- C:\ProgramData\HP
[2008.10.21 10:35:24 | 000,018,944 | ---- | C] ( ) -- C:\Windows\System32\Implode.dll
[2006.11.24 06:14:44 | 000,139,264 | ---- | C] ( ) -- C:\Windows\System32\MACSSDK_wiz.dll
[2006.11.24 06:14:44 | 000,126,976 | ---- | C] ( ) -- C:\Windows\System32\MACSSDK.dll
[1 C:\*.tmp files -> C:\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2010.12.29 17:19:00 | 000,000,424 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{45854332-AB94-4EFA-9AE5-7D51D14556BA}.job
[2010.12.29 17:15:10 | 035,316,736 | ---- | M] () -- C:\Users\xxx\Desktop\laufendeGeschichten.pst
[2010.12.29 16:49:20 | 000,689,222 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2010.12.29 16:49:20 | 000,645,608 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2010.12.29 16:49:20 | 000,150,990 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2010.12.29 16:49:20 | 000,122,436 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2010.12.29 16:45:08 | 000,601,600 | ---- | M] (OldTimer Tools) -- C:\Users\xxx\Desktop\OTL.exe
[2010.12.29 16:32:16 | 000,004,784 | ---- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2010.12.29 16:32:16 | 000,004,784 | ---- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2010.12.29 13:56:51 | 000,190,534 | ---- | M] () -- C:\ProgramData\nvModes.001
[2010.12.29 13:50:37 | 000,002,754 | ---- | M] () -- C:\Users\xxx\AppData\Roaming\SAS7_000.DAT
[2010.12.29 13:36:09 | 000,012,984 | ---- | M] () -- C:\Users\xxx\AppData\Roaming\Kommagetrennte Werte (Windows).CAL
[2010.12.29 13:35:16 | 000,037,146 | ---- | M] () -- C:\Users\xxx\AppData\Roaming\Kommagetrennte Werte (Windows).ADR
[2010.12.29 13:33:01 | 000,000,416 | -H-- | M] () -- C:\Windows\tasks\SupBackGroundTask.job
[2010.12.29 13:30:52 | 000,067,584 | ---- | M] () -- C:\Windows\bootstat.dat
[2010.12.29 12:29:28 | 000,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat
[2010.12.22 16:38:54 | 000,019,104 | ---- | M] () -- C:\Users\xxx\Documents\Brief.docx
[2010.12.22 08:49:40 | 000,029,184 | ---- | M] () -- C:\Users\xxx\Documents\101217_Freischreiber_Regionaltreffen.doc
[2010.12.21 19:23:10 | 000,012,814 | ---- | M] () -- C:\Users\xxx\Documents\101217_Freischreiber_Regionaltreffen.docx
[2010.12.20 18:09:00 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2010.12.20 18:08:40 | 000,020,952 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2010.12.19 13:13:32 | 000,007,592 | ---- | M] () -- C:\Users\xxx\AppData\Local\d3d9caps.dat
[2010.12.18 21:52:08 | 000,467,956 | ---- | M] () -- C:\Users\xxx\Desktop\FLT_OGF4GQ6276_0.pdf
[2010.12.15 21:49:30 | 001,739,592 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2010.12.15 15:57:02 | 000,010,803 | ---- | M] () -- C:\Users\xxx\Desktop\suchbegriffe.docx
[2010.12.13 18:44:20 | 000,216,916 | ---- | M] () -- C:\Windows\hpwins22.dat
[2010.12.13 18:38:33 | 000,001,972 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
[2010.12.10 22:42:37 | 000,000,557 | ---- | M] () -- C:\Windows\wiso.ini
[2010.12.09 16:29:02 | 000,023,420 | ---- | M] () -- C:\Users\xxx\Desktop\GIH Bundesverband.htm
[2010.12.08 19:13:04 | 000,029,994 | ---- | M] () -- C:\Users\xxx\Desktop\_en20101018121841_Bearbeitung_wohnwirtschaftlicher_Foerderprogramme.pdf
[2010.12.08 15:25:33 | 000,114,243 | ---- | M] () -- C:\Windows\System32\drivers\klin.dat
[2010.12.08 15:25:33 | 000,097,859 | ---- | M] () -- C:\Windows\System32\drivers\klick.dat
[1 C:\*.tmp files -> C:\*.tmp -> ]
========== Files Created - No Company Name ==========
[2010.12.22 08:49:36 | 000,029,184 | ---- | C] () -- C:\Users\xxx\Documents\101217_Freischreiber_Regionaltreffen.doc
[2010.12.21 18:14:31 | 000,012,814 | ---- | C] () -- C:\Users\xxx\Documents\101217_Freischreiber_Regionaltreffen.docx
[2010.12.18 21:52:08 | 000,467,956 | ---- | C] () -- C:\Users\xxx\Desktop\FLT_OGF4GQ6276_0.pdf
[2010.12.13 18:38:33 | 000,001,972 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
[2010.12.13 18:04:38 | 000,000,857 | ---- | C] () -- C:\ProgramData\hpzinstall.log
[2010.12.13 18:04:37 | 000,216,916 | ---- | C] () -- C:\Windows\hpwins22.dat
[2010.12.09 16:29:00 | 000,023,420 | ---- | C] () -- C:\Users\xxx\Desktop\GIH Bundesverband.htm
[2010.12.08 19:13:04 | 000,029,994 | ---- | C] () -- C:\Users\xxx\Desktop\_en20101018121841_Bearbeitung_wohnwirtschaftlicher_Foerderprogramme.pdf
[2010.01.23 19:19:56 | 000,002,304 | ---- | C] () -- C:\Windows\System32\Machnm32.sys
[2010.01.14 16:05:46 | 000,002,754 | ---- | C] () -- C:\Users\xxx\AppData\Roaming\SAS7_000.DAT
[2010.01.12 12:24:58 | 000,007,168 | ---- | C] () -- C:\Windows\System32\drivers\StarOpen.sys
[2010.01.01 14:58:40 | 000,037,041 | ---- | C] () -- C:\Users\xxx\AppData\Roaming\Kommagetrennte Werte (DOS).ADR
[2009.12.15 18:13:02 | 000,000,092 | ---- | C] () -- C:\Windows\System32\ftdiun2k.ini
[2009.10.29 18:32:25 | 000,012,984 | ---- | C] () -- C:\Users\xxx\AppData\Roaming\Kommagetrennte Werte (Windows).CAL
[2009.10.29 18:31:37 | 000,037,146 | ---- | C] () -- C:\Users\xxx\AppData\Roaming\Kommagetrennte Werte (Windows).ADR
[2009.10.29 13:30:16 | 000,221,184 | ---- | C] () -- C:\Windows\System32\lame_enc.dll
[2009.10.29 13:30:16 | 000,172,032 | ---- | C] () -- C:\Windows\System32\MP2enc.dll
[2009.10.09 14:28:54 | 000,000,557 | ---- | C] () -- C:\Windows\wiso.ini
[2009.09.03 11:16:23 | 000,190,534 | ---- | C] () -- C:\ProgramData\nvModes.001
[2009.09.03 11:14:10 | 000,190,534 | ---- | C] () -- C:\ProgramData\nvModes.dat
[2009.08.03 14:07:42 | 000,403,816 | ---- | C] () -- C:\Windows\System32\OGACheckControl.dll
[2009.05.31 21:28:25 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2009.01.24 21:48:25 | 000,006,656 | ---- | C] () -- C:\Users\xxx\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009.01.15 23:28:16 | 000,007,592 | ---- | C] () -- C:\Users\xxx\AppData\Local\d3d9caps.dat
[2008.10.21 11:54:53 | 000,000,416 | ---- | C] () -- C:\Windows\MAXLINK.INI
[2008.10.21 10:55:11 | 000,116,224 | ---- | C] () -- C:\Windows\System32\redmonnt.dll
[2008.10.21 10:35:24 | 000,748,160 | ---- | C] () -- C:\Windows\System32\Co2c40en.dll
[2008.10.21 10:35:24 | 000,054,272 | ---- | C] () -- C:\Windows\System32\P2irdao.dll
[2008.10.21 10:35:24 | 000,050,176 | ---- | C] () -- C:\Windows\System32\P2ctdao.dll
[2008.10.15 10:39:50 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2008.07.08 15:50:18 | 000,000,684 | ---- | C] () -- C:\Windows\HotFixList.ini
[2008.07.08 15:31:32 | 000,000,135 | ---- | C] () -- C:\Windows\System32\lngEng.ini
[2008.07.08 15:31:32 | 000,000,117 | ---- | C] () -- C:\Windows\System32\lngKor.ini
[2008.07.08 13:45:50 | 001,060,424 | ---- | C] () -- C:\Windows\System32\WdfCoInstaller01000.dll
[2007.02.15 08:51:02 | 000,274,432 | ---- | C] () -- C:\Windows\System32\NDADLL.dll
[2006.12.09 03:54:38 | 000,022,723 | ---- | C] () -- C:\Windows\System32\sugg1l3.dll
[2006.11.29 09:00:28 | 000,307,200 | ---- | C] () -- C:\Windows\System32\LDBGenWizView.dll
[2006.11.02 13:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006.11.02 11:25:21 | 000,061,440 | ---- | C] () -- C:\Windows\System32\igfxTMM.dll
[2006.11.02 08:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006.10.09 02:01:28 | 000,061,440 | ---- | C] () -- C:\Windows\System32\AVSAudioWideStereoDMO.dll
[2001.11.14 04:56:00 | 001,802,240 | ---- | C] () -- C:\Windows\System32\lcppn21.dll
========== LOP Check ==========
[2010.05.23 20:34:45 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\Acronis
[2009.10.09 14:20:40 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\Buhl Data Service
[2010.01.12 12:25:24 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\Canneverbe_Limited
[2010.02.22 10:27:48 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\Canon
[2010.07.20 09:09:24 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\Delicious IE Extension
[2010.01.23 19:29:05 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\DisplayTune
[2010.05.14 16:42:23 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\elsterformular
[2010.04.12 08:13:29 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\gnupg
[2010.09.17 10:13:05 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\gtk-2.0
[2009.09.19 19:50:35 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\mirkes.de
[2010.01.14 15:14:53 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\Nuance
[2009.01.31 19:17:36 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\OpenOffice.org
[2010.05.27 16:41:28 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\QuickScan
[2008.10.21 11:54:46 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\ScanSoft
[2010.06.03 14:31:59 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\SmartTools
[2010.06.03 15:13:57 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\SuperMailer
[2010.04.22 15:14:45 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\TeamViewer
[2010.06.03 08:52:38 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\Thunderbird
[2010.11.15 12:14:27 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\Western Digital
[2010.03.15 22:21:34 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\Western DigitalTemp
[2009.11.18 16:24:48 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\Windows Live Writer
[2010.12.29 12:29:25 | 000,032,602 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2010.12.29 13:33:01 | 000,000,416 | -H-- | M] () -- C:\Windows\Tasks\SupBackGroundTask.job
[2010.12.29 17:19:00 | 000,000,424 | -H-- | M] () -- C:\Windows\Tasks\User_Feed_Synchronization-{45854332-AB94-4EFA-9AE5-7D51D14556BA}.job
========== Purity Check ==========
========== Custom Scans ==========
< %SYSTEMDRIVE%\*.* >
[2006.09.18 22:43:36 | 000,000,024 | ---- | M] () -- C:\autoexec.bat
[2009.04.11 07:36:36 | 000,333,257 | RHS- | M] () -- C:\bootmgr
[2008.02.08 10:31:21 | 000,008,192 | R-S- | M] () -- C:\BOOTSECT.BAK
[2006.09.18 22:43:37 | 000,000,010 | ---- | M] () -- C:\config.sys
[2010.04.27 19:57:16 | 000,000,130 | ---- | M] () -- C:\Descriptors.txt
[2009.08.14 08:02:59 | 000,000,976 | ---- | M] () -- C:\fpRedmon.log
[2008.09.02 05:56:43 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2008.09.02 05:56:43 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2010.12.29 12:30:33 | 3529,375,744 | -HS- | M] () -- C:\pagefile.sys
[2010.01.23 19:18:12 | 000,000,173 | ---- | M] () -- C:\pdisdk.log
[2010.01.23 19:20:02 | 000,000,184 | ---- | M] () -- C:\pivot.log
[2008.07.08 15:16:47 | 000,000,366 | ---- | M] () -- C:\RHDSetup.log
[2009.01.15 23:38:22 | 000,000,086 | ---- | M] () -- C:\Setup.log
[1 C:\*.tmp files -> C:\*.tmp -> ]
< %systemroot%\system32\*.wt >
< %systemroot%\system32\*.ruy >
< %systemroot%\Fonts\*.com >
[2006.11.02 13:37:12 | 000,026,040 | ---- | M] () -- C:\Windows\Fonts\GlobalMonospace.CompositeFont
[2006.11.02 13:37:12 | 000,026,489 | ---- | M] () -- C:\Windows\Fonts\GlobalSansSerif.CompositeFont
[2006.11.02 13:37:12 | 000,029,779 | ---- | M] () -- C:\Windows\Fonts\GlobalSerif.CompositeFont
[2009.06.01 09:34:37 | 000,037,665 | ---- | M] () -- C:\Windows\Fonts\GlobalUserInterface.CompositeFont
< %systemroot%\Fonts\*.dll >
< %systemroot%\Fonts\*.ini >
[2006.09.18 22:37:34 | 000,000,065 | ---- | M] () -- C:\Windows\Fonts\desktop.ini
< %systemroot%\Fonts\*.ini2 >
< %systemroot%\system32\spool\prtprocs\w32x86\*.* >
[2006.09.12 19:00:00 | 000,027,136 | ---- | M] (CANON INC.) -- C:\Windows\System32\spool\prtprocs\w32x86\CNMPD86.DLL
[2006.09.12 19:00:00 | 000,069,632 | ---- | M] (CANON INC.) -- C:\Windows\System32\spool\prtprocs\w32x86\CNMPP86.DLL
[2008.08.12 10:58:10 | 000,314,880 | ---- | M] (Hewlett-Packard Corporation) -- C:\Windows\System32\spool\prtprocs\w32x86\hpfpp082.dll
[2006.11.02 13:35:48 | 000,022,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\spool\prtprocs\w32x86\jnwppr.dll
[2006.12.09 03:54:16 | 000,019,456 | ---- | M] (Windows (R) 2000 DDK provider) -- C:\Windows\System32\spool\prtprocs\w32x86\sugg1pc.dll
< %systemroot%\REPAIR\*.bak1 >
< %systemroot%\REPAIR\*.ini >
< %systemroot%\system32\*.jpg >
< %systemroot%\*.scr >
[2009.02.06 18:46:50 | 000,308,600 | ---- | M] (Microsoft Corporation) -- C:\Windows\WLXPGSS.SCR
< %systemroot%\*._sy >
< %APPDATA%\Adobe\Update\*.* >
< %ALLUSERSPROFILE%\Favorites\*.* >
< %APPDATA%\Microsoft\*.* >
< %PROGRAMFILES%\*.* >
[2008.01.21 03:43:21 | 000,000,174 | -HS- | M] () -- C:\Programme\desktop.ini
< %APPDATA%\Update\*.* >
< %systemroot%\*. /mp /s >
< %systemroot%\system32\*.dll /lockedfiles >
[2006.11.02 10:46:04 | 000,380,957 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\expsrv.dll
[2010.10.05 20:27:04 | 000,228,024 | ---- | M] (Kaspersky Lab ZAO) Unable to obtain MD5 -- C:\Windows\System32\klogon.dll
[1980.01.01 00:00:00 | 001,355,776 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\msvbvm50.dll
[2008.01.21 03:24:11 | 001,386,496 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\msvbvm60.dll
[2009.04.11 07:27:47 | 000,241,128 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\rsaenh.dll
[2009.04.11 07:28:23 | 000,228,352 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\SLC.dll
< %systemroot%\Tasks\*.job /lockedfiles >
< %systemroot%\System32\config\*.sav >
[2008.01.21 04:14:18 | 016,846,848 | ---- | M] () -- C:\Windows\System32\config\COMPONENTS.SAV
[2008.01.21 04:14:08 | 000,106,496 | ---- | M] () -- C:\Windows\System32\config\DEFAULT.SAV
[2008.01.21 04:14:18 | 000,020,480 | ---- | M] () -- C:\Windows\System32\config\SECURITY.SAV
[2006.11.02 11:34:08 | 010,133,504 | ---- | M] () -- C:\Windows\System32\config\SOFTWARE.SAV
[2006.11.02 11:34:08 | 001,826,816 | ---- | M] () -- C:\Windows\System32\config\SYSTEM.SAV
< %systemroot%\system32\user32.dll /md5 >
[2009.04.11 07:28:25 | 000,627,712 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\user32.dll
< %systemroot%\system32\ws2_32.dll /md5 >
[2008.01.21 03:24:48 | 000,179,200 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\ws2_32.dll
< %systemroot%\system32\ws2help.dll /md5 >
[2006.11.02 10:44:30 | 000,004,608 | ---- | M] (Microsoft Corporation) MD5=17C0671BF57057108A6D949510EE42C8 -- C:\Windows\System32\ws2help.dll
< MD5 for: EXPLORER.EXE >
[2008.10.29 07:20:29 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=37440D09DEAE0B672A04DCCF7ABF06BE -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16771_none_4f83bb287ccdb7e3\explorer.exe
[2008.10.29 07:29:41 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=4F554999D7D5F05DAAEBBA7B5BA1089D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18164_none_5177ca9879e978e8\explorer.exe
[2008.10.30 04:59:17 | 002,927,616 | ---- | M] (Microsoft Corporation) MD5=50BA5850147410CDE89C523AD3BC606E -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.22298_none_51e4f8c7931bd1e1\explorer.exe
[2009.04.11 07:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\explorer.exe
[2009.04.11 07:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6002.18005_none_53a0201e76de3a0b\explorer.exe
[2008.10.28 03:15:02 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=E7156B0B74762D9DE0E66BDCDE06E5FB -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20947_none_5033cb5995cd990b\explorer.exe
[2008.01.21 03:24:24 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=FFA764631CB70A30065C12EF8E174F9F -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18000_none_51b4a71279bc6ebf\explorer.exe
< MD5 for: WININIT.EXE >
[2008.01.21 03:23:42 | 000,096,768 | ---- | M] (Microsoft Corporation) MD5=101BA3EA053480BB5D957EF37C06B5ED -- C:\Windows\System32\wininit.exe
[2008.01.21 03:23:42 | 000,096,768 | ---- | M] (Microsoft Corporation) MD5=101BA3EA053480BB5D957EF37C06B5ED -- C:\Windows\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.0.6001.18000_none_30f2b8cf0450a6a2\wininit.exe
< MD5 for: WINLOGON.EXE >
[2009.04.11 07:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\System32\winlogon.exe
[2009.04.11 07:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6002.18005_none_71ae7a22d2134741\winlogon.exe
[2008.01.21 03:24:49 | 000,314,880 | ---- | M] (Microsoft Corporation) MD5=C2610B6BDBEFC053BBDAB4F1B965CB24 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6001.18000_none_6fc30116d4f17bf5\winlogon.exe
< HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU >
< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs >
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install\\LastSuccessTime: 2010-12-29 10:23:30
< >
========== Alternate Data Streams ==========
@Alternate Data Stream - 225 bytes -> C:\ProgramData\TEMP:A24211BA
< End of report >
--- --- ---
Und hier Extra.txtOTL Logfile: Code:
OTL Extras logfile created on: 29.12.2010 17:15:25 - Run 1
OTL by OldTimer - Version 3.2.18.1 Folder = C:\Users\xxx\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18999)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 52,00% Memory free
6,00 Gb Paging File | 5,00 Gb Available in Paging File | 74,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 111,88 Gb Total Space | 61,49 Gb Free Space | 54,96% Space Free | Partition Type: NTFS
Drive D: | 111,00 Gb Total Space | 102,22 Gb Free Space | 92,09% Space Free | Partition Type: NTFS
Drive F: | 614,91 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: UDF
Drive G: | 1396,61 Gb Total Space | 1267,48 Gb Free Space | 90,75% Space Free | Partition Type: NTFS
Drive H: | 3,73 Gb Total Space | 3,32 Gb Free Space | 89,19% Space Free | Partition Type: FAT32
Drive I: | 504,97 Mb Total Space | 254,88 Mb Free Space | 50,47% Space Free | Partition Type: FAT
Computer Name: HEIM-PC | User Name: xxx | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [Digital Photo Professional] -- C:\Program Files\Canon\Digital Photo Professional\DPPViewer.exe /path "%1" (CANON INC.)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiSpyware]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0D2E04E6-2248-43AC-8BB7-958FD960E5DD}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office12\outlook.exe |
"{17C9712C-B0FF-4DE2-8825-DACFF07A2A6D}" = lport=445 | protocol=6 | dir=in | app=system |
"{1ACC8B81-4A32-4952-B23E-3B83139AA64F}" = lport=138 | protocol=17 | dir=in | app=system |
"{20000877-69F7-4346-B4CE-B9E1BB47C55E}" = rport=138 | protocol=17 | dir=out | app=system |
"{2677158A-5F0E-4049-969B-0CF2018C79DB}" = rport=445 | protocol=6 | dir=out | app=system |
"{3FD0B431-FA3C-48C4-97FD-5484C4111559}" = rport=137 | protocol=17 | dir=out | app=system |
"{5A5CACB9-A9DC-4CA0-8C73-6ADEB81F3B58}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{B90197B0-98B8-4132-BB41-BF493DD0CD59}" = lport=139 | protocol=6 | dir=in | app=system |
"{BF999E43-FB30-4999-B0E1-8515F9011802}" = lport=2869 | protocol=6 | dir=in | app=system |
"{C644570E-17B8-4601-A65F-E80EE9425ABE}" = lport=137 | protocol=17 | dir=in | app=system |
"{E912E8C0-725B-4AAE-89C4-D664C62E8944}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{F0AAB7EB-929E-423B-8CA9-BBF5C8E7F88F}" = rport=427 | protocol=17 | dir=in | svc=hpslpsvc | app=c:\windows\system32\svchost.exe |
"{F152C3BF-BB2B-40E2-8041-F201CD19AE89}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{FC0AEC55-BED7-4381-B956-96A224A80686}" = rport=139 | protocol=6 | dir=out | app=system |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0D955D53-7EEC-48CE-8B08-3194E27BE772}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{0F80A5DC-8A1C-4C09-AAFF-79E0064E982B}" = dir=in | app=c:\program files\windows live\messenger\wlcsdk.exe |
"{291D306C-48AA-4223-B4A4-5D53D8E45FDD}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{35A3779F-1D36-4A27-B8DA-0771AF95C0DF}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{43F498C0-93F3-4C33-AE5D-2652D1F8B6DB}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"{5DC629FB-F16C-4BAD-A5F3-93F268047E5D}" = protocol=17 | dir=in | app=c:\program files\itunes\itunes.exe |
"{6779FCAE-5815-46CF-89C3-D6A107FAA6AC}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{67B34E7C-522D-48E9-B9FB-7B4E04972EAC}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqkygrp.exe |
"{6823227A-7AC6-400C-AA3A-41E3F6036454}" = dir=in | app=c:\program files\hp\digital imaging\bin\hposid01.exe |
"{6C708175-E552-40D1-A8A6-13CFD9899760}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{70530B1E-7001-43D2-A42C-B8F57A1804D3}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqste08.exe |
"{7B260EC1-57A2-45B1-B646-7FB43C1E48AB}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqtra08.exe |
"{82355106-2A5D-4E17-A631-5BCC0E80EB20}" = dir=in | app=c:\program files\windows live\sync\windowslivesync.exe |
"{85BAC778-27F5-42A4-BF36-912AC5AEF6AC}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpofxm08.exe |
"{B66156A5-4682-4082-8994-5B04BE1EAFC3}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpzwiz01.exe |
"{E48904CC-CABB-4F61-9480-4A4CFE7C9226}" = dir=in | app=e:\setup\hpznui01.exe |
"{E75CBF35-506F-418D-825D-14AC26E40972}" = dir=in | app=c:\program files\cyberlink\powerdvd\powerdvd.exe |
"{EBD37532-AE43-49AC-A8C8-7F487542F5FD}" = protocol=6 | dir=in | app=c:\program files\itunes\itunes.exe |
"{F1584BF2-2797-47B5-8756-9262D8AC6248}" = dir=in | app=c:\program files\hp\digital imaging\bin\hposfx08.exe |
"{FFE802C9-B147-4651-9BE1-5B48A6CDC045}" = dir=in | app=c:\program files\cyberlink\powerdirector\pdr.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00AF10C1-44BD-4862-9D7F-24E6BA3E87FD}" = imagine digital freedom - Samsung
"{0217E1D1-BCEF-4A61-AF6D-F7740F65A066}" = Pivot Software
"{028ED9C4-25EE-4DEE-9CF4-91034BC89B18}" = Microsoft SQL Server 2005 Express Edition (MSSMLBIZ)
"{03A7C57A-B2C8-409b-92E5-524A0DFD0DD3}" = Status
"{03D1988F-469F-4843-8E6E-E5FE9D17889D}" = WIDCOMM Bluetooth Software 6.0.1.6300
"{04983D37-2202-4295-94A2-8B547C66133F}" = Atheros WLAN Client
"{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu
"{061498DB-D42C-4642-A3EE-F094FCE0D722}" = BEYERTONE - Call Recorder 4.1.116 (Deutsch)
"{07629207-FAA0-4F1A-8092-BF5085BE511F}" = Unterstützungsdateien für das Microsoft SQL Server-Setup (Englisch)
"{0840B4D6-7DD1-4187-8523-E6FC0007EFB7}" = Windows Live ID-Anmelde-Assistent
"{087A66B8-1F0F-4a8d-A649-0CFE276AA7C0}" = WebReg
"{0DEA342C-15CB-4F52-97B6-06A9C4B9C06F}" = SDK
"{102CBC47-7FDE-4E6C-8A3A-67B79833FAC8}" = BPDSoftware_Ini
"{119B7481-0216-40D2-A5CC-C3E1F461ECC1}" = Windows Live Fotogalerie
"{11B2F891-91C8-47ce-945A-A91003EA27FB}" = BPDSoftware
"{145DE957-0679-4A2A-BB5C-1D3E9808FAB2}" = Samsung Recovery Solution III
"{17283B95-21A8-4996-97DA-547A48DB266F}" = Easy Display Manager
"{18AB082B-6584-4F74-8ABC-D5935CF46E4C}" = 8500A909_eDocs
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{232DB76D-4751-41A9-9EC2-CDC0DAC1FAB6}" = WD SmartWare
"{26A24AE4-039D-4CA4-87B4-2F83216011FF}" = Java(TM) 6 Update 22
"{299A33DF-313A-4C38-9610-71FDA80D5E02}" = WISO EÜR & Kasse 2009
"{2A329FB6-389D-4396-A974-29656D6864AE}" = MarketResearch
"{2EEA7AA4-C203-4b90-A34F-19FB7EF1C81C}" = BufferChm
"{32D6A58F-9659-446C-BBFC-E6F2B41F24DC}" = Samsung Magic Doctor
"{36BEAD11-8577-49AD-9250-E06A50AE87B0}" = Microsoft SOAP Toolkit 2.0 SP2
"{39CEE1F2-12B6-4C50-9131-04BFCA110578}" = PowerCinema NE for Everio
"{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go
"{432A850B-3558-4BFF-B1F9-30626835B523}" = BPD_DSWizards
"{47ECCB1F-2811-49C0-B6A7-26778639ABA0}" = 32 Bit HP CIO Components Installer
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A5A427F-BA39-4BF0-9A47-9999FBE60C9F}" = Visual C++ Runtime for Dragon NaturallySpeaking
"{4C556B5C-8EF7-47B4-AE05-FE71EEB2C25B}" = Plus Pack für Acronis True Image Home 2010
"{4cb9f93c-9edc-4be9-ae61-af128ddbecfa}" = Business Contact Manager für Outlook 2007 SP2
"{4CBA3D4C-8F51-4D60-B27E-F6B641C571E7}" = Microsoft Search Enhancement Pack
"{4D304678-738E-42a0-931A-2B022F49DEB8}" = TrayApp
"{4DE3E3D9-AE81-45DE-9195-3015F7B1DBF3}" = Junk Mail filter update
"{4E7C28C7-D5DA-4E9F-A1CA-60490B54AE35}" = UnloadSupport
"{4EA8EA5D-8E46-4698-9BF7-2F2AD8E1C185}" = Easy Network Manager 3.0
"{50120000-1105-0000-0000-0000000FF1CE}" = Microsoft Office 2007 Primary Interop Assemblies
"{52D4013E-3FEC-4C08-AAA8-CC24985A04E1}" = WISO EÜR & Kasse 2010
"{541DEAC0-5F3D-45E6-B7CB-94ECF3B96748}" = Skype web features
"{57F60D52-630B-43C5-BD20-176F5CD4EED6}" = bpd_scan
"{5A166C0B-9557-4364-A057-F946D674E6AC}" = Windows Live Mail
"{5FC68772-6D56-41C6-9DF1-24E868198AE6}" = Windows Live Call
"{624E7452-BA43-4f55-B9D5-FC75EEA0808B}" = Officejet Pro 8500 A909 Series
"{64C1FA9A-FA94-4B6E-B3E4-8573738E4AD1}" = Adobe Setup
"{66F1F013-008F-4875-B283-5A814B820347}" = Kaspersky Internet Security 2011
"{676981B7-A2D9-49D0-9F4C-03018F131DA9}" = DocProc
"{67ED38A3-4882-448B-B44D-3428AB00D7D5}" = Acronis*True*Image*Home
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{6AFCA4E1-9B78-3640-8F72-A7BF33448200}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{6D4AC5A4-4CF9-4F90-8111-B9B53CE257BF}" = Adobe Color Common Settings
"{6EED4269-588D-45b8-A80C-26A9CA62EE4E}" = HPSSupply
"{6F730513-8688-4C3C-90A3-6B9792CE2EF3}" = Easy Battery Manager
"{7059BDA7-E1DB-442C-B7A1-6144596720A4}" = HP Update
"{70B7A167-0B88-445D-A3EA-97C73AA88CAC}" = Windows Live Toolbar
"{719D6F39-2419-48D9-8771-F099B7DB631E}" = PL2571 One Button
"{71A51B09-E7D3-11DB-A386-005056C00008}" = Vimicro UVC Camera
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7E265513-8CDA-4631-B696-F40D983F3B07}_is1" = CDBurnerXP
"{7FB12670-0F93-4E1E-B2F5-4F339199A03A}" = Microsoft SQL Server Native Client
"{7FC7AD70-1DF3-4B84-9AA2-4FB680F45572}_is1" = Hex-Editor MX
"{800E784D-53E3-4948-B491-9E7FA5EACBDC}" = SmartWebPrinting
"{804F1285-8CBF-408D-8CDC-D4D40003B2E4}" = PlayCamera
"{81821BF8-DA20-4F8C-AA87-F70A274828D4}" = Windows Live Writer
"{837B6259-6FF5-4E66-87C1-A5A15ED36FF4}" = Windows Live Messenger
"{849A32C3-E75A-4791-9B11-E568BA3525A4}" = Microsoft SQL Server VSS Writer
"{87A9A9A9-FAB7-4224-9328-0FA2058C0FD5}" = Network
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A74E887-8F0F-4017-AF53-CBA42211AAA5}" = Microsoft Sync Framework Runtime Native v1.0 (x86)
"{8D273DE5-ABFA-4BD0-A9D7-EE9C971438C4}_is1" = PDF-Viewer
"{8FFC5648-FAF8-43A3-BC8F-42BA1E275C4E}" = Choice Guard
"{90120000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2007
"{90120000-0015-0407-0000-0000000FF1CE}_PROHYBRIDR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_PROHYBRIDR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_PROHYBRIDR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2007
"{90120000-0019-0407-0000-0000000FF1CE}_PROHYBRIDR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2007
"{90120000-001A-0407-0000-0000000FF1CE}_PROHYBRIDR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_PROHYBRIDR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_PROHYBRIDR_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_PROHYBRIDR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_PROHYBRIDR_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_PROHYBRIDR_{322296D4-1EAE-4030-9FBC-D2787EB25FA2}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_PROHYBRIDR_{26454C26-D259-4543-AA60-3189E09C5F76}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00B2-0407-0000-0000000FF1CE}" = Microsoft – Speichern als PDF oder XPS – Add-In für 2007 Microsoft Office-Programme
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager
"{90A40407-6000-11D3-8CFE-0150048383C9}" = Microsoft Office 2003 Web Components
"{91120000-0031-0000-0000-0000000FF1CE}" = Microsoft Office Professional Hybrid 2007
"{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{91E04CA7-0B13-4F8C-AA4D-2A573AC96D19}" = Windows Live Essentials
"{94A065E8-455D-41C1-AF1F-F0C1AF8F50F3}" = Microsoft IntelliType Pro 7.0
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{95120000-0122-0407-0000-0000000FF1CE}" = Microsoft Office Outlook Connector
"{955597D8-E5E1-474D-B647-60AC44566D24}" = Play AVStation
"{9603DE6D-4567-4b78-B941-849322373DE2}" = SolutionCenter
"{9CA72668-86CC-5447-9278-A0378FE45378}" = Media Add-ons für Acronis True Image Home 2010
"{9CCCFD9C-248F-47FE-9496-1680E3E5C163}" = Scan
"{9D1B99B7-DAD8-440d-B4FB-1915332FBCC2}" = HPProductAssistant
"{A586DC50-B18D-48FB-B7CC-A598200457C2}" = Acer eDisplay Management
"{A5F483F0-2D79-4FCA-AE09-D0D96E23EBF7}" = Samsung Update Plus
"{A939D341-5A04-4E0A-BB55-3E65B386432D}" = Microsoft Office Small Business Connectivity Components
"{AC13BA3A-336B-45a4-B3FE-2D3058A7B533}" = Toolbox
"{AC76BA86-7AD7-5464-3428-800000000003}" = Spelling Dictionaries Support For Adobe Reader 8
"{B2544A03-10D0-4E5E-BA69-0362FFC20D18}" = OGA Notifier 2.0.0048.0
"{B3C02EC1-A7B0-4987-9A43-8789426AAA7D}" = Adobe Setup
"{B495547C-01F8-4836-A2E6-749B5F3EA691}" = 8500A909_Help
"{B7A0CE06-068E-11D6-97FD-0050BACBF861}" = PowerProducer
"{BA5F3E0E-8F3E-47BD-88E4-AD3EB5225F51}" = Intel(R) PROSet/Wireless WiFi-Software
"{BAE68339-B0F6-4D33-9554-5A3DB2DFF5DA}" = User Guide
"{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}" = Microsoft Sync Framework Services Native v1.0 (x86)
"{C1E693A4-B1D5-4DCD-B68D-2087835B7184}" = ScanSoft OmniPage SE 4.0
"{C29C1940-CB85-4F3B-906C-33FEE0E67103}" = DocMgr
"{C63E7C60-25EB-11D3-8EDA-00A0C911E8E5}" = Microsoft Outlook-Sicherung für Persönliche Ordner
"{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector
"{CD8C5C7F-7C58-4F85-8977-A6C08C087912}" = MPM
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.1
"{D5DEF057-D3BC-499f-99EE-884ED429B6D1}" = 8500A909g
"{DA8BF070-1358-4a30-A68F-21E0E9421AEF}" = ProductContext
"{E3723A04-A894-4036-A78E-282E18F43C0A}_is1" = Tinypic 3.15
"{E7004147-2CCA-431C-AA05-2AB166B9785D}" = QuickTime
"{E7712E53-7A7F-46EB-AA13-70D5987D30F2}" = Dragon NaturallySpeaking 10
"{ED636101-1959-4360-8BF7-209436E7DEE4}" = Windows Live Sync
"{EEEB604C-C1A7-4f8c-B03F-56F9C1C9C45F}" = Fax
"{EF367AA4-070B-493C-9575-85BE59D789C9}" = Easy SpeedUp Manager
"{EF71A531-5B6C-4B20-8D1E-E6379C7FB6D3}" = Microsoft IntelliPoint 7.0
"{EF9E56EE-0243-4BAD-88F4-5E7508AA7D96}" = Destination Component
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F18E8A0F-BE99-4305-96A5-6C0FD9D7D999}" = mobile PhoneTools
"{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}" = Microsoft Office Live Add-in 1.5
"{F4F4F84E-804F-4E9A-84D7-C34283F0088F}" = RealUpgrade 1.0
"{F648FD09-7CEA-4257-BC68-A8389189FD51}" = GPBaseService2
"{F750C986-5310-3A5A-95F8-4EC71C8AC01C}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{F769B78E-FF0E-4db5-95E2-9F4C8D6352FE}" = DeviceDiscovery
"{FE6E1AF6-6B88-44FE-8101-84AE6A52B393}" = Windows Live Movie Maker-Betaversion
"7-Zip" = 7-Zip 9.20
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe_3e054d2218e7aa282c2369d939e58ff" = Adobe ExtendScript Toolkit 2
"Adobe_6c8e2cb4fd241c55406016127a6ab2e" = Adobe Color Common Settings
"Agere Systems Soft Modem" = Agere Systems HDA Modem
"Business Contact Manager" = Business Contact Manager für Outlook 2007 SP2
"CameraWindowDC8" = Canon Utilities CameraWindow DC 8
"CameraWindowLauncher" = Canon Utilities CameraWindow
"CANON iMAGE GATEWAY Task" = CANON iMAGE GATEWAY Task for ZoomBrowser EX
"Canon Internet Library for ZoomBrowser EX" = Canon Internet Library for ZoomBrowser EX
"Canon MOV Decoder" = Canon MOV Decoder
"Canon MOV Encoder" = Canon MOV Encoder
"Delicious Add-on for Internet Explorer" = Delicious Add-on for Internet Explorer
"Doc Scrubber_is1" = Doc Scrubber v1.1
"DPP" = Canon Utilities Digital Photo Professional 3.1
"ElsterFormular 11.4.1.4323" = ElsterFormular
"EOS Utility" = Canon Utilities EOS Utility
"FreePDF_XP" = FreePDF XP (Remove only)
"FTDICOMM" = FTDI USB Serial Converter Drivers
"HP Document Manager" = HP Document Manager 2.0
"HP Imaging Device Functions" = HP Imaging Device Functions 12.0
"HP Smart Web Printing" = HP Smart Web Printing
"HP Solution Center & Imaging Support Tools" = HP Solution Center 12.0
"HPExtendedCapabilities" = HP Customer Participation Program 12.0
"HPOCR" = OCR Software by I.R.I.S. 12.0
"InstallShield_{4EA8EA5D-8E46-4698-9BF7-2F2AD8E1C185}" = Easy Network Manager 3.0
"InstallShield_{955597D8-E5E1-474D-B647-60AC44566D24}" = Play AVStation
"InstallShield_{A5F483F0-2D79-4FCA-AE09-D0D96E23EBF7}" = Samsung Update Plus
"InstallWIX_{66F1F013-008F-4875-B283-5A814B820347}" = Kaspersky Internet Security 2011
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Microsoft SQL Server 2005" = Microsoft SQL Server 2005
"MovieEditTask" = Canon MovieEdit Task for ZoomBrowser EX
"MovieUploaderForYouTube" = Canon Utilities Movie Uploader for YouTube
"MozBackup" = MozBackup 1.4.9
"Mozilla Firefox (3.6.13)" = Mozilla Firefox (3.6.13)
"Mozilla Thunderbird (3.0.4)" = Mozilla Thunderbird (3.0.4)
"MyCamera" = Canon Utilities MyCamera
"NVIDIA Drivers" = NVIDIA Drivers
"PhotoStitch" = Canon Utilities PhotoStitch
"Picture Style Editor" = Canon Utilities Picture Style Editor
"Polipo" = Polipo 1.0.4.1
"PROHYBRIDR" = 2007 Microsoft Office system
"ProInst" = Intel PROSet Wireless
"QNewsletter_is1" = QNewsletter Version 2.8.0
"RealPlayer 12.0" = RealPlayer
"Redirection Port Monitor" = RedMon - Redirection Port Monitor
"Shop for HP Supplies" = Shop for HP Supplies
"SmartTools Outlook Add-Ins" = SmartTools Publishing · Deinstallation Outlook Add-Ins
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"Tor" = Tor 0.2.1.25
"Vidalia" = Vidalia 0.2.7
"WinGimp-2.0_is1" = GIMP 2.6.8
"WinLiveSuite_Wave3" = Windows Live Essentials
"ZoomBrowser EX" = Canon Utilities ZoomBrowser EX
"ZoomBrowser EX Memory Card Utility" = Canon ZoomBrowser EX Memory Card Utility
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Adobe Acrobat Connect Add-in" = Adobe Acrobat Connect Add-in
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 29.12.2010 09:15:29 | Computer Name = Heim-PC | Source = Windows Search Service | ID = 3013
Description =
Error - 29.12.2010 09:15:29 | Computer Name = Heim-PC | Source = Windows Search Service | ID = 3013
Description =
Error - 29.12.2010 09:15:29 | Computer Name = Heim-PC | Source = Windows Search Service | ID = 3013
Description =
Error - 29.12.2010 09:15:29 | Computer Name = Heim-PC | Source = Windows Search Service | ID = 3013
Description =
Error - 29.12.2010 09:15:29 | Computer Name = Heim-PC | Source = Windows Search Service | ID = 3013
Description =
Error - 29.12.2010 09:15:30 | Computer Name = Heim-PC | Source = Windows Search Service | ID = 3013
Description =
Error - 29.12.2010 09:15:30 | Computer Name = Heim-PC | Source = Windows Search Service | ID = 3013
Description =
Error - 29.12.2010 09:15:30 | Computer Name = Heim-PC | Source = Windows Search Service | ID = 3013
Description =
Error - 29.12.2010 09:15:30 | Computer Name = Heim-PC | Source = Windows Search Service | ID = 3013
Description =
Error - 29.12.2010 09:15:31 | Computer Name = Heim-PC | Source = Windows Search Service | ID = 3013
Description =
[ OSession Events ]
Error - 11.07.2010 06:33:25 | Computer Name = Heim-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6535.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 5
seconds with 0 seconds of active time. This session ended with a crash.
Error - 14.07.2010 03:17:02 | Computer Name = Heim-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6514.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 372
seconds with 120 seconds of active time. This session ended with a crash.
Error - 22.07.2010 11:03:18 | Computer Name = Heim-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6535.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 22960
seconds with 1260 seconds of active time. This session ended with a crash.
Error - 19.09.2010 16:49:59 | Computer Name = Heim-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6539.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 218
seconds with 0 seconds of active time. This session ended with a crash.
Error - 21.09.2010 14:07:03 | Computer Name = Heim-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6539.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 38027
seconds with 780 seconds of active time. This session ended with a crash.
Error - 24.09.2010 08:58:22 | Computer Name = Heim-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6539.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 285
seconds with 0 seconds of active time. This session ended with a crash.
Error - 24.10.2010 09:06:01 | Computer Name = Heim-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6539.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 1058
seconds with 180 seconds of active time. This session ended with a crash.
Error - 26.10.2010 12:02:26 | Computer Name = Heim-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6539.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 248
seconds with 0 seconds of active time. This session ended with a crash.
Error - 15.12.2010 05:23:55 | Computer Name = Heim-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6539.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 1391
seconds with 120 seconds of active time. This session ended with a crash.
Error - 17.12.2010 04:30:23 | Computer Name = Heim-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6548.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 607
seconds with 60 seconds of active time. This session ended with a crash.
[ System Events ]
Error - 29.12.2010 11:05:40 | Computer Name = Heim-PC | Source = cdrom | ID = 262155
Description = Der Treiber hat einen Controllerfehler auf \Device\CdRom0 gefunden.
Error - 29.12.2010 11:05:47 | Computer Name = Heim-PC | Source = cdrom | ID = 262155
Description = Der Treiber hat einen Controllerfehler auf \Device\CdRom0 gefunden.
Error - 29.12.2010 11:05:53 | Computer Name = Heim-PC | Source = cdrom | ID = 262155
Description = Der Treiber hat einen Controllerfehler auf \Device\CdRom0 gefunden.
Error - 29.12.2010 11:06:00 | Computer Name = Heim-PC | Source = cdrom | ID = 262155
Description = Der Treiber hat einen Controllerfehler auf \Device\CdRom0 gefunden.
Error - 29.12.2010 11:06:06 | Computer Name = Heim-PC | Source = cdrom | ID = 262155
Description = Der Treiber hat einen Controllerfehler auf \Device\CdRom0 gefunden.
Error - 29.12.2010 11:06:13 | Computer Name = Heim-PC | Source = cdrom | ID = 262155
Description = Der Treiber hat einen Controllerfehler auf \Device\CdRom0 gefunden.
Error - 29.12.2010 11:06:20 | Computer Name = Heim-PC | Source = cdrom | ID = 262155
Description = Der Treiber hat einen Controllerfehler auf \Device\CdRom0 gefunden.
Error - 29.12.2010 11:06:26 | Computer Name = Heim-PC | Source = cdrom | ID = 262155
Description = Der Treiber hat einen Controllerfehler auf \Device\CdRom0 gefunden.
Error - 29.12.2010 11:06:33 | Computer Name = Heim-PC | Source = cdrom | ID = 262155
Description = Der Treiber hat einen Controllerfehler auf \Device\CdRom0 gefunden.
Error - 29.12.2010 11:09:49 | Computer Name = Heim-PC | Source = cdrom | ID = 262151
Description = Fehlerhafter Block bei Gerät \Device\CdRom0.
< End of report >
--- --- --- |
