Alle Dateien und Programme weg, Desktop schwarz

OTL logfile created on: 14.08.2011 21:47:36 - Run 2
OTL by OldTimer - Version 3.2.26.1     Folder = C:\Dokumente und Einstellungen\Sangmeister\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
2,00 Gb Total Physical Memory | 0,98 Gb Available Physical Memory | 49,24% Memory free
3,85 Gb Paging File | 2,93 Gb Available in Paging File | 76,13% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 298,08 Gb Total Space | 167,28 Gb Free Space | 56,12% Space Free | Partition Type: NTFS
 
Computer Name: BERND2 | User Name: Sangmeister | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2011.08.07 21:23:29 | 000,579,584 | ---- | M] (OldTimer Tools) -- C:\Dokumente und Einstellungen\Sangmeister\Desktop\OTL.exe
PRC - [2011.07.30 23:29:49 | 000,140,952 | -H-- | M] (Google Inc.) -- C:\Dokumente und Einstellungen\Sangmeister\Lokale Einstellungen\Anwendungsdaten\Google\Update\1.3.21.65\GoogleCrashHandler.exe
PRC - [2011.07.14 21:30:52 | 000,399,536 | -H-- | M] (Mozilla Messaging) -- C:\Programme\Mozilla Thunderbird\thunderbird.exe
PRC - [2011.07.06 19:52:38 | 000,449,584 | -H-- | M] (Malwarebytes Corporation) -- C:\Programme\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2011.07.06 19:52:38 | 000,366,640 | -H-- | M] (Malwarebytes Corporation) -- C:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2011.06.28 21:55:02 | 000,428,200 | -H-- | M] (Avira GmbH) -- C:\Programme\Avira\AntiVir Desktop\avwebgrd.exe
PRC - [2011.06.28 21:55:02 | 000,340,136 | -H-- | M] (Avira GmbH) -- C:\Programme\Avira\AntiVir Desktop\avmailc.exe
PRC - [2011.06.28 21:55:02 | 000,269,480 | -H-- | M] (Avira GmbH) -- C:\Programme\Avira\AntiVir Desktop\avguard.exe
PRC - [2011.06.28 00:09:14 | 000,924,632 | -H-- | M] (Mozilla Corporation) -- C:\Programme\Mozilla Firefox\firefox.exe
PRC - [2011.04.28 18:46:02 | 000,136,360 | -H-- | M] (Avira GmbH) -- C:\Programme\Avira\AntiVir Desktop\sched.exe
PRC - [2011.01.05 12:59:50 | 000,037,664 | -H-- | M] (Apple Inc.) -- C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\AppleMobileDeviceService.exe
PRC - [2010.11.03 19:52:38 | 000,281,768 | -H-- | M] (Avira GmbH) -- C:\Programme\Avira\AntiVir Desktop\avgnt.exe
PRC - [2010.10.29 15:49:28 | 000,249,064 | -H-- | M] (Sun Microsystems, Inc.) -- C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe
PRC - [2010.06.09 20:03:50 | 000,076,968 | -H-- | M] (Avira GmbH) -- C:\Programme\Avira\AntiVir Desktop\avshadow.exe
PRC - [2008.12.20 08:50:34 | 002,656,528 | -H-- | M] () -- C:\Programme\Logitech\QuickCam\Quickcam.exe
PRC - [2008.12.20 08:46:58 | 000,558,864 | -H-- | M] () -- C:\Programme\Gemeinsame Dateien\LogiShrd\LQCVFX\COCIManager.exe
PRC - [2008.12.16 22:59:50 | 000,150,040 | -H-- | M] (Logitech Inc.) -- C:\Programme\Gemeinsame Dateien\LogiShrd\LVMVFM\LVPrcSrv.exe
PRC - [2008.11.11 22:43:44 | 000,049,152 | -H-- | M] () -- C:\Programme\ShrewSoft\VPN Client\dtpd.exe
PRC - [2008.11.11 22:42:00 | 000,712,704 | -H-- | M] () -- C:\Programme\ShrewSoft\VPN Client\iked.exe
PRC - [2008.11.11 22:40:32 | 000,536,576 | -H-- | M] () -- C:\Programme\ShrewSoft\VPN Client\ipsecd.exe
PRC - [2008.07.22 22:44:06 | 000,357,376 | -H-- | M] (shbox.de) -- C:\Programme\FreePDF_XP\fpassist.exe
PRC - [2008.04.14 04:22:45 | 001,036,800 | -H-- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2006.12.14 17:49:10 | 000,061,440 | -H-- | M] (Hewlett-Packard Company) -- C:\Programme\Gemeinsame Dateien\LightScribe\LSSrvc.exe
PRC - [2006.03.03 22:03:10 | 000,069,632 | -H-- | M] (HP) -- C:\WINDOWS\system32\HPZipm12.exe
 
 
========== Modules (SafeList) ==========
 
MOD - [2011.08.07 21:23:29 | 000,579,584 | ---- | M] (OldTimer Tools) -- C:\Dokumente und Einstellungen\Sangmeister\Desktop\OTL.exe
MOD - [2010.08.23 18:11:46 | 001,054,208 | -H-- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll
 
 
========== Win32 Services (SafeList) ==========
 
SRV - File not found [Disabled | Stopped] --  -- (USBDLM)
SRV - File not found [On_Demand | Stopped] --  -- (NMIndexingService)
SRV - [2011.07.06 19:52:38 | 000,366,640 | -H-- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2011.06.28 21:55:02 | 000,428,200 | -H-- | M] (Avira GmbH) [Auto | Running] -- C:\Programme\Avira\AntiVir Desktop\AVWEBGRD.EXE -- (AntiVirWebService)
SRV - [2011.06.28 21:55:02 | 000,340,136 | -H-- | M] (Avira GmbH) [Auto | Running] -- C:\Programme\Avira\AntiVir Desktop\avmailc.exe -- (AntiVirMailService)
SRV - [2011.06.28 21:55:02 | 000,269,480 | -H-- | M] (Avira GmbH) [Auto | Running] -- C:\Programme\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2011.04.28 18:46:02 | 000,136,360 | -H-- | M] (Avira GmbH) [Auto | Running] -- C:\Programme\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2011.01.05 12:59:50 | 000,037,664 | -H-- | M] (Apple Inc.) [Auto | Running] -- C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2008.12.16 22:59:50 | 000,150,040 | -H-- | M] (Logitech Inc.) [Auto | Running] -- C:\Programme\Gemeinsame Dateien\LogiShrd\LVMVFM\LVPrcSrv.exe -- (LVPrcSrv)
SRV - [2008.11.11 22:43:44 | 000,049,152 | -H-- | M] () [Auto | Running] -- C:\Programme\ShrewSoft\VPN Client\dtpd.exe -- (dtpd)
SRV - [2008.11.11 22:42:00 | 000,712,704 | -H-- | M] () [Auto | Running] -- C:\Programme\ShrewSoft\VPN Client\iked.exe -- (iked)
SRV - [2008.11.11 22:40:32 | 000,536,576 | -H-- | M] () [Auto | Running] -- C:\Programme\ShrewSoft\VPN Client\ipsecd.exe -- (ipsecd)
SRV - [2008.11.04 02:06:28 | 000,441,712 | -H-- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE12\ODSERV.EXE -- (odserv)
SRV - [2006.12.14 17:49:10 | 000,061,440 | -H-- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Programme\Gemeinsame Dateien\LightScribe\LSSrvc.exe -- (LightScribeService)
SRV - [2006.10.26 14:03:08 | 000,145,184 | -H-- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE -- (ose)
SRV - [2006.03.03 22:03:10 | 000,069,632 | -H-- | M] (HP) [Unknown | Running] -- C:\WINDOWS\system32\HPZipm12.exe -- (Pml Driver HPZ12)
SRV - [2005.11.17 16:18:52 | 001,527,900 | -H-- | M] (MAGIX®) [On_Demand | Stopped] -- C:\Programme\MAGIX\Common\Database\bin\fbserver.exe -- (FirebirdServerMAGIXInstance)
 
 
========== Driver Services (SafeList) ==========
 
DRV - [2011.07.06 19:52:42 | 000,041,272 | -H-- | M] (Malwarebytes Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mbamswissarmy.sys -- (MBAMSwissArmy)
DRV - [2011.07.06 19:52:42 | 000,022,712 | -H-- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2011.06.28 21:55:03 | 000,138,192 | -H-- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avipbb.sys -- (avipbb)
DRV - [2011.06.28 21:55:03 | 000,066,616 | -H-- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2009.10.06 12:49:56 | 000,570,168 | -H-- | M] (eMPIA Technology, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\emBDA.sys -- (USB28xxBGA)
DRV - [2009.10.06 12:49:56 | 000,527,800 | -H-- | M] (eMPIA Technology, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\emOEM.sys -- (USB28xxOEM)
DRV - [2009.08.04 21:01:24 | 000,028,520 | -H-- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2009.08.04 21:00:54 | 000,011,608 | -H-- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Programme\Avira\AntiVir Desktop\avgio.sys -- (avgio)
DRV - [2009.07.14 22:17:07 | 000,229,224 | -H-- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\VMM.sys -- (vmm)
DRV - [2009.02.16 11:50:00 | 000,116,736 | -H-- | M] (BridgeCo AG) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ffSaffire_1394.sys -- (ffSaffire_1394)
DRV - [2009.02.16 11:50:00 | 000,044,544 | -H-- | M] (BridgeCo AG) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ffSaffire_avs.sys -- (ffSaffire_avs)
DRV - [2008.12.17 08:02:06 | 000,023,832 | -H-- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lvuvcflt.sys -- (FilterService)
DRV - [2008.12.17 08:01:42 | 006,364,440 | -H-- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\lvuvc.sys -- (LVUVC) QuickCam for Notebooks Deluxe(UVC)
DRV - [2008.12.17 08:01:20 | 000,041,752 | -H-- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LVUSBSta.sys -- (LVUSBSta)
DRV - [2008.12.17 08:00:12 | 000,768,024 | -H-- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\lvrs.sys -- (LVRS)
DRV - [2008.12.17 07:58:30 | 000,114,712 | -H-- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\lvpopflt.sys -- (lvpopflt)
DRV - [2008.12.17 07:54:30 | 000,495,640 | -H-- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\LV561AV.SYS -- (PID_0928) Logitech QuickCam Express(PID_0928)
DRV - [2008.12.16 22:58:54 | 000,025,624 | -H-- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LVPr2Mon.sys -- (LVPr2Mon)
DRV - [2008.11.11 22:47:14 | 000,040,576 | -H-- | M] (Shrew Soft Inc) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\vfilter.sys -- (pflt)
DRV - [2008.11.11 22:47:06 | 000,006,912 | -H-- | M] (Shrew Soft Inc) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\virtualnet.sys -- (vnet)
DRV - [2008.04.17 16:33:26 | 004,707,328 | -H-- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2008.04.13 20:46:22 | 000,015,232 | -H-- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mpe.sys -- (MPE)
DRV - [2008.02.05 01:50:44 | 000,059,960 | -H-- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\VMNetSrv.sys -- (VPCNetS2)
DRV - [2008.01.03 23:10:16 | 000,105,856 | -H-- | M] (Realtek Semiconductor Corporation                           ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtenicxp.sys -- (RTLE8023xp)
DRV - [2002.11.25 05:46:16 | 000,016,896 | -H-- | M] (Syncrosoft GmbH) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\synasUSB.sys -- (SynasUSB)
DRV - [2002.06.13 16:08:46 | 000,014,604 | -H-- | M] (Padus, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\pfc.sys -- (pfc)
DRV - [2001.12.06 18:57:28 | 000,019,076 | -H-- | M] (emagic Soft- und Hardware GmbH, Germany) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\EMGICUSB.sys -- (EmgicUsb)
DRV - [2001.12.06 18:54:28 | 000,012,564 | -H-- | M] (emagic Soft- und Hardware GmbH, Germany) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\EMGM4U2K.sys -- (EMGM4U2K)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = hxxp://www.google.com/ie
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://www.google.com/ie
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://www.google.com/ie
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..browser.search.defaultenginename: "Fast Browser Search"
FF - prefs.js..browser.search.defaulturl: "hxxp://www.fastbrowsersearch.com/results/results.aspx?s=DEF&v=18&q="
FF - prefs.js..browser.search.order.1: "Fast Browser Search"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "hxxp://www.google.de/"
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.3
FF - prefs.js..extensions.enabledItems: {2fa4ed95-0317-4c6a-a74c-5f3e3912c1f9}:2.1.106
FF - prefs.js..extensions.enabledItems: firebug@software.joehewitt.com:1.6.2
FF - prefs.js..extensions.enabledItems: {a7c6cf7f-112c-4500-a7ea-39801a327e5f}:1.0.10
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: {c45c406e-ab73-11d8-be73-000a95be3b12}:1.1.9
FF - prefs.js..extensions.enabledItems: yslow@yahoo-inc.com:2.1.0
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..keyword.URL: "hxxp://www.fastbrowsersearch.com/results/results.aspx?s=NAUS&v=18&tid={CAB22DD1-8C29-FECF-FADD-859B3DA1B16B}&q="
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Programme\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Programme\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Programme\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Programme\Microsoft Silverlight\4.0.60531.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pack.google.com/Google Updater;version=13: C:\Programme\Google\Google Updater\2.4.1536.6592\npCIDetect13.dll (Google)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Programme\Google\Update\1.3.21.65\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Programme\Google\Update\1.3.21.65\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=1.0.1: C:\Programme\VideoLAN\VLC\npvlc.dll (the VideoLAN Team)
FF - HKCU\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Dokumente und Einstellungen\Sangmeister\Lokale Einstellungen\Anwendungsdaten\Google\Update\1.3.21.65\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Dokumente und Einstellungen\Sangmeister\Lokale Einstellungen\Anwendungsdaten\Google\Update\1.3.21.65\npGoogleUpdate3.dll (Google Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 5.0\extensions\\Components: C:\Programme\Mozilla Firefox\components [2011.06.28 00:09:15 | 000,000,000 | -H-D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 5.0\extensions\\Plugins: C:\Programme\Mozilla Firefox\plugins [2011.03.27 14:18:33 | 000,000,000 | -H-D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 5.0\extensions\\Components: C:\Programme\Mozilla Thunderbird\components [2011.07.14 21:30:57 | 000,000,000 | -H-D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 5.0\extensions\\Plugins: C:\Programme\Mozilla Thunderbird\plugins
 
[2010.07.22 21:53:08 | 000,000,000 | -H-D | M] (No name found) -- C:\Dokumente und Einstellungen\Sangmeister\Anwendungsdaten\Mozilla\Extensions
[2010.07.22 21:53:08 | 000,000,000 | -H-D | M] (No name found) -- C:\Dokumente und Einstellungen\Sangmeister\Anwendungsdaten\Mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}
[2011.08.14 19:07:40 | 000,000,000 | -H-D | M] (No name found) -- C:\Dokumente und Einstellungen\Sangmeister\Anwendungsdaten\Mozilla\Firefox\Profiles\ulb09ne6.default\extensions
[2011.07.10 17:52:55 | 000,000,000 | -H-D | M] (Delicious Bookmarks) -- C:\Dokumente und Einstellungen\Sangmeister\Anwendungsdaten\Mozilla\Firefox\Profiles\ulb09ne6.default\extensions\{2fa4ed95-0317-4c6a-a74c-5f3e3912c1f9}
[2011.06.04 22:12:37 | 000,000,000 | -H-D | M] (Google Toolbar for Firefox) -- C:\Dokumente und Einstellungen\Sangmeister\Anwendungsdaten\Mozilla\Firefox\Profiles\ulb09ne6.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}
[2011.01.08 22:26:15 | 000,000,000 | -H-D | M] (Web Developer) -- C:\Dokumente und Einstellungen\Sangmeister\Anwendungsdaten\Mozilla\Firefox\Profiles\ulb09ne6.default\extensions\{c45c406e-ab73-11d8-be73-000a95be3b12}
[2009.08.08 23:41:48 | 000,004,153 | -H-- | M] () -- C:\Dokumente und Einstellungen\Sangmeister\Anwendungsdaten\Mozilla\Firefox\Profiles\ulb09ne6.default\searchplugins\youtube.xml
[2011.03.27 14:18:38 | 000,000,000 | -H-D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
[2010.06.08 18:50:07 | 000,000,000 | -H-D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010.08.21 15:41:06 | 000,000,000 | -H-D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
[2010.10.17 21:39:05 | 000,000,000 | -H-D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
[2011.03.21 20:15:18 | 000,000,000 | -H-D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
[2010.06.09 20:35:32 | 000,000,000 | -H-D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions\{FD2FD708-1F6F-4B68-B141-C5778F0C19BB}
File not found (No name found) -- 
() (No name found) -- C:\DOKUMENTE UND EINSTELLUNGEN\SANGMEISTER\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\ULB09NE6.DEFAULT\EXTENSIONS\{A7C6CF7F-112C-4500-A7EA-39801A327E5F}.XPI
() (No name found) -- C:\DOKUMENTE UND EINSTELLUNGEN\SANGMEISTER\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\ULB09NE6.DEFAULT\EXTENSIONS\{D10D0BF8-F5B5-C8B4-A8B2-2B9879E08C5D}.XPI
() (No name found) -- C:\DOKUMENTE UND EINSTELLUNGEN\SANGMEISTER\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\ULB09NE6.DEFAULT\EXTENSIONS\FIREBUG@SOFTWARE.JOEHEWITT.COM.XPI
() (No name found) -- C:\DOKUMENTE UND EINSTELLUNGEN\SANGMEISTER\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\ULB09NE6.DEFAULT\EXTENSIONS\YSLOW@YAHOO-INC.COM.XPI
[2008.11.24 23:46:47 | 000,000,000 | -H-D | M] (Java Quick Starter) -- C:\PROGRAMME\JAVA\JRE6\LIB\DEPLOY\JQS\FF
[2009.09.02 08:50:09 | 000,000,000 | -H-D | M] (Microsoft .NET Framework Assistant) -- C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V3.5\WINDOWS PRESENTATION FOUNDATION\DOTNETASSISTANTEXTENSION
[2011.06.28 00:09:14 | 000,142,296 | -H-- | M] (Mozilla Foundation) -- C:\Programme\mozilla firefox\components\browsercomps.dll
[2011.02.02 22:40:24 | 000,472,808 | -H-- | M] (Sun Microsystems, Inc.) -- C:\Programme\mozilla firefox\plugins\npdeployJava1.dll
[2007.12.19 14:57:38 | 000,310,272 | -H-- | M] () -- C:\Programme\mozilla firefox\plugins\npGoogleGadgetPluginFirefoxWin.dll
[2008.12.31 13:45:40 | 000,279,888 | -H-- | M] (Musicnotes, Inc.) -- C:\Programme\mozilla firefox\plugins\npmusicn.dll
[2010.01.01 10:00:00 | 000,001,392 | -H-- | M] () -- C:\Programme\mozilla firefox\searchplugins\amazondotcom-de.xml
[2010.01.01 10:00:00 | 000,002,252 | -H-- | M] () -- C:\Programme\mozilla firefox\searchplugins\bing.xml
[2010.01.01 10:00:00 | 000,001,153 | -H-- | M] () -- C:\Programme\mozilla firefox\searchplugins\eBay-de.xml
[2009.08.26 21:28:44 | 000,003,700 | -H-- | M] () -- C:\Programme\mozilla firefox\searchplugins\fast.png
[2009.08.26 21:28:44 | 000,001,963 | -H-- | M] () -- C:\Programme\mozilla firefox\searchplugins\fast.xml
[2010.01.01 10:00:00 | 000,006,805 | -H-- | M] () -- C:\Programme\mozilla firefox\searchplugins\leo_ende_de.xml
[2010.01.01 10:00:00 | 000,001,178 | -H-- | M] () -- C:\Programme\mozilla firefox\searchplugins\wikipedia-de.xml
[2010.01.01 10:00:00 | 000,001,105 | -H-- | M] () -- C:\Programme\mozilla firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2007.10.29 14:00:00 | 000,000,820 | -H-- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O2 - BHO: (Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (jZip Webmail plugin) - {647FD14A-C4F1-46F4-8FC3-0B40F54226F7} - C:\Programme\jZip\WebmailPlugin.dll (Discordia Limited)
O3 - HKLM\..\Toolbar: (&TerraTec Home Cinema) - {AD6E6555-FB2C-47D4-8339-3E2965509877} - C:\Programme\CinergyDigital3\THCDeskBand.dll (TerraTec Electronic GmbH)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {FD2FD708-1F6F-4B68-B141-C5778F0C19BB} - No CLSID value found.
O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\Alcmtr.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [avgnt] C:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [FreePDF Assistant] C:\Programme\FreePDF_XP\fpassist.exe (shbox.de)
O4 - HKLM..\Run: [LogitechQuickCamRibbon] C:\Programme\Logitech\QuickCam\Quickcam.exe ()
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Programme\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe ()
O4 - HKLM..\Run: [QuickTime Task] C:\Programme\QTLite\QTTask.exe (Apple Inc.)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [TrayServer] C:\Programme\MAGIX\Video_deluxe_15_Plus\Trayserver.exe (MAGIX AG)
O4 - HKCU..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]  File not found
O4 - HKCU..\Run: [MsgCenterExe]  File not found
O4 - HKCU..\RunOnce: [FlashPlayerUpdate] C:\WINDOWS\System32\Macromed\Flash\FlashUtil10t_Plugin.exe (Adobe Systems, Inc.)
O4 - Startup: C:\Dokumente und Einstellungen\Sangmeister\Startmenü\Programme\Autostart\Dropbox.lnk = C:\Dokumente und Einstellungen\Sangmeister\Anwendungsdaten\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutorun = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDesktop = 0
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Programme\Avira\AntiVir Desktop\avsda.dll (Avira GmbH)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Programme\Avira\AntiVir Desktop\avsda.dll (Avira GmbH)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Programme\Avira\AntiVir Desktop\avsda.dll (Avira GmbH)
O16 - DPF: {1239CC52-59EF-4DFA-8C61-90FFA846DF7E} hxxp://www.musicnotes.com/download/mnviewer.cab (Musicnotes Viewer)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} hxxp://fpdownload.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} hxxp://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0004-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_04-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0006-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_06-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {E5F5D008-DD2C-4D32-977D-1A0ADF03058B} https://uk.dbrasweb.db.com/dana-cached/setup/JuniperSetupSP1.cab (JuniperSetupSP1 Control)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - AppInit_DLLs: (C:\PROGRA~1\Google\GOOGLE~3\GOEC62~1.DLL) - C:\Programme\Google\Google Desktop Search\GoogleDesktopNetwork3.dll (Google)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O24 - Desktop Components:0 (Die derzeitige Homepage) - About:Home
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2008.05.26 15:57:32 | 000,000,000 | -H-- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{30c1df18-f79c-11df-9b68-001d7d4be4ba}\Shell\AutoRun\command - "" = E:\Menu.exe
O33 - MountPoints2\{ea0ae1f0-7eac-11de-9a22-001d7d4be4ba}\Shell\AutoRun\command - "" = F:\WebarooPortable\WebarooPortable.exe
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
========== Files/Folders - Created Within 30 Days ==========
 
[2011.08.14 21:50:11 | 003,447,576 | ---- | C] (Piriform Ltd) -- C:\Dokumente und Einstellungen\Sangmeister\Desktop\ccsetup309.exe
[2011.08.07 21:23:33 | 000,579,584 | ---- | C] (OldTimer Tools) -- C:\Dokumente und Einstellungen\Sangmeister\Desktop\OTL.exe
[2011.08.07 00:24:43 | 000,000,000 | RH-D | C] -- C:\Dokumente und Einstellungen\Sangmeister\Recent
[2011.08.07 00:18:14 | 000,000,000 | -H-D | C] -- C:\Dokumente und Einstellungen\Sangmeister\Anwendungsdaten\Malwarebytes
[2011.08.07 00:18:10 | 000,000,000 | -H-D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Malwarebytes' Anti-Malware
[2011.08.07 00:18:09 | 000,041,272 | -H-- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2011.08.07 00:18:07 | 000,000,000 | -H-D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Malwarebytes
[2011.08.07 00:18:04 | 000,022,712 | -H-- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2011.08.07 00:18:04 | 000,000,000 | -H-D | C] -- C:\Programme\Malwarebytes' Anti-Malware
[2011.08.07 00:17:10 | 009,466,208 | -H-- | C] (Malwarebytes Corporation                                    ) -- C:\Dokumente und Einstellungen\Sangmeister\Desktop\mbam-setup-1.51.1.1800.exe
[2011.08.06 18:09:11 | 000,020,992 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dshowext.ax
[2011.08.06 18:09:11 | 000,020,992 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dshowext.ax
[2011.07.24 19:42:18 | 000,000,000 | RH-D | C] -- C:\Dokumente und Einstellungen\Sangmeister\Startmenü\Programme\Verwaltung
[7 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2011.08.14 21:50:20 | 003,447,576 | ---- | M] (Piriform Ltd) -- C:\Dokumente und Einstellungen\Sangmeister\Desktop\ccsetup309.exe
[2011.08.14 21:49:00 | 000,000,430 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{B29ED1EA-B1DD-47BE-AC63-3988E113932F}.job
[2011.08.14 21:34:00 | 000,001,234 | -H-- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-3240184748-827947968-3144426994-1005UA.job
[2011.08.14 21:30:00 | 000,001,100 | -H-- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2011.08.14 18:40:28 | 000,001,044 | ---- | M] () -- C:\WINDOWS\tasks\Google Software Updater.job
[2011.08.14 18:40:08 | 000,001,158 | -H-- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011.08.14 18:40:07 | 000,001,096 | -H-- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2011.08.14 18:39:48 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011.08.13 23:34:00 | 000,001,182 | -H-- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-3240184748-827947968-3144426994-1005Core.job
[2011.08.07 21:23:29 | 000,579,584 | ---- | M] (OldTimer Tools) -- C:\Dokumente und Einstellungen\Sangmeister\Desktop\OTL.exe
[2011.08.07 00:17:24 | 009,466,208 | -H-- | M] (Malwarebytes Corporation                                    ) -- C:\Dokumente und Einstellungen\Sangmeister\Desktop\mbam-setup-1.51.1.1800.exe
[2011.08.06 18:09:20 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\lvuvc.hs
[2011.08.06 18:09:07 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\logiflt.iad
[2011.08.06 17:36:13 | 007,056,054 | -H-- | M] () -- C:\WINDOWS\BGInfo.bmp
[2011.07.19 20:38:20 | 000,419,040 | -H-- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[7 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2011.08.06 18:09:20 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\lvuvc.hs
[2011.08.06 18:09:07 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\logiflt.iad
[2010.12.18 19:49:56 | 000,134,874 | -H-- | C] () -- C:\WINDOWS\HPHins12.dat
[2010.12.18 19:49:56 | 000,014,916 | -H-- | C] () -- C:\WINDOWS\hphmdl12.dat
[2009.12.20 23:57:53 | 000,088,896 | -H-- | C] () -- C:\WINDOWS\System32\mlfcache.dat
[2009.12.12 21:51:52 | 000,000,056 | -H-- | C] () -- C:\WINDOWS\System32\ezsidmv.dat
[2009.06.13 08:35:22 | 000,116,224 | -H-- | C] () -- C:\WINDOWS\System32\redmonnt.dll
[2009.06.13 08:35:22 | 000,045,056 | -H-- | C] () -- C:\WINDOWS\System32\unredmon.exe
[2009.06.13 08:35:11 | 000,000,043 | -H-- | C] () -- C:\WINDOWS\gswin32.ini
[2009.03.09 23:56:14 | 000,520,267 | -H-- | C] () -- C:\WINDOWS\System32\libmmd.dll
[2009.01.05 23:32:14 | 000,001,476 | -H-- | C] () -- C:\WINDOWS\tefview.ini
[2008.12.16 22:58:54 | 000,025,624 | -H-- | C] () -- C:\WINDOWS\System32\drivers\LVPr2Mon.sys
[2008.12.16 22:50:56 | 000,013,584 | -H-- | C] () -- C:\WINDOWS\System32\drivers\iKeyLgFT.dll
[2008.12.04 22:26:30 | 000,120,200 | -H-- | C] () -- C:\WINDOWS\System32\DLLDEV32i.dll
[2008.12.04 22:25:24 | 000,007,119 | -H-- | C] () -- C:\WINDOWS\mgxoschk.ini
[2008.11.25 23:26:11 | 000,502,784 | -H-- | C] () -- C:\WINDOWS\x2.64.exe
[2008.11.25 23:26:11 | 000,240,128 | -H-- | C] () -- C:\WINDOWS\System32\x.264.exe
[2008.11.25 23:26:11 | 000,217,073 | -H-- | C] () -- C:\WINDOWS\meta4.exe
[2008.11.25 23:26:11 | 000,066,560 | -H-- | C] () -- C:\WINDOWS\MOTA113.exe
[2008.11.25 23:26:11 | 000,027,648 | -H-- | C] () -- C:\WINDOWS\System32\AVSredirect.dll
[2008.11.20 23:50:39 | 000,120,195 | -H-- | C] () -- C:\WINDOWS\hpoins11.dat.temp
[2008.11.20 23:50:39 | 000,006,947 | -H-- | C] () -- C:\WINDOWS\hpomdl11.dat.temp
[2008.09.03 22:26:29 | 000,000,600 | -H-- | C] () -- C:\Dokumente und Einstellungen\Sangmeister\Anwendungsdaten\winscp.rnd
[2008.06.22 09:46:06 | 000,021,317 | -H-- | C] () -- C:\WINDOWS\cdplayer.ini
[2008.06.15 23:03:45 | 000,081,110 | -H-- | C] () -- C:\WINDOWS\System32\lvcoinst.ini
[2008.06.11 21:22:12 | 000,000,069 | -H-- | C] () -- C:\WINDOWS\NeroDigital.ini
[2008.06.11 21:22:11 | 000,080,896 | -H-- | C] () -- C:\Dokumente und Einstellungen\Sangmeister\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008.06.11 09:58:28 | 000,000,032 | -H-- | C] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\ezsid.dat
[2008.06.10 21:36:48 | 000,363,520 | -H-- | C] () -- C:\WINDOWS\System32\PsisDecd.dll
[2008.06.10 18:52:54 | 000,077,824 | RH-- | C] () -- C:\WINDOWS\System32\HPZIDS01.dll
[2008.06.10 18:52:40 | 000,000,166 | -H-- | C] () -- C:\WINDOWS\System32\AddPort.ini
[2008.06.10 18:52:11 | 000,000,734 | -H-- | C] () -- C:\WINDOWS\hpntwksetup.ini
[2008.06.10 18:50:07 | 000,109,411 | -H-- | C] () -- C:\WINDOWS\hpoins11.dat
[2008.06.10 18:49:35 | 000,006,947 | -H-- | C] () -- C:\WINDOWS\hpomdl11.dat
[2008.05.29 15:09:33 | 000,001,826 | -H-- | C] () -- C:\WINDOWS\mozver.dat
[2008.05.29 14:56:51 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\nsreg.dat
[2008.05.29 12:31:25 | 000,000,146 | -H-- | C] () -- C:\Dokumente und Einstellungen\Sangmeister\Lokale Einstellungen\Anwendungsdaten\fusioncache.dat
[2008.05.27 15:01:04 | 000,000,061 | -H-- | C] () -- C:\WINDOWS\smscfg.ini
[2008.05.26 16:52:40 | 000,004,161 | -H-- | C] () -- C:\WINDOWS\ODBCINST.INI
[2008.05.26 16:52:08 | 000,419,040 | -H-- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2008.05.26 16:47:28 | 000,002,480 | -H-- | C] () -- C:\WINDOWS\System32\oeminfo.ini
[2008.05.26 16:47:20 | 000,461,250 | -H-- | C] () -- C:\WINDOWS\System32\perfh007.dat
[2008.05.26 16:47:20 | 000,269,480 | -H-- | C] () -- C:\WINDOWS\System32\perfi007.dat
[2008.05.26 16:47:20 | 000,085,662 | -H-- | C] () -- C:\WINDOWS\System32\perfc007.dat
[2008.05.26 16:47:20 | 000,034,478 | -H-- | C] () -- C:\WINDOWS\System32\perfd007.dat
[2008.05.26 16:47:10 | 000,004,569 | -H-- | C] () -- C:\WINDOWS\System32\secupd.dat
[2008.05.26 16:47:09 | 013,107,200 | -H-- | C] () -- C:\WINDOWS\System32\oembios.bin
[2008.05.26 16:47:09 | 000,442,356 | -H-- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2008.05.26 16:47:09 | 000,272,128 | -H-- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2008.05.26 16:47:09 | 000,072,292 | -H-- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2008.05.26 16:47:09 | 000,028,626 | -H-- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2008.05.26 16:47:09 | 000,004,518 | -H-- | C] () -- C:\WINDOWS\System32\oembios.dat
[2008.05.26 16:47:08 | 000,000,741 | -H-- | C] () -- C:\WINDOWS\System32\noise.dat
[2008.05.26 16:47:07 | 000,673,088 | -H-- | C] () -- C:\WINDOWS\System32\mlang.dat
[2008.05.26 16:47:07 | 000,046,258 | -H-- | C] () -- C:\WINDOWS\System32\mib.bin
[2008.05.26 16:47:03 | 000,218,003 | -H-- | C] () -- C:\WINDOWS\System32\dssec.dat
[2008.05.26 16:47:02 | 000,001,804 | -H-- | C] () -- C:\WINDOWS\System32\dcache.bin
[2008.05.26 16:40:09 | 000,049,152 | -H-- | C] () -- C:\WINDOWS\System32\ChCfg.exe
[2008.05.26 16:03:51 | 000,000,849 | -H-- | C] () -- C:\WINDOWS\orun32.ini
[2008.05.26 15:58:40 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2008.05.26 15:55:59 | 000,021,740 | -H-- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2007.12.05 01:41:00 | 001,703,936 | -H-- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll
[2007.12.05 01:41:00 | 001,626,112 | -H-- | C] () -- C:\WINDOWS\System32\nwiz.exe
[2007.12.05 01:41:00 | 001,474,560 | -H-- | C] () -- C:\WINDOWS\System32\nview.dll
[2007.12.05 01:41:00 | 001,339,392 | -H-- | C] () -- C:\WINDOWS\System32\nvdspsch.exe
[2007.12.05 01:41:00 | 001,019,904 | -H-- | C] () -- C:\WINDOWS\System32\nvwimg.dll
[2007.12.05 01:41:00 | 000,466,944 | -H-- | C] () -- C:\WINDOWS\System32\nvshell.dll
[2007.12.05 01:41:00 | 000,442,368 | -H-- | C] () -- C:\WINDOWS\System32\nvappbar.exe
[2007.12.05 01:41:00 | 000,425,984 | -H-- | C] () -- C:\WINDOWS\System32\keystone.exe
[2007.12.05 01:41:00 | 000,286,720 | -H-- | C] () -- C:\WINDOWS\System32\nvnt4cpl.dll
[2001.07.07 04:00:00 | 000,003,399 | -H-- | C] () -- C:\WINDOWS\System32\hptcpmon.ini
 
========== LOP Check ==========
 
[2008.08.03 17:03:37 | 000,000,000 | -H-D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Downloaded Installations
[2008.05.29 18:14:35 | 000,000,000 | -H-D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\LightScribe
[2008.12.04 22:29:19 | 000,000,000 | -H-D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\MAGIX
[2008.12.31 14:23:19 | 000,000,000 | -H-D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Musicnotes
[2009.08.09 00:13:58 | 000,000,000 | -H-D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Native Instruments
[2009.03.10 00:02:44 | 000,000,000 | -H-D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\PACE Anti-Piracy
[2008.06.09 15:08:48 | 000,000,000 | -H-D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\PC Suite
[2010.01.19 18:15:24 | 000,000,000 | -H-D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TechSmith
[2010.01.17 01:24:38 | 000,000,000 | -H-D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TEMP
[2008.06.12 20:23:22 | 000,000,000 | -H-D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TerraTec
[2008.05.29 15:13:55 | 000,000,000 | -H-D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\WinZip
[2009.08.09 00:21:58 | 000,000,000 | -H-D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\{2E36EF44-3E35-4623-B1DD-517C334DF1C5}
[2010.07.18 20:12:09 | 000,000,000 | -H-D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2009.08.09 00:15:04 | 000,000,000 | -H-D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\{52ED8FE1-21DE-43A8-9F02-2EB85424469C}
[2009.09.20 15:26:05 | 000,000,000 | -H-D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\{755AC846-7372-4AC8-8550-C52491DAA8BD}
[2009.06.07 12:24:43 | 000,000,000 | -H-D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}
[2009.03.07 19:04:49 | 000,000,000 | -H-D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\{9C36D948-8394-4450-B5B9-025B8EC0198D}
[2009.08.09 00:13:51 | 000,000,000 | -H-D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\{D7CFB71A-972A-44FF-AE44-8780EB53ABB2}
[2008.05.29 13:01:11 | 000,000,000 | -H-D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\~0
[2008.11.13 00:13:50 | 000,000,000 | -H-D | M] -- C:\Dokumente und Einstellungen\Sangmeister\Anwendungsdaten\Anthropics
[2010.02.02 00:41:39 | 000,000,000 | -H-D | M] -- C:\Dokumente und Einstellungen\Sangmeister\Anwendungsdaten\Blender Foundation
[2011.08.06 17:36:46 | 000,000,000 | -H-D | M] -- C:\Dokumente und Einstellungen\Sangmeister\Anwendungsdaten\Dropbox
[2011.04.21 22:22:35 | 000,000,000 | -H-D | M] -- C:\Dokumente und Einstellungen\Sangmeister\Anwendungsdaten\gtk-2.0
[2009.01.05 00:20:39 | 000,000,000 | -H-D | M] -- C:\Dokumente und Einstellungen\Sangmeister\Anwendungsdaten\Inkscape
[2009.08.10 21:28:53 | 000,000,000 | -H-D | M] -- C:\Dokumente und Einstellungen\Sangmeister\Anwendungsdaten\Juniper Networks
[2008.09.21 10:41:45 | 000,000,000 | -H-D | M] -- C:\Dokumente und Einstellungen\Sangmeister\Anwendungsdaten\Leadertech
[2008.06.12 12:37:23 | 000,000,000 | -H-D | M] -- C:\Dokumente und Einstellungen\Sangmeister\Anwendungsdaten\Multimedia Player
[2009.01.13 23:57:29 | 000,000,000 | -H-D | M] -- C:\Dokumente und Einstellungen\Sangmeister\Anwendungsdaten\OpenOffice.org
[2009.07.23 19:36:59 | 000,000,000 | -H-D | M] -- C:\Dokumente und Einstellungen\Sangmeister\Anwendungsdaten\Opera
[2009.03.10 00:02:44 | 000,000,000 | -H-D | M] -- C:\Dokumente und Einstellungen\Sangmeister\Anwendungsdaten\PACE Anti-Piracy
[2008.06.09 15:08:51 | 000,000,000 | -H-D | M] -- C:\Dokumente und Einstellungen\Sangmeister\Anwendungsdaten\PC Suite
[2009.10.18 17:05:36 | 000,000,000 | -H-D | M] -- C:\Dokumente und Einstellungen\Sangmeister\Anwendungsdaten\Revolver Preferences
[2008.08.03 17:03:17 | 000,000,000 | -H-D | M] -- C:\Dokumente und Einstellungen\Sangmeister\Anwendungsdaten\Samsung
[2009.09.11 00:13:35 | 000,000,000 | -H-D | M] -- C:\Dokumente und Einstellungen\Sangmeister\Anwendungsdaten\SecondLife
[2008.08.20 22:28:00 | 000,000,000 | -H-D | M] -- C:\Dokumente und Einstellungen\Sangmeister\Anwendungsdaten\Steinberg
[2010.06.13 00:07:40 | 000,000,000 | -H-D | M] -- C:\Dokumente und Einstellungen\Sangmeister\Anwendungsdaten\Stellarium
[2008.06.12 20:23:26 | 000,000,000 | -H-D | M] -- C:\Dokumente und Einstellungen\Sangmeister\Anwendungsdaten\TerraTec
[2010.07.22 21:53:04 | 000,000,000 | -H-D | M] -- C:\Dokumente und Einstellungen\Sangmeister\Anwendungsdaten\Thunderbird
[2009.03.11 22:48:37 | 000,000,000 | -H-D | M] -- C:\Dokumente und Einstellungen\Sangmeister\Anwendungsdaten\WholeSecurity
[2011.08.14 21:49:00 | 000,000,430 | -H-- | M] () -- C:\WINDOWS\Tasks\User_Feed_Synchronization-{B29ED1EA-B1DD-47BE-AC63-3988E113932F}.job
 
========== Purity Check ==========
 
 
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 98 bytes -> C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TEMP:DFC5A2B2

< End of report >