| |
| |||||||
Log-Analyse und Auswertung: Windows XP will ständig Updates fahrenWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
20.05.2013, 15:36
| #1 |
| |  Windows XP will ständig Updates fahren Hallo, ich stehe vor folgendem Problem: Seit wenigen Tagen will XP SP3 bei jedem Shutdown Updates installieren. Obwohl ich das einige Male genehmigt habe und teilweise auch Updates mit mehreren Modulen installiert wurden, ändert sich das Verhalten nicht. Außerdem zickt der IE rum. Scheinbar wird aus dem www geladen, aber er wird nicht fertig. Eine Eingabe in der Adreßzeile ist unmöglich. Mit FF gibt´s das Problem nicht. Ein Suchlauf mit MBM ergab verschiedene Treffer, die ich alle gelöscht habe. Dann bin ich auf´s Trojaner-Board gestoßen und habe: Defogger OTL und GMER laufen lassen. GMER lief im Usermode nicht durch. Die anderen schon. Nun steh ich hier ich armer Tor... Defogger: defogger_disable by jpshortstuff (23.02.10.1) Log created at 16:21 on 20/05/2013 (User) Checking for autostart values... HKCU\~\Run values retrieved. Unable to open HKLM\~\Run key (5) HKLM\~\Run values retrieved. Checking for services/drivers... -=E.O.F=- OTL:OTL Logfile: Code:
ATTFilter OTL logfile created on: 20.05.2013 16:05:20 - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Dokumente und Einstellungen\User\Desktop Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 6.0.2900.5512) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 2,47 Gb Total Physical Memory | 1,91 Gb Available Physical Memory | 77,28% Memory free 4,31 Gb Paging File | 3,81 Gb Available in Paging File | 88,32% Paging File free Paging file location(s): C:\pagefile.sys 2046 4092 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme Drive C: | 298,09 Gb Total Space | 243,22 Gb Free Space | 81,59% Space Free | Partition Type: NTFS Computer Name: PRIVAT-9E1D933D | User Name: User | NOT logged in as Administrator. Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 360 Days ========== Processes (SafeList) ========== PRC - C:\Dokumente und Einstellungen\User\Desktop\OTL.exe (OldTimer Tools) PRC - C:\Programme\Ask.com\Updater\Updater.exe (Ask) PRC - C:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH) PRC - C:\Programme\Seagate\DiscWizard\TimounterMonitor.exe (Acronis) PRC - C:\Programme\Gemeinsame Dateien\Seagate\Schedule2\schedhlp.exe (Seagate) PRC - C:\Programme\Seagate\DiscWizard\DiscWizardMonitor.exe (Seagate) PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation) PRC - C:\WINDOWS\system32\hphmon04.exe (Hewlett-Packard) PRC - C:\Programme\Microsoft Office\Office\OSA.EXE () ========== Modules (No Company Name) ========== MOD - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\pdfshell.DEU () MOD - C:\Programme\Adobe\Reader 9.0\Reader\ViewerPS.dll () MOD - C:\Programme\Seagate\DiscWizard\fox.dll () MOD - C:\Programme\WinRAR\RarExt.dll () MOD - C:\Programme\Microsoft Office\Office\MSO97.DLL () MOD - C:\Programme\Microsoft Office\Office\OSA.EXE () ========== Services (SafeList) ========== SRV - (HidServ) -- %SystemRoot%\System32\hidserv.dll File not found SRV - (AdobeFlashPlayerUpdateSvc) -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated) SRV - (JavaQuickStarterService) -- C:\Programme\Java\jre7\bin\jqs.exe (Oracle Corporation) SRV - (MBAMService) -- C:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation) SRV - (LMS) -- C:\Programme\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation) SRV - (ICCS) -- C:\Programme\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe (Intel Corporation) SRV - (WB11WatchDog) -- C:\Programme\Buhl\WISO Börse 2011\bin\watchdog.exe (market maker Software AG) SRV - (AppleChargerSrv) -- C:\WINDOWS\system32\AppleChargerSrv.exe () SRV - (AntiVirService) -- C:\Programme\Avira\AntiVir Desktop\avguard.exe (Avira GmbH) SRV - (AntiVirSchedulerService) -- C:\Programme\Avira\AntiVir Desktop\sched.exe (Avira GmbH) SRV - (SandraAgentSrv) -- C:\Programme\SiSoftware\SiSoftware Sandra Lite 2012.SP4\RpcAgentSrv.exe (SiSoftware) SRV - (FsUsbExService) -- C:\WINDOWS\system32\FsUsbExService.Exe (Teruten) SRV - (AAV UpdateService) -- C:\Programme\Akademische Arbeitsgemeinschaft\AAVUpdateManager\aavus.exe () SRV - (SgtSch2Svc) -- C:\Programme\Gemeinsame Dateien\Seagate\Schedule2\schedul2.exe (Seagate) SRV - (WmiApRpl) -- C:\WINDOWS\system32\wbem\wmiaprpl.dll (Microsoft Corporation) SRV - (CPUCooLServer) -- C:\Programme\CPUCooL\CooLSRV.exe () SRV - (ServiceLayer) -- C:\Programme\PC Connectivity Solution\ServiceLayer.exe (Nokia.) SRV - (CCALib8) -- C:\Programme\Canon\CAL\CALMAIN.exe (Canon Inc.) SRV - (IDriverT) -- C:\Programme\Gemeinsame Dateien\InstallShield\Driver\11\Intel 32\IDriverT.exe (Macrovision Corporation) SRV - (Pml Driver HPH11) -- C:\WINDOWS\system32\hphipm11.exe (HP) ========== Driver Services (SafeList) ========== DRV - (WDICA) -- File not found DRV - (rtl8139) -- system32\DRIVERS\RTL8139.SYS File not found DRV - (PDRFRAME) -- File not found DRV - (PDRELI) -- File not found DRV - (PDFRAME) -- File not found DRV - (PDCOMP) -- File not found DRV - (PCIDump) -- File not found DRV - (lbrtfdc) -- File not found DRV - (i2omgmt) -- File not found DRV - (Changer) -- File not found DRV - (Cardex) -- C:\WINDOWS\system32\drivers\TBPANEL.SYS File not found DRV - (GVTDrv) -- C:\WINDOWS\system32\drivers\GVTDrv.sys () DRV - (gdrv) -- C:\WINDOWS\gdrv.sys (Windows (R) 2000 DDK provider) DRV - (MBAMProtector) -- C:\WINDOWS\system32\drivers\mbam.sys (Malwarebytes Corporation) DRV - (IntcAzAudAddService) -- C:\WINDOWS\system32\drivers\RtkHDAud.sys (Realtek Semiconductor Corp.) DRV - (IntcDAud) -- C:\WINDOWS\system32\drivers\IntcDAud.sys (Intel(R) Corporation) DRV - (MEI) -- C:\WINDOWS\system32\drivers\HECI.sys (Intel Corporation) DRV - (AppleCharger) -- C:\WINDOWS\system32\drivers\AppleCharger.sys () DRV - (L1c) -- C:\WINDOWS\system32\drivers\l1c51x86.sys (Atheros Communications, Inc.) DRV - (avgntflt) -- C:\WINDOWS\system32\drivers\avgntflt.sys (Avira GmbH) DRV - (Monfilt) -- C:\WINDOWS\system32\drivers\Monfilt.sys (Creative Technology Ltd.) DRV - (Ambfilt) -- C:\WINDOWS\system32\drivers\Ambfilt.sys (Creative) DRV - (SANDRA) -- C:\Programme\SiSoftware\SiSoftware Sandra Lite 2012.SP4\WNt500x86\sandra.sys (SiSoftware) DRV - (ssmdrv) -- C:\WINDOWS\system32\drivers\ssmdrv.sys (Avira GmbH) DRV - (FsUsbExDisk) -- C:\WINDOWS\system32\FsUsbExDisk.Sys () DRV - (avipbb) -- C:\WINDOWS\system32\drivers\avipbb.sys (Avira GmbH) DRV - (ss_bmdm) -- C:\WINDOWS\system32\drivers\ss_bmdm.sys (MCCI Corporation) DRV - (ss_bbus) -- C:\WINDOWS\system32\drivers\ss_bbus.sys (MCCI) DRV - (ss_bmdfl) -- C:\WINDOWS\system32\drivers\ss_bmdfl.sys (MCCI Corporation) DRV - (avgio) -- C:\Programme\Avira\AntiVir Desktop\avgio.sys (Avira GmbH) DRV - (timounter) -- C:\WINDOWS\system32\drivers\timntr.sys (Acronis) DRV - (tifsfilter) -- C:\WINDOWS\system32\drivers\tifsfilt.sys (Acronis) DRV - (snapman) -- C:\WINDOWS\system32\drivers\snapman.sys (Acronis) DRV - (tdrpman) -- C:\WINDOWS\system32\drivers\tdrpman.sys (Acronis) DRV - (WmiApRpl) -- C:\WINDOWS\system32\wbem\wmiaprpl.dll (Microsoft Corporation) DRV - (gameenum) -- C:\WINDOWS\system32\drivers\gameenum.sys (Microsoft Corporation) DRV - (ntiopnp) -- C:\WINDOWS\System32\drivers\ntiopnp.sys () DRV - (ntiomin) -- C:\WINDOWS\System32\drivers\ntiomin.sys () DRV - (pccsmcfd) -- C:\WINDOWS\system32\drivers\pccsmcfd.sys (Nokia) DRV - (NtApm) -- C:\WINDOWS\system32\drivers\ntapm.sys (Microsoft Corporation) DRV - (Dot4 HPH11) -- C:\WINDOWS\system32\drivers\hphid411.sys (HP) DRV - (Dot4Storage HPH11) -- C:\WINDOWS\system32\drivers\hphs2k11.sys (Hewlett-Packard) DRV - (Dot4Usb HPH11) -- C:\WINDOWS\system32\drivers\hphius11.sys (HP) DRV - (Dot4Print HPH11) -- C:\WINDOWS\system32\drivers\hphipr11.sys (HP) DRV - (QV2KUX) -- C:\WINDOWS\system32\drivers\qv2kux.sys (Microsoft Corporation) DRV - (ALCXWDM) -- C:\WINDOWS\system32\drivers\ALCXWDM.SYS (Avance Logic, Inc.) DRV - (VIAPFD) -- C:\WINDOWS\system32\drivers\VIAPFD.SYS (VIA Technologies. Inc.) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,First Home Page = about:blank IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = ${SEARCH_URL_IE7} IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,First Home Page = about:blank IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = about:blank IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,First Home Page = about:blank IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = about:blank IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-1085031214-813497703-1060284298-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = about:blank IE - HKU\S-1-5-21-1085031214-813497703-1060284298-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank IE - HKU\S-1-5-21-1085031214-813497703-1060284298-1004\..\SearchScopes,DefaultScope = {171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E} IE - HKU\S-1-5-21-1085031214-813497703-1060284298-1004\..\SearchScopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}: "URL" = hxxp://websearch.ask.com/redirect?client=ie&tb=ORJ&o=100000027&src=crm&q={searchTerms}&locale=de_DE&apn_ptnrs=U3&apn_dtid=OSJ000YYDE&apn_uid=FC006881-B86D-4CE0-879F-3EA04F2FB0F3&apn_sauid=C83E0748-0D79-4584-878F-A1E31721300B IE - HKU\S-1-5-21-1085031214-813497703-1060284298-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - prefs.js..browser.search.defaultengine: "Ask.com" FF - prefs.js..browser.search.defaultenginename: "Ask.com" FF - prefs.js..browser.search.order.1: "Ask.com" FF - prefs.js..browser.startup.homepage: "hxxp://de.mg41.mail.yahoo.com/neo/launch?ncrumb=5On3ydxWCbW&clmigstart=20110908&.rand=819018813&nmig=yes|https://kunde.onvista-bank.de/login.html|hxxp://www.boerse-online.de/maerkte/chartanalyse/506003.html|hxxp://www.feingold-research.com/" FF - prefs.js..extensions.enabledAddons: %7B1acd747e-8470-11db-96a9-00e08161165f%7D:6.3.7.117 FF - prefs.js..extensions.enabledAddons: %7Be968fc70-8f95-4ab9-9e79-304de2a71ee1%7D:0.7.3 FF - prefs.js..extensions.enabledAddons: %7BCAFEEFAC-0016-0000-0031-ABCDEFFEDCBA%7D:6.0.31 FF - prefs.js..extensions.enabledAddons: firefox%40ghostery.com:2.9.5 FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:20.0.1 FF - user.js - File not found FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_7_700_202.dll () FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.10.2: C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.10.2: C:\Programme\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.1: C:\Programme\VideoLAN\VLC\npvlc.dll (VideoLAN) FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.0.10\extensions\\Components: C:\Programme\Mozilla Firefox\components [2013.04.13 15:59:24 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.0.10\extensions\\Plugins: C:\Programme\Mozilla Firefox\plugins [2013.05.19 20:53:43 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 20.0.1\extensions\\Components: C:\Programme\Mozilla Firefox\components [2013.04.13 15:59:24 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 20.0.1\extensions\\Plugins: C:\Programme\Mozilla Firefox\plugins [2013.05.19 20:53:43 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Thunderbird 17.0.6\extensions\\Components: C:\Programme\Mozilla Thunderbird\components [2012.07.07 15:06:59 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Thunderbird 17.0.6\extensions\\Plugins: C:\Programme\Mozilla Thunderbird\plugins [2010.08.25 01:30:23 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\User\Anwendungsdaten\Mozilla\Extensions [2010.08.25 01:30:23 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\User\Anwendungsdaten\Mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6} [2013.05.19 15:10:03 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\User\Anwendungsdaten\Mozilla\Firefox\Profiles\q2t1cvfx.default\extensions [2012.04.26 18:33:25 | 000,000,000 | ---D | M] (Tradesignal Online Chart) -- C:\Dokumente und Einstellungen\User\Anwendungsdaten\Mozilla\Firefox\Profiles\q2t1cvfx.default\extensions\{1acd747e-8470-11db-96a9-00e08161165f} [2011.01.09 16:52:34 | 000,000,000 | ---D | M] (User Agent Switcher) -- C:\Dokumente und Einstellungen\User\Anwendungsdaten\Mozilla\Firefox\Profiles\q2t1cvfx.default\extensions\{e968fc70-8f95-4ab9-9e79-304de2a71ee1} [2013.05.19 15:10:03 | 000,000,000 | ---D | M] (Ghostery) -- C:\Dokumente und Einstellungen\User\Anwendungsdaten\Mozilla\Firefox\Profiles\q2t1cvfx.default\extensions\firefox@ghostery.com [2012.02.04 11:43:45 | 000,020,591 | ---- | M] () (No name found) -- C:\Dokumente und Einstellungen\User\Anwendungsdaten\Mozilla\Firefox\Profiles\q2t1cvfx.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}.xpi [2012.05.01 15:45:30 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions [2012.05.01 15:45:30 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} [2013.04.12 14:10:24 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\updated\extensions [2013.04.12 14:10:33 | 000,000,000 | ---D | M] (Default) -- C:\Programme\Mozilla Firefox\updated\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} [2013.04.12 14:10:25 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\updated\extensions\{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} [2013.04.13 15:59:24 | 000,263,064 | ---- | M] (Mozilla Foundation) -- C:\Programme\mozilla firefox\components\browsercomps.dll [2011.06.24 17:00:53 | 000,001,392 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\amazondotcom-de.xml [2012.09.01 11:06:32 | 000,002,465 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\bing.xml [2011.06.24 17:00:53 | 000,001,153 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\eBay-de.xml [2011.06.24 17:00:53 | 000,006,805 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\leo_ende_de.xml [2011.06.24 17:00:53 | 000,001,178 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\wikipedia-de.xml [2011.06.24 17:00:53 | 000,001,105 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\yahoo-de.xml O1 HOSTS File: ([2004.08.04 14:00:00 | 000,000,820 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2 - BHO: (Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated) O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated) O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre7\bin\ssv.dll (Oracle Corporation) O2 - BHO: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Programme\Ask.com\GenericAskToolbar.dll (Ask) O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) O2 - BHO: (Softonic Helper Object) - {E87806B5-E908-45FD-AF5E-957D83E58E68} - C:\Programme\Softonic\Softonic\1.8.8.11\bh\Softonic.dll (Softonic.com) O3 - HKLM\..\Toolbar: (Softonic Toolbar) - {5018CFD2-804D-4C99-9F81-25EAEA2769DE} - C:\Programme\Softonic\Softonic\1.8.8.11\SoftonicTlbr.dll (Softonic.com) O3 - HKLM\..\Toolbar: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Programme\Ask.com\GenericAskToolbar.dll (Ask) O3 - HKLM\..\Toolbar: (loadtbs) - {DFEFCDEE-CF1A-4FC8-88AD-129872198372} - C:\Dokumente und Einstellungen\Admin\Anwendungsdaten\loadtbs\toolbar.dll File not found O3 - HKU\S-1-5-21-1085031214-813497703-1060284298-1004\..\Toolbar\WebBrowser: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Programme\Ask.com\GenericAskToolbar.dll (Ask) O4 - HKLM..\Run: [] File not found O4 - HKLM..\Run: [AcronisTimounterMonitor] C:\Programme\Seagate\DiscWizard\TimounterMonitor.exe (Acronis) O4 - HKLM..\Run: [ApnUpdater] C:\Programme\Ask.com\Updater\Updater.exe (Ask) O4 - HKLM..\Run: [Arcor Online] File not found O4 - HKLM..\Run: [avgnt] C:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH) O4 - HKLM..\Run: [DiscWizardMonitor.exe] C:\Programme\Seagate\DiscWizard\DiscWizardMonitor.exe (Seagate) O4 - HKLM..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb07.exe (HP) O4 - HKLM..\Run: [HPHmon04] C:\WINDOWS\system32\hphmon04.exe (Hewlett-Packard) O4 - HKLM..\Run: [HPHUPD04] "C:\Programme\HP Photosmart 11\hphinstall\UniPatch\hphupd04.exe" File not found O4 - HKLM..\Run: [IMEKRMIG6.1] C:\WINDOWS\ime\imkr6_1\imekrmig.exe (Microsoft Corporation) O4 - HKLM..\Run: [IMJPMIG8.1] C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE (Microsoft Corporation) O4 - HKLM..\Run: [MAAgent] C:\Programme\MarkAny\ContentSafer\MaAgent.exe ((주)마크애니) O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Programme\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation) O4 - HKLM..\Run: [NPSStartup] File not found O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation) O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.dll (NVIDIA Corporation) O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe () O4 - HKLM..\Run: [Seagate Scheduler2 Service] C:\Programme\Gemeinsame Dateien\Seagate\Schedule2\schedhlp.exe (Seagate) O4 - HKLM..\Run: [SMSTray] C:\Programme\Samsung\Samsung Media Studio 5\SMSTray.exe (SAMSUNG ELECTRONICS) O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe (Sun Microsystems, Inc.) O4 - HKU\S-1-5-21-1085031214-813497703-1060284298-1004..\Run: [Vidalia] "C:\Programme\Vidalia Bundle\Vidalia\vidalia.exe" File not found O4 - HKLM..\RunOnce: [EasyTuneVI] C:\Programme\GIGABYTE\ET6\ETcall.exe () O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\Photo Loader resident.lnk = C:\Programme\CASIO\Photo Loader\Plauto.exe (CASIO COMPUTER CO.,LTD.) O4 - Startup: C:\Dokumente und Einstellungen\User\Startmenü\Programme\Autostart\CPUCooL.lnk = C:\Programme\CPUCooL\CPUCooL.exe () O4 - Startup: C:\Dokumente und Einstellungen\User\Startmenü\Programme\Autostart\Microsoft-Indexerstellung.lnk = C:\Programme\Microsoft Office\Office\FINDFAST.EXE (Microsoft Corporation) O4 - Startup: C:\Dokumente und Einstellungen\User\Startmenü\Programme\Autostart\Office-Start.lnk = C:\Programme\Microsoft Office\Office\OSA.EXE () O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1 O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-21-1085031214-813497703-1060284298-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O12 - Plugin for: .spop - C:\Programme\Internet Explorer\PLUGINS\NPDocBox.dll (Intertrust Technologies, Inc.) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Reg Error: Value error.) O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31) O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation) O24 - Desktop Components:0 (Die derzeitige Homepage) - About:Home O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Grüne Idylle.bmp O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Grüne Idylle.bmp O28 - HKLM ShellExecuteHooks: {88485281-8b4b-4f8d-9ede-82e29a064277} - C:\Programme\MarkAny\ContentSafer\MACSMANAGER.dll (MarkAny Cooperation.) O30 - LSA: Authentication Packages - (relog_ap) - C:\WINDOWS\System32\relog_ap.dll (Acronis) O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2008.11.19 20:18:35 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O32 - AutoRun File - [2008.11.19 18:15:38 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.VIA -- [ NTFS ] O34 - HKLM BootExecute: (autocheck autochk *) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) ========== Files/Folders - Created Within 360 Days ========== [2013.05.20 15:49:15 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Dokumente und Einstellungen\User\Desktop\OTL.exe [2013.04.16 01:21:57 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\User\Anwendungsdaten\Softonic [2013.02.11 03:32:26 | 017,613,192 | ---- | C] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerInstaller.exe [2013.02.05 21:11:53 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\User\.pdfsam [2013.02.05 20:38:35 | 000,000,000 | ---D | C] -- C:\Programme\Softonic [2013.02.05 20:38:16 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\PDF Split And Merge [2013.02.05 20:38:15 | 000,000,000 | ---D | C] -- C:\Programme\pdfsam [2013.02.04 15:56:21 | 000,379,088 | ---- | C] (Softonic) -- C:\Dokumente und Einstellungen\User\Eigene Dateien\SoftonicDownloader_fuer_pdf-split-and-merge.exe [2013.01.17 21:41:26 | 000,000,000 | ---D | C] -- C:\WINDOWS\Prefetch [2013.01.17 20:12:52 | 000,000,000 | -H-D | C] -- C:\WINDOWS\$NtServicePackUninstall$ [2013.01.06 12:31:49 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\User\Lokale Einstellungen\Anwendungsdaten\Sun [2013.01.06 12:19:30 | 000,000,000 | ---D | C] -- C:\Programme\Gemeinsame Dateien\Java [2013.01.06 12:19:10 | 000,859,072 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\npDeployJava1.dll [2013.01.06 12:19:10 | 000,260,528 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\javaws.exe [2013.01.06 12:18:58 | 000,174,000 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\javaw.exe [2013.01.06 12:18:58 | 000,173,992 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\java.exe [2013.01.06 12:18:58 | 000,093,640 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\WindowsAccessBridge.dll [2012.12.19 20:48:55 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\User\Eigene Dateien\onvista-depot [2012.12.10 12:32:27 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\User\Anwendungsdaten\C-evo [2012.12.10 12:32:01 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\C-evo [2012.12.10 12:31:59 | 000,000,000 | ---D | C] -- C:\Programme\C-evo [2012.12.10 11:25:58 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\User\Anwendungsdaten\ReactGames [2012.12.10 11:23:45 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\ReactGames [2012.12.10 11:22:00 | 000,444,952 | ---- | C] (Creative Labs) -- C:\WINDOWS\System32\wrap_oal.dll [2012.12.10 11:22:00 | 000,109,080 | ---- | C] (Portions (C) Creative Labs Inc. and NVIDIA Corp.) -- C:\WINDOWS\System32\OpenAL32.dll [2012.12.10 11:22:00 | 000,000,000 | ---D | C] -- C:\Programme\OpenAL [2012.11.30 11:15:10 | 001,664,928 | ---- | C] (Netviewer GmbH) -- C:\Dokumente und Einstellungen\User\Eigene Dateien\nvt_sinr466541721_sipw_sitn_kagu1vQdPIzHSmBZ4inRP0vn8d.exe [2012.07.09 16:03:50 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\eFusion [2012.07.09 14:35:54 | 000,286,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\Setup1.exe [2012.07.09 14:35:53 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\ST6UNST.EXE [2012.07.09 14:34:07 | 000,000,000 | ---D | C] -- C:\Programme\SSI [2012.07.09 14:34:07 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Fighting Steel [2012.07.07 19:24:47 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\User\Eigene Dateien\Radwandern [2012.06.07 10:53:52 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Essential Data Tools [2012.06.07 10:53:51 | 000,000,000 | ---D | C] -- C:\Programme\Essential Data Tools [2012.06.02 13:55:00 | 000,000,000 | ---D | C] -- C:\Programme\MSXML 6.0 [2012.06.02 12:46:20 | 000,000,000 | ---D | C] -- C:\WINDOWS\Performance [2012.06.02 12:45:30 | 000,000,000 | ---D | C] -- C:\Programme\Microsoft Windows 7 Upgrade Advisor [2012.06.02 10:41:53 | 000,000,000 | -H-D | C] -- C:\WINDOWS\$MSI31Uninstall_KB893803v2$ [2012.06.01 22:51:04 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\User\Eigene Dateien\Depotauzüge Ines [2012.06.01 15:04:08 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\User\Anwendungsdaten\dvdcss [2012.06.01 15:03:26 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\User\Anwendungsdaten\vlc [2012.06.01 14:07:42 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\VideoLAN [2012.06.01 14:07:08 | 000,000,000 | ---D | C] -- C:\Programme\VideoLAN [2012.06.01 12:58:34 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Lang [2012.06.01 12:56:35 | 000,017,488 | ---- | C] (Windows (R) 2000 DDK provider) -- C:\WINDOWS\gdrv.sys [2012.06.01 12:35:48 | 000,000,000 | ---D | C] -- C:\WINDOWS\msapps [2012.06.01 12:11:41 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\GIGABYTE [2012.06.01 12:11:34 | 000,000,000 | ---D | C] -- C:\Programme\AMD [2012.06.01 12:10:35 | 000,000,000 | ---D | C] -- C:\Programme\GIGABYTE [2012.06.01 12:10:21 | 000,075,504 | R--- | C] (Atheros Communications, Inc.) -- C:\WINDOWS\System32\drivers\l1c51x86.sys [2012.06.01 12:10:13 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Atheros_L1e [2012.06.01 12:09:46 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\RTCOM [2012.06.01 12:09:39 | 000,359,016 | ---- | C] (Realtek Semiconductor Crop.) -- C:\WINDOWS\vncutil.exe [2012.06.01 12:09:36 | 007,081,064 | ---- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\System32\drivers\RtkHDAud.sys [2012.06.01 12:09:36 | 001,493,608 | ---- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\RtlUpd.exe [2012.06.01 12:09:36 | 000,064,616 | ---- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\System32\RtkCoInstIIXP.dll [2012.06.01 12:09:36 | 000,011,368 | ---- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\System32\RtkCoLDRXP.dll [2012.06.01 12:09:35 | 000,891,496 | ---- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\System32\RTSndMgr.CPL [2012.06.01 12:09:35 | 000,129,640 | ---- | C] (Realtek Semiconductor) -- C:\WINDOWS\RtkAudioService.exe [2012.06.01 12:09:34 | 009,721,960 | ---- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\RTLCPL.EXE [2012.06.01 12:09:20 | 001,395,800 | ---- | C] (Creative Technology Ltd.) -- C:\WINDOWS\System32\drivers\Monfilt.sys [2012.06.01 12:09:19 | 002,180,712 | ---- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\MicCal.exe [2012.06.01 12:09:13 | 002,815,592 | ---- | C] (RealTek Semicoductor Corp.) -- C:\WINDOWS\ALCWZRD.EXE [2012.06.01 12:09:13 | 000,064,104 | ---- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\ALCMTR.EXE [2012.06.01 12:09:09 | 001,691,480 | ---- | C] (Creative) -- C:\WINDOWS\System32\drivers\Ambfilt.sys [2012.06.01 12:09:08 | 000,285,288 | ---- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\System32\ALSNDMGR.CPL [2012.06.01 12:09:07 | 000,000,000 | ---D | C] -- C:\Programme\Realtek [2012.06.01 12:08:58 | 001,698,408 | R--- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\RtlExUpd.dll [2012.06.01 12:08:35 | 000,270,080 | R--- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\IntcDAud.sys [2012.06.01 12:08:20 | 014,134,272 | R--- | C] (Intel Corporation) -- C:\WINDOWS\System32\ig4icd32.dll [2012.06.01 12:08:20 | 000,081,920 | R--- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxCoIn_v5398.dll [2012.06.01 12:08:20 | 000,024,576 | R--- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxexps.dll [2012.06.01 12:08:19 | 009,023,488 | R--- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxress.dll [2012.06.01 12:08:19 | 005,873,432 | R--- | C] (Intel Corporation) -- C:\WINDOWS\System32\GfxUI.exe [2012.06.01 12:08:19 | 000,438,272 | R--- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxrell.lrc [2012.06.01 12:08:19 | 000,437,760 | R--- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxrfra.lrc [2012.06.01 12:08:19 | 000,437,760 | R--- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxresn.lrc [2012.06.01 12:08:19 | 000,437,248 | R--- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxrrus.lrc [2012.06.01 12:08:19 | 000,437,248 | R--- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxrrom.lrc [2012.06.01 12:08:19 | 000,436,736 | R--- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxrptg.lrc [2012.06.01 12:08:19 | 000,436,736 | R--- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxrplk.lrc [2012.06.01 12:08:19 | 000,436,736 | R--- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxrnld.lrc [2012.06.01 12:08:19 | 000,436,736 | R--- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxrita.lrc [2012.06.01 12:08:19 | 000,436,736 | R--- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxrhrv.lrc [2012.06.01 12:08:19 | 000,436,736 | R--- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxrdeu.lrc [2012.06.01 12:08:19 | 000,436,224 | R--- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxrsky.lrc [2012.06.01 12:08:19 | 000,436,224 | R--- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxrhun.lrc [2012.06.01 12:08:19 | 000,436,224 | R--- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxrfin.lrc [2012.06.01 12:08:19 | 000,436,224 | R--- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxrcsy.lrc [2012.06.01 12:08:19 | 000,435,712 | R--- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxrtrk.lrc [2012.06.01 12:08:19 | 000,435,712 | R--- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxrsve.lrc [2012.06.01 12:08:19 | 000,435,712 | R--- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxrslv.lrc [2012.06.01 12:08:19 | 000,435,712 | R--- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxrptb.lrc [2012.06.01 12:08:19 | 000,435,712 | R--- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxrnor.lrc [2012.06.01 12:08:19 | 000,435,200 | R--- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxrtha.lrc [2012.06.01 12:08:19 | 000,435,200 | R--- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxrdan.lrc [2012.06.01 12:08:19 | 000,433,664 | R--- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxrheb.lrc [2012.06.01 12:08:19 | 000,433,664 | R--- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxrara.lrc [2012.06.01 12:08:19 | 000,430,080 | R--- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxrjpn.lrc [2012.06.01 12:08:19 | 000,428,544 | R--- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxrkor.lrc [2012.06.01 12:08:19 | 000,427,008 | R--- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxrcht.lrc [2012.06.01 12:08:19 | 000,426,496 | R--- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxrchs.lrc [2012.06.01 12:08:19 | 000,284,160 | R--- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxrenu.lrc [2012.06.01 12:08:19 | 000,173,056 | R--- | C] (Intel Corporation) -- C:\WINDOWS\System32\gfxSrvc.dll [2012.06.01 12:08:18 | 004,739,072 | R--- | C] (Intel Corporation) -- C:\WINDOWS\System32\igxpdx32.dll [2012.06.01 12:08:18 | 003,840,864 | R--- | C] (Intel Corporation) -- C:\WINDOWS\System32\igxpdv32.dll [2012.06.01 12:08:18 | 000,313,344 | R--- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxpph.dll [2012.06.01 12:08:18 | 000,208,384 | R--- | C] (Intel Corporation) -- C:\WINDOWS\System32\igxpgd32.dll [2012.06.01 12:08:18 | 000,130,048 | R--- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxdo.dll [2012.06.01 12:08:18 | 000,120,320 | R--- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxcpl.cpl [2012.06.01 12:08:18 | 000,096,256 | R--- | C] (Intel Corporation) -- C:\WINDOWS\System32\hccutils.dll [2012.06.01 12:08:18 | 000,059,392 | R--- | C] (Intel Corporation) -- C:\WINDOWS\System32\igxprd32.dll [2012.06.01 12:08:18 | 000,058,880 | R--- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxsrvc.dll [2012.06.01 12:06:33 | 000,053,248 | R--- | C] (Windows XP Bundled build C-Centric Single User) -- C:\WINDOWS\System32\CSVer.dll [2012.06.01 12:06:15 | 000,000,000 | ---D | C] -- C:\Programme\Common Files [2012.06.01 12:06:09 | 000,319,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\difxapi.dll [2012.06.01 12:06:09 | 000,046,080 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\drivers\HECI.sys [2012.06.01 12:06:07 | 000,000,000 | ---D | C] -- C:\Intel [2012.06.01 12:05:58 | 000,000,000 | ---D | C] -- C:\Programme\Intel [2012.06.01 10:50:14 | 000,024,661 | ---- | C] (Perle Systems Ltd.) -- C:\WINDOWS\System32\spxcoins.dll [2012.06.01 10:50:14 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\irclass.dll [9 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [7 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] [11 C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\*.tmp files -> C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\*.tmp -> ] ========== Files - Modified Within 360 Days ========== [2013.05.20 16:06:00 | 000,000,226 | ---- | M] () -- C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job [2013.05.20 15:49:16 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Dokumente und Einstellungen\User\Desktop\OTL.exe [2013.05.20 15:32:00 | 000,000,884 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job [2013.05.20 15:20:34 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2013.05.20 15:20:30 | 2650,873,856 | -HS- | M] () -- C:\hiberfil.sys [2013.05.20 14:23:35 | 000,024,944 | ---- | M] () -- C:\WINDOWS\System32\drivers\GVTDrv.sys [2013.05.20 14:23:35 | 000,000,004 | ---- | M] () -- C:\WINDOWS\System32\GVTunner.ref [2013.05.20 14:23:25 | 000,017,488 | ---- | M] (Windows (R) 2000 DDK provider) -- C:\WINDOWS\gdrv.sys [2013.05.20 14:23:09 | 000,001,374 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2013.05.18 20:19:08 | 010,800,902 | ---- | M] () -- C:\Dokumente und Einstellungen\User\Eigene Dateien\da_ausgabe-23-13.pdf [2013.05.18 20:18:55 | 010,800,902 | ---- | M] () -- C:\Dokumente und Einstellungen\User\Eigene Dateien\da_ausgabe-22-13.pdf [2013.05.17 18:35:47 | 000,196,591 | ---- | M] () -- C:\Dokumente und Einstellungen\User\Eigene Dateien\1300345.pdf [2013.05.17 01:41:05 | 005,879,246 | ---- | M] () -- C:\Dokumente und Einstellungen\User\Eigene Dateien\Yamana fact sheet-04-04-13-high res.pdf [2013.05.16 08:59:32 | 000,117,360 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2013.05.15 19:50:36 | 000,575,286 | ---- | M] () -- C:\WINDOWS\System32\perfh007.dat [2013.05.15 19:50:36 | 000,494,360 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat [2013.05.15 19:50:36 | 000,118,982 | ---- | M] () -- C:\WINDOWS\System32\perfc007.dat [2013.05.15 19:50:36 | 000,084,904 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat [2013.05.15 19:45:49 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK [2013.05.15 18:32:33 | 000,692,104 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe [2013.05.15 18:32:33 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl [2013.05.15 18:32:31 | 017,613,192 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerInstaller.exe [2013.05.15 15:49:55 | 000,000,558 | ---- | M] () -- C:\hpfr5550.xml [2013.05.14 21:06:41 | 000,048,463 | ---- | M] () -- C:\Dokumente und Einstellungen\User\Eigene Dateien\vorlage-reinigungskosten-berufsbekleidung.pdf [2013.05.12 14:50:42 | 018,489,819 | ---- | M] () -- C:\Dokumente und Einstellungen\User\Eigene Dateien\da_ausgabe-21-13.pdf [2013.05.08 19:35:54 | 014,109,905 | ---- | M] () -- C:\Dokumente und Einstellungen\User\Eigene Dateien\Bauplan Bollerwagen.pdf [2013.05.05 14:23:26 | 010,689,183 | ---- | M] () -- C:\Dokumente und Einstellungen\User\Eigene Dateien\da_ausgabe-20-13.pdf [2013.05.05 13:48:22 | 000,851,968 | ---- | M] () -- C:\WINDOWS\outlook.pst [2013.04.27 13:42:22 | 013,058,473 | ---- | M] () -- C:\Dokumente und Einstellungen\User\Eigene Dateien\da_ausgabe-19-03.pdf [2013.04.20 08:49:00 | 013,985,251 | ---- | M] () -- C:\Dokumente und Einstellungen\User\Eigene Dateien\da_ausgabe18-13.pdf [2013.04.16 23:18:20 | 000,532,480 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\mstime.dll [2013.04.16 23:18:20 | 000,251,904 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\iepeers.dll [2013.04.16 23:18:20 | 000,081,920 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\ieencode.dll [2013.04.16 23:18:20 | 000,037,888 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\url.dll [2013.04.16 23:17:27 | 000,371,200 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\html.iec [2013.04.13 03:01:10 | 012,168,381 | ---- | M] () -- C:\Dokumente und Einstellungen\User\Eigene Dateien\da_ausgabe17-13.pdf [2013.04.12 16:00:54 | 001,876,480 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\win32k.sys [2013.03.30 10:34:01 | 011,374,159 | ---- | M] () -- C:\Dokumente und Einstellungen\User\Eigene Dateien\da_ausgabe15-13.pdf [2013.03.19 22:37:17 | 2145,386,496 | ---- | M] () -- C:\WINDOWS\MEMORY.DMP [2013.03.18 23:42:59 | 000,374,698 | ---- | M] () -- C:\Dokumente und Einstellungen\User\Eigene Dateien\solo651-ersatzteile.pdf [2013.03.13 17:54:03 | 000,007,780 | ---- | M] () -- C:\Dokumente und Einstellungen\User\.recently-used.xbel [2013.03.13 17:43:29 | 000,000,695 | ---- | M] () -- C:\Dokumente und Einstellungen\User\.ufrawrc [2013.03.08 10:36:10 | 000,293,888 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\winsrv.dll [2013.03.07 17:56:50 | 002,031,104 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\ntkrnlpa.exe [2013.03.07 17:56:49 | 002,152,448 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\ntoskrnl.exe [2013.02.17 15:32:15 | 000,205,157 | ---- | M] () -- C:\Dokumente und Einstellungen\User\Eigene Dateien\rohstoffrevolutionfracking500prozentaktiefuer033euro.pdf [2013.02.12 02:32:23 | 000,012,928 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\usb8023.sys [2013.02.08 21:17:47 | 000,474,423 | ---- | M] () -- C:\Dokumente und Einstellungen\User\Eigene Dateien\104_pdfsam_GT-I8160_UM_Open_Gingerbread_Ger_Rev.1.0_121002_Screen.pdf [2013.02.08 21:17:45 | 001,046,136 | ---- | M] () -- C:\Dokumente und Einstellungen\User\Eigene Dateien\36_pdfsam_GT-I8160_UM_Open_Gingerbread_Ger_Rev.1.0_121002_Screen.pdf [2013.02.08 21:17:44 | 001,036,842 | ---- | M] () -- C:\Dokumente und Einstellungen\User\Eigene Dateien\1_pdfsam_GT-I8160_UM_Open_Gingerbread_Ger_Rev.1.0_121002_Screen.pdf [2013.02.08 21:13:52 | 006,829,391 | ---- | M] () -- C:\Dokumente und Einstellungen\User\Eigene Dateien\GT-I8160_UM_Open_Gingerbread_Ger_Rev.1.0_121002_Screen.pdf [2013.02.05 20:59:39 | 003,107,126 | ---- | M] () -- C:\Dokumente und Einstellungen\User\Eigene Dateien\5_bo-grundlagenbo-grundlagen.pdf [2013.02.05 20:59:39 | 001,904,124 | ---- | M] () -- C:\Dokumente und Einstellungen\User\Eigene Dateien\11_bo-grundlagenbo-grundlagen.pdf [2013.02.05 20:59:38 | 002,997,173 | ---- | M] () -- C:\Dokumente und Einstellungen\User\Eigene Dateien\1_bo-grundlagenbo-grundlagen.pdf [2013.02.05 20:59:38 | 002,231,104 | ---- | M] () -- C:\Dokumente und Einstellungen\User\Eigene Dateien\3_bo-grundlagenbo-grundlagen.pdf [2013.02.04 15:56:21 | 000,379,088 | ---- | M] (Softonic) -- C:\Dokumente und Einstellungen\User\Eigene Dateien\SoftonicDownloader_fuer_pdf-split-and-merge.exe [2013.02.04 13:23:09 | 007,522,285 | ---- | M] () -- C:\Dokumente und Einstellungen\User\Eigene Dateien\bo-grundlagen.pdf [2013.02.03 19:21:34 | 017,365,682 | ---- | M] () -- C:\Dokumente und Einstellungen\User\Eigene Dateien\da_ausgabe.pdf [2013.01.17 21:42:04 | 000,316,640 | ---- | M] () -- C:\WINDOWS\WMSysPr9.prx [2013.01.17 20:06:56 | 000,000,031 | ---- | M] () -- C:\WINDOWS\iltwain.ini [2013.01.11 11:25:41 | 000,222,688 | ---- | M] () -- C:\Dokumente und Einstellungen\User\Eigene Dateien\ScripTCsandCs1.pdf [2013.01.06 12:18:36 | 000,093,640 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\WindowsAccessBridge.dll [2013.01.06 12:18:30 | 000,260,528 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\javaws.exe [2013.01.06 12:18:30 | 000,174,000 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\javaw.exe [2013.01.06 12:18:30 | 000,173,992 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\java.exe [2013.01.06 12:18:30 | 000,143,872 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\javacpl.cpl [2013.01.06 12:18:28 | 000,859,072 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\npDeployJava1.dll [2013.01.06 12:18:28 | 000,779,704 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\deployJava1.dll [2013.01.02 08:49:00 | 000,148,992 | ---- | M] () -- C:\WINDOWS\System32\mpg2splt.ax [2013.01.01 18:26:50 | 000,916,765 | ---- | M] () -- C:\Dokumente und Einstellungen\User\Eigene Dateien\schuhgroessen_shoepassion.pdf [2012.12.19 18:38:18 | 002,611,310 | ---- | M] () -- C:\Dokumente und Einstellungen\User\Eigene Dateien\doc00465520121219141437.pdf [2012.12.18 17:18:38 | 000,095,410 | ---- | M] () -- C:\Dokumente und Einstellungen\User\Eigene Dateien\document_HL_Annahmeerklaerung.pdf [2012.12.18 17:17:59 | 001,947,614 | ---- | M] () -- C:\Dokumente und Einstellungen\User\Eigene Dateien\document_HL_fallend_Koehler.pdf [2012.12.16 14:23:59 | 000,290,560 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\atmfd.dll [2012.12.10 12:32:01 | 000,000,639 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\C-evo.lnk [2012.12.10 11:23:46 | 000,001,892 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Archon.lnk [2012.12.10 11:23:06 | 000,444,952 | ---- | M] (Creative Labs) -- C:\WINDOWS\System32\wrap_oal.dll [2012.12.10 11:23:06 | 000,109,080 | ---- | M] (Portions (C) Creative Labs Inc. and NVIDIA Corp.) -- C:\WINDOWS\System32\OpenAL32.dll [2012.12.03 23:00:12 | 000,452,302 | ---- | M] () -- C:\Dokumente und Einstellungen\User\Eigene Dateien\aktien_lernen_komplettkurs.pdf [2012.12.02 19:05:55 | 018,226,213 | ---- | M] () -- C:\Dokumente und Einstellungen\User\Eigene Dateien\da_ausgabe50-12.pdf [2012.11.30 11:15:10 | 001,664,928 | ---- | M] (Netviewer GmbH) -- C:\Dokumente und Einstellungen\User\Eigene Dateien\nvt_sinr466541721_sipw_sitn_kagu1vQdPIzHSmBZ4inRP0vn8d.exe [2012.11.29 23:47:08 | 008,340,811 | ---- | M] () -- C:\Dokumente und Einstellungen\User\Eigene Dateien\caravan-mieten-treeker-2012.pdf [2012.11.28 17:15:04 | 000,122,312 | ---- | M] () -- C:\Dokumente und Einstellungen\User\Eigene Dateien\Bruce.xps [2012.11.02 04:02:36 | 000,375,296 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dpnet.dll [2012.10.02 20:04:21 | 000,058,368 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\synceng.dll [2012.08.23 12:51:05 | 000,016,727 | ---- | M] () -- C:\Dokumente und Einstellungen\User\Eigene Dateien\Vertragsdokument-der-SWK.pdf [2012.07.09 16:05:55 | 000,001,541 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\NavyFIELD Europe (DE).lnk [2012.07.09 14:35:54 | 000,286,720 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Setup1.exe [2012.07.09 14:35:53 | 000,073,216 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\ST6UNST.EXE [2012.07.09 14:35:36 | 000,000,410 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Installation des Szenarioeditors beenden.lnk [2012.07.09 14:35:21 | 000,000,313 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\DirectX Media Setup.lnk [2012.07.09 14:35:20 | 000,000,326 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Intel Indeo Setup.lnk [2012.06.16 13:31:38 | 002,052,849 | ---- | M] () -- C:\Dokumente und Einstellungen\User\Eigene Dateien\Marathon-unter-3-30.pdf [2012.06.16 13:31:33 | 002,038,698 | ---- | M] () -- C:\Dokumente und Einstellungen\User\Eigene Dateien\Marathon-unter-4-30.pdf [2012.06.16 13:31:28 | 002,049,543 | ---- | M] () -- C:\Dokumente und Einstellungen\User\Eigene Dateien\Halbmarathon-Einsteiger.pdf [2012.06.02 16:19:38 | 000,329,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\wucltui.dll [2012.06.02 16:19:38 | 000,015,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\wuapi.dll.mui [2012.06.02 16:19:34 | 000,097,304 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\cdm.dll [2012.06.02 16:19:34 | 000,045,080 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\wups2.dll [2012.06.02 16:19:34 | 000,035,864 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\wups.dll [2012.06.02 16:19:28 | 000,023,576 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\wucltui.dll.mui [2012.06.02 16:19:24 | 000,577,048 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\wuapi.dll [2012.06.02 12:45:30 | 000,001,834 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Windows 7 Upgrade Advisor.lnk [2012.06.01 14:07:42 | 000,000,691 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\VLC media player.lnk [2012.06.01 12:58:41 | 000,940,794 | ---- | M] () -- C:\WINDOWS\System32\LoopyMusic.wav [2012.06.01 12:58:41 | 000,146,650 | ---- | M] () -- C:\WINDOWS\System32\BuzzingBee.wav [2012.06.01 12:50:31 | 000,000,064 | ---- | M] () -- C:\Dokumente und Einstellungen\User\Anwendungsdaten\Sandra.ldb [2012.06.01 12:29:48 | 000,008,116 | ---- | M] () -- C:\Dokumente und Einstellungen\User\Lokale Einstellungen\Anwendungsdaten\d3d9caps.dat [2012.06.01 12:11:41 | 000,001,709 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\ET6.lnk [2012.06.01 12:04:59 | 000,000,010 | ---- | M] () -- C:\WINDOWS\GSetup.ini [2012.06.01 11:47:15 | 000,001,316 | ---- | M] () -- C:\WINDOWS\System32\wpa.bak [2012.06.01 11:26:06 | 000,000,288 | ---- | M] () -- C:\WINDOWS\System32\$winnt$.inf [2012.06.01 11:18:58 | 000,023,392 | ---- | M] () -- C:\WINDOWS\System32\nscompat.tlb [2012.06.01 11:18:58 | 000,016,832 | ---- | M] () -- C:\WINDOWS\System32\amcompat.tlb [2012.06.01 11:18:42 | 000,004,348 | ---- | M] () -- C:\WINDOWS\ODBCINST.INI [2012.06.01 11:14:05 | 000,022,880 | ---- | M] () -- C:\WINDOWS\System32\emptyregdb.dat [2012.06.01 11:12:00 | 000,000,211 | -HS- | M] () -- C:\boot.ini [2012.05.31 19:26:30 | 000,000,136 | ---- | M] () -- C:\WINDOWS\System32\drivers\ALCICH.DAT [2012.05.31 14:42:23 | 000,041,237 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml [9 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [7 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] [11 C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\*.tmp files -> C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\*.tmp -> ] ========== Files Created - No Company Name ========== [2013.05.18 20:18:55 | 010,800,902 | ---- | C] () -- C:\Dokumente und Einstellungen\User\Eigene Dateien\da_ausgabe-22-13.pdf [2013.05.18 20:18:17 | 010,800,902 | ---- | C] () -- C:\Dokumente und Einstellungen\User\Eigene Dateien\da_ausgabe-23-13.pdf [2013.05.17 18:35:47 | 000,196,591 | ---- | C] () -- C:\Dokumente und Einstellungen\User\Eigene Dateien\1300345.pdf [2013.05.17 01:41:05 | 005,879,246 | ---- | C] () -- C:\Dokumente und Einstellungen\User\Eigene Dateien\Yamana fact sheet-04-04-13-high res.pdf [2013.05.14 21:06:41 | 000,048,463 | ---- | C] () -- C:\Dokumente und Einstellungen\User\Eigene Dateien\vorlage-reinigungskosten-berufsbekleidung.pdf [2013.05.12 14:50:42 | 018,489,819 | ---- | C] () -- C:\Dokumente und Einstellungen\User\Eigene Dateien\da_ausgabe-21-13.pdf [2013.05.08 19:35:53 | 014,109,905 | ---- | C] () -- C:\Dokumente und Einstellungen\User\Eigene Dateien\Bauplan Bollerwagen.pdf [2013.05.05 14:23:26 | 010,689,183 | ---- | C] () -- C:\Dokumente und Einstellungen\User\Eigene Dateien\da_ausgabe-20-13.pdf [2013.04.27 13:42:22 | 013,058,473 | ---- | C] () -- C:\Dokumente und Einstellungen\User\Eigene Dateien\da_ausgabe-19-03.pdf [2013.04.20 08:48:59 | 013,985,251 | ---- | C] () -- C:\Dokumente und Einstellungen\User\Eigene Dateien\da_ausgabe18-13.pdf [2013.04.13 03:01:10 | 012,168,381 | ---- | C] () -- C:\Dokumente und Einstellungen\User\Eigene Dateien\da_ausgabe17-13.pdf [2013.03.30 10:34:01 | 011,374,159 | ---- | C] () -- C:\Dokumente und Einstellungen\User\Eigene Dateien\da_ausgabe15-13.pdf [2013.03.18 23:42:59 | 000,374,698 | ---- | C] () -- C:\Dokumente und Einstellungen\User\Eigene Dateien\solo651-ersatzteile.pdf [2013.03.13 17:54:03 | 000,007,780 | ---- | C] () -- C:\Dokumente und Einstellungen\User\.recently-used.xbel [2013.02.17 15:32:15 | 000,205,157 | ---- | C] () -- C:\Dokumente und Einstellungen\User\Eigene Dateien\rohstoffrevolutionfracking500prozentaktiefuer033euro.pdf [2013.02.08 21:17:46 | 000,474,423 | ---- | C] () -- C:\Dokumente und Einstellungen\User\Eigene Dateien\104_pdfsam_GT-I8160_UM_Open_Gingerbread_Ger_Rev.1.0_121002_Screen.pdf [2013.02.08 21:17:45 | 001,046,136 | ---- | C] () -- C:\Dokumente und Einstellungen\User\Eigene Dateien\36_pdfsam_GT-I8160_UM_Open_Gingerbread_Ger_Rev.1.0_121002_Screen.pdf [2013.02.08 21:15:12 | 001,036,842 | ---- | C] () -- C:\Dokumente und Einstellungen\User\Eigene Dateien\1_pdfsam_GT-I8160_UM_Open_Gingerbread_Ger_Rev.1.0_121002_Screen.pdf [2013.02.08 21:13:52 | 006,829,391 | ---- | C] () -- C:\Dokumente und Einstellungen\User\Eigene Dateien\GT-I8160_UM_Open_Gingerbread_Ger_Rev.1.0_121002_Screen.pdf [2013.02.05 20:59:39 | 001,904,124 | ---- | C] () -- C:\Dokumente und Einstellungen\User\Eigene Dateien\11_bo-grundlagenbo-grundlagen.pdf [2013.02.05 20:59:38 | 003,107,126 | ---- | C] () -- C:\Dokumente und Einstellungen\User\Eigene Dateien\5_bo-grundlagenbo-grundlagen.pdf [2013.02.05 20:59:38 | 002,997,173 | ---- | C] () -- C:\Dokumente und Einstellungen\User\Eigene Dateien\1_bo-grundlagenbo-grundlagen.pdf [2013.02.05 20:59:38 | 002,231,104 | ---- | C] () -- C:\Dokumente und Einstellungen\User\Eigene Dateien\3_bo-grundlagenbo-grundlagen.pdf [2013.02.04 13:23:09 | 007,522,285 | ---- | C] () -- C:\Dokumente und Einstellungen\User\Eigene Dateien\bo-grundlagen.pdf [2013.02.03 19:21:34 | 017,365,682 | ---- | C] () -- C:\Dokumente und Einstellungen\User\Eigene Dateien\da_ausgabe.pdf [2013.01.11 11:25:41 | 000,222,688 | ---- | C] () -- C:\Dokumente und Einstellungen\User\Eigene Dateien\ScripTCsandCs1.pdf [2013.01.01 18:26:50 | 000,916,765 | ---- | C] () -- C:\Dokumente und Einstellungen\User\Eigene Dateien\schuhgroessen_shoepassion.pdf [2012.12.19 18:38:17 | 002,611,310 | ---- | C] () -- C:\Dokumente und Einstellungen\User\Eigene Dateien\doc00465520121219141437.pdf [2012.12.18 17:18:38 | 000,095,410 | ---- | C] () -- C:\Dokumente und Einstellungen\User\Eigene Dateien\document_HL_Annahmeerklaerung.pdf [2012.12.18 17:17:59 | 001,947,614 | ---- | C] () -- C:\Dokumente und Einstellungen\User\Eigene Dateien\document_HL_fallend_Koehler.pdf [2012.12.10 12:32:01 | 000,000,639 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\C-evo.lnk [2012.12.10 11:23:46 | 000,001,892 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Archon.lnk [2012.12.03 23:00:12 | 000,452,302 | ---- | C] () -- C:\Dokumente und Einstellungen\User\Eigene Dateien\aktien_lernen_komplettkurs.pdf [2012.12.02 19:05:55 | 018,226,213 | ---- | C] () -- C:\Dokumente und Einstellungen\User\Eigene Dateien\da_ausgabe50-12.pdf [2012.11.29 23:47:08 | 008,340,811 | ---- | C] () -- C:\Dokumente und Einstellungen\User\Eigene Dateien\caravan-mieten-treeker-2012.pdf [2012.11.28 17:15:02 | 000,122,312 | ---- | C] () -- C:\Dokumente und Einstellungen\User\Eigene Dateien\Bruce.xps [2012.08.23 12:51:05 | 000,016,727 | ---- | C] () -- C:\Dokumente und Einstellungen\User\Eigene Dateien\Vertragsdokument-der-SWK.pdf [2012.07.09 16:05:55 | 000,001,541 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\NavyFIELD Europe (DE).lnk [2012.07.09 15:01:51 | 2650,873,856 | -HS- | C] () -- C:\hiberfil.sys [2012.07.09 14:35:36 | 000,000,410 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Installation des Szenarioeditors beenden.lnk [2012.07.09 14:35:21 | 000,000,313 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\DirectX Media Setup.lnk [2012.07.09 14:35:20 | 000,000,326 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Intel Indeo Setup.lnk [2012.06.16 13:31:38 | 002,052,849 | ---- | C] () -- C:\Dokumente und Einstellungen\User\Eigene Dateien\Marathon-unter-3-30.pdf [2012.06.16 13:31:33 | 002,038,698 | ---- | C] () -- C:\Dokumente und Einstellungen\User\Eigene Dateien\Marathon-unter-4-30.pdf [2012.06.16 13:31:28 | 002,049,543 | ---- | C] () -- C:\Dokumente und Einstellungen\User\Eigene Dateien\Halbmarathon-Einsteiger.pdf [2012.06.02 12:45:30 | 000,001,840 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Windows 7 Upgrade Advisor.lnk [2012.06.02 12:45:30 | 000,001,834 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Windows 7 Upgrade Advisor.lnk [2012.06.01 14:07:42 | 000,000,691 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\VLC media player.lnk [2012.06.01 12:58:41 | 000,146,650 | ---- | C] () -- C:\WINDOWS\System32\BuzzingBee.wav [2012.06.01 12:58:40 | 000,940,794 | ---- | C] () -- C:\WINDOWS\System32\LoopyMusic.wav [2012.06.01 12:58:26 | 000,024,944 | ---- | C] () -- C:\WINDOWS\System32\drivers\GVTDrv.sys [2012.06.01 12:58:26 | 000,000,004 | ---- | C] () -- C:\WINDOWS\System32\GVTunner.ref [2012.06.01 12:49:26 | 000,000,064 | ---- | C] () -- C:\Dokumente und Einstellungen\User\Anwendungsdaten\Sandra.ldb [2012.06.01 12:35:47 | 2145,386,496 | ---- | C] () -- C:\WINDOWS\MEMORY.DMP [2012.06.01 12:29:48 | 000,008,116 | ---- | C] () -- C:\Dokumente und Einstellungen\User\Lokale Einstellungen\Anwendungsdaten\d3d9caps.dat [2012.06.01 12:11:41 | 000,001,709 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\ET6.lnk [2012.06.01 12:10:35 | 000,031,272 | ---- | C] () -- C:\WINDOWS\System32\AppleChargerSrv.exe [2012.06.01 12:10:35 | 000,019,056 | ---- | C] () -- C:\WINDOWS\System32\drivers\AppleCharger.sys [2012.06.01 12:09:22 | 000,021,736 | ---- | C] () -- C:\WINDOWS\System32\drivers\RTAIODAT.DAT [2012.06.01 12:08:20 | 000,219,089 | R--- | C] () -- C:\WINDOWS\System32\Gfxres.th-TH.resources [2012.06.01 12:08:20 | 000,206,074 | R--- | C] () -- C:\WINDOWS\System32\Gfxres.el-GR.resources [2012.06.01 12:08:20 | 000,190,306 | R--- | C] () -- C:\WINDOWS\System32\Gfxres.ru-RU.resources [2012.06.01 12:08:20 | 000,160,273 | R--- | C] () -- C:\WINDOWS\System32\Gfxres.ja-JP.resources [2012.06.01 12:08:20 | 000,156,020 | R--- | C] () -- C:\WINDOWS\System32\Gfxres.he-IL.resources [2012.06.01 12:08:20 | 000,146,945 | R--- | C] () -- C:\WINDOWS\System32\Gfxres.it-IT.resources [2012.06.01 12:08:20 | 000,145,559 | R--- | C] () -- C:\WINDOWS\System32\Gfxres.ko-KR.resources [2012.06.01 12:08:20 | 000,144,621 | R--- | C] () -- C:\WINDOWS\System32\Gfxres.es-ES.resources [2012.06.01 12:08:20 | 000,143,191 | R--- | C] () -- C:\WINDOWS\System32\Gfxres.ro-RO.resources [2012.06.01 12:08:20 | 000,142,754 | R--- | C] () -- C:\WINDOWS\System32\Gfxres.fr-FR.resources [2012.06.01 12:08:20 | 000,142,035 | R--- | C] () -- C:\WINDOWS\System32\Gfxres.tr-TR.resources [2012.06.01 12:08:20 | 000,141,601 | R--- | C] () -- C:\WINDOWS\System32\Gfxres.pt-BR.resources [2012.06.01 12:08:20 | 000,141,258 | R--- | C] () -- C:\WINDOWS\System32\Gfxres.nl-NL.resources [2012.06.01 12:08:20 | 000,141,134 | R--- | C] () -- C:\WINDOWS\System32\Gfxres.hu-HU.resources [2012.06.01 12:08:20 | 000,140,501 | R--- | C] () -- C:\WINDOWS\System32\Gfxres.pt-PT.resources [2012.06.01 12:08:20 | 000,140,404 | R--- | C] () -- C:\WINDOWS\System32\Gfxres.sv-SE.resources [2012.06.01 12:08:20 | 000,139,864 | R--- | C] () -- C:\WINDOWS\System32\Gfxres.pl-PL.resources [2012.06.01 12:08:20 | 000,139,623 | R--- | C] () -- C:\WINDOWS\System32\Gfxres.fi-FI.resources [2012.06.01 12:08:20 | 000,139,095 | R--- | C] () -- C:\WINDOWS\System32\Gfxres.sk-SK.resources [2012.06.01 12:08:20 | 000,138,414 | R--- | C] () -- C:\WINDOWS\System32\Gfxres.hr-HR.resources [2012.06.01 12:08:20 | 000,135,443 | R--- | C] () -- C:\WINDOWS\System32\Gfxres.sl-SI.resources [2012.06.01 12:08:20 | 000,135,396 | R--- | C] () -- C:\WINDOWS\System32\Gfxres.nb-NO.resources [2012.06.01 12:08:20 | 000,130,387 | R--- | C] () -- C:\WINDOWS\System32\Gfxres.en-US.resources [2012.06.01 12:08:20 | 000,124,032 | R--- | C] () -- C:\WINDOWS\System32\Gfxres.zh-TW.resources [2012.06.01 12:08:20 | 000,122,610 | R--- | C] () -- C:\WINDOWS\System32\Gfxres.zh-CN.resources [2012.06.01 12:08:19 | 000,163,151 | R--- | C] () -- C:\WINDOWS\System32\Gfxres.ar-SA.resources [2012.06.01 12:08:19 | 000,144,501 | R--- | C] () -- C:\WINDOWS\System32\Gfxres.de-DE.resources [2012.06.01 12:08:19 | 000,139,839 | R--- | C] () -- C:\WINDOWS\System32\Gfxres.cs-CZ.resources [2012.06.01 12:08:19 | 000,134,952 | R--- | C] () -- C:\WINDOWS\System32\Gfxres.da-DK.resources [2012.06.01 12:08:19 | 000,009,216 | R--- | C] ( ) -- C:\WINDOWS\System32\IGFXDEVLib.dll [2012.06.01 12:08:19 | 000,000,264 | R--- | C] () -- C:\WINDOWS\System32\GfxUI.exe.config [2012.06.01 12:08:18 | 001,674,683 | R--- | C] () -- C:\WINDOWS\System32\igxpxa32.cpa [2012.06.01 12:08:18 | 000,732,392 | R--- | C] () -- C:\WINDOWS\System32\igkrng700.bin [2012.06.01 12:08:18 | 000,557,080 | R--- | C] () -- C:\WINDOWS\System32\igfcg700m.bin [2012.06.01 12:08:18 | 000,058,558 | R--- | C] () -- C:\WINDOWS\System32\igxpxk32.vp [2012.06.01 12:08:18 | 000,042,616 | R--- | C] () -- C:\WINDOWS\System32\igxpxs32.vp [2012.06.01 12:08:18 | 000,001,023 | R--- | C] () -- C:\WINDOWS\System32\igxpxa32.vp [2012.06.01 12:04:59 | 000,207,400 | R--- | C] () -- C:\WINDOWS\GSetup.exe [2012.06.01 12:04:59 | 000,000,010 | ---- | C] () -- C:\WINDOWS\GSetup.ini [2012.05.31 22:46:38 | 000,006,936 | ---- | C] () -- C:\Dokumente und Einstellungen\User\MergeIDE.reg [2012.05.31 22:46:38 | 000,001,436 | ---- | C] () -- C:\Dokumente und Einstellungen\User\MergeIDE.bat [2012.05.31 22:44:05 | 000,006,936 | ---- | C] () -- C:\Dokumente und Einstellungen\User\Eigene Dateien\MergeIDE.reg [2012.05.31 22:44:05 | 000,001,436 | ---- | C] () -- C:\Dokumente und Einstellungen\User\Eigene Dateien\MergeIDE.bat [2012.05.20 20:03:56 | 011,563,008 | ---- | C] () -- C:\Dokumente und Einstellungen\User\Anwendungsdaten\Sandra.mdb [2012.01.01 18:50:22 | 000,010,599 | ---- | C] () -- C:\Dokumente und Einstellungen\User\Thorsten_elster_2048.pfx [2011.08.07 16:08:46 | 000,000,000 | ---- | C] () -- C:\Dokumente und Einstellungen\User\Anwendungsdaten\4088052.exe [2011.08.07 16:08:46 | 000,000,000 | ---- | C] () -- C:\Dokumente und Einstellungen\User\Anwendungsdaten\1745964.exe [2011.04.25 15:52:11 | 000,002,528 | ---- | C] () -- C:\Dokumente und Einstellungen\User\Anwendungsdaten\$_hpcst$.hpc [2010.02.10 14:18:24 | 000,000,800 | ---- | C] () -- C:\Dokumente und Einstellungen\User\Anwendungsdaten\DriveCalculator Preferences [2009.03.03 23:37:17 | 000,000,695 | ---- | C] () -- C:\Dokumente und Einstellungen\User\.ufrawrc ========== ZeroAccess Check ========== [2008.11.28 20:53:15 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shdocvw.dll -- [2013.04.16 23:18:20 | 001,510,400 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = C:\WINDOWS\system32\wbem\fastprox.dll -- [2009.02.09 12:51:44 | 000,473,600 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] "" = C:\WINDOWS\system32\wbem\wbemess.dll -- [2008.04.14 04:22:32 | 000,273,920 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both ========== Alternate Data Streams ========== @Alternate Data Stream - 99 bytes -> C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TEMP:24051EFF @Alternate Data Stream - 127 bytes -> C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TEMP:E29ACA54 < End of report > undOTL Logfile: Code:
ATTFilter OTL Extras logfile created on: 20.05.2013 16:05:20 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Dokumente und Einstellungen\User\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.5512)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
2,47 Gb Total Physical Memory | 1,91 Gb Available Physical Memory | 77,28% Memory free
4,31 Gb Paging File | 3,81 Gb Available in Paging File | 88,32% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 298,09 Gb Total Space | 243,22 Gb Free Space | 81,59% Space Free | Partition Type: NTFS
Computer Name: PRIVAT-9E1D933D | User Name: User | NOT logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 360 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.url [@ = InternetShortcut] -- rundll32.exe shdocvw.dll,OpenURL %l
[HKEY_USERS\S-1-5-21-1085031214-813497703-1060284298-1004\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Programme\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
htmlfile [edit] -- Reg Error: Key error.
InternetShortcut [open] -- rundll32.exe shdocvw.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Programme\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [Digital Photo Professional] -- C:\Programme\Canon\Digital Photo Professional\DPPViewer.exe /path "%1" (CANON INC.)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Programme\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 1
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22008
"139:TCP" = 139:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22002
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\WINDOWS\system32\sessmgr.exe" = C:\WINDOWS\system32\sessmgr.exe:*:Disabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"C:\WINDOWS\system32\muzapp.exe" = C:\WINDOWS\system32\muzapp.exe:*:Enabled:MUZ AOD APP player -- (Musiccity Co.Ltd.)
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"C:\WINDOWS\system32\mmc.exe" = C:\WINDOWS\system32\mmc.exe:*:Disabled:Microsoft Management Console -- (Microsoft Corporation)
"C:\Programme\SiSoftware\SiSoftware Sandra Lite 2010.SP2\WNt500x86\RpcSandraSrv.exe" = C:\Programme\SiSoftware\SiSoftware Sandra Lite 2010.SP2\WNt500x86\RpcSandraSrv.exe:*:Enabled:SiSoftware Sandra Agent Service
"C:\Programme\Samsung\Samsung New PC Studio\npsasvr.exe" = C:\Programme\Samsung\Samsung New PC Studio\npsasvr.exe:*:Enabled:KTF MUSIC AoD Server -- (PeeringPortal)
"C:\Programme\Samsung\Samsung New PC Studio\npsvsvr.exe" = C:\Programme\Samsung\Samsung New PC Studio\npsvsvr.exe:*:Enabled:KTF MUSIC VoD Server -- (PeeringPortal)
"C:\Programme\SiSoftware\SiSoftware Sandra Lite 2012.SP4\RpcAgentSrv.exe" = C:\Programme\SiSoftware\SiSoftware Sandra Lite 2012.SP4\RpcAgentSrv.exe:*:Enabled:SiSoftware Deployment Agent Service -- (SiSoftware)
"C:\Programme\SiSoftware\SiSoftware Sandra Lite 2012.SP4\WNt500x86\RpcSandraSrv.exe" = C:\Programme\SiSoftware\SiSoftware Sandra Lite 2012.SP4\WNt500x86\RpcSandraSrv.exe:*:Enabled:SiSoftware Sandra Agent Service -- (SiSoftware)
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0A0CADCF-78DA-33C4-A350-CD51849B9702}" = Microsoft .NET Framework 4 Extended
"{0DD140D3-9563-481E-AA75-BA457CBDAEF2}" = PC Inspector File Recovery
"{262DA23B-4BAB-463F-B1DC-9B5287CAB5CA}}_is1" = Deinstallation der Arcor Online Software
"{26A24AE4-039D-4CA4-87B4-2F83216031FF}" = Java(TM) 6 Update 31
"{26A24AE4-039D-4CA4-87B4-2F83217010FF}" = Java 7 Update 10
"{29928493-A7A8-4EB4-9421-53C2C20888FC}_is1" = C-evo version 1.1.2
"{2DF7B278-D3B6-40A4-B25C-0E7149F439EA}" = 3DMark05
"{3108C217-BE83-42E4-AE9E-A56A2A92E549}" = Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver
"{350C97B3-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3CA5E31B-3294-4352-A7D7-A156763779E9}" = NavyFIELD Europa
"{3DECD372-76A1-4483-BF10-B547790A3261}" = ON_OFF Charge B11.1102.1
"{457D7505-D665-4F95-91C3-ECB8C56E9ACA}" = Easy Tune 6 B12.0210.2
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{5260B91C-28E1-4fe9-B2EE-BE1B6C82621A}_is1" = PhotoRescue Pro
"{544FB392-069D-4BA5-9DC7-FFD47230AEE5}" = Photohands 1.0G
"{554AF605-3BC3-4015-8B80-BA8897D9C139}" = ArchonPC
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{682ABE6A-2CCE-4C6C-AA82-0FE5AB8033F3}" = Sunny Design
"{70B45586-B51E-4947-A258-A895596C5CED}" = Photo Loader 3.0G
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7E84FAC8-C518-40F9-9807-7455301D6D25}" = SamsungConnectivityCableDriver
"{7FFC1B30-70CE-11D5-A8B2-000374890932}" = aladin
"{86D4B82A-ABED-442A-BE86-96357B70F4FE}" = Ask Toolbar
"{8937FCB2-2FC6-4FC3-9FB5-DE2C92DB9C38}" = Microsoft .NET Framework 2.0 Language Pack - DEU
"{8C3727F2-8E37-49E4-820C-03B1677F53B6}" = Stronghold Crusader
"{98613C99-1399-416C-A07C-1EE1C585D872}" = SeaTools for Windows
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9A4D182C-35C7-4791-8484-4304EBC9101A}" = Windows 7 Upgrade Advisor
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{AC599724-5755-48C1-ABE7-ABB857652930}" = PC Connectivity Solution
"{AC76BA86-7AD7-1031-7B44-A91000000001}" = Adobe Reader 9.1.1 - Deutsch
"{AFA42FE1-A5C3-485F-9180-BFCF5BF1F1C3}" = AAVUpdateManager
"{B2DC3F08-2EB2-49A5-AA24-15DFC8B1CB83}" = @BIOS
"{BB3AB664-D92B-4CB5-8B3E-D841841F4E68}" = Canon Camera WIA Driver
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C20CE592-B0F8-4D20-BF31-0151CA6331A6}" = Samsung Media Studio
"{C3113E55-7BCB-4de3-8EBF-60E6CE6B2396}_is1" = SiSoftware Sandra Lite 2012.SP4
"{C43E4B9C-14C8-4EB0-998B-85211B6EDD61}" = Seagate*DiscWizard
"{C75FAD21-EC08-42F3-92D6-C9C0AB355345}" = AutoGreen B12.0206.1
"{C911A0C2-2236-3164-AA47-F2566C01AE5E}" = Microsoft .NET Framework 4 Extended DEU Language Pack
"{C9A87D86-FDFD-418B-BF96-EF09320973B3}" = PC Inspector smart recovery
"{CCD2BAD2-0919-40CB-80CC-E9538B0E4C2E}" = Steuer-Spar-Erklärung 2012
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CE625D68-A233-48B8-9633-2CDDB738E4E3}" = WISO Börse 2011
"{D9314739-32C6-469E-8C3E-92F7DEF22CDD}" = CAP 6.0
"{DC5908FD-CF12-46D2-85CC-15898CF59443}" = RC Data Recorder
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Processor Graphics
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F193FC0E-9E18-40FC-A974-509A1BDD240A}" = Samsung New PC Studio
"{F750C986-5310-3A5A-95F8-4EC71C8AC01C}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{FB08F381-6533-4108-B7DD-039E11FBC27E}" = Avance AC'97 Audio
"3A5DEFA413DDE699DBA6EBE0A63534ACA524D30F" = Windows-Treiberpaket - Nokia pccsmcfd (10/12/2007 6.85.4.0)
"6194C28A8F62DD817EA1B918E6E46E806A21B452" = Windows-Treiberpaket - MobileTop (sshpmdm) Modem (02/23/2007 2.5.0.0)
"65B6FE5418CE28F4D72543FB2D964C3CEC83F161" = Windows-Treiberpaket - MobileTop (sshpusb) USB (02/23/2007 2.5.0.0)
"Adobe Acrobat 5.0" = Adobe Acrobat 5.0
"Adobe Flash Player ActiveX" = Adobe Flash Player ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"AktienProfi_is1" = AktienProfi 3.19.1
"Ashampoo Photo Commander 5_is1" = Ashampoo Photo Commander 5.40
"Audiograbber" = Audiograbber 1.83 SE
"Audiograbber-Lame" = Audiograbber MP3-Plugin
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"AVS Audio Converter_is1" = AVS Audio Converter version 7
"AVS Update Manager_is1" = AVS Update Manager 1.0
"AVS4YOU Software Navigator_is1" = AVS4YOU Software Navigator 1.4
"Backup4all 3_is1" = Backup4all 3
"CAL" = Canon Camera Access Library
"CameraWindowDVC5" = Canon Utilities CameraWindow DC_DV 5 for ZoomBrowser EX
"CameraWindowDVC6" = Canon Utilities CameraWindow DC_DV 6 for ZoomBrowser EX
"CameraWindowLauncher" = Canon Utilities CameraWindow
"CANON iMAGE GATEWAY Task" = CANON iMAGE GATEWAY Task for ZoomBrowser EX
"Canon Internet Library for ZoomBrowser EX" = Canon Internet Library for ZoomBrowser EX
"CPUCooL" = CPUCooL (remove only)
"CSCLIB" = Canon Camera Support Core Library
"CTSUITE_is1" = ContiTech Suite 3.0
"DPP" = Canon Utilities Digital Photo Professional 3.4
"ElsterFormular 12.4.1.7699p" = ElsterFormular
"Enable S3 for USB Device" = Enable S3 for USB Device
"EOS Utility" = Canon Utilities EOS Utility
"Fighting Steel" = Fighting Steel
"File Recover_is1" = File Recover 7.5
"firecalc_is1" = firecalc 1.0.11
"HD Tune_is1" = HD Tune 2.55
"hphuni04" = Photosmart 130,230,7150,7345,7350,7550 (nur entfernen)
"InstallShield_{457D7505-D665-4F95-91C3-ECB8C56E9ACA}" = Easy Tune 6 B12.0210.2
"InstallShield_{BB3AB664-D92B-4CB5-8B3E-D841841F4E68}" = Canon EOS 5D WIA-Treiber
"InstallShield_{C75FAD21-EC08-42F3-92D6-C9C0AB355345}" = AutoGreen B12.0206.1
"InstallShield_{F193FC0E-9E18-40FC-A974-509A1BDD240A}" = Samsung New PC Studio
"Lame MP3 Codec (for the ACM)" = Lame ACM MP3 Codec
"loadtbs-3.0" = loadtbs-3.0
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.61.0.1400
"map&guide 6" = map&guide 6
"Microsoft .NET Framework 2.0 Language Pack - DEU" = Microsoft .NET Framework 2.0 Language Pack - DEU
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft .NET Framework 4 Extended DEU Language Pack" = Microsoft .NET Framework 4 Extended DEU Language Pack
"MotoCalc 8_is1" = MotoCalc 8.07
"Mozilla Firefox (3.0.10)" = Mozilla Firefox (3.0.10)
"MyCamera" = Canon Utilities MyCamera
"NAVIGON Fresh" = NAVIGON Fresh 3.4.1
"NVIDIA Drivers" = NVIDIA Drivers
"Office8.0" = Microsoft Office 97, Professional Edition
"OpenAL" = OpenAL
"Original Data Security Tools" = Canon Utilities Original Data Security Tools
"pdfsam" = pdfsam
"PhotoStitch" = Canon Utilities PhotoStitch
"Picture Style Editor" = Canon Utilities Picture Style Editor
"RAW Image Task" = Canon RAW Image Task for ZoomBrowser EX
"RemoteCaptureTask" = Canon Utilities RemoteCapture Task for ZoomBrowser EX
"SAMSUNG Mobile Composite Device" = SAMSUNG Mobile Composite Device Software
"SAMSUNG Mobile Modem" = SAMSUNG Mobile Modem Driver Set
"Samsung Mobile Modem Device" = Samsung Mobile Modem Device Software
"Samsung Mobile phone USB driver" = Samsung Mobile phone USB driver Software
"SAMSUNG Mobile USB Modem" = SAMSUNG Mobile USB Modem Software
"SAMSUNG Mobile USB Modem 1.0" = SAMSUNG Mobile USB Modem 1.0 Software
"SAMSUNG USB Mobile Device" = SAMSUNG USB Mobile Device Software
"Siedler3Deinstall" = Siedler3
"Softonic" = Softonic toolbar on IE and Chrome
"ST6UNST #1" = Fighting Steel Szenario-Editor
"UFRaw_is1" = UFRaw 0.15
"VLC media player" = VLC media player 2.0.1
"WFTK" = Canon Utilities WFT-E1/E2/E3 Utility
"Windows Media Format Runtime" = Windows Media Format Runtime
"Windows Media Player" = Windows Media Player 10
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinGimp-2.0_is1" = GIMP 2.6.4
"WinRAR archiver" = WinRAR
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"XviD_is1" = XviD MPEG-4 Video Codec
"ZoomBrowser EX" = Canon Utilities ZoomBrowser EX
"ZoomBrowser EX Memory Card Utility" = Canon ZoomBrowser EX Memory Card Utility
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-1085031214-813497703-1060284298-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{79A765E1-C399-405B-85AF-466F52E918B0}" = Ask Toolbar Updater
"Mozilla Firefox 20.0.1 (x86 de)" = Mozilla Firefox 20.0.1 (x86 de)
"Mozilla Thunderbird 17.0.6 (x86 de)" = Mozilla Thunderbird 17.0.6 (x86 de)
========== Last 20 Event Log Errors ==========
Error: Unable to start EventLog service!
< End of report >
|
| Themen zu Windows XP will ständig Updates fahren |
| antivir, askbar, audiograbber, avira, bho, canon, converter, down, entfernen, error, firefox, flash player, format, home, installation, logfile, mmc.exe, object, plug-in, problem, realtek, registry, rundll, scan, security, software, updates, user agent, windows, windows xp, wiso |
Baum-Darstellung