Hallo Arne,
anbei die 1.OTL-Log-Datei.
OTL Logfile: Code:
OTL logfile created on: 27.09.2011 20:49:24 - Run 3
OTL by OldTimer - Version 3.2.29.1 Folder = C:\Dokumente und Einstellungen\Davide\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.11)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
1014,05 Mb Total Physical Memory | 615,20 Mb Available Physical Memory | 60,67% Memory free
2,38 Gb Paging File | 1,89 Gb Available in Paging File | 79,30% Paging File free
Paging file location(s): C:\pagefile.sys 1524 3048 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 44,87 Gb Total Space | 3,76 Gb Free Space | 8,38% Space Free | Partition Type: NTFS
Drive D: | 45,34 Gb Total Space | 13,89 Gb Free Space | 30,64% Space Free | Partition Type: FAT32
Computer Name: DAVID | User Name: Davide | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - C:\Dokumente und Einstellungen\Davide\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Programme\SUPERAntiSpyware\SUPERANTISPYWARE.EXE (SUPERAntiSpyware.com)
PRC - C:\Programme\SUPERAntiSpyware\SASCORE.EXE (SUPERAntiSpyware.com)
PRC - C:\Programme\Gemeinsame Dateien\Spigot\Search Settings\SearchSettings.exe (Spigot, Inc.)
PRC - C:\Programme\Application Updater\ApplicationUpdater.exe (Spigot, Inc.)
PRC - C:\Programme\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
PRC - C:\Programme\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
PRC - C:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
PRC - C:\Programme\Avira\AntiVir Desktop\avshadow.exe (Avira GmbH)
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\Programme\Gemeinsame Dateien\Ahead\Lib\NMBgMonitor.exe (Nero AG)
PRC - C:\Programme\Acer\eRecovery\Monitor.exe (acer Inc.)
PRC - C:\Acer\ePM\epm-dm.exe (Acer Inc)
PRC - C:\Programme\Acer\Acer Arcade\Kernel\TV\CLSched.exe ()
PRC - C:\Programme\Acer\Acer Arcade\Kernel\TV\CLCapSvc.exe ()
PRC - C:\Programme\Acer\Acer Arcade\PCMService.exe (CyberLink Corp.)
PRC - C:\Programme\Acer\Acer Arcade\Kernel\CLML_NTService\CLMLService.exe (Cyberlink)
PRC - C:\Programme\Acer\Acer Arcade\Kernel\CLML_NTService\CLMLServer.exe (Cyberlink)
PRC - C:\Acer\eManager\anbmServ.exe (OSA Technologies Inc.)
PRC - C:\Programme\Synaptics\SynTP\SynTPLpr.exe (Synaptics, Inc.)
PRC - C:\WINDOWS\system32\LVCOMSX.EXE (Logitech Inc.)
========== Modules (No Company Name) ==========
MOD - C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10007.dll ()
MOD - C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10006.dll ()
MOD - C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\UIREPAIR.DLL ()
MOD - C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10005.dll ()
MOD - C:\Programme\Avira\AntiVir Desktop\sqlite3.dll ()
MOD - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\pdfshell.DEU ()
MOD - C:\WINDOWS\system32\msdmo.dll ()
MOD - C:\Programme\WinRAR\RarExt.dll ()
MOD - C:\Programme\ICQLite\ICQLiteShell.dll ()
MOD - C:\Programme\Acer\Acer Arcade\Kernel\TV\CLSched.exe ()
MOD - C:\Programme\Acer\Acer Arcade\Kernel\TV\CLCapSvc.exe ()
MOD - C:\Programme\Acer\Acer Arcade\Kernel\TV\CLCapEngine.dll ()
MOD - C:\Programme\Acer\Acer Arcade\Kernel\TV\CLSchMgr.dll ()
MOD - C:\Programme\Acer\Acer Arcade\Kernel\TV\CLCapSvcps.dll ()
MOD - C:\Programme\Acer\Acer Arcade\Kernel\TV\CLSchedps.dll ()
MOD - C:\WINDOWS\system32\pdfcmnnt.dll ()
========== Win32 Services (SafeList) ==========
SRV - (Lavasoft Ad-Aware Service) -- File not found
SRV - (HidServ) -- File not found
SRV - (AppMgmt) -- File not found
SRV - (!SASCORE) -- C:\Programme\SUPERAntiSpyware\SASCORE.EXE (SUPERAntiSpyware.com)
SRV - (Application Updater) -- C:\Programme\Application Updater\ApplicationUpdater.exe (Spigot, Inc.)
SRV - (AntiVirService) -- C:\Programme\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
SRV - (AntiVirSchedulerService) -- C:\Programme\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
SRV - (CLSched) CyberLink Task Scheduler (CTS) -- C:\Programme\Acer\Acer Arcade\Kernel\TV\CLSched.exe ()
SRV - (CLCapSvc) CyberLink Background Capture Service (CBCS) -- C:\Programme\Acer\Acer Arcade\Kernel\TV\CLCapSvc.exe ()
SRV - (CyberLink Media Library Service) -- C:\Programme\Acer\Acer Arcade\Kernel\CLML_NTService\CLMLServer.exe (Cyberlink)
SRV - (anbmService) -- C:\Acer\eManager\anbmServ.exe (OSA Technologies Inc.)
SRV - (ose) -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE (Microsoft Corporation)
========== Driver Services (SafeList) ==========
DRV - (SASDIFSV) -- C:\Programme\SUPERAntiSpyware\SASDIFSV.SYS (SUPERAdBlocker.com and SUPERAntiSpyware.com)
DRV - (SASKUTIL) -- C:\Programme\SUPERAntiSpyware\SASKUTIL.SYS (SUPERAdBlocker.com and SUPERAntiSpyware.com)
DRV - (avipbb) -- C:\WINDOWS\system32\drivers\avipbb.sys (Avira GmbH)
DRV - (avgntflt) -- C:\WINDOWS\system32\drivers\avgntflt.sys (Avira GmbH)
DRV - (Lbd) -- C:\WINDOWS\system32\DRIVERS\Lbd.sys (Lavasoft AB)
DRV - (ssmdrv) -- C:\WINDOWS\system32\drivers\ssmdrv.sys (Avira GmbH)
DRV - (avgio) -- C:\Programme\Avira\AntiVir Desktop\avgio.sys (Avira GmbH)
DRV - (s116unic) Sony Ericsson Device 116 USB Ethernet Emulation SEMC116 (WDM) -- C:\WINDOWS\system32\drivers\s116unic.sys (MCCI Corporation)
DRV - (s116obex) -- C:\WINDOWS\system32\drivers\s116obex.sys (MCCI Corporation)
DRV - (s116nd5) Sony Ericsson Device 116 USB Ethernet Emulation SEMC116 (NDIS) -- C:\WINDOWS\system32\drivers\s116nd5.sys (MCCI Corporation)
DRV - (s116mgmt) Sony Ericsson Device 116 USB WMC Device Management Drivers (WDM) -- C:\WINDOWS\system32\drivers\s116mgmt.sys (MCCI Corporation)
DRV - (s116mdm) -- C:\WINDOWS\system32\drivers\s116mdm.sys (MCCI Corporation)
DRV - (s116mdfl) -- C:\WINDOWS\system32\drivers\s116mdfl.sys (MCCI Corporation)
DRV - (s116bus) Sony Ericsson Device 116 driver (WDM) -- C:\WINDOWS\system32\drivers\s116bus.sys (MCCI Corporation)
DRV - (SLEE_14_DRIVER) -- C:\WINDOWS\system32\drivers\sleen14.sys (Softwareentwicklung Remus - ArchiCrypt )
DRV - (IntcAzAudAddService) Service for Realtek HD Audio (WDM) -- C:\WINDOWS\system32\drivers\RtkHDAud.sys (Realtek Semiconductor Corp.)
DRV - (osaio) -- C:\WINDOWS\system32\drivers\osaio.sys (OSA Technologies, An Avocent Company)
DRV - (HSF_DPV) -- C:\WINDOWS\system32\drivers\HSF_DPV.sys (Conexant Systems, Inc.)
DRV - (HSFHWAZL) -- C:\WINDOWS\system32\drivers\HSFHWAZL.sys (Conexant Systems, Inc.)
DRV - (winachsf) -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys (Conexant Systems, Inc.)
DRV - (EpmShd) -- C:\WINDOWS\system32\drivers\epm-shd.sys (Acer Value Labs, USA)
DRV - (RTL8023xp) -- C:\WINDOWS\system32\drivers\Rtlnicxp.sys (Realtek Semiconductor Corporation )
DRV - (PID_0928) Logitech QuickCam Express(PID_0928) -- C:\WINDOWS\system32\drivers\LV561AV.SYS (Logitech Inc.)
DRV - (LVUSBSta) -- C:\WINDOWS\system32\drivers\LVUSBSta.sys (Logitech Inc.)
DRV - (osanbm) -- C:\WINDOWS\system32\drivers\osanbm.sys (Windows (R) 2000 DDK provider)
DRV - (int15.sys) -- C:\Programme\Acer\eRecovery\int15.sys ()
DRV - (HdAudAddService) -- C:\WINDOWS\system32\drivers\Hdaudio.sys (Windows (R) Server 2003 DDK provider)
DRV - (w29n51) Intel(R) -- C:\WINDOWS\system32\drivers\w29n51.sys (Intel® Corporation)
DRV - (s24trans) -- C:\WINDOWS\system32\drivers\s24trans.sys (Intel Corporation)
DRV - (EpmPsd) -- C:\WINDOWS\system32\drivers\epm-psd.sys (Acer Value Labs, USA)
DRV - (tap0801) -- C:\WINDOWS\system32\drivers\tap0801.sys (The OpenVPN Project)
DRV - (QCDonner) Logitech QuickCam Express(PID_0840) -- C:\WINDOWS\system32\drivers\lvcd.sys (Logitech Inc.)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://de.search.yahoo.com/ [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://de.search.yahoo.com/ [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://de.yahoo.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = hxxp://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://de.yahoo.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = hxxp://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://www.google.com/ie
IE - HKCU\..\URLSearchHook: {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Programme\DVDVideoSoftTB\tbDVDV.dll (Conduit Ltd.)
IE - HKCU\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - No CLSID value found
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>
========== FireFox ==========
FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&type=827316"
FF - prefs.js..browser.startup.homepage: "www.google.de"
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: {ACAA314B-EEBA-48e4-AD47-84E31C44796C}:1.0.1
FF - prefs.js..extensions.enabledItems: {4D144BC3-23FB-47de-90C5-63CCB0139CCF}:1.0
FF - prefs.js..extensions.enabledItems: {872b5b88-9db5-4310-bdd0-ac189557e5f5}:3.3.3.2
FF - prefs.js..extensions.enabledItems: engine@conduit.com:3.3.3.2
FF - prefs.js..extensions.enabledItems: pdfforge@mybrowserbar.com:4.3
FF - prefs.js..extensions.enabledItems: wtxpcom@mybrowserbar.com:4.3
FF - prefs.js..keyword.URL: "chrome://browser-region/locale/region.properties"
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@checkpoint.com/FFApi: C:\Programme\CheckPoint\ZAForceField\TrustChecker\bin\npFFApi.dll File not found
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Programme\DivX\DivX Web Player\npdivx32.dll (DivX,Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: C:\Programme\DivX\DivX Player\npDivxPlayerPlugin.dll (DivX, Inc)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Programme\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Programme\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 6.0.2\extensions\\Components: C:\Programme\Mozilla Firefox\components [2011.09.07 18:55:47 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 6.0.2\extensions\\Plugins: C:\Programme\Mozilla Firefox\plugins [2011.06.18 10:14:08 | 000,000,000 | ---D | M]
[2010.12.30 19:52:52 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\Davide\Anwendungsdaten\Mozilla\Extensions
[2011.09.27 19:37:47 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\Davide\Anwendungsdaten\Mozilla\Firefox\Profiles\34vhjdd8.default\extensions
[2011.01.02 22:24:24 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Dokumente und Einstellungen\Davide\Anwendungsdaten\Mozilla\Firefox\Profiles\34vhjdd8.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2011.01.14 21:36:44 | 000,000,000 | ---D | M] (TradeManager-Plugin) -- C:\Dokumente und Einstellungen\Davide\Anwendungsdaten\Mozilla\Firefox\Profiles\34vhjdd8.default\extensions\{4D144BC3-23FB-47de-90C5-63CCB0139CCF}
[2011.08.27 12:51:15 | 000,000,000 | ---D | M] (DVDVideoSoftTB Community Toolbar) -- C:\Dokumente und Einstellungen\Davide\Anwendungsdaten\Mozilla\Firefox\Profiles\34vhjdd8.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}
[2010.12.30 16:45:30 | 000,000,000 | ---D | M] ("DVDVideoSoft Menu") -- C:\Dokumente und Einstellungen\Davide\Anwendungsdaten\Mozilla\Firefox\Profiles\34vhjdd8.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
[2011.09.27 19:37:47 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\Davide\Anwendungsdaten\Mozilla\Firefox\Profiles\34vhjdd8.default\extensions\staged
[2011.08.31 18:15:44 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
[2010.10.15 21:54:28 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
[2011.08.31 18:15:43 | 000,000,000 | ---D | M] (Widgi Toolbar Platform) -- C:\PROGRAMME\GEMEINSAME DATEIEN\SPIGOT\WTXPCOM
[2008.12.13 11:59:38 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAMME\JAVA\JRE6\LIB\DEPLOY\JQS\FF
[2011.08.31 18:15:44 | 000,000,000 | ---D | M] (pdfforge Toolbar) -- C:\PROGRAMME\PDFFORGE TOOLBAR\FF
[2011.09.07 18:55:47 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Programme\mozilla firefox\components\browsercomps.dll
[2010.09.15 05:50:38 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Programme\mozilla firefox\plugins\npdeployJava1.dll
[2011.06.21 21:35:15 | 000,001,392 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\amazondotcom-de.xml
[2011.06.21 21:35:15 | 000,002,252 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\bing.xml
[2011.06.21 21:35:15 | 000,001,153 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\eBay-de.xml
[2011.06.21 21:35:15 | 000,006,805 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\leo_ende_de.xml
[2011.06.21 21:35:14 | 000,001,178 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\wikipedia-de.xml
[2011.06.21 21:35:14 | 000,001,105 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\yahoo-de.xml
O1 HOSTS File: ([2010.12.30 21:33:46 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - No CLSID value found.
O2 - BHO: (DVDVideoSoftTB Toolbar) - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Programme\DVDVideoSoftTB\tbDVDV.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (DVDVideoSoftTB Toolbar) - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Programme\DVDVideoSoftTB\tbDVDV.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {855F3B16-6D32-4FE6-8A56-BBB695989046} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - No CLSID value found.
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [Adobe ARM] C:\Programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [avgnt] C:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [AzMixerSel] C:\Programme\Realtek\InstallShield\AzMixerSel.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [EPM-DM] c:\Acer\ePM\epm-dm.exe (Acer Inc)
O4 - HKLM..\Run: [ePowerManagement] C:\Acer\ePM\ePM.exe (Acer Value Labs, Taiwan)
O4 - HKLM..\Run: [EPSON Stylus DX3800 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIACE.EXE (SEIKO EPSON CORPORATION)
O4 - HKLM..\Run: [eRecoveryService] C:\Programme\Acer\eRecovery\Monitor.exe (acer Inc.)
O4 - HKLM..\Run: [High Definition Audio Property Page Shortcut] C:\WINDOWS\System32\HdAShCut.exe (Windows (R) Server 2003 DDK provider)
O4 - HKLM..\Run: [IMJPMIG8.1] C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE (Microsoft Corporation)
O4 - HKLM..\Run: [LaunchApp] C:\WINDOWS\Alaunch.exe (Acer Inc.)
O4 - HKLM..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE (Logitech Inc.)
O4 - HKLM..\Run: [MSPY2002] C:\WINDOWS\System32\IME\PINTLGNT\ImScInst.exe ()
O4 - HKLM..\Run: [PCMService] C:\Programme\Acer\Acer Arcade\PCMService.exe (CyberLink Corp.)
O4 - HKLM..\Run: [PHIME2002A] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE (Microsoft Corporation)
O4 - HKLM..\Run: [PHIME2002ASync] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE (Microsoft Corporation)
O4 - HKLM..\Run: [SearchSettings] C:\Programme\Gemeinsame Dateien\Spigot\Search Settings\SearchSettings.exe (Spigot, Inc.)
O4 - HKLM..\Run: [SynTPLpr] C:\Programme\Synaptics\SynTP\SynTPLpr.exe (Synaptics, Inc.)
O4 - HKCU..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] C:\Programme\Gemeinsame Dateien\Ahead\lib\NMBgMonitor.exe (Nero AG)
O4 - HKCU..\Run: [SUPERAntiSpyware] C:\Programme\SUPERAntiSpyware\SUPERANTISPYWARE.EXE (SUPERAntiSpyware.com)
O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\WISO Mein Steuer-Sparbuch heute.lnk = C:\Programme\WISO\Steuersoftware 2011\mshaktuell.exe ()
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Dokumente und Einstellungen\Davide\Anwendungsdaten\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O9 - Extra Button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Programme\ICQLite\ICQLite.exe (ICQ Ltd.)
O9 - Extra 'Tools' menuitem : ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Programme\ICQLite\ICQLite.exe (ICQ Ltd.)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} hxxp://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1210758766421 (MUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{B609F86B-10E2-4A5B-942F-9E2400C49712}: DhcpNameServer = 192.168.2.1
O18 - Protocol\Handler\cdo {CD00020A-8B95-11D1-82DB-00C04FB1625D} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Web Folders\PKMCDO.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Web Components\10\OWC10.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Web Components\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Gemeinsame Dateien\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) -C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\!SASWinLogon: DllName - (C:\Programme\SUPERAntiSpyware\SASWINLO.DLL) - C:\Programme\SUPERAntiSpyware\SASWINLO.DLL (SUPERAntiSpyware.com)
O24 - Desktop Components:0 (Die derzeitige Homepage) - About:Home
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Programme\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2005.08.24 07:54:32 | 000,000,050 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (lsdelete)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
ActiveX: {03F998B2-0E00-11D3-A498-00104B6EB52E} - Viewpoint Media Player
ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX: {10072CEC-8CC1-11D1-986E-00A0C955B42F} - Vektorgrafik-Rendering (VML)
ActiveX: {1B00725B-C455-4DE6-BFB6-AD540AD427CD} - Viewpoint Media Player
ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - NetShow
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 6.4
ActiveX: {233C1507-6A77-46A4-9443-F871F945D258} - Adobe Shockwave Director 10.4
ActiveX: {283807B5-2C60-11D0-A31D-00AA00B92C03} - DirectAnimation
ActiveX: {2A202491-F00D-11cf-87CC-0020AFEECF20} - Adobe Shockwave Director 10.4
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {36f8ec70-c29a-11d1-b5c7-0000f8051515} - Dynamic HTML-Datenbindung für Java
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {3bf42070-b3b1-11d1-b5c5-0000f8051515} - Uniscribe
ActiveX: {4278c270-a269-11d1-b5bf-0000f8051515} - Erweitertes Authoring
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install
ActiveX: {44BBA842-CC51-11CF-AAFA-00AA00B6015B} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT
ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - DirectShow
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f216970-c90c-11d1-b5c7-0000f8051515} - DirectAnimation Java Classes
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.7
ActiveX: {5945c046-1e7d-11d1-bc44-00c04fd912be} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser
ActiveX: {5A8D6EE0-3E18-11D0-821E-444553540000} - ICW
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {73FA19D0-2D75-11D2-995D-00C04F98BBC9} - Webordner
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\WINDOWS\system32\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\WINDOWS\system32\Rundll32.exe C:\WINDOWS\system32\mscories.dll,Install
ActiveX: {8b15971b-5355-4c82-8c07-7e181ea07608} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\fxsocm.inf,Fax.Install.PerUser
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {94de52c8-2d59-4f1b-883e-79663d2d9a8c} - Fax Provider
ActiveX: {98854BA6-325E-4D6C-F7A3-F1CD88C3DB15} - Viewpoint Media Player
ActiveX: {C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F} - .NET Framework
ActiveX: {C314CE45-3392-3B73-B4E1-139CD41CA933} - .NET Framework
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {CC2A9BA0-3BDD-11D0-821E-444553540000} - Taskplaner
ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1
ActiveX: {D27CDB6E-AE6D-11cf-96B8-444553540000} - Shockwave Flash
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - Yahoo! Toolbar
ActiveX: <{12d0ed0d-0ee0-4f90-8827-78cefb8f4988} - C:\WINDOWS\system32\ieudinit.exe
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\WINDOWS\inf\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - %systemroot%\system32\shmgrate.exe OCInstallUserConfigIE
ActiveX: >{881dd1c5-3dcf-431b-b061-f3f88e8be88a} - %systemroot%\system32\shmgrate.exe OCInstallUserConfigOE
ActiveX: >{B21AAF69-92EC-4995-A522-25789E9E66A9} - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP
NetSvcs: 6to4 - File not found
NetSvcs: AppMgmt - File not found
NetSvcs: HidServ - File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found
MsConfig - StartUpFolder: C:^Dokumente und Einstellungen^All Users^Startmenü^Programme^Autostart^Adobe Acrobat - Schnellstart.lnk - - File not found
MsConfig - StartUpFolder: C:^Dokumente und Einstellungen^All Users^Startmenü^Programme^Autostart^Adobe Gamma Loader.lnk - C:\Programme\Gemeinsame Dateien\Adobe\Calibration\Adobe Gamma Loader.exe - (Adobe Systems, Inc.)
MsConfig - StartUpReg: Acrobat Assistant 7.0 - hkey= - key= - File not found
MsConfig - StartUpReg: Adobe ARM - hkey= - key= - C:\Programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
MsConfig - StartUpReg: Adobe Reader Speed Launcher - hkey= - key= - C:\Programme\Adobe\Reader 9.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
MsConfig - StartUpReg: AppleSyncNotifier - hkey= - key= - C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe (Apple Inc.)
MsConfig - StartUpReg: MSMSGS - hkey= - key= - C:\Programme\Messenger\msmsgs.exe (Microsoft Corporation)
MsConfig - StartUpReg: NeroFilterCheck - hkey= - key= - File not found
MsConfig - StartUpReg: SunJavaUpdateSched - hkey= - key= - C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)
MsConfig - StartUpReg: TomTomHOME.exe - hkey= - key= - C:\Programme\TomTom HOME\TomTomHOME.exe (TomTom)
MsConfig - State: "system.ini" - 0
MsConfig - State: "win.ini" - 0
MsConfig - State: "bootini" - 0
MsConfig - State: "services" - 0
MsConfig - State: "startup" - 0
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
========== Files/Folders - Created Within 30 Days ==========
[2011.09.27 19:51:29 | 000,582,656 | ---- | C] (OldTimer Tools) -- C:\Dokumente und Einstellungen\Davide\Desktop\OTL.exe
[2011.09.21 20:40:08 | 000,000,000 | RH-D | C] -- C:\Dokumente und Einstellungen\Davide\Recent
[2011.09.16 18:11:51 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2011.09.03 12:17:13 | 000,604,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\crypt32.dll
[2011.08.31 18:15:50 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Davide\Anwendungsdaten\Search Settings
[2011.08.31 18:15:43 | 000,000,000 | ---D | C] -- C:\Programme\Application Updater
[2011.08.31 18:15:42 | 000,000,000 | ---D | C] -- C:\Programme\Gemeinsame Dateien\Spigot
[2011.08.31 18:15:42 | 000,000,000 | ---D | C] -- C:\Programme\pdfforge Toolbar
[50 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[45 C:\WINDOWS\System32\dllcache\*.tmp files -> C:\WINDOWS\System32\dllcache\*.tmp -> ]
[2 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2011.09.27 20:04:42 | 000,000,116 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2011.09.27 19:51:39 | 000,582,656 | ---- | M] (OldTimer Tools) -- C:\Dokumente und Einstellungen\Davide\Desktop\OTL.exe
[2011.09.27 19:38:22 | 000,000,000 | ---- | M] () -- C:\Dokumente und Einstellungen\Davide\defogger_reenable
[2011.09.27 19:37:29 | 000,050,477 | ---- | M] () -- C:\Dokumente und Einstellungen\Davide\Desktop\Defogger.exe
[2011.09.27 19:16:10 | 000,000,000 | ---- | M] () -- C:\WINDOWS\System32\eRLog.ini
[2011.09.27 19:12:04 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011.09.27 19:11:47 | 1063,374,848 | -HS- | M] () -- C:\hiberfil.sys
[2011.09.27 19:06:10 | 000,033,792 | ---- | M] () -- C:\Dokumente und Einstellungen\Davide\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011.09.27 18:47:24 | 000,404,640 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl
[2011.09.27 18:30:03 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011.09.21 20:36:13 | 000,000,658 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\CCleaner.lnk
[2011.09.16 21:27:02 | 000,000,760 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2011.09.16 19:26:35 | 000,437,178 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2011.09.16 19:26:35 | 000,069,404 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2011.09.16 19:26:34 | 000,454,224 | ---- | M] () -- C:\WINDOWS\System32\perfh007.dat
[2011.09.16 19:26:34 | 000,082,620 | ---- | M] () -- C:\WINDOWS\System32\perfc007.dat
[2011.09.16 17:34:43 | 000,001,713 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Adobe Reader 9.lnk
[2011.09.09 11:11:59 | 000,604,160 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\crypt32.dll
[2011.08.31 17:00:50 | 000,022,216 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[50 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[45 C:\WINDOWS\System32\dllcache\*.tmp files -> C:\WINDOWS\System32\dllcache\*.tmp -> ]
[2 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
========== Files Created - No Company Name ==========
[2011.09.27 19:38:22 | 000,000,000 | ---- | C] () -- C:\Dokumente und Einstellungen\Davide\defogger_reenable
[2011.09.27 19:37:28 | 000,050,477 | ---- | C] () -- C:\Dokumente und Einstellungen\Davide\Desktop\Defogger.exe
[2011.04.16 00:51:40 | 000,116,224 | ---- | C] () -- C:\WINDOWS\System32\pdfcmnnt.dll
[2011.02.27 23:49:02 | 000,000,056 | -H-- | C] () -- C:\WINDOWS\System32\ezsidmv.dat
[2011.02.01 12:38:38 | 000,000,620 | ---- | C] () -- C:\WINDOWS\wiso.ini
[2010.12.30 19:13:43 | 000,001,618 | ---- | C] () -- C:\WINDOWS\CDPlayer.ini
[2010.12.30 18:37:59 | 000,256,512 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2010.12.30 18:37:59 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2010.12.30 18:37:59 | 000,089,088 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2010.12.30 18:37:59 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2010.12.30 18:37:59 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2010.08.17 22:40:10 | 000,000,002 | ---- | C] () -- C:\WINDOWS\msoffice.ini
[2010.01.22 20:17:36 | 000,022,075 | ---- | C] () -- C:\Dokumente und Einstellungen\Davide\Anwendungsdaten\Kommagetrennte Werte (Windows).ADR
[2009.11.27 22:39:31 | 000,015,880 | ---- | C] () -- C:\WINDOWS\System32\lsdelete.exe
[2008.07.29 19:23:02 | 000,000,077 | ---- | C] () -- C:\WINDOWS\huffyuv.ini
[2008.05.23 08:22:18 | 003,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll
[2008.05.23 08:18:54 | 000,012,288 | ---- | C] () -- C:\WINDOWS\System32\DivXWMPExtType.dll
[2008.03.28 18:12:11 | 000,404,480 | ---- | C] () -- C:\WINDOWS\System32\libmplayer.dll
[2008.03.28 18:12:11 | 000,200,704 | ---- | C] () -- C:\WINDOWS\System32\TomsMoComp_ff.dll
[2008.03.28 18:12:11 | 000,114,688 | ---- | C] () -- C:\WINDOWS\System32\libmpeg2_ff.dll
[2008.03.28 18:12:10 | 003,049,984 | ---- | C] () -- C:\WINDOWS\System32\libavcodec.dll
[2008.03.12 14:16:37 | 000,000,032 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\ezsid.dat
[2007.10.21 23:46:23 | 000,021,431 | ---- | C] () -- C:\Dokumente und Einstellungen\Davide\Anwendungsdaten\mdb.bin
[2007.03.01 16:02:01 | 000,092,240 | ---- | C] () -- C:\WINDOWS\System32\EPPICPrinterDB.dat
[2007.03.01 16:02:01 | 000,026,154 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern1.dat
[2007.03.01 16:02:01 | 000,024,903 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern3.dat
[2007.03.01 16:02:01 | 000,021,390 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern5.dat
[2007.03.01 16:02:01 | 000,020,148 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern2.dat
[2007.03.01 16:02:01 | 000,011,811 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern4.dat
[2007.03.01 16:02:01 | 000,004,943 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern6.dat
[2007.03.01 16:02:01 | 000,001,146 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_DU.dat
[2007.03.01 16:02:01 | 000,001,139 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_PT.dat
[2007.03.01 16:02:01 | 000,001,139 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_BP.dat
[2007.03.01 16:02:01 | 000,001,136 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_ES.dat
[2007.03.01 16:02:01 | 000,001,129 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_FR.dat
[2007.03.01 16:02:01 | 000,001,129 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_CF.dat
[2007.03.01 16:02:01 | 000,001,120 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_IT.dat
[2007.03.01 16:02:01 | 000,001,107 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_GE.dat
[2007.03.01 16:02:01 | 000,001,104 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_EN.dat
[2007.03.01 16:02:01 | 000,000,099 | ---- | C] () -- C:\WINDOWS\System32\PICSDK.ini
[2007.03.01 15:43:50 | 000,000,027 | ---- | C] () -- C:\WINDOWS\CDE DX3800G.ini
[2006.08.30 15:01:19 | 000,008,802 | R--- | C] () -- C:\WINDOWS\AmvTransform.ini
[2006.08.30 15:01:19 | 000,007,763 | R--- | C] () -- C:\WINDOWS\AmvPlayer.ini
[2006.08.30 14:59:01 | 000,005,870 | R--- | C] () -- C:\WINDOWS\GenAmvTool.INI
[2006.08.30 14:59:00 | 000,007,207 | R--- | C] () -- C:\WINDOWS\Disktool.INI
[2006.08.30 14:59:00 | 000,006,565 | R--- | C] () -- C:\WINDOWS\fwupgrade.ini
[2006.08.30 14:59:00 | 000,003,677 | R--- | C] () -- C:\WINDOWS\SoundCon.INI
[2006.07.12 16:07:17 | 000,118,784 | R--- | C] () -- C:\WINDOWS\bwUnin-7.2.0.157-8876480SL.exe
[2006.03.05 18:56:38 | 000,107,134 | ---- | C] () -- C:\WINDOWS\UninstallFirefox.exe
[2006.03.05 18:56:31 | 000,003,287 | ---- | C] () -- C:\WINDOWS\mozver.dat
[2006.02.28 11:02:09 | 000,167,936 | ---- | C] () -- C:\WINDOWS\System32\SpoonUninstall.exe
[2006.02.28 11:02:09 | 000,017,867 | ---- | C] () -- C:\WINDOWS\System32\SpoonUninstall-dBpowerAMP Music Converter.dat
[2006.02.25 18:32:37 | 000,004,212 | -H-- | C] () -- C:\WINDOWS\System32\zllictbl.dat
[2006.02.24 11:50:43 | 000,000,305 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\addr_file.html
[2006.02.23 03:25:28 | 000,005,993 | R--- | C] () -- C:\WINDOWS\System32\lvcoinst.ini
[2006.02.23 03:14:13 | 000,053,248 | R--- | C] () -- C:\WINDOWS\System32\InstMed.exe
[2006.02.23 03:11:43 | 000,081,920 | R--- | C] () -- C:\WINDOWS\bwUnin-6.1.4.68-8876480L.exe
[2006.01.30 06:05:55 | 000,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2006.01.23 23:32:58 | 000,033,792 | ---- | C] () -- C:\Dokumente und Einstellungen\Davide\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2006.01.22 00:28:24 | 000,000,400 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2006.01.21 01:59:01 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\eRLog.ini
[2006.01.21 01:57:48 | 000,000,082 | ---- | C] () -- C:\WINDOWS\ALAUNCH.INI
[2006.01.21 01:54:42 | 000,000,000 | ---- | C] () -- C:\WINDOWS\NT.INI
[2005.08.24 12:53:55 | 000,000,335 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2005.08.24 12:33:55 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2005.08.24 12:16:44 | 000,000,033 | ---- | C] () -- C:\WINDOWS\Acer.ini
[2005.08.24 12:16:43 | 000,000,222 | ---- | C] () -- C:\WINDOWS\FlashSaver.dat
[2005.08.24 07:54:54 | 000,001,024 | RH-- | C] () -- C:\WINDOWS\System32\NTIBUN4.dll
[2005.08.24 07:54:42 | 000,013,952 | ---- | C] () -- C:\WINDOWS\System32\drivers\UBHelper.sys
[2005.08.24 07:54:00 | 000,001,024 | RH-- | C] () -- C:\WINDOWS\System32\NTIMPEG2.dll
[2005.08.24 07:54:00 | 000,001,024 | RH-- | C] () -- C:\WINDOWS\System32\NTIMP3.dll
[2005.08.24 07:54:00 | 000,001,024 | RH-- | C] () -- C:\WINDOWS\System32\NTIFCD3.dll
[2005.08.24 07:54:00 | 000,001,024 | RH-- | C] () -- C:\WINDOWS\System32\NTICDMK7.dll
[2005.08.24 07:48:15 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\ChCfg.exe
[2005.08.24 07:42:15 | 000,114,688 | ---- | C] () -- C:\WINDOWS\PowerOption.exe
[2005.08.24 07:42:15 | 000,000,750 | ---- | C] () -- C:\WINDOWS\PowerOption.ini
[2005.08.24 07:41:50 | 000,032,768 | ---- | C] () -- C:\WINDOWS\AMove.exe
[2005.08.24 07:40:47 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2005.08.24 07:35:49 | 000,021,740 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2005.08.24 07:34:41 | 000,003,776 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini
[2005.08.24 07:30:38 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2005.08.24 07:29:50 | 000,297,256 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2005.08.24 07:24:43 | 000,454,224 | ---- | C] () -- C:\WINDOWS\System32\perfh007.dat
[2005.08.24 07:24:43 | 000,269,480 | ---- | C] () -- C:\WINDOWS\System32\perfi007.dat
[2005.08.24 07:24:43 | 000,082,620 | ---- | C] () -- C:\WINDOWS\System32\perfc007.dat
[2005.08.24 07:24:43 | 000,034,478 | ---- | C] () -- C:\WINDOWS\System32\perfd007.dat
[2005.08.24 07:24:26 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2005.08.24 07:24:23 | 000,437,178 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2005.08.24 07:24:23 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2005.08.24 07:24:23 | 000,069,404 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2005.08.24 07:24:23 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2005.08.24 07:24:20 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2005.08.24 07:24:20 | 000,004,524 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2005.08.24 07:24:17 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2005.08.24 07:24:13 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2005.08.24 07:24:12 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2005.08.24 07:24:04 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2005.08.24 07:23:51 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\Dcache.bin
[2005.08.09 21:34:56 | 000,002,772 | ---- | C] () -- C:\WINDOWS\ANTIV.INI
[2004.08.25 21:48:00 | 000,589,824 | ---- | C] () -- C:\WINDOWS\ANTIV.EXE
[2003.02.20 18:53:42 | 000,005,702 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI
[2002.04.01 19:45:50 | 000,047,616 | ---- | C] () -- C:\WINDOWS\System32\ODBCMON.DLL
[2001.12.26 17:12:30 | 000,065,536 | R--- | C] () -- C:\WINDOWS\System32\multiplex_vcd.dll
[2001.09.04 00:46:38 | 000,110,592 | R--- | C] () -- C:\WINDOWS\System32\Hmpg12.dll
[2001.07.30 17:33:56 | 000,118,784 | R--- | C] () -- C:\WINDOWS\System32\HMPV2_ENC.dll
[2001.07.23 23:04:36 | 000,118,784 | R--- | C] () -- C:\WINDOWS\System32\HMPV2_ENC_MMX.dll
[2001.06.29 03:21:22 | 000,126,976 | ---- | C] () -- C:\WINDOWS\MKICON.EXE
[1999.01.27 14:39:06 | 000,065,024 | ---- | C] () -- C:\WINDOWS\System32\indounin.dll
[1997.06.13 08:56:08 | 000,056,832 | ---- | C] () -- C:\WINDOWS\System32\Iyvu9_32.dll
========== LOP Check ==========
[2011.08.06 01:14:18 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\!SASCORE
[2011.02.01 12:36:38 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Buhl Data Service GmbH
[2007.03.03 18:38:22 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\BVRP Software
[2011.02.02 16:52:49 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\EPSON
[2010.09.29 18:37:56 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Gadu-Gadu 10
[2007.09.23 15:05:44 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\MailFrontier
[2009.02.08 21:52:32 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\NtiDvdCopy
[2007.03.01 16:08:30 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\UDL
[2010.05.25 01:49:26 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2009.09.14 20:08:26 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\{755AC846-7372-4AC8-8550-C52491DAA8BD}
[2009.08.08 19:32:52 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}
[2011.02.01 12:37:02 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Davide\Anwendungsdaten\Buhl Data Service
[2008.03.31 18:18:54 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Davide\Anwendungsdaten\cbuenger
[2010.08.17 21:58:02 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Davide\Anwendungsdaten\CheckPoint
[2007.06.01 09:37:44 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Davide\Anwendungsdaten\Design Science
[2010.12.30 16:45:28 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Davide\Anwendungsdaten\DVDVideoSoftIEHelpers
[2007.03.06 19:30:24 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Davide\Anwendungsdaten\EPSON
[2010.09.29 18:39:10 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Davide\Anwendungsdaten\Gadu-Gadu 10
[2006.02.24 20:23:26 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Davide\Anwendungsdaten\ICQ
[2006.12.06 15:30:10 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Davide\Anwendungsdaten\ICQ Toolbar
[2006.02.27 17:08:18 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Davide\Anwendungsdaten\ICQLite
[2006.03.14 05:20:20 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Davide\Anwendungsdaten\Leadertech
[2011.04.16 06:47:00 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Davide\Anwendungsdaten\pdfforge
[2011.08.31 18:15:51 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Davide\Anwendungsdaten\Search Settings
[2008.11.14 23:28:38 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Davide\Anwendungsdaten\uTorrent
========== Purity Check ==========
========== Custom Scans ==========
< %SYSTEMDRIVE%\*. >
[2006.01.21 01:51:24 | 000,000,000 | ---D | M] -- C:\Acer
[2005.07.08 11:17:26 | 000,000,000 | ---D | M] -- C:\Book
[2008.05.11 16:01:44 | 000,000,000 | RHSD | M] -- C:\cmdcons
[2010.12.30 21:28:32 | 000,000,000 | ---D | M] -- C:\cofi.exe
[2011.09.16 19:16:17 | 000,000,000 | -HSD | M] -- C:\Config.Msi
[2006.02.28 12:29:50 | 000,000,000 | ---D | M] -- C:\Converted Music
[2008.03.28 18:12:32 | 000,000,000 | ---D | M] -- C:\ConverterOutput
[2005.08.24 07:29:52 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen
[2004.08.04 06:00:00 | 000,000,000 | ---D | M] -- C:\dotnetfx
[2008.04.06 13:53:36 | 000,000,000 | ---D | M] -- C:\DVDVideoSoft
[2007.09.26 17:52:32 | 000,000,000 | ---D | M] -- C:\FFW
[2008.03.20 13:27:34 | 000,000,000 | ---D | M] -- C:\FOUND.000
[2008.04.08 15:06:32 | 000,000,000 | ---D | M] -- C:\FOUND.001
[2008.09.15 04:18:40 | 000,000,000 | ---D | M] -- C:\FOUND.002
[2008.11.18 18:49:30 | 000,000,000 | ---D | M] -- C:\FOUND.003
[2010.01.08 18:53:38 | 000,000,000 | ---D | M] -- C:\FOUND.004
[2010.03.28 23:02:54 | 000,000,000 | ---D | M] -- C:\FOUND.005
[2011.08.11 23:02:17 | 000,000,000 | ---D | M] -- C:\i386
[2005.08.24 12:54:48 | 000,000,000 | ---D | M] -- C:\My Music
[2005.08.24 12:06:32 | 000,000,000 | ---D | M] -- C:\MyWorks
[2006.02.23 03:11:34 | 000,000,000 | ---D | M] -- C:\Program Files
[2011.08.31 18:15:43 | 000,000,000 | R--D | M] -- C:\Programme
[2010.12.30 18:29:18 | 000,000,000 | ---D | M] -- C:\Qoobox
[2010.12.30 23:07:02 | 000,000,000 | -HSD | M] -- C:\Recycled
[2010.12.30 23:24:31 | 000,000,000 | -HSD | M] -- C:\RECYCLER
[2010.12.29 18:35:56 | 000,000,000 | ---D | M] -- C:\rsit
[2005.07.08 11:17:26 | 000,000,000 | ---D | M] -- C:\Sysinfo
[2010.12.30 21:02:50 | 000,000,000 | -HSD | M] -- C:\System Volume Information
[2006.02.28 01:55:48 | 000,000,000 | ---D | M] -- C:\Temp
[2006.01.22 00:59:16 | 000,000,000 | ---D | M] -- C:\UnZipper
[2007.02.21 15:51:50 | 000,000,000 | ---D | M] -- C:\USB_DR
[2007.02.21 15:38:52 | 000,000,000 | ---D | M] -- C:\USB_DRV
[2004.08.04 06:00:00 | 000,000,000 | ---D | M] -- C:\VALUEADD
[2011.09.22 20:19:42 | 000,000,000 | ---D | M] -- C:\WINDOWS
< %PROGRAMFILES%\*.exe >
Invalid Environment Variable: LOCALAPPDATA
< %systemroot%\*. /mp /s >
< %systemroot%\system32\*.manifest /3 >
[50 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]
< MD5 for: EXPLORER.EXE >
[2004.08.04 06:00:00 | 001,035,264 | ---- | M] (Microsoft Corporation) MD5=22FE1BE02EADDE1632E478E4125639E0 -- C:\WINDOWS\$NtUninstallKB938828$\explorer.exe
[2007.06.13 16:10:08 | 001,036,288 | ---- | M] (Microsoft Corporation) MD5=331ED93570BAF3CFE30340298762CD56 -- C:\WINDOWS\$hf_mig$\KB938828\SP2QFE\explorer.exe
[2008.04.14 12:22:46 | 001,036,800 | ---- | M] (Microsoft Corporation) MD5=418045A93CD87A352098AB7DABE1B53E -- C:\WINDOWS\ERDNT\cache\explorer.exe
[2008.04.14 12:22:46 | 001,036,800 | ---- | M] (Microsoft Corporation) MD5=418045A93CD87A352098AB7DABE1B53E -- C:\WINDOWS\explorer.exe
[2008.04.14 12:22:46 | 001,036,800 | ---- | M] (Microsoft Corporation) MD5=418045A93CD87A352098AB7DABE1B53E -- C:\WINDOWS\ServicePackFiles\i386\explorer.exe
[2007.06.13 16:21:46 | 001,036,288 | ---- | M] (Microsoft Corporation) MD5=64D320C0E301EEDC5A4ADBBDC5024F7F -- C:\WINDOWS\$NtServicePackUninstall$\explorer.exe
< MD5 for: REGEDIT.EXE >
[2004.08.04 06:00:00 | 000,153,600 | ---- | M] (Microsoft Corporation) MD5=8193CE5FB09E83F2699FD65BBCBE2FD2 -- C:\WINDOWS\$NtServicePackUninstall$\regedit.exe
[2008.04.14 12:22:58 | 000,153,600 | ---- | M] (Microsoft Corporation) MD5=AD9226BF3CED13636083BB9C76E9D2A2 -- C:\WINDOWS\regedit.exe
[2008.04.14 12:22:58 | 000,153,600 | ---- | M] (Microsoft Corporation) MD5=AD9226BF3CED13636083BB9C76E9D2A2 -- C:\WINDOWS\ServicePackFiles\i386\regedit.exe
< MD5 for: USERINIT.EXE >
[2008.04.14 12:23:04 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=788F95312E26389D596C0FA55834E106 -- C:\WINDOWS\ERDNT\cache\userinit.exe
[2008.04.14 12:23:04 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=788F95312E26389D596C0FA55834E106 -- C:\WINDOWS\ServicePackFiles\i386\userinit.exe
[2008.04.14 12:23:04 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=788F95312E26389D596C0FA55834E106 -- C:\WINDOWS\system32\userinit.exe
[2004.08.04 06:00:00 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=D1E53DC57143F2584B1DD53B036C0633 -- C:\WINDOWS\$NtServicePackUninstall$\userinit.exe
< MD5 for: WINLOGON.EXE >
[2004.08.04 06:00:00 | 000,507,392 | ---- | M] (Microsoft Corporation) MD5=2B6A0BAF33A9918F09442D873848FF72 -- C:\WINDOWS\$NtServicePackUninstall$\winlogon.exe
[2008.04.14 12:23:06 | 000,513,024 | ---- | M] (Microsoft Corporation) MD5=F09A527B422E25C478E38CAA0E44417A -- C:\WINDOWS\ERDNT\cache\winlogon.exe
[2008.04.14 12:23:06 | 000,513,024 | ---- | M] (Microsoft Corporation) MD5=F09A527B422E25C478E38CAA0E44417A -- C:\WINDOWS\ServicePackFiles\i386\winlogon.exe
[2008.04.14 12:23:06 | 000,513,024 | ---- | M] (Microsoft Corporation) MD5=F09A527B422E25C478E38CAA0E44417A -- C:\WINDOWS\system32\winlogon.exe
< HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU >
< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs >
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install\\LastSuccessTime: 2011-09-16 16:12:46
< End of report >
--- --- ---
2.Log Datei
OTL Logfile: Code:
OTL Extras logfile created on: 27.09.2011 20:49:24 - Run 3
OTL by OldTimer - Version 3.2.29.1 Folder = C:\Dokumente und Einstellungen\Davide\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.11)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
1014,05 Mb Total Physical Memory | 615,20 Mb Available Physical Memory | 60,67% Memory free
2,38 Gb Paging File | 1,89 Gb Available in Paging File | 79,30% Paging File free
Paging file location(s): C:\pagefile.sys 1524 3048 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 44,87 Gb Total Space | 3,76 Gb Free Space | 8,38% Space Free | Partition Type: NTFS
Drive D: | 45,34 Gb Total Space | 13,89 Gb Free Space | 30,64% Space Free | Partition Type: FAT32
Computer Name: DAVID | User Name: Davide | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.html [@ = Reg Error: Value error.] -- Reg Error: Key error. File not found
.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Programme\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
https [open] -- "C:\Programme\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)
InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Programme\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Programme\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
"DoNotAllowExceptions" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\Programme\Gemeinsame Dateien\aol\ACS\AOLacsd.exe" = C:\Programme\Gemeinsame Dateien\aol\ACS\AOLacsd.exe:*:Enabled:AOL
"C:\Programme\Gemeinsame Dateien\aol\ACS\AOLDial.exe" = C:\Programme\Gemeinsame Dateien\aol\ACS\AOLDial.exe:*:Enabled:AOL
"C:\Programme\AOL 9.0\waol.exe" = C:\Programme\AOL 9.0\waol.exe:*:Enabled:AOL 9.0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Programme\Acer\Acer Arcade\PCMService.exe" = C:\Programme\Acer\Acer Arcade\PCMService.exe:*:Enabled:CyberLink PowerCinema Resident Program -- (CyberLink Corp.)
"C:\WINDOWS\System32\dpvsetup.exe" = C:\WINDOWS\System32\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test -- (Microsoft Corporation)
"C:\Programme\ICQLite\ICQLite.exe" = C:\Programme\ICQLite\ICQLite.exe:*:Enabled:ICQ Lite -- (ICQ Ltd.)
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{02F0B8AE-7501-4333-AFBE-6BAABFEC7637}" = WISO Steuer 2011
"{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu
"{1577A05B-EE62-4BBC-9DB7-FE748FA44EC2}" = NTI CD & DVD-Maker
"{18D10072035C4515918F7E37EAFAACFC}" = AutoUpdate
"{1E04F83B-2AB9-4301-9EF7-E86307F79C72}" = Google Earth
"{1E5E2F9A-17D3-45CA-8FF0-B0C2927D4B03}" = MobileMe Control Panel
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{23FB368F-1399-4EAC-817C-4B83ECBE3D83}" = mProSafe
"{2637C347-9DAD-11D6-9EA2-00055D0CA761}" = Acer Arcade
"{26A24AE4-039D-4CA4-87B4-2F83216011FF}" = Java(TM) 6 Update 22
"{279DB581-239C-4E13-97F8-0F48E40BE75C}" = Windows Live Messenger
"{350C97B3-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{385979FE-DC4F-4140-8EAD-A59625000D72}" = NTI Backup NOW! 4
"{43DDC07F-2867-4407-B4FF-28EB7BA6A846}" = Steganos Live Encryption Engine 14
"{46B70DEB-97B3-4E38-B746-EC16905E6A8F}" = WISO Steuer 2010
"{4781569D-5404-1F26-4B2B-6DF444441031}" = Nero 7 Ultra Edition
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4BDFD2CE-6329-42E4-9801-9B3D1F10D79B}" = Adobe® Photoshop® Album Starter Edition 3.0
"{58E5844B-7CE2-413D-83D1-99294BF6C74F}" = Acer ePowerManagement
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6DE14BE4-6F04-4935-8ABD-A0A19FE2E55A}" = mCore
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7B63B2922B174135AFC0E1377DD81EC2}" = DivX Codec
"{827289F5-B44F-4E49-9993-840741585A62}" = Acer eManager for Notebook
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{8A708DD8-A5E6-11D4-A706-000629E95E20}" = Intel(R) Graphics Media Accelerator Driver for Mobile
"{8ADFC4160D694100B5B8A22DE9DCABD9}" = DivX Player
"{8B928BA1-EDEC-4227-A2DA-DD83026C36F5}" = mPfMgr
"{90110407-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{903B0407-6000-11D3-8CFE-0050048383C9}" = Microsoft Project Professional 2002
"{90AB0407-6000-11D3-8CFE-0150048383C9}" = Microsoft Office PowerPoint 2003 Template Pack 1
"{90AC0407-6000-11D3-8CFE-0150048383C9}" = Microsoft Office PowerPoint 2003 Template Pack 2
"{90AD0407-6000-11D3-8CFE-0150048383C9}" = Microsoft Office PowerPoint 2003 Template Pack 3
"{94FB906A-CF42-4128-A509-D353026A607E}" = REALTEK Gigabit and Fast Ethernet NIC Driver
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{AC76BA86-7AD7-1031-7B44-A94000000001}" = Adobe Reader 9.4.6 - Deutsch
"{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter
"{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Web Player
"{B7A0CE06-068E-11D6-97FD-0050BACBF861}" = PowerProducer
"{B90450DF-E781-46FD-B1F1-0C86DA40E443}" = PIF DESIGNER
"{C06554A1-2C1E-4D20-B613-EE62C79927CC}" = Acer eNetManagement
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C2C284D2-6BD7-3B34-B0C5-B2CAED168DF7}" = Microsoft .NET Framework 3.0 Service Pack 2 Language Pack - DEU
"{C314CE45-3392-3B73-B4E1-139CD41CA933}" = Microsoft .NET Framework 2.0 Service Pack 2 Language Pack - DEU
"{C43048A9-742C-4DAD-90D2-E3B53C9DB825}" = Logitech QuickCam-Software
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CE325D55-FCAF-4273-BB79-069BB8747270}" = TomTom HOME
"{E6098043-1183-4580-89EF-423CBF807188}" = pdfforge Toolbar v4.6
"{E633D396-5188-4E9D-8F6B-BFB8BF3467E8}" = Skype™ 5.1
"{F0BFC7EF-9CF8-44EE-91B0-158884CD87C5}" = mMHouse
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}" = Visual C++ 2008 x86 Runtime - (v9.0.30729)
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01" = Visual C++ 2008 x86 Runtime - v9.0.30729.01
"{F3D7915D-6B42-49FA-9FC8-5020479A6A57}" = Nero Reloaded PlugIn Pack 2.0.4 by GEAR
"{FCA651F3-5BDA-4DDA-9E4A-5D87D6914CC4}" = mWlsSafe
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Photoshop 7.0" = Adobe Photoshop 7.0
"Adobe Shockwave Player" = Adobe Shockwave Player
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"CCleaner" = CCleaner
"CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2BFA&SUBSYS_1025008F" = HDAUDIO Soft Voice Modem with SmartCP
"dBpowerAMP Music Converter" = dBpowerAMP Music Converter
"DVD Decrypter" = DVD Decrypter (Remove Only)
"DVD Shrink_is1" = DVD Shrink 3.2
"DVDVideoSoftTB Toolbar" = DVDVideoSoftTB Toolbar
"EPSON Printer and Utilities" = EPSON-Drucker-Software
"Free Audio CD Burner_is1" = Free Audio CD Burner version 1.4.7
"Free Audio CD to MP3 Converter_is1" = Free Audio CD to MP3 Converter version 1.3
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.9.34.305
"Gadu-Gadu 10" = Gadu-Gadu 10
"ICQLite" = ICQ 5.1
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie7" = Windows Internet Explorer 7
"InstallShield_{1577A05B-EE62-4BBC-9DB7-FE748FA44EC2}" = NTI CD & DVD-Maker
"InstallShield_{385979FE-DC4F-4140-8EAD-A59625000D72}" = NTI Backup NOW! 4
"InstallShield_{827289F5-B44F-4E49-9993-840741585A62}" = Acer eManager for Notebook
"LIDL Fotoservice_is1" = LIDL Fotoservice
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware Version 1.51.2.1300
"Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mozilla Firefox 6.0.2 (x86 de)" = Mozilla Firefox 6.0.2 (x86 de)
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"ProInst" = Intel(R) PROSet/Wireless Software
"QcDrv" = Logitech® Camera-Treiber
"ShockwaveFlash" = Adobe Flash Player 9 ActiveX
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"Uninstall_is1" = Uninstall 1.0.0.1
"VLC media player" = VLC media player 1.1.9
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinRAR archiver" = WinRAR
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"XPSEPSCLP" = XML Paper Specification Shared Components Language Pack 1.0
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 27.09.2011 13:01:31 | Computer Name = DAVID | Source = COM+ | ID = 135894
Description = Ein aufgetretener Zustand zeigt an, dass die COM+-Anwendung einen
instabilen Status hat oder nicht ordnungsgemäß funktioniert. Assertionsfehler: SUCCEEDED(hr)
Serveranwendungs-ID:
{02D4B3F1-FD88-11D1-960D-00805FC79235} Serveranwendungsinstanz-ID: {5C2D9081-6668-4BF6-84AA-A5FE2BAA19B4}
Serveranwendungsname:
System Application Da ein schwerwiegender Fehler vorliegt, wurde der Prozess beendet.
Fehlercode
= 0x8000ffff: Schwerwiegender Fehler COM+-Dienste - interne Informationen: Datei:
f:\xpsp3\com\com1x\src\comsvcs\tracker\trksvr\trksvrimpl.cpp, Zeile: 3000 Dateiversion
von 'Comsvcs.dll': ENU 2001.12.4414.702 s
Error - 27.09.2011 13:02:32 | Computer Name = DAVID | Source = COM+ | ID = 135894
Description = Ein aufgetretener Zustand zeigt an, dass die COM+-Anwendung einen
instabilen Status hat oder nicht ordnungsgemäß funktioniert. Assertionsfehler: SUCCEEDED(hr)
Serveranwendungs-ID:
{02D4B3F1-FD88-11D1-960D-00805FC79235} Serveranwendungsinstanz-ID: {BECFC279-B095-4C3D-A264-A68ACAA9C159}
Serveranwendungsname:
System Application Da ein schwerwiegender Fehler vorliegt, wurde der Prozess beendet.
Fehlercode
= 0x8000ffff: Schwerwiegender Fehler COM+-Dienste - interne Informationen: Datei:
f:\xpsp3\com\com1x\src\comsvcs\tracker\trksvr\trksvrimpl.cpp, Zeile: 3000 Dateiversion
von 'Comsvcs.dll': ENU 2001.12.4414.702 s
Error - 27.09.2011 13:03:51 | Computer Name = DAVID | Source = COM+ | ID = 135894
Description = Ein aufgetretener Zustand zeigt an, dass die COM+-Anwendung einen
instabilen Status hat oder nicht ordnungsgemäß funktioniert. Assertionsfehler: SUCCEEDED(hr)
Serveranwendungs-ID:
{02D4B3F1-FD88-11D1-960D-00805FC79235} Serveranwendungsinstanz-ID: {ADA321A5-4009-4B25-918A-C1D1F73B61C4}
Serveranwendungsname:
System Application Da ein schwerwiegender Fehler vorliegt, wurde der Prozess beendet.
Fehlercode
= 0x8000ffff: Schwerwiegender Fehler COM+-Dienste - interne Informationen: Datei:
f:\xpsp3\com\com1x\src\comsvcs\tracker\trksvr\trksvrimpl.cpp, Zeile: 3000 Dateiversion
von 'Comsvcs.dll': ENU 2001.12.4414.702 s
Error - 27.09.2011 13:04:07 | Computer Name = DAVID | Source = COM+ | ID = 135894
Description = Ein aufgetretener Zustand zeigt an, dass die COM+-Anwendung einen
instabilen Status hat oder nicht ordnungsgemäß funktioniert. Assertionsfehler: SUCCEEDED(hr)
Serveranwendungs-ID:
{02D4B3F1-FD88-11D1-960D-00805FC79235} Serveranwendungsinstanz-ID: {1AC3E509-0BEB-41AD-93CC-A593EE92B61D}
Serveranwendungsname:
System Application Da ein schwerwiegender Fehler vorliegt, wurde der Prozess beendet.
Fehlercode
= 0x8000ffff: Schwerwiegender Fehler COM+-Dienste - interne Informationen: Datei:
f:\xpsp3\com\com1x\src\comsvcs\tracker\trksvr\trksvrimpl.cpp, Zeile: 3000 Dateiversion
von 'Comsvcs.dll': ENU 2001.12.4414.702 s
Error - 27.09.2011 13:10:17 | Computer Name = DAVID | Source = COM+ | ID = 135894
Description = Ein aufgetretener Zustand zeigt an, dass die COM+-Anwendung einen
instabilen Status hat oder nicht ordnungsgemäß funktioniert. Assertionsfehler: SUCCEEDED(hr)
Serveranwendungs-ID:
{02D4B3F1-FD88-11D1-960D-00805FC79235} Serveranwendungsinstanz-ID: {6EA5BA95-E962-4A0A-977A-21746B256CDB}
Serveranwendungsname:
System Application Da ein schwerwiegender Fehler vorliegt, wurde der Prozess beendet.
Fehlercode
= 0x8000ffff: Schwerwiegender Fehler COM+-Dienste - interne Informationen: Datei:
f:\xpsp3\com\com1x\src\comsvcs\tracker\trksvr\trksvrimpl.cpp, Zeile: 3000 Dateiversion
von 'Comsvcs.dll': ENU 2001.12.4414.702 s
Error - 27.09.2011 13:10:17 | Computer Name = DAVID | Source = COM+ | ID = 135761
Description = In der Laufzeitumgebung wurde ein inkonsistenter interner Status erkannt.
Dies deutet auf eine potenzielle Instabilität des Prozesses hin. Diese Instabilität
wird durch die in der COM+-Anwendung ausgeführten benutzerdefinierten Komponenten,
die von ihnen verwendeten Komponenten oder durch andere Faktoren verursacht. Fehler
in f:\xpsp3\com\com1x\src\comsvcs\package\cpackage.cpp(1184), hr = 80080005: InitEventCollector
fail
Error - 27.09.2011 13:10:17 | Computer Name = DAVID | Source = VSS | ID = 12292
Description = Volumeschattenkopie-Dienstfehler: Beim Erstellen der Schattenkopieanbieter-COM-Klasse
mit CLSID {65ee1dba-8ff4-4a58-ac1c-3470ee2f376a} [0x80080005] ist ein Fehler aufgetreten.
Error - 27.09.2011 13:10:22 | Computer Name = DAVID | Source = COM+ | ID = 135894
Description = Ein aufgetretener Zustand zeigt an, dass die COM+-Anwendung einen
instabilen Status hat oder nicht ordnungsgemäß funktioniert. Assertionsfehler: SUCCEEDED(hr)
Serveranwendungs-ID:
{02D4B3F1-FD88-11D1-960D-00805FC79235} Serveranwendungsinstanz-ID: {A53C2499-4166-4391-A4C3-E423363AFC84}
Serveranwendungsname:
System Application Da ein schwerwiegender Fehler vorliegt, wurde der Prozess beendet.
Fehlercode
= 0x8000ffff: Schwerwiegender Fehler COM+-Dienste - interne Informationen: Datei:
f:\xpsp3\com\com1x\src\comsvcs\tracker\trksvr\trksvrimpl.cpp, Zeile: 3000 Dateiversion
von 'Comsvcs.dll': ENU 2001.12.4414.702 s
Error - 27.09.2011 13:18:26 | Computer Name = DAVID | Source = WmiAdapter | ID = 4099
Description = Dienst konnte nicht geöffnet werden.
Error - 27.09.2011 13:29:35 | Computer Name = DAVID | Source = Application Hang | ID = 1002
Description = Stillstehende Anwendung firefox.exe, Version 6.0.2.4262, Stillstandmodul
hungapp, Version 0.0.0.0, Stillstandadresse 0x00000000.
[ System Events ]
Error - 27.09.2011 13:03:52 | Computer Name = DAVID | Source = Service Control Manager | ID = 7031
Description = Der Dienst "COM+-Systemanwendung" wurde unerwartet beendet. Dies ist
bereits 2 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 5000 Millisekunden
durchgeführt: Starten Sie den Dienst neu..
Error - 27.09.2011 13:04:08 | Computer Name = DAVID | Source = Service Control Manager | ID = 7034
Description = Dienst "COM+-Systemanwendung" wurde unerwartet beendet. Dies ist bereits
3 Mal passiert.
Error - 27.09.2011 13:10:21 | Computer Name = DAVID | Source = Service Control Manager | ID = 7031
Description = Der Dienst "COM+-Systemanwendung" wurde unerwartet beendet. Dies ist
bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 1000 Millisekunden
durchgeführt: Starten Sie den Dienst neu..
Error - 27.09.2011 13:10:22 | Computer Name = DAVID | Source = Service Control Manager | ID = 7034
Description = Dienst "MS Software Shadow Copy Provider" wurde unerwartet beendet.
Dies ist bereits 2 Mal passiert.
Error - 27.09.2011 13:10:23 | Computer Name = DAVID | Source = Service Control Manager | ID = 7031
Description = Der Dienst "COM+-Systemanwendung" wurde unerwartet beendet. Dies ist
bereits 2 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 5000 Millisekunden
durchgeführt: Starten Sie den Dienst neu..
Error - 27.09.2011 13:15:12 | Computer Name = DAVID | Source = Service Control Manager | ID = 7000
Description = Der Dienst "Lavasoft Ad-Aware Service" wurde aufgrund folgenden Fehlers
nicht gestartet: %%2
Error - 27.09.2011 13:17:47 | Computer Name = DAVID | Source = Service Control Manager | ID = 7009
Description = Zeitüberschreitung (30000 ms) beim Verbindungsversuch mit Dienst IMAPI-CD-Brenn-COM-Dienste.
Error - 27.09.2011 13:17:47 | Computer Name = DAVID | Source = Service Control Manager | ID = 7000
Description = Der Dienst "IMAPI-CD-Brenn-COM-Dienste" wurde aufgrund folgenden Fehlers
nicht gestartet: %%1053
Error - 27.09.2011 13:18:26 | Computer Name = DAVID | Source = Service Control Manager | ID = 7009
Description = Zeitüberschreitung (30000 ms) beim Verbindungsversuch mit Dienst WMI-Leistungsadapter.
Error - 27.09.2011 13:18:26 | Computer Name = DAVID | Source = Service Control Manager | ID = 7000
Description = Der Dienst "WMI-Leistungsadapter" wurde aufgrund folgenden Fehlers
nicht gestartet: %%1053
< End of report >
--- --- ---
GMER
GMER Logfile: Code:
GMER 1.0.15.15641 - hxxp://www.gmer.net
Rootkit scan 2011-09-27 22:50:10
Windows 5.1.2600 Service Pack 3 Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-4 TOSHIBA_MK1031GAS rev.AA204A
Running: wm9rglxs.exe; Driver: C:\DOKUME~1\Davide\LOKALE~1\Temp\pgldapod.sys
---- System - GMER 1.0.15 ----
SSDT F7B0E376 ZwCreateKey
SSDT F7B0E36C ZwCreateThread
SSDT F7B0E37B ZwDeleteKey
SSDT F7B0E385 ZwDeleteValueKey
SSDT F7B0E38A ZwLoadKey
SSDT F7B0E358 ZwOpenProcess
SSDT F7B0E35D ZwOpenThread
SSDT F7B0E394 ZwReplaceKey
SSDT F7B0E38F ZwRestoreKey
SSDT F7B0E380 ZwSetValueKey
SSDT \??\C:\Programme\SUPERAntiSpyware\SASKUTIL.SYS (SASKUTIL.SYS/SUPERAdBlocker.com and SUPERAntiSpyware.com) ZwTerminateProcess [0xAA006640]
---- Devices - GMER 1.0.15 ----
AttachedDevice \Driver\Kbdclass \Device\KeyboardClass0 SynTP.sys (Synaptics Touchpad Driver/Synaptics, Inc.)
AttachedDevice \Driver\Kbdclass \Device\KeyboardClass1 SynTP.sys (Synaptics Touchpad Driver/Synaptics, Inc.)
AttachedDevice \FileSystem\Fastfat \Fat fltmgr.sys (Microsoft Filesystem Filter Manager/Microsoft Corporation)
---- EOF - GMER 1.0.15 ----
--- --- ---
Was kann ich als nächstes tun?
DANKE!!!
Gruß
Moni |
aswMBR.exe und speichere die Datei auf deinem Desktop.
