Schon mal vielen Dank für die prompte Antwort.
Mit anderen Problemen meinte z.B. dass er sich nicht mehr von alleine ausschalten lässt, ganz normal der Befehl Runterfahren funktioniert, kurz vor Ende kommt allerdings ein Bluescreen mit einem Fehler, dieser Bluescreen tritt auch regelmäßig während dem normalen Betrieb auf. Anderes Problem wäre z.B. dass er keine Spiele mehr abspielt, auch wenn neuinstalliert etc. Da ich den Laptop aber hauptsächlich zum studieren nehme, habe ich gelernt, mit den Problemen klar zu kommen =/.
Hier die Ergebnisse: OTL.txtOTL Logfile: Code:
OTL logfile created on: 23.12.2011 13:00:40 - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Dokumente und Einstellungen\Michael M\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.5512)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
1,75 Gb Total Physical Memory | 1,21 Gb Available Physical Memory | 69,15% Memory free
3,60 Gb Paging File | 3,19 Gb Available in Paging File | 88,78% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 149,04 Gb Total Space | 79,12 Gb Free Space | 53,09% Space Free | Partition Type: NTFS
Drive E: | 3,82 Gb Total Space | 3,35 Gb Free Space | 87,60% Space Free | Partition Type: FAT32
Computer Name: MICHAEL | User Name: Michael M | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2011.12.23 12:59:52 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Dokumente und Einstellungen\Michael M\Desktop\OTL.exe
PRC - [2011.06.28 15:46:46 | 000,269,480 | ---- | M] (Avira GmbH) -- C:\Programme\Avira\AntiVir Desktop\avguard.exe
PRC - [2011.04.27 15:37:02 | 000,136,360 | ---- | M] (Avira GmbH) -- C:\Programme\Avira\AntiVir Desktop\sched.exe
PRC - [2011.03.24 17:37:35 | 000,058,288 | ---- | M] (Absolute Software Corp.) -- C:\WINDOWS\system32\rpcnet.exe
PRC - [2010.11.21 10:49:24 | 000,247,608 | ---- | M] () -- C:\Programme\ICQ6Toolbar\ICQ Service.exe
PRC - [2010.01.27 13:48:58 | 001,122,568 | ---- | M] (Acresso Software Inc.) -- C:\Programme\CD-adapco\FLEXlm\11.7\lmgrd.exe
PRC - [2010.01.14 21:10:53 | 000,076,968 | ---- | M] (Avira GmbH) -- C:\Programme\Avira\AntiVir Desktop\avshadow.exe
PRC - [2009.09.12 00:34:12 | 001,488,128 | ---- | M] (O&O Software GmbH) -- C:\Programme\OO Software\Defrag\oodag.exe
PRC - [2008.04.14 03:22:45 | 001,036,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007.12.11 13:15:04 | 000,012,800 | R--- | M] (Agere Systems) -- C:\WINDOWS\system32\agrsmsvc.exe
========== Modules (No Company Name) ==========
MOD - [2010.11.21 10:49:24 | 000,247,608 | ---- | M] () -- C:\Programme\ICQ6Toolbar\ICQ Service.exe
MOD - [2010.03.15 11:28:22 | 000,141,824 | ---- | M] () -- C:\Programme\WinRAR\RarExt.dll
MOD - [2010.01.28 12:57:53 | 000,355,688 | ---- | M] () -- C:\Programme\Avira\AntiVir Desktop\sqlite3.dll
MOD - [2009.02.27 16:41:26 | 000,311,296 | ---- | M] () -- C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\pdfshell.DEU
MOD - [2005.01.06 17:33:30 | 000,116,224 | ---- | M] () -- C:\WINDOWS\system32\redmonnt.dll
========== Win32 Services (SafeList) ==========
SRV - File not found [Disabled | Stopped] -- -- (HidServ)
SRV - [2011.06.28 15:46:46 | 000,269,480 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Programme\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2011.04.27 15:37:02 | 000,136,360 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Programme\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2011.03.24 17:37:35 | 000,058,288 | ---- | M] (Absolute Software Corp.) [Auto | Running] -- C:\WINDOWS\system32\rpcnet.exe -- (rpcnet) Remote Procedure Call (RPC)
SRV - [2010.11.21 10:49:24 | 000,247,608 | ---- | M] () [Auto | Running] -- C:\Programme\ICQ6Toolbar\ICQ Service.exe -- (ICQ Service)
SRV - [2010.01.27 13:48:58 | 001,122,568 | ---- | M] (Acresso Software Inc.) [Auto | Running] -- C:\Programme\CD-adapco\FLEXlm\11.7\lmgrd.exe -- (Flexlm Service 1)
SRV - [2009.12.12 00:47:44 | 000,036,352 | ---- | M] () [On_Demand | Stopped] -- C:\Programme\OpenVPN\bin\openvpnserv.exe -- (OpenVPNService)
SRV - [2009.09.12 00:34:12 | 001,488,128 | ---- | M] (O&O Software GmbH) [Auto | Running] -- C:\Programme\OO Software\Defrag\oodag.exe -- (O&O Defrag)
SRV - [2008.11.04 01:06:28 | 000,441,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE12\ODSERV.EXE -- (odserv)
SRV - [2007.12.11 13:15:04 | 000,012,800 | R--- | M] (Agere Systems) [Auto | Running] -- C:\WINDOWS\system32\agrsmsvc.exe -- (AgereModemAudio)
SRV - [2006.10.26 14:03:08 | 000,145,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE -- (ose)
========== Driver Services (SafeList) ==========
DRV - [2011.06.28 15:46:46 | 000,138,192 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avipbb.sys -- (avipbb)
DRV - [2011.06.28 15:46:46 | 000,066,616 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2010.03.27 18:17:56 | 000,691,696 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd)
DRV - [2010.03.27 16:13:41 | 001,735,296 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\BCMWL5.SYS -- (BCM43XX)
DRV - [2009.12.12 00:48:04 | 000,025,984 | ---- | M] (The OpenVPN Project) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\tap0901.sys -- (tap0901)
DRV - [2009.05.11 11:49:19 | 000,011,608 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Programme\Avira\AntiVir Desktop\avgio.sys -- (avgio)
DRV - [2009.05.11 09:12:49 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2008.09.11 03:32:26 | 003,230,720 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2008.05.14 08:08:16 | 000,074,688 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\btwusb.sys -- (BTWUSB)
DRV - [2008.05.14 08:08:16 | 000,055,352 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\btwhid.sys -- (btwhid)
DRV - [2008.05.14 08:08:14 | 000,879,624 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\btkrnl.sys -- (BTKRNL)
DRV - [2008.05.14 08:08:14 | 000,539,512 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\btaudio.sys -- (btaudio)
DRV - [2008.05.14 08:08:14 | 000,156,392 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\btwdndis.sys -- (BTWDNDIS)
DRV - [2008.05.14 08:08:14 | 000,037,424 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\btport.sys -- (BTDriver)
DRV - [2008.04.28 13:22:10 | 000,009,344 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\CPQBttn.sys -- (HBtnKey)
DRV - [2008.04.07 19:13:46 | 000,025,448 | R--- | M] (Hewlett-Packard Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\hpdskflt.sys -- (hpdskflt)
DRV - [2008.04.07 19:13:42 | 000,034,664 | R--- | M] (Hewlett-Packard Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Accelerometer.sys -- (Accelerometer)
DRV - [2008.04.03 22:57:00 | 000,296,320 | R--- | M] (Marvell) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\yk51x86.sys -- (yukonwxp)
DRV - [2008.03.28 10:14:02 | 000,024,064 | ---- | M] (Sonic Focus, Inc) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\sfaudio.sys -- (SFAUDIO)
DRV - [2008.02.29 17:13:38 | 001,202,560 | R--- | M] (Agere Systems) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AGRSM.sys -- (AgereSoftModem)
DRV - [2007.06.18 15:12:04 | 000,016,768 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HpqKbFiltr.sys -- (HpqKbFiltr)
DRV - [2007.04.24 16:52:10 | 000,016,688 | ---- | M] (IBM) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\LUMDriver.sys -- (LUMDriver)
DRV - [2007.04.16 15:46:34 | 000,033,792 | ---- | M] (Advanced Micro Devices) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\AmdPPM.sys -- (AmdPPM)
DRV - [2005.11.03 15:40:07 | 000,063,488 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\sfvfs02.sys -- (sfvfs02) StarForce Protection VFS Driver (version 2.x)
DRV - [2005.09.19 12:24:20 | 000,005,760 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\EabUsb.sys -- (eabusb)
DRV - [2005.09.19 12:23:52 | 000,007,808 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\eabfiltr.sys -- (eabfiltr)
DRV - [2005.08.10 13:44:04 | 000,050,688 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\sfdrv01.sys -- (sfdrv01) StarForce Protection Environment Driver (version 1.x)
DRV - [2005.05.16 14:20:39 | 000,006,656 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\sfhlp02.sys -- (sfhlp02) StarForce Protection Helper Driver (version 2.x)
DRV - [2005.02.11 10:24:24 | 000,079,488 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\k750obex.sys -- (k750obex)
DRV - [2005.02.11 10:22:48 | 000,081,728 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\k750mgmt.sys -- (k750mgmt)
DRV - [2005.02.11 10:21:10 | 000,089,872 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\k750mdm.sys -- (k750mdm)
DRV - [2005.02.11 10:21:02 | 000,006,576 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\k750mdfl.sys -- (k750mdfl)
DRV - [2005.02.11 10:19:20 | 000,055,216 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\k750bus.sys -- (k750bus) Sony Ericsson 750 driver (WDM)
DRV - [2004.01.26 16:36:35 | 000,095,552 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\prohlp02.sys -- (prohlp02)
DRV - [2004.01.26 16:01:28 | 000,052,224 | ---- | M] (Protection Technology) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\prodrv06.sys -- (prodrv06)
DRV - [2003.12.01 16:20:52 | 000,004,832 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\sfhlp01.sys -- (sfhlp01)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://start.icq.com/
IE - HKCU\..\URLSearchHook: - No CLSID value found
IE - HKCU\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Programme\ICQ6Toolbar\ICQToolBar.dll (ICQ)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.search.defaultenginename: "ICQ Search"
FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&type=302398"
FF - prefs.js..browser.search.selectedEngine: "ICQ Search"
FF - prefs.js..browser.startup.homepage: "www.google.de"
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: {800b5000-a755-47e1-992b-48a1c1357f07}:1.1.9
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..keyword.URL: "hxxp://search.icq.com/search/afe_results.php?ch_id=afex&tb_ver=1.3.6&q="
FF - prefs.js..network.proxy.type: 0
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf: C:\Programme\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products Ltd.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Programme\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Programme\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0\extensions\\Components: C:\Programme\Mozilla Firefox\components [2011.11.10 06:34:47 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0\extensions\\Plugins: C:\Programme\Mozilla Firefox\plugins [2011.12.20 19:40:34 | 000,000,000 | ---D | M]
[2010.03.27 16:35:27 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\Michael M\Anwendungsdaten\Mozilla\Extensions
[2011.12.19 19:41:03 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\Michael M\Anwendungsdaten\Mozilla\Firefox\Profiles\8vm7xk9v.default\extensions
[2011.12.19 19:41:03 | 000,000,000 | ---D | M] ("ICQ Toolbar") -- C:\Dokumente und Einstellungen\Michael M\Anwendungsdaten\Mozilla\Firefox\Profiles\8vm7xk9v.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
[2011.12.17 10:54:47 | 000,000,950 | ---- | M] () -- C:\Dokumente und Einstellungen\Michael M\Anwendungsdaten\Mozilla\Firefox\Profiles\8vm7xk9v.default\searchplugins\icqplugin-1.xml
[2011.09.08 13:50:23 | 000,000,950 | ---- | M] () -- C:\Dokumente und Einstellungen\Michael M\Anwendungsdaten\Mozilla\Firefox\Profiles\8vm7xk9v.default\searchplugins\icqplugin-10.xml
[2011.09.30 07:27:25 | 000,000,950 | ---- | M] () -- C:\Dokumente und Einstellungen\Michael M\Anwendungsdaten\Mozilla\Firefox\Profiles\8vm7xk9v.default\searchplugins\icqplugin-11.xml
[2011.10.01 10:44:54 | 000,000,950 | ---- | M] () -- C:\Dokumente und Einstellungen\Michael M\Anwendungsdaten\Mozilla\Firefox\Profiles\8vm7xk9v.default\searchplugins\icqplugin-12.xml
[2011.10.02 09:08:58 | 000,000,950 | ---- | M] () -- C:\Dokumente und Einstellungen\Michael M\Anwendungsdaten\Mozilla\Firefox\Profiles\8vm7xk9v.default\searchplugins\icqplugin-13.xml
[2011.11.10 06:35:13 | 000,000,950 | ---- | M] () -- C:\Dokumente und Einstellungen\Michael M\Anwendungsdaten\Mozilla\Firefox\Profiles\8vm7xk9v.default\searchplugins\icqplugin-14.xml
[2011.03.25 17:41:07 | 000,000,950 | ---- | M] () -- C:\Dokumente und Einstellungen\Michael M\Anwendungsdaten\Mozilla\Firefox\Profiles\8vm7xk9v.default\searchplugins\icqplugin-2.xml
[2011.03.30 19:39:31 | 000,000,950 | ---- | M] () -- C:\Dokumente und Einstellungen\Michael M\Anwendungsdaten\Mozilla\Firefox\Profiles\8vm7xk9v.default\searchplugins\icqplugin-3.xml
[2011.05.07 09:04:45 | 000,000,950 | ---- | M] () -- C:\Dokumente und Einstellungen\Michael M\Anwendungsdaten\Mozilla\Firefox\Profiles\8vm7xk9v.default\searchplugins\icqplugin-4.xml
[2011.05.31 16:30:20 | 000,000,950 | ---- | M] () -- C:\Dokumente und Einstellungen\Michael M\Anwendungsdaten\Mozilla\Firefox\Profiles\8vm7xk9v.default\searchplugins\icqplugin-5.xml
[2011.06.24 12:32:10 | 000,000,950 | ---- | M] () -- C:\Dokumente und Einstellungen\Michael M\Anwendungsdaten\Mozilla\Firefox\Profiles\8vm7xk9v.default\searchplugins\icqplugin-6.xml
[2011.08.19 18:37:12 | 000,000,950 | ---- | M] () -- C:\Dokumente und Einstellungen\Michael M\Anwendungsdaten\Mozilla\Firefox\Profiles\8vm7xk9v.default\searchplugins\icqplugin-7.xml
[2011.08.31 19:35:16 | 000,000,950 | ---- | M] () -- C:\Dokumente und Einstellungen\Michael M\Anwendungsdaten\Mozilla\Firefox\Profiles\8vm7xk9v.default\searchplugins\icqplugin-8.xml
[2011.09.08 13:49:13 | 000,000,950 | ---- | M] () -- C:\Dokumente und Einstellungen\Michael M\Anwendungsdaten\Mozilla\Firefox\Profiles\8vm7xk9v.default\searchplugins\icqplugin-9.xml
[2011.03.30 14:14:34 | 000,001,042 | ---- | M] () -- C:\Dokumente und Einstellungen\Michael M\Anwendungsdaten\Mozilla\Firefox\Profiles\8vm7xk9v.default\searchplugins\icqplugin.xml
[2010.07.18 11:24:14 | 000,003,915 | ---- | M] () -- C:\Dokumente und Einstellungen\Michael M\Anwendungsdaten\Mozilla\Firefox\Profiles\8vm7xk9v.default\searchplugins\sweetim.xml
[2011.11.10 06:34:58 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
[2011.11.10 06:34:46 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Programme\mozilla firefox\components\browsercomps.dll
[2011.05.04 03:52:23 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Programme\mozilla firefox\plugins\npdeployJava1.dll
[2011.12.14 10:45:24 | 000,170,080 | ---- | M] (Tracker Software Products Ltd.) -- C:\Programme\mozilla firefox\plugins\npPDFXCviewNPPlugin.dll
[2011.05.07 09:04:11 | 000,001,392 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\amazondotcom-de.xml
[2011.05.07 09:04:11 | 000,002,252 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\bing.xml
[2011.05.07 09:04:11 | 000,001,153 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\eBay-de.xml
[2011.05.07 09:04:11 | 000,006,805 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\leo_ende_de.xml
[2011.05.07 09:04:11 | 000,001,178 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\wikipedia-de.xml
[2011.05.07 09:04:11 | 000,001,105 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\yahoo-de.xml
O1 HOSTS File: ([2001.08.23 11:00:00 | 000,000,820 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (ICQToolBar) - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Programme\ICQ6Toolbar\ICQToolBar.dll (ICQ)
O4 - HKLM..\Run: [Adobe ARM] C:\Programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [avgnt] C:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [BluetoothAuthenticationAgent] C:\WINDOWS\System32\bthprops.cpl (Microsoft Corporation)
O4 - HKLM..\Run: [FreePDF Assistant] C:\Programme\FreePDF_XP\fpassist.exe (shbox.de)
O4 - HKLM..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb06.exe (HP)
O4 - HKLM..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k File not found
O4 - HKLM..\Run: [KMConfig] "C:\Programme\Multimedia Mouse Driver\V5\StartAutorun.exe" KMConfig.exe File not found
O4 - HKLM..\Run: [MFNetworkScanUtility] C:\Programme\Canon\Canon MF Network Scan Utility\CNMFSUT.EXE (CANON INC.)
O4 - HKLM..\Run: [OODefragTray] C:\Programme\OO Software\Defrag\oodtray.exe (O&O Software GmbH)
O4 - HKLM..\Run: [StartCCC] c:\Programme\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)
O4 - HKCU..\Run: [ICQ] "C:\Programme\ICQ7.2\ICQ.exe" silent loginmode=4 File not found
O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\BTTray.lnk = C:\Programme\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
O4 - Startup: C:\Dokumente und Einstellungen\Michael M\Startmenü\Programme\Autostart\Microsoft Office Outlook 2007 (2).lnk = C:\WINDOWS\Installer\{90120000-0030-0000-0000-0000000FF1CE}\outicon.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutorunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutorunSetting = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableTaskMgr = 1
O8 - Extra context menu item: Senden an &Bluetooth-Gerät... - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Senden an Bluetooth - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: ICQ Pro - {6224f700-cba3-4071-b251-47cb894244cd} - C:\Programme\ICQ\Icq.exe (ICQ Inc.)
O9 - Extra 'Tools' menuitem : ICQ - {6224f700-cba3-4071-b251-47cb894244cd} - C:\Programme\ICQ\Icq.exe (ICQ Inc.)
O9 - Extra Button: ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Programme\ICQ7.5\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Programme\ICQ7.5\ICQ.exe (ICQ, LLC.)
O9 - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{543AADCF-A9FD-45AB-8B3C-8C8E138BADBC}: DhcpNameServer = 134.108.34.5 134.108.34.6
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) -C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - (Ati2evxx.dll) - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O24 - Desktop Components:0 (Die derzeitige Homepage) - About:Home
O24 - Desktop WallPaper: C:\Dokumente und Einstellungen\Michael M\Lokale Einstellungen\Anwendungsdaten\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Dokumente und Einstellungen\Michael M\Lokale Einstellungen\Anwendungsdaten\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010.03.27 15:38:23 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (OODBS)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX: {10072CEC-8CC1-11D1-986E-00A0C955B42F} - Vektorgrafik-Rendering (VML)
ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - NetShow
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 6.4
ActiveX: {283807B5-2C60-11D0-A31D-00AA00B92C03} - DirectAnimation
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {36f8ec70-c29a-11d1-b5c7-0000f8051515} - Dynamic HTML-Datenbindung für Java
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offlinebrowsingpaket
ActiveX: {3bf42070-b3b1-11d1-b5c5-0000f8051515} - Uniscribe
ActiveX: {4278c270-a269-11d1-b5bf-0000f8051515} - Erweitertes Authoring
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install
ActiveX: {44BBA842-CC51-11CF-AAFA-00AA00B6015B} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT
ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - DirectShow
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer-Hilfe
ActiveX: {4f216970-c90c-11d1-b5c7-0000f8051515} - DirectAnimation Java Classes
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5056b317-8d4c-43ee-8543-b9d1e234b8f4} - Sicherheitsupdate für Windows XP (KB923789)
ActiveX: {5945c046-1e7d-11d1-bc44-00c04fd912be} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser
ActiveX: {5A8D6EE0-3E18-11D0-821E-444553540000} - ICW
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsererweiterungen
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - Zugang zu MSN Site
ActiveX: {7131646D-CD3C-40F4-97B9-CD9E4E6262EF} - .NET Framework
ActiveX: {73fa19d0-2d75-11d2-995d-00c04f98bbc9} - Web Folders
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install
ActiveX: {8937FCB2-2FC6-4FC3-9FB5-DE2C92DB9C38} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - %SystemRoot%\system32\ie4uinit.exe
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - c:\WINDOWS\system32\Rundll32.exe c:\WINDOWS\system32\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML-Datenbindung
ActiveX: {C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F} - .NET Framework
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer-Hauptschriftarten
ActiveX: {CC2A9BA0-3BDD-11D0-821E-444553540000} - Taskplaner
ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1
ActiveX: {D27CDB6E-AE6D-11cf-96B8-444553540000} - Adobe Flash Player
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML-Hilfe
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\WINDOWS\inf\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - %systemroot%\system32\shmgrate.exe OCInstallUserConfigIE
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP
ActiveX: >{881dd1c5-3dcf-431b-b061-f3f88e8be88a} - %systemroot%\system32\shmgrate.exe OCInstallUserConfigOE
NetSvcs: 6to4 - File not found
NetSvcs: HidServ - File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found
MsConfig - State: "system.ini" - 0
MsConfig - State: "win.ini" - 0
MsConfig - State: "bootini" - 0
MsConfig - State: "services" - 0
MsConfig - State: "startup" - 0
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
========== Files/Folders - Created Within 30 Days ==========
[2011.12.23 12:59:39 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Dokumente und Einstellungen\Michael M\Desktop\OTL.exe
[2011.12.22 23:00:25 | 000,000,000 | RH-D | C] -- C:\Dokumente und Einstellungen\Michael M\Recent
[2011.12.22 21:25:30 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Michael M\Desktop\Neuer Ordner
[2011.12.20 19:40:34 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\PDF-XChange
[2011.12.20 19:40:21 | 000,000,000 | ---D | C] -- C:\Programme\Tracker Software
[2011.11.30 20:55:18 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Michael M\Eigene Dateien\MATLAB
[2011.11.30 20:54:25 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Michael M\Anwendungsdaten\MathWorks
[2011.11.30 20:41:33 | 000,000,000 | ---D | C] -- C:\Programme\MATLAB11
[2011.11.26 22:40:34 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\LocalService\Anwendungsdaten\Adobe
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2011.12.23 12:59:52 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Dokumente und Einstellungen\Michael M\Desktop\OTL.exe
[2011.12.23 08:58:51 | 000,017,408 | ---- | M] () -- C:\WINDOWS\System32\rpcnetp.exe
[2011.12.23 08:58:48 | 000,058,288 | ---- | M] (Absolute Software Corp.) -- C:\WINDOWS\System32\rpcnet.dll
[2011.12.23 08:58:46 | 000,002,619 | ---- | M] () -- C:\Dokumente und Einstellungen\Michael M\Startmenü\Programme\Autostart\Microsoft Office Outlook 2007 (2).lnk
[2011.12.23 08:58:39 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011.12.23 08:58:29 | 001,679,216 | ---- | M] () -- C:\WINDOWS\System32\oodbs.lor
[2011.12.23 08:56:14 | 000,000,780 | ---- | M] () -- C:\Dokumente und Einstellungen\Michael M\Startmenü\Programme\Autostart\0.3075702072012224.exe.lnk
[2011.12.23 08:56:05 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2011.12.04 10:00:28 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011.11.29 21:33:44 | 000,000,157 | ---- | M] () -- C:\WINDOWS\matlab.ini
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
========== Files Created - No Company Name ==========
[2011.12.23 08:56:14 | 000,000,780 | ---- | C] () -- C:\Dokumente und Einstellungen\Michael M\Startmenü\Programme\Autostart\0.3075702072012224.exe.lnk
[2011.10.02 15:01:33 | 000,000,552 | ---- | C] () -- C:\WINDOWS\System32\d3d8caps.dat
[2011.10.02 10:49:28 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2011.05.19 18:09:46 | 000,000,157 | ---- | C] () -- C:\WINDOWS\matlab.ini
[2010.09.28 18:05:43 | 000,116,224 | ---- | C] () -- C:\WINDOWS\System32\redmonnt.dll
[2010.09.28 18:05:43 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\unredmon.exe
[2010.09.21 13:16:11 | 000,000,043 | ---- | C] () -- C:\WINDOWS\gswin32.ini
[2010.09.17 10:03:51 | 000,000,555 | ---- | C] () -- C:\WINDOWS\eReg.dat
[2010.06.15 17:01:01 | 000,005,393 | ---- | C] () -- C:\WINDOWS\hpdj6122.ini
[2010.06.15 17:00:32 | 000,000,414 | ---- | C] () -- C:\WINDOWS\hpbvspst.ini
[2010.04.09 12:16:25 | 000,000,010 | ---- | C] () -- C:\WINDOWS\WININIT.INI
[2010.03.29 13:13:25 | 000,000,600 | ---- | C] () -- C:\Dokumente und Einstellungen\Michael M\Anwendungsdaten\winscp.rnd
[2010.03.27 20:55:11 | 000,014,336 | ---- | C] () -- C:\Dokumente und Einstellungen\Michael M\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.03.27 20:09:11 | 000,000,323 | ---- | C] () -- C:\WINDOWS\System32\CNCMFP36.INI
[2010.03.27 17:08:06 | 000,000,000 | ---- | C] () -- C:\WINDOWS\ativpsrm.bin
[2010.03.27 16:35:22 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2010.03.27 15:48:43 | 003,107,788 | R--- | C] () -- C:\WINDOWS\System32\atiumdva.dat
[2010.03.27 15:42:22 | 000,017,408 | ---- | C] () -- C:\WINDOWS\System32\rpcnetp.dll
[2010.03.27 15:40:47 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2010.03.27 15:35:03 | 000,021,740 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2010.03.27 15:27:50 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2010.03.27 15:26:35 | 000,286,904 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010.03.27 15:26:32 | 000,017,408 | ---- | C] () -- C:\WINDOWS\System32\rpcnetp.exe
[2008.09.10 20:49:16 | 003,107,788 | ---- | C] () -- C:\WINDOWS\System32\ativvaxx.dat
[2008.09.10 20:49:16 | 003,107,788 | ---- | C] () -- C:\WINDOWS\System32\ativva5x.dat
[2008.09.10 20:49:16 | 000,887,724 | ---- | C] () -- C:\WINDOWS\System32\ativva6x.dat
[2008.06.10 16:50:18 | 000,174,819 | ---- | C] () -- C:\WINDOWS\System32\atiicdxx.dat
[2008.05.21 10:38:12 | 000,159,744 | ---- | C] () -- C:\WINDOWS\System32\atitmmxx.dll
[2008.05.12 14:51:50 | 002,842,624 | ---- | C] () -- C:\WINDOWS\System32\btwicons.dll
[2008.03.04 20:02:00 | 000,090,112 | ---- | C] () -- C:\WINDOWS\System32\atibrtmon.exe
[2004.08.04 00:12:38 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin
[2004.08.02 13:20:40 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2001.11.14 13:56:00 | 001,802,240 | ---- | C] () -- C:\WINDOWS\System32\lcppn21.dll
[2001.08.23 11:00:00 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2001.08.23 11:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2001.08.23 11:00:00 | 000,452,554 | ---- | C] () -- C:\WINDOWS\System32\perfh007.dat
[2001.08.23 11:00:00 | 000,435,594 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2001.08.23 11:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2001.08.23 11:00:00 | 000,269,480 | ---- | C] () -- C:\WINDOWS\System32\perfi007.dat
[2001.08.23 11:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2001.08.23 11:00:00 | 000,081,316 | ---- | C] () -- C:\WINDOWS\System32\perfc007.dat
[2001.08.23 11:00:00 | 000,068,490 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2001.08.23 11:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2001.08.23 11:00:00 | 000,034,478 | ---- | C] () -- C:\WINDOWS\System32\perfd007.dat
[2001.08.23 11:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2001.08.23 11:00:00 | 000,004,463 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2001.08.23 11:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
========== LOP Check ==========
[2010.03.27 18:17:34 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\DAEMON Tools Lite
[2010.03.28 08:40:33 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\DassaultSystemes
[2010.10.30 19:27:18 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Driver Whiz
[2010.08.19 21:26:34 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\FarmFrenzy2
[2010.10.23 09:55:34 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\FNP
[2010.09.28 18:05:42 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\FreePDF
[2011.05.31 16:30:11 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\ICQ
[2010.07.04 15:18:12 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Sony
[2010.04.09 12:06:43 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\WinZip
[2010.03.27 20:16:46 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Michael M\Anwendungsdaten\Canon
[2010.03.27 18:20:06 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Michael M\Anwendungsdaten\DAEMON Tools Lite
[2010.03.27 17:58:03 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Michael M\Anwendungsdaten\DAEMON Tools Pro
[2010.03.28 07:45:46 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Michael M\Anwendungsdaten\DassaultSystemes
[2010.07.18 11:03:44 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Michael M\Anwendungsdaten\DVDVideoSoftIEHelpers
[2010.09.04 18:55:57 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Michael M\Anwendungsdaten\gtk-2.0
[2011.11.25 15:01:35 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Michael M\Anwendungsdaten\ICQ
[2011.10.02 14:25:21 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Michael M\Anwendungsdaten\Sony
========== Purity Check ==========
========== Custom Scans ==========
< %SYSTEMDRIVE%\*. >
[2010.04.20 18:23:49 | 000,000,000 | -H-D | M] -- C:\CanonMF
[2010.03.27 15:43:29 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen
[2010.03.28 20:27:32 | 000,000,000 | ---D | M] -- C:\fce1cc9336862d0d6144c8c441
[2010.10.23 09:37:24 | 000,000,000 | ---D | M] -- C:\flexlm
[2010.03.27 18:25:33 | 000,000,000 | RH-D | M] -- C:\MSOCache
[2010.09.07 08:34:14 | 000,000,000 | ---D | M] -- C:\Navigator
[2010.06.15 17:02:24 | 000,000,000 | ---D | M] -- C:\Program Files
[2011.12.20 19:40:21 | 000,000,000 | R--D | M] -- C:\Programme
[2010.03.27 17:44:41 | 000,000,000 | -HSD | M] -- C:\RECYCLER
[2011.03.06 14:22:05 | 000,000,000 | ---D | M] -- C:\SwSetup
[2011.12.23 12:04:43 | 000,000,000 | -HSD | M] -- C:\System Volume Information
[2010.03.27 15:46:15 | 000,000,000 | ---D | M] -- C:\SYSTEM.SAV
[2011.10.26 15:14:06 | 000,000,000 | ---D | M] -- C:\temp
[2011.11.19 18:10:13 | 000,000,000 | ---D | M] -- C:\VWLUPO
[2011.12.21 19:13:41 | 000,000,000 | ---D | M] -- C:\WINDOWS
< %PROGRAMFILES%\*.exe >
Invalid Environment Variable: LOCALAPPDATA
< %systemroot%\*. /mp /s >
< MD5 for: AGP440.SYS >
[2004.08.04 00:10:00 | 018,782,319 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:AGP440.sys
[2010.03.31 16:58:18 | 023,898,261 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:AGP440.sys
[2010.03.31 16:58:18 | 023,898,261 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:AGP440.sys
[2010.03.31 16:58:18 | 023,898,261 | ---- | M] () .cab file -- C:\WINDOWS\SoftwareDistribution\Download\a746b2abbbec3e139e29152ba22decd1\sp3.cab:AGP440.sys
[2008.04.13 19:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\ServicePackFiles\i386\agp440.sys
[2008.04.13 19:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\SoftwareDistribution\Download\a746b2abbbec3e139e29152ba22decd1\agp440.sys
[2008.04.13 19:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\system32\drivers\agp440.sys
< MD5 for: ATAPI.SYS >
[2004.08.04 00:10:00 | 018,782,319 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2010.03.31 16:58:18 | 023,898,261 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2010.03.31 16:58:18 | 023,898,261 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:atapi.sys
[2010.03.31 16:58:18 | 023,898,261 | ---- | M] () .cab file -- C:\WINDOWS\SoftwareDistribution\Download\a746b2abbbec3e139e29152ba22decd1\sp3.cab:atapi.sys
[2008.04.13 19:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys
[2008.04.13 19:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\SoftwareDistribution\Download\a746b2abbbec3e139e29152ba22decd1\atapi.sys
[2008.04.13 19:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys
[2004.08.03 21:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\$NtServicePackUninstall$\atapi.sys
< MD5 for: EVENTLOG.DLL >
[2008.04.14 03:22:10 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=04955AA695448C181B367D964AF158AA -- C:\WINDOWS\ServicePackFiles\i386\eventlog.dll
[2008.04.14 03:22:10 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=04955AA695448C181B367D964AF158AA -- C:\WINDOWS\SoftwareDistribution\Download\a746b2abbbec3e139e29152ba22decd1\eventlog.dll
[2008.04.14 03:22:10 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=04955AA695448C181B367D964AF158AA -- C:\WINDOWS\system32\eventlog.dll
[1999.10.02 09:24:46 | 000,017,408 | R--- | M] () MD5=1363337A5301619F00F8033835EF30E9 -- C:\Programme\Matlab\R14_SP3_stud\sys\perl\win32\site\lib\auto\Win32\EventLog\EventLog.dll
[2010.01.26 23:29:28 | 000,028,797 | ---- | M] () MD5=4571E750E4A920D773511F50A2E62A20 -- C:\Programme\MATLAB11\R2011b_stud\sys\perl\win32\lib\auto\Win32\EventLog\EventLog.dll
[2004.08.03 23:57:20 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=B932C077D5A65B71B4512544AC404CB4 -- C:\WINDOWS\$NtServicePackUninstall$\eventlog.dll
< MD5 for: EXPLORER.EXE >
[2004.08.03 23:57:54 | 001,035,264 | ---- | M] (Microsoft Corporation) MD5=22FE1BE02EADDE1632E478E4125639E0 -- C:\WINDOWS\$NtServicePackUninstall$\explorer.exe
[2008.04.14 03:22:45 | 001,036,800 | ---- | M] (Microsoft Corporation) MD5=418045A93CD87A352098AB7DABE1B53E -- C:\WINDOWS\explorer.exe
[2008.04.14 03:22:45 | 001,036,800 | ---- | M] (Microsoft Corporation) MD5=418045A93CD87A352098AB7DABE1B53E -- C:\WINDOWS\ServicePackFiles\i386\explorer.exe
[2008.04.14 03:22:45 | 001,036,800 | ---- | M] (Microsoft Corporation) MD5=418045A93CD87A352098AB7DABE1B53E -- C:\WINDOWS\SoftwareDistribution\Download\a746b2abbbec3e139e29152ba22decd1\explorer.exe
< MD5 for: NETLOGON.DLL >
[2008.04.14 03:22:19 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=0098D35F91DEAB9C127360A877F2CF84 -- C:\WINDOWS\ServicePackFiles\i386\netlogon.dll
[2008.04.14 03:22:19 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=0098D35F91DEAB9C127360A877F2CF84 -- C:\WINDOWS\SoftwareDistribution\Download\a746b2abbbec3e139e29152ba22decd1\netlogon.dll
[2008.04.14 03:22:19 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=0098D35F91DEAB9C127360A877F2CF84 -- C:\WINDOWS\system32\netlogon.dll
[2004.08.03 23:57:32 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=D27395EDCD3416AFD125A9370DCB585C -- C:\WINDOWS\$NtServicePackUninstall$\netlogon.dll
[2009.02.06 19:46:10 | 000,408,064 | ---- | M] (Microsoft Corporation) MD5=ED4BBAD725A21632FB205452749FC8F5 -- C:\WINDOWS\$hf_mig$\KB968389\SP2QFE\netlogon.dll
[2009.02.06 19:46:10 | 000,408,064 | ---- | M] (Microsoft Corporation) MD5=ED4BBAD725A21632FB205452749FC8F5 -- C:\WINDOWS\$hf_mig$\KB975467\SP2QFE\netlogon.dll
< MD5 for: SCECLI.DLL >
[2008.04.14 03:22:23 | 000,187,904 | ---- | M] (Microsoft Corporation) MD5=5132443DF6FC3771A17AB4AE55DCBC28 -- C:\WINDOWS\ServicePackFiles\i386\scecli.dll
[2008.04.14 03:22:23 | 000,187,904 | ---- | M] (Microsoft Corporation) MD5=5132443DF6FC3771A17AB4AE55DCBC28 -- C:\WINDOWS\SoftwareDistribution\Download\a746b2abbbec3e139e29152ba22decd1\scecli.dll
[2008.04.14 03:22:23 | 000,187,904 | ---- | M] (Microsoft Corporation) MD5=5132443DF6FC3771A17AB4AE55DCBC28 -- C:\WINDOWS\system32\scecli.dll
[2004.08.03 23:57:34 | 000,186,880 | ---- | M] (Microsoft Corporation) MD5=64DC26B3CF7BCCAD431CE360A4C625D5 -- C:\WINDOWS\$NtServicePackUninstall$\scecli.dll
< MD5 for: USER32.DLL >
[2004.08.03 23:57:38 | 000,578,560 | ---- | M] (Microsoft Corporation) MD5=56785FD5236D7B22CF471A6DA9DB46D8 -- C:\WINDOWS\$NtServicePackUninstall$\user32.dll
[2008.04.14 03:22:31 | 000,580,096 | ---- | M] (Microsoft Corporation) MD5=B0050CC5340E3A0760DD8B417FF7AEBD -- C:\WINDOWS\ServicePackFiles\i386\user32.dll
[2008.04.14 03:22:31 | 000,580,096 | ---- | M] (Microsoft Corporation) MD5=B0050CC5340E3A0760DD8B417FF7AEBD -- C:\WINDOWS\SoftwareDistribution\Download\a746b2abbbec3e139e29152ba22decd1\user32.dll
[2008.04.14 03:22:31 | 000,580,096 | ---- | M] (Microsoft Corporation) MD5=B0050CC5340E3A0760DD8B417FF7AEBD -- C:\WINDOWS\system32\user32.dll
< MD5 for: USERINIT.EXE >
[2008.04.14 03:23:03 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=788F95312E26389D596C0FA55834E106 -- C:\WINDOWS\ServicePackFiles\i386\userinit.exe
[2008.04.14 03:23:03 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=788F95312E26389D596C0FA55834E106 -- C:\WINDOWS\SoftwareDistribution\Download\a746b2abbbec3e139e29152ba22decd1\userinit.exe
[2008.04.14 03:23:03 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=788F95312E26389D596C0FA55834E106 -- C:\WINDOWS\system32\userinit.exe
[2004.08.03 23:58:18 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=D1E53DC57143F2584B1DD53B036C0633 -- C:\WINDOWS\$NtServicePackUninstall$\userinit.exe
< MD5 for: WINLOGON.EXE >
[2004.08.03 23:58:20 | 000,507,392 | ---- | M] (Microsoft Corporation) MD5=2B6A0BAF33A9918F09442D873848FF72 -- C:\WINDOWS\$NtServicePackUninstall$\winlogon.exe
[2008.04.14 03:23:05 | 000,513,024 | ---- | M] (Microsoft Corporation) MD5=F09A527B422E25C478E38CAA0E44417A -- C:\WINDOWS\ServicePackFiles\i386\winlogon.exe
[2008.04.14 03:23:05 | 000,513,024 | ---- | M] (Microsoft Corporation) MD5=F09A527B422E25C478E38CAA0E44417A -- C:\WINDOWS\SoftwareDistribution\Download\a746b2abbbec3e139e29152ba22decd1\winlogon.exe
[2008.04.14 03:23:05 | 000,513,024 | ---- | M] (Microsoft Corporation) MD5=F09A527B422E25C478E38CAA0E44417A -- C:\WINDOWS\system32\winlogon.exe
< MD5 for: WS2IFSL.SYS >
[2001.08.23 11:00:00 | 000,012,032 | ---- | M] (Microsoft Corporation) MD5=6ABE6E225ADB5A751622A9CC3BC19CE8 -- C:\WINDOWS\system32\dllcache\ws2ifsl.sys
[2001.08.23 11:00:00 | 000,012,032 | ---- | M] (Microsoft Corporation) MD5=6ABE6E225ADB5A751622A9CC3BC19CE8 -- C:\WINDOWS\system32\drivers\ws2ifsl.sys
< %systemroot%\system32\drivers\*.sys /lockedfiles >
[2010.03.27 18:17:56 | 000,691,696 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\sptd.sys
< %systemroot%\System32\config\*.sav >
[2010.03.27 16:25:54 | 000,094,208 | ---- | M] () -- C:\WINDOWS\System32\config\default.sav
[2010.03.27 16:25:54 | 000,663,552 | ---- | M] () -- C:\WINDOWS\System32\config\software.sav
[2010.03.27 16:25:54 | 000,458,752 | ---- | M] () -- C:\WINDOWS\System32\config\system.sav
< %systemroot%\system32\*.dll /lockedfiles >
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]
< %USERPROFILE%\*.* >
[2011.10.26 15:14:04 | 000,000,122 | ---- | M] () -- C:\Dokumente und Einstellungen\Michael M\.ewanapi_cookie
[2011.11.01 17:05:11 | 000,000,821 | ---- | M] () -- C:\Dokumente und Einstellungen\Michael M\.recently-used.xbel
[2010.10.23 09:04:16 | 000,001,111 | ---- | M] () -- C:\Dokumente und Einstellungen\Michael M\cert.txt
[2011.10.26 15:18:08 | 000,102,231 | ---- | M] () -- C:\Dokumente und Einstellungen\Michael M\ewa_client_0.log
[2011.09.27 12:37:43 | 000,000,143 | ---- | M] () -- C:\Dokumente und Einstellungen\Michael M\l.txt
[2011.12.23 13:00:11 | 007,340,032 | -H-- | M] () -- C:\Dokumente und Einstellungen\Michael M\NTUSER.DAT
[2011.12.23 13:02:34 | 000,001,024 | -H-- | M] () -- C:\Dokumente und Einstellungen\Michael M\ntuser.dat.LOG
[2011.12.22 23:00:28 | 000,000,190 | -HS- | M] () -- C:\Dokumente und Einstellungen\Michael M\ntuser.ini
< %USERPROFILE%\Local Settings\Temp\*.exe >
< %USERPROFILE%\Local Settings\Temp\*.dll >
< %USERPROFILE%\Application Data\*.exe >
< HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems|Windows /rs >
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems\\Kmode: %SystemRoot%\system32\win32k.sys [2009.08.14 16:10:16 | 001,850,752 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems\\Required: DebugWindows [binary data]
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems\\Windows: %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,3072,512 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ProfileControl=Off MaxRequestThreads=16
< >
< End of report >
--- --- ---
Extra.txtOTL Logfile: Code:
OTL Extras logfile created on: 23.12.2011 13:00:40 - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Dokumente und Einstellungen\Michael M\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.5512)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
1,75 Gb Total Physical Memory | 1,21 Gb Available Physical Memory | 69,15% Memory free
3,60 Gb Paging File | 3,19 Gb Available in Paging File | 88,78% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 149,04 Gb Total Space | 79,12 Gb Free Space | 53,09% Space Free | Partition Type: NTFS
Drive E: | 3,82 Gb Total Space | 3,35 Gb Free Space | 87,60% Space Free | Partition Type: FAT32
Computer Name: MICHAEL | User Name: Michael M | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.url [@ = InternetShortcut] -- rundll32.exe shdocvw.dll,OpenURL %l
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Programme\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
InternetShortcut [open] -- rundll32.exe shdocvw.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Programme\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Programme\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 1
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"139:TCP" = 139:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22002
"3389:TCP" = 3389:TCP:*:Enabled:@xpsp2res.dll,-22009
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\Programme\ICQ7.5\ICQ.exe" = C:\Programme\ICQ7.5\ICQ.exe:*:Enabled:ICQ7.5 -- (ICQ, LLC.)
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00BA866C-F2A2-4BB9-A308-3DFA695B6F7C}" = Java DB 10.5.3.0
"{01378950-F60D-5CCD-A756-741F11AC28A3}" = Catalyst Control Center Localization Thai
"{055EE59D-217B-43A7-ABFF-507B966405D8}" = ATI Catalyst Control Center
"{112A080C-7FEE-DF04-0A98-5A46952F4988}" = CCC Help English
"{18058624-242D-BBD2-A7E7-05DC0FCE99E8}" = CCC Help French
"{1C77BC2B-8F8B-C6EF-3906-09FAF21A7700}" = Catalyst Control Center Localization Russian
"{1EA82200-BD9C-3312-4FB2-F975D23FBA76}" = ccc-utility
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{26A24AE4-039D-4CA4-87B4-2F83216021FF}" = Java(TM) 6 Update 26
"{276E1803-51FF-C2B4-1AA9-8FB1BA1018A8}" = Catalyst Control Center Localization Czech
"{32A3A4F4-B792-11D6-A78A-00B0D0160190}" = Java(TM) SE Development Kit 6 Update 19
"{339DEED7-B03A-79A6-746A-FD434E4E2D70}" = Catalyst Control Center Localization Swedish
"{350C97B3-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{36E42EEB-84E3-66AB-8A5E-BCB0FAB9426B}" = Catalyst Control Center Localization Dutch
"{3A6F4A31-8CFD-46B4-8385-E1F384DB121E}" = PDF-XChange Viewer
"{3A8C38B6-54E4-0DD0-B0FB-574831671127}" = Catalyst Control Center Graphics Light
"{426C3B1B-61D2-AF3F-1BE8-79937C075AFF}" = CCC Help Polish
"{448F39D3-5CF5-2F5C-A135-8C51C94C6B37}" = CCC Help Norwegian
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A276AF9-46BC-3896-EC3A-2F7BB470CAF7}" = CCC Help Finnish
"{4A352AF2-336D-45B6-CD3E-8B6E86879BB2}" = CCC Help Italian
"{53F9B21C-34C1-F83E-468E-09EA9A194527}" = Catalyst Control Center Localization Norwegian
"{5BE226B3-1722-4fd0-9E39-997712B68F67}" = Canon MF8000 Series
"{5C07BDD0-F57C-852E-46DF-3196B699DE5A}" = CCC Help Chinese Standard
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{66944E9D-C37E-C8F4-0A5E-3204C6D75D86}" = Catalyst Control Center Localization German
"{6767DFEE-8909-453A-B553-C7693912B2EB}" = Canon MF Toolbox 4.9.1.1.mf09
"{6911CEE7-4D8B-9D8E-CAFF-4DEB6906AD5E}" = Catalyst Control Center Localization Hungarian
"{6D06E9C7-CF20-28A0-3D54-272EE2737867}" = CCC Help Turkish
"{6DE6837F-F3A3-40FF-9F5C-A0B95948E32D}" = Dassault Systemes Software Prerequisites x86
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{73156E77-9AD7-A683-82CF-742A39E91D37}" = Skins
"{74EC78BC-B379-4E29-9006-8F161DCAABA6}" = Apple Software Update
"{7578ADEA-D65F-4C89-A249-B1C88B6FFC20}" = ICQ7.5
"{7981D8E3-ACD0-3C16-2D79-0ACE5BEE523D}" = CCC Help Portuguese
"{7B3CBEAC-3EF5-F318-D79C-5ADC12D6F362}" = Catalyst Control Center Graphics Full New
"{822049E9-CFE9-9BF6-508F-59267B5F59D8}" = ccc-core-preinstall
"{831E39CD-3968-4E70-3DEE-F66CFE59AA7A}" = CCC Help Danish
"{84814E6B-2581-46EC-926A-823BD1C670F6}" = HP Integrated Module with Bluetooth wireless technology
"{8481CF72-E3C3-8E58-77F1-771F996E722A}" = Catalyst Control Center Localization Polish
"{8937FCB2-2FC6-4FC3-9FB5-DE2C92DB9C38}" = Microsoft .NET Framework 2.0 Language Pack - DEU
"{898D6241-AB24-4DF7-82FE-21F315DB34E7}" = Race Driver 2 Demo
"{8BF17C99-355A-CD4F-B434-AF8884816C56}" = CCC Help Hungarian
"{8D6CDC85-F545-DF9A-AFB4-1396F7D75301}" = CCC Help Swedish
"{8EBE68FC-E9F8-BBC7-52CC-BAAF145D1E31}" = Catalyst Control Center Localization Greek
"{8F6E6502-0F6E-ADE3-FB36-C97220308ABF}" = Catalyst Control Center Localization Spanish
"{90120000-0010-0407-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (German) 12
"{90120000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2007
"{90120000-0015-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2007
"{90120000-0019-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2007
"{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{A0516415-ED61-419A-981D-93596DA74165}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_ENTERPRISE_{322296D4-1EAE-4030-9FBC-D2787EB25FA2}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-0044-0407-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2007
"{90120000-0044-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_ENTERPRISE_{26454C26-D259-4543-AA60-3189E09C5F76}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-00BA-0407-0000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2007
"{90120000-00BA-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{915CECD9-6DF0-4107-72DA-FF86957F4187}" = Catalyst Control Center Core Implementation
"{92B94569-6683-4617-8C54-EB27A1B51B30}" = GTAIII
"{95A890AA-B3B1-44B6-9C18-A8F7AB3EE7FC}" = QuickTime
"{9616E67E-B9D4-9069-AE1C-8BF09C69BE5F}" = CCC Help Russian
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9E0136C7-1D9F-E793-1AD9-BE99B5E0A69B}" = Catalyst Control Center Localization Turkish
"{A0A76C15-3BF4-0F9D-93A5-4C287AD75EBE}" = Catalyst Control Center Localization Finnish
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A9495514-098A-4869-A464-C455857BC464}" = Multimedia Mouse Driver
"{AA6DC0E7-B8A1-6CDA-7369-86ED00E93739}" = Catalyst Control Center Localization Italian
"{AC76BA86-7AD7-1031-7B44-A94000000001}" = Adobe Reader 9.4.7 - Deutsch
"{AC76BA86-7AD7-5760-0000-900000000003}" = Japanese Fonts Support For Adobe Reader 9
"{B9DFF68B-831A-FD06-2099-4A7041FCB55F}" = Catalyst Control Center Localization Chinese Standard
"{BAE5E379-AC64-0D09-6295-EA45B4A26069}" = CCC Help Korean
"{BD8A0C60-1AEB-11D6-B8E1-00025521AE60}" = VBA (3821b)
"{BE263A6B-A71B-642E-9CD3-711D7283DA23}" = Catalyst Control Center Localization Portuguese
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C151CE54-E7EA-4804-854B-F515368B0798}" = AMD Processor Driver
"{C349C10C-1474-4000-9073-9299856C8A70}" = Catalyst Control Center - Branding
"{CD68E5C1-39DD-9D43-C789-548671A2944C}" = CCC Help Chinese Traditional
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CF2ED54C-B246-CB92-0D6E-3A1EF72AF65A}" = Catalyst Control Center Localization French
"{CFBD250D-6D35-A09A-A38E-7D8A30742160}" = Catalyst Control Center Graphics Full Existing
"{D3E93FE6-59AC-5583-FA56-CAE69465FC58}" = Catalyst Control Center Localization Danish
"{DA859954-14AC-A262-69F8-9CB4B3AD16B5}" = CCC Help German
"{E1F4FB82-3EA6-46B6-A18A-9B3A62DA393E}" = hp deskjet 6122
"{E35B3C63-E958-4E31-A178-95D22024109A}" = Battlefield Vietnam(TM)
"{E4899684-465D-0D18-0523-0B4BAB9196A2}" = CCC Help Spanish
"{E51EB395-646F-ABE0-1BD5-0C3DB568D1BC}" = CCC Help Japanese
"{E89DE689-A678-CE28-8B4E-D8086F80B6CE}" = CCC Help Greek
"{EB4528AD-E9CA-831E-3A94-C66B794B5E1A}" = CCC Help Thai
"{ED6C5ECD-5AA4-4054-BF67-8F49526E5765}" = O&O Defrag Professional
"{EEC248D2-C838-2503-0C03-05BDFF920ADA}" = Catalyst Control Center Localization Japanese
"{F0803639-33A5-8772-AB08-67676B6B330B}" = ccc-core-static
"{F0A37341-D692-11D4-A984-009027EC0A9C}" = SoundMAX
"{F4105AFC-B69D-575F-44E6-CAB6E86DA0AA}" = CCC Help Dutch
"{F6FAEA51-3ED4-4BAB-E815-F015476D7FA6}" = Catalyst Control Center Localization Korean
"{F989306B-9287-444F-AE73-E30C7E4AF0F5}" = Battlefield Vietnam: WW2 Mod
"{FACC20DD-DD0B-B913-9A8F-3FCBC16B4EFF}" = CCC Help Czech
"{FC976AA0-B59F-3FF6-BCC7-0EB40E806FC9}" = Catalyst Control Center Localization Chinese Traditional
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.6
"AFPL Ghostscript Fonts" = AFPL Ghostscript Fonts
"Agere Systems Soft Modem" = Agere Systems HDA Modem
"ATI Display Driver" = ATI Display Driver
"Audacity_is1" = Audacity 1.2.6
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"Broadcom 802.11b Network Adapter" = Broadcom 802.11-WLAN-Adapter
"Dassault Systemes B19_0" = Dassault Systemes Software B19
"Destinator Console" = Destinator Console
"ENTERPRISE" = Microsoft Office Enterprise 2007
"FreePDF_XP" = FreePDF (Remove only)
"GPL Ghostscript 9.00" = GPL Ghostscript 9.00
"hp print screen utility" = hp print screen utility
"ICQ" = ICQ
"ICQToolbar" = ICQ Toolbar
"InstallShield_{898D6241-AB24-4DF7-82FE-21F315DB34E7}" = Race Driver 2 Demo
"InstallShield_{A9495514-098A-4869-A464-C455857BC464}" = Multimedia Mouse Driver
"lcc-win32 (base system)_is1" = lcc-win32 version 3.2 (base system)
"Microsoft .NET Framework 2.0 Language Pack - DEU" = Microsoft .NET Framework 2.0 Language Pack - DEU
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mozilla Firefox 8.0 (x86 de)" = Mozilla Firefox 8.0 (x86 de)
"OpenVPN" = OpenVPN 2.1.1
"Redirection Port Monitor" = RedMon - Redirection Port Monitor
"Uninstall_is1" = Uninstall 1.0.0.1
"VLC media player" = VLC media player 1.1.0
"VWLUPO-Key" = VOLKSWAGEN Lupo-Cup
"Wdf01005" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
"WIC" = Windows Imaging Component
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinGimp-2.0_is1" = GIMP 2.6.7
"WinRAR archiver" = WinRAR
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"pdfsam" = pdfsam
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 09.09.2011 02:30:13 | Computer Name = MICHAEL | Source = ESENT | ID = 490
Description = svchost (1512) Versuch, Datei "C:\WINDOWS\system32\CatRoot2\{127D0A1D-4EF2-11D1-8608-00C04FC295EE}\catdb"
für den Lese-/Schreibzugriff zu öffnen, ist mit Systemfehler 32 (0x00000020): "Der
Prozess kann nicht auf die Datei zugreifen, da sie von einem anderen Prozess verwendet
wird. " fehlgeschlagen. Fehler -1032 (0xfffffbf8) beim Öffnen von Dateien.
Error - 10.09.2011 11:43:01 | Computer Name = MICHAEL | Source = Microsoft Office 12 | ID = 2000
Description = Accepted Safe Mode action : Microsoft Office Outlook.
Error - 14.09.2011 11:11:17 | Computer Name = MICHAEL | Source = Microsoft Office 12 | ID = 2001
Description = Rejected Safe Mode action : Microsoft Office Outlook.
Error - 15.09.2011 06:29:13 | Computer Name = MICHAEL | Source = crypt32 | ID = 131080
Description = Der automatische Aktualisierungsabruf der Drittanbieterstammlisten-Sequenznummer
von <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>
ist fehlgeschlagen mit dem Fehler: Dieser Vorgang wurde wegen Zeitüberschreitung
zurückgegeben. .
Error - 15.09.2011 09:51:27 | Computer Name = MICHAEL | Source = crypt32 | ID = 131080
Description = Der automatische Aktualisierungsabruf der Drittanbieterstammlisten-Sequenznummer
von <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>
ist fehlgeschlagen mit dem Fehler: Dieser Vorgang wurde wegen Zeitüberschreitung
zurückgegeben. .
Error - 10.10.2011 13:43:33 | Computer Name = MICHAEL | Source = ESENT | ID = 490
Description = svchost (1508) Versuch, Datei "C:\WINDOWS\system32\CatRoot2\{127D0A1D-4EF2-11D1-8608-00C04FC295EE}\catdb"
für den Lese-/Schreibzugriff zu öffnen, ist mit Systemfehler 32 (0x00000020): "Der
Prozess kann nicht auf die Datei zugreifen, da sie von einem anderen Prozess verwendet
wird. " fehlgeschlagen. Fehler -1032 (0xfffffbf8) beim Öffnen von Dateien.
Error - 24.11.2011 01:31:30 | Computer Name = MICHAEL | Source = ESENT | ID = 490
Description = svchost (1516) Versuch, Datei "C:\WINDOWS\system32\CatRoot2\{127D0A1D-4EF2-11D1-8608-00C04FC295EE}\catdb"
für den Lese-/Schreibzugriff zu öffnen, ist mit Systemfehler 32 (0x00000020): "Der
Prozess kann nicht auf die Datei zugreifen, da sie von einem anderen Prozess verwendet
wird. " fehlgeschlagen. Fehler -1032 (0xfffffbf8) beim Öffnen von Dateien.
Error - 26.11.2011 11:31:13 | Computer Name = MICHAEL | Source = Microsoft Office 12 | ID = 5000
Description = EventType officelifeboathang, P1 winword.exe, P2 12.0.6425.1000, P3
wwlib.dll, P4 12.0.6425.1000, P5 NIL, P6 NIL, P7 NIL, P8 NIL, P9 NIL, P10 NIL.
Error - 06.12.2011 05:47:04 | Computer Name = MICHAEL | Source = Microsoft Office 12 | ID = 5000
Description = EventType officelifeboathang, P1 winword.exe, P2 12.0.6425.1000, P3
wwlib.dll, P4 12.0.6425.1000, P5 NIL, P6 NIL, P7 NIL, P8 NIL, P9 NIL, P10 NIL.
Error - 21.12.2011 03:19:19 | Computer Name = MICHAEL | Source = Microsoft Office 12 | ID = 2000
Description = Accepted Safe Mode action : Microsoft Office Outlook.
[ OSession Events ]
Error - 31.03.2010 15:16:19 | Computer Name = MICHAEL | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6425.1000, Microsoft Office Version: 12.0.6425.1000. This session lasted 219
seconds with 0 seconds of active time. This session ended with a crash.
Error - 14.06.2010 07:47:08 | Computer Name = MICHAEL | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6425.1000, Microsoft Office Version: 12.0.6425.1000. This session lasted 2156
seconds with 1320 seconds of active time. This session ended with a crash.
Error - 19.04.2011 10:14:52 | Computer Name = MICHAEL | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
12.0.6425.1000, Microsoft Office Version: 12.0.6425.1000. This session lasted 414
seconds with 120 seconds of active time. This session ended with a crash.
Error - 19.04.2011 10:29:00 | Computer Name = MICHAEL | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
12.0.6425.1000, Microsoft Office Version: 12.0.6425.1000. This session lasted 818
seconds with 120 seconds of active time. This session ended with a crash.
Error - 19.04.2011 14:15:14 | Computer Name = MICHAEL | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
12.0.6425.1000, Microsoft Office Version: 12.0.6425.1000. This session lasted 2157
seconds with 0 seconds of active time. This session ended with a crash.
[ System Events ]
Error - 21.12.2011 14:30:30 | Computer Name = MICHAEL | Source = Dhcp | ID = 1002
Description = Die IP-Adresslease 134.108.58.235 für die Netzwerkkarte mit der Netzwerkadresse
00FF543AADCF wurde durch den DHCP-Server 134.108.59.254 abgelehnt (der DHCP-Server
hat eine DHCPNACK-Meldung gesendet).
Error - 21.12.2011 15:53:14 | Computer Name = MICHAEL | Source = MRxSmb | ID = 8003
Description = Der Hauptsuchdienst erhielt eine Serverankündigung vom Computer "UMAYLANDT",
der
der Hauptsuchdienst der Domäne für den NetBT_Tcpip_{8FB97EE7-B7C0-4D94-Transport
zu sein scheint. Der Hauptsuchdienst wurde beendet oder es wird eine Auswahl erzwungen.
Error - 22.12.2011 01:48:57 | Computer Name = MICHAEL | Source = Service Control Manager | ID = 7000
Description = Der Dienst "HP Service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%193
Error - 22.12.2011 12:56:47 | Computer Name = MICHAEL | Source = Service Control Manager | ID = 7000
Description = Der Dienst "HP Service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%193
Error - 22.12.2011 13:05:42 | Computer Name = MICHAEL | Source = MRxSmb | ID = 8003
Description = Der Hauptsuchdienst erhielt eine Serverankündigung vom Computer "UMAYLANDT",
der
der Hauptsuchdienst der Domäne für den NetBT_Tcpip_{8FB97EE7-B7C0-4D94-Transport
zu sein scheint. Der Hauptsuchdienst wurde beendet oder es wird eine Auswahl erzwungen.
Error - 22.12.2011 13:26:11 | Computer Name = MICHAEL | Source = Dhcp | ID = 1002
Description = Die IP-Adresslease 134.108.59.116 für die Netzwerkkarte mit der Netzwerkadresse
00FF543AADCF wurde durch den DHCP-Server 134.108.61.254 abgelehnt (der DHCP-Server
hat eine DHCPNACK-Meldung gesendet).
Error - 22.12.2011 14:06:39 | Computer Name = MICHAEL | Source = MRxSmb | ID = 8003
Description = Der Hauptsuchdienst erhielt eine Serverankündigung vom Computer "UMAYLANDT",
der
der Hauptsuchdienst der Domäne für den NetBT_Tcpip_{8FB97EE7-B7C0-4D94-Transport
zu sein scheint. Der Hauptsuchdienst wurde beendet oder es wird eine Auswahl erzwungen.
Error - 23.12.2011 03:32:32 | Computer Name = MICHAEL | Source = Service Control Manager | ID = 7000
Description = Der Dienst "HP Service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%193
Error - 23.12.2011 04:00:06 | Computer Name = MICHAEL | Source = Service Control Manager | ID = 7000
Description = Der Dienst "HP Service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%193
Error - 23.12.2011 04:00:35 | Computer Name = MICHAEL | Source = Service Control Manager | ID = 7022
Description = Der Dienst "Windows-Bilderfassung (WIA)" wurde nicht ordnungsgemäß
gestartet.
< End of report >
--- --- --- |
