Trojaner-Board - 50 Euro Virus "Ihr Windowssystem wurde aus Sicherheitsgründen blockiert"

Ich habe diesen Virus auch (die Avira-Kaspersky-etc.-Variante). Ich habe dann im abgesicherten Modus Avira Free AV und Avira Cleaner-DE suchen lassen. Der Filewalker hat nichts gefunden, der Cleaner 1 Datei. Die habe ich gelöscht, aber das "Stopfenster" war beim nächsten Start wieder da - vermutlich hat das Virus irgendwo im Autostart eine unverdächtige Datei geparkt.

Meine Fehlermeldung, äh Betriebssystem ist Windows Vista Home Basic, Build 6002 SP 2.

Ich habe den OTL mit einem Listing suchen lassen, das ich in einem anderen Thread gefunden habe (was wahrscheinlich völlig falsch ist), und dabei kam das hier raus:

(Grmpf, das ist ja ewig lang - wie bekomme ich hier einen Scroll-Kasten hin?)OTL Logfile:

Code:

OTL logfile created on: 31.01.2012 10:12:22 - Run 1

OTL by OldTimer - Version 3.2.31.0     Folder = C:\Users\Sven\Desktop\Setup-Dateien

Windows Vista Home Basic Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation

Internet Explorer (Version = 9.0.8112.16421)

Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

 

1014,52 Mb Total Physical Memory | 259,55 Mb Available Physical Memory | 25,58% Memory free

2,24 Gb Paging File | 1,63 Gb Available in Paging File | 72,87% Paging File free

Paging file location(s): ?:\pagefile.sys

 

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files

Drive C: | 100,26 Gb Total Space | 40,41 Gb Free Space | 40,31% Space Free | Partition Type: NTFS

Drive E: | 1863,01 Gb Total Space | 1107,18 Gb Free Space | 59,43% Space Free | Partition Type: NTFS

Drive F: | 9,03 Gb Total Space | 1,81 Gb Free Space | 20,03% Space Free | Partition Type: NTFS

 

Computer Name: SVENSKLAPPKISTE | User Name: Sven | Logged in as Administrator.

Boot Mode: SafeMode with Networking | Scan Mode: Current user | Quick Scan

Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

 
 ========== Processes (SafeList) ==========

 

PRC - [2012.01.31 10:10:09 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Sven\Desktop\Setup-Dateien\OTL.exe

PRC - [2012.01.10 00:14:22 | 000,924,632 | ---- | M] (Mozilla Corporation) -- C:\Programme\Mozilla Firefox\firefox.exe

PRC - [2009.04.11 07:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe

PRC - [2008.01.19 08:33:39 | 000,202,240 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Media Player\wmpnscfg.exe

 

 
 ========== Modules (No Company Name) ==========

 

MOD - [2012.01.10 00:14:21 | 002,124,760 | ---- | M] () -- C:\Programme\Mozilla Firefox\mozjs.dll

MOD - [2011.12.03 22:26:29 | 008,527,008 | ---- | M] () -- C:\Windows\System32\Macromed\Flash\NPSWF32.dll

 

 
 ========== Win32 Services (SafeList) ==========

 

SRV - [2011.10.11 13:59:49 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Stopped] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)

SRV - [2011.10.11 13:59:37 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Stopped] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)

SRV - [2011.06.06 11:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) [Auto | Stopped] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)

SRV - [2011.03.09 12:29:16 | 000,366,000 | ---- | M] (Eastman Kodak Company) [Auto | Stopped] -- C:\Programme\Kodak\AiO\Center\EKAiOHostService.exe -- (Kodak AiO Network Discovery Service)

SRV - [2010.01.15 13:49:20 | 000,227,232 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe -- (McComponentHostService)

SRV - [2009.08.24 20:16:36 | 000,406,016 | ---- | M] (mst software GmbH, Germany) [On_Demand | Stopped] -- C:\Program Files\Ashampoo\Ashampoo WinOptimizer 2010 CBE\Dfsdks.exe -- (DfSdkS)

SRV - [2008.01.19 08:38:24 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Windows Defender\MpSvc.dll -- (WinDefend)

SRV - [2007.12.11 15:15:04 | 000,012,800 | ---- | M] (Agere Systems) [Auto | Stopped] -- C:\Windows\System32\agrsmsvc.exe -- (AgereModemAudio)

SRV - [2007.09.26 10:53:56 | 002,999,664 | ---- | M] (Symantec Corporation) [On_Demand | Stopped] -- C:\Programme\Symantec\LiveUpdate\LuComServer_3_2.EXE -- (LiveUpdate)

SRV - [2007.09.26 10:53:56 | 000,554,352 | ---- | M] (Symantec Corporation) [Auto | Stopped] -- C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe -- (Automatisches LiveUpdate - Scheduler)

SRV - [2007.06.08 08:06:42 | 000,172,131 | R--- | M] (Hewlett-Packard Ltd) [On_Demand | Stopped] -- C:\Windows\System32\flcdlock.exe -- (FLCDLOCK)

SRV - [2007.03.12 09:22:00 | 000,517,768 | ---- | M] (Symantec Corporation) [Auto | Stopped] -- C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe -- (LiveUpdate Notice Service)

SRV - [2007.03.05 09:30:06 | 000,110,592 | ---- | M] (Hewlett-Packard Development Company, L.P.) [On_Demand | Stopped] -- C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4Qlb.exe -- (Com4Qlb)

SRV - [2007.02.06 07:44:24 | 000,069,632 | ---- | M] (Andrea Electronics Corporation) [Auto | Stopped] -- C:\Windows\System32\AEADISRV.EXE -- (AEADIFilters)

SRV - [2007.01.04 18:48:52 | 000,112,152 | R--- | M] (InterVideo) [Auto | Stopped] -- C:\Programme\Common Files\InterVideo\RegMgr\iviRegMgr.exe -- (IviRegMgr)

 

 
 ========== Driver Services (SafeList) ==========

 

DRV - [2011.12.08 21:29:18 | 000,134,856 | ---- | M] (Avira GmbH) [Kernel | System | Stopped] -- C:\Windows\System32\drivers\avipbb.sys -- (avipbb)

DRV - [2011.10.11 14:00:01 | 000,074,640 | ---- | M] (Avira GmbH) [File_System | Auto | Stopped] -- C:\Windows\System32\drivers\avgntflt.sys -- (avgntflt)

DRV - [2011.10.11 14:00:01 | 000,036,000 | ---- | M] (Avira GmbH) [Kernel | System | Stopped] -- C:\Windows\System32\drivers\avkmgr.sys -- (avkmgr)

DRV - [2010.06.17 14:14:27 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Stopped] -- C:\Windows\System32\drivers\ssmdrv.sys -- (ssmdrv)

DRV - [2009.12.12 00:48:04 | 000,025,984 | ---- | M] (The OpenVPN Project) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\tap0901.sys -- (tap0901)

DRV - [2009.06.02 23:57:34 | 000,483,200 | ---- | M] (ITETech                  ) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\AF15BDA.sys -- (AF15BDA)

DRV - [2008.12.05 06:55:40 | 000,217,728 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\e1e6032.sys -- (e1express) Intel(R)

DRV - [2008.11.21 20:53:40 | 001,204,128 | ---- | M] (Agere Systems) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\AGRSM.sys -- (AgereSoftModem)

DRV - [2008.11.11 12:42:00 | 000,024,832 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lgusbmodem.sys -- (USBModem)

DRV - [2008.11.11 12:41:00 | 000,019,968 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lgusbdiag.sys -- (UsbDiag)

DRV - [2008.11.11 12:41:00 | 000,013,056 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lgusbbus.sys -- (usbbus)

DRV - [2008.08.29 12:19:36 | 000,040,368 | ---- | M] (Paragon Software Group) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\hotcore3.sys -- (hotcore3)

DRV - [2008.04.04 12:47:46 | 000,026,368 | ---- | M] (OPTO ELECTRONICS CO.,LTD.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\optovcm.sys -- (optovcm)

DRV - [2008.04.04 12:47:46 | 000,018,432 | ---- | M] (OPTO ELECTRONICS CO.,LTD.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\optousb.sys -- (optousb)

DRV - [2007.11.05 22:41:17 | 000,077,004 | ---- | M] (Oak Technology Inc.) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\AFS.SYS -- (AFS)

DRV - [2007.11.02 13:36:10 | 000,018,176 | ---- | M] (Motorola) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\motccgp.sys -- (motccgp)

DRV - [2007.10.10 15:41:50 | 000,042,112 | ---- | M] (Motorola Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\motodrv.sys -- (MotDev)

DRV - [2007.06.19 14:48:04 | 002,219,520 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\NETw4v32.sys -- (NETw4v32) Intel(R)

DRV - [2007.06.18 16:12:04 | 000,016,768 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HpqKbFiltr.sys -- (HpqKbFiltr)

DRV - [2007.06.18 13:18:26 | 000,023,680 | ---- | M] (Motorola) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\motmodem.sys -- (motmodem)

DRV - [2007.06.08 07:49:46 | 000,030,008 | R--- | M] (Hewlett-Packard Development Company L.P.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\DAMDrv.sys -- (DAMDrv)

DRV - [2007.05.24 16:59:48 | 010,343,680 | ---- | M] (Sonix Co. Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\snpstd3.sys -- (SNPSTD3) USB PC Camera (SNPSTD3)

DRV - [2007.01.23 18:03:44 | 000,007,680 | ---- | M] (Motorola) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\motccgpfl.sys -- (motccgpfl)

DRV - [2006.11.10 14:05:00 | 000,018,688 | ---- | M] (Arcsoft, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\afc.sys -- (Afc)

DRV - [2006.11.02 10:50:17 | 000,041,064 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\tpm.sys -- (TPM)

DRV - [2006.11.02 08:36:43 | 002,028,032 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\atikmdag.sys -- (R300)

DRV - [2006.11.02 01:50:52 | 000,128,104 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\WimFltr.sys -- (WimFltr)

DRV - [2006.06.28 09:54:00 | 000,009,472 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\CPQBttn.sys -- (HBtnKey)

 

 
 ========== Standard Registry (SafeList) ==========

 

 
 ========== Internet Explorer ==========

 

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.hp.com

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.hp.com

IE - HKLM\..\URLSearchHook: {a1e75a0e-4397-4ba8-bb50-e19fb66890f4} - C:\Programme\MyAshampoo\tbMyAs.dll (Conduit Ltd.)

 

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.maxdome.de/

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1

IE - HKCU\..\URLSearchHook: {a1e75a0e-4397-4ba8-bb50-e19fb66890f4} - C:\Programme\MyAshampoo\tbMyAs.dll (Conduit Ltd.)

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

 
 ========== FireFox ==========

 

 

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()

FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found

FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()

FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)

FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0:  File not found

FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)

FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)

FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)

FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)

FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)

FF - HKLM\Software\MozillaPlugins\@zylom.com/ZylomGamesPlayer: C:\ProgramData\Zylom\ZylomGamesPlayer\npzylomgamesplayer.dll (Zylom)

FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\Sven\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)

FF - HKCU\Software\MozillaPlugins\telekom.com/PagePlaceStarter: C:\Program Files\PagePlace\npPagePlaceStarter.dll (Deutsche Telekom AG)

 

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2012.01.27 15:56:02 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 9.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.01.10 00:14:23 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 9.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011.11.12 14:35:21 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 2.0.0.21\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2011.11.12 14:35:21 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 2.0.0.21\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins [2011.11.12 14:35:21 | 000,000,000 | ---D | M]

 

[2008.06.21 06:47:53 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Sven\AppData\Roaming\mozilla\Extensions

[2012.01.27 14:46:04 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Sven\AppData\Roaming\mozilla\Firefox\Profiles\e5lepv06.default\extensions

[2010.04.30 13:10:13 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Sven\AppData\Roaming\mozilla\Firefox\Profiles\e5lepv06.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}

[2010.01.31 10:53:54 | 000,000,000 | ---D | M] (Andasa Toolbar) -- C:\Users\Sven\AppData\Roaming\mozilla\Firefox\Profiles\e5lepv06.default\extensions\{579fcdb8-929b-11dc-8314-0800200c9a66}

[2011.12.22 14:07:48 | 000,000,000 | ---D | M] (ChatZilla) -- C:\Users\Sven\AppData\Roaming\mozilla\Firefox\Profiles\e5lepv06.default\extensions\{59c81df5-4b7a-477b-912d-4e0fdf64e5f2}

[2011.11.18 20:10:12 | 000,000,000 | ---D | M] (WOT) -- C:\Users\Sven\AppData\Roaming\mozilla\Firefox\Profiles\e5lepv06.default\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}

[2010.01.24 17:52:11 | 000,000,000 | ---D | M] (Add to Search Bar) -- C:\Users\Sven\AppData\Roaming\mozilla\Firefox\Profiles\e5lepv06.default\extensions\add-to-searchbox@maltekraus.de

[2010.05.30 08:54:37 | 000,000,000 | ---D | M] ("Bookcrossing Helferlein") -- C:\Users\Sven\AppData\Roaming\mozilla\Firefox\Profiles\e5lepv06.default\extensions\bookcrossing@ardik.net

[2010.11.22 17:57:19 | 000,000,000 | ---D | M] (German Dictionary) -- C:\Users\Sven\AppData\Roaming\mozilla\Firefox\Profiles\e5lepv06.default\extensions\de-DE@dictionaries.addons.mozilla.org

[2010.03.28 12:01:17 | 000,000,000 | ---D | M] (GutscheinRausch.de) -- C:\Users\Sven\AppData\Roaming\mozilla\Firefox\Profiles\e5lepv06.default\extensions\jl@leimbach-it.de

[2012.01.10 00:14:31 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions

[2012.01.10 00:14:22 | 000,121,816 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll

[2011.10.03 04:06:04 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll

[2010.03.08 11:24:04 | 000,103,168 | ---- | M] (Midasplayer Ltd) -- C:\Program Files\mozilla firefox\plugins\npmidas.dll

[2006.07.31 15:07:16 | 000,098,304 | ---- | M] (Zylom) -- C:\Program Files\mozilla firefox\plugins\npzylomgamesplayer.dll

[2011.09.30 08:16:31 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml

[2011.09.30 08:16:31 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml

[2011.09.30 08:16:31 | 000,001,153 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml

[2011.09.30 08:16:31 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml

[2011.09.30 08:16:31 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml

[2011.09.30 08:16:31 | 000,001,105 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml

 

O1 HOSTS File: ([2006.09.18 22:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts

O1 - Hosts: 127.0.0.1       localhost

O1 - Hosts: ::1             localhost

O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.

O2 - BHO: (Winamp Toolbar Loader) - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Programme\Winamp Toolbar\winamptb.dll (AOL LLC.)

O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Programme\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)

O2 - BHO: (AdiCash Toolbar) - {85223548-4D57-4A3B-896B-145985F681C6} - C:\Programme\AdiCash\Toolbar.dll (Andasa GmbH)

O2 - BHO: (Windows Live Anmelde-Hilfsprogramm) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)

O2 - BHO: (MyAshampoo Toolbar) - {a1e75a0e-4397-4ba8-bb50-e19fb66890f4} - C:\Programme\MyAshampoo\tbMyAs.dll (Conduit Ltd.)

O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)

O2 - BHO: (AdiCash Toolbar) - {BB9540F0-94B9-4fe8-A2E1-DE3A506ECD4B} - C:\Programme\AdiCash\Toolbar.dll (Andasa GmbH)

O2 - BHO: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Programme\Ask.com\GenericAskToolbar.dll (Ask.com)

O3 - HKLM\..\Toolbar: (AdiCash Toolbar) - {6AA99CB6-74AF-4136-A6C6-C64C95333249} - C:\Programme\AdiCash\Toolbar.dll (Andasa GmbH)

O3 - HKLM\..\Toolbar: (MyAshampoo Toolbar) - {a1e75a0e-4397-4ba8-bb50-e19fb66890f4} - C:\Programme\MyAshampoo\tbMyAs.dll (Conduit Ltd.)

O3 - HKLM\..\Toolbar: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Programme\Ask.com\GenericAskToolbar.dll (Ask.com)

O3 - HKLM\..\Toolbar: (Winamp Toolbar) - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Programme\Winamp Toolbar\winamptb.dll (AOL LLC.)

O3 - HKCU\..\Toolbar\WebBrowser: (MyAshampoo Toolbar) - {A1E75A0E-4397-4BA8-BB50-E19FB66890F4} - C:\Programme\MyAshampoo\tbMyAs.dll (Conduit Ltd.)

O3 - HKCU\..\Toolbar\WebBrowser: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Programme\Ask.com\GenericAskToolbar.dll (Ask.com)

O3 - HKCU\..\Toolbar\WebBrowser: (Winamp Toolbar) - {EBF2BA02-9094-4C5A-858B-BB198F3D8DE2} - C:\Programme\Winamp Toolbar\winamptb.dll (AOL LLC.)

O4 - HKLM..\Run: [ALUAlert] C:\Program Files\Symantec\LiveUpdate\ALuNotify.exe (Symantec Corporation)

O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)

O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)

O4 - HKLM..\Run: [Conime] C:\Windows\System32\conime.exe (Microsoft Corporation)

O4 - HKLM..\Run: [DivXUpdate] C:\Program Files\DivX\DivX Update\DivXUpdate.exe ()

O4 - HKLM..\Run: [EKIJ5000StatusMonitor] C:\Windows\System32\spool\drivers\w32x86\3\EKIJ5000MUI.exe (Eastman Kodak Company)

O4 - HKLM..\Run: [HP Health Check Scheduler] c:\Programme\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe (Hewlett-Packard)

O4 - HKLM..\Run: [PTHOSTTR] C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\PTHOSTTR.EXE (Hewlett-Packard Development Company, L.P.)

O4 - HKLM..\Run: [snpstd3] C:\Windows\vsnpstd3.exe ()

O4 - HKLM..\Run: [Symantec PIF AlertEng] C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe (Symantec Corporation)

O4 - HKLM..\Run: [SynTPStart] C:\Programme\Synaptics\SynTP\SynTPStart.exe (Synaptics, Inc.)

O4 - HKLM..\Run: [vspdfprsrv.exe] C:\Program Files\Visagesoft\eXPert PDF\vspdfprsrv.exe ()

O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)

O4 - HKCU..\Run: [fsm]  File not found

O4 - HKCU..\Run: [Mozilla client] C:\Users\Sven\AppData\Local\Mozilla\Firefox\firefox.exe (Корпорация Майкрософт)

O4 - HKCU..\Run: [Software Informer] C:\Program Files\Software Informer\softinfo.exe (Informer Technologies, Inc.)

O4 - HKCU..\Run: [UpdateStar] C:\Users\Sven\AppData\Roaming\UpdateStar\UpdateStar.exe (UpdateStar GmbH)

O4 - HKCU..\Run: [WMPNSCFG] C:\Programme\Windows Media Player\wmpnscfg.exe (Microsoft Corporation)

O4 - HKLM..\RunOnce: [ST Recovery Launcher] C:\Windows\SMINST\Launcher.exe (soft thinks)

O4 - Startup: C:\Users\Sven\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\STRATO HiDrive.lnk = C:\Programme\STRATO AG\STRATO HiDrive\STRATO HiDrive.exe (STRATO)

O4 - Startup: C:\Users\Sven\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Trillian.lnk = C:\Programme\Trillian\trillian.exe (Cerulean Studios)

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoAddPrinter = 0

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDeletePrinter = 0

O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispCPL = 0

O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispScrSavPage = 0

O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispBackgroundPage = 0

O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispAppearancePage = 0

O8 - Extra context menu item: &Winamp Search - C:\ProgramData\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html ()

O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 File not found

O9 - Extra Button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)

O9 - Extra 'Tools' menuitem : Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)

O9 - Extra Button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Programme\ICQ6\ICQ.exe (ICQ, Inc.)

O9 - Extra 'Tools' menuitem : ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Programme\ICQ6\ICQ.exe (ICQ, Inc.)

O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)

O13 - gopher Prefix: missing

O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)

O16 - DPF: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_01-windows-i586.cab (Java Plug-in 1.6.0_01)

O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab (Java Plug-in 1.6.0_05)

O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab (Java Plug-in 1.6.0_07)

O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)

O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1

O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{587E462A-1180-424B-BCB3-ACFACD43F9C9}: DhcpNameServer = 192.168.178.1

O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)

O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\Windows\explorer.exe (Microsoft Corporation)

O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) -C:\Windows\System32\userinit.exe (Microsoft Corporation)

O20 - Winlogon\Notify\DeviceNP: DllName - (DeviceNP.dll) - C:\Windows\System32\DeviceNP.dll (Hewlett-Packard Limited)

O32 - HKLM CDRom: AutoRun - 1

O32 - AutoRun File - [2009.12.14 10:00:22 | 000,008,192 | ---- | M] (Microsoft) - E:\AutoOff.exe -- [ NTFS ]

O32 - AutoRun File - [2010.11.02 14:29:16 | 000,000,073 | ---- | M] () - E:\Autorun.inf -- [ NTFS ]

O32 - AutoRun File - [2004.04.30 16:01:00 | 000,000,053 | -HS- | M] () - F:\Autorun.inf -- [ NTFS ]

O33 - MountPoints2\{589453fd-4015-11de-b1c3-001a4b6665bf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL F:\Info.exe protect.ed 480 480

O34 - HKLM BootExecute: (autocheck autochk *)

O35 - HKLM\..comfile [open] -- "%1" %*

O35 - HKLM\..exefile [open] -- "%1" %*

O37 - HKLM\...com [@ = comfile] -- "%1" %*

O37 - HKLM\...exe [@ = exefile] -- "%1" %*

 

ActiveX: {0213C6AF-5562-4D09-884C-2ADCFC8C2F35} - Microsoft .NET Framework 1.1 Security Update (KB2656353)

ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)

ActiveX: {10880D85-AAD9-4558-ABDC-2AB1552D831F} - "C:\Program Files\Common Files\LightScribe\LSRunOnce.exe"

ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - 

ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 11.0

ActiveX: {25FFAAD0-F4A3-4164-95FF-4461E9F35D51} - .NET Framework

ActiveX: {2A3320D6-C805-4280-B423-B665BDE33D8F} - Microsoft .NET Framework 1.1 Security Update (KB979906)

ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll

ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack

ActiveX: {3C3901C5-3455-3E0A-A214-0B093A5070A6} - .NET Framework

ActiveX: {411EDCF7-755D-414E-A74B-3DCD6583F589} - Microsoft .NET Framework 1.1 Service Pack 1 (KB867460)

ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE

ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - 

ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx

ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help

ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.8

ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools

ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements

ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player

ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access

ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7

ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework

ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll

ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\system32\ie4uinit.exe -BaseSettings

ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install

ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding

ActiveX: {A8D647C8-65AC-409F-B7B2-3C0FEE1A32F2} - C:\Program Files\PixiePack Codec Pack\InstallerHelper.exe

ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts

ActiveX: {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} - .NET Framework

ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1

ActiveX: {D27CDB6E-AE6D-11CF-96B8-444553540000} - Adobe Flash Player

ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help

ActiveX: {E78BFA60-5393-4C38-82AB-E8019E464EB4} - .NET Framework

ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface

ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\Windows\system32\unregmp2.exe /ShowWMP

ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\system32\ie4uinit.exe -UserIconConfig

ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP

 

NetSvcs: FastUserSwitchingCompatibility -  File not found

NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation)

NetSvcs: Nla -  File not found

NetSvcs: Ntmssvc -  File not found

NetSvcs: NWCWorkstation -  File not found

NetSvcs: Nwsapagent -  File not found

NetSvcs: SRService -  File not found

NetSvcs: WmdmPmSp -  File not found

NetSvcs: LogonHours -  File not found

NetSvcs: PCAudit -  File not found

NetSvcs: helpsvc -  File not found

NetSvcs: uploadmgr -  File not found

 

MsConfig - StartUpReg: Adobe ARM - hkey= - key= - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)

MsConfig - StartUpReg: Adobe Reader Speed Launcher - hkey= - key= -  File not found

MsConfig - StartUpReg: DivXUpdate - hkey= - key= - C:\Program Files\DivX\DivX Update\DivXUpdate.exe ()

MsConfig - StartUpReg: WinampAgent - hkey= - key= - C:\Program Files\Winamp\winampa.exe ()

MsConfig - State: "startup" - 2

 

CREATERESTOREPOINT

Error creating restore point.

 
 ========== Files/Folders - Created Within 30 Days ==========

 

[2012.01.27 15:57:53 | 000,000,000 | ---D | C] -- C:\Users\Sven\AppData\Local\DDMSettings

[2012.01.15 21:42:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes

[2012.01.15 21:39:37 | 000,000,000 | ---D | C] -- C:\Program Files\iPod

[2012.01.04 01:48:42 | 000,354,176 | ---- | C] (DivX, Inc.) -- C:\Windows\System32\DivXControlPanelApplet.cpl

[2008.04.05 02:21:33 | 000,172,032 | ---- | C] ( ) -- C:\Windows\System32\rsnpstd3.dll

[2008.04.05 02:21:33 | 000,057,344 | ---- | C] ( ) -- C:\Windows\System32\vsnpstd3.dll

[2008.04.05 02:21:33 | 000,053,248 | ---- | C] ( ) -- C:\Windows\System32\csnpstd3.dll

[2008.04.05 02:21:33 | 000,053,248 | ---- | C] ( ) -- C:\Windows\csnpstd3.dll

[2007.11.26 09:38:17 | 006,385,664 | ---- | C] (Superfirm) -- C:\Program Files\Multidecoder.exe

 
 ========== Files - Modified Within 30 Days ==========

 

[2012.01.30 12:52:15 | 000,016,384 | ---- | M] () -- C:\Windows\System32\Ikeext.etl

[2012.01.30 12:52:06 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat

[2012.01.30 12:12:58 | 000,001,090 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job

[2012.01.30 12:12:32 | 000,003,168 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0

[2012.01.30 12:12:32 | 000,003,168 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0

[2012.01.29 20:53:25 | 000,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat

[2012.01.29 17:00:10 | 000,001,094 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

[2012.01.28 21:25:13 | 000,097,792 | ---- | M] () -- C:\Users\Sven\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[2012.01.27 15:56:23 | 000,001,438 | ---- | M] () -- C:\Users\Sven\Desktop\DivX Movies.lnk

[2012.01.27 15:53:13 | 000,000,917 | ---- | M] () -- C:\Users\Public\Desktop\DivX Plus Player.lnk

[2012.01.23 16:25:34 | 000,638,748 | ---- | M] () -- C:\Windows\System32\perfh007.dat

[2012.01.23 16:25:34 | 000,604,324 | ---- | M] () -- C:\Windows\System32\perfh009.dat

[2012.01.23 16:25:34 | 000,130,668 | ---- | M] () -- C:\Windows\System32\perfc007.dat

[2012.01.23 16:25:34 | 000,107,760 | ---- | M] () -- C:\Windows\System32\perfc009.dat

[2012.01.21 22:20:49 | 000,000,318 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleForSven.job

[2012.01.15 21:42:06 | 000,001,664 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk

[2012.01.04 01:48:42 | 000,354,176 | ---- | M] (DivX, Inc.) -- C:\Windows\System32\DivXControlPanelApplet.cpl

[2012.01.02 10:09:49 | 000,000,981 | ---- | M] () -- C:\Users\Sven\Desktop\Bücher.lnk

 
 ========== Files Created - No Company Name ==========

 

[2012.01.27 15:56:23 | 000,001,438 | ---- | C] () -- C:\Users\Sven\Desktop\DivX Movies.lnk

[2012.01.27 15:53:13 | 000,000,917 | ---- | C] () -- C:\Users\Public\Desktop\DivX Plus Player.lnk

[2012.01.15 21:42:06 | 000,001,664 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk

[2011.09.24 06:28:31 | 000,108,032 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll

[2011.04.26 02:05:19 | 000,000,026 | ---- | C] () -- C:\Windows\NeoSetup.INI

[2010.08.27 19:24:02 | 000,000,023 | -HS- | C] () -- C:\Windows\System32\edacded0.dat

[2010.05.14 08:28:25 | 000,000,118 | ---- | C] () -- C:\Windows\Podcasts.INI

[2010.05.13 16:35:20 | 000,019,456 | ---- | C] () -- C:\Users\Sven\AppData\Local\WebpageIcons.db

[2010.04.14 07:16:37 | 000,262,144 | ---- | C] () -- C:\Windows\System32\GfKLSPService.DLL

[2009.10.20 14:47:53 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin

[2009.10.20 14:47:52 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll

[2009.05.13 23:31:41 | 000,247,560 | ---- | C] () -- C:\Windows\System32\prgiso.dll

[2009.05.13 23:31:35 | 004,244,744 | ---- | C] () -- C:\Windows\System32\qtp-mt334.dll

[2009.05.13 23:31:35 | 000,013,576 | ---- | C] () -- C:\Windows\System32\wnaspi32.dll

[2008.11.26 01:30:16 | 000,032,608 | ---- | C] () -- C:\Windows\king-uninstall.exe

[2008.10.30 13:11:27 | 000,000,092 | ---- | C] () -- C:\Users\Sven\AppData\Local\fusioncache.dat

[2008.09.23 02:02:46 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin

[2008.07.13 05:30:02 | 000,000,048 | ---- | C] () -- C:\Windows\WinInit.Ini

[2008.06.20 02:39:57 | 000,671,232 | ---- | C] () -- C:\Windows\System32\dfrgui.exe

[2008.04.05 02:21:42 | 000,835,584 | ---- | C] () -- C:\Windows\vsnpstd3.exe

[2008.04.05 02:21:34 | 000,015,498 | ---- | C] () -- C:\Windows\snpstd3.ini

[2008.03.27 20:29:09 | 000,008,723 | ---- | C] () -- C:\ProgramData\LUUnInstall.LiveUpdate

[2008.03.12 16:41:48 | 000,000,126 | ---- | C] () -- C:\Windows\System32\AF15IRTBL.bin

[2008.02.21 01:19:39 | 000,014,336 | ---- | C] () -- C:\Windows\System32\vsmon1.dll

[2007.11.06 03:07:56 | 000,097,792 | ---- | C] () -- C:\Users\Sven\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[2007.11.06 03:02:11 | 000,000,235 | ---- | C] () -- C:\Users\Sven\AppData\Roaming\devices.xml

[2007.11.06 03:02:11 | 000,000,012 | ---- | C] () -- C:\Users\Sven\AppData\Roaming\settings.xml

[2007.11.05 22:18:46 | 000,020,458 | ---- | C] () -- C:\Windows\hpoins01.dat

[2007.11.05 22:18:46 | 000,016,622 | ---- | C] () -- C:\Windows\hpomdl01.dat

[2007.10.14 22:08:57 | 000,303,616 | ---- | C] () -- C:\Windows\System32\TX32.DLL

[2007.10.14 22:08:57 | 000,000,202 | ---- | C] () -- C:\Windows\System32\IC32.INI

[2007.10.11 17:58:13 | 000,000,305 | ---- | C] () -- C:\ProgramData\addr_file.html

[2007.10.10 04:37:20 | 000,001,356 | ---- | C] () -- C:\Users\Sven\AppData\Local\d3d9caps.dat

[2007.10.10 04:24:41 | 000,022,530 | ---- | C] () -- C:\Users\Sven\AppData\Roaming\phpdesigner2007_5_2.xml

[2007.10.10 04:20:51 | 000,159,744 | ---- | C] () -- C:\Windows\System32\aip504.dll

[2007.10.10 04:20:51 | 000,028,672 | ---- | C] () -- C:\Windows\System32\VWBMP.dll

[2007.10.10 04:20:51 | 000,028,672 | ---- | C] () -- C:\Windows\System32\VMIO.dll

[2007.10.10 04:20:51 | 000,014,380 | ---- | C] () -- C:\Windows\Tw100.ini

[2007.10.10 04:20:51 | 000,014,118 | ---- | C] () -- C:\Windows\USB_CAM.INI

[2007.10.10 04:20:51 | 000,001,721 | ---- | C] () -- C:\Windows\Ca100.ini

[2007.10.10 04:20:51 | 000,000,156 | ---- | C] () -- C:\Windows\Setup504.ini

[2007.10.10 04:20:50 | 000,192,512 | ---- | C] () -- C:\Windows\System32\IPSK.dll

[2007.10.10 04:20:50 | 000,184,320 | ---- | C] () -- C:\Windows\System32\jpg32.dll

[2007.10.10 04:20:50 | 000,028,672 | ---- | C] () -- C:\Windows\System32\VWJPG.dll

[2007.10.10 04:16:27 | 000,134,074 | ---- | C] () -- C:\Windows\ColorPic Uninstaller.exe

[2007.10.10 03:59:14 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat

[2007.10.09 21:58:05 | 000,000,043 | ---- | C] () -- C:\Windows\System32\Writer.ini

[2007.10.09 10:39:36 | 000,204,800 | ---- | C] () -- C:\Windows\System32\IVIresizeW7.dll

[2007.10.09 10:39:36 | 000,200,704 | ---- | C] () -- C:\Windows\System32\IVIresizeA6.dll

[2007.10.09 10:39:36 | 000,192,512 | ---- | C] () -- C:\Windows\System32\IVIresizeP6.dll

[2007.10.09 10:39:36 | 000,192,512 | ---- | C] () -- C:\Windows\System32\IVIresizeM6.dll

[2007.10.09 10:39:36 | 000,188,416 | ---- | C] () -- C:\Windows\System32\IVIresizePX.dll

[2007.10.09 10:39:35 | 000,020,480 | ---- | C] () -- C:\Windows\System32\IVIresize.dll

[2007.09.13 14:31:06 | 000,147,456 | ---- | C] () -- C:\Windows\System32\igfxCoIn_v1329.dll

[2007.09.13 14:22:46 | 000,104,636 | ---- | C] () -- C:\Windows\System32\igmedcompkrn.dll

[2007.06.08 08:05:38 | 000,274,432 | ---- | C] () -- C:\Windows\System32\flcdlmsg.dll

[2007.06.07 03:26:36 | 000,204,800 | ---- | C] () -- C:\Windows\System32\igfxCoIn_v1287.dll

[2007.06.07 03:02:10 | 000,910,304 | ---- | C] () -- C:\Windows\System32\igmedkrn.dll

[2007.06.07 02:15:28 | 000,249,856 | ---- | C] () -- C:\Windows\System32\igfxTMM.dll

[2006.11.09 17:42:33 | 000,000,012 | ---- | C] () -- C:\Windows\bthservsdp.dat

[2006.11.09 17:42:05 | 000,000,000 | ---- | C] () -- C:\Windows\System32\atiicdxx.dat

[2006.11.02 16:38:05 | 000,638,748 | ---- | C] () -- C:\Windows\System32\perfh007.dat

[2006.11.02 16:38:05 | 000,290,748 | ---- | C] () -- C:\Windows\System32\perfi007.dat

[2006.11.02 16:38:05 | 000,130,668 | ---- | C] () -- C:\Windows\System32\perfc007.dat

[2006.11.02 16:38:05 | 000,036,916 | ---- | C] () -- C:\Windows\System32\perfd007.dat

[2006.11.02 13:53:49 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat

[2006.11.02 13:44:53 | 000,444,328 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT

[2006.11.02 11:33:01 | 000,604,324 | ---- | C] () -- C:\Windows\System32\perfh009.dat

[2006.11.02 11:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat

[2006.11.02 11:33:01 | 000,107,760 | ---- | C] () -- C:\Windows\System32\perfc009.dat

[2006.11.02 11:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat

[2006.11.02 11:25:44 | 000,159,744 | ---- | C] () -- C:\Windows\System32\atitmmxx.dll

[2006.11.02 11:25:26 | 000,557,568 | ---- | C] () -- C:\Windows\System32\hpotscl1.dll

[2006.11.02 11:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat

[2006.11.02 09:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin

[2006.11.02 09:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT

[2006.11.02 08:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini

[2006.11.02 08:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat

[2006.03.09 11:58:00 | 001,060,424 | ---- | C] () -- C:\Windows\System32\WdfCoInstaller01000.dll

 
 ========== LOP Check ==========

 

[2008.02.04 11:28:42 | 000,000,000 | ---D | M] -- C:\Users\Sven\AppData\Roaming\1&1

[2010.01.31 10:55:48 | 000,000,000 | ---D | M] -- C:\Users\Sven\AppData\Roaming\AdiCash

[2009.10.20 03:26:22 | 000,000,000 | ---D | M] -- C:\Users\Sven\AppData\Roaming\Amazon

[2011.04.21 02:59:32 | 000,000,000 | ---D | M] -- C:\Users\Sven\AppData\Roaming\Ancient Quest of Saqqarah__intenium

[2010.10.02 15:09:00 | 000,000,000 | ---D | M] -- C:\Users\Sven\AppData\Roaming\Any Video Converter

[2010.07.07 15:43:14 | 000,000,000 | ---D | M] -- C:\Users\Sven\AppData\Roaming\Audacity

[2011.09.16 20:16:04 | 000,000,000 | ---D | M] -- C:\Users\Sven\AppData\Roaming\calibre

[2010.03.28 15:34:12 | 000,000,000 | ---D | M] -- C:\Users\Sven\AppData\Roaming\CloneSpy

[2011.03.03 14:14:47 | 000,000,000 | ---D | M] -- C:\Users\Sven\AppData\Roaming\elsterformular

[2008.05.21 15:25:05 | 000,000,000 | ---D | M] -- C:\Users\Sven\AppData\Roaming\eXPert PDF Editor

[2010.01.23 01:58:04 | 000,000,000 | ---D | M] -- C:\Users\Sven\AppData\Roaming\Free Download Manager

[2011.04.21 13:57:55 | 000,000,000 | ---D | M] -- C:\Users\Sven\AppData\Roaming\FreeDoko

[2011.08.29 18:17:26 | 000,000,000 | ---D | M] -- C:\Users\Sven\AppData\Roaming\GrassGames

[2011.12.21 23:07:41 | 000,000,000 | ---D | M] -- C:\Users\Sven\AppData\Roaming\gtk-2.0

[2007.11.27 15:05:36 | 000,000,000 | ---D | M] -- C:\Users\Sven\AppData\Roaming\ICQ

[2008.01.15 13:36:49 | 000,000,000 | ---D | M] -- C:\Users\Sven\AppData\Roaming\InterVideo

[2008.04.19 12:03:07 | 000,000,000 | ---D | M] -- C:\Users\Sven\AppData\Roaming\KompoZer

[2010.08.18 11:49:07 | 000,000,000 | ---D | M] -- C:\Users\Sven\AppData\Roaming\LG Electronics

[2009.08.08 17:28:00 | 000,000,000 | ---D | M] -- C:\Users\Sven\AppData\Roaming\OpenOffice.org

[2011.11.08 19:51:02 | 000,000,000 | ---D | M] -- C:\Users\Sven\AppData\Roaming\phonostar GmbH

[2010.02.28 19:59:05 | 000,000,000 | ---D | M] -- C:\Users\Sven\AppData\Roaming\phonostar-Player

[2007.10.10 04:24:40 | 000,000,000 | ---D | M] -- C:\Users\Sven\AppData\Roaming\PHP Designer 2007

[2007.11.06 13:48:42 | 000,000,000 | ---D | M] -- C:\Users\Sven\AppData\Roaming\PreisHai4

[2007.10.13 22:11:52 | 000,000,000 | ---D | M] -- C:\Users\Sven\AppData\Roaming\SampleView

[2011.04.26 02:18:54 | 000,000,000 | ---D | M] -- C:\Users\Sven\AppData\Roaming\ScreenSeven

[2007.10.12 00:30:30 | 000,000,000 | ---D | M] -- C:\Users\Sven\AppData\Roaming\SecondLife

[2012.01.30 12:17:00 | 000,000,000 | ---D | M] -- C:\Users\Sven\AppData\Roaming\Software Informer

[2010.09.05 15:51:09 | 000,000,000 | ---D | M] -- C:\Users\Sven\AppData\Roaming\STRATO

[2010.02.28 20:06:26 | 000,000,000 | ---D | M] -- C:\Users\Sven\AppData\Roaming\System Tweaker

[2011.04.12 23:31:36 | 000,000,000 | ---D | M] -- C:\Users\Sven\AppData\Roaming\Temp

[2009.06.04 13:12:45 | 000,000,000 | ---D | M] -- C:\Users\Sven\AppData\Roaming\Thunderbird

[2009.09.07 23:06:00 | 000,000,000 | ---D | M] -- C:\Users\Sven\AppData\Roaming\Trillian

[2011.06.19 06:18:19 | 000,000,000 | ---D | M] -- C:\Users\Sven\AppData\Roaming\Uniblue

[2011.03.29 18:40:41 | 000,000,000 | ---D | M] -- C:\Users\Sven\AppData\Roaming\UpdateStar

[2012.01.29 20:53:38 | 000,032,542 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

 
 ========== Purity Check ==========

 

 

 
 ========== Custom Scans ==========

 

 
 < %SYSTEMDRIVE%\*. >

[2007.10.09 10:55:23 | 000,000,000 | -HSD | M] -- C:\$Recycle.Bin

[2011.05.15 02:03:19 | 000,000,000 | -H-D | M] -- C:\blyadstvoeb

[2009.10.21 08:09:58 | 000,000,000 | -HSD | M] -- C:\boot

[2009.09.23 23:49:33 | 000,000,000 | ---D | M] -- C:\Diagnostics

[2006.11.02 13:59:44 | 000,000,000 | -HSD | M] -- C:\Documents and Settings

[2006.11.09 17:46:51 | 000,000,000 | -HSD | M] -- C:\Dokumente und Einstellungen

[2008.04.11 22:37:37 | 000,000,000 | ---D | M] -- C:\Downloads

[2008.04.01 20:09:46 | 000,000,000 | ---D | M] -- C:\drivers

[2009.12.11 06:34:08 | 000,000,000 | ---D | M] -- C:\f7e8c9ef01d98f9ba77a35314c700cc2

[2011.04.03 13:02:51 | 000,000,000 | -HSD | M] -- C:\found.000

[2011.01.24 14:56:22 | 000,000,000 | ---D | M] -- C:\found.001

[2011.04.28 14:04:11 | 000,000,000 | -HSD | M] -- C:\found.002

[2011.10.13 12:36:09 | 000,000,000 | -HSD | M] -- C:\found.003

[2007.07.27 11:35:20 | 000,000,000 | -H-D | M] -- C:\hp

[2007.10.12 01:49:17 | 000,000,000 | ---D | M] -- C:\Intel

[2009.08.28 22:14:37 | 000,000,000 | ---D | M] -- C:\Microgaming

[2008.04.05 02:25:48 | 000,000,000 | ---D | M] -- C:\MyAlbum

[2008.06.21 07:28:03 | 000,000,000 | ---D | M] -- C:\PerfLogs

[2012.01.15 21:39:37 | 000,000,000 | R--D | M] -- C:\Program Files

[2011.10.25 22:29:03 | 000,000,000 | -H-D | M] -- C:\ProgramData

[2006.11.09 17:46:51 | 000,000,000 | -HSD | M] -- C:\Programme

[2011.07.07 01:41:03 | 000,000,000 | -H-D | M] -- C:\Record.Cl

[2010.08.18 12:49:39 | 000,000,000 | ---D | M] -- C:\Sounds

[2009.08.06 12:17:39 | 000,000,000 | ---D | M] -- C:\SwSetup

[2007.10.09 11:16:08 | 000,000,000 | -HSD | M] -- C:\System Recovery

[2012.01.29 06:06:31 | 000,000,000 | -HSD | M] -- C:\System Volume Information

[2008.02.19 13:48:43 | 000,000,000 | -H-D | M] -- C:\System.sav

[2007.10.27 04:42:15 | 000,000,000 | ---D | M] -- C:\Temp

[2007.10.09 10:36:15 | 000,000,000 | R--D | M] -- C:\Users

[2012.01.29 17:52:03 | 000,000,000 | ---D | M] -- C:\Windows

 
 < %PROGRAMFILES%\*.exe >

[2007.10.31 12:02:32 | 006,385,664 | ---- | M] (Superfirm) -- C:\Program Files\Multidecoder.exe

 
 < %LOCALAPPDATA%\*.exe >

 
 < %systemroot%\*. /mp /s >

 

 
 < MD5 for: AGP440.SYS  >

[2008.01.19 08:42:25 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_51b95d75\AGP440.sys

[2008.01.19 08:42:25 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_f750e484\AGP440.sys

[2008.01.19 08:42:25 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6001.18000_none_ba12ed3bbeb0d97a\AGP440.sys

[2008.01.19 08:42:25 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6002.18005_none_bbfe6647bbd2a4c6\AGP440.sys

[2007.07.27 11:16:45 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=313FF294978EA6AF715722D708FB249F -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6000.20494_none_b858f78adaed51b3\AGP440.sys

[2007.07.27 11:16:46 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=CE71AFD6738AA025D742CDBCFBDC8B9C -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_f2490cb0\AGP440.sys

[2007.07.27 11:16:46 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=CE71AFD6738AA025D742CDBCFBDC8B9C -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6000.16399_none_b7d45c31c1cb309c\AGP440.sys

[2006.11.02 10:49:52 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=EF23439CDD587F64C2C1B8825CEAD7D8 -- C:\Windows\System32\drivers\AGP440.sys

[2006.11.02 10:49:52 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=EF23439CDD587F64C2C1B8825CEAD7D8 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_920a2c1f\AGP440.sys

 
 < MD5 for: ATAPI.SYS  >

[2009.04.11 07:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\System32\drivers\atapi.sys

[2009.04.11 07:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_b12d8e84\atapi.sys

[2009.04.11 07:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6002.18005_none_df23a1261eab99e8\atapi.sys

[2007.10.24 04:56:19 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=224505155EC3E36D7A1F36E446F04C2A -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_ecc53ff9\atapi.sys

[2007.10.24 04:56:19 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=224505155EC3E36D7A1F36E446F04C2A -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6000.16584_none_daff695624a08568\atapi.sys

[2008.01.19 08:41:30 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_cc18792d\atapi.sys

[2008.01.19 08:41:30 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.18000_none_dd38281a2189ce9c\atapi.sys

[2006.11.02 10:49:36 | 000,019,048 | ---- | M] (Microsoft Corporation) MD5=4F4FCB8B6EA06784FB6D475B7EC7300F -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_c6c2e699\atapi.sys

[2008.02.14 03:07:29 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=B35CFCEF838382AB6490B321C87EDF17 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_7de13c21\atapi.sys

[2008.02.14 03:07:29 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=B35CFCEF838382AB6490B321C87EDF17 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6000.16632_none_db337a442479c42c\atapi.sys

[2007.10.24 05:11:26 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=BFD3DF48C9ED81934FE21E8E3CFC2496 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_27cad3e5\atapi.sys

[2007.10.24 05:11:26 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=BFD3DF48C9ED81934FE21E8E3CFC2496 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6000.20707_none_dbe288453d7a8ed6\atapi.sys

[2008.02.14 03:07:27 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=E03E8C99D15D0381E02743C36AFC7C6F -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_64dfd8ea\atapi.sys

[2008.02.14 03:07:27 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=E03E8C99D15D0381E02743C36AFC7C6F -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6000.20757_none_dbac78a93da31a8b\atapi.sys

[2007.08.09 03:27:33 | 000,021,688 | ---- | M] (Microsoft Corporation) MD5=F3215E5525CE4AC9AF6C835BAE5DAC3A -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_2c2f89e5\atapi.sys

[2007.08.09 03:27:33 | 000,021,688 | ---- | M] (Microsoft Corporation) MD5=F3215E5525CE4AC9AF6C835BAE5DAC3A -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6000.20657_none_dbac76c33da31d64\atapi.sys

 
 < MD5 for: CNGAUDIT.DLL  >

[2006.11.02 10:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\System32\cngaudit.dll

[2006.11.02 10:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.0.6000.16386_none_e62d292932a96ce6\cngaudit.dll

 
 < MD5 for: EXPLORER.EXE  >

[2008.10.29 07:20:29 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=37440D09DEAE0B672A04DCCF7ABF06BE -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16771_none_4f83bb287ccdb7e3\explorer.exe

[2008.10.29 07:29:41 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=4F554999D7D5F05DAAEBBA7B5BA1089D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18164_none_5177ca9879e978e8\explorer.exe

[2008.10.30 04:59:17 | 002,927,616 | ---- | M] (Microsoft Corporation) MD5=50BA5850147410CDE89C523AD3BC606E -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.22298_none_51e4f8c7931bd1e1\explorer.exe

[2007.11.13 20:03:09 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=6D06CD98D954FE87FB2DB8108793B399 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16549_none_4fac29707cae347a\explorer.exe

[2007.11.13 20:03:08 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=BD06F0BF753BC704B653C3A50F89D362 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20668_none_501f261995dcf2cf\explorer.exe

[2009.04.11 07:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\explorer.exe

[2009.04.11 07:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6002.18005_none_53a0201e76de3a0b\explorer.exe

[2008.10.28 03:15:02 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=E7156B0B74762D9DE0E66BDCDE06E5FB -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20947_none_5033cb5995cd990b\explorer.exe

[2006.11.02 10:45:07 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=FD8C53FB002217F6F888BCF6F5D7084D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16386_none_4f7de5167cd15deb\explorer.exe

[2008.01.19 08:33:10 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=FFA764631CB70A30065C12EF8E174F9F -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18000_none_51b4a71279bc6ebf\explorer.exe

 
 < MD5 for: IASTOR.SYS  >

[2007.03.21 13:58:56 | 000,304,920 | ---- | M] (Intel Corporation) MD5=997E8F5939F2D12CD9F2E6B395724C16 -- C:\SwSetup\Drivers\32\HDD\iastor.sys

[2007.03.21 12:58:56 | 000,304,920 | ---- | M] (Intel Corporation) MD5=997E8F5939F2D12CD9F2E6B395724C16 -- C:\SwSetup\SP36132\iastor.sys

[2007.03.21 13:58:56 | 000,304,920 | ---- | M] (Intel Corporation) MD5=997E8F5939F2D12CD9F2E6B395724C16 -- C:\Windows\System32\drivers\iaStor.sys

[2007.03.21 13:58:56 | 000,304,920 | ---- | M] (Intel Corporation) MD5=997E8F5939F2D12CD9F2E6B395724C16 -- C:\Windows\System32\DriverStore\FileRepository\iaahci.inf_3a63e5a6\iaStor.sys

[2007.03.21 13:58:56 | 000,304,920 | ---- | M] (Intel Corporation) MD5=997E8F5939F2D12CD9F2E6B395724C16 -- C:\Windows\System32\DriverStore\FileRepository\iastor.inf_5f6e7be5\iaStor.sys

 
 < MD5 for: IASTORV.SYS  >

[2008.01.19 08:42:51 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_c9df7691\iaStorV.sys

[2008.01.19 08:42:51 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.0.6001.18000_none_af11527887c7fa8f\iaStorV.sys

[2006.11.02 10:51:25 | 000,232,040 | ---- | M] (Intel Corporation) MD5=C957BF4B5D80B46C5017BF0101E6C906 -- C:\Windows\System32\drivers\iaStorV.sys

[2006.11.02 10:51:25 | 000,232,040 | ---- | M] (Intel Corporation) MD5=C957BF4B5D80B46C5017BF0101E6C906 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_37cdafa4\iaStorV.sys

 
 < MD5 for: NETLOGON.DLL  >

[2006.11.02 10:46:11 | 000,559,616 | ---- | M] (Microsoft Corporation) MD5=889A2C9F2AACCD8F64EF50AC0B3D553B -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6000.16386_none_fb80f5473b0ed783\netlogon.dll

[2009.04.11 07:28:23 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\System32\netlogon.dll

[2009.04.11 07:28:23 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6002.18005_none_ffa3304f351bb3a3\netlogon.dll

[2008.01.19 08:35:36 | 000,592,384 | ---- | M] (Microsoft Corporation) MD5=A8EFC0B6E75B789F7FD3BA5025D4E37F -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6001.18000_none_fdb7b74337f9e857\netlogon.dll

 
 < MD5 for: NVSTOR.SYS  >

[2006.11.02 10:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) MD5=9E0BA19A28C498A6D323D065DB76DFFC -- C:\Windows\System32\drivers\nvstor.sys

[2006.11.02 10:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) MD5=9E0BA19A28C498A6D323D065DB76DFFC -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_733654ff\nvstor.sys

[2008.01.19 08:42:09 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_31c3d71d\nvstor.sys

[2008.01.19 08:42:09 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.0.6001.18000_none_39dac327befea467\nvstor.sys

 
 < MD5 for: SCECLI.DLL  >

[2008.01.19 08:36:19 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=28B84EB538F7E8A0FE8B9299D591E0B9 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6001.18000_none_380de25bd91b6f12\scecli.dll

[2006.11.02 10:46:12 | 000,176,640 | ---- | M] (Microsoft Corporation) MD5=80E2839D05CA5970A86D7BE2A08BFF61 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6000.16386_none_35d7205fdc305e3e\scecli.dll

[2009.04.11 07:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\System32\scecli.dll

[2009.04.11 07:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6002.18005_none_39f95b67d63d3a5e\scecli.dll

 
 < MD5 for: USER32.DLL  >

[2007.07.27 11:06:02 | 000,633,856 | ---- | M] (Microsoft Corporation) MD5=63B4F59D7C89B1BF5277F1FFEFD491CD -- C:\Windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.0.6000.16438_none_cb39bc5b7047127e\user32.dll

[2009.04.11 07:28:25 | 000,627,712 | ---- | M] (Microsoft Corporation) MD5=75510147B94598407666F4802797C75A -- C:\Windows\System32\user32.dll

[2009.04.11 07:28:25 | 000,627,712 | ---- | M] (Microsoft Corporation) MD5=75510147B94598407666F4802797C75A -- C:\Windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.0.6002.18005_none_cf23e54d6a7e4a7e\user32.dll

[2007.07.27 11:06:02 | 000,633,856 | ---- | M] (Microsoft Corporation) MD5=9D9F061EDA75425FC67F0365E3467C86 -- C:\Windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.0.6000.20537_none_cbc258dc896598f1\user32.dll

[2008.01.19 08:36:46 | 000,627,200 | ---- | M] (Microsoft Corporation) MD5=B974D9F06DC7D1908E825DC201681269 -- C:\Windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.0.6001.18000_none_cd386c416d5c7f32\user32.dll

[2006.11.02 10:46:13 | 000,633,856 | ---- | M] (Microsoft Corporation) MD5=E698A5437B89A285ACA3FF022356810A -- C:\Windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.0.6000.16386_none_cb01aa4570716e5e\user32.dll

 
 < MD5 for: USERINIT.EXE  >

[2008.01.19 08:33:33 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\System32\userinit.exe

[2008.01.19 08:33:33 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6001.18000_none_dc28ba15d1aff80b\userinit.exe

[2006.11.02 10:45:50 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=22027835939F86C3E47AD8E3FBDE3D11 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6000.16386_none_d9f1f819d4c4e737\userinit.exe

 
 < MD5 for: WINLOGON.EXE  >

[2009.04.11 07:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\System32\winlogon.exe

[2009.04.11 07:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6002.18005_none_71ae7a22d2134741\winlogon.exe

[2006.11.02 10:45:57 | 000,308,224 | ---- | M] (Microsoft Corporation) MD5=9F75392B9128A91ABAFB044EA350BAAD -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6000.16386_none_6d8c3f1ad8066b21\winlogon.exe

[2008.01.19 08:33:37 | 000,314,880 | ---- | M] (Microsoft Corporation) MD5=C2610B6BDBEFC053BBDAB4F1B965CB24 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6001.18000_none_6fc30116d4f17bf5\winlogon.exe

 
 < MD5 for: WS2IFSL.SYS  >

[2006.11.02 09:58:26 | 000,015,872 | ---- | M] (Microsoft Corporation) MD5=84620AECDCFD2A7A14E6263927D8C0ED -- C:\Windows\winsxs\x86_microsoft-windows-w..rastructure-ws2ifsl_31bf3856ad364e35_6.0.6000.16386_none_4d4fded8cae2956d\ws2ifsl.sys

[2008.01.19 06:56:49 | 000,015,872 | ---- | M] (Microsoft Corporation) MD5=E3A3CB253C0EC2494D4A61F5E43A389C -- C:\Windows\System32\drivers\ws2ifsl.sys

[2008.01.19 06:56:49 | 000,015,872 | ---- | M] (Microsoft Corporation) MD5=E3A3CB253C0EC2494D4A61F5E43A389C -- C:\Windows\winsxs\x86_microsoft-windows-w..rastructure-ws2ifsl_31bf3856ad364e35_6.0.6001.18000_none_4f86a0d4c7cda641\ws2ifsl.sys

 
 < %systemroot%\system32\drivers\*.sys /lockedfiles >

 
 < %systemroot%\System32\config\*.sav >

[2006.11.02 11:34:05 | 000,008,192 | ---- | M] () -- C:\Windows\System32\config\COMPONENTS.SAV

[2006.11.02 11:34:05 | 000,020,480 | ---- | M] () -- C:\Windows\System32\config\DEFAULT.SAV

[2006.11.02 11:34:05 | 000,008,192 | ---- | M] () -- C:\Windows\System32\config\SECURITY.SAV

[2006.11.02 11:34:08 | 010,133,504 | ---- | M] () -- C:\Windows\System32\config\SOFTWARE.SAV

[2006.11.02 11:34:08 | 001,826,816 | ---- | M] () -- C:\Windows\System32\config\SYSTEM.SAV

 
 < %systemroot%\system32\*.dll /lockedfiles >

 
 < %USERPROFILE%\*.* >

[2011.12.21 23:07:41 | 000,525,870 | ---- | M] () -- C:\Users\Sven\.recently-used.xbel

[2007.12.27 00:01:44 | 000,000,135 | -H-- | M] () -- C:\Users\Sven\hpothb07.dat

[2007.12.27 00:01:44 | 000,000,000 | -H-- | M] () -- C:\Users\Sven\hpothb07.tif

[2002.03.11 09:45:04 | 001,708,856 | ---- | M] (Microsoft Corporation) -- C:\Users\Sven\instmsia.exe

[2002.03.11 10:06:30 | 001,822,520 | ---- | M] (Microsoft Corporation) -- C:\Users\Sven\instmsiw.exe

[2012.01.31 10:12:32 | 003,932,160 | ---- | M] () -- C:\Users\Sven\ntuser.dat

[2012.01.31 10:12:32 | 000,262,144 | -H-- | M] () -- C:\Users\Sven\ntuser.dat.LOG1

[2010.01.14 01:50:28 | 000,262,144 | -H-- | M] () -- C:\Users\Sven\ntuser.dat.LOG2

[2010.03.19 22:04:22 | 000,065,536 | -HS- | M] () -- C:\Users\Sven\ntuser.dat{49917e28-2222-11df-a6bb-001a4b6665bf}.TM.blf

[2010.03.19 22:04:22 | 000,524,288 | -HS- | M] () -- C:\Users\Sven\ntuser.dat{49917e28-2222-11df-a6bb-001a4b6665bf}.TMContainer00000000000000000001.regtrans-ms

[2010.02.28 19:18:53 | 000,524,288 | -HS- | M] () -- C:\Users\Sven\ntuser.dat{49917e28-2222-11df-a6bb-001a4b6665bf}.TMContainer00000000000000000002.regtrans-ms

[2012.01.29 20:52:58 | 000,065,536 | -HS- | M] () -- C:\Users\Sven\ntuser.dat{a16ea852-38af-11df-9042-001a4b6665bf}.TM.blf

[2012.01.29 20:52:58 | 000,524,288 | -HS- | M] () -- C:\Users\Sven\ntuser.dat{a16ea852-38af-11df-9042-001a4b6665bf}.TMContainer00000000000000000001.regtrans-ms

[2010.03.27 18:58:48 | 000,524,288 | -HS- | M] () -- C:\Users\Sven\ntuser.dat{a16ea852-38af-11df-9042-001a4b6665bf}.TMContainer00000000000000000002.regtrans-ms

[2010.02.28 19:12:57 | 000,065,536 | -HS- | M] () -- C:\Users\Sven\NTUSER.DAT{d8932e6d-6a6f-11db-b6ab-a038f15a5785}.TM.blf

[2010.02.28 19:12:57 | 000,524,288 | -HS- | M] () -- C:\Users\Sven\NTUSER.DAT{d8932e6d-6a6f-11db-b6ab-a038f15a5785}.TMContainer00000000000000000001.regtrans-ms

[2007.10.09 21:54:24 | 000,524,288 | -HS- | M] () -- C:\Users\Sven\NTUSER.DAT{d8932e6d-6a6f-11db-b6ab-a038f15a5785}.TMContainer00000000000000000002.regtrans-ms

[2007.10.09 10:36:16 | 000,000,020 | -HS- | M] () -- C:\Users\Sven\ntuser.ini

[2009.04.24 16:01:52 | 140,387,071 | ---- | M] () -- C:\Users\Sven\openofficeorg1.cab

[2009.04.24 16:01:34 | 009,819,136 | ---- | M] () -- C:\Users\Sven\openofficeorg31.msi

[2009.04.24 16:02:14 | 000,451,928 | ---- | M] () -- C:\Users\Sven\setup.exe

[2009.12.16 22:39:24 | 000,000,167 | ---- | M] () -- C:\Users\Sven\udownload.dat

 
 < %USERPROFILE%\Local Settings\Temp\*.exe >

 
 < %USERPROFILE%\Local Settings\Temp\*.dll >

 
 < %USERPROFILE%\Application Data\*.exe >

 
 < HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems|Windows /rs >

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems\\Required: DebugWindows [binary data]

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems\\Windows: %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,12288,512 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ProfileControl=Off MaxRequestThreads=16

 
 ========== Alternate Data Streams ==========

 

@Alternate Data Stream - 100 bytes -> C:\ProgramData\TEMP:F768B6EF
 

< End of report >

--- --- ---

Ach so, und den hier habe ich auch noch, falls der hilft:

OTL Extras logfile
OTL EXTRAS Logfile:

Code:

OTL Extras logfile created on: 31.01.2012 10:12:22 - Run 1

OTL by OldTimer - Version 3.2.31.0     Folder = C:\Users\Sven\Desktop\Setup-Dateien

Windows Vista Home Basic Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation

Internet Explorer (Version = 9.0.8112.16421)

Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

 

1014,52 Mb Total Physical Memory | 259,55 Mb Available Physical Memory | 25,58% Memory free

2,24 Gb Paging File | 1,63 Gb Available in Paging File | 72,87% Paging File free

Paging file location(s): ?:\pagefile.sys

 

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files

Drive C: | 100,26 Gb Total Space | 40,41 Gb Free Space | 40,31% Space Free | Partition Type: NTFS

Drive E: | 1863,01 Gb Total Space | 1107,18 Gb Free Space | 59,43% Space Free | Partition Type: NTFS

Drive F: | 9,03 Gb Total Space | 1,81 Gb Free Space | 20,03% Space Free | Partition Type: NTFS

 

Computer Name: SVENSKLAPPKISTE | User Name: Sven | Logged in as Administrator.

Boot Mode: SafeMode with Networking | Scan Mode: Current user | Quick Scan

Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

 
 ========== Extra Registry (SafeList) ==========

 

 
 ========== File Associations ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)

.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)

.vbe [@ = VBEFile] -- C:\Windows\System32\CScript.exe (Microsoft Corporation)

.vbs [@ = VBSFile] -- C:\Windows\System32\CScript.exe (Microsoft Corporation)

.wsf [@ = WSFFile] -- C:\Windows\System32\CScript.exe (Microsoft Corporation)

 

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]

.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

.wsf [@ = WSFFile] -- Reg Error: Key error. File not found

 
 ========== Shell Spawning ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]

batfile [open] -- "%1" %*

cmdfile [open] -- "%1" %*

comfile [open] -- "%1" %*

cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)

exefile [open] -- "%1" %*

helpfile [open] -- Reg Error: Key error.

hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)

htmlfile [edit] -- Reg Error: Key error.

htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"

http [open] -- "C:\Program Files\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)

https [open] -- "C:\Program Files\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)

inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)

piffile [open] -- "%1" %*

regfile [merge] -- Reg Error: Key error.

scrfile [config] -- "%1"

scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l

scrfile [open] -- "%1" /S

txtfile [edit] -- Reg Error: Key error.

vbefile [open] -- %SystemRoot%\System32\CScript.exe "%1" %* (Microsoft Corporation)

vbsfile [open] -- %SystemRoot%\System32\CScript.exe "%1" %* (Microsoft Corporation)

wsffile [open] -- %SystemRoot%\System32\CScript.exe "%1" %* (Microsoft Corporation)

Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1

Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)

Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Directory [Winamp.Bookmark] -- "C:\Program Files\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft)

Directory [Winamp.Enqueue] -- "C:\Program Files\Winamp\winamp.exe" /ADD "%1" (Nullsoft)

Directory [Winamp.Play] -- "C:\Program Files\Winamp\winamp.exe" "%1" (Nullsoft)

Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)

Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)

Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

 
 ========== Security Center Settings ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

"cval" = 1

"UacDisableNotify" = 1

"InternetSettingsDisableNotify" = 1

"AutoUpdateDisableNotify" = 1

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

"DisableMonitoring" = 1

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

"DisableMonitoring" = 1

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

"DisableMonitoring" = 1

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

"AntiVirusOverride" = 0

"AntiSpywareOverride" = 0

"FirewallOverride" = 0

"VistaSp1" = Reg Error: Unknown registry data type -- File not found

"VistaSp2" = Reg Error: Unknown registry data type -- File not found

 
 ========== Firewall Settings ==========

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

"DisableNotifications" = 0

"EnableFirewall" = 1

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]

"DisableNotifications" = 0

"EnableFirewall" = 1

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]

"DisableNotifications" = 0

"EnableFirewall" = 1

 
 ========== Authorized Applications List ==========

 

 
 ========== Vista Active Open Ports Exception List ==========

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]

"{0B42A390-7E2B-431B-B571-A018D876F6E6}" = lport=9322 | protocol=6 | dir=in | name=ekdiscovery | 

"{24284247-E8D5-4BD9-9C39-507E0284FBD1}" = lport=137 | protocol=17 | dir=in | app=system | 

"{24C8951F-5D62-4E21-8B4D-63F71AB0A9EC}" = lport=445 | protocol=6 | dir=in | app=system | 

"{2D068FEE-3B26-436E-A0F5-8385C0C72881}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | 

"{488D5405-8E51-438B-84F6-F29F358C122D}" = lport=2869 | protocol=6 | dir=in | app=system | 

"{74EFC992-B9B2-41EB-AAB2-F35884986CE1}" = lport=9322 | protocol=6 | dir=in | name=ekdiscovery | 

"{7E1EE02B-2BEA-49A8-A7C4-601A94132FDB}" = lport=9323 | protocol=6 | dir=in | name=ekdiscovery | 

"{841F0BD9-A5DA-4DB0-AD13-574CD00A634E}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe | 

"{892A8148-A7A8-4B27-8FD9-85014CAE3D6C}" = lport=138 | protocol=17 | dir=in | app=system | 

"{92D30716-843A-44A7-AE3C-A79E28817894}" = rport=137 | protocol=17 | dir=out | app=system | 

"{99FEC745-F8AD-4A73-BB62-D561B67EF795}" = lport=5353 | protocol=17 | dir=in | name=bonjour port 5353 | 

"{9C6D8C08-F02E-48C4-A3E4-ED6B96BFCC17}" = rport=138 | protocol=17 | dir=out | app=system | 

"{A0EC9442-6390-4DF4-BD24-06EE482815A2}" = rport=445 | protocol=6 | dir=out | app=system | 

"{A6E8C381-3D56-459D-869C-E16CBB28105D}" = rport=139 | protocol=6 | dir=out | app=system | 

"{C0E020F5-9D8C-4A39-90FA-3966E590D0E8}" = lport=139 | protocol=6 | dir=in | app=system | 

"{ED8A93E8-4013-4BD4-8BCC-83E1C84682D7}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | 

 
 ========== Vista Active Application Exception List ==========

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]

"{049D664B-ED85-44EB-8AAC-8E04D4205619}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | 

"{195BD0B4-592E-4C3C-8DEE-6BE4881D2AD3}" = protocol=17 | dir=in | app=c:\program files\lexmark 3400 series\lxcyaiox.exe | 

"{1A768B55-01BB-40F7-A089-C833C590C72A}" = protocol=6 | dir=in | app=c:\windows\system32\lxcycoms.exe | 

"{295C0CC8-F330-4352-A5AF-230F0967A821}" = protocol=17 | dir=in | app=c:\windows\system32\lxcycoms.exe | 

"{342C9D2C-52F3-4828-9DB5-AAAECD55F1F6}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe | 

"{3EE10A42-C6C3-4092-BC70-058FBC224C5E}" = protocol=17 | dir=in | app=c:\program files\smartftp client\smartftp.exe | 

"{422C92BF-4E61-401F-8585-1CA53A387880}" = protocol=6 | dir=in | app=c:\program files\yahoo!\messenger\yahoomessenger.exe | 

"{4CD6E7BF-5263-4667-8F90-2DCB0C2E954E}" = protocol=6 | dir=in | app=c:\program files\msi\arcsoft\totalmedia\totalmedia.exe | 

"{58DA1E03-C1E5-47FC-9085-D1030A814C39}" = protocol=17 | dir=in | app=c:\program files\arcsoft\totalmedia 3.5\totalmedia.exe | 

"{5A42B89F-C2CF-46FB-869F-29BCE30404E3}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | 

"{5DB0AF8B-1265-41DF-A273-6B3FEFB05966}" = protocol=17 | dir=in | app=c:\program files\smartftp client\smartftp.exe | 

"{6814A827-2A50-455E-A94B-19066854B065}" = protocol=6 | dir=in | app=c:\program files\yahoo!\messenger\yahoomessenger.exe | 

"{69A7EAC5-2EC6-4DB1-92D7-294A78CBCEF6}" = protocol=17 | dir=in | app=c:\program files\lexmark 3400 series\lxcymon.exe | 

"{727E0452-196B-42DB-B23D-2E429B2A3FD1}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | 

"{744EE6E3-943B-462A-8774-7CC3B34E098F}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | 

"{757A6142-F3AD-42B6-B6E1-83150DDACC6D}" = dir=in | app=c:\program files\windows live\messenger\livecall.exe | 

"{76301330-F4B3-4275-9EAD-866DC2E1A579}" = dir=in | app=c:\program files\itunes\itunes.exe | 

"{763E28B0-C613-47D8-943D-520A0D69F796}" = protocol=6 | dir=in | app=c:\program files\kodak\aio\center\kodak.statistics.exe | 

"{79542E76-FED4-40D9-93FD-19205454C61F}" = protocol=17 | dir=in | app=c:\program files\yahoo!\messenger\yahoomessenger.exe | 

"{7E15A4F7-983B-4C85-9EFF-33A4F356386B}" = protocol=6 | dir=in | app=c:\program files\smartftp client\smartftp.exe | 

"{8B1BF235-66F9-4B79-A6AD-A75E108158BD}" = protocol=6 | dir=in | app=c:\program files\arcsoft\totalmedia 3.5\totalmedia.exe | 

"{9278C085-B234-4311-BE4D-A58EA511E5DC}" = protocol=6 | dir=in | app=c:\program files\lexmark 3400 series\lxcyaiox.exe | 

"{957D4FCF-26CB-4E4F-B18F-8292CA5C1628}" = protocol=17 | dir=in | app=c:\program files\yahoo!\messenger\yserver.exe | 

"{9F3E8066-CB5D-4F5F-888B-8E5002449A4C}" = protocol=17 | dir=in | app=c:\program files\yahoo!\messenger\yserver.exe | 

"{A14D6DEC-E8A2-439D-823A-43EDB5C3A064}" = protocol=17 | dir=in | app=c:\program files\msi\arcsoft\totalmedia\totalmedia.exe | 

"{A6FBD1F2-3A41-40D9-A111-D0725C8C6A04}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | 

"{A70C836A-4AC2-46FF-A4F4-0EF0D25578D9}" = protocol=6 | dir=in | app=c:\program files\yahoo!\messenger\yserver.exe | 

"{AD73E073-7E0F-4048-A2F1-144AF8BC628E}" = protocol=6 | dir=in | app=c:\program files\smartftp client\smartftp.exe | 

"{B32F39B9-EB96-49DF-8C8D-9B897A3DF026}" = protocol=6 | dir=in | app=c:\program files\yahoo!\messenger\yserver.exe | 

"{BA66CD0C-BF30-40A5-9C7F-C7C02645FEA9}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | 

"{C057C156-394D-43D7-9850-52A0821F5DF7}" = protocol=17 | dir=in | app=c:\program files\kodak\aio\center\kodak.statistics.exe | 

"{CA119E95-6D40-4BEC-8971-CF00A25486BA}" = protocol=17 | dir=in | app=c:\program files\yahoo!\messenger\yahoomessenger.exe | 

"{CD629AD8-7639-416B-807B-6C557E479CA9}" = protocol=6 | dir=in | app=c:\program files\lexmark 3400 series\lxcymon.exe | 

"{DEFA3344-CDCD-4C7A-BF05-2B8D3C0AD711}" = dir=in | app=c:\program files\skype\phone\skype.exe | 

"{F3CD2E10-42D7-4876-8EBC-F7BA3EFE53C3}" = dir=in | app=c:\program files\common files\apple\apple application support\webkit2webprocess.exe | 

"TCP Query User{0E4231E5-7139-4A05-9769-44C4F1A0D163}C:\program files\trillian\plugins\skypekit.exe" = protocol=6 | dir=in | app=c:\program files\trillian\plugins\skypekit.exe | 

"TCP Query User{411548D5-890B-4104-8DD6-AC9B3ED8B6E6}C:\windows\system32\taskeng.exe" = protocol=6 | dir=in | app=c:\windows\system32\taskeng.exe | 

"TCP Query User{58A81ACE-85B4-4377-B450-32D35F051F32}C:\program files\mozilla firefox\firefox.exe" = protocol=6 | dir=in | app=c:\program files\mozilla firefox\firefox.exe | 

"TCP Query User{8F56A778-42BD-4B5E-BA4A-20EEC6A1A6D8}C:\program files\trillian\trillian.exe" = protocol=6 | dir=in | app=c:\program files\trillian\trillian.exe | 

"TCP Query User{94BF9E06-EBA2-4B79-A939-FABFC7AFCC17}C:\windows\system32\taskeng.exe" = protocol=6 | dir=in | app=c:\windows\system32\taskeng.exe | 

"TCP Query User{BB7E1119-7F9E-41CC-83AE-38EBB1C65398}C:\program files\trillian\plugins\skypekit.exe" = protocol=6 | dir=in | app=c:\program files\trillian\plugins\skypekit.exe | 

"TCP Query User{E690E7C8-F1D4-4212-A660-A2307F1BFD84}C:\windows\explorer.exe" = protocol=6 | dir=in | app=c:\windows\explorer.exe | 

"TCP Query User{F32944B5-81C5-4C1F-8A6F-A1782D4A5E36}C:\windows\explorer.exe" = protocol=6 | dir=in | app=c:\windows\explorer.exe | 

"TCP Query User{F4F4AC21-CB54-4160-B1E0-72F5FE80F3C6}C:\program files\skype\phone\skype.exe" = protocol=6 | dir=in | app=c:\program files\skype\phone\skype.exe | 

"UDP Query User{04110D7F-CAA9-4BA1-B3D7-D85B81B963C0}C:\windows\explorer.exe" = protocol=17 | dir=in | app=c:\windows\explorer.exe | 

"UDP Query User{0AADE4B5-9A32-4F03-BED3-62F2AC2F92AE}C:\windows\system32\taskeng.exe" = protocol=17 | dir=in | app=c:\windows\system32\taskeng.exe | 

"UDP Query User{251FB962-6746-40FE-BD57-D0D63B9080D9}C:\program files\trillian\plugins\skypekit.exe" = protocol=17 | dir=in | app=c:\program files\trillian\plugins\skypekit.exe | 

"UDP Query User{82C7271B-4D5C-41BA-94C9-AABA2149F7CF}C:\windows\explorer.exe" = protocol=17 | dir=in | app=c:\windows\explorer.exe | 

"UDP Query User{8B379C0A-CFAC-4DBB-ACCE-C36163E42E3D}C:\program files\skype\phone\skype.exe" = protocol=17 | dir=in | app=c:\program files\skype\phone\skype.exe | 

"UDP Query User{CD3002F5-785C-4134-A370-F928CF5EA500}C:\program files\trillian\trillian.exe" = protocol=17 | dir=in | app=c:\program files\trillian\trillian.exe | 

"UDP Query User{DC71A5F4-3DD0-4692-B99A-85725263DF37}C:\windows\system32\taskeng.exe" = protocol=17 | dir=in | app=c:\windows\system32\taskeng.exe | 

"UDP Query User{F6FF290B-CDC5-4AEC-892F-60763194DCF4}C:\program files\trillian\plugins\skypekit.exe" = protocol=17 | dir=in | app=c:\program files\trillian\plugins\skypekit.exe | 

"UDP Query User{F96893B3-5690-46F7-9A86-8FED1F2E212E}C:\program files\mozilla firefox\firefox.exe" = protocol=17 | dir=in | app=c:\program files\mozilla firefox\firefox.exe | 

 
 ========== HKEY_LOCAL_MACHINE Uninstall List ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148

"{0138F525-6C8A-333F-A105-14AE030B9A54}" = Visual C++ 9.0 CRT (x86) WinSXS MSM

"{0394CDC8-FABD-4ED8-B104-03393876DFDF}" = Roxio Creator Tools

"{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu

"{0645A454-AD44-4F0D-99CF-6B762735AD1F}" = aioprnt

"{07629207-FAA0-4F1A-8092-BF5085BE511F}" = Unterstützungsdateien für das Microsoft SQL Server-Setup (Englisch)

"{082702D5-5DD8-4600-BCE5-48B15174687F}" = HP Doc Viewer

"{08823E70-05FD-4CC3-8019-ABE5B85FC8BE}" = Microsoft Photo Info

"{0D397393-9B50-4C52-84D5-77E344289F87}" = Roxio Creator Data

"{10934A28-0CC6-4B98-A14F-76B3546003AF}" = ksDIP

"{1365E84A-F7E7-4B38-A618-950B2ACF2B10}" = Mein Budgetplaner

"{13F3917B56CD4C25848BDC69916971BB}" = DivX Converter

"{14DCD95A-EBA3-4BF0-B7EF-533852E99BE6}" = LG PC Suite II

"{192A107E-C6B9-41B9-BDBF-38E3AA226054}" = OpenOffice.org 3.2

"{1D1D8ADC-BF08-4E61-9393-5FA305B16864}" = Microsoft SQL Server Native Client

"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool

"{228C6B46-64E2-404E-898A-EF0830603EF4}" = HPNetworkAssistant

"{254C37AA-6B72-4300-84F6-98A82419187E}" = ActiveCheck component for HP Active Support Library

"{26A24AE4-039D-4CA4-87B4-2F83216018FF}" = Java(TM) 6 Update 29

"{27EF8E7F-88D1-4ec5-ADE2-7E447FDF114E}" = Kodak AIO Printer

"{2DB165DC-DDB4-403F-B985-19F3EC7D0357}" = HP ProtectTools Security Manager

"{32347E43-C68C-423B-9DC8-A22CE16DE0C1}" = MyMicroBalance

"{3248F0A8-6813-11D6-A77B-00B0D0160010}" = Java(TM) SE Runtime Environment 6 Update 1

"{3248F0A8-6813-11D6-A77B-00B0D0160050}" = Java(TM) 6 Update 5

"{3248F0A8-6813-11D6-A77B-00B0D0160070}" = Java(TM) 6 Update 7

"{33C65B6A-5D73-4E3E-A1F9-127C27BD3F72}" = Roxio MyDVD Basic v9

"{33ED6288-90A4-42BE-A192-C6812B4B945A}" = Andasa Toolbar

"{343666E2-A059-48AC-AD67-230BF74E2DB2}" = Apple Application Support

"{34D2AB40-150D-475D-AE32-BD23FB5EE355}" = HP Quick Launch Buttons 6.40 B2

"{35E1EC43-D4FC-4E4A-AAB3-20DDA27E8BB0}" = Roxio Activation Module

"{3698F5C8-111B-4B92-8F52-3FF6AD8E8F57}" = ESU for Microsoft Vista

"{3912A629-0020-0005-3131-2FBA74D4DF0A}" = InterVideo WinDVD

"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile

"{3D13B5F1-8FE4-4829-AA6E-6461D4B0B7E8}" = Motorola Software Update

"{3E00C574-B650-401D-A898-4581AAD6CC74}" = STRATO HiDrive

"{3F9F7336-6DF8-476F-ABF6-C70A17FAF619}" = ST Wiederherstellungs- & Sicherungsprogramme

"{3FC7CBBC4C1E11DCA1A752EA55D89593}" = DivX Version Checker

"{41977E38-C671-4383-96F2-D2C83A815EB4}" = Vista Default Settings

"{4640FDE1-B83A-4376-84ED-86F86BEE2D41}" = Driver Detective

"{48B41C3A-9A92-4B81-B653-C97FEB85C910}" = C4USelfUpdater

"{49CC1A6A-3A1A-4EE7-913F-8106B51B59D1}" = Paragon Partition Manager 9.0 Personal

"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater

"{4E0749BE-A456-40DB-95B0-FA0A1C488190}" = iHoerbuch

"{521F72F4-FFE4-4959-AA88-EED06125211F}" = HP Notebook Accessories Product Tour

"{55B52830-024A-443E-AF61-61E1E71AFA1B}" = Device Access Manager for HP ProtectTools

"{584B0895-8EF3-4175-8E80-1B68BFA04636}" = HP Help and Support

"{5A3C1721-F8ED-11E0-8AFB-B8AC6F97B88E}" = Google Earth

"{5C759B74-34F4-43C6-A5D9-039CB754C5E9}" = Microsoft SQL Server VSS Writer

"{5D97A4A7-C274-4B63-86D9-07A33435F505}" = InterVideo DVD Check

"{60DE4033-9503-48D1-A483-7846BD217CA9}" = ICQ6

"{619CDD8A-14B6-43A1-AB6C-0F4EE48CE048}" = Roxio Creator Copy

"{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}" = Roxio Express Labeler 3

"{669D4A35-146B-4314-89F1-1AC3D7B88367}" = HPAsset component for HP Active Support Library

"{69333A04-5134-40A5-A055-9166A7AA1EC8}" = 

"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin

"{6AFCA4E1-9B78-3640-8F72-A7BF33448200}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729

"{6D3DB611-D5E8-4E4B-8952-0D3F549F9CC6}" = HP Active Support Library 32 bit components

"{6ECB39BD-73C2-44DD-B1A0-898207C58D8B}" = HP Foto- und Bildbearbeitung 2.0 All-in-One Treiber 

"{6F23C1A3-9F62-470C-BD12-B83F04E67865}" = SmartFTP Client

"{707CF19F-3948-4313-A5D4-9FBC256A2A53}" = Smart Cam Manager

"{70CEFEBA-F757-4DBE-8A21-027C326137CE}" = Application Installer 4.00.B14

"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable

"{7355D6F3-DBA4-4CD4-8FC3-B96FA766B642}" = calibre

"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053

"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update

"{79155F2B-9895-49D7-8612-D92580E0DE5B}" = Bonjour

"{7B63B2922B174135AFC0E1377DD81EC2}" = 

"{7BE15435-2D3E-4B58-867F-9C75BED0208C}" = QuickTime

"{7CA4EF4B-DB5A-4E2F-81CC-6EE33FC9EF1E}" = HP User Guides 0084

"{8153ED9A-C94A-426E-9880-5E6775C08B62}" = Apple Mobile Device Support

"{83E2CFA9-E0EB-4E08-9F85-43E577FF3D60}" = Windows Live Anmelde-Assistent

"{83FFCFC7-88C6-41C6-8752-958A45325C82}" = Roxio Creator Audio

"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570

"{86D4B82A-ABED-442A-BE86-96357B70F4FE}" = Ask Toolbar

"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight

"{8CC5F040-44F2-4FB7-9720-47F53F96D180}" = MSCU for Microsoft Vista

"{8D337F77-BE7F-41A2-A7CB-D5A63FD7049B}" = Sonic CinePlayer Decoder Pack

"{8FFC5648-FAF8-43A3-BC8F-42BA1E275C4E}" = Choice Guard

"{91810AFC-A4F8-4EBA-A5AA-B198BBC81144}" = InterVideo WinDVD

"{91E04CA7-0B13-4F8C-AA4D-2A573AC96D19}" = Windows Live Essentials

"{933B4015-4618-4716-A828-5289FC03165F}" = VC80CRTRedist - 8.0.50727.6195

"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting

"{9867A917-5D17-40DE-83BA-BEA5293194B1}" = HP Foto- und Bildbearbeitung 2.0 - All-in-One

"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161

"{A693D0D0-0EF2-4D90-96AA-11CC1A4793ED}" = UpdateStar

"{A6E92CAB-9E63-46DC-8ABF-0CAFF7B7CD02}" = eXPert PDF 4

"{A8D647C8-65AC-409F-B7B2-3C0FEE1A32F2}" = PixiePack Codec Pack

"{A90C03D6-08E1-4C59-B93B-6919A6C0AC19}" = TSP_CODEC

"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper

"{AB5E289E-76BF-4251-9F3F-9B763F681AE0}" = HP Customer Experience Enhancements

"{AC76BA86-7AD7-1031-7B44-AA1000000001}" = Adobe Reader X (10.1.1) - Deutsch

"{AC76BA86-7AD7-5464-3428-800000000003}" = Spelling Dictionaries Support For Adobe Reader 8

"{AC76BA86-7AD7-5676-5A64-800000000003}" = Adobe Reader Extended Language Support Font Pack

"{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter

"{B376402D-58EA-45EA-BD50-DD924EB67A70}" = HP Speicher-Disc

"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Toolbars

"{B7DBF6E8-0D17-4BE4-853B-ACD6EFBD4A1F}" = iTunes

"{BA165460-FCF7-4D6C-A7A2-F2321700720F}" = MobileMe Control Panel

"{BBE5C83E-4DC5-494F-8A23-3AAE242E94C2}" = HP Easy Setup - Frontend

"{BC35397E-6A05-4E93-8418-1BA7CD2B7AAB}" = BIOS Configuration for HP ProtectTools

"{BE94C681-68E2-4561-8ABC-8D2E799168B4}" = essentials

"{BFBCF96F-7361-486A-965C-54B17AC35421}" = ocr

"{C3ABE126-2BB2-4246-BFE1-6797679B3579}" = LG USB Modem driver

"{C8B0680B-CDAE-4809-9F91-387B6DE00F7C}" = Roxio Creator Basic v9

"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1

"{CBAE4F50-9FC9-4557-AB36-9826DF3C103C}" = HP Wireless Assistant

"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1

"{CE7E3BE0-2DD3-4416-A690-F9E4A99A8CFF}" = HP Active Support Library

"{D692E771-F6CC-11D4-83DE-004F4E03F091}" = Zoner Draw 3

"{D6A1E429-CCE1-4140-A615-710B806D12BA}" = Motorola Driver Installation 3.2.0

"{D6F879CC-59D6-4D4B-AE9B-D761E48D25ED}" = Skype™ 5.3

"{D9B4D7EE-481C-4C36-86AB-A8F7417725FF}" = LightScribe  1.6.43.1

"{DA5BDB2A-12F0-4343-8351-21AAEB293990}" = PreReq

"{DBA4DB9D-EE51-4944-A419-98AB1F1249C8}" = LiveUpdate Notice (Symantec Corporation)

"{E503B4BF-F7BB-3D5F-8BC8-F694B1CFF942}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022.218

"{E78BFA60-5393-4C38-82AB-E8019E464EB4}" = Microsoft .NET Framework 1.1 German Language Pack

"{ECD03DA7-5952-406A-8156-5F0C93618D1F}" = USB PC Camera-168

"{EF5B1E83-1403-4F0E-A8E6-C169DF0CCE8C}" = LG PC Suite II

"{F0A37341-D692-11D4-A984-009027EC0A9C}" = SoundMAX

"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219

"{F18DB86D-BC16-4E01-BCCE-63F62B931D82}" = InterVideo Register Manager

"{F2AF3E5D-9697-485C-A5AC-E2B9468C446A}" = Safari

"{F750C986-5310-3A5A-95F8-4EC71C8AC01C}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack

"{FA99DC8C-DFFA-410A-B8D6-BCA7F5790B05}" = Radiotracker

"{FF68083C-E11E-4A91-B54B-CD72AB5A0CF5}" = TotalMedia

"0BCA6D24013166B380927D270B90FF6D447A4AAA" = Windows Driver Package - OPTO ELECTRONICS CO.,LTD (optousb) Ports  (06/02/2008 2.0.5.5)

"7-Zip" = 7-Zip 9.14 beta

"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX

"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin

"Agere Systems Soft Modem" = Agere Systems HDA Modem

"Amazon MP3-Downloader" = Amazon MP3-Downloader 1.0.9

"Andasa Toolbar" = Andasa Toolbar

"Ashampoo WinOptimizer 2010 CBE_is1" = Ashampoo WinOptimizer 2010 CBE

"Audacity 1.3 Beta (Unicode)_is1" = Audacity 1.3.7 (Unicode)

"AudibleDownloadManager" = Audible Download Manager

"Avira AntiVir Desktop" = Avira Free Antivirus

"CCleaner" = CCleaner

"CloneSpy" = CloneSpy 2.41

"ColorPic" = ColorPic

"DivX Plus DirectShow Filters" = DivX Plus DirectShow Filters

"DivX Setup" = DivX-Setup

"Edition C" = Edition C

"ElsterFormular für Privatanwender 12.1.1.6214p" = ElsterFormular für Privatanwender

"FBReader for Windows" = FBReader for Windows

"ffdshow_is1" = ffdshow v1.1.3476 [2010-06-15]

"HDMI" = Intel(R) Graphics Media Accelerator Driver

"HijackThis" = HijackThis 2.0.2

"jv16 PowerTools 2009_is1" = jv16 PowerTools 2009

"king.com" = king.com (remove only)

"LAME for Audacity_is1" = LAME v3.98.2 for Audacity

"LiveUpdate" = LiveUpdate 3.2 (Symantec Corporation)

"McAfee Security Scan" = McAfee Security Scan Plus

"Microsoft .NET Framework 1.1  (1033)" = Microsoft .NET Framework 1.1

"Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU

"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1

"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile

"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack

"Mozilla Firefox 9.0.1 (x86 de)" = Mozilla Firefox 9.0.1 (x86 de)

"Mozilla Thunderbird (2.0.0.21)" = Mozilla Thunderbird (2.0.0.21)

"MyAshampoo Toolbar" = MyAshampoo Toolbar

"OnlineBible" = Online Bible 10.10.08

"Opticon USB Installer" = Opticon USB Drivers Installer

"PagePlace" = PagePlace

"Panel Client_is1" = Panel Client 3.2

"phase5" = phase5

"PreisHai_is1" = PreisHai 4.0

"PROSet" = Intel(R) Network Connections Drivers

"Revo Uninstaller" = Revo Uninstaller 1.88

"ScanIT-Client_is1" = ScanIT-Client 3.2

"Security Task Manager" = Security Task Manager 1.7h

"SmartFTP Client 3.0 Setup Files" = SmartFTP Client 3.0 Setup Files (remove only)

"Software Informer_is1" = Software Informer 1.0 BETA

"SubtitleWorkshop" = Subtitle Workshop 2.51

"SynTPDeinstKey" = Synaptics Pointing Device Driver

"Trillian" = Trillian

"UnderCoverXP_is1" = UnderCoverXP 1.22

"Winamp" = Winamp

"Winamp Toolbar" = Winamp Toolbar

"WinGimp-2.0_is1" = GIMP 2.4.0

"WinGTK-2_is1" = GTK+ 2.10.13 runtime environment

"WinLiveSuite_Wave3" = Windows Live Essentials

"XiphQT" = Xiph QuickTime Components

"ZipCentral_is1" = ZipCentral 4.01

 
 ========== HKEY_CURRENT_USER Uninstall List ==========

 

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"Amazon Kindle" = Amazon Kindle

"OnlineBible" = Online Bible 10.10.08

"UnityWebPlayer" = Unity Web Player

 
 ========== Last 10 Event Log Errors ==========

 

[ Application Events ]

Error - 30.01.2012 07:19:22 | Computer Name = SvensKlappkiste | Source = Windows Search Service | ID = 3013

Description = 

 

Error - 30.01.2012 07:19:22 | Computer Name = SvensKlappkiste | Source = Windows Search Service | ID = 3013

Description = 

 

Error - 30.01.2012 07:19:23 | Computer Name = SvensKlappkiste | Source = Windows Search Service | ID = 3013

Description = 

 

Error - 30.01.2012 07:19:23 | Computer Name = SvensKlappkiste | Source = Windows Search Service | ID = 3013

Description = 

 

Error - 30.01.2012 07:19:23 | Computer Name = SvensKlappkiste | Source = Windows Search Service | ID = 3013

Description = 

 

Error - 30.01.2012 07:19:23 | Computer Name = SvensKlappkiste | Source = Windows Search Service | ID = 3013

Description = 

 

Error - 30.01.2012 07:19:25 | Computer Name = SvensKlappkiste | Source = Windows Search Service | ID = 3013

Description = 

 

Error - 30.01.2012 07:19:25 | Computer Name = SvensKlappkiste | Source = Windows Search Service | ID = 3013

Description = 

 

Error - 30.01.2012 07:52:57 | Computer Name = SvensKlappkiste | Source = EventSystem | ID = 4609

Description = 

 

Error - 31.01.2012 05:15:32 | Computer Name = SvensKlappkiste | Source = System Restore | ID = 8193

Description = 

 

[ System Events ]

Error - 29.01.2012 15:52:23 | Computer Name = SvensKlappkiste | Source = DCOM | ID = 10010

Description = 

 

Error - 30.01.2012 07:13:23 | Computer Name = SvensKlappkiste | Source = Service Control Manager | ID = 7034

Description = 

 

Error - 30.01.2012 07:52:09 | Computer Name = SvensKlappkiste | Source = EventLog | ID = 6008

Description = Das System wurde zuvor am 30.01.2012 um 12:49:03 unerwartet heruntergefahren.

 

Error - 30.01.2012 07:52:49 | Computer Name = SvensKlappkiste | Source = DCOM | ID = 10005

Description = 

 

Error - 30.01.2012 07:52:57 | Computer Name = SvensKlappkiste | Source = DCOM | ID = 10005

Description = 

 

Error - 30.01.2012 07:53:19 | Computer Name = SvensKlappkiste | Source = DCOM | ID = 10005

Description = 

 

Error - 30.01.2012 07:53:22 | Computer Name = SvensKlappkiste | Source = DCOM | ID = 10005

Description = 

 

Error - 30.01.2012 07:53:24 | Computer Name = SvensKlappkiste | Source = Service Control Manager | ID = 7001

Description = 

 

Error - 30.01.2012 07:53:24 | Computer Name = SvensKlappkiste | Source = Service Control Manager | ID = 7026

Description = 

 

Error - 30.01.2012 08:08:19 | Computer Name = SvensKlappkiste | Source = DCOM | ID = 10005

Description = 

 

 

< End of report >

--- --- ---