| Zuspaet77 | 10.05.2011 19:11 |
Vista Desktopsymbolde verschwunden geht so gut wie nix mehr
Hi Leute hab mir vor 2 tagen nen laptop von kumpel ausgeliehn und nach dem ich ihn anmachte und sein Opera browser benutzen wollte gingen die ganze zeit Fenster auf vom explorer neu gestartet und dann war desktop futsch kann auf viele Programe nicht mehr zu greifen hoffe hier auf schnelle hilfe !!! danke schon mal
OTL Logfile: Code:
OTL logfile created on: 10.05.2011 19:30:34 - Run 1
OTL by OldTimer - Version 3.2.22.3 Folder = F:\
Windows Vista Business Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6002.18005)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
3,00 Gb Total Physical Memory | 3,00 Gb Available Physical Memory | 79,00% Memory free
7,00 Gb Paging File | 7,00 Gb Available in Paging File | 92,00% Paging File free
Paging file location(s): C:\pagefile.sys 0 0 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 48,83 Gb Total Space | 7,50 Gb Free Space | 15,37% Space Free | Partition Type: NTFS
Drive D: | 100,11 Gb Total Space | 57,01 Gb Free Space | 56,94% Space Free | Partition Type: NTFS
Drive F: | 961,72 Mb Total Space | 673,97 Mb Free Space | 70,08% Space Free | Partition Type: FAT
Computer Name: MARKETING-LAP | User Name: Administrator | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - F:\OTL.exe (OldTimer Tools)
PRC - C:\Programme\Avira\AntiVir Desktop\avshadow.exe (Avira GmbH)
PRC - C:\Programme\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
PRC - C:\Programme\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
========== Modules (SafeList) ==========
MOD - F:\OTL.exe (OldTimer Tools)
MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll (Microsoft Corporation)
========== Win32 Services (SafeList) ==========
SRV - (AMService) -- File not found
SRV - (TuneUp.UtilitiesSvc) -- C:\Program Files\TuneUp Utilities 2011\TuneUpUtilitiesService32.exe (TuneUp Software)
SRV - (UxTuneUp) -- C:\Windows\System32\uxtuneup.dll (TuneUp Software)
SRV - (AntiVirSchedulerService) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
SRV - (AntiVirService) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
SRV - (FLEXnet Licensing Service) -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Acresso Software Inc.)
SRV - (AAV UpdateService) -- C:\Program Files\Akademische Arbeitsgemeinschaft\AAVUpdateManager\aavus.exe ()
SRV - (Adobe Version Cue CS4) -- C:\Program Files\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe (Adobe Systems Incorporated)
SRV - (WinDefend) -- C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV - (WcesComm) -- C:\Windows\WindowsMobile\wcescomm.dll (Microsoft Corporation)
SRV - (RapiMgr) -- C:\Windows\WindowsMobile\rapimgr.dll (Microsoft Corporation)
SRV - (AdobeActiveFileMonitor) -- D:\Program Files\Adobe\Photoshop Elements 3.0\PhotoshopElementsFileAgent.exe ()
SRV - (PhotoshopElementsDeviceConnect) -- D:\Program Files\Adobe\Photoshop Elements 3.0\PhotoshopElementsDeviceConnect.exe ()
========== Driver Services (SafeList) ==========
DRV - (avipbb) -- C:\Windows\System32\drivers\avipbb.sys (Avira GmbH)
DRV - (avgntflt) -- C:\Windows\System32\drivers\avgntflt.sys (Avira GmbH)
DRV - (VBoxDrv) -- C:\Windows\System32\drivers\VBoxDrv.sys (Oracle Corporation)
DRV - (VBoxNetFlt) -- C:\Windows\System32\drivers\VBoxNetFlt.sys (Oracle Corporation)
DRV - (VBoxNetAdp) -- C:\Windows\System32\drivers\VBoxNetAdp.sys (Oracle Corporation)
DRV - (VBoxUSBMon) -- C:\Windows\System32\drivers\VBoxUSBMon.sys (Oracle Corporation)
DRV - (TuneUpUtilitiesDrv) -- C:\Programme\TuneUp Utilities 2011\TuneUpUtilitiesDriver32.sys (TuneUp Software)
DRV - (pwdrvio) -- C:\Windows\System32\pwdrvio.sys ()
DRV - (pwdspio) -- C:\Windows\System32\pwdspio.sys ()
DRV - (ssmdrv) -- C:\Windows\System32\drivers\ssmdrv.sys (Avira GmbH)
DRV - (StarOpen) -- C:\Windows\System32\drivers\StarOpen.sys ()
DRV - (winusb) -- C:\Windows\System32\drivers\winusb.sys (Microsoft Corporation)
DRV - (USBCCID) -- C:\Windows\System32\drivers\usbccid.sys (Microsoft Corporation)
DRV - (nvlddmkm) -- C:\Windows\System32\drivers\nvlddmkm.sys (NVIDIA Corporation)
DRV - (avgio) -- C:\Programme\Avira\AntiVir Desktop\avgio.sys (Avira GmbH)
DRV - (BVRPMPR5) -- C:\Windows\System32\drivers\BVRPMPR5.SYS (Avanquest Software)
DRV - (DNE) -- C:\Windows\System32\drivers\dne2000.sys (Deterministic Networks, Inc.)
DRV - (NETw3v32) Intel(R) -- C:\Windows\System32\drivers\NETw3v32.sys (Intel Corporation)
DRV - (ApfiltrService) -- C:\Windows\System32\drivers\Apfiltr.sys (Alps Electric Co., Ltd.)
DRV - (RemoteControl-USBLAN) -- C:\Windows\System32\drivers\rcblan.sys (Belcarra Technologies)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-2477383873-555130815-950272694-500\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
FF - HKLM\software\mozilla\Firefox\Extensions\\{9A611894-845A-4041-8FA9-48C6ADB2BA14}: C:\Users\Administrator\AppData\Local\{9A611894-845A-4041-8FA9-48C6ADB2BA14} [2011.05.05 22:17:48 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.2pre\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011.04.02 20:41:59 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.2pre\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011.04.02 20:41:59 | 000,000,000 | ---D | M]
[2011.04.03 21:54:45 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Administrator\AppData\Roaming\mozilla\Extensions
[2010.01.01 19:05:00 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
[2006.09.26 12:03:14 | 000,098,304 | ---- | M] (Zylom) -- C:\Programme\Mozilla Firefox\plugins\npzylomgamesplayer.dll
[2010.03.26 14:08:42 | 000,001,392 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\amazondotcom-de.xml
[2010.03.26 14:08:42 | 000,002,344 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\eBay-de.xml
[2010.03.26 14:08:42 | 000,006,805 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\leo_ende_de.xml
[2010.03.26 14:08:42 | 000,001,178 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\wikipedia-de.xml
[2010.03.26 14:08:42 | 000,001,105 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\yahoo-de.xml
Hosts file not found
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Programme\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Programme\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (SmartSelect Class) - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Programme\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Programme\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKU\S-1-5-21-2477383873-555130815-950272694-500\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Programme\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [Apoint] C:\Programme\DellTPad\Apoint.exe (Alps Electric Co., Ltd.)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [Windows Mobile-based device management] C:\Windows\WindowsMobile\wmdSync.exe (Microsoft Corporation)
O4 - HKU\.DEFAULT..\Run: [AMService] File not found
O4 - HKU\S-1-5-18..\Run: [AMService] File not found
O4 - HKU\S-1-5-20..\Run: [4E3E0230AEBB4E96] File not found
O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKLM..\RunOnce: [*WerKernelReporting] C:\Windows\System32\WerFault.exe (Microsoft Corporation)
O4 - HKLM..\RunOnce: [BrowserBallot] C:\Windows\System32\browserchoice.exe (Microsoft Corporation)
O4 - HKLM..\RunOnce: [InnoSetupRegFile.0000000001] C:\Windows\is-MRLS1.exe ()
O7 - HKU\S-1-5-21-2477383873-555130815-950272694-500\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 0
O7 - HKU\S-1-5-21-2477383873-555130815-950272694-500\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoWindowsUpdate = 1
O7 - HKU\S-1-5-21-2477383873-555130815-950272694-500\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 1
O7 - HKU\S-1-5-21-2477383873-555130815-950272694-500\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutorun = 0
O8 - Extra context menu item: An vorhandene PDF-Datei anfügen - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Administrator\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O8 - Extra context menu item: In Adobe PDF konvertieren - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Linkziel an vorhandene PDF-Datei anhängen - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Linkziel in Adobe PDF konvertieren - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - C:\Programme\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Programme\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Programme\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/flashplayer/current/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - File not found
O24 - Desktop WallPaper: C:\Users\Public\Pictures\Sample Pictures\bioshock-2-the-sisters-wallpaper.jpg
O24 - Desktop BackupWallPaper: C:\Users\Public\Pictures\Sample Pictures\bioshock-2-the-sisters-wallpaper.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{1a7a12b8-5e7f-11e0-9f1a-f227c6c79f67}\Shell\AutoRun\command - "" = J:\csmgho.exe
O33 - MountPoints2\{1a7a12b8-5e7f-11e0-9f1a-f227c6c79f67}\Shell\open\Command - "" = J:\csmgho.exe
O33 - MountPoints2\{c815f2e3-5712-11e0-a9ce-001c234e51de}\Shell\AutoRun\command - "" = G:\
O33 - MountPoints2\{c815f2e3-5712-11e0-a9ce-001c234e51de}\Shell\linuxlive\command - "" = VirtualBox\Virtualize_This_Key.exe
O33 - MountPoints2\{c815f2e3-5712-11e0-a9ce-001c234e51de}\Shell\linuxlive2\command - "" = VirtualBox\VirtualBox.exe
O33 - MountPoints2\{d203706b-5d31-11e0-9dc9-080027005424}\Shell - "" = AutoRun
O33 - MountPoints2\{d203706b-5d31-11e0-9dc9-080027005424}\Shell\AutoRun\command - "" = H:\LaunchU3.exe -a
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 30 Days ==========
[2011.05.09 20:43:49 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Roaming\Canneverbe Limited
[2011.05.08 19:07:34 | 000,000,000 | -H-D | C] -- C:\Windows\PIF
[2011.05.08 17:32:45 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netevent.dll
[2011.05.08 17:32:33 | 000,876,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XpsPrint.dll
[2011.05.07 16:55:13 | 004,240,384 | ---- | C] (Microsoft) -- C:\Windows\System32\GameUXLegacyGDFs.dll
[2011.05.07 16:55:13 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Apphlpdm.dll
[2011.05.07 16:27:50 | 000,295,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationHost.exe
[2011.05.07 16:27:50 | 000,099,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationHostProxy.dll
[2011.05.07 16:27:50 | 000,049,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netfxperf.dll
[2011.05.07 16:22:04 | 000,000,000 | ---D | C] -- C:\Windows\System32\WindowsPowerShell
[2011.05.07 16:21:04 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winrsmgr.dll
[2011.05.07 16:20:57 | 000,040,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winrs.exe
[2011.05.07 16:20:57 | 000,020,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winrshost.exe
[2011.05.07 16:20:57 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wsmprovhost.exe
[2011.05.07 16:20:57 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wsmplpxy.dll
[2011.05.07 16:20:57 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winrssrv.dll
[2011.05.07 16:20:55 | 000,081,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wevtfwd.dll
[2011.05.07 16:20:55 | 000,079,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wecutil.exe
[2011.05.07 16:20:55 | 000,056,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wecapi.dll
[2011.05.07 16:20:55 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WsmRes.dll
[2011.05.07 16:20:55 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pwrshplugin.dll
[2011.05.07 16:20:51 | 000,252,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WSManMigrationPlugin.dll
[2011.05.07 16:20:51 | 000,246,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WSManHTTPConfig.exe
[2011.05.07 16:20:51 | 000,241,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winrscmd.dll
[2011.05.07 16:20:51 | 000,214,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WsmWmiPl.dll
[2011.05.07 16:20:51 | 000,145,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WsmAuto.dll
[2011.05.07 15:54:56 | 000,413,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\odbc32.dll
[2011.05.07 15:54:48 | 000,292,864 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\atmfd.dll
[2011.05.07 15:54:48 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fontsub.dll
[2011.05.07 15:54:48 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\System32\atmlib.dll
[2011.05.07 15:54:33 | 008,147,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmploc.DLL
[2011.05.07 15:53:53 | 003,602,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe
[2011.05.07 15:53:53 | 000,000,000 | -H-D | C] -- C:\Recycle.Bin
[2011.05.07 15:53:52 | 003,550,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe
[2011.05.07 15:53:42 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dnscacheugc.exe
[2011.05.07 15:53:41 | 000,081,920 | ---- | C] (Radius Inc.) -- C:\Windows\System32\iccvid.dll
[2011.05.07 15:53:35 | 001,162,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc42u.dll
[2011.05.07 15:53:35 | 001,136,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc42.dll
[2011.05.07 15:45:52 | 000,000,000 | ---D | C] -- C:\Programme\Windows Portable Devices
[2011.05.07 15:26:51 | 000,979,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MFH264Dec.dll
[2011.05.07 15:26:51 | 000,478,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxgi.dll
[2011.05.07 15:26:51 | 000,135,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XpsRasterService.dll
[2011.05.07 15:26:50 | 002,873,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mf.dll
[2011.05.07 15:26:50 | 000,667,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\printfilterpipelinesvc.exe
[2011.05.07 15:26:50 | 000,357,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MFHEAACdec.dll
[2011.05.07 15:26:50 | 000,302,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfmp4src.dll
[2011.05.07 15:26:50 | 000,261,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfreadwrite.dll
[2011.05.07 15:26:50 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cdd.dll
[2011.05.07 15:26:49 | 000,209,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfplat.dll
[2011.05.07 15:26:48 | 000,098,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfps.dll
[2011.05.07 15:26:48 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\printfilterpipelineprxy.dll
[2011.05.07 15:26:22 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\asycfilt.dll
[2011.05.07 15:26:03 | 000,157,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\t2embed.dll
[2011.05.07 15:26:00 | 002,452,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dat
[2011.05.07 15:25:58 | 000,671,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mstime.dll
[2011.05.07 15:25:58 | 000,471,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2011.05.07 15:25:58 | 000,389,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\html.iec
[2011.05.07 15:25:58 | 000,193,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll
[2011.05.07 15:25:58 | 000,180,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2011.05.07 15:25:57 | 000,380,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dll
[2011.05.07 15:25:57 | 000,078,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieencode.dll
[2011.05.07 15:25:42 | 002,041,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2011.05.07 15:25:40 | 001,169,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sdclt.exe
[2011.05.07 15:25:33 | 001,696,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\gameux.dll
[2011.05.07 15:25:24 | 000,317,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MP4SDECD.DLL
[2011.05.07 15:25:23 | 000,512,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript.dll
[2011.05.07 15:25:23 | 000,430,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vbscript.dll
[2011.05.07 15:25:16 | 001,172,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10warp.dll
[2011.05.07 15:25:16 | 001,068,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DWrite.dll
[2011.05.07 15:25:16 | 001,029,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10.dll
[2011.05.07 15:25:16 | 000,683,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d2d1.dll
[2011.05.07 15:25:16 | 000,160,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10_1.dll
[2011.05.07 15:25:15 | 001,554,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xpsservices.dll
[2011.05.07 15:25:15 | 000,847,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\OpcServices.dll
[2011.05.07 15:25:15 | 000,486,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10level9.dll
[2011.05.07 15:25:15 | 000,288,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XpsGdiConverter.dll
[2011.05.07 15:25:15 | 000,219,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10_1core.dll
[2011.05.07 15:25:15 | 000,189,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10core.dll
[2011.05.07 15:24:58 | 000,954,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc40.dll
[2011.05.07 15:24:58 | 000,954,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc40u.dll
[2011.05.07 15:24:56 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rtutils.dll
[2011.05.07 15:24:55 | 000,867,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmpmde.dll
[2011.05.07 15:24:54 | 000,429,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\EncDec.dll
[2011.05.07 15:24:54 | 000,322,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sbe.dll
[2011.05.07 15:24:54 | 000,177,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mpg2splt.ax
[2011.05.07 15:24:54 | 000,153,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sbeio.dll
[2011.05.07 15:24:52 | 000,220,672 | ---- | C] (Fraunhofer Institut Integrierte Schaltungen IIS) -- C:\Windows\System32\l3codecp.acm
[2011.05.07 15:24:52 | 000,062,464 | ---- | C] (Fraunhofer Institut Integrierte Schaltungen IIS) -- C:\Windows\System32\l3codeca.acm
[2011.05.07 15:24:30 | 000,352,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\taskschd.dll
[2011.05.07 15:24:30 | 000,345,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmicmiplugin.dll
[2011.05.07 15:24:30 | 000,270,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\taskcomp.dll
[2011.05.07 15:24:27 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\consent.exe
[2011.05.07 15:24:17 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tzres.dll
[2011.05.07 15:23:16 | 001,164,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\UIRibbonRes.dll
[2011.05.07 15:23:16 | 000,092,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\UIAnimation.dll
[2011.05.07 15:23:15 | 003,023,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\UIRibbon.dll
[2011.05.07 15:22:37 | 000,369,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMPhoto.dll
[2011.05.07 15:22:36 | 000,519,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d11.dll
[2011.05.07 15:22:36 | 000,321,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PhotoMetadataHandler.dll
[2011.05.07 15:22:36 | 000,252,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxdiag.exe
[2011.05.07 15:22:36 | 000,195,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxdiagn.dll
[2011.05.07 15:22:36 | 000,189,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WindowsCodecsExt.dll
[2011.05.07 15:22:09 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\BthMtpContextHandler.dll
[2011.05.07 15:22:09 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WPDShextAutoplay.exe
[2011.05.07 15:22:08 | 000,060,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PortableDeviceConnectApi.dll
[2011.05.07 15:22:07 | 000,546,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wpd_ci.dll
[2011.05.07 15:22:07 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WpdMtpUS.dll
[2011.05.07 15:22:07 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WpdConns.dll
[2011.05.07 15:22:06 | 000,350,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WPDSp.dll
[2011.05.07 15:22:06 | 000,334,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PortableDeviceApi.dll
[2011.05.07 15:22:06 | 000,226,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WpdMtp.dll
[2011.05.07 15:22:06 | 000,196,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PortableDeviceWMDRM.dll
[2011.05.07 15:22:06 | 000,160,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PortableDeviceTypes.dll
[2011.05.07 15:22:06 | 000,100,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PortableDeviceClassExtension.dll
[2011.05.07 15:21:12 | 000,555,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\UIAutomationCore.dll
[2011.05.07 15:21:12 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\oleaccrc.dll
[2011.05.07 15:18:22 | 000,293,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\browserchoice.exe
[2011.05.07 15:14:37 | 000,024,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\nshhttp.dll
[2011.05.07 15:14:35 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\httpapi.dll
[2011.05.07 15:12:45 | 000,000,000 | ---D | C] -- C:\Programme\MSXML 4.0
[2011.05.07 15:08:37 | 000,231,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msshsq.dll
[2011.05.07 15:04:40 | 000,302,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlansec.dll
[2011.05.07 15:04:40 | 000,293,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlanmsm.dll
[2011.05.07 15:04:40 | 000,127,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\L2SecHC.dll
[2011.05.07 15:04:40 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlanapi.dll
[2011.05.07 15:04:18 | 000,623,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\localspl.dll
[2011.05.07 15:04:16 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dciman32.dll
[2011.05.07 15:03:50 | 000,105,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netiohlp.dll
[2011.05.07 15:03:50 | 000,027,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NETSTAT.EXE
[2011.05.07 15:03:50 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ARP.EXE
[2011.05.07 15:03:50 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\finger.exe
[2011.05.07 15:03:50 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\HOSTNAME.EXE
[2011.05.07 15:03:49 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ROUTE.EXE
[2011.05.07 15:03:49 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MRINFO.EXE
[2011.05.07 15:02:51 | 002,386,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMVCORE.DLL
[2011.05.07 15:02:39 | 000,714,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\timedate.cpl
[2011.05.07 15:01:53 | 001,259,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\lsasrv.dll
[2011.05.07 15:01:21 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdxm.tlb
[2011.05.07 15:01:21 | 000,018,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\amcompat.tlb
[2011.05.07 15:01:17 | 000,526,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate_isv.exe
[2011.05.07 15:01:17 | 000,471,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc_isv.dll
[2011.05.07 15:01:17 | 000,471,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc.dll
[2011.05.07 15:01:17 | 000,346,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate_ssp_isv.exe
[2011.05.07 15:01:16 | 000,518,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate.exe
[2011.05.07 15:01:16 | 000,347,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate_ssp.exe
[2011.05.07 15:01:16 | 000,332,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdrm.dll
[2011.05.07 15:01:16 | 000,152,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc_ssp_isv.dll
[2011.05.07 15:01:16 | 000,152,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc_ssp.dll
[2011.05.07 15:01:10 | 000,243,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rastls.dll
[2011.05.07 15:01:09 | 000,604,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMSPDMOD.DLL
[2011.05.07 15:01:08 | 001,314,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\quartz.dll
[2011.05.07 15:01:08 | 000,091,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\avifil32.dll
[2011.05.07 15:01:08 | 000,082,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mciavi32.dll
[2011.05.07 15:01:07 | 000,355,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WSDApi.dll
[2011.05.07 15:01:07 | 000,123,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msvfw32.dll
[2011.05.07 14:59:04 | 000,310,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\unregmp2.exe
[2011.05.07 14:59:03 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spwmp.dll
[2011.05.07 14:59:02 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdxm.ocx
[2011.05.07 14:59:02 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxmasf.dll
[2011.05.07 14:58:44 | 000,044,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wups2.dll
[2011.05.07 14:58:43 | 002,421,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wucltux.dll
[2011.05.07 14:58:26 | 000,575,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuapi.dll
[2011.05.07 14:58:26 | 000,087,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wudriver.dll
[2011.05.07 14:58:26 | 000,035,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wups.dll
[2011.05.07 14:58:21 | 000,171,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuwebv.dll
[2011.05.07 14:58:21 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuapp.exe
[2011.05.07 11:22:28 | 000,000,000 | -HSD | C] -- C:\found.003
[2011.05.06 18:52:24 | 000,000,000 | ---D | C] -- C:\Windows\System32\MpEngineStore
[2011.05.06 14:16:29 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Roaming\Avira
[2011.05.05 22:17:48 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Local\{9A611894-845A-4041-8FA9-48C6ADB2BA14}
[2011.05.05 21:32:44 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Roaming\Opera
[2011.05.05 21:32:44 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Local\Opera
[2011.04.23 03:01:15 | 000,000,000 | ---D | C] -- C:\Users\Administrator\Documents\My Games
[2011.04.23 02:57:55 | 000,107,888 | ---- | C] (Sony DADC Austria AG.) -- C:\Windows\System32\CmdLineExt.dll
[2011.04.22 05:17:01 | 000,000,000 | ---D | C] -- C:\Users\Administrator\Documents\MEMENTO
[2011.04.22 04:17:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\dtp entertainment
[2011.04.21 22:39:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASCARON Entertainment
[2011.04.21 22:34:44 | 000,000,000 | -HSD | C] -- C:\Windows\ftpcache
[2011.04.21 22:21:39 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Roaming\Media Player Classic
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2011.05.10 18:32:15 | 000,003,648 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2011.05.10 18:32:15 | 000,003,648 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2011.05.10 18:32:07 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011.05.10 18:32:07 | 000,036,864 | ---- | M] () -- C:\Windows\System32\umstartup.etl
[2011.05.10 18:32:05 | 3755,966,464 | -HS- | M] () -- C:\hiberfil.sys
[2011.05.10 00:39:12 | 000,240,123 | ---- | M] () -- C:\ProgramData\nvModes.001
[2011.05.10 00:39:11 | 000,000,318 | -H-- | M] () -- C:\Windows\tasks\{BBAEAEAF-1275-40e2-BD6C-BC8F88BD114A}.job
[2011.05.10 00:39:09 | 000,000,262 | -H-- | M] () -- C:\Windows\tasks\{810401E2-DDE0-454e-B0E2-AA89C9E5967C}.job
[2011.05.10 00:03:59 | 000,001,166 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1376967859-582049725-33702389-1124UA.job
[2011.05.09 23:00:01 | 002,407,184 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2011.05.09 21:26:01 | 000,240,123 | ---- | M] () -- C:\ProgramData\nvModes.dat
[2011.05.09 21:04:00 | 000,001,114 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1376967859-582049725-33702389-1124Core.job
[2011.05.09 20:43:48 | 001,556,992 | ---- | M] () -- C:\Windows\is-MRLS1.exe
[2011.05.09 20:43:48 | 000,025,599 | ---- | M] () -- C:\Windows\is-MRLS1.msg
[2011.05.09 20:43:48 | 000,001,775 | ---- | M] () -- C:\Users\Public\Desktop\CDBurnerXP.lnk
[2011.05.09 20:43:48 | 000,000,346 | ---- | M] () -- C:\Windows\is-MRLS1.lst
[2011.05.07 15:35:35 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_User_WpdMtpDr_01_07_00.Wdf
[2011.05.07 15:35:31 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_User_WpdFs_01_07_00.Wdf
[2011.05.07 03:33:51 | 000,600,112 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2011.05.07 03:33:51 | 000,134,200 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2011.05.07 03:33:51 | 000,111,740 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2011.05.07 03:33:51 | 000,000,000 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2011.05.06 16:55:57 | 000,000,000 | ---- | M] () -- C:\Users\Administrator\AppData\Local\Xzuxure.bin
[2011.05.06 15:35:31 | 000,000,680 | ---- | M] () -- C:\Users\Administrator\AppData\Local\d3d9caps.dat
[2011.05.06 13:54:28 | 000,001,829 | ---- | M] () -- C:\Users\Public\Desktop\TuneUp 1-Klick-Wartung.lnk
[2011.05.06 13:54:28 | 000,001,825 | ---- | M] () -- C:\Users\Public\Desktop\TuneUp Utilities 2011.lnk
[2011.05.05 22:17:50 | 000,000,120 | ---- | M] () -- C:\Users\Administrator\AppData\Local\Mkafevedecote.dat
[2011.05.05 21:34:54 | 000,001,574 | ---- | M] () -- C:\Users\Public\Desktop\Opera.lnk
[2011.04.23 02:57:55 | 000,107,888 | ---- | M] (Sony DADC Austria AG.) -- C:\Windows\System32\CmdLineExt.dll
[2011.04.21 22:39:28 | 000,000,659 | ---- | M] () -- C:\Users\Administrator\Desktop\ANSTOSS 2007.lnk
[2011.04.21 22:12:38 | 000,247,296 | ---- | M] () -- C:\Users\Administrator\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files Created - No Company Name ==========
[2011.05.09 21:14:03 | 000,000,318 | -H-- | C] () -- C:\Windows\tasks\{BBAEAEAF-1275-40e2-BD6C-BC8F88BD114A}.job
[2011.05.09 20:43:48 | 001,556,992 | ---- | C] () -- C:\Windows\is-MRLS1.exe
[2011.05.09 20:43:48 | 000,025,599 | ---- | C] () -- C:\Windows\is-MRLS1.msg
[2011.05.09 20:43:48 | 000,001,775 | ---- | C] () -- C:\Users\Public\Desktop\CDBurnerXP.lnk
[2011.05.09 20:43:48 | 000,001,725 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CDBurnerXP.lnk
[2011.05.09 20:43:48 | 000,000,346 | ---- | C] () -- C:\Windows\is-MRLS1.lst
[2011.05.08 22:15:39 | 3755,966,464 | -HS- | C] () -- C:\hiberfil.sys
[2011.05.08 20:38:29 | 000,000,262 | -H-- | C] () -- C:\Windows\tasks\{810401E2-DDE0-454e-B0E2-AA89C9E5967C}.job
[2011.05.07 16:20:52 | 000,201,184 | ---- | C] () -- C:\Windows\System32\winrm.vbs
[2011.05.07 16:20:52 | 000,004,675 | ---- | C] () -- C:\Windows\System32\wsmanconfig_schema.xml
[2011.05.07 16:20:52 | 000,002,426 | ---- | C] () -- C:\Windows\System32\WsmTxt.xsl
[2011.05.07 15:35:35 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_User_WpdMtpDr_01_07_00.Wdf
[2011.05.07 15:35:31 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_User_WpdFs_01_07_00.Wdf
[2011.05.07 15:04:40 | 002,501,921 | ---- | C] () -- C:\Windows\System32\wlan.tmf
[2011.05.06 14:11:11 | 000,000,680 | ---- | C] () -- C:\Users\Administrator\AppData\Local\d3d9caps.dat
[2011.05.06 13:54:28 | 000,001,829 | ---- | C] () -- C:\Users\Public\Desktop\TuneUp 1-Klick-Wartung.lnk
[2011.05.05 22:17:50 | 000,000,120 | ---- | C] () -- C:\Users\Administrator\AppData\Local\Mkafevedecote.dat
[2011.05.05 22:17:50 | 000,000,000 | ---- | C] () -- C:\Users\Administrator\AppData\Local\Xzuxure.bin
[2011.05.05 21:34:54 | 000,001,586 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk
[2011.05.05 21:34:54 | 000,001,574 | ---- | C] () -- C:\Users\Public\Desktop\Opera.lnk
[2011.04.21 22:39:28 | 000,000,659 | ---- | C] () -- C:\Users\Administrator\Desktop\ANSTOSS 2007.lnk
[2011.04.03 10:45:50 | 000,001,536 | ---- | C] () -- C:\Windows\EyeCand3.INI
[2011.04.03 08:14:39 | 000,000,209 | ---- | C] () -- C:\Windows\ODBCINST.INI
[2011.04.02 23:08:43 | 000,025,773 | ---- | C] () -- C:\Users\Administrator\AppData\Roaming\UserTile.png
[2011.04.02 20:42:55 | 000,000,014 | ---- | C] () -- C:\Windows\popcinfo.dat
[2011.03.26 14:15:23 | 000,001,057 | ---- | C] () -- C:\Users\Administrator\AppData\Roaming\vso_ts_preview.xml
[2011.03.25 22:18:42 | 000,725,064 | ---- | C] () -- C:\Windows\System32\pwNative.exe
[2011.03.25 22:18:42 | 000,016,472 | ---- | C] () -- C:\Windows\System32\pwdrvio.sys
[2011.03.25 22:18:37 | 000,011,104 | ---- | C] () -- C:\Windows\System32\pwdspio.sys
[2011.03.25 21:42:34 | 000,247,296 | ---- | C] () -- C:\Users\Administrator\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.03.09 12:08:17 | 000,001,008 | ---- | C] () -- C:\Windows\wininit.ini
[2010.01.01 19:08:10 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat
[2009.11.13 23:04:19 | 000,000,478 | ---- | C] () -- C:\Windows\crackpdf.INI
[2009.11.12 17:59:14 | 000,000,056 | -H-- | C] () -- C:\Windows\System32\ezsidmv.dat
[2009.11.11 04:32:56 | 000,000,046 | ---- | C] () -- C:\Windows\PCCT.INI
[2009.11.11 01:36:34 | 000,007,168 | ---- | C] () -- C:\Windows\System32\drivers\StarOpen.sys
[2009.11.10 18:38:37 | 000,940,608 | RHS- | C] () -- C:\Windows\System32\csrcs.exe
[2009.11.10 18:38:37 | 000,940,608 | ---- | C] () -- C:\Windows\System32\73517313.exe
[2009.11.10 18:30:51 | 000,240,123 | ---- | C] () -- C:\ProgramData\nvModes.001
[2009.11.10 18:30:50 | 000,240,123 | ---- | C] () -- C:\ProgramData\nvModes.dat
[2009.11.10 18:29:15 | 001,724,416 | ---- | C] () -- C:\Windows\System32\nvwdmcpl.dll
[2009.11.10 18:29:15 | 001,657,376 | ---- | C] () -- C:\Windows\System32\nwiz.exe
[2009.11.10 18:29:15 | 001,503,232 | ---- | C] () -- C:\Windows\System32\nView.dll
[2009.11.10 18:29:15 | 001,101,824 | ---- | C] () -- C:\Windows\System32\nvwimg.dll
[2009.11.10 18:29:15 | 000,466,944 | ---- | C] () -- C:\Windows\System32\nvShell.dll
[2009.11.10 18:29:15 | 000,449,056 | ---- | C] () -- C:\Windows\System32\nvAppBar.exe
[2009.11.10 18:29:15 | 000,158,240 | ---- | C] () -- C:\Windows\System32\nvTaskbar.exe
[2009.11.10 07:46:25 | 000,178,176 | ---- | C] () -- C:\Windows\System32\unrar.dll
[2009.11.10 07:17:15 | 000,000,111 | ---- | C] () -- C:\Windows\installation.ini
[2009.11.10 06:45:39 | 000,120,200 | ---- | C] () -- C:\Windows\System32\DLLDEV32i.dll
[2009.11.10 06:01:05 | 000,062,976 | ---- | C] () -- C:\Windows\System32\PrintBrmUi.exe
[2009.11.10 06:00:58 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2009.11.10 06:00:20 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2009.11.10 06:00:20 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2009.06.19 20:06:22 | 000,197,912 | ---- | C] () -- C:\Windows\System32\physxcudart_20.dll
[2009.06.19 20:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelTraditionalChinese.dll
[2009.06.19 20:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSwedish.dll
[2009.06.19 20:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSpanish.dll
[2009.06.19 20:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSimplifiedChinese.dll
[2009.06.19 20:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelPortugese.dll
[2009.06.19 20:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelKorean.dll
[2009.06.19 20:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelJapanese.dll
[2009.06.19 20:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelGerman.dll
[2009.06.19 20:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelFrench.dll
[2008.11.06 18:37:32 | 003,596,288 | ---- | C] () -- C:\Windows\System32\qt-dx331.dll
[2006.11.02 18:10:16 | 000,080,912 | ---- | C] () -- C:\Windows\System32\sherlock2.exe
[2006.11.02 17:42:41 | 000,290,748 | ---- | C] () -- C:\Windows\System32\perfi007.dat
[2006.11.02 17:42:41 | 000,134,200 | ---- | C] () -- C:\Windows\System32\perfc007.dat
[2006.11.02 17:42:41 | 000,036,916 | ---- | C] () -- C:\Windows\System32\perfd007.dat
[2006.11.02 17:42:41 | 000,000,000 | ---- | C] () -- C:\Windows\System32\perfh007.dat
[2006.11.02 14:56:48 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2006.11.02 14:47:43 | 002,407,184 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2006.11.02 12:33:01 | 000,600,112 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2006.11.02 12:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2006.11.02 12:33:01 | 000,111,740 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2006.11.02 12:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2006.11.02 12:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2006.11.02 10:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2006.11.02 10:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2006.11.02 09:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006.11.02 09:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
[2001.07.20 07:09:58 | 000,196,608 | ---- | C] () -- C:\Windows\System32\swfobjs.dll
========== Alternate Data Streams ==========
@Alternate Data Stream - 134 bytes -> C:\ProgramData\TEMP:054B9966
< End of report >
--- --- ---
OTL Logfile: Code:
OTL Extras logfile created on: 10.05.2011 19:30:34 - Run 1
OTL by OldTimer - Version 3.2.22.3 Folder = F:\
Windows Vista Business Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6002.18005)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
3,00 Gb Total Physical Memory | 3,00 Gb Available Physical Memory | 79,00% Memory free
7,00 Gb Paging File | 7,00 Gb Available in Paging File | 92,00% Paging File free
Paging file location(s): C:\pagefile.sys 0 0 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 48,83 Gb Total Space | 7,50 Gb Free Space | 15,37% Space Free | Partition Type: NTFS
Drive D: | 100,11 Gb Total Space | 57,01 Gb Free Space | 56,94% Space Free | Partition Type: NTFS
Drive F: | 961,72 Mb Total Space | 673,97 Mb Free Space | 70,08% Space Free | Partition Type: FAT
Computer Name: MARKETING-LAP | User Name: Administrator | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.html [@ = Opera.HTML] -- C:\Program Files\Opera\Opera.exe (Opera Software)
.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Opera\Opera.exe" "%1" (Opera Software)
https [open] -- "C:\Program Files\Opera\Opera.exe" "%1" (Opera Software)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Directory [runas] -- cmd.exe /c takeown /f "%1" && icacls "%1" /grant administrators:F (Microsoft Corporation)
Folder [open] -- Reg Error: Key error.
Folder [explore] -- Reg Error: Key error.
Drive [find] -- Reg Error: Key error.
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows NT\SystemRestore]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{002DCAE3-D951-4C89-8EFC-8BBCA1D146B8}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{083F0A3D-9F7C-4F6A-AAC7-4395D33C27E6}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{0C97E82F-2B94-4EF6-9963-ABFF67EF335B}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{12DDA065-B09A-4244-86CA-1247C1C7D236}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{2530413E-A391-4C5E-9D61-6EB40E26182D}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{48C30369-9468-4D15-B340-ACDCD0C501AA}" = lport=2869 | protocol=6 | dir=in | app=system |
"{597DAFAB-A454-4570-AEEA-1D4AD15FE787}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{611040F2-773C-4011-8138-6B6795BFFDA7}" = lport=990 | protocol=6 | dir=in | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{61214288-707E-4D25-9BA3-3ABFF8AA98CC}" = rport=5679 | protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{69CDCA6C-290D-45FF-A725-5A06498875A0}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{81F3C232-BEEC-402A-B61E-BD95DDA72E29}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{AC3E2A04-A457-45E1-9BCE-E9638C3C5032}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=c:\windows\system32\svchost.exe |
"{ADC88C81-E6E4-4C93-9434-228F9ABE776F}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{AE44BB83-22C1-47D5-AAB0-CF82DB758AA7}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{B05F1D4E-9AA3-4D72-91FE-9141F65E4F77}" = lport=10243 | protocol=6 | dir=in | app=system |
"{B578793A-4451-40E2-9D14-BFBD02DEDA46}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{C0FF85BF-94EA-486E-AD51-1DC2ACCECDBE}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{D87A3343-D6B9-458C-89F7-D9FA10F40795}" = rport=10243 | protocol=6 | dir=out | app=system |
"{E4A5228D-2167-46ED-B8D1-521E91890E37}" = lport=2869 | protocol=6 | dir=in | app=system |
"{E6A23ADB-99A7-454F-8B2D-01E35D35EF1C}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{F29D395E-EE78-4CDE-AA97-459CFB66FA92}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=c:\windows\system32\svchost.exe |
"{FC3718B3-C196-4E1F-AF9E-5BB6EA618CFC}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0C16E878-D41D-431C-9FAE-E92A217A6598}" = protocol=6 | dir=out | app=system |
"{178D26CA-0B02-4B99-86BD-FA1AD0CB8655}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{17B50102-0E65-45A9-BECA-843B4E865D44}" = protocol=6 | dir=in | app=c:\program files\opera\opera.exe |
"{1EB73675-89DB-47D0-AD10-A02A2D93DBFB}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{6BAEC9D5-FA6F-4A6E-A70D-171899FCE73B}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{6DB3EE80-693D-4011-A59C-76E3721B639D}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{777F62C1-6DAB-4ADD-971B-452EF867738C}" = protocol=6 | dir=out | app=c:\windows\system32\wudfhost.exe |
"{82051943-4347-40A8-B156-119303FA5D2C}" = protocol=17 | dir=in | app=c:\program files\opera\opera.exe |
"{88DF0007-0C94-4224-93F5-B7B82A47227D}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{A7D4F69F-5497-406F-A5B5-DAB357A0F9EC}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{C155431B-FBD2-44E3-B9E8-BBB7AA593C55}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{D3848D21-BB9A-4C44-BAF9-FF576B8EBA04}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{D60B92F7-B2F3-401E-A725-121C452EE5E4}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{D8DB697C-DBE4-430C-8E79-0D5E1DB162C2}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{D99B66FA-661D-4A31-BFA4-D894E57E4211}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{E32CFE5E-A6E5-4A05-BF48-5E8DD6E7BB79}" = protocol=17 | dir=in | app=c:\program files\sonos\sonos.exe |
"{F0B9C30D-BC2B-4933-90CC-6380278B51D1}" = protocol=6 | dir=out | app=system |
"{FA6A1E84-5A14-4ECD-9757-DEC732C974F1}" = protocol=6 | dir=out | svc=upnphost | app=c:\windows\system32\svchost.exe |
"{FCF6E3BC-69B2-41C0-ACC7-1210C9F1432E}" = protocol=6 | dir=in | app=c:\program files\sonos\sonos.exe |
"{FEE7E6A6-2747-41F3-B3D6-CE4AF6ABC774}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"TCP Query User{1848D14B-6F74-48B4-AEF5-9433D0B525A5}C:\program files\vuze\azureus.exe" = protocol=6 | dir=in | app=c:\program files\vuze\azureus.exe |
"TCP Query User{2BE9D046-E99E-41B3-85E8-8EA15A9CC92F}C:\program files\sonicwall\sonicwall global vpn client\swgvpnclient.exe" = protocol=6 | dir=in | app=c:\program files\sonicwall\sonicwall global vpn client\swgvpnclient.exe |
"TCP Query User{5E26A412-F8C9-405E-B765-6CF7FDDD9704}C:\program files\opera\opera.exe" = protocol=6 | dir=in | app=c:\program files\opera\opera.exe |
"TCP Query User{8649C98D-6926-443D-A08A-4F205D7BA571}C:\program files\google\google earth\plugin\geplugin.exe" = protocol=6 | dir=in | app=c:\program files\google\google earth\plugin\geplugin.exe |
"TCP Query User{A98BBA1F-DCA2-4232-909A-7317D47F7960}C:\program files\age of booty\age of booty.exe" = protocol=6 | dir=in | app=c:\program files\age of booty\age of booty.exe |
"TCP Query User{C27A580C-76D9-49D0-9DFE-1200878C38C5}C:\program files\videolan\vlc\vlc.exe" = protocol=6 | dir=in | app=c:\program files\videolan\vlc\vlc.exe |
"TCP Query User{FBFD0C85-68B5-4C2E-B4D0-84FF31149C52}C:\program files\java\jre6\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe |
"UDP Query User{014C2F24-1890-4353-833F-D29CFDDDF61A}C:\program files\vuze\azureus.exe" = protocol=17 | dir=in | app=c:\program files\vuze\azureus.exe |
"UDP Query User{0D932268-D1EE-43BE-8546-8E553B249C55}C:\program files\sonicwall\sonicwall global vpn client\swgvpnclient.exe" = protocol=17 | dir=in | app=c:\program files\sonicwall\sonicwall global vpn client\swgvpnclient.exe |
"UDP Query User{352BB706-A7C7-4D95-9E32-D09AD8178E7E}C:\program files\java\jre6\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe |
"UDP Query User{74C185FA-8B31-40ED-ABFA-E9953A01DF3D}C:\program files\videolan\vlc\vlc.exe" = protocol=17 | dir=in | app=c:\program files\videolan\vlc\vlc.exe |
"UDP Query User{DA61CCFD-3382-4FAF-88F6-BAA2BAF36237}C:\program files\age of booty\age of booty.exe" = protocol=17 | dir=in | app=c:\program files\age of booty\age of booty.exe |
"UDP Query User{EFE1BD91-4688-484E-9EE1-409E04937F03}C:\program files\opera\opera.exe" = protocol=17 | dir=in | app=c:\program files\opera\opera.exe |
"UDP Query User{FEA741C6-C8CC-43D5-9B3C-E3C1DC26DE9D}C:\program files\google\google earth\plugin\geplugin.exe" = protocol=17 | dir=in | app=c:\program files\google\google earth\plugin\geplugin.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu
"{05308C4E-7285-4066-BAE3-6B50DA6ED755}" = Adobe Update Manager CS4
"{054EFA56-2AC1-48F4-A883-0AB89874B972}" = Adobe Extension Manager CS4
"{0927890C-3369-42FE-898E-71653057D2BB}_is1" = Age of Booty
"{098727E1-775A-4450-B573-3F441F1CA243}" = kuler
"{098A2A49-7CF3-4F08-A38D-FB879117152A}" = Adobe Color NA Extra Settings CS4
"{0D6013AB-A0C7-41DC-973C-E93129C9A29F}" = Adobe Color JA Extra Settings CS4
"{0DC0E85F-36E4-463B-B3EA-4CD8ED2222A1}" = Adobe Color EU Recommended Settings CS4
"{0F723FC1-7606-4867-866C-CE80AD292DAF}" = Adobe CSI CS4
"{1401311D-3960-4CEB-AC0B-4214F069E5B9}" = Sonos Desktop Controller
"{1451DE6B-ABE1-4F62-BE9A-B363A17588A2}" = QuickTime
"{15BF7AAF-846C-4A6D-80E1-5D1FC7FB461B}" = Adobe SGM CS4
"{1618734A-3957-4ADD-8199-F973763109A8}" = Adobe Anchor Service CS4
"{16E16F01-2E2D-4248-A42F-76261C147B6C}" = Adobe Drive CS4
"{16E6D2C1-7C90-4309-8EC4-D2212690AAA4}" = AdobeColorCommonSetRGB
"{197A3012-8C85-4FD3-AB66-9EC7E13DB92E}" = Adobe AIR
"{1a413f37-ed88-4fec-9666-5c48dc4b7bb7}" = YouTube Downloader 2.5.3
"{1B7C06E1-4888-47A6-992A-0990B9683486}" = Adobe Version Cue CS4 Server
"{1DCA3EAA-6EB5-4563-A970-EA14D75037BA}" = Adobe InDesign CS4
"{1E04CB54-AF4E-4AC3-B4B7-C0A160BE57F1}" = Adobe InDesign CS4 Icon Handler
"{21AE04E8-EBF6-40DB-9AA9-B7A80C5D057D}" = mkv2vob
"{24036256-BFDB-4CD3-BE8A-A3D6160F2E16}" = TuneUp Utilities 2011
"{26A24AE4-039D-4CA4-87B4-2F83216017FF}" = Java(TM) 6 Update 17
"{2BAF2B96-7560-48B4-87D4-10178DDBE217}" = Adobe InDesign CS4 Application Feature Set Files (Roman)
"{30C8AA56-4088-426F-91D1-0EDFD3A25678}" = Adobe Dreamweaver CS4
"{329304C3-75E2-4648-BCF3-86CDAF08567F}" = Xirrus Wi-Fi Inspector
"{35D94F92-1D3A-43C5-8605-EA268B1A7BD9}" = PDF Settings CS4
"{36A1E3D6-288A-4EEE-A081-30D9808B2BE3}" = Joe
"{39F6E2B4-CFE8-C30A-66E8-489651F0F34C}" = Adobe Media Player
"{3A4E8896-C2E7-4084-A4A4-B8FD1894E739}" = Adobe XMP Panels CS4
"{3A6829EF-0791-4FDD-9382-C690DD0821B9}" = Adobe Flash Player 10 ActiveX
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3D2C9DE6-9ADE-4252-A241-E43723B0CE02}" = Adobe Color - Photoshop Specific CS4
"{3DA8DF9A-044E-46C4-8531-DEDBB0EE37FF}" = Adobe WinSoft Linguistics Plugin
"{408CD2E8-3977-449B-8102-76F158D4885F}" = Oracle VM VirtualBox 4.0.4
"{428FDF9F-E010-4C4C-A8BB-156960AFCA1C}" = Adobe Fireworks CS4
"{43509E18-076E-40FE-AF38-CA5ED400A5A9}" = Pixel Bender Toolkit
"{47C6F987-685A-41AE-B092-E75B277AEE39}" = Adobe Flash CS4 Extension - Flash Lite STI others
"{4943EFF5-229F-435D-BEA9-BE3CAEA783A7}" = Adobe Service Manager Extension
"{4A52555C-032A-4083-BDD9-6A85ABFB39A8}" = Adobe SING CS4
"{55718B4B90B54F7EADC5621C750A14E6}" = DivX Author 1.5
"{5D4C60AA-84E6-4E1A-8A68-69970D387BE1}" = TuneUp Utilities Language Pack (de-DE)
"{5DB65884-C963-4454-AABA-4CA3089281FA}" = NVIDIA PhysX
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{60DB5894-B5A1-4B62-B0F3-669A22C0EE5D}" = Adobe Dynamiclink Support
"{63C24A08-70F3-4C8E-B9FB-9F21A903801D}" = Adobe Color Video Profiles CS CS4
"{63E5CDBF-8214-4F03-84F8-CD3CE48639AD}" = Adobe Photoshop CS4 Support
"{67F0E67A-8E93-4C2C-B29D-47C48262738A}" = Adobe Device Central CS4
"{68243FF8-83CA-466B-B2B8-9F99DA5479C4}" = AdobeColorCommonSetCMYK
"{706EA4A8-97B5-4C29-A0F3-0B38C666F0C4}" = QuarkXPress
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{746F49C9-3789-4F8E-AF3A-3A4B42ACFAF8}" = Spellforce 2 Gold
"{76399B91-C83E-4DC0-BC4F-6352985A29EF}" = Apex Data Loader 17
"{7CC7BDD5-6F10-4724-96A1-EAC7D9F2831C}" = Adobe InDesign CS4 Common Base Files
"{7E265513-8CDA-4631-B696-F40D983F3B07}_is1" = CDBurnerXP
"{8186FF34-D389-4B7E-9A2F-C197585BCFBD}" = Adobe Media Encoder CS4 Importer
"{820D3F45-F6EE-4AAF-81EF-CE21FF21D230}" = Adobe Type Support CS4
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83877DB1-8B77-45BC-AB43-2BAC22E093E0}" = Adobe Bridge CS4
"{842B4B72-9E8F-4962-B3C1-1C422A5C4434}" = Suite Shared Configuration CS4
"{851C67EF-068A-4060-9EF5-2E3DDCD68382}" = Adobe Photoshop Elements 3.0
"{87532CAB-7932-4F84-8937-823337622807}" = Adobe Illustrator CS4
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_SMALLBUSINESS_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_SMALLBUSINESS_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2007
"{90120000-0019-0407-0000-0000000FF1CE}_SMALLBUSINESS_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2007
"{90120000-001A-0407-0000-0000000FF1CE}_SMALLBUSINESS_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_SMALLBUSINESS_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_SMALLBUSINESS_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_SMALLBUSINESS_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_SMALLBUSINESS_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_SMALLBUSINESS_{322296D4-1EAE-4030-9FBC-D2787EB25FA2}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_SMALLBUSINESS_{26454C26-D259-4543-AA60-3189E09C5F76}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00CA-0000-0000-0000000FF1CE}" = Microsoft Office Small Business 2007
"{90120000-00CA-0000-0000-0000000FF1CE}_SMALLBUSINESS_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00CA-0000-0000-0000000FF1CE}_SMALLBUSINESS_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{931AB7EA-3656-4BB7-864D-022B09E3DD67}" = Adobe Linguistics CS4
"{94D398EB-D2FD-4FD1-B8C4-592635E8A191}" = Adobe CMaps CS4
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}" = Dell Touchpad
"{A128921B-D03F-4BFB-8141-C365AA48D660}" = Adobe Setup
"{A2881E09-38DB-4F79-9135-00FDA01768A7}" = Adobe Creative Suite 4 Design Premium
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC0BAA05-28E6-4911-B3F3-0AE2EB0F54A1}" = AKVIS Sketch
"{AC76BA86-1033-F400-7760-000000000004}" = Adobe Acrobat 9 Pro - English, Français, Deutsch
"{AC76BA86-7AD7-1031-7B44-A92000000001}" = Adobe Reader 9.2 - Deutsch
"{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter
"{B29AD377-CC12-490A-A480-1452337C618D}" = Connect
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B65BA85C-0A27-4BC0-A22D-A66F0E5B9494}" = Adobe Photoshop CS4
"{B9F4561A-924D-4510-A85A-BB0960C338CB}" = Adobe Asset Services CS4
"{BB4E33EC-8181-4685-96F7-8554293DEC6A}" = Adobe Output Module
"{BD3374D3-C2E6-42B7-A80B-E850B6886246}" = Adobe Flash CS4 STI-other
"{C52E3EC1-048C-45E1-8D53-10B0C6509683}" = Adobe Default Language CS4
"{C86E7C99-E4AD-79C7-375B-1AEF9A91EC2B}" = Acrobat.com
"{CC75AB5C-2110-4A7F-AF52-708680D22FE8}" = Photoshop Camera Raw
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{DB6AB705-C9BD-40E3-8929-2EA57F36A4FF}_is1" = ConvertXtoDVD 4.1.2.336
"{DEB90B8E-0DCB-48CE-B90E-8842A2BD643E}" = Adobe Media Encoder CS4
"{DF6FE172-006A-4324-AF7F-ACFE4BA290FE}" = AAVUpdateManager
"{F0E64E2E-3A60-40D8-A55D-92F6831875DA}" = Adobe Search for Help
"{F6E99614-F042-4459-82B7-8B38B2601356}" = Adobe Flash CS4
"{F8EF2B3F-C345-4F20-8FE4-791A20333CD5}" = Adobe ExtendScript Toolkit CS4
"{F93C84A6-0DC6-42AF-89FA-776F7C377353}" = Adobe PDF Library Files CS4
"{FA031DA5-05D0-4937-BD2B-DCEC47A2506B}_is1" = ANSTOSS 2007
"{FCDD51BB-CAD0-4BB1-B7DF-CE86D1032794}" = Adobe Fonts All
"123 AVI to GIF Converter_is1" = 123 AVI to GIF Converter 3.0
"7-Zip" = 7-Zip 4.65
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe_55230b0b70661df0f212e88f0b655f7" = Adobe Creative Suite 4 Design Premium
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player
"com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com
"DivX Plus DirectShow Filters" = DivX Plus DirectShow Filters
"DivX Setup.divx.com" = DivX-Setup
"EVEREST Ultimate Edition_is1" = EVEREST Ultimate Edition v5.50
"Free Audio CD Burner_is1" = Free Audio CD Burner version 1.4.7
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.9.32
"Fun Morph_is1" = Fun Morph 3.0
"InstallShield_{329304C3-75E2-4648-BCF3-86CDAF08567F}" = Xirrus Wi-Fi Inspector
"IsoBuster_is1" = IsoBuster 1.5
"KLiteCodecPack_is1" = K-Lite Codec Pack 5.7.0 (Standard)
"Licking Dog Screen Clean Screensaver" = Licking Dog Screen Clean Screensaver
"Live 8.0.4" = Live 8.0.4
"Memento Mori_is1" = Memento Mori
"Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Mozilla Firefox (3.6.2pre)" = Mozilla Firefox (3.6.2pre)
"Native Instruments Traktor DJ Studio 3" = Native Instruments Traktor DJ Studio 3
"Novation K-Station "factory presets"" = Novation K-Station "factory presets"
"Novation V-Station v1.20-H2O" = Novation V-Station v1.20-H2O
"NVIDIA Drivers" = NVIDIA Drivers
"nView Desktop Manager" = NVIDIA nView Desktop Manager
"OpenAL" = OpenAL
"Opera 11.10.2092" = Opera 11.10
"Orion v3.7" = Orion v3.7
"SMALLBUSINESS" = Microsoft Office Small Business 2007
"Total Video Converter 3.02_is1" = Total Video Converter 3.02
"TuneUp Utilities 2011" = TuneUp Utilities 2011
"Uninstall_is1" = Uninstall 1.0.0.1
"VLC media player" = VLC media player 1.0.3
"WinRAR archiver" = WinRAR
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 09.05.2011 14:04:53 | Computer Name = Marketing-Lap | Source = profsvc | ID = 1542
Description = Die Klassenregistrierungsdatei kann nicht geladen werden. DETAIL -
Das System kann die angegebene Datei nicht finden.
Error - 09.05.2011 14:05:45 | Computer Name = Marketing-Lap | Source = LoadPerf | ID = 3001
Description =
Error - 09.05.2011 14:32:19 | Computer Name = Marketing-Lap | Source = profsvc | ID = 1542
Description = Die Klassenregistrierungsdatei kann nicht geladen werden. DETAIL -
Das System kann die angegebene Datei nicht finden.
Error - 09.05.2011 14:39:04 | Computer Name = Marketing-Lap | Source = LoadPerf | ID = 3001
Description =
Error - 09.05.2011 15:10:17 | Computer Name = MARKETING-LAP | Source = Software Licensing Service | ID = 1001
Description = Fehler beim Starten des Softwarelizenzierungsdienstes. hr=0x80070002,
[2, 4]
Error - 09.05.2011 15:10:20 | Computer Name = MARKETING-LAP | Source = profsvc | ID = 1542
Description = Die Klassenregistrierungsdatei kann nicht geladen werden. DETAIL -
Das System kann die angegebene Datei nicht finden.
Error - 09.05.2011 15:10:32 | Computer Name = Marketing-Lap | Source = profsvc | ID = 1542
Description = Die Klassenregistrierungsdatei kann nicht geladen werden. DETAIL -
Das System kann die angegebene Datei nicht finden.
Error - 09.05.2011 15:18:13 | Computer Name = Marketing-Lap | Source = LoadPerf | ID = 3001
Description =
Error - 09.05.2011 15:25:16 | Computer Name = Marketing-Lap | Source = profsvc | ID = 1542
Description = Die Klassenregistrierungsdatei kann nicht geladen werden. DETAIL -
Das System kann die angegebene Datei nicht finden.
Error - 09.05.2011 15:31:01 | Computer Name = Marketing-Lap | Source = LoadPerf | ID = 3001
Description =
[ OSession Events ]
Error - 07.12.2009 11:53:45 | Computer Name = Kalmanun-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 2243
seconds with 780 seconds of active time. This session ended with a crash.
Error - 15.12.2009 03:26:53 | Computer Name = Kalmanun-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 4
seconds with 0 seconds of active time. This session ended with a crash.
[ System Events ]
Error - 09.05.2011 18:27:46 | Computer Name = Marketing-Lap | Source = Service Control Manager | ID = 7001
Description =
Error - 09.05.2011 18:27:46 | Computer Name = Marketing-Lap | Source = Service Control Manager | ID = 7001
Description =
Error - 09.05.2011 18:27:46 | Computer Name = Marketing-Lap | Source = Service Control Manager | ID = 7001
Description =
Error - 09.05.2011 18:27:46 | Computer Name = Marketing-Lap | Source = Service Control Manager | ID = 7001
Description =
Error - 09.05.2011 18:27:46 | Computer Name = Marketing-Lap | Source = Service Control Manager | ID = 7001
Description =
Error - 09.05.2011 18:27:46 | Computer Name = Marketing-Lap | Source = Service Control Manager | ID = 7001
Description =
Error - 09.05.2011 18:27:46 | Computer Name = Marketing-Lap | Source = Service Control Manager | ID = 7001
Description =
Error - 09.05.2011 18:28:06 | Computer Name = Marketing-Lap | Source = Service Control Manager | ID = 7006
Description =
Error - 09.05.2011 18:28:06 | Computer Name = Marketing-Lap | Source = Service Control Manager | ID = 7006
Description =
Error - 09.05.2011 18:35:13 | Computer Name = Marketing-Lap | Source = Service Control Manager | ID = 7030
Description =
< End of report >
--- --- --- |
