Hallo,
hier die TXT von OTL: Code:
All processes killed
========== OTL ==========
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{E634228A-03CF-4BC8-B0AB-668257F1FD8C} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E634228A-03CF-4BC8-B0AB-668257F1FD8C}\ deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{D4027C7F-154A-4066-A1AD-4243D8127440} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\Restrictions\ deleted successfully.
Registry key HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer\Control Panel\ deleted successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job moved successfully.
========== COMMANDS ==========
[EMPTYTEMP]
User: All Users
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: Public
->Temp folder emptied: 0 bytes
User: Reinhard
->Temp folder emptied: 4798260 bytes
->Temporary Internet Files folder emptied: 350563782 bytes
->Flash cache emptied: 794 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 9255708 bytes
RecycleBin emptied: 0 bytes
Total Files Cleaned = 348,00 mb
OTL by OldTimer - Version 3.2.29.1 log created on 10162011_131124
Files\Folders moved on Reboot...
Registry entries deleted on Reboot... Und hier die Logfiles des Scan:
OTL Logfile: Code:
OTL logfile created on: 16.10.2011 13:21:48 - Run 6
OTL by OldTimer - Version 3.2.29.1 Folder = C:\Users\Reinhard\Downloads
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
2,99 Gb Total Physical Memory | 1,76 Gb Available Physical Memory | 58,71% Memory free
6,21 Gb Paging File | 4,70 Gb Available in Paging File | 75,75% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 100,09 Gb Total Space | 49,08 Gb Free Space | 49,04% Space Free | Partition Type: NTFS
Drive D: | 188,00 Gb Total Space | 148,14 Gb Free Space | 78,80% Space Free | Partition Type: NTFS
Drive F: | 7,66 Gb Total Space | 7,58 Gb Free Space | 98,97% Space Free | Partition Type: FAT32
Drive G: | 1,88 Gb Total Space | 1,87 Gb Free Space | 99,53% Space Free | Partition Type: FAT
Computer Name: REINHARD-PC | User Name: Reinhard | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2011.10.15 12:03:01 | 000,247,968 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\System32\Macromed\Flash\FlashUtil11c_ActiveX.exe
PRC - [2011.10.11 14:52:55 | 000,080,336 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
PRC - [2011.10.11 14:52:39 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe
PRC - [2011.10.11 14:52:28 | 000,463,824 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\avwebgrd.exe
PRC - [2011.10.11 14:52:27 | 000,342,480 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\avmailc.exe
PRC - [2011.10.11 14:52:26 | 000,616,400 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\avfwsvc.exe
PRC - [2011.10.11 14:52:26 | 000,258,512 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
PRC - [2011.10.11 14:52:26 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe
PRC - [2011.10.10 17:36:30 | 000,582,656 | ---- | M] (OldTimer Tools) -- C:\Users\Reinhard\Downloads\OTL.exe
PRC - [2011.09.14 21:04:59 | 004,611,456 | ---- | M] (SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
PRC - [2011.08.12 01:38:07 | 000,116,608 | ---- | M] (SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SASCore.exe
PRC - [2011.07.30 10:27:50 | 000,307,376 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Google Toolbar\GoogleToolbarUser_32.exe
PRC - [2011.06.06 12:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2010.08.19 10:52:14 | 000,241,664 | ---- | M] (Huawei Technologies Co., Ltd.) -- C:\ProgramData\DatacardService\DCSHelper.exe
PRC - [2010.08.19 10:52:04 | 000,229,376 | ---- | M] () -- C:\ProgramData\DatacardService\DCService.exe
PRC - [2010.05.04 13:07:22 | 000,503,080 | ---- | M] (Nero AG) -- C:\Program Files\Nero\Update\NASvc.exe
PRC - [2009.12.31 14:13:52 | 000,110,592 | ---- | M] (Huawei Technologies Co., Ltd.) -- C:\Users\Reinhard\AppData\Roaming\T-Mobile Internet Manager\ouc.exe
PRC - [2009.04.10 23:28:16 | 000,117,248 | ---- | M] () -- \\?\C:\Windows\System32\wbem\WMIADAP.EXE
PRC - [2009.04.10 23:27:38 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2009.02.23 12:48:50 | 000,030,312 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe
PRC - [2008.11.11 09:38:06 | 000,620,544 | ---- | M] (Nokia.) -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
PRC - [2008.09.19 08:52:04 | 000,130,560 | ---- | M] () -- C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe
PRC - [2008.06.03 08:02:34 | 000,119,808 | ---- | M] () -- C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe
PRC - [2008.05.23 07:11:56 | 000,819,200 | ---- | M] (Intel(R) Corporation) -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe
PRC - [2008.05.23 06:43:52 | 000,466,944 | ---- | M] (Intel(R) Corporation) -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
PRC - [2008.05.22 10:33:54 | 000,688,128 | ---- | M] (SAMSUNG Electronics) -- C:\Program Files\Samsung\Easy Display Manager\dmhkcore.exe
PRC - [2008.05.13 02:13:28 | 000,085,672 | ---- | M] () -- C:\Program Files\Samsung\Samsung Update Plus\SLUTrayNotifier.exe
PRC - [2008.04.25 14:31:34 | 000,565,248 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Program Files\Samsung\EasySpeedUpManager\EasySpeedUpManager.exe
PRC - [2008.04.17 08:26:46 | 000,352,256 | ---- | M] (SAMSUNG Electronics co., LTD.) -- C:\Program Files\Samsung\EBM\EasyBatteryMgr3.exe
PRC - [2008.04.17 04:50:00 | 006,111,232 | ---- | M] (Realtek Semiconductor) -- C:\Windows\RtHDVCpl.exe
PRC - [2008.02.23 09:02:48 | 002,146,840 | ---- | M] (WareCentral.com) -- C:\Program Files\Warecentral\PrintKey-Pro\PKey_Pro.exe
PRC - [2008.01.21 04:25:26 | 000,192,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\p2phost.exe
PRC - [2007.07.05 00:41:42 | 000,045,056 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Program Files\Samsung\Samsung Magic Doctor\MagicDoctorKbdHk.exe
PRC - [2007.04.13 08:49:00 | 000,101,528 | ---- | M] () -- C:\Program Files\Canon\IJPLM\ijplmsvc.exe
PRC - [2007.03.14 16:47:00 | 000,237,568 | ---- | M] () -- C:\Program Files\Samsung\Samsung PC Studio 7\LaunchApplication.exe
PRC - [2007.02.22 16:04:44 | 000,851,968 | ---- | M] (Nokia Mobile Phones Ltd.) -- C:\Program Files\Common Files\PCSuite\DataLayer\DataLayer.exe
PRC - [2007.02.04 12:02:14 | 000,079,400 | ---- | M] (Nuance Communications, Inc.) -- C:\Program Files\ScanSoft\OmniPageSE4\OpWareSE4.exe
========== Modules (No Company Name) ==========
MOD - [2011.10.16 13:18:34 | 000,063,488 | ---- | M] () -- C:\ProgramData\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10006.dll
MOD - [2011.10.16 13:18:34 | 000,052,736 | ---- | M] () -- C:\ProgramData\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10007.dll
MOD - [2011.10.10 22:01:18 | 000,117,760 | ---- | M] () -- C:\ProgramData\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\UIREPAIR.DLL
MOD - [2011.10.10 22:01:18 | 000,052,224 | ---- | M] () -- C:\ProgramData\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10005.dll
MOD - [2008.05.13 02:13:28 | 000,085,672 | ---- | M] () -- C:\Program Files\Samsung\Samsung Update Plus\SLUTrayNotifier.exe
MOD - [2007.03.14 16:47:00 | 000,237,568 | ---- | M] () -- C:\Program Files\Samsung\Samsung PC Studio 7\LaunchApplication.exe
MOD - [2007.03.13 09:35:00 | 000,569,344 | ---- | M] () -- C:\Program Files\Samsung\Samsung PC Studio 7\PhoneBrowser.dll
MOD - [2007.03.04 22:45:08 | 000,028,160 | ---- | M] () -- C:\Program Files\Samsung\Samsung PC Studio 7\Lang\PhoneBrowser_ger.NLR
MOD - [2007.03.04 22:31:10 | 000,045,056 | ---- | M] () -- C:\Program Files\Common Files\PCSuite\DataLayer\Lang\DataLayer_ger.NLR
MOD - [2007.02.23 10:22:50 | 000,552,960 | ---- | M] () -- C:\Program Files\Samsung\Samsung PC Studio 7\PCSCM.dll
MOD - [2006.08.12 05:48:40 | 000,049,152 | ---- | M] () -- C:\Program Files\Samsung\Samsung Magic Doctor\HookDllPS2.dll
MOD - [2006.08.12 05:48:40 | 000,049,152 | ---- | M] () -- C:\Program Files\Samsung\EasySpeedUpManager\HookDllPS2.dll
MOD - [2006.08.12 05:48:40 | 000,049,152 | ---- | M] () -- C:\Program Files\Samsung\Easy Display Manager\HookDllPS2.dll
========== Win32 Services (SafeList) ==========
SRV - [2011.10.11 14:52:39 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2011.10.11 14:52:28 | 000,463,824 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE -- (AntiVirWebService)
SRV - [2011.10.11 14:52:27 | 000,342,480 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avmailc.exe -- (AntiVirMailService)
SRV - [2011.10.11 14:52:26 | 000,616,400 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avfwsvc.exe -- (AntiVirFirewallService)
SRV - [2011.10.11 14:52:26 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2011.08.12 01:38:07 | 000,116,608 | ---- | M] (SUPERAntiSpyware.com) [Auto | Running] -- C:\Program Files\SUPERAntiSpyware\SASCORE.EXE -- (!SASCORE)
SRV - [2011.06.06 12:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2010.08.19 10:52:04 | 000,229,376 | ---- | M] () [Auto | Running] -- C:\ProgramData\DatacardService\DCService.exe -- (DCService.exe)
SRV - [2010.05.04 13:07:22 | 000,503,080 | ---- | M] (Nero AG) [Auto | Running] -- C:\Program Files\Nero\Update\NASvc.exe -- (NAUpdate)
SRV - [2009.02.23 12:48:50 | 000,030,312 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe -- (BcmSqlStartupSvc)
SRV - [2008.11.11 09:38:06 | 000,620,544 | ---- | M] (Nokia.) [On_Demand | Running] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2008.05.23 07:11:56 | 000,819,200 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe -- (EvtEng)
SRV - [2008.05.23 06:43:52 | 000,466,944 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe -- (RegSrvc)
SRV - [2008.05.13 01:47:20 | 000,077,480 | ---- | M] () [Auto | Stopped] -- C:\Program Files\Samsung\Samsung Update Plus\SLUBackgroundService.exe -- (Samsung Update Plus)
SRV - [2008.01.21 04:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2007.04.13 08:49:00 | 000,101,528 | ---- | M] () [Auto | Running] -- C:\Program Files\Canon\IJPLM\ijplmsvc.exe -- (IJPLMSVC)
========== Driver Services (SafeList) ==========
DRV - [2011.10.11 14:52:55 | 000,134,344 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\avipbb.sys -- (avipbb)
DRV - [2011.10.11 14:52:55 | 000,074,640 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\System32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2011.10.11 14:52:55 | 000,036,000 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\avkmgr.sys -- (avkmgr)
DRV - [2011.10.11 14:52:53 | 000,111,160 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\avfwot.sys -- (avfwot)
DRV - [2011.10.11 14:52:53 | 000,091,096 | ---- | M] (Avira GmbH) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\avfwim.sys -- (avfwim)
DRV - [2011.07.22 18:27:02 | 000,012,880 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\sasdifsv.sys -- (SASDIFSV)
DRV - [2011.07.12 23:55:22 | 000,067,664 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL)
DRV - [2010.06.17 15:14:27 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2010.04.09 15:24:18 | 000,069,504 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ew_jucdcacm.sys -- (huawei_cdcacm)
DRV - [2010.04.09 15:24:12 | 000,063,616 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ew_jubusenum.sys -- (huawei_enumerator)
DRV - [2010.03.25 10:08:38 | 000,105,984 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ewusbmdm.sys -- (hwdatacard)
DRV - [2010.03.20 11:56:04 | 000,101,504 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ew_hwusbdev.sys -- (ew_hwusbdev)
DRV - [2009.12.15 10:46:26 | 000,024,192 | ---- | M] (Bytemobile, Inc.) [Kernel | System | Running] -- C:\Windows\System32\drivers\tcpipBM.sys -- (tcpipBM)
DRV - [2009.12.15 10:46:18 | 000,013,184 | ---- | M] (Bytemobile, Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\BMLoad.sys -- (BMLoad)
DRV - [2008.09.12 06:01:15 | 000,013,312 | ---- | M] (SAMSUNG ELECTRONICS CO., LTD.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\KMDFMEMIO.sys -- (KMDFMEMIO)
DRV - [2008.08.26 09:26:12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2008.08.05 20:29:26 | 000,044,576 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvhda32v.sys -- (NVHDA)
DRV - [2008.07.26 21:24:00 | 007,548,000 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2008.06.05 09:30:28 | 000,242,048 | ---- | M] (Vimicro Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\vmc302.sys -- (VMC302)
DRV - [2008.05.08 11:51:18 | 000,226,328 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\iaNvStor.sys -- (iaNvStor) Intel(R)
DRV - [2008.01.21 04:23:20 | 002,225,664 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\NETw3v32.sys -- (NETw3v32) Intel(R)
DRV - [2007.09.13 08:17:58 | 000,755,712 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\athr.sys -- (athr)
DRV - [2007.06.06 13:22:26 | 000,168,576 | ---- | M] (10moons Technologies Co.,Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\tridvid.sys -- (TridVid)
DRV - [2007.05.02 16:32:34 | 000,135,680 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nmwcdsa.sys -- (nmwcdsa)
DRV - [2007.05.02 16:31:54 | 000,012,288 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nmwcdsacm.sys -- (nmwcdsacm)
DRV - [2007.05.02 16:31:54 | 000,012,288 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nmwcdsacj.sys -- (nmwcdsacj)
DRV - [2007.05.02 16:31:54 | 000,008,320 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nmwcdsac.sys -- (nmwcdsac)
DRV - [2006.11.28 09:11:00 | 001,161,888 | ---- | M] (Agere Systems) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\AGRSM.sys -- (AgereSoftModem)
DRV - [2006.11.02 09:30:53 | 000,045,056 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\bcm4sbxp.sys -- (bcm4sbxp)
DRV - [2005.12.18 20:42:12 | 000,008,801 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files\DScaler\DSDrv4.sys -- (DSDrv4)
DRV - [2002.09.03 19:31:12 | 000,019,296 | ---- | M] (Minolta Co., Ltd.) [Kernel | Auto | Stopped] -- C:\Windows\System32\MLPTDR_C.SYS -- (MLPTDR_C)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://dict.leo.org/
IE - HKCU\..\URLSearchHook: {E634228A-03CF-4BC8-B0AB-668257F1FD8C} - No CLSID value found
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.69\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.69\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\ff-bmboc@bytemobile.com: C:\Program Files\T-Mobile\InternetManager_H\OCx32\addon [2011.08.08 18:42:41 | 000,000,000 | ---D | M]
O1 HOSTS File: ([2011.04.27 16:07:57 | 000,000,027 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe (CANON INC.)
O4 - HKLM..\Run: [DataCardMonitor] C:\Program Files\T-Mobile\InternetManager_H\DataCardMonitor.exe (Huawei Technologies Co., Ltd.)
O4 - HKLM..\Run: [DataLayer] C:\Program Files\Common Files\PCSuite\DataLayer\DataLayer.exe (Nokia Mobile Phones Ltd.)
O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\Windows\System32\NvMcTray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [OpwareSE4] C:\Program Files\ScanSoft\OmniPageSE4\OpwareSE4.exe (Nuance Communications, Inc.)
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [S60TrayApplication] C:\Program Files\Samsung\Samsung PC Studio 7\LaunchApplication.exe ()
O4 - HKCU..\Run: [CollaborationHost] C:\Windows\System32\p2phost.exe (Microsoft Corporation)
O4 - HKCU..\Run: [HW_OPENEYE_OUC_T-Mobile Internet Manager] C:\Program Files\T-Mobile\InternetManager_H\UpdateDog\ouc.exe (Huawei Technologies Co., Ltd.)
O4 - HKCU..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware.com)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: Google Sidewiki... - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll (Google Inc.)
O9 - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000016 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O15 - HKCU\..Trusted Domains: fritz.box ([]* in Local intranet)
O15 - HKCU\..Trusted Ranges: Range1 ([*] in Local intranet)
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} hxxp://download.eset.com/special/eos/OnlineScanner.cab (OnlineScanner Control)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{A6EE64C0-691D-4DB2-B089-840E422C0194}: DhcpNameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{B4261174-F54D-4EFC-90D8-D987931A9D54}: DhcpNameServer = 192.168.178.1
O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) -C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\!SASWinLogon: DllName - (C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL) - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL (SUPERAntiSpyware.com)
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 30 Days ==========
[2011.10.16 13:11:24 | 000,000,000 | ---D | C] -- C:\_OTL
[2011.10.15 21:16:58 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2011.10.15 21:15:09 | 002,382,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2011.10.15 21:15:07 | 001,798,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2011.10.15 21:15:07 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2011.10.15 21:15:06 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2011.10.15 21:15:06 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2011.10.15 09:55:38 | 000,000,000 | ---D | C] -- C:\Program Files\ESET
[2011.10.15 09:53:03 | 002,043,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2011.10.15 09:52:58 | 000,293,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\psisdecd.dll
[2011.10.15 09:52:58 | 000,217,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\psisrndr.ax
[2011.10.15 09:52:58 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Mpeg2Data.ax
[2011.10.15 09:52:57 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSDvbNP.ax
[2011.10.15 09:52:42 | 000,555,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\UIAutomationCore.dll
[2011.10.15 09:52:41 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\oleaccrc.dll
[2011.10.15 09:36:53 | 000,000,000 | ---D | C] -- C:\Users\Reinhard\AppData\Roaming\Avira
[2011.10.15 09:36:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
[2011.10.15 09:35:27 | 000,134,344 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\avipbb.sys
[2011.10.15 09:35:27 | 000,111,160 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\avfwot.sys
[2011.10.15 09:35:27 | 000,091,096 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\avfwim.sys
[2011.10.15 09:35:27 | 000,074,640 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\avgntflt.sys
[2011.10.15 09:35:27 | 000,036,000 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\avkmgr.sys
[2011.10.15 09:35:27 | 000,028,520 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\ssmdrv.sys
[2011.10.15 09:35:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Avira
[2011.10.15 09:35:21 | 000,000,000 | ---D | C] -- C:\Program Files\Avira
[2011.10.10 22:01:13 | 000,000,000 | ---D | C] -- C:\Users\Reinhard\AppData\Roaming\SUPERAntiSpyware.com
[2011.10.10 22:00:47 | 000,000,000 | ---D | C] -- C:\Users\Reinhard\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
[2011.10.10 22:00:44 | 000,000,000 | ---D | C] -- C:\ProgramData\SUPERAntiSpyware.com
[2011.10.10 22:00:44 | 000,000,000 | ---D | C] -- C:\Program Files\SUPERAntiSpyware
[2011.10.10 21:13:51 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe
[2011.10.10 21:13:51 | 000,000,000 | ---D | C] -- C:\Program Files\Adobe
[2011.10.10 21:10:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
[2011.10.10 18:07:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
[2011.10.10 18:07:11 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2011.10.09 18:41:47 | 000,000,000 | ---D | C] -- C:\Users\Reinhard\AppData\Roaming\Malwarebytes
[2011.10.09 18:41:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011.10.09 18:41:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2011.10.09 18:41:32 | 000,022,216 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2011.10.09 18:41:32 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2011.10.09 17:17:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PrintKey-Pro
[2011.10.09 17:17:20 | 000,000,000 | ---D | C] -- C:\Program Files\Warecentral
[2010.10.15 10:11:22 | 001,668,392 | ---- | C] (Microsoft Corporation) -- C:\Program Files\NM30.EXE
========== Files - Modified Within 30 Days ==========
[2011.10.16 13:23:09 | 000,704,866 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2011.10.16 13:23:09 | 000,650,552 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2011.10.16 13:23:09 | 000,156,174 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2011.10.16 13:23:09 | 000,127,188 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2011.10.16 13:18:11 | 000,221,936 | ---- | M] () -- C:\ProgramData\nvModes.001
[2011.10.16 13:15:52 | 000,065,536 | ---- | M] () -- C:\Windows\System32\Ikeext.etl
[2011.10.16 13:15:42 | 000,004,784 | ---- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2011.10.16 13:15:42 | 000,004,784 | ---- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2011.10.16 13:15:23 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011.10.16 13:14:19 | 3215,572,992 | -HS- | M] () -- C:\hiberfil.sys
[2011.10.16 13:13:31 | 000,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat
[2011.10.16 12:59:31 | 000,377,048 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2011.10.15 15:40:43 | 000,001,931 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2011.10.15 12:03:01 | 000,414,368 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2011.10.15 11:54:54 | 000,000,306 | RHS- | M] () -- C:\ProgramData\ntuser.pol
[2011.10.15 10:56:44 | 000,002,591 | ---- | M] () -- C:\Users\Reinhard\Desktop\Microsoft Office Word 2007.lnk
[2011.10.15 09:40:51 | 000,221,936 | ---- | M] () -- C:\ProgramData\nvModes.dat
[2011.10.15 09:40:21 | 000,002,429 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\PrintKey-Pro.lnk
[2011.10.15 09:36:38 | 000,001,807 | ---- | M] () -- C:\Users\Public\Desktop\Avira Control Center.lnk
[2011.10.11 14:52:55 | 000,134,344 | ---- | M] (Avira GmbH) -- C:\Windows\System32\drivers\avipbb.sys
[2011.10.11 14:52:55 | 000,074,640 | ---- | M] (Avira GmbH) -- C:\Windows\System32\drivers\avgntflt.sys
[2011.10.11 14:52:55 | 000,036,000 | ---- | M] (Avira GmbH) -- C:\Windows\System32\drivers\avkmgr.sys
[2011.10.11 14:52:53 | 000,111,160 | ---- | M] (Avira GmbH) -- C:\Windows\System32\drivers\avfwot.sys
[2011.10.11 14:52:53 | 000,091,096 | ---- | M] (Avira GmbH) -- C:\Windows\System32\drivers\avfwim.sys
[2011.10.10 22:00:47 | 000,001,760 | ---- | M] () -- C:\Users\Reinhard\Desktop\SUPERAntiSpyware Free Edition.lnk
[2011.10.10 21:52:56 | 000,158,638 | ---- | M] () -- C:\Users\Reinhard\Documents\cc_20111010_215241.reg
[2011.10.10 21:14:17 | 000,001,852 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader X.lnk
[2011.10.10 18:07:15 | 000,000,764 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2011.10.10 17:35:38 | 000,031,909 | ---- | M] () -- C:\Users\Reinhard\Documents\85104-otl-otlogfile-oldtimer.htm
[2011.10.09 17:24:25 | 000,261,850 | ---- | M] () -- C:\Users\Reinhard\Documents\Schienennetzplan_69_03_2011.pdf
========== Files Created - No Company Name ==========
[2011.10.15 11:54:54 | 000,000,306 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2011.10.15 09:36:38 | 000,001,807 | ---- | C] () -- C:\Users\Public\Desktop\Avira Control Center.lnk
[2011.10.10 22:00:47 | 000,001,760 | ---- | C] () -- C:\Users\Reinhard\Desktop\SUPERAntiSpyware Free Edition.lnk
[2011.10.10 21:52:47 | 000,158,638 | ---- | C] () -- C:\Users\Reinhard\Documents\cc_20111010_215241.reg
[2011.10.10 21:14:17 | 000,001,852 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader X.lnk
[2011.10.10 21:14:17 | 000,001,804 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
[2011.10.10 21:10:40 | 000,001,931 | ---- | C] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2011.10.10 18:07:15 | 000,000,764 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2011.10.10 17:35:56 | 000,031,909 | ---- | C] () -- C:\Users\Reinhard\Documents\85104-otl-otlogfile-oldtimer.htm
[2011.10.09 17:24:28 | 000,261,850 | ---- | C] () -- C:\Users\Reinhard\Documents\Schienennetzplan_69_03_2011.pdf
[2011.10.09 17:17:22 | 000,002,429 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\PrintKey-Pro.lnk
[2011.07.17 11:25:44 | 000,004,479 | ---- | C] () -- C:\Windows\cdplayer.ini
[2011.07.17 11:25:25 | 000,001,492 | ---- | C] () -- C:\ProgramData\ss.ini
[2011.04.28 15:58:41 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2011.04.28 15:57:44 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2011.04.27 16:03:24 | 000,256,512 | ---- | C] () -- C:\Windows\PEV.exe
[2011.04.27 16:03:24 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2011.04.27 16:03:24 | 000,089,088 | ---- | C] () -- C:\Windows\MBR.exe
[2011.04.27 16:03:24 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2011.04.27 16:03:24 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2010.10.15 09:26:41 | 000,024,206 | ---- | C] () -- C:\Users\Reinhard\AppData\Roaming\UserTile.png
[2010.03.01 22:30:44 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2009.10.11 17:46:55 | 000,028,672 | ---- | C] () -- C:\Windows\System32\drivers\VendorCmdRW.dll
[2009.10.11 17:46:39 | 000,028,672 | ---- | C] () -- C:\Windows\System32\VendorCmdRW.dll
[2009.05.15 20:59:09 | 000,017,408 | ---- | C] () -- C:\Users\Reinhard\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009.05.11 17:44:53 | 000,000,412 | ---- | C] () -- C:\Windows\MAXLINK.INI
[2009.03.22 12:55:16 | 000,000,617 | ---- | C] () -- C:\Windows\Emu48.ini
[2008.11.10 01:46:04 | 000,221,936 | ---- | C] () -- C:\ProgramData\nvModes.001
[2008.11.10 01:45:59 | 000,221,936 | ---- | C] () -- C:\ProgramData\nvModes.dat
[2008.09.12 21:41:06 | 000,000,012 | ---- | C] () -- C:\Windows\bthservsdp.dat
[2008.09.12 06:03:48 | 000,001,670 | ---- | C] () -- C:\Windows\HotFixList.ini
[2008.09.12 06:03:25 | 000,307,200 | ---- | C] () -- C:\Windows\SetDisplayResolution.exe
[2008.09.12 06:03:06 | 000,000,135 | R--- | C] () -- C:\Windows\System32\lngEng.ini
[2008.09.12 06:03:06 | 000,000,117 | ---- | C] () -- C:\Windows\System32\lngKor.ini
[2008.09.12 05:56:00 | 000,040,960 | ---- | C] () -- C:\Windows\System32\IhDEV.exe
[2008.09.12 05:56:00 | 000,024,576 | ---- | C] () -- C:\Windows\System32\IhINF.exe
[2008.09.12 05:54:39 | 000,172,032 | ---- | C] () -- C:\Windows\System32\nvccoin.dll
[2008.09.11 17:12:00 | 000,704,866 | ---- | C] () -- C:\Windows\System32\perfh007.dat
[2008.09.11 17:12:00 | 000,290,748 | ---- | C] () -- C:\Windows\System32\perfi007.dat
[2008.09.11 17:12:00 | 000,156,174 | ---- | C] () -- C:\Windows\System32\perfc007.dat
[2008.09.11 17:12:00 | 000,036,916 | ---- | C] () -- C:\Windows\System32\perfd007.dat
[2008.09.11 17:02:18 | 001,060,424 | ---- | C] () -- C:\Windows\System32\WdfCoInstaller01000.dll
[2008.02.09 18:03:07 | 000,024,576 | ---- | C] () -- C:\Windows\System32\drivers\Marker.exe
[2007.02.26 09:49:12 | 006,139,774 | ---- | C] () -- C:\Windows\System32\imagine digital freedom.dat
[2006.11.02 14:57:28 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2006.11.02 14:47:37 | 000,377,048 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2006.11.02 14:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006.11.02 12:33:01 | 000,650,552 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2006.11.02 12:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2006.11.02 12:33:01 | 000,127,188 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2006.11.02 12:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2006.11.02 12:25:21 | 000,061,440 | ---- | C] () -- C:\Windows\System32\igfxTMM.dll
[2006.11.02 12:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2006.11.02 10:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2006.11.02 10:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2006.11.02 09:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006.11.02 09:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
[2002.10.10 14:09:52 | 000,022,040 | ---- | C] () -- C:\Windows\MSTMON_C.INI
[2002.09.03 21:38:42 | 000,032,768 | ---- | C] () -- C:\Windows\System32\MCMM___C.DLL
[2002.09.03 17:38:02 | 000,010,242 | ---- | C] () -- C:\Windows\MSUMLT_C.INI
[2001.11.14 05:56:00 | 001,802,240 | ---- | C] () -- C:\Windows\System32\lcppn21.dll
========== LOP Check ==========
[2010.09.27 20:59:18 | 000,000,000 | ---D | M] -- C:\Users\Reinhard\AppData\Roaming\Canon
[2011.08.04 09:54:46 | 000,000,000 | ---D | M] -- C:\Users\Reinhard\AppData\Roaming\Datalayer
[2009.07.25 13:59:23 | 000,000,000 | ---D | M] -- C:\Users\Reinhard\AppData\Roaming\PC Suite
[2010.10.15 09:26:41 | 000,000,000 | ---D | M] -- C:\Users\Reinhard\AppData\Roaming\PeerNetworking
[2011.08.04 11:49:18 | 000,000,000 | ---D | M] -- C:\Users\Reinhard\AppData\Roaming\Samsung
[2009.05.11 17:44:45 | 000,000,000 | ---D | M] -- C:\Users\Reinhard\AppData\Roaming\ScanSoft
[2010.09.20 20:44:34 | 000,000,000 | ---D | M] -- C:\Users\Reinhard\AppData\Roaming\SQLyog
[2011.08.08 18:44:19 | 000,000,000 | ---D | M] -- C:\Users\Reinhard\AppData\Roaming\T-Mobile
[2011.10.09 18:41:01 | 000,000,000 | ---D | M] -- C:\Users\Reinhard\AppData\Roaming\T-Mobile Internet Manager
[2011.10.16 13:13:31 | 000,032,534 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
========== Purity Check ==========
========== Alternate Data Streams ==========
@Alternate Data Stream - 183 bytes -> C:\ProgramData\TEMP:A5B56640
@Alternate Data Stream - 119 bytes -> C:\ProgramData\TEMP:06A7F9ED
< End of report > --- --- ---
[/code]
und die Extras:
OTL Logfile: Code:
OTL Extras logfile created on: 16.10.2011 13:21:48 - Run 6
OTL by OldTimer - Version 3.2.29.1 Folder = C:\Users\Reinhard\Downloads
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
2,99 Gb Total Physical Memory | 1,76 Gb Available Physical Memory | 58,71% Memory free
6,21 Gb Paging File | 4,70 Gb Available in Paging File | 75,75% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 100,09 Gb Total Space | 49,08 Gb Free Space | 49,04% Space Free | Partition Type: NTFS
Drive D: | 188,00 Gb Total Space | 148,14 Gb Free Space | 78,80% Space Free | Partition Type: NTFS
Drive F: | 7,66 Gb Total Space | 7,58 Gb Free Space | 98,97% Space Free | Partition Type: FAT32
Drive G: | 1,88 Gb Total Space | 1,87 Gb Free Space | 99,53% Space Free | Partition Type: FAT
Computer Name: REINHARD-PC | User Name: Reinhard | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiSpyware]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{02F4CFD2-E1DA-4321-8E38-E5A1C15B688F}" = rport=3587 | protocol=6 | dir=out | svc=p2psvc | app=%systemroot%\system32\svchost.exe |
"{07429F46-517D-4558-BB77-2102DF0AC4A6}" = lport=3702 | protocol=17 | dir=in | app=%systemroot%\system32\netproj.exe |
"{12A22832-A60C-4D40-9B79-7CE446D414C3}" = rport=3702 | protocol=17 | dir=out | app=%systemroot%\system32\netproj.exe |
"{13F24517-A679-480A-8281-4B94C8CFCC92}" = rport=139 | protocol=6 | dir=out | app=system |
"{14315AEE-9EDC-4179-AE23-992AEE7822A6}" = lport=139 | protocol=6 | dir=in | app=system |
"{14342C58-2D7D-4B98-9EE1-8BDFE096B036}" = rport=5358 | protocol=6 | dir=out | app=system |
"{17F32EB5-47EB-4A25-BC68-F53A0100A974}" = lport=3540 | protocol=17 | dir=in | svc=pnrpsvc | app=%systemroot%\system32\svchost.exe |
"{1901E616-DDFA-4B10-8BDD-3AED50F3E06F}" = lport=3587 | protocol=6 | dir=in | svc=p2psvc | app=%systemroot%\system32\svchost.exe |
"{2043F52E-C031-4B7D-9B7D-EBBC90302A4C}" = lport=5722 | protocol=6 | dir=in | svc=dfsr | app=%systemroot%\system32\dfsr.exe |
"{209EA8D2-253E-4B80-ADD4-0A5014455AD2}" = rport=5722 | protocol=6 | dir=out | svc=dfsr | app=%systemroot%\system32\dfsr.exe |
"{23E84EB8-EA38-4083-95F1-CD4453F9A02B}" = lport=3702 | protocol=17 | dir=in | app=%systemroot%\system32\p2phost.exe |
"{306F8DD5-045C-4967-8594-A703435FA82E}" = rport=138 | protocol=17 | dir=out | app=system |
"{43810252-DADC-485B-8827-E130BAE3733B}" = lport=3702 | protocol=17 | dir=in | app=%systemroot%\system32\netproj.exe |
"{44A5D88A-21D7-4363-8AD4-FBDAE64E6ED0}" = lport=445 | protocol=6 | dir=in | app=system |
"{45472588-FAC0-47CB-AFD9-63D6BB69FAFD}" = lport=137 | protocol=17 | dir=in | app=system |
"{45491F36-811B-466A-A44D-4CFD2F792F23}" = rport=5722 | protocol=6 | dir=out | svc=dfsr | app=%systemroot%\system32\dfsr.exe |
"{484B02A4-7099-490F-A89D-F631DAAC5B96}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office12\outlook.exe |
"{4A7D91CE-11C1-4456-BD92-2D38DF8050DB}" = rport=3702 | protocol=17 | dir=out | app=%systemroot%\system32\p2phost.exe |
"{4BF367EB-4124-465C-8DB0-7DE190A817D8}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{4D3C5B61-FB12-4C5A-826A-1B89894ADB02}" = rport=3702 | protocol=17 | dir=out | app=%systemroot%\system32\netproj.exe |
"{4D62F391-020D-4945-8669-C3C5B55696B9}" = rport=3540 | protocol=17 | dir=out | svc=pnrpsvc | app=%systemroot%\system32\svchost.exe |
"{68EDB7CD-9198-4827-82CC-43C13D1607AB}" = lport=138 | protocol=17 | dir=in | app=system |
"{6D0970F8-EF4B-497A-B36E-B3DCAC03A14B}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{7282780A-3655-40D1-AA88-6F97B2EBDC66}" = rport=3587 | protocol=6 | dir=out | svc=p2psvc | app=%systemroot%\system32\svchost.exe |
"{7ADC6558-348E-431A-91C8-CBCD109AB739}" = lport=5722 | protocol=6 | dir=in | svc=dfsr | app=%systemroot%\system32\dfsr.exe |
"{8AB16911-0D7B-41C8-977D-44BC5C4BE206}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{8B016B59-AE6A-4DD9-AE33-2BDB635F60FB}" = lport=3587 | protocol=6 | dir=in | svc=p2psvc | app=%systemroot%\system32\svchost.exe |
"{8CA2B3BF-01CF-4182-BDF1-89A96DA9BB0B}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{8EEA17F3-031A-48A3-9803-0AB37234ED96}" = rport=5357 | protocol=6 | dir=out | app=system |
"{8F0C27DC-B7FB-4E4C-A93D-B81AE62C55C1}" = lport=3702 | protocol=17 | dir=in | app=%systemroot%\system32\p2phost.exe |
"{A134E267-D1DC-4A49-9EF6-62F63F0A248A}" = lport=5358 | protocol=6 | dir=in | app=system |
"{C078CEAB-9E2C-4AA7-BF39-41191040A91F}" = lport=3540 | protocol=17 | dir=in | svc=pnrpsvc | app=%systemroot%\system32\svchost.exe |
"{CD97FB65-BE4A-4E4F-8670-A5511B9A207D}" = rport=137 | protocol=17 | dir=out | app=system |
"{DF35A2C2-F78B-4BD9-B318-DD07F89D9ADB}" = rport=445 | protocol=6 | dir=out | app=system |
"{DFD72D7D-8E3A-4845-B3FF-C8D14BA5D255}" = lport=5357 | protocol=6 | dir=in | app=system |
"{E248DC6D-01A3-4C13-8C37-CD4673FB0046}" = rport=3702 | protocol=17 | dir=out | app=%systemroot%\system32\p2phost.exe |
"{E5E99007-82B8-4FF4-87BA-352B2CAA4D60}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{EAA3D75C-C09B-4919-B619-49A17907D068}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{EFC56220-B481-4260-88A3-AD02CA29754B}" = rport=3540 | protocol=17 | dir=out | svc=pnrpsvc | app=%systemroot%\system32\svchost.exe |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{03187831-040B-44A4-9736-02C38C1175DD}" = protocol=6 | dir=in | app=%programfiles%\windows collaboration\wincollab.exe |
"{06616141-AD25-4946-8AD7-22D796ED55F7}" = protocol=6 | dir=out | app=%programfiles%\windows collaboration\wincollab.exe |
"{105FFEB6-74D9-4253-A6E8-EC096D00EE03}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{1F1EE647-BE75-41B0-9974-24C120279376}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\groove.exe |
"{342C74D2-36AE-455E-8FD9-C95AAD9757C2}" = protocol=6 | dir=in | app=%systemroot%\system32\netproj.exe |
"{3BF2DFFC-1A48-4DDC-A610-170290D25E3C}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\groove.exe |
"{4330FEF9-005E-4ADA-AED6-9E051E805897}" = protocol=17 | dir=out | app=%programfiles%\windows collaboration\wincollab.exe |
"{4D30629D-C6F5-47DC-8884-18EAF7FF2FDD}" = protocol=6 | dir=out | app=%programfiles%\windows collaboration\wincollab.exe |
"{50143D51-CA3A-48A4-909D-B14410CDD2E6}" = protocol=6 | dir=out | app=%systemroot%\system32\p2phost.exe |
"{5438BF79-A844-42C8-939B-645940C7F66D}" = protocol=17 | dir=in | app=%programfiles%\windows collaboration\wincollab.exe |
"{5BE67C95-876A-4186-8A53-97723EF0EBA1}" = protocol=17 | dir=out | app=%programfiles%\windows collaboration\wincollab.exe |
"{5E163527-D76A-4529-BC27-9474CF23F98D}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{6C0E090D-EE3D-48FF-A7D5-1391FFAA64B7}" = protocol=6 | dir=out | app=%systemroot%\system32\p2phost.exe |
"{6C83C152-E86F-416B-A6D9-AFF1EBAFE1F5}" = protocol=6 | dir=in | app=%programfiles%\windows collaboration\wincollab.exe |
"{7C3BA603-D923-4D24-B17E-7A67B5501C91}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{830E78B9-B9CD-4D48-8BFD-CE3F8FA024F3}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{849076A7-8A1B-4429-BA29-B29387A77092}" = protocol=6 | dir=out | app=%systemroot%\system32\netproj.exe |
"{AD7B7FCA-4E93-47AF-A265-9F2049E21129}" = protocol=6 | dir=in | app=%systemroot%\system32\p2phost.exe |
"{B0E7BF0A-24B4-4C0A-8DD8-E0F6648C7A3C}" = protocol=6 | dir=in | app=%systemroot%\system32\p2phost.exe |
"{CA5CDCDB-FD58-4D93-971C-3C95AE247306}" = protocol=17 | dir=in | app=%programfiles%\windows collaboration\wincollab.exe |
"{D9B572E9-452B-4917-B48D-8652376E6B01}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{F04FB8FC-F1BD-4B04-8917-99E54A2B47BC}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"TCP Query User{0384A7C1-0456-4656-8CE1-A258744A1B4B}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"TCP Query User{14A71445-7880-40EE-B82A-8CD05C450833}C:\program files\netmeeting\conf.exe" = protocol=6 | dir=in | app=c:\program files\netmeeting\conf.exe |
"TCP Query User{3D276480-86C2-4782-93AC-7DB73206E0B3}C:\program files\google\google earth\client\googleearth.exe" = protocol=6 | dir=in | app=c:\program files\google\google earth\client\googleearth.exe |
"UDP Query User{36026129-07A6-4219-813D-EF35855716C2}C:\program files\netmeeting\conf.exe" = protocol=17 | dir=in | app=c:\program files\netmeeting\conf.exe |
"UDP Query User{525DD375-282A-4C07-AF19-A23163D1EE0E}C:\program files\google\google earth\client\googleearth.exe" = protocol=17 | dir=in | app=c:\program files\google\google earth\client\googleearth.exe |
"UDP Query User{B3E18432-1B7C-481F-A5D8-3DCD48EB0FC7}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{00AF10C1-44BD-4862-9D7F-24E6BA3E87FD}" = imagine digital freedom - Samsung
"{028ED9C4-25EE-4DEE-9CF4-91034BC89B18}" = Microsoft SQL Server 2005 Express Edition (MSSMLBIZ)
"{03D1988F-469F-4843-8E6E-E5FE9D17889D}" = WIDCOMM Bluetooth Software 6.0.1.6300
"{04983D37-2202-4295-94A2-8B547C66133F}" = Atheros WLAN Client
"{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu
"{07629207-FAA0-4F1A-8092-BF5085BE511F}" = Unterstützungsdateien für das Microsoft SQL Server-Setup (Englisch)
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP520_series" = Canon MP520 series
"{13A5E785-5197-4EAD-8EE3-D660271E49BC}" = Feedback Tool
"{145DE957-0679-4A2A-BB5C-1D3E9808FAB2}" = Samsung Recovery Solution III
"{17283B95-21A8-4996-97DA-547A48DB266F}" = Easy Display Manager
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{1FD5F102-362D-45A9-9173-D83189FFE1DA}" = MySQL Server 5.1
"{212748BB-0DA5-46DE-82A1-403736DC9F27}" = MSVC80_x86
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{2436F2A8-4B7E-4B6C-AE4E-604C84AA6A4F}" = Nero Core Components 10
"{308BD058-411C-4AF2-8BF6-A6C7CFD0270D}" = Easy Network Manager 4.0
"{32D6A58F-9659-446C-BBFC-E6F2B41F24DC}" = Samsung Magic Doctor
"{34610DE0-3C13-42CA-8E32-01FFA38AB6E8}" = PC Connectivity Solution
"{36BEAD11-8577-49AD-9250-E06A50AE87B0}" = Microsoft SOAP Toolkit 2.0 SP2
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{412AACB5-057F-465D-A542-A5A457106EE3}" = Driver Setup
"{4cb9f93c-9edc-4be9-ae61-af128ddbecfa}" = Business Contact Manager für Outlook 2007 SP2
"{50120000-1105-0000-0000-0000000FF1CE}" = Microsoft Office 2007 Primary Interop Assemblies
"{501451DE-5808-4599-B544-8BD0915B6B24}_is1" = FreeRIP v3.6
"{523B2B1B-D8DB-4B41-90FF-C4D799E2758A}" = Nero ControlCenter 10 Help (CHM)
"{5EFA4EA3-0604-458C-A06D-485F6B2724C9}" = PrintKey-Pro v1.05
"{65BB0407-4CC8-4DC7-952E-3EEFDF05602A}" = Nero Update
"{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites
"{685707A4-911C-468D-BFC4-64A50E5E3A0C}" = Samsung Update Plus
"{6DFB899F-17A2-48F0-A533-ED8D6866CF38}" = Nero Control Center 10
"{6F730513-8688-4C3C-90A3-6B9792CE2EF3}" = Easy Battery Manager
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{71A51B09-E7D3-11DB-A386-005056C00008}" = Vimicro UVC Camera
"{7AC15160-A49B-4A89-B181-D4619C025FFF}" = Samsung Samples Installer
"{7E84FAC8-C518-40F9-9807-7455301D6D25}" = SamsungConnectivityCableDriver
"{804F1285-8CBF-408D-8CDC-D4D40003B2E4}" = PlayCamera
"{842BEE12-CCCB-43F4-ABAF-CBA6DFE2583D}" = Nero BurnLite 10
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8F9C77FF-C017-4B12-BA71-A3A53BD52775}_is1" = AnyBizSoft PDF Converter (Build 2.5.0)
"{90120000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2007
"{90120000-0015-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2007
"{90120000-0019-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2007
"{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_ENTERPRISE_{322296D4-1EAE-4030-9FBC-D2787EB25FA2}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{90120000-0044-0407-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2007
"{90120000-0044-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_ENTERPRISE_{26454C26-D259-4543-AA60-3189E09C5F76}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00BA-0407-0000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2007
"{90120000-00BA-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager
"{90A40407-6000-11D3-8CFE-0150048383C9}" = Microsoft Office 2003 Web Components
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A939D341-5A04-4E0A-BB55-3E65B386432D}" = Microsoft Office Small Business Connectivity Components
"{AB627AF2-9C7E-4DBD-816B-3B2646B81E89}" = Nero BurnLite 10
"{AC76BA86-7AD7-1031-7B44-AA1000000001}" = Adobe Reader X (10.1.1) - Deutsch
"{B3FED300-806C-11E0-A0D0-B8AC6F97B88E}" = Google Earth
"{BA5F3E0E-8F3E-47BD-88E4-AD3EB5225F51}" = Intel(R) PROSet/Wireless WiFi-Software
"{BAE68339-B0F6-4D33-9554-5A3DB2DFF5DA}" = User Guide
"{C99A1F39-7A23-4BC9-BF0D-B41D4013CF37}" = Samsung PC Studio 7
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{DEE88727-779B-47A9-ACEF-F87CA5F92A65}" = ScanSoft OmniPage SE 4
"{E46DA48B-B621-4D42-8E70-7D64E365F3D2}" = FreeRIP Toolbar v4.5
"{EF367AA4-070B-493C-9575-85BE59D789C9}" = Easy SpeedUp Manager
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F46E21DF-5BE1-48E2-8390-5EEA8B25E36A}" = Microsoft SQL Server Native Client
"{F750C986-5310-3A5A-95F8-4EC71C8AC01C}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{FDE96E86-7780-431C-92F7-679C6A7CEC51}" = Microsoft SQL Server VSS Writer
"504244733D18C8F63FF584AEB290E3904E791693" = Windows-Treiberpaket - Nokia pccsmcfd (08/22/2008 7.0.0.0)
"Activation Assistant for the 2007 Microsoft Office suites" = Activation Assistant for the 2007 Microsoft Office suites
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Agere Systems Soft Modem" = Agere Systems HDA Modem
"Avira AntiVir Desktop" = Avira Internet Security 2012
"Business Contact Manager" = Business Contact Manager für Outlook 2007 SP2
"Canon MP520 series Benutzerregistrierung" = Canon MP520 series Benutzerregistrierung
"CANONIJPLM100" = PIXMA Extended Survey Program
"CanonMyPrinter" = Canon My Printer
"CCleaner" = CCleaner
"DScaler 4.1.15_is1" = DScaler 4.1.15
"Easy-PhotoPrint EX" = Canon Utilities Easy-PhotoPrint EX
"Emu48" = Emu48
"ENTERPRISE" = Microsoft Office Enterprise 2007
"ESET Online Scanner" = ESET Online Scanner v3
"FFDia_is1" = FFDia 1.00
"FixFoto MultiProzessor_is1" = FixFoto 2.91
"Google Chrome" = Google Chrome
"InstallShield_{308BD058-411C-4AF2-8BF6-A6C7CFD0270D}" = Easy Network Manager 4.0
"InstallShield_{685707A4-911C-468D-BFC4-64A50E5E3A0C}" = Samsung Update Plus
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware Version 1.51.2.1300
"Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Microsoft SQL Server 2005" = Microsoft SQL Server 2005
"MINOLTA-QMS PagePro 1200W" = MINOLTA-QMS PagePro 1200W
"MonochromiX_is1" = MonochromiX 1.31 MultiProzessor
"MP Navigator EX 1.0" = Canon MP Navigator EX 1.0
"NetMeeting" = NetMeeting 3.01
"NVIDIA Drivers" = NVIDIA Drivers
"PrintKey2000" = PrintKey2000
"ProInst" = Intel PROSet Wireless
"SQLyog Community" = SQLyog Community 8.12
"Surf & E-Mail-Stick" = Surf & E-Mail-Stick
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"T-Mobile Internet Manager" = T-Mobile Internet Manager
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Adobe Acrobat Connect Add-in" = Adobe Acrobat Connect Add-in
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 17.08.2011 16:27:25 | Computer Name = Reinhard-PC | Source = Application Error | ID = 1000
Description = Fehlerhafte Anwendung wmplayer.exe, Version 11.0.6002.18311, Zeitstempel
0x4c8e2d72, fehlerhaftes Modul unknown, Version 0.0.0.0, Zeitstempel 0x00000000,
Ausnahmecode 0xc0000005, Fehleroffset 0xd86102c7, Prozess-ID 0x156c, Anwendungsstartzeit
01cc5c0c6203d110.
Error - 19.08.2011 07:27:18 | Computer Name = Reinhard-PC | Source = WinMgmt | ID = 10
Description =
Error - 19.08.2011 07:27:18 | Computer Name = Reinhard-PC | Source = MySQL | ID = 100
Description = listen() on TCP/IP failed with error 6 For more information, see Help
and Support Center at hxxp://www.mysql.com.
Error - 19.08.2011 07:27:18 | Computer Name = Reinhard-PC | Source = MySQL | ID = 100
Description = Aborting For more information, see Help and Support Center at hxxp://www.mysql.com.
Error - 20.08.2011 11:38:18 | Computer Name = Reinhard-PC | Source = MySQL | ID = 100
Description = listen() on TCP/IP failed with error 6 For more information, see Help
and Support Center at hxxp://www.mysql.com.
Error - 20.08.2011 11:38:18 | Computer Name = Reinhard-PC | Source = MySQL | ID = 100
Description = Aborting For more information, see Help and Support Center at hxxp://www.mysql.com.
Error - 20.08.2011 11:39:36 | Computer Name = Reinhard-PC | Source = WinMgmt | ID = 10
Description =
Error - 20.08.2011 12:56:13 | Computer Name = Reinhard-PC | Source = MySQL | ID = 100
Description = listen() on TCP/IP failed with error 6 For more information, see Help
and Support Center at hxxp://www.mysql.com.
Error - 20.08.2011 12:56:13 | Computer Name = Reinhard-PC | Source = MySQL | ID = 100
Description = Aborting For more information, see Help and Support Center at hxxp://www.mysql.com.
Error - 20.08.2011 12:57:29 | Computer Name = Reinhard-PC | Source = WinMgmt | ID = 10
Description =
[ OSession Events ]
Error - 17.06.2011 21:21:03 | Computer Name = Reinhard-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 27858
seconds with 420 seconds of active time. This session ended with a crash.
[ System Events ]
Error - 30.07.2009 13:09:08 | Computer Name = Reinhard-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 31.07.2009 04:55:01 | Computer Name = Reinhard-PC | Source = HTTP | ID = 15016
Description =
Error - 31.07.2009 04:55:17 | Computer Name = Reinhard-PC | Source = Microsoft-Windows-LanguagePackSetup | ID = 1001
Description =
Error - 31.07.2009 04:56:23 | Computer Name = Reinhard-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 31.07.2009 05:07:32 | Computer Name = Reinhard-PC | Source = HTTP | ID = 15016
Description =
Error - 31.07.2009 05:08:06 | Computer Name = Reinhard-PC | Source = Microsoft-Windows-LanguagePackSetup | ID = 1001
Description =
Error - 31.07.2009 05:08:22 | Computer Name = Reinhard-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 01.08.2009 15:44:51 | Computer Name = Reinhard-PC | Source = HTTP | ID = 15016
Description =
Error - 01.08.2009 15:45:08 | Computer Name = Reinhard-PC | Source = Microsoft-Windows-LanguagePackSetup | ID = 1001
Description =
Error - 01.08.2009 15:46:01 | Computer Name = Reinhard-PC | Source = Service Control Manager | ID = 7000
Description =
< End of report > --- --- ---
[/code]
viele Grüße
Reinhard |