Hallo Kira,
hier meine Logfiles:
zu 1. OTL-Fix: Code:
All processes killed
========== OTL ==========
Service thhdwjb stopped successfully!
Service thhdwjb deleted successfully!
File System32\drivers\uqlyo.sys not found.
========== FILES ==========
C:\Dokumente und Einstellungen\Privat\Anwendungsdaten\Vyqaa folder moved successfully.
< ipconfig /flushdns /c >
Windows-IP-Konfiguration
Der DNS-Auflösungscache wurde geleert.
C:\Dokumente und Einstellungen\Privat\Desktop\cmd.bat deleted successfully.
C:\Dokumente und Einstellungen\Privat\Desktop\cmd.txt deleted successfully.
========== COMMANDS ==========
[EMPTYTEMP]
User: Administrator
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes
User: All Users
User: +++
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Java cache emptied: 0 bytes
->Flash cache emptied: 0 bytes
User: Default User
->Temporary Internet Files folder emptied: 0 bytes
->Java cache emptied: 0 bytes
->Flash cache emptied: 0 bytes
User: Gast
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Java cache emptied: 0 bytes
->Flash cache emptied: 0 bytes
User: Geschäft
->Temp folder emptied: 588240 bytes
->Temporary Internet Files folder emptied: 32768 bytes
->Java cache emptied: 0 bytes
->Flash cache emptied: 0 bytes
User: guest
->Temp folder emptied: 589018 bytes
->Temporary Internet Files folder emptied: 49152 bytes
->Java cache emptied: 0 bytes
->Flash cache emptied: 0 bytes
User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Flash cache emptied: 0 bytes
User: ----
->Temp folder emptied: 589018 bytes
->Temporary Internet Files folder emptied: 32768 bytes
->Java cache emptied: 0 bytes
->Flash cache emptied: 0 bytes
User: ***
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Java cache emptied: 0 bytes
->Flash cache emptied: 0 bytes
User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
User: Privat
->Temp folder emptied: 11390325 bytes
->Temporary Internet Files folder emptied: 5751297 bytes
->Java cache emptied: 0 bytes
->Flash cache emptied: 506 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 291792 bytes
RecycleBin emptied: 0 bytes
Total Files Cleaned = 18,00 mb
OTL by OldTimer - Version 3.2.69.0 log created on 11062012_174945
Files\Folders moved on Reboot...
PendingFileRenameOperations files...
Registry entries deleted on Reboot...
zu 2.
die Dateien habe ich umbenannt und der Rechner läuft noch...
zu 3 OTL-Scan:
OTL: Code:
OTL logfile created on: 06.11.2012 19:44:38 - Run 4
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Dokumente und Einstellungen\Privat\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
1,97 Gb Total Physical Memory | 1,49 Gb Available Physical Memory | 75,66% Memory free
3,81 Gb Paging File | 3,25 Gb Available in Paging File | 85,11% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 293,47 Gb Total Space | 67,67 Gb Free Space | 23,06% Space Free | Partition Type: NTFS
Drive I: | 465,76 Gb Total Space | 358,15 Gb Free Space | 76,90% Space Free | Partition Type: NTFS
Computer Name: OFFICE01 | User Name: Privat | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2012.11.04 13:34:53 | 000,161,768 | ---- | M] (Oracle Corporation) -- C:\Programme\Java\jre7\bin\jqs.exe
PRC - [2012.11.02 14:10:23 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Dokumente und Einstellungen\Privat\Desktop\OTL.exe
PRC - [2012.09.29 19:54:26 | 000,399,432 | ---- | M] (Malwarebytes Corporation) -- C:\Programme\Malwarebytes' Anti-Malware\mbamscheduler.exe
PRC - [2012.08.09 10:43:34 | 000,348,664 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\avgnt.exe
PRC - [2012.07.03 09:04:54 | 000,252,848 | ---- | M] (Sun Microsystems, Inc.) -- C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe
PRC - [2012.05.14 13:41:45 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\sched.exe
PRC - [2012.05.14 13:41:44 | 000,465,360 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\avwebgrd.exe
PRC - [2012.05.14 13:41:44 | 000,375,760 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\avmailc.exe
PRC - [2012.05.14 13:41:44 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\avguard.exe
PRC - [2012.05.14 13:41:44 | 000,080,336 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\avshadow.exe
PRC - [2011.11.08 11:54:25 | 000,554,160 | ---- | M] (Star Finanz - Software Entwicklung und Vertriebs GmbH) -- C:\Programme\StarMoney 7.0 S-Edition\ouservice\StarMoneyOnlineUpdate.exe
PRC - [2011.06.29 15:16:30 | 000,083,248 | ---- | M] (iAnywhere Solutions, Inc.) -- C:\Programme\Sybase\SQL Anywhere 9\win32\dbsrv9.exe
PRC - [2010.06.30 10:32:02 | 001,024,000 | ---- | M] (D-Link Corp.) -- C:\Programme\D-Link\DWA-140 revB\AirNCFG.exe
PRC - [2010.06.03 13:36:06 | 000,122,880 | ---- | M] (Wireless Service) -- C:\Programme\D-Link\DWA-140 revB\WZCSLDR2.exe
PRC - [2010.06.03 13:36:06 | 000,053,248 | ---- | M] () -- C:\Programme\D-Link\DWA-140 revB\ANIWConnService.exe
PRC - [2009.11.05 09:25:53 | 002,326,912 | ---- | M] (Acronis) -- C:\Programme\Gemeinsame Dateien\Acronis\CDP\afcdpsrv.exe
PRC - [2009.09.02 09:52:14 | 000,064,064 | ---- | M] () -- C:\Programme\ThinkPad\Utilities\PWMDBSVC.exe
PRC - [2009.08.28 16:55:42 | 000,357,936 | ---- | M] (Acronis) -- C:\Programme\Gemeinsame Dateien\Acronis\Schedule2\schedhlp.exe
PRC - [2009.08.28 16:55:38 | 000,661,072 | ---- | M] (Acronis) -- C:\Programme\Gemeinsame Dateien\Acronis\Schedule2\schedul2.exe
PRC - [2009.08.28 16:55:10 | 005,078,416 | ---- | M] (Acronis) -- C:\Programme\Acronis\TrueImageHome\TrueImageMonitor.exe
PRC - [2009.07.13 14:15:38 | 000,396,960 | ---- | M] () -- C:\WINDOWS\system32\ATWTUSB.EXE
PRC - [2009.06.12 10:55:48 | 000,028,672 | ---- | M] (Lenovo Group Limited) -- c:\Programme\Lenovo\System Update\SUService.exe
PRC - [2009.06.12 00:10:18 | 000,503,808 | ---- | M] () -- C:\WINDOWS\twain_32\Samsung\CLX3170\Scan2Pc.exe
PRC - [2009.03.31 08:39:36 | 000,233,472 | ---- | M] (Teruten) -- C:\WINDOWS\system32\FsUsbExService.Exe
PRC - [2008.12.31 14:23:58 | 000,147,456 | ---- | M] (Primax Electronics Ltd.) -- C:\WINDOWS\system32\PELMICED.EXE
PRC - [2008.12.24 17:16:48 | 000,065,536 | ---- | M] (TPMX Electronics Ltd.) -- C:\WINDOWS\system32\ico.exe
PRC - [2008.11.24 14:42:44 | 001,155,072 | ---- | M] (Lenovo Group Limited) -- c:\Programme\Gemeinsame Dateien\Lenovo\Scheduler\tvtsched.exe
PRC - [2008.11.24 14:34:02 | 000,520,192 | ---- | M] () -- C:\Programme\Lenovo\Rescue and Recovery\rrpservice.exe
PRC - [2008.10.09 10:05:16 | 000,360,448 | ---- | M] (Lenovo Group Limited) -- C:\Programme\Lenovo\Rescue and Recovery\UpdateMonitor.exe
PRC - [2008.09.26 12:24:36 | 000,040,960 | ---- | M] () -- C:\Programme\Lenovo\FanSpeedControl\LenovoFSC.exe
PRC - [2008.06.13 16:29:44 | 000,746,808 | ---- | M] (Lenovo Group Limited) -- c:\Programme\Gemeinsame Dateien\Lenovo\tvt_reg_monitor_svc.exe
PRC - [2008.04.14 13:00:00 | 001,036,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007.01.31 14:55:42 | 000,096,370 | ---- | M] (Canon Inc.) -- C:\Programme\Canon\CAL\CALMAIN.exe
PRC - [2007.01.04 18:48:52 | 000,112,152 | R--- | M] (InterVideo) -- C:\Programme\Gemeinsame Dateien\InterVideo\RegMgr\iviRegMgr.exe
PRC - [2003.11.06 23:51:32 | 000,020,480 | ---- | M] () -- C:\WINDOWS\system32\FSRremoS.EXE
========== Modules (No Company Name) ==========
MOD - [2012.07.01 13:45:22 | 000,212,992 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\8b84bb74d7724e147a642a1d5358feb7\System.ServiceProcess.ni.dll
MOD - [2012.05.14 13:41:45 | 000,398,288 | ---- | M] () -- C:\Programme\Avira\AntiVir Desktop\sqlite3.dll
MOD - [2012.05.11 22:49:27 | 005,450,752 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Xml\3bba1b8b0b5ef0be238b011cc7a0575e\System.Xml.ni.dll
MOD - [2012.05.11 22:49:18 | 007,953,408 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\e4b5afc4da43b1c576f9322f9f2e1bfe\System.ni.dll
MOD - [2012.05.11 22:49:06 | 011,492,352 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\e337c89bc9f81b69d7237aa70e935900\mscorlib.ni.dll
MOD - [2011.12.02 14:35:43 | 000,315,392 | ---- | M] () -- C:\WINDOWS\system32\ANPDApi.dll
MOD - [2010.06.29 17:23:40 | 000,299,008 | ---- | M] () -- C:\Programme\D-Link\DWA-140 revB\wlanapp.dll
MOD - [2010.06.03 13:36:06 | 000,053,248 | ---- | M] () -- C:\Programme\D-Link\DWA-140 revB\ANIWConnService.exe
MOD - [2009.11.04 11:49:44 | 000,040,960 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.ServiceProcess.resources\2.0.0.0_de_b03f5f7f11d50a3a\System.ServiceProcess.resources.dll
MOD - [2009.10.06 14:36:56 | 000,205,312 | ---- | M] () -- C:\Programme\StarMoney 7.0 S-Edition\ouservice\patchw32.dll
MOD - [2009.09.02 09:52:14 | 000,064,064 | ---- | M] () -- C:\Programme\ThinkPad\Utilities\PWMDBSVC.exe
MOD - [2009.07.13 14:15:38 | 000,396,960 | ---- | M] () -- C:\WINDOWS\system32\ATWTUSB.EXE
MOD - [2009.06.12 00:10:18 | 000,503,808 | ---- | M] () -- C:\WINDOWS\twain_32\Samsung\CLX3170\Scan2Pc.exe
MOD - [2009.05.11 19:00:12 | 000,143,872 | ---- | M] () -- C:\WINDOWS\system32\SaXPWIA.dll
MOD - [2009.05.11 19:00:08 | 000,087,552 | ---- | M] () -- C:\WINDOWS\system32\SaXPSTI.dll
MOD - [2009.05.11 19:00:06 | 000,116,736 | ---- | M] () -- C:\WINDOWS\system32\SaXPIPH.dll
MOD - [2009.05.11 19:00:04 | 000,139,776 | ---- | M] () -- C:\WINDOWS\system32\SaXPEH.dll
MOD - [2008.11.24 14:34:02 | 000,520,192 | ---- | M] () -- C:\Programme\Lenovo\Rescue and Recovery\rrpservice.exe
MOD - [2008.11.24 14:28:58 | 000,139,264 | ---- | M] () -- C:\Programme\Lenovo\Rescue and Recovery\CDRecord.dll
MOD - [2008.09.26 12:24:36 | 000,040,960 | ---- | M] () -- C:\Programme\Lenovo\FanSpeedControl\LenovoFSC.exe
MOD - [2008.06.26 20:46:08 | 001,384,520 | ---- | M] () -- C:\WINDOWS\twain_32\Samsung\CLX3170\SSOle.dll
MOD - [2008.06.26 20:45:14 | 000,367,104 | ---- | M] () -- C:\WINDOWS\twain_32\Samsung\CLX3170\NetModule.dll
MOD - [2008.06.26 20:45:06 | 000,155,648 | ---- | M] () -- C:\WINDOWS\twain_32\Samsung\CLX3170\IMFilter.dll
MOD - [2008.05.23 10:40:12 | 000,028,672 | ---- | M] () -- C:\Programme\Lenovo\FanSpeedControl\SpioDll.dll
MOD - [2007.12.27 16:38:58 | 000,094,208 | ---- | M] () -- C:\WINDOWS\system32\SamFaxPort.dll
MOD - [2007.08.14 02:01:17 | 000,022,723 | ---- | M] () -- C:\WINDOWS\system32\sst1cl3.dll
MOD - [2007.06.18 15:28:44 | 000,056,056 | ---- | M] () -- C:\WINDOWS\system32\DLAAPI_W.DLL
MOD - [2003.11.06 23:51:32 | 000,020,480 | ---- | M] () -- C:\WINDOWS\system32\FSRremoS.EXE
========== Services (SafeList) ==========
SRV - [2012.11.04 13:34:53 | 000,161,768 | ---- | M] (Oracle Corporation) [Auto | Running] -- C:\Programme\Java\jre7\bin\jqs.exe -- (JavaQuickStarterService)
SRV - [2012.10.09 11:46:34 | 000,250,808 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012.09.29 19:54:26 | 000,676,936 | ---- | M] (Malwarebytes Corporation) [Auto | Stopped] -- C:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2012.09.29 19:54:26 | 000,399,432 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Programme\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2012.07.03 12:19:28 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Programme\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012.05.14 13:41:45 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Programme\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2012.05.14 13:41:44 | 000,465,360 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Programme\Avira\AntiVir Desktop\avwebgrd.exe -- (AntiVirWebService)
SRV - [2012.05.14 13:41:44 | 000,375,760 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Programme\Avira\AntiVir Desktop\avmailc.exe -- (AntiVirMailService)
SRV - [2012.05.14 13:41:44 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Programme\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2011.11.08 11:54:25 | 000,554,160 | ---- | M] (Star Finanz - Software Entwicklung und Vertriebs GmbH) [Auto | Running] -- C:\Programme\StarMoney 7.0 S-Edition\ouservice\StarMoneyOnlineUpdate.exe -- (StarMoney 7.0 OnlineUpdate)
SRV - [2011.06.29 15:16:30 | 000,083,248 | ---- | M] (iAnywhere Solutions, Inc.) [Auto | Running] -- C:\Programme\Sybase\SQL Anywhere 9\win32\dbsrv9.exe -- (Lexware_Professional_Datenbank)
SRV - [2010.06.03 13:36:06 | 000,126,976 | ---- | M] (Wireless Service) [Auto | Stopped] -- C:\Programme\D-Link\DWA-140 revB\ANIWZCSdS.exe -- (D-Link Wireless N DWA-140)
SRV - [2010.06.03 13:36:06 | 000,053,248 | ---- | M] () [Auto | Running] -- C:\Programme\D-Link\DWA-140 revB\ANIWConnService.exe -- (D-Link Wireless N DWA-140_WPS)
SRV - [2009.11.05 09:25:53 | 002,326,912 | ---- | M] (Acronis) [Auto | Running] -- C:\Programme\Gemeinsame Dateien\Acronis\CDP\afcdpsrv.exe -- (afcdpsrv)
SRV - [2009.09.02 09:52:14 | 000,064,064 | ---- | M] () [Auto | Running] -- C:\Programme\ThinkPad\Utilities\PWMDBSVC.exe -- (Power Manager DBC Service)
SRV - [2009.08.28 16:55:38 | 000,661,072 | ---- | M] (Acronis) [Auto | Running] -- C:\Programme\Gemeinsame Dateien\Acronis\Schedule2\schedul2.exe -- (AcrSch2Svc)
SRV - [2009.07.13 14:15:38 | 000,396,960 | ---- | M] () [Auto | Running] -- C:\WINDOWS\system32\ATWTUSB.EXE -- (WTService)
SRV - [2009.06.12 10:55:48 | 000,028,672 | ---- | M] (Lenovo Group Limited) [Auto | Running] -- c:\Programme\Lenovo\System Update\SUService.exe -- (SUService)
SRV - [2009.03.31 08:39:36 | 000,233,472 | ---- | M] (Teruten) [Auto | Running] -- C:\WINDOWS\system32\FsUsbExService.Exe -- (FsUsbExService)
SRV - [2009.03.05 10:07:00 | 000,282,624 | ---- | M] (Marvell) [Auto | Running] -- C:\WINDOWS\system32\ykx32mpcoinst.dll -- (yksvc)
SRV - [2008.11.24 14:42:44 | 001,155,072 | ---- | M] (Lenovo Group Limited) [Auto | Running] -- c:\Programme\Gemeinsame Dateien\Lenovo\Scheduler\tvtsched.exe -- (TVT Scheduler)
SRV - [2008.11.24 14:34:02 | 000,520,192 | ---- | M] () [Auto | Running] -- C:\Programme\Lenovo\Rescue and Recovery\rrpservice.exe -- (TVT Backup Protection Service)
SRV - [2008.11.04 01:06:28 | 000,441,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE12\ODSERV.EXE -- (odserv)
SRV - [2008.10.09 10:05:16 | 000,360,448 | ---- | M] (Lenovo Group Limited) [Auto | Running] -- C:\Programme\Lenovo\Rescue and Recovery\UpdateMonitor.exe -- (TVT_UpdateMonitor)
SRV - [2008.06.13 16:29:44 | 000,746,808 | ---- | M] (Lenovo Group Limited) [Auto | Running] -- c:\Programme\Gemeinsame Dateien\Lenovo\tvt_reg_monitor_svc.exe -- (ThinkVantage Registry Monitor Service)
SRV - [2008.04.25 07:18:10 | 000,362,992 | ---- | M] (Sonic Solutions) [Auto | Stopped] -- C:\Programme\Roxio\Digital Home 10\RoxioUpnpService10.exe -- (Roxio Upnp Server 10)
SRV - [2008.04.25 07:18:02 | 000,313,840 | ---- | M] (Sonic Solutions) [On_Demand | Stopped] -- C:\Programme\Roxio\Digital Home 10\RoxioUPnPRenderer10.exe -- (Roxio UPnP Renderer 10)
SRV - [2008.04.25 07:16:04 | 000,309,744 | ---- | M] (Sonic Solutions) [Auto | Stopped] -- C:\Programme\Gemeinsame Dateien\Roxio Shared\10.0\SharedCOM\RoxLiveShare10.exe -- (RoxLiveShare10)
SRV - [2008.04.25 07:15:58 | 000,166,384 | ---- | M] (Sonic Solutions) [Auto | Stopped] -- C:\Programme\Gemeinsame Dateien\Roxio Shared\10.0\SharedCOM\RoxWatch10.exe -- (RoxWatch10)
SRV - [2008.04.25 07:15:24 | 001,120,752 | ---- | M] (Sonic Solutions) [On_Demand | Stopped] -- C:\Programme\Gemeinsame Dateien\Roxio Shared\10.0\SharedCOM\RoxMediaDB10.exe -- (RoxMediaDB10)
SRV - [2008.04.07 08:17:30 | 000,430,592 | ---- | M] (Nokia.) [On_Demand | Stopped] -- C:\Programme\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2008.03.24 06:35:22 | 000,074,384 | R--- | M] (MicroVision Development, Inc.) [On_Demand | Stopped] -- C:\Programme\Gemeinsame Dateien\SureThing Shared\stllssvr.exe -- (stllssvr)
SRV - [2007.01.31 14:55:42 | 000,096,370 | ---- | M] (Canon Inc.) [Auto | Running] -- C:\Programme\Canon\CAL\CALMAIN.exe -- (CCALib8)
SRV - [2007.01.04 18:48:52 | 000,112,152 | R--- | M] (InterVideo) [Auto | Running] -- C:\Programme\Gemeinsame Dateien\InterVideo\RegMgr\iviRegMgr.exe -- (IviRegMgr)
SRV - [2006.10.26 14:03:08 | 000,145,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE -- (ose)
========== Driver Services (SafeList) ==========
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | Auto | Stopped] -- C:\WINDOWS\system32\Drivers\SSPORT.sys -- (SSPORT)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\igxpmp32.sys -- (ialm)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - [2012.09.29 19:54:26 | 000,022,856 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2012.05.14 13:41:45 | 000,137,928 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avipbb.sys -- (avipbb)
DRV - [2012.05.14 13:41:45 | 000,083,392 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2011.12.02 14:35:43 | 000,029,411 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\ANPD.SYS -- (ANPD)
DRV - [2011.10.19 17:10:05 | 000,036,000 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avkmgr.sys -- (avkmgr)
DRV - [2010.06.17 15:14:27 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2010.05.06 17:35:04 | 000,829,152 | ---- | M] (Ralink Technology, Corp.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Drt2870.sys -- (rt2870)
DRV - [2009.11.05 09:25:54 | 000,152,704 | ---- | M] (Acronis) [File_System | On_Demand | Running] -- C:\WINDOWS\system32\drivers\afcdp.sys -- (afcdp)
DRV - [2009.11.05 09:25:52 | 000,902,432 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\tdrpm251.sys -- (tdrpman251)
DRV - [2009.11.05 09:25:51 | 000,570,016 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\timntr.sys -- (timounter)
DRV - [2009.11.05 09:25:46 | 000,156,928 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\snapman.sys -- (snapman)
DRV - [2009.06.30 09:37:16 | 000,028,552 | ---- | M] (Panda Security, S.L.) [File_System | Boot | Running] -- C:\WINDOWS\system32\drivers\pavboot.sys -- (pavboot)
DRV - [2009.04.17 04:17:54 | 000,006,144 | R--- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\walvhid.sys -- (vhidmini)
DRV - [2009.03.31 08:39:36 | 000,036,608 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\FsUsbExDisk.Sys -- (FsUsbExDisk)
DRV - [2009.03.20 09:01:26 | 000,121,856 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ss_bmdm.sys -- (ss_bmdm)
DRV - [2009.03.20 09:01:26 | 000,090,112 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ss_bbus.sys -- (ss_bbus)
DRV - [2009.03.20 09:01:26 | 000,014,976 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ss_bmdfl.sys -- (ss_bmdfl)
DRV - [2009.03.08 20:15:14 | 000,006,144 | R--- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\moufiltr.sys -- (moufiltr)
DRV - [2009.03.05 10:07:00 | 000,296,320 | ---- | M] (Marvell) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\yk51x86.sys -- (yukonwxp)
DRV - [2008.09.09 11:07:36 | 004,813,824 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService)
DRV - [2008.07.16 09:12:02 | 000,037,184 | ---- | M] (Lenovo (United States) Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\tvti2c.sys -- (TVTI2C)
DRV - [2008.07.11 03:48:00 | 000,046,144 | ---- | M] (Lenovo) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\tvtumon.sys -- (tvtumon)
DRV - [2008.04.09 22:40:06 | 000,030,144 | ---- | M] (Lenovo (United States) Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\psadd.sys -- (psadd)
DRV - [2008.03.06 13:33:50 | 000,005,760 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\spio.sys -- (SuperIO)
DRV - [2007.10.22 07:55:46 | 000,041,984 | ---- | M] (Samsung Electronics Co., Ltd.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\DgivEcp.sys -- (DgiVecp)
DRV - [2007.09.17 14:53:26 | 000,021,632 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2007.06.18 15:29:52 | 000,009,400 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLADResM.SYS -- (DLADResM)
DRV - [2007.06.18 15:29:10 | 000,035,064 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLABMFSM.SYS -- (DLABMFSM)
DRV - [2007.06.18 15:29:08 | 000,093,752 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLAUDFAM.SYS -- (DLAUDFAM)
DRV - [2007.06.18 15:29:06 | 000,098,136 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLAUDF_M.SYS -- (DLAUDF_M)
DRV - [2007.06.18 15:29:04 | 000,026,744 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLAOPIOM.SYS -- (DLAOPIOM)
DRV - [2007.06.18 15:28:58 | 000,032,472 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLABOIOM.SYS -- (DLABOIOM)
DRV - [2007.06.18 15:28:54 | 000,014,520 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLAPoolM.SYS -- (DLAPoolM)
DRV - [2007.06.18 15:28:52 | 000,105,048 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLAIFS_M.SYS -- (DLAIFS_M)
DRV - [2007.05.07 01:00:00 | 000,566,784 | ---- | M] (AVM Berlin) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\fus2base.sys -- (fus2base)
DRV - [2007.05.07 01:00:00 | 000,053,632 | ---- | M] (AVM GmbH) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\avmcowan.sys -- (AVMCOWAN)
DRV - [2007.05.03 10:19:16 | 000,066,472 | ---- | M] (AVM Berlin) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\avmport.sys -- (AVMPORT)
DRV - [2007.02.08 19:05:30 | 000,028,120 | ---- | M] (Roxio) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\DLARTL_M.SYS -- (DLARTL_M)
DRV - [2007.02.08 19:05:30 | 000,012,856 | ---- | M] (Roxio) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\DLACDBHM.SYS -- (DLACDBHM)
DRV - [2006.10.31 18:07:00 | 000,019,818 | ---- | M] (Primax Electronics Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\pelps2m.sys -- (pelps2m)
DRV - [2006.10.14 09:56:46 | 000,014,592 | ---- | M] (Primax Electronics Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\PELUSBLF.SYS -- (pelusblf)
DRV - [2006.09.14 10:48:58 | 000,016,768 | ---- | M] (Primax Electronics Ltd.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\PELMouse.SYS -- (pelmouse)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\..\SearchScopes,DefaultScope = {492F832E-3F8C-4403-9F62-54674CF62603}
IE - HKLM\..\SearchScopes\{492F832E-3F8C-4403-9F62-54674CF62603}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.lenovo.com/welcome/thinkcentre [binary data]
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://lenovo.live.com
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.lenovo.com/welcome/thinkcentre [binary data]
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://lenovo.live.com
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-83021288-664690563-2488598934-1012\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKU\S-1-5-21-83021288-664690563-2488598934-1012\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.hotmail.com/
IE - HKU\S-1-5-21-83021288-664690563-2488598934-1012\..\SearchScopes,DefaultScope = {492F832E-3F8C-4403-9F62-54674CF62603}
IE - HKU\S-1-5-21-83021288-664690563-2488598934-1012\..\SearchScopes\{492F832E-3F8C-4403-9F62-54674CF62603}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKU\S-1-5-21-83021288-664690563-2488598934-1012\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - HKLM\Software\MozillaPlugins\@canon.com/MycameraPlugin: C:\Programme\Canon\ZoomBrowser EX\Program\NPCIG.dll (CANON INC.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Programme\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Programme\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.9.2: C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.9.2: C:\Programme\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Programme\Microsoft Silverlight\4.0.50524.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pandasecurity.com/activescan: C:\Programme\Panda Security\ActiveScan 2.0\npwrapper.dll (Panda Security, S.L.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Programme\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Programme\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Programme\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
O1 HOSTS File: ([2009.11.05 09:32:37 | 000,350,739 | R--- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 www.008k.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 www.00hq.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 www.032439.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 www.0scan.com
O1 - Hosts: 127.0.0.1 0scan.com
O1 - Hosts: 127.0.0.1 www.1000gratisproben.com
O1 - Hosts: 127.0.0.1 1000gratisproben.com
O1 - Hosts: 127.0.0.1 www.1001namen.com
O1 - Hosts: 127.0.0.1 1001namen.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 www.100888290cs.com
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 www.100sexlinks.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 www.10sek.com
O1 - Hosts: 127.0.0.1 www.1-2005-search.com
O1 - Hosts: 127.0.0.1 1-2005-search.com
O1 - Hosts: 12022 more lines...
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKU\S-1-5-21-83021288-664690563-2488598934-1012\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKU\S-1-5-21-83021288-664690563-2488598934-1012\..\Toolbar\WebBrowser: (no name) - {C424171E-592A-415A-9EB1-DFD6D95D3530} - No CLSID value found.
O4 - HKLM..\Run: [3170 Scan2PC] C:\WINDOWS\Twain_32\Samsung\CLX3170\Scan2pc.exe ()
O4 - HKLM..\Run: [Acronis Scheduler2 Service] C:\Programme\Gemeinsame Dateien\Acronis\Schedule2\schedhlp.exe (Acronis)
O4 - HKLM..\Run: [Adobe ARM] C:\Programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\ALCMTR.EXE (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [avgnt] C:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [D-Link D-Link Wireless N DWA-140] C:\Programme\D-Link\DWA-140 revB\AirNCFG.exe (D-Link Corp.)
O4 - HKLM..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k File not found
O4 - HKLM..\Run: [LenovoFSC] C:\Programme\Lenovo\FanSpeedControl\LenovoFSC.exe ()
O4 - HKLM..\Run: [LexwareInfoService] C:\Programme\Gemeinsame Dateien\Lexware\Update Manager\LxUpdateManager.exe (Haufe-Lexware GmbH & Co. KG)
O4 - HKLM..\Run: [Mouse Suite 98 Daemon] C:\WINDOWS\System32\ico.exe (TPMX Electronics Ltd.)
O4 - HKLM..\Run: [NPSStartup] File not found
O4 - HKLM..\Run: [Samsung PanelMgr] C:\WINDOWS\Samsung\PanelMgr\SSMMgr.exe ()
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [TblMouse] TblMouse.exe File not found
O4 - HKLM..\Run: [TrueImageMonitor.exe] C:\Programme\Acronis\TrueImageHome\TrueImageMonitor.exe (Acronis)
O4 - HKLM..\Run: [WZCSLDR2] C:\Programme\D-Link\DWA-140 revB\WZCSLDR2.exe (Wireless Service)
O4 - HKU\S-1-5-21-83021288-664690563-2488598934-1012..\Run: [AutoStartNPSAgent] C:\Programme\Samsung\Samsung New PC Studio\NPSAgent.exe (Samsung Electronics Co., Ltd.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-83021288-664690563-2488598934-1012\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\WINDOWS\System32\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: SmarThru4 Als HTML speichern - C:\Programme\SmarThru 4\WEBCapture.dll1.htm ()
O8 - Extra context menu item: SmarThru4 Auswahl erfassen - C:\Programme\SmarThru 4\WEBCapture.dll2.htm ()
O8 - Extra context menu item: SmarThru4 Capture Selection - C:\Programme\SmarThru 4\WEBCapture.dll2.htm ()
O8 - Extra context menu item: SmarThru4 Markierten Text speichern - C:\Programme\SmarThru 4\WEBCapture.dll.htm ()
O8 - Extra context menu item: SmarThru4 Save as HTML - C:\Programme\SmarThru 4\WEBCapture.dll1.htm ()
O8 - Extra context menu item: SmarThru4 Save Selected Text - C:\Programme\SmarThru 4\WEBCapture.dll.htm ()
O8 - Extra context menu item: SmarThru4 Web Capture - C:\Programme\SmarThru 4\WebCapture.dll ()
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Programme\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Programme\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Programme\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} hxxp://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1257333491031 (WUWebControl Class)
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} hxxp://download.eset.com/special/eos/OnlineScanner.cab (Reg Error: Key error.)
O16 - DPF: {9191F686-7F0A-441D-8A98-2FE3AC1BD913} hxxp://acs.pandasoftware.com/activescan/cabs/as2stubie.cab (ActiveScan 2.0 Installer Class)
O16 - DPF: {E77F23EB-E7AB-4502-8F37-247DBAF1A147} hxxp://gfx2.hotmail.com/mail/w4/pr01/photouploadcontrol/MSNPUpld.cab (Windows Live Hotmail Photo Upload Tool)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{3E9842B8-9114-472B-A041-59FF5317CB02}: NameServer = 192.168.0.1
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Gemeinsame Dateien\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - File not found
O24 - Desktop Components:0 (Die derzeitige Homepage) - About:Home
O24 - Desktop WallPaper: C:\Dokumente und Einstellungen\Privat\Lokale Einstellungen\Anwendungsdaten\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Dokumente und Einstellungen\Privat\Lokale Einstellungen\Anwendungsdaten\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2008.07.22 08:01:15 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2010.07.23 10:20:05 | 000,000,000 | RH-D | M] - I:\autorun -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
========== Files/Folders - Created Within 30 Days ==========
[2012.11.06 17:20:09 | 000,000,000 | RH-D | C] -- C:\Dokumente und Einstellungen\Privat\Recent
[2012.11.06 07:36:09 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Privat\Lokale Einstellungen\Anwendungsdaten\Help
[2012.11.06 07:36:09 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Privat\Anwendungsdaten\Help
[2012.11.04 19:50:23 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Lang
[2012.11.04 13:35:33 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Privat\Lokale Einstellungen\Anwendungsdaten\Sun
[2012.11.04 13:35:29 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Sun
[2012.11.04 13:35:28 | 000,000,000 | ---D | C] -- C:\Programme\Gemeinsame Dateien\Java
[2012.11.04 13:35:15 | 000,821,736 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\npDeployJava1.dll
[2012.11.04 13:35:15 | 000,246,760 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\javaws.exe
[2012.11.04 13:35:15 | 000,143,872 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\javacpl.cpl
[2012.11.04 13:35:07 | 000,174,056 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\javaw.exe
[2012.11.04 13:35:07 | 000,174,056 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\java.exe
[2012.11.04 13:35:07 | 000,093,672 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\WindowsAccessBridge.dll
[2012.11.04 12:53:10 | 000,000,000 | ---D | C] -- C:\Intel
[2012.11.03 12:39:00 | 000,000,000 | ---D | C] -- C:\_OTL
[2012.11.02 14:46:49 | 000,000,000 | ---D | C] -- C:\Programme\CCleaner
[2012.11.02 14:10:23 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Dokumente und Einstellungen\Privat\Desktop\OTL.exe
[2012.11.02 12:29:34 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Malwarebytes' Anti-Malware
[2012.11.02 12:29:33 | 000,022,856 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2012.11.02 12:29:33 | 000,000,000 | ---D | C] -- C:\Programme\Malwarebytes' Anti-Malware
[2012.11.01 15:12:27 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Privat\Eigene Dateien\Virenbehebung
[2012.10.28 13:50:53 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Privat\Anwendungsdaten\Diic.Bad
[2012.10.28 13:50:53 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Privat\Anwendungsdaten\Algue.Bad
[2012.10.28 13:48:26 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Privat\Anwendungsdaten\Suro.Bad
[2012.10.28 13:48:26 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Privat\Anwendungsdaten\Rypoil.Bad
[2012.10.28 13:48:26 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Privat\Anwendungsdaten\Etuwt.Bad
[2012.10.22 11:13:13 | 000,000,000 | ---D | C] -- C:\WINDOWS\dbSammel
[2012.10.22 11:13:10 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Schneider Electric
[2012.10.22 11:13:07 | 000,000,000 | ---D | C] -- C:\Schneider Electric
[2012.10.19 13:31:56 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Privat\cityguide
[2012.10.18 08:12:49 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Privat\Anwendungsdaten\TeamViewer
[2012.01.27 16:59:58 | 000,070,553 | ---- | C] (Open Source Software community project) -- C:\Dokumente und Einstellungen\Privat\pthreadGC2.dll
[2009.11.06 17:07:41 | 000,233,004 | ---- | C] (UltraVnc) -- C:\Programme\support.exe
[2009.11.04 11:05:28 | 000,121,856 | ---- | C] (Microsoft Corporation) -- C:\Programme\tweakui.exe
[2 C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\*.tmp files -> C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2012.11.06 19:46:00 | 000,000,884 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2012.11.06 19:46:00 | 000,000,434 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{2B5EECB6-BD8F-46B1-B092-D59D15C00F4A}.job
[2012.11.06 19:23:00 | 000,001,090 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2012.11.06 18:30:41 | 000,001,324 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2012.11.06 18:30:26 | 000,002,243 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Skype.lnk
[2012.11.06 18:28:48 | 000,002,278 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2012.11.06 18:28:43 | 000,001,086 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2012.11.06 18:28:00 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2012.11.06 13:53:24 | 000,000,420 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{B39DEEF8-5B39-471D-99D9-0F3E5650DC91}.job
[2012.11.05 18:32:12 | 000,089,088 | ---- | M] () -- C:\WINDOWS\System32\mbr.exe
[2012.11.05 09:23:40 | 000,302,592 | ---- | M] () -- C:\Dokumente und Einstellungen\Privat\Desktop\vid2cdsj.exe
[2012.11.05 09:00:56 | 000,000,306 | ---- | M] () -- C:\WINDOWS\tasks\PMTask.job
[2012.11.04 13:45:36 | 000,023,026 | ---- | M] () -- C:\Dokumente und Einstellungen\Privat\Eigene Dateien\cc_20121104_134512.reg
[2012.11.04 13:34:53 | 000,821,736 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\npDeployJava1.dll
[2012.11.04 13:34:53 | 000,246,760 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\javaws.exe
[2012.11.04 13:34:53 | 000,174,056 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\javaw.exe
[2012.11.04 13:34:53 | 000,174,056 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\java.exe
[2012.11.04 13:34:53 | 000,143,872 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\javacpl.cpl
[2012.11.04 13:34:53 | 000,093,672 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\WindowsAccessBridge.dll
[2012.11.04 12:48:12 | 000,001,720 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Adobe Reader XI.lnk
[2012.11.04 11:04:36 | 000,002,503 | ---- | M] () -- C:\Dokumente und Einstellungen\Privat\Desktop\Word 2007.lnk
[2012.11.03 12:39:04 | 000,506,604 | ---- | M] () -- C:\WINDOWS\System32\perfh007.dat
[2012.11.03 12:39:04 | 000,484,710 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2012.11.03 12:39:04 | 000,096,426 | ---- | M] () -- C:\WINDOWS\System32\perfc007.dat
[2012.11.03 12:39:04 | 000,080,724 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2012.11.02 14:46:49 | 000,000,660 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\CCleaner.lnk
[2012.11.02 14:10:23 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Dokumente und Einstellungen\Privat\Desktop\OTL.exe
[2012.11.02 12:29:35 | 000,000,762 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Malwarebytes Anti-Malware.lnk
[2012.11.01 15:16:09 | 000,000,000 | ---- | M] () -- C:\Dokumente und Einstellungen\Privat\defogger_reenable
[2012.10.29 19:32:17 | 000,012,280 | ---- | M] () -- C:\Dokumente und Einstellungen\Privat\Anwendungsdaten\SmarThruOptions.xml
[2012.10.22 11:13:11 | 000,000,202 | ---- | M] () -- C:\WINDOWS\PS25.ini
[2012.10.09 11:46:32 | 000,696,760 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe
[2012.10.09 11:46:32 | 000,073,656 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl
[2 C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\*.tmp files -> C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\*.tmp -> ]
========== Files Created - No Company Name ==========
[2012.11.05 18:32:12 | 000,089,088 | ---- | C] () -- C:\WINDOWS\System32\mbr.exe
[2012.11.05 09:23:39 | 000,302,592 | ---- | C] () -- C:\Dokumente und Einstellungen\Privat\Desktop\vid2cdsj.exe
[2012.11.04 13:45:34 | 000,023,026 | ---- | C] () -- C:\Dokumente und Einstellungen\Privat\Eigene Dateien\cc_20121104_134512.reg
[2012.11.04 12:48:12 | 000,001,720 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Adobe Reader XI.lnk
[2012.11.04 12:48:11 | 000,001,804 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Adobe Reader XI.lnk
[2012.11.02 14:46:49 | 000,000,660 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\CCleaner.lnk
[2012.11.02 12:29:35 | 000,000,762 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Malwarebytes Anti-Malware.lnk
[2012.11.01 15:16:09 | 000,000,000 | ---- | C] () -- C:\Dokumente und Einstellungen\Privat\defogger_reenable
[2012.10.22 11:13:11 | 000,000,202 | ---- | C] () -- C:\WINDOWS\PS25.ini
[2012.02.27 09:41:52 | 000,202,240 | ---- | C] () -- C:\WINDOWS\System32\LXPrnUtil10.dll
[2012.02.27 09:40:44 | 000,304,128 | ---- | C] () -- C:\WINDOWS\System32\LxDNT100.dll
[2012.02.27 09:38:36 | 000,133,120 | ---- | C] () -- C:\WINDOWS\System32\LxDNTvmc100.dll
[2012.02.27 09:38:18 | 000,069,120 | ---- | C] () -- C:\WINDOWS\System32\LxDNTvm100.dll
[2012.02.15 09:22:12 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2012.01.27 16:59:58 | 005,794,304 | ---- | C] () -- C:\Dokumente und Einstellungen\Privat\ffmpeg.exe
[2012.01.27 16:59:58 | 005,763,584 | ---- | C] () -- C:\Dokumente und Einstellungen\Privat\ffplay.exe
[2012.01.27 16:59:58 | 000,320,512 | ---- | C] () -- C:\Dokumente und Einstellungen\Privat\SDL.dll
[2012.01.17 18:57:50 | 000,000,139 | ---- | C] () -- C:\Dokumente und Einstellungen\Privat\Lokale Einstellungen\Anwendungsdaten\fusioncache.dat
[2012.01.09 22:25:06 | 000,000,230 | ---- | C] () -- C:\WINDOWS\FkInventur40.INI
[2012.01.01 21:12:05 | 015,530,309 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\BH_20120101211205_DUE.zip
[2011.12.13 12:36:01 | 000,001,324 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2011.12.02 14:35:43 | 000,315,392 | ---- | C] () -- C:\WINDOWS\System32\ANPDApi.dll
[2011.12.02 14:35:43 | 000,048,640 | ---- | C] () -- C:\WINDOWS\System32\ANPD64.SYS
[2011.12.02 14:35:43 | 000,029,411 | ---- | C] () -- C:\WINDOWS\System32\ANPD.SYS
[2011.12.02 14:34:48 | 000,014,051 | ---- | C] () -- C:\WINDOWS\System32\RaCoInst.dat
[2011.08.22 10:22:38 | 000,110,592 | ---- | C] () -- C:\WINDOWS\System32\FsUsbExDevice.Dll
[2011.08.22 10:22:38 | 000,036,608 | ---- | C] () -- C:\WINDOWS\System32\FsUsbExDisk.Sys
[2011.08.22 10:22:27 | 000,002,528 | ---- | C] () -- C:\Dokumente und Einstellungen\Privat\Anwendungsdaten\$_hpcst$.hpc
[2011.05.13 09:03:16 | 000,303,104 | ---- | C] () -- C:\WINDOWS\System32\dnt27VC8.dll
[2011.05.13 09:01:22 | 000,143,360 | ---- | C] () -- C:\WINDOWS\System32\dntvmc27VC8.dll
[2011.05.13 09:01:00 | 000,086,016 | ---- | C] () -- C:\WINDOWS\System32\dntvm27VC8.dll
[2011.03.01 11:10:03 | 000,484,700 | ---- | C] () -- C:\Dokumente und Einstellungen\Privat\Eingescannt mit 01.03.2011 11-05.pdf
[2011.02.15 10:44:22 | 000,008,771 | ---- | C] () -- C:\Dokumente und Einstellungen\Privat\.recently-used.xbel
[2010.09.22 13:46:52 | 000,011,120 | ---- | C] () -- C:\Dokumente und Einstellungen\Privat\Lokale Einstellungen\Anwendungsdaten\slot1.mm1
[2010.09.05 12:28:43 | 000,000,000 | ---- | C] () -- C:\Dokumente und Einstellungen\Privat\Lokale Einstellungen\Anwendungsdaten\rx_image32.Cache
[2010.01.23 20:03:36 | 000,012,280 | ---- | C] () -- C:\Dokumente und Einstellungen\Privat\Anwendungsdaten\SmarThruOptions.xml
[2009.11.25 22:40:44 | 000,022,261 | ---- | C] () -- C:\Dokumente und Einstellungen\Privat\Anwendungsdaten\Kommagetrennte Werte (DOS).ADR
[2009.11.25 22:38:42 | 000,024,971 | ---- | C] () -- C:\Dokumente und Einstellungen\Privat\Anwendungsdaten\Microsoft Access 97-2003.ADR
[2009.11.25 19:15:47 | 000,000,354 | ---- | C] () -- C:\Programme\Komplett-Backup.bat
[2009.11.07 09:36:28 | 000,024,064 | ---- | C] () -- C:\Dokumente und Einstellungen\Privat\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
========== ZeroAccess Check ==========
[2008.07.22 08:05:37 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2008.04.14 13:00:00 | 001,499,136 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\fastprox.dll -- [2009.02.09 11:51:44 | 000,473,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\wbemess.dll -- [2008.04.14 13:00:00 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
========== LOP Check ==========
[2009.11.30 18:58:58 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\DesktopPwrMgr
[2009.08.12 14:44:41 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Downloaded Installations
[2009.11.06 16:16:45 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\FRITZ!
[2009.08.12 14:52:28 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Lenovo
[2009.11.25 16:40:56 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Lexware
[2009.11.05 09:26:54 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Acronis
[2012.04.12 18:34:40 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Alawar
[2012.10.13 09:34:47 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\AlawarWrapper
[2010.10.06 10:34:21 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\BTrieve
[2012.10.02 17:25:37 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\CrioGames
[2012.01.01 20:40:51 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\DownloadManager
[2010.09.06 17:07:12 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Emberwind
[2012.05.14 17:40:28 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\FUJIFILM
[2012.01.14 16:48:04 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Happyville__
[2012.09.25 18:29:09 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\HipSoft
[2010.09.25 13:09:52 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Intenium
[2011.10.05 10:52:16 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\InterAction studios
[2009.11.06 15:40:41 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\ISDNWatch
[2012.08.05 11:08:17 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Islands
[2010.07.31 11:59:55 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\iWin
[2009.08.12 14:52:28 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Lenovo
[2012.11.06 14:27:12 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Lexware
[2009.11.27 19:24:36 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Panda Software
[2011.08.22 10:34:26 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\PC Suite
[2009.08.12 14:47:39 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\PC-Doctor
[2009.11.28 12:46:17 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\PCDr
[2012.06.05 12:56:01 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\rionix
[2012.07.16 14:37:47 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\SpinTop Games
[2011.12.30 10:01:03 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\SQL Anywhere 11
[2010.02.09 15:29:31 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\StarMoney 7.0
[2009.08.12 14:38:56 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\SuperIO
[2010.02.15 18:49:46 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Tablet
[2010.07.27 18:39:55 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TEMP
[2009.08.12 14:43:27 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Uninstall
[2012.07.28 17:34:48 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\WeatherLord
[2010.04.07 10:31:01 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Zylom
[2009.11.05 18:10:59 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\+++\Anwendungsdaten\Acronis
[2009.08.12 14:44:41 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\+++\Anwendungsdaten\Downloaded Installations
[2009.11.06 15:40:32 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\+++\Anwendungsdaten\FRITZ!
[2009.11.04 10:53:20 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\+++\Anwendungsdaten\Leadertech
[2009.08.12 14:52:28 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\+++\Anwendungsdaten\Lenovo
[2009.11.05 18:10:59 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Default User\Anwendungsdaten\Acronis
[2009.08.12 14:44:41 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Default User\Anwendungsdaten\Downloaded Installations
[2009.11.06 15:40:32 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Default User\Anwendungsdaten\FRITZ!
[2009.11.04 10:53:20 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Default User\Anwendungsdaten\Leadertech
[2009.08.12 14:52:28 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Default User\Anwendungsdaten\Lenovo
[2009.11.05 18:10:59 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Gast\Anwendungsdaten\Acronis
[2009.08.12 14:44:41 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Gast\Anwendungsdaten\Downloaded Installations
[2009.11.06 15:40:32 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Gast\Anwendungsdaten\FRITZ!
[2009.11.04 10:53:20 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Gast\Anwendungsdaten\Leadertech
[2009.08.12 14:52:28 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Gast\Anwendungsdaten\Lenovo
[2009.12.12 10:25:20 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Geschäft\Anwendungsdaten\Acronis
[2011.06.30 11:36:01 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Geschäft\Anwendungsdaten\Alawar
[2012.08.27 13:35:10 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Geschäft\Anwendungsdaten\Boolat Games
[2009.11.28 12:44:02 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Geschäft\Anwendungsdaten\DesktopPwrMgr
[2009.08.12 14:44:41 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Geschäft\Anwendungsdaten\Downloaded Installations
[2009.11.06 15:40:32 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Geschäft\Anwendungsdaten\FRITZ!
[2009.11.04 10:53:20 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Geschäft\Anwendungsdaten\Leadertech
[2012.06.26 18:03:55 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Geschäft\Anwendungsdaten\LegacyGames
[2009.08.12 14:52:28 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Geschäft\Anwendungsdaten\Lenovo
[2010.09.01 15:37:24 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Geschäft\Anwendungsdaten\Lexware
[2011.09.04 16:25:44 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Geschäft\Anwendungsdaten\PC Suite
[2011.09.04 17:09:49 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Geschäft\Anwendungsdaten\YoudaGames
[2009.11.05 18:10:59 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\guest\Anwendungsdaten\Acronis
[2009.08.12 14:44:41 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\guest\Anwendungsdaten\Downloaded Installations
[2009.11.06 15:40:32 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\guest\Anwendungsdaten\FRITZ!
[2009.11.04 10:53:20 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\guest\Anwendungsdaten\Leadertech
[2009.08.12 14:52:28 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\guest\Anwendungsdaten\Lenovo
[2012.06.30 17:44:36 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\guest\Anwendungsdaten\Lexware
[2012.06.18 10:31:57 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\guest\Anwendungsdaten\PC Suite
[2012.07.13 14:52:00 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\guest\Anwendungsdaten\playmink
[2012.08.11 11:14:56 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\guest\Anwendungsdaten\Sahmon Games
[2012.07.01 14:26:31 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\guest\Anwendungsdaten\YoudaGames
[2009.11.05 18:10:59 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\----\Anwendungsdaten\Acronis
[2012.04.16 10:08:39 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\----\Anwendungsdaten\Alawar
[2012.08.26 19:56:01 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\----\Anwendungsdaten\Boolat Games
[2009.11.28 12:29:53 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\----\Anwendungsdaten\DesktopPwrMgr
[2009.08.12 14:44:41 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\----\Anwendungsdaten\Downloaded Installations
[2010.10.07 17:34:41 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\----\Anwendungsdaten\Friday's games
[2009.11.09 18:52:16 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\----\Anwendungsdaten\FRITZ!
[2009.11.04 10:53:20 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\----\Anwendungsdaten\Leadertech
[2012.06.26 15:43:15 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\----\Anwendungsdaten\LegacyGames
[2009.08.12 14:52:28 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\----\Anwendungsdaten\Lenovo
[2009.11.06 17:19:46 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\----\Anwendungsdaten\Lexware
[2011.09.05 18:04:23 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\----\Anwendungsdaten\PC Suite
[2010.10.07 12:18:41 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\----\Anwendungsdaten\PeaceCraft2
[2012.08.11 14:55:56 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\----\Anwendungsdaten\Sahmon Games
[2011.04.11 12:08:37 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\----\Anwendungsdaten\SmarThru4
[2011.10.19 09:00:54 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\----\Anwendungsdaten\YoudaGames
[2010.10.15 12:14:56 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\----\Anwendungsdaten\Zylom
[2009.11.05 18:10:59 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Acronis
[2009.08.12 14:44:41 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Downloaded Installations
[2009.11.10 14:55:50 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\FRITZ!
[2009.11.04 10:53:20 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Leadertech
[2009.08.12 14:52:28 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Lenovo
[2009.11.06 17:21:58 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Lexware
[2011.12.19 21:34:03 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Privat\Anwendungsdaten\1&1 Mail & Media GmbH
[2009.11.05 18:10:59 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Privat\Anwendungsdaten\Acronis
[2012.10.28 20:23:48 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Privat\Anwendungsdaten\Algue.Bad
[2010.01.25 18:19:25 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Privat\Anwendungsdaten\Cornelsen
[2010.08.27 11:40:29 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Privat\Anwendungsdaten\DataDesign
[2009.11.28 14:42:45 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Privat\Anwendungsdaten\DesktopPwrMgr
[2012.10.28 17:45:37 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Privat\Anwendungsdaten\Diic.Bad
[2009.08.12 14:44:41 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Privat\Anwendungsdaten\Downloaded Installations
[2012.10.29 11:22:00 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Privat\Anwendungsdaten\Etuwt.Bad
[2009.11.07 10:09:08 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Privat\Anwendungsdaten\FRITZ!
[2010.12.19 23:10:42 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Privat\Anwendungsdaten\gtk-2.0
[2011.07.24 17:21:41 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Privat\Anwendungsdaten\HdO Adventure
[2010.08.25 08:34:18 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Privat\Anwendungsdaten\IBAGroup
[2010.01.19 20:08:26 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Privat\Anwendungsdaten\InterVideo
[2010.07.31 11:59:55 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Privat\Anwendungsdaten\iWin
[2009.11.06 17:03:51 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Privat\Anwendungsdaten\klickTel
[2009.11.04 10:53:20 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Privat\Anwendungsdaten\Leadertech
[2009.08.12 14:52:28 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Privat\Anwendungsdaten\Lenovo
[2011.03.03 08:21:00 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Privat\Anwendungsdaten\Lexware
[2010.08.26 09:20:42 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Privat\Anwendungsdaten\Magic3
[2010.12.04 18:26:24 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Privat\Anwendungsdaten\Merscom
[2011.09.03 13:40:02 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Privat\Anwendungsdaten\PathToSuccess_DE
[2011.08.22 10:34:25 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Privat\Anwendungsdaten\PC Suite
[2010.05.10 11:07:54 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Privat\Anwendungsdaten\Peace Craft
[2010.10.07 21:03:19 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Privat\Anwendungsdaten\PeaceCraft2
[2010.07.01 17:05:52 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Privat\Anwendungsdaten\RTS
[2012.10.28 13:48:26 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Privat\Anwendungsdaten\Rypoil.Bad
[2011.08.22 10:22:25 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Privat\Anwendungsdaten\Samsung
[2010.07.21 16:44:41 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Privat\Anwendungsdaten\Settlement. Colossus
[2010.01.23 20:03:49 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Privat\Anwendungsdaten\SmarThru4
[2012.10.29 11:20:41 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Privat\Anwendungsdaten\Suro.Bad
[2012.10.18 08:12:49 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Privat\Anwendungsdaten\TeamViewer
[2010.09.15 13:59:07 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Privat\Anwendungsdaten\TheFixerUpper
[2010.11.28 13:26:57 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Privat\Anwendungsdaten\Total Eclipse
[2012.07.28 17:34:48 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Privat\Anwendungsdaten\WeatherLord
========== Purity Check ==========
< End of report >
Extras: Code:
OTL Extras logfile created on: 06.11.2012 19:44:38 - Run 4
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Dokumente und Einstellungen\Privat\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
1,97 Gb Total Physical Memory | 1,49 Gb Available Physical Memory | 75,66% Memory free
3,81 Gb Paging File | 3,25 Gb Available in Paging File | 85,11% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 293,47 Gb Total Space | 67,67 Gb Free Space | 23,06% Space Free | Partition Type: NTFS
Drive I: | 465,76 Gb Total Space | 358,15 Gb Free Space | 76,90% Space Free | Partition Type: NTFS
Computer Name: OFFICE01 | User Name: Privat | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
[HKEY_USERS\S-1-5-21-83021288-664690563-2488598934-1012\SOFTWARE\Classes\<extension>]
.html [@ = htmlfile] -- Reg Error: Key error. File not found
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
"DisableMonitoring" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"10243:TCP" = 10243:TCP:LocalSubNet:Enabled:Windows Media Player-Netzwerkfreigabedienst
"10280:UDP" = 10280:UDP:LocalSubNet:Enabled:Windows Media Player-Netzwerkfreigabedienst
"10281:UDP" = 10281:UDP:LocalSubNet:Enabled:Windows Media Player-Netzwerkfreigabedienst
"10282:UDP" = 10282:UDP:LocalSubNet:Enabled:Windows Media Player-Netzwerkfreigabedienst
"10283:UDP" = 10283:UDP:LocalSubNet:Enabled:Windows Media Player-Netzwerkfreigabedienst
"10284:UDP" = 10284:UDP:LocalSubNet:Enabled:Windows Media Player-Netzwerkfreigabedienst
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"10243:TCP" = 10243:TCP:LocalSubNet:Enabled:Windows Media Player-Netzwerkfreigabedienst
"10280:UDP" = 10280:UDP:LocalSubNet:Enabled:Windows Media Player-Netzwerkfreigabedienst
"10281:UDP" = 10281:UDP:LocalSubNet:Enabled:Windows Media Player-Netzwerkfreigabedienst
"10282:UDP" = 10282:UDP:LocalSubNet:Enabled:Windows Media Player-Netzwerkfreigabedienst
"10283:UDP" = 10283:UDP:LocalSubNet:Enabled:Windows Media Player-Netzwerkfreigabedienst
"10284:UDP" = 10284:UDP:LocalSubNet:Enabled:Windows Media Player-Netzwerkfreigabedienst
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"C:\WINDOWS\twain_32\Samsung\CLX3170\Sscan2io.exe" = C:\WINDOWS\twain_32\Samsung\CLX3170\Sscan2io.exe:*:Enabled:Net_ScanToPC MFC ?? ???? -- ()
"C:\Programme\Skype\Plugin Manager\skypePM.exe" = C:\Programme\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager
"C:\WINDOWS\twain_32\Samsung\ScanMgr.exe" = C:\WINDOWS\twain_32\Samsung\ScanMgr.exe:*:Enabled:Scan Manger -- (Samsung Electronics)
"C:\WINDOWS\twain_32\Samsung\CLX3170\Scan2Pc.exe" = C:\WINDOWS\twain_32\Samsung\CLX3170\Scan2Pc.exe:*:Enabled:ScanToPC -- ()
"C:\Programme\StarMoney 7.0 S-Edition\ouservice\StarMoneyOnlineUpdate.exe" = C:\Programme\StarMoney 7.0 S-Edition\ouservice\StarMoneyOnlineUpdate.exe:*:Enabled:StarMoney 7.0 OnlineUpdate -- (Star Finanz - Software Entwicklung und Vertriebs GmbH)
"C:\Programme\StarMoney 7.0 S-Edition\app\StarMoney.exe" = C:\Programme\StarMoney 7.0 S-Edition\app\StarMoney.exe:*:Enabled:StarMoney 7.0 -- (Star Finanz - Software Entwicklung und Vertriebs GmbH)
"C:\Programme\Microsoft Office\Office12\OUTLOOK.EXE" = C:\Programme\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook -- (Microsoft Corporation)
"C:\Programme\Samsung\Samsung New PC Studio\npsasvr.exe" = C:\Programme\Samsung\Samsung New PC Studio\npsasvr.exe:*:Enabled:KTF MUSIC AoD Server -- (PeeringPortal)
"C:\Programme\Samsung\Samsung New PC Studio\npsvsvr.exe" = C:\Programme\Samsung\Samsung New PC Studio\npsvsvr.exe:*:Enabled:KTF MUSIC VoD Server -- (PeeringPortal)
"C:\Programme\Sybase\SQL Anywhere 9\win32\dbsrv9.exe" = C:\Programme\Sybase\SQL Anywhere 9\win32\dbsrv9.exe:*:Enabled:Lexware Datenbank Server -- (iAnywhere Solutions, Inc.)
"C:\Programme\Skype\Phone\Skype.exe" = C:\Programme\Skype\Phone\Skype.exe:*:Enabled:Skype -- (Skype Technologies S.A.)
"C:\WINDOWS\explorer.exe" = C:\WINDOWS\explorer.exe:*:Disabled:Windows Explorer -- (Microsoft Corporation)
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0197D136-598D-4968-BEEA-91C1B764F05D}" = Lexware buchhalter 2012
"{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu
"{0878E100-C0BB-41E8-B4C6-C486B61FDA7B}" = Canon PhotoRecord
"{08E81ABD-79F7-49C2-881F-FD6CB0975693}" = Roxio Central Data
"{1007F41F-7D69-468E-8017-3849A5A973C2}" = ThinkVantage Technologies Welcome Message
"{14D08502-FEE4-40E5-90D3-8A967A1D8BA2}" = Readiris Pro 10
"{1F54DAFA-9261-4A62-B59D-6C9F26B48FE4}" = Roxio Central Tools
"{225C12AE-BB37-4EE3-8935-583E2F0E6644}" = Lexware reisekosten 2009
"{26A24AE4-039D-4CA4-87B4-2F83217009FF}" = Java 7 Update 9
"{2934DCB0-F8EE-11E0-A4A5-B8AC6F97B88E}" = Google Earth Plug-in
"{2F4C24E6-CBD4-4AAC-B56F-C9FD44DE5668}" = Drag-to-Disc
"{3038FB8F-5761-4215-AE14-9C73E530731C}" = Lexware Admintools Pro
"{350C97B3-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{4355A936-8F9A-43A8-A749-2FDAE0A62DD2}" = StarMoney 7.0 S-Edition
"{45EF4EE3-F591-4B74-A477-0CAE12934CE7}" = RAW Image Task 1.2
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{537BF16E-7412-448C-95D8-846E85A1D817}" = Roxio Creator Small Business Edition
"{560247B5-5AAD-43D7-B1C0-D77C5EAEE8CE}" = Canon Camera WIA Driver
"{594F2715-6CFC-4D72-A537-61D89F477085}" = Lexware reisekosten 2009
"{62B7C52C-CAB6-48B1-8245-52356C141C92}" = RENESIS® Player Browser Plugins
"{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}" = Roxio Express Labeler 3
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD
"{69333A04-5134-40A5-A055-9166A7AA1EC8}" =
"{6B54B1AE-EBCA-48BE-92AF-61D02118F093}" = Lexware online banking
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{73A4F29F-31AC-4EBD-AA1B-0CC5F18C8F83}" = Roxio Central Audio
"{779D8CA1-03DD-4AD4-B21F-3E20BFE7BEDE}" = SketchUp 8
"{7A70FCC4-E09F-45CE-ADB5-C208CEBF0A82}" = Servicepack Datumsaktualisierung
"{7BE15435-2D3E-4B58-867F-9C75BED0208C}" = QuickTime
"{7E84FAC8-C518-40F9-9807-7455301D6D25}" = SamsungConnectivityCableDriver
"{8675339C-128C-44DD-83BF-0A5D6ABD8297}" = System Update
"{8927E07C-97F7-4A54-88FB-D976F50DD46E}" = Turbo Lister 2
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8D337F77-BE7F-41A2-A7CB-D5A63FD7049B}" = Sonic CinePlayer Decoder Pack
"{90120000-0010-0407-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (German) 12
"{90120000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2007
"{90120000-0015-0407-0000-0000000FF1CE}_PROHYBRIDR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_PROHYBRIDR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_PROHYBRIDR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2007
"{90120000-0019-0407-0000-0000000FF1CE}_PROHYBRIDR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2007
"{90120000-001A-0407-0000-0000000FF1CE}_PROHYBRIDR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_PROHYBRIDR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_PROHYBRIDR_{A0516415-ED61-419A-981D-93596DA74165}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_PROHYBRIDR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_PROHYBRIDR_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_PROHYBRIDR_{322296D4-1EAE-4030-9FBC-D2787EB25FA2}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_PROHYBRIDR_{26454C26-D259-4543-AA60-3189E09C5F76}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{906CA2E5-5933-4DFE-AC9F-C45C0811F4E7}" = Lexware Elster
"{909B62B0-8ACA-4061-A83B-09CAEF609619}" = MSXML 6.0 Parser
"{90F1943D-EA4A-4460-B59F-30023F3BA69A}" = SmarThru 4
"{91120000-0031-0000-0000-0000000FF1CE}" = Microsoft Office Professional Hybrid 2007
"{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{91203BD3-6C3E-472F-ADBD-F60FDC7C4010}" = Camera Window DS
"{91810AFC-A4F8-4EBA-A5AA-B198BBC81144}" = InterVideo WinDVD
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9E3BC634-769E-4847-9530-E22433D13E45}" = FanSpeedControl
"{A0E64EBA-8BF0-49FB-90C0-BB3D781A2016}" = ThinkVantage Energie-Manager
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A6EB7944-7C6A-4AFD-9539-19B88CBC409D}" = StarMoney
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC599724-5755-48C1-ABE7-ABB857652930}" = PC Connectivity Solution
"{AC76BA86-7AD7-1031-7B44-AB0000000001}" = Adobe Reader XI - Deutsch
"{AC76BA86-7AD7-2447-0000-900000000003}" = Chinese Simplified Fonts Support For Adobe Reader 9
"{B388231D-672A-4169-A3DF-BD80266252AB}" = StarMoney
"{B6A26DE5-F2B5-4D58-9570-4FC760E00FCD}" = Roxio Central Copy
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call
"{BAF78226-3200-4DB4-BE33-4D922A799840}" = Windows Presentation Foundation
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C2C284D2-6BD7-3B34-B0C5-B2CAED168DF7}" = Microsoft .NET Framework 3.0 Service Pack 2 Language Pack - DEU
"{C2E95FA0-C8E8-400D-ABC1-CE599298DBFF}_is1" = Preissoft 2013 V2.5
"{C2F1F96A-057E-5819-B52E-FEA1D1D2933B}" = Acronis*True*Image*Home
"{C314CE45-3392-3B73-B4E1-139CD41CA933}" = Microsoft .NET Framework 2.0 Service Pack 2 Language Pack - DEU
"{C54ED2B6-1AF2-416F-BBA8-5E2B8CDCB5C4}" = XP Themes
"{CA79E67F-3D43-4a30-83A6-CACD122C7954}" = Lexware professional 2012
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CBCEC5CB-5B7B-4130-BBEF-222B57349401}" = klickTel Routenplaner Deutschland und Europa 2009
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D7D2F494-89E3-42ED-8A2B-75BDD9B464CB}" = D-Link DWA-140
"{DB71210F-8314-4AE3-B7A7-EBAF85BD30E9}" = Wallpapers
"{DDDAEC3A-8419-46D4-9BD1-59E016C5C573}" = StarMoney
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{E6B43401-E818-4961-AFED-118DD8E87642}" = RAF
"{E78BFA60-5393-4C38-82AB-E8019E464EB4}" = Microsoft .NET Framework 1.1 German Language Pack
"{E8A54984-9776-4283-ACE2-782BA850A1C0}" = Roxio Creator Small Business Edition
"{EC2F8A30-787F-4DA5-9A8F-8E7DFE777CC2}" = Servicepack Datumsaktualisierung
"{EC877639-07AB-495C-BFD1-D63AF9140810}" = Roxio Activation Module
"{ED439A64-F018-4DD4-8BA5-328D85AB09AB}" = Roxio Central Core
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.10
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F151F2B3-0C32-44D3-90E2-E639B8024622}" = Rescue and Recovery
"{F18DB86D-BC16-4E01-BCCE-63F62B931D82}" = InterVideo Register Manager
"{F193FC0E-9E18-40FC-A974-509A1BDD240A}" = Samsung New PC Studio
"{F3C2ECAA-1B4D-4B75-9105-106B0D03EF02}" = Lexware Info Service
"{F9D06BBE-BE0B-485F-AA70-9D83F2E88980}" = Lexware warenwirtschaft pro 2012
"{FDC5E0B1-2739-48A1-8027-F76F2E68AC84}" = Lexware professional Datenbank 2012
"3A5DEFA413DDE699DBA6EBE0A63534ACA524D30F" = Windows-Treiberpaket - Nokia pccsmcfd (10/12/2007 6.85.4.0)
"6194C28A8F62DD817EA1B918E6E46E806A21B452" = Windows-Treiberpaket - MobileTop (sshpmdm) Modem (02/23/2007 2.5.0.0)
"65B6FE5418CE28F4D72543FB2D964C3CEC83F161" = Windows-Treiberpaket - MobileTop (sshpusb) USB (02/23/2007 2.5.0.0)
"ActiveScan 2.0" = Panda ActiveScan 2.0
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Avira AntiVir Desktop" = Avira Professional Security
"AVM ISDN CAPI Port" = AVM ISDN CAPI Port
"CAL" = Canon Camera Access Library
"CameraWindowDC" = Canon Utilities CameraWindow DC
"CameraWindowDVC5" = Canon Utilities CameraWindow DC_DV 5 for ZoomBrowser EX
"CameraWindowDVC6" = Canon Utilities CameraWindow DC_DV 6 for ZoomBrowser EX
"CameraWindowLauncher" = Canon Utilities CameraWindow
"CANON iMAGE GATEWAY Task" = CANON iMAGE GATEWAY Task for ZoomBrowser EX
"Canon Internet Library for ZoomBrowser EX" = Canon Internet Library for ZoomBrowser EX
"Canon MOV Decoder" = Canon MOV Decoder
"Canon MOV Encoder" = Canon MOV Encoder
"CCleaner" = CCleaner
"CSCLIB" = Canon Camera Support Core Library
"FinePix Genie_is1" = FUJIFILM MyFinePix Studio 2.0
"FRITZ! 2.0" = AVM FRITZ!
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie8" = Windows Internet Explorer 8
"InstallShield_{45EF4EE3-F591-4B74-A477-0CAE12934CE7}" = Canon RAW Image Task for ZoomBrowser EX
"InstallShield_{560247B5-5AAD-43D7-B1C0-D77C5EAEE8CE}" = Canon Camera WIA Driver 6.4
"InstallShield_{91203BD3-6C3E-472F-ADBD-F60FDC7C4010}" = Canon Camera Window DS for ZoomBrowser EX
"InstallShield_{9E3BC634-769E-4847-9530-E22433D13E45}" = FanSpeedControl
"InstallShield_{F193FC0E-9E18-40FC-A974-509A1BDD240A}" = Samsung New PC Studio
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.65.1.1000
"Marvell Miniport Driver" = Marvell Miniport Driver
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"MouseSuite98" = Mouse Suite
"MovieEditTask" = Canon MovieEdit Task for ZoomBrowser EX
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"MyCamera" = Canon Utilities MyCamera
"MyCameraDC" = Canon Utilities MyCamera DC
"Nero - Burning Rom!UninstallKey" = Nero 6 Ultra Edition
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"OpenAL" = OpenAL
"PC-Doctor for Windows" = Lenovo System Toolbox
"PhotoStitch" = Canon Utilities PhotoStitch
"Picasa 3" = Picasa 3
"PROHYBRIDR" = 2007 Microsoft Office system
"RemoteCaptureDC" = Canon Utilities RemoteCapture DC
"RemoteCaptureTask" = Canon Utilities RemoteCapture Task for ZoomBrowser EX
"Rmtablet" = USB Tablet Manager
"S3" = Die Siedler III Gold Edition
"Samsung CLX-3170 Series" = Samsung CLX-3170 Series
"SAMSUNG Mobile Composite Device" = SAMSUNG Mobile Composite Device Software
"SAMSUNG Mobile Modem" = SAMSUNG Mobile Modem Driver Set
"Samsung Mobile Modem Device" = Samsung Mobile Modem Device Software
"Samsung Mobile phone USB driver" = Samsung Mobile phone USB driver Software
"SAMSUNG Mobile USB Modem" = SAMSUNG Mobile USB Modem Software
"SAMSUNG Mobile USB Modem 1.0" = SAMSUNG Mobile USB Modem 1.0 Software
"SAMSUNG USB Mobile Device" = SAMSUNG USB Mobile Device Software
"SmarThru PC Fax" = SmarThru PC Fax
"Supreme Auction_is1" = Supreme Auction
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"WinRAR archiver" = WinRAR Archivierer
"WMCSetup" = Windows Media Connect
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"XpsEPSC" = XML Paper Specification Shared Components Pack 1.0
"XPSEPSCLP" = XML Paper Specification Shared Components Language Pack 1.0
"ZoomBrowser EX" = Canon Utilities ZoomBrowser EX
"ZoomBrowser EX Memory Card Utility" = Canon ZoomBrowser EX Memory Card Utility
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 28.10.2012 13:03:55 | Computer Name = OFFICE01 | Source = VSS | ID = 12305
Description = Volumeschattenkopie-Dienstfehler: Volume bzw. Datenträger ist nicht
richtig angeschlossen oder wurde nicht gefunden. Fehlerkontext: CreateFileW(\\?\Volume{1cc19187-dbbb-11df-96a4-00016c58b334},0xc0000000,0x00000003,...).
Error - 28.10.2012 13:03:55 | Computer Name = OFFICE01 | Source = VSS | ID = 12305
Description = Volumeschattenkopie-Dienstfehler: Volume bzw. Datenträger ist nicht
richtig angeschlossen oder wurde nicht gefunden. Fehlerkontext: DeviceIoControl(000001EC,0x0053c008,0003CDF8,0,0003BDF0,4096,[0]).
Error - 28.10.2012 14:07:46 | Computer Name = OFFICE01 | Source = VSS | ID = 12305
Description = Volumeschattenkopie-Dienstfehler: Volume bzw. Datenträger ist nicht
richtig angeschlossen oder wurde nicht gefunden. Fehlerkontext: CreateFileW(\\?\Volume{1cc19187-dbbb-11df-96a4-00016c58b334},0xc0000000,0x00000003,...).
Error - 28.10.2012 14:07:46 | Computer Name = OFFICE01 | Source = VSS | ID = 12305
Description = Volumeschattenkopie-Dienstfehler: Volume bzw. Datenträger ist nicht
richtig angeschlossen oder wurde nicht gefunden. Fehlerkontext: DeviceIoControl(000001AC,0x0053c008,0003CDF8,0,0003BDF0,4096,[0]).
Error - 28.10.2012 15:42:49 | Computer Name = OFFICE01 | Source = Application Error | ID = 1000
Description = Fehlgeschlagene Anwendung avscan.exe, Version 12.3.0.33, fehlgeschlagenes
Modul avreg.dll, Version 12.3.0.17, Fehleradresse 0x0000c82c.
Error - 30.10.2012 03:15:25 | Computer Name = OFFICE01 | Source = Avira Antivirus | ID = 4129
Description = Das Update von OFFICE01 (192.168.0.10) ist fehlgeschlagen. Während
des Herunterladens ist ein Fehler aufgetreten. . Es wurden keine neuen Dateien geladen.
Error - 30.10.2012 08:50:17 | Computer Name = OFFICE01 | Source = Avira Antivirus | ID = 4129
Description = Das Update von OFFICE01 (192.168.0.10) ist fehlgeschlagen. Während
des Herunterladens ist ein Fehler aufgetreten. . Es wurden keine neuen Dateien geladen.
Error - 30.10.2012 10:00:48 | Computer Name = OFFICE01 | Source = Avira Antivirus | ID = 4129
Description = Das Update von OFFICE01 (192.168.0.10) ist fehlgeschlagen. Während
des Herunterladens ist ein Fehler aufgetreten. . Es wurden keine neuen Dateien geladen.
Error - 05.11.2012 04:25:43 | Computer Name = OFFICE01 | Source = Application Error | ID = 1000
Description = Fehlgeschlagene Anwendung scan2pc.exe, Version 2.29.4.3, fehlgeschlagenes
Modul netmodule.dll, Version 1.0.0.2, Fehleradresse 0x00003b7f.
Error - 05.11.2012 07:55:24 | Computer Name = OFFICE01 | Source = Application Error | ID = 1000
Description = Fehlgeschlagene Anwendung vid2cdsj.exe, Version 1.0.15.15641, fehlgeschlagenes
Modul vid2cdsj.exe, Version 1.0.15.15641, Fehleradresse 0x0000c676.
[ OSession Events ]
Error - 07.02.2012 10:00:48 | Computer Name = OFFICE01 | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6423.1000, Microsoft Office Version: 12.0.6425.1000. This session lasted 4003
seconds with 180 seconds of active time. This session ended with a crash.
Error - 17.04.2012 03:43:15 | Computer Name = OFFICE01 | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6423.1000, Microsoft Office Version: 12.0.6425.1000. This session lasted 2047
seconds with 360 seconds of active time. This session ended with a crash.
Error - 17.04.2012 06:37:48 | Computer Name = OFFICE01 | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6423.1000, Microsoft Office Version: 12.0.6425.1000. This session lasted 2691
seconds with 180 seconds of active time. This session ended with a crash.
Error - 01.05.2012 15:41:09 | Computer Name = OFFICE01 | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6423.1000, Microsoft Office Version: 12.0.6425.1000. This session lasted 1576
seconds with 1200 seconds of active time. This session ended with a crash.
Error - 13.06.2012 07:51:58 | Computer Name = OFFICE01 | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6423.1000, Microsoft Office Version: 12.0.6425.1000. This session lasted 1301
seconds with 960 seconds of active time. This session ended with a crash.
Error - 28.06.2012 08:37:32 | Computer Name = OFFICE01 | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6423.1000, Microsoft Office Version: 12.0.6425.1000. This session lasted 2012
seconds with 0 seconds of active time. This session ended with a crash.
Error - 02.07.2012 10:11:07 | Computer Name = OFFICE01 | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6423.1000, Microsoft Office Version: 12.0.6425.1000. This session lasted 2
seconds with 0 seconds of active time. This session ended with a crash.
Error - 16.07.2012 04:41:13 | Computer Name = OFFICE01 | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6423.1000, Microsoft Office Version: 12.0.6425.1000. This session lasted 1688
seconds with 240 seconds of active time. This session ended with a crash.
Error - 24.07.2012 12:14:05 | Computer Name = OFFICE01 | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
12.0.6425.1000, Microsoft Office Version: 12.0.6425.1000. This session lasted 640
seconds with 0 seconds of active time. This session ended with a crash.
Error - 04.09.2012 08:03:20 | Computer Name = OFFICE01 | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6423.1000, Microsoft Office Version: 12.0.6425.1000. This session lasted 14700
seconds with 2520 seconds of active time. This session ended with a crash.
[ System Events ]
Error - 06.11.2012 12:49:46 | Computer Name = OFFICE01 | Source = Service Control Manager | ID = 7034
Description = Dienst "StarMoney 7.0 OnlineUpdate" wurde unerwartet beendet. Dies
ist bereits 1 Mal passiert.
Error - 06.11.2012 12:49:46 | Computer Name = OFFICE01 | Source = Service Control Manager | ID = 7031
Description = Der Dienst "TVT Windows Update Monitor" wurde unerwartet beendet.
Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 500 Millisekunden
durchgeführt: Starten Sie den Dienst neu..
Error - 06.11.2012 12:49:46 | Computer Name = OFFICE01 | Source = Service Control Manager | ID = 7034
Description = Dienst "TVT Backup Service" wurde unerwartet beendet. Dies ist bereits
1 Mal passiert.
Error - 06.11.2012 12:49:46 | Computer Name = OFFICE01 | Source = Service Control Manager | ID = 7034
Description = Dienst "WTService" wurde unerwartet beendet. Dies ist bereits 1 Mal
passiert.
Error - 06.11.2012 12:49:46 | Computer Name = OFFICE01 | Source = Service Control Manager | ID = 7034
Description = Dienst "TVT Scheduler" wurde unerwartet beendet. Dies ist bereits
1 Mal passiert.
Error - 06.11.2012 12:49:46 | Computer Name = OFFICE01 | Source = Service Control Manager | ID = 7034
Description = Dienst "Canon Camera Access Library 8" wurde unerwartet beendet. Dies
ist bereits 1 Mal passiert.
Error - 06.11.2012 12:49:46 | Computer Name = OFFICE01 | Source = Service Control Manager | ID = 7034
Description = Dienst "Power Manager DBC Service" wurde unerwartet beendet. Dies
ist bereits 1 Mal passiert.
Error - 06.11.2012 12:49:46 | Computer Name = OFFICE01 | Source = Service Control Manager | ID = 7034
Description = Dienst "System Update" wurde unerwartet beendet. Dies ist bereits
1 Mal passiert.
Error - 06.11.2012 12:53:21 | Computer Name = OFFICE01 | Source = Service Control Manager | ID = 7000
Description = Der Dienst "SSPORT" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error - 06.11.2012 13:28:50 | Computer Name = OFFICE01 | Source = Service Control Manager | ID = 7000
Description = Der Dienst "SSPORT" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
< End of report >
Damit kann ich nur wieder mit Dank an Dich abgeben. |
