extras.txt:OTL Logfile: Code:
OTL Extras logfile created on: 20.08.2010 09:11:14 - Run 1
OTL by OldTimer - Version 3.2.10.0 Folder = H:\Sicherung Alte Platte
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
1,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 56,00% Memory free
2,00 Gb Paging File | 2,00 Gb Available in Paging File | 74,00% Paging File free
Paging file location(s): G:\pagefile.sys 756 1512 [binary data]
%SystemDrive% = G: | %SystemRoot% = G:\WINDOWS | %ProgramFiles% = G:\Programme
Drive C: | 73,83 Gb Total Space | 44,89 Gb Free Space | 60,80% Space Free | Partition Type: NTFS
Drive D: | 71,21 Gb Total Space | 66,55 Gb Free Space | 93,46% Space Free | Partition Type: NTFS
Drive E: | 4,00 Gb Total Space | 1,19 Gb Free Space | 29,80% Space Free | Partition Type: FAT32
F: Drive not present or media not loaded
Drive G: | 78,13 Gb Total Space | 29,76 Gb Free Space | 38,09% Space Free | Partition Type: NTFS
Drive H: | 70,91 Gb Total Space | 57,41 Gb Free Space | 80,97% Space Free | Partition Type: NTFS
I: Drive not present or media not loaded
Drive J: | 1397,26 Gb Total Space | 1248,40 Gb Free Space | 89,35% Space Free | Partition Type: NTFS
Drive Z: | 74,52 Gb Total Space | 54,10 Gb Free Space | 72,59% Space Free | Partition Type: NTFS
Computer Name: MP
Current User Name: GES
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
[HKEY_USERS\S-1-5-21-583907252-527237240-839522115-1004\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- G:\Programme\Mozilla Firefox 3.1 Beta 3\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
htmlfile [edit] -- "G:\Programme\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "G:\Programme\Microsoft Office\Office12\msohtmed.exe" /p %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [FinePix] -- "G:\Programme\FinePixViewer\FinePixViewer.exe" "%1" (FUJI PHOTO FILM CO.,LTD.)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 1
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"G:\Programme\Windows Live\Sync\WindowsLiveSync.exe" = G:\Programme\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync -- (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"F:\SETUP.EXE" = F:\SETUP.EXE:*:Enabled:Setup -- File not found
"G:\Programme\Microsoft Office\Office12\OUTLOOK.EXE" = G:\Programme\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook -- (Microsoft Corporation)
"G:\Programme\Windows Live\Sync\WindowsLiveSync.exe" = G:\Programme\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync -- (Microsoft Corporation)
"G:\Programme\ICQ6\ICQ.exe" = G:\Programme\ICQ6\ICQ.exe:*:Enabled:ICQ6 -- File not found
"G:\Programme\iTunes\iTunes.exe" = G:\Programme\iTunes\iTunes.exe:*:Enabled:iTunes -- (Apple Inc.)
"G:\WINDOWS\explorer.exe" = G:\WINDOWS\explorer.exe:*:Enabled:Windows Explorer -- (Microsoft Corporation)
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{015C057F-D7B9-4D82-B266-FBCF0178F382}" = USB Audio/Video Driver
"{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu
"{06E6E30D-B498-442F-A943-07DE41D7F785}" = Microsoft Search Enhancement Pack
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{24ED4D80-8294-11D5-96CD-0040266301AD}" = FinePixViewer Ver.5.2
"{26A24AE4-039D-4CA4-87B4-2F83216010FF}" = Java(TM) 6 Update 21
"{28BE306E-5DA6-4F9C-BDB0-DBA3C8C6FFFD}" = QuickTime
"{2BA722D1-48D1-406E-9123-8AE5431D63EF}" = Windows Live Fotogalerie
"{3248F0A8-6813-11D6-A77B-00B0D0160070}" = Java(TM) 6 Update 7
"{350C97B3-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform
"{41E654A9-26D0-4EAC-854B-0FA824FFFABB}" = Windows Live Messenger
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{52B97218-98CB-4B8B-9283-D213C85E1AA4}" = Windows Live Anmelde-Assistent
"{5490882C-6961-11D5-BAE5-00E0188E010B}" = FUJIFILM USB Driver
"{56F3E1FF-54FE-4384-A153-6CCABA097814}" = Creative MediaSource
"{57F0ED40-8F11-41AA-B926-4A66D0D1A9CC}" = Microsoft Office Live Add-in 1.3
"{5FC68772-6D56-41C6-9DF1-24E868198AE6}" = Windows Live Call
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{70B7A167-0B88-445D-A3EA-97C73AA88CAC}" = Windows Live Toolbar
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{76618402-179D-4699-A66B-D351C59436BC}" = Windows Live Sync
"{76E6BBAA-25E6-4BFC-9613-75A5CACE2940}" = Olympus DSS Player
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7AB3A249-FB81-416B-917A-A2A10E74C503}" = iTunes
"{85991ED2-010C-4930-96FA-52F43C2CE98A}" = Apple Mobile Device Support
"{8A74E887-8F0F-4017-AF53-CBA42211AAA5}" = Microsoft Sync Framework Runtime Native v1.0 (x86)
"{90120000-0010-0407-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (German) 12
"{90120000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2007
"{90120000-0015-0407-0000-0000000FF1CE}_PROHYBRIDR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_PROHYBRIDR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_PROHYBRIDR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2007
"{90120000-0019-0407-0000-0000000FF1CE}_PROHYBRIDR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2007
"{90120000-001A-0407-0000-0000000FF1CE}_PROHYBRIDR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_PROHYBRIDR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_PROHYBRIDR_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_PROHYBRIDR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_PROHYBRIDR_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_PROHYBRIDR_{322296D4-1EAE-4030-9FBC-D2787EB25FA2}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_PROHYBRIDR_{26454C26-D259-4543-AA60-3189E09C5F76}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-0031-0000-0000-0000000FF1CE}" = Microsoft Office Professional Hybrid 2007
"{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{9211CCBB-BEFE-4A0C-9199-D7A535DBFE5F}" = Brother MFL-Pro Suite
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{95120000-0122-0407-0000-0000000FF1CE}" = Microsoft Office Outlook Connector
"{994223F3-A99B-4DDD-9E1D-0190A17C6860}" = Windows Live Family Safety
"{996F79F5-2ABF-4B9D-A0C0-ACD046AA8008}" = ArcSoft ShowBiz DVD 2
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}" = Segoe UI
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{AC76BA86-7AD7-1031-7B44-A91000000001}" = Adobe Reader 9.1.3 - Deutsch
"{B2D328BE-45AD-4D92-96F9-2151490A203E}" = Apple Application Support
"{B44529FF-501E-47CD-A06D-223C161BE058}" = FinePixViewer Resource
"{B5CB014F-DEB6-450D-80B3-FCADF869C91D}" = MDR
"{B8D57AEB-841A-415F-9331-13DDF09BD3F2}" = Nokia PC Suite 5.1
"{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}" = Microsoft Sync Framework Services Native v1.0 (x86)
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C2C284D2-6BD7-3B34-B0C5-B2CAED168DF7}" = Microsoft .NET Framework 3.0 Service Pack 2 Language Pack - DEU
"{C314CE45-3392-3B73-B4E1-139CD41CA933}" = Microsoft .NET Framework 2.0 Service Pack 2 Language Pack - DEU
"{C4D738F7-996A-4C81-B8FA-C4E26D767E41}" = Windows Live Mail
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{E0A4805D-280A-4DD7-9E74-3A5F85E302A1}" = Windows Live Writer
"{E2DFE069-083E-4631-9B6C-43C48E991DE5}" = Junk Mail filter update
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F13D54AA-EE45-4394-8510-C612A56FD9BC}" = Creative Zen Touch
"{F8FF18EE-264A-43FD-B2F6-5EAD40798C2F}" = Windows Live Essentials
"{FB08F381-6533-4108-B7DD-039E11FBC27E}" = Realtek AC'97 Audio
"7-Zip" = 7-Zip 4.64
"Adobe Flash Player ActiveX" = Adobe Flash Player ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"AVMWLANCLI" = AVM FRITZ!WLAN
"Corel Uninstaller" = Corel Uninstaller
"Creative Jukebox Driver" = Creative Jukebox Driver
"DVDVideoSoftTB Toolbar" = DVDVideoSoftTB Toolbar
"Free YouTube Download_is1" = Free YouTube Download 2.9
"HDMI" = Intel(R) Graphics Media Accelerator Driver
"HP-Color LaserJet 2600n" = Color LaserJet 2600n
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie7" = Windows Internet Explorer 7
"ie8" = Windows Internet Explorer 8
"InstallShield_{015C057F-D7B9-4D82-B266-FBCF0178F382}" = USB Audio/Video Driver
"InstallShield_{B8D57AEB-841A-415F-9331-13DDF09BD3F2}" = Nokia PC Suite 5.1
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mozilla Firefox (3.0.7)" = Mozilla Firefox (3.0.7)
"Mozilla Firefox (3.5.3)" = Mozilla Firefox (3.5.3)
"NeroMultiInstaller!UninstallKey" = Nero Suite
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"Pdf995" = Pdf995
"PROHYBRIDR" = 2007 Microsoft Office system
"Uninstall_is1" = Uninstall 1.0.0.1
"Vermieterhandbuch" = Vermieter-Handbuch
"VLC media player" = VideoLAN VLC media player 0.8.6d
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinLiveSuite_Wave3" = Windows Live Essentials
"XPSEPSCLP" = XML Paper Specification Shared Components Language Pack 1.0
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 02.09.2009 11:31:45 | Computer Name = MP | Source = Application Error | ID = 1000
Description = Fehlgeschlagene Anwendung photopnt.exe, Version 8.232.0.0, fehlgeschlagenes
Modul photopnt.exe, Version 8.232.0.0, Fehleradresse 0x0019a160.
Error - 11.09.2009 03:45:04 | Computer Name = MP | Source = Application Hang | ID = 1002
Description = Stillstehende Anwendung firefox.exe, Version 1.9.1.3523, Stillstandmodul
hungapp, Version 0.0.0.0, Stillstandadresse 0x00000000.
Error - 14.09.2009 02:59:23 | Computer Name = MP | Source = Microsoft Office 12 | ID = 1000
Description = Faulting application outlook.exe, version 12.0.6504.5000, stamp 49e7f47e,
faulting module unknown, version 0.0.0.0, stamp 00000000, debug? 0, fault address
0x000c7200.
[ OSession Events ]
Error - 04.05.2010 07:26:13 | Computer Name = MP | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6514.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 12386
seconds with 900 seconds of active time. This session ended with a crash.
Error - 18.05.2010 05:30:45 | Computer Name = MP | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6514.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 338
seconds with 120 seconds of active time. This session ended with a crash.
Error - 26.05.2010 08:03:01 | Computer Name = MP | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6514.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 19347
seconds with 4260 seconds of active time. This session ended with a crash.
Error - 01.06.2010 07:23:25 | Computer Name = MP | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6514.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 16423
seconds with 2700 seconds of active time. This session ended with a crash.
Error - 02.06.2010 10:46:43 | Computer Name = MP | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6514.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 151
seconds with 120 seconds of active time. This session ended with a crash.
Error - 02.06.2010 10:47:04 | Computer Name = MP | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6514.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 12
seconds with 0 seconds of active time. This session ended with a crash.
Error - 07.06.2010 03:54:36 | Computer Name = MP | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6514.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 1010
seconds with 120 seconds of active time. This session ended with a crash.
Error - 09.06.2010 07:30:30 | Computer Name = MP | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6514.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 7675
seconds with 540 seconds of active time. This session ended with a crash.
Error - 22.06.2010 06:22:59 | Computer Name = MP | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6514.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 474
seconds with 240 seconds of active time. This session ended with a crash.
Error - 29.06.2010 03:14:25 | Computer Name = MP | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6514.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 1430
seconds with 240 seconds of active time. This session ended with a crash.
[ System Events ]
Error - 18.08.2010 08:00:08 | Computer Name = MP | Source = Dhcp | ID = 1001
Description = Diesem Computer konnte keine Netzwerkadresse durch den DHCP-Server
für die Netzwerkkarte mit der Netzwerkadresse 001A4F9C7998 zugeteilt werden. Der
folgende Fehler ist aufgetreten: %%121. Es wird weiterhin im Hintergrund versucht,
eine Adresse vom Netzwerkadressserver (DHCP) zugeteilt zu bekommen.
Error - 18.08.2010 08:19:57 | Computer Name = MP | Source = Dhcp | ID = 1001
Description = Diesem Computer konnte keine Netzwerkadresse durch den DHCP-Server
für die Netzwerkkarte mit der Netzwerkadresse 001A4F9C7998 zugeteilt werden. Der
folgende Fehler ist aufgetreten: %%121. Es wird weiterhin im Hintergrund versucht,
eine Adresse vom Netzwerkadressserver (DHCP) zugeteilt zu bekommen.
Error - 18.08.2010 08:32:57 | Computer Name = MP | Source = Dhcp | ID = 1001
Description = Diesem Computer konnte keine Netzwerkadresse durch den DHCP-Server
für die Netzwerkkarte mit der Netzwerkadresse 001A4F9C7998 zugeteilt werden. Der
folgende Fehler ist aufgetreten: %%121. Es wird weiterhin im Hintergrund versucht,
eine Adresse vom Netzwerkadressserver (DHCP) zugeteilt zu bekommen.
Error - 18.08.2010 08:36:07 | Computer Name = MP | Source = Dhcp | ID = 1001
Description = Diesem Computer konnte keine Netzwerkadresse durch den DHCP-Server
für die Netzwerkkarte mit der Netzwerkadresse 001A4F9C7998 zugeteilt werden. Der
folgende Fehler ist aufgetreten: %%121. Es wird weiterhin im Hintergrund versucht,
eine Adresse vom Netzwerkadressserver (DHCP) zugeteilt zu bekommen.
Error - 18.08.2010 08:40:30 | Computer Name = MP | Source = ipnathlp | ID = 32003
Description = Der Übersetzer für Netzwerkadressen (NAT) konnte keine Anfrage des
Übersetzungsmoduls des Kernelmodus stellen. Möglicherweise liegen eine falsche Konfiguration,
unzureichende Ressourcen oder ein interner Fehler vor. Die Daten enthalten den Fehlercode.
Error - 19.08.2010 06:51:59 | Computer Name = MP | Source = sr | ID = 1
Description = Beim Verarbeiten der Datei "" auf Volume "HarddiskVolume1" ist im
Wiederherstellungsfilter der unerwartete Fehler "0xC0000001" aufgetreten. Die Volumeüberwachung
wurde angehalten.
Error - 19.08.2010 06:52:09 | Computer Name = MP | Source = Service Control Manager | ID = 7026
Description = Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
PCIIde
Error - 19.08.2010 10:22:11 | Computer Name = MP | Source = EventLog | ID = 6004
Description = Ein Treiberpaket, das vom E/A-Teilsystem empfangen wurde, war ungültig.
Die Daten sind das Paket.
Error - 19.08.2010 10:21:44 | Computer Name = MP | Source = EventLog | ID = 6004
Description = Ein Treiberpaket, das vom E/A-Teilsystem empfangen wurde, war ungültig.
Die Daten sind das Paket.
Error - 19.08.2010 10:21:44 | Computer Name = MP | Source = EventLog | ID = 6004
Description = Ein Treiberpaket, das vom E/A-Teilsystem empfangen wurde, war ungültig.
Die Daten sind das Paket.
< End of report >
--- --- ---
otl.txt:OTL Logfile: Code:
OTL logfile created on: 20.08.2010 09:11:14 - Run 1
OTL by OldTimer - Version 3.2.10.0 Folder = H:\Sicherung Alte Platte
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
1,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 56,00% Memory free
2,00 Gb Paging File | 2,00 Gb Available in Paging File | 74,00% Paging File free
Paging file location(s): G:\pagefile.sys 756 1512 [binary data]
%SystemDrive% = G: | %SystemRoot% = G:\WINDOWS | %ProgramFiles% = G:\Programme
Drive C: | 73,83 Gb Total Space | 44,89 Gb Free Space | 60,80% Space Free | Partition Type: NTFS
Drive D: | 71,21 Gb Total Space | 66,55 Gb Free Space | 93,46% Space Free | Partition Type: NTFS
Drive E: | 4,00 Gb Total Space | 1,19 Gb Free Space | 29,80% Space Free | Partition Type: FAT32
F: Drive not present or media not loaded
Drive G: | 78,13 Gb Total Space | 29,76 Gb Free Space | 38,09% Space Free | Partition Type: NTFS
Drive H: | 70,91 Gb Total Space | 57,41 Gb Free Space | 80,97% Space Free | Partition Type: NTFS
I: Drive not present or media not loaded
Drive J: | 1397,26 Gb Total Space | 1248,40 Gb Free Space | 89,35% Space Free | Partition Type: NTFS
Drive Z: | 74,52 Gb Total Space | 54,10 Gb Free Space | 72,59% Space Free | Partition Type: NTFS
Computer Name: MP
Current User Name: GES
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal
========== Processes (SafeList) ==========
PRC - H:\Sicherung Alte Platte\OTL.exe (OldTimer Tools)
PRC - G:\Programme\Microsoft Office\Office12\WINWORD.EXE (Microsoft Corporation)
PRC - G:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.)
PRC - G:\Programme\Microsoft Office\Office12\OUTLOOK.EXE (Microsoft Corporation)
PRC - G:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)
PRC - G:\Programme\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe (Microsoft Corporation)
PRC - G:\Programme\Mozilla Firefox 3.1 Beta 3\firefox.exe (Mozilla Corporation)
PRC - G:\Programme\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
PRC - G:\Programme\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
PRC - G:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
PRC - G:\Programme\Microsoft\Office Live\OfficeLiveSignIn.exe (Microsoft Corp.)
PRC - G:\Programme\avmwlanstick\WLanGUI.exe (AVM Berlin)
PRC - G:\Programme\avmwlanstick\WLanNetService.exe (AVM Berlin)
PRC - G:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - G:\Programme\Olympus\DeviceDetector\DM1Service.exe (OLYMPUS IMAGING CORP.)
PRC - G:\Programme\Brother\ControlCenter2\brctrcen.exe (Brother Industries, Ltd.)
PRC - G:\WINDOWS\system32\bgsvcgen.exe (B.H.A Corporation)
PRC - G:\WINDOWS\SOUNDMAN.EXE (Realtek Semiconductor Corp.)
PRC - G:\Programme\Nokia\Nokia PC Suite 5\DataLayer.exe (Nokia Mobile Phone Ltd.)
PRC - G:\Programme\Gemeinsame Dateien\Nokia\NCLTools\NclTray.exe (Nokia)
PRC - G:\Programme\Gemeinsame Dateien\Nokia\Services\ServiceLayer.exe (Nokia Corp.)
========== Modules (SafeList) ==========
MOD - H:\Sicherung Alte Platte\OTL.exe (OldTimer Tools)
MOD - G:\WINDOWS\system32\msscript.ocx (Microsoft Corporation)
========== Win32 Services (SafeList) ==========
SRV - (AppMgmt) -- G:\WINDOWS\System32\appmgmts.dll File not found
SRV - (Apple Mobile Device) -- G:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.)
SRV - (SeaPort) -- G:\Programme\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe (Microsoft Corporation)
SRV - (AntiVirService) -- G:\Programme\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
SRV - (fsssvc) -- G:\Programme\Windows Live\Family Safety\fsssvc.exe (Microsoft Corporation)
SRV - (AntiVirSchedulerService) -- G:\Programme\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
SRV - (odserv) -- G:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE12\ODSERV.EXE (Microsoft Corporation)
SRV - (AVM WLAN Connection Service) -- G:\Programme\avmwlanstick\WLanNetService.exe (AVM Berlin)
SRV - (DM1Service) -- G:\Programme\Olympus\DeviceDetector\DM1Service.exe (OLYMPUS IMAGING CORP.)
SRV - (ose) -- G:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE (Microsoft Corporation)
SRV - (bgsvcgen) -- G:\WINDOWS\system32\bgsvcgen.exe (B.H.A Corporation)
========== Driver Services (SafeList) ==========
DRV - (SNPSTD3) USB PC Camera (SNPSTD3) -- G:\WINDOWS\System32\DRIVERS\snpstd3.sys File not found
DRV - (PID_0928) Logitech QuickCam Express(PID_0928) -- G:\WINDOWS\System32\DRIVERS\LV561AV.SYS File not found
DRV - (LVUSBSta) -- G:\WINDOWS\System32\DRIVERS\LVUSBSta.sys File not found
DRV - (avgntflt) -- G:\WINDOWS\system32\drivers\avgntflt.sys (Avira GmbH)
DRV - (fssfltr) -- G:\WINDOWS\system32\drivers\fssfltr_tdi.sys (Microsoft Corporation)
DRV - (ssmdrv) -- G:\WINDOWS\system32\drivers\ssmdrv.sys (Avira GmbH)
DRV - (avipbb) -- G:\WINDOWS\system32\drivers\avipbb.sys (Avira GmbH)
DRV - (avgio) -- G:\Programme\Avira\AntiVir Desktop\avgio.sys (Avira GmbH)
DRV - (FWLANUSB) -- G:\WINDOWS\system32\drivers\fwlanusb.sys (AVM GmbH)
DRV - (avmeject) -- G:\WINDOWS\system32\drivers\avmeject.sys (AVM Berlin)
DRV - (ialm) -- G:\WINDOWS\system32\drivers\igxpmp32.sys (Intel Corporation)
DRV - (Afc) -- G:\WINDOWS\system32\drivers\afc.sys (Arcsoft, Inc.)
DRV - (ALCXWDM) Service for Realtek AC97 Audio (WDM) -- G:\WINDOWS\system32\drivers\ALCXWDM.SYS (Realtek Semiconductor Corp.)
DRV - (rtl8139) NT-Treiber für Realtek RTL8139(A/B/C) -- G:\WINDOWS\system32\drivers\RTL8139.sys (Realtek Semiconductor Corporation)
DRV - (PfModNT) -- G:\WINDOWS\system32\drivers\PfModNT.sys (Creative Technology Ltd.)
DRV - (Jukebox3) -- G:\WINDOWS\system32\drivers\ctpdusb.sys (Creative Technology Ltd.)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-583907252-527237240-839522115-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://www.targobank.de/de/online-banking/login.cgi
IE - HKU\S-1-5-21-583907252-527237240-839522115-1004\..\URLSearchHook: - Reg Error: Key error. File not found
IE - HKU\S-1-5-21-583907252-527237240-839522115-1004\..\URLSearchHook: {872b5b88-9db5-4310-bdd0-ac189557e5f5} - G:\Programme\DVDVideoSoftTB\tbDVD1.dll (Conduit Ltd.)
IE - HKU\S-1-5-21-583907252-527237240-839522115-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-583907252-527237240-839522115-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = fritz.box;192.168.178.1
========== FireFox ==========
FF - prefs.js..browser.search.defaultenginename: "ICQ Search"
FF - prefs.js..browser.search.defaulturl: "hxxp://search.live.com/results.aspx?FORM=IEFM1&q="
FF - prefs.js..browser.search.selectedEngine: "Wikipedia (de)"
FF - prefs.js..browser.search.suggest.enabled: false
FF - prefs.js..browser.search.update: false
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "hxxp://www.google.de/"
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..keyword.URL: "hxxp://search.icq.com/search/afe_results.php?ch_id=afex&q="
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.7\extensions\\Components: G:\Programme\Mozilla Firefox\components [2010.04.06 10:14:18 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.7\extensions\\Plugins: G:\Programme\Mozilla Firefox\plugins [2010.04.23 16:00:35 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.3\extensions\\Components: G:\Programme\Mozilla Firefox 3.1 Beta 3\components [2010.04.06 10:14:18 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.3\extensions\\Plugins: G:\Programme\Mozilla Firefox 3.1 Beta 3\plugins [2010.05.10 14:35:12 | 000,000,000 | ---D | M]
[2008.10.07 13:58:52 | 000,000,000 | ---D | M] -- G:\Dokumente und Einstellungen\GES\Anwendungsdaten\Mozilla\Extensions
[2010.08.17 11:05:24 | 000,000,000 | ---D | M] -- G:\Dokumente und Einstellungen\GES\Anwendungsdaten\Mozilla\Firefox\Profiles\p0ad4op9.default\extensions
[2009.09.02 14:47:47 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- G:\Dokumente und Einstellungen\GES\Anwendungsdaten\Mozilla\Firefox\Profiles\p0ad4op9.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2009.09.10 15:30:11 | 000,000,961 | ---- | M] () -- G:\Dokumente und Einstellungen\GES\Anwendungsdaten\Mozilla\Firefox\Profiles\p0ad4op9.default\searchplugins\icqplugin-1.xml
[2009.07.13 18:12:02 | 000,000,944 | ---- | M] () -- G:\Dokumente und Einstellungen\GES\Anwendungsdaten\Mozilla\Firefox\Profiles\p0ad4op9.default\searchplugins\icqplugin.xml
[2009.12.14 13:09:36 | 000,002,747 | ---- | M] () -- G:\Dokumente und Einstellungen\GES\Anwendungsdaten\Mozilla\Firefox\Profiles\p0ad4op9.default\searchplugins\imdb.xml
[2009.06.10 10:05:18 | 000,001,632 | ---- | M] () -- G:\Dokumente und Einstellungen\GES\Anwendungsdaten\Mozilla\Firefox\Profiles\p0ad4op9.default\searchplugins\live-search.xml
[2010.02.18 11:22:23 | 000,000,000 | ---D | M] -- G:\Programme\Mozilla Firefox\extensions
[2010.02.18 11:22:23 | 000,000,000 | ---D | M] (No name found) -- G:\Programme\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
[2008.12.23 10:09:06 | 000,001,392 | ---- | M] () -- G:\Programme\Mozilla Firefox\searchplugins\amazondotcom-de.xml
[2008.12.23 10:09:06 | 000,002,344 | ---- | M] () -- G:\Programme\Mozilla Firefox\searchplugins\eBay-de.xml
[2008.12.23 10:09:07 | 000,006,805 | ---- | M] () -- G:\Programme\Mozilla Firefox\searchplugins\leo_ende_de.xml
[2008.12.23 10:09:07 | 000,000,986 | ---- | M] () -- G:\Programme\Mozilla Firefox\searchplugins\wikipedia-de.xml
[2008.12.23 10:09:07 | 000,000,801 | ---- | M] () -- G:\Programme\Mozilla Firefox\searchplugins\yahoo-de.xml
O1 HOSTS File: ([2004.08.04 14:00:00 | 000,000,820 | ---- | M]) - G:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - G:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Search Helper) - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - G:\Programme\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation)
O2 - BHO: (DVDVideoSoftTB Toolbar) - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - G:\Programme\DVDVideoSoftTB\tbDVD1.dll (Conduit Ltd.)
O2 - BHO: (Windows Live Anmelde-Hilfsprogramm) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - G:\Programme\Gemeinsame Dateien\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (Windows Live Toolbar Helper) - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - G:\Programme\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - G:\Programme\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (DVDVideoSoftTB Toolbar) - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - G:\Programme\DVDVideoSoftTB\tbDVD1.dll (Conduit Ltd.)
O3 - HKU\S-1-5-21-583907252-527237240-839522115-1004\..\Toolbar\WebBrowser: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - G:\Programme\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKU\S-1-5-21-583907252-527237240-839522115-1004\..\Toolbar\WebBrowser: (DVDVideoSoftTB Toolbar) - {872B5B88-9DB5-4310-BDD0-AC189557E5F5} - G:\Programme\DVDVideoSoftTB\tbDVD1.dll (Conduit Ltd.)
O4 - HKLM..\Run: [avgnt] G:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [AVMWlanClient] G:\Programme\avmwlanstick\WLanGUI.exe (AVM Berlin)
O4 - HKLM..\Run: [ControlCenter2.0] G:\Programme\Brother\ControlCenter2\brctrcen.exe (Brother Industries, Ltd.)
O4 - HKLM..\Run: [DataLayer] G:\Programme\Nokia\Nokia PC Suite 5\DataLayer.exe (Nokia Mobile Phone Ltd.)
O4 - HKLM..\Run: [NeroFilterCheck] G:\WINDOWS\system32\NeroCheck.exe (Ahead Software Gmbh)
O4 - HKLM..\Run: [Nokia Tray Application] G:\Programme\Gemeinsame Dateien\Nokia\NCLTools\NclTray.exe (Nokia)
O4 - HKLM..\Run: [REGSHAVE] G:\Programme\REGSHAVE\REGSHAVE.EXE (FUJI PHOTO FILM CO., LTD.)
O4 - HKLM..\Run: [SoundMan] G:\WINDOWS\SOUNDMAN.EXE (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [SunJavaUpdateSched] G:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)
O4 - HKU\S-1-5-21-583907252-527237240-839522115-1004..\Run: [{96007608-50EB-82F5-5809-928399FFE3C0}] G:\Dokumente und Einstellungen\GES\Anwendungsdaten\Uwfuky\hiip.exe ()
O4 - HKU\S-1-5-21-583907252-527237240-839522115-1004..\Run: [ICQ] G:\Programme\ICQ6\ICQ.exe File not found
O4 - Startup: G:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\NewShortcut1.lnk = G:\Programme\USB_video_device\Utility\RemoteTool\BDARemote.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-583907252-527237240-839522115-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 157
O8 - Extra context menu item: Free YouTube Download - G:\Dokumente und Einstellungen\GES\Anwendungsdaten\DVDVideoSoftIEHelpers\youtubedownload.htm ()
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - G:\Programme\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: In Blog veröffentlichen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - G:\Programme\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : In Windows Live Writer in Blog veröffentliche&n - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - G:\Programme\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - G:\Programme\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O15 - HKU\S-1-5-21-583907252-527237240-839522115-1004\..Trusted Domains: fritz.box ([]* in Local intranet)
O15 - HKU\S-1-5-21-583907252-527237240-839522115-1004\..Trusted Ranges: Range1 ([*] in Local intranet)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - G:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - G:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - G:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - G:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - G:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - G:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - G:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - G:\Programme\Gemeinsame Dateien\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - G:\Programme\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - G:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - G:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - G:\WINDOWS\System32\igfxdev.dll (Intel Corporation)
O24 - Desktop Components:0 (Die derzeitige Homepage) - About:Home
O24 - Desktop WallPaper: G:\Dokumente und Einstellungen\GES\Anwendungsdaten\Mozilla\Firefox\Desktop-Hintergrund.bmp
O24 - Desktop BackupWallPaper: G:\Dokumente und Einstellungen\GES\Anwendungsdaten\Mozilla\Firefox\Desktop-Hintergrund.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2004.06.22 17:43:45 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{0e23af44-944e-11dd-a71d-0013d356bab6}\Shell - "" = AutoRun
O33 - MountPoints2\{0e23af44-944e-11dd-a71d-0013d356bab6}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{0e23af44-944e-11dd-a71d-0013d356bab6}\Shell\AutoRun\command - "" = I:\pushinst.exe -- File not found
O33 - MountPoints2\{3e5b2b51-9467-11dd-a727-001a4f9c7998}\Shell\AutoRun\command - "" = I:\aulpkm.exe -- File not found
O33 - MountPoints2\{3e5b2b51-9467-11dd-a727-001a4f9c7998}\Shell\explore\Command - "" = I:\aulpkm.exe -- File not found
O33 - MountPoints2\{3e5b2b51-9467-11dd-a727-001a4f9c7998}\Shell\open\Command - "" = I:\aulpkm.exe -- File not found
O33 - MountPoints2\I\Shell - "" = AutoRun
O33 - MountPoints2\I\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\I\Shell\AutoRun\command - "" = I:\LaunchU3.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
NetSvcs: 6to4 - File not found
NetSvcs: AppMgmt - G:\WINDOWS\System32\appmgmts.dll File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: Wmi - G:\WINDOWS\System32\wmi.dll (Microsoft Corporation)
NetSvcs: WmdmPmSp - File not found
SafeBootMin: AppMgmt - G:\WINDOWS\System32\appmgmts.dll File not found
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: sermouse.sys - Driver
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vds - Service
SafeBootMin: vga.sys - Driver
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: AppMgmt - G:\WINDOWS\System32\appmgmts.dll File not found
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: sermouse.sys - Driver
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: vga.sys - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX: {10072CEC-8CC1-11D1-986E-00A0C955B42F} - Vektorgrafik-Rendering (VML)
ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - NetShow
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 6.4
ActiveX: {283807B5-2C60-11D0-A31D-00AA00B92C03} - DirectAnimation
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {36f8ec70-c29a-11d1-b5c7-0000f8051515} - Dynamic HTML-Datenbindung für Java
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {3bf42070-b3b1-11d1-b5c5-0000f8051515} - Uniscribe
ActiveX: {4278c270-a269-11d1-b5bf-0000f8051515} - Erweitertes Authoring
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install
ActiveX: {44BBA842-CC51-11CF-AAFA-00AA00B6015B} - rundll32.exe advpack.dll,LaunchINFSection G:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT
ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - DirectShow
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f216970-c90c-11d1-b5c7-0000f8051515} - DirectAnimation Java Classes
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5945c046-1e7d-11d1-bc44-00c04fd912be} - rundll32.exe advpack.dll,LaunchINFSection G:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser
ActiveX: {5A8D6EE0-3E18-11D0-821E-444553540000} - ICW
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7131646D-CD3C-40F4-97B9-CD9E4E6262EF} - .NET Framework
ActiveX: {73fa19d0-2d75-11d2-995d-00c04f98bbc9} - Web Folders
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - G:\WINDOWS\system32\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - G:\WINDOWS\system32\Rundll32.exe G:\WINDOWS\system32\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F} - .NET Framework
ActiveX: {C314CE45-3392-3B73-B4E1-139CD41CA933} - .NET Framework
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {CC2A9BA0-3BDD-11D0-821E-444553540000} - Taskplaner
ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1
ActiveX: {D27CDB6E-AE6D-11cf-96B8-444553540000} - Adobe Flash Player
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: <{12d0ed0d-0ee0-4f90-8827-78cefb8f4988} - G:\WINDOWS\system32\ieudinit.exe
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - G:\WINDOWS\inf\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - G:\WINDOWS\system32\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "G:\WINDOWS\system32\rundll32.exe" "G:\WINDOWS\system32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP
ActiveX: >{881dd1c5-3dcf-431b-b061-f3f88e8be88a} - %systemroot%\system32\shmgrate.exe OCInstallUserConfigOE
Drivers32: msacm.iac2 - G:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - G:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.siren - G:\WINDOWS\System32\sirenacm.dll (Microsoft Corporation)
Drivers32: msacm.sl_anet - G:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - G:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: MSVideo - G:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: MSVideo8 - G:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - G:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: VIDC.I420 - G:\WINDOWS\System32\i420vfw.dll (www.helixcommunity.org)
Drivers32: vidc.iv31 - G:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - G:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - G:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - G:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
Drivers32: vidc.yv12 - G:\WINDOWS\System32\yv12vfw.dll (www.helixcommunity.org)
CREATERESTOREPOINT
Restore point Set: OTL Restore Point (67849080138629120)
========== Files/Folders - Created Within 30 Days ==========
[2010.08.16 17:00:23 | 000,000,000 | ---D | C] -- G:\Dokumente und Einstellungen\GES\Lokale Einstellungen\Anwendungsdaten\Conduit
[2010.08.16 17:00:22 | 000,000,000 | ---D | C] -- G:\Dokumente und Einstellungen\GES\Lokale Einstellungen\Anwendungsdaten\DVDVideoSoftTB
[2010.08.16 17:00:22 | 000,000,000 | ---D | C] -- G:\Programme\Conduit
[2010.08.16 17:00:21 | 000,000,000 | ---D | C] -- G:\Programme\DVDVideoSoftTB
[2010.08.16 16:16:29 | 000,000,000 | ---D | C] -- G:\Dokumente und Einstellungen\GES\Anwendungsdaten\DVDVideoSoftIEHelpers
[2010.08.12 18:20:16 | 000,000,000 | -HSD | C] -- G:\Config.Msi
[2010.08.11 17:01:22 | 000,153,376 | ---- | C] (Sun Microsystems, Inc.) -- G:\WINDOWS\System32\javaws.exe
[2010.08.11 17:01:22 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- G:\WINDOWS\System32\javaw.exe
[2010.08.11 17:01:22 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- G:\WINDOWS\System32\java.exe
[2010.08.10 14:16:56 | 000,000,000 | -H-D | C] -- G:\WINDOWS\ie8
[2010.08.02 12:50:32 | 000,000,000 | ---D | C] -- G:\Dokumente und Einstellungen\GES\Anwendungsdaten\Malwarebytes
[2010.08.02 12:40:48 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- G:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010.08.02 12:40:37 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- G:\WINDOWS\System32\drivers\mbam.sys
[2010.08.02 12:40:37 | 000,000,000 | ---D | C] -- G:\Programme\Malwarebytes' Anti-Malware
[2010.08.02 12:40:37 | 000,000,000 | ---D | C] -- G:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Malwarebytes
[4 G:\WINDOWS\*.tmp files -> G:\WINDOWS\*.tmp -> ]
[1 G:\WINDOWS\System32\*.tmp files -> G:\WINDOWS\System32\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2010.08.20 09:08:39 | 000,000,135 | ---- | M] () -- G:\WINDOWS\HPODJC05.INI
[2010.08.20 09:08:38 | 000,001,079 | ---- | M] () -- G:\WINDOWS\HPOCSS05.INI
[2010.08.20 09:08:38 | 000,000,565 | ---- | M] () -- G:\WINDOWS\HPOTBX05.INI
[2010.08.20 09:08:09 | 000,002,503 | ---- | M] () -- G:\Dokumente und Einstellungen\GES\Desktop\Microsoft Office Word.lnk
[2010.08.20 08:44:31 | 000,000,006 | -H-- | M] () -- G:\WINDOWS\tasks\SA.DAT
[2010.08.20 08:44:21 | 000,002,048 | --S- | M] () -- G:\WINDOWS\bootstat.dat
[2010.08.19 18:04:20 | 006,553,600 | -H-- | M] () -- G:\Dokumente und Einstellungen\GES\NTUSER.DAT
[2010.08.19 18:04:20 | 000,000,190 | -HS- | M] () -- G:\Dokumente und Einstellungen\GES\ntuser.ini
[2010.08.19 18:04:13 | 000,824,190 | -H-- | M] () -- G:\Dokumente und Einstellungen\GES\Lokale Einstellungen\Anwendungsdaten\IconCache.db
[2010.08.19 17:18:26 | 000,002,121 | ---- | M] () -- G:\Dokumente und Einstellungen\All Users\Desktop\iTunes.lnk
[2010.08.18 16:14:54 | 000,765,952 | ---- | M] () -- G:\Dokumente und Einstellungen\GES\Desktop\Zeiterfassung MP 2010.xls
[2010.08.16 08:44:07 | 000,002,206 | ---- | M] () -- G:\WINDOWS\System32\wpa.dbl
[2010.08.13 17:30:24 | 000,024,609 | ---- | M] () -- G:\Dokumente und Einstellungen\GES\Desktop\S-FA PrenzlBerg - 13-08.2010.docx
[2010.08.13 17:21:36 | 000,018,948 | ---- | M] () -- G:\Dokumente und Einstellungen\GES\Eigene Dateien\FünfFreunde-Hörspielindex.docx
[2010.08.13 12:09:07 | 000,024,064 | ---- | M] () -- G:\Dokumente und Einstellungen\GES\Eigene Dateien\links-13-08-2010.doc
[2010.08.13 08:36:55 | 001,132,256 | ---- | M] () -- G:\WINDOWS\System32\FNTCACHE.DAT
[2010.08.12 18:22:48 | 000,001,374 | ---- | M] () -- G:\WINDOWS\imsins.BAK
[2010.08.12 18:21:33 | 001,006,234 | ---- | M] () -- G:\WINDOWS\System32\PerfStringBackup.INI
[2010.08.12 18:21:33 | 000,452,312 | ---- | M] () -- G:\WINDOWS\System32\perfh007.dat
[2010.08.12 18:21:33 | 000,435,574 | ---- | M] () -- G:\WINDOWS\System32\perfh009.dat
[2010.08.12 18:21:33 | 000,081,268 | ---- | M] () -- G:\WINDOWS\System32\perfc007.dat
[2010.08.12 18:21:33 | 000,068,470 | ---- | M] () -- G:\WINDOWS\System32\perfc009.dat
[2010.08.12 11:37:08 | 000,060,001 | ---- | M] () -- G:\Dokumente und Einstellungen\GES\Desktop\30 Tage Urlaub für jugendliche Auszubildende.docx
[2010.08.11 17:44:28 | 000,000,116 | ---- | M] () -- G:\WINDOWS\NeroDigital.ini
[2010.07.30 17:54:09 | 000,000,432 | ---- | M] () -- G:\WINDOWS\BRWMARK.INI
[2010.07.30 15:25:40 | 000,092,672 | ---- | M] () -- G:\Dokumente und Einstellungen\GES\Desktop\Infobrief.doc
[2010.07.30 14:04:26 | 000,082,935 | ---- | M] () -- G:\Dokumente und Einstellungen\GES\Eigene Dateien\dennismix09-07.JPG
[2010.07.30 12:23:02 | 000,000,059 | ---- | M] () -- G:\WINDOWS\wpd99.drv
[2010.07.30 10:41:38 | 000,092,160 | ---- | M] () -- G:\Dokumente und Einstellungen\GES\Eigene Dateien\Gutachten - Rentenversicherung - 30-07-10.doc
[2010.07.29 18:04:39 | 000,007,456 | ---- | M] () -- G:\Dokumente und Einstellungen\GES\Eigene Dateien\dennis 29-07-10.nra
[2010.07.27 08:29:42 | 008,503,296 | ---- | M] (Microsoft Corporation) -- G:\WINDOWS\System32\dllcache\shell32.dll
[2010.07.22 10:22:31 | 000,240,128 | ---- | M] () -- G:\Dokumente und Einstellungen\GES\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[4 G:\WINDOWS\*.tmp files -> G:\WINDOWS\*.tmp -> ]
[1 G:\WINDOWS\System32\*.tmp files -> G:\WINDOWS\System32\*.tmp -> ]
========== Files Created - No Company Name ==========
[2010.08.13 16:55:50 | 000,018,948 | ---- | C] () -- G:\Dokumente und Einstellungen\GES\Eigene Dateien\FünfFreunde-Hörspielindex.docx
[2010.08.13 13:41:30 | 000,024,609 | ---- | C] () -- G:\Dokumente und Einstellungen\GES\Desktop\S-FA PrenzlBerg - 13-08.2010.docx
[2010.08.13 11:57:51 | 000,024,064 | ---- | C] () -- G:\Dokumente und Einstellungen\GES\Eigene Dateien\links-13-08-2010.doc
[2010.08.12 11:08:52 | 000,060,001 | ---- | C] () -- G:\Dokumente und Einstellungen\GES\Desktop\30 Tage Urlaub für jugendliche Auszubildende.docx
[2010.07.30 14:03:55 | 000,082,935 | ---- | C] () -- G:\Dokumente und Einstellungen\GES\Eigene Dateien\dennismix09-07.JPG
[2010.07.30 10:14:44 | 000,092,160 | ---- | C] () -- G:\Dokumente und Einstellungen\GES\Eigene Dateien\Gutachten - Rentenversicherung - 30-07-10.doc
[2010.07.29 18:04:39 | 000,007,456 | ---- | C] () -- G:\Dokumente und Einstellungen\GES\Eigene Dateien\dennis 29-07-10.nra
[2010.07.29 17:08:34 | 000,092,672 | ---- | C] () -- G:\Dokumente und Einstellungen\GES\Desktop\Infobrief.doc
[2010.07.19 15:35:50 | 000,000,012 | ---- | C] () -- G:\Dokumente und Einstellungen\GES\Anwendungsdaten\vdnxlf.dat
[2010.06.23 11:39:50 | 000,027,648 | ---- | C] () -- G:\WINDOWS\System32\AVSredirect.dll
[2010.05.21 09:12:27 | 000,000,004 | ---- | C] () -- G:\Dokumente und Einstellungen\GES\Anwendungsdaten\ofubwi.dat
[2010.01.27 13:02:51 | 000,051,712 | ---- | C] () -- G:\WINDOWS\System32\coodest.dll
[2009.12.23 15:02:49 | 000,000,056 | ---- | C] () -- G:\WINDOWS\videotoaudio.ini
[2009.10.12 09:58:30 | 000,000,090 | ---- | C] () -- G:\WINDOWS\mdr.ini
[2009.09.23 16:50:43 | 000,000,000 | ---- | C] () -- G:\WINDOWS\DSSOLE.INI
[2009.04.06 16:20:28 | 000,000,589 | ---- | C] () -- G:\Dokumente und Einstellungen\GES\Anwendungsdaten\XING-Plugin Update Log.txt
[2009.02.17 14:15:48 | 000,000,912 | ---- | C] () -- G:\WINDOWS\AZPR3.INI
[2008.10.28 09:57:49 | 000,240,128 | ---- | C] () -- G:\Dokumente und Einstellungen\GES\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008.10.14 11:47:31 | 000,000,028 | ---- | C] () -- G:\WINDOWS\pdf995.ini
[2008.10.14 11:46:47 | 000,051,716 | ---- | C] () -- G:\WINDOWS\System32\pdf995mon.dll
[2008.10.14 11:46:47 | 000,000,059 | ---- | C] () -- G:\WINDOWS\wpd99.drv
[2008.10.13 08:40:28 | 000,045,056 | ---- | C] () -- G:\WINDOWS\System32\DM1USBAPIVB.dll
[2008.10.09 08:34:06 | 000,108,032 | ---- | C] () -- G:\WINDOWS\System32\sh33w32.dll
[2008.10.09 08:31:05 | 000,000,032 | ---- | C] () -- G:\WINDOWS\barcode.ini
[2008.10.08 08:48:04 | 000,000,116 | ---- | C] () -- G:\WINDOWS\NeroDigital.ini
[2008.10.08 08:18:04 | 000,028,672 | ---- | C] () -- G:\WINDOWS\System32\PdeSrvps.dll
[2008.10.08 08:18:02 | 000,006,067 | ---- | C] () -- G:\WINDOWS\UNWISE.INI
[2008.10.07 12:10:39 | 000,000,135 | ---- | C] () -- G:\WINDOWS\HPODJC05.INI
[2008.10.07 12:06:31 | 000,001,079 | ---- | C] () -- G:\WINDOWS\HPOCSS05.INI
[2008.10.07 12:06:31 | 000,000,565 | ---- | C] () -- G:\WINDOWS\HPOTBX05.INI
[2008.10.07 11:57:10 | 000,003,254 | R--- | C] () -- G:\WINDOWS\System32\hptcpmon.ini
[2008.10.07 11:57:10 | 000,000,137 | ---- | C] () -- G:\WINDOWS\System32\AddPort.ini
[2008.10.07 11:56:52 | 000,749,568 | R--- | C] () -- G:\WINDOWS\System32\agissi.dll
[2008.10.07 11:56:47 | 011,169,792 | R--- | C] () -- G:\WINDOWS\System32\zhhp_res.dll
[2008.10.07 11:56:46 | 000,114,688 | R--- | C] () -- G:\WINDOWS\System32\vshp2600.dll
[2008.10.07 11:55:56 | 000,000,631 | ---- | C] () -- G:\WINDOWS\hpntwksetup.ini
[2008.10.07 11:51:08 | 000,000,432 | ---- | C] () -- G:\WINDOWS\BRWMARK.INI
[2008.10.07 11:50:44 | 000,000,223 | ---- | C] () -- G:\WINDOWS\Brpfx04a.ini
[2008.10.07 11:50:44 | 000,000,093 | ---- | C] () -- G:\WINDOWS\brpcfx.ini
[2008.10.07 11:50:31 | 000,045,056 | ---- | C] () -- G:\WINDOWS\System32\BRTCPCON.DLL
[2008.10.07 11:50:30 | 000,000,114 | ---- | C] () -- G:\WINDOWS\System32\BRLMW03A.INI
[2008.10.07 11:50:13 | 000,106,496 | ---- | C] () -- G:\WINDOWS\System32\BrMuSNMP.dll
[2008.10.07 11:45:00 | 000,204,800 | ---- | C] () -- G:\WINDOWS\System32\igfxCoIn_v4764.dll
[2008.10.07 10:44:41 | 000,000,164 | ---- | C] () -- G:\WINDOWS\avrack.ini
[2008.10.07 10:44:39 | 000,156,672 | ---- | C] () -- G:\WINDOWS\System32\RTLCPAPI.dll
========== LOP Check ==========
[2010.02.18 11:22:18 | 000,000,000 | ---D | M] -- G:\Dokumente und Einstellungen\All Users\Anwendungsdaten\ICQ
[2010.07.30 12:23:02 | 000,000,000 | ---D | M] -- G:\Dokumente und Einstellungen\All Users\Anwendungsdaten\pdf995
[2009.06.18 13:23:14 | 000,000,000 | ---D | M] -- G:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Temp
[2010.04.06 10:18:19 | 000,000,000 | ---D | M] -- G:\Dokumente und Einstellungen\All Users\Anwendungsdaten\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2010.01.08 11:03:32 | 000,000,000 | ---D | M] -- G:\Dokumente und Einstellungen\All Users\Anwendungsdaten\{755AC846-7372-4AC8-8550-C52491DAA8BD}
[2009.06.24 11:31:13 | 000,000,000 | ---D | M] -- G:\Dokumente und Einstellungen\All Users\Anwendungsdaten\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}
[2010.08.20 08:53:21 | 000,000,000 | ---D | M] -- G:\Dokumente und Einstellungen\GES\Anwendungsdaten\Apreyk
[2010.08.16 16:16:29 | 000,000,000 | ---D | M] -- G:\Dokumente und Einstellungen\GES\Anwendungsdaten\DVDVideoSoftIEHelpers
[2008.10.08 08:43:43 | 000,000,000 | ---D | M] -- G:\Dokumente und Einstellungen\GES\Anwendungsdaten\FUJIFILM
[2008.10.14 11:47:31 | 000,000,000 | ---D | M] -- G:\Dokumente und Einstellungen\GES\Anwendungsdaten\pdf995
[2009.04.29 09:31:52 | 000,000,000 | ---D | M] -- G:\Dokumente und Einstellungen\GES\Anwendungsdaten\Uwfuky
========== Purity Check ==========
========== Custom Scans ==========
< %ALLUSERSPROFILE%\Application Data\*. >
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
< %APPDATA%\*. >
[2008.10.24 15:27:54 | 000,000,000 | ---D | M] -- G:\Dokumente und Einstellungen\GES\Anwendungsdaten\Adobe
[2010.04.06 16:16:08 | 000,000,000 | ---D | M] -- G:\Dokumente und Einstellungen\GES\Anwendungsdaten\Apple Computer
[2010.08.20 08:53:21 | 000,000,000 | ---D | M] -- G:\Dokumente und Einstellungen\GES\Anwendungsdaten\Apreyk
[2009.12.31 10:25:02 | 000,000,000 | ---D | M] -- G:\Dokumente und Einstellungen\GES\Anwendungsdaten\ArcSoft
[2008.10.07 11:54:00 | 000,000,000 | R--D | M] -- G:\Dokumente und Einstellungen\GES\Anwendungsdaten\Brother
[2008.10.09 08:56:11 | 000,000,000 | ---D | M] -- G:\Dokumente und Einstellungen\GES\Anwendungsdaten\Corel
[2008.10.31 17:48:01 | 000,000,000 | ---D | M] -- G:\Dokumente und Einstellungen\GES\Anwendungsdaten\Creative
[2009.08.10 09:24:53 | 000,000,000 | ---D | M] -- G:\Dokumente und Einstellungen\GES\Anwendungsdaten\dvdcss
[2010.08.16 16:16:29 | 000,000,000 | ---D | M] -- G:\Dokumente und Einstellungen\GES\Anwendungsdaten\DVDVideoSoftIEHelpers
[2008.10.08 08:43:43 | 000,000,000 | ---D | M] -- G:\Dokumente und Einstellungen\GES\Anwendungsdaten\FUJIFILM
[2010.04.09 12:03:53 | 000,000,000 | ---D | M] -- G:\Dokumente und Einstellungen\GES\Anwendungsdaten\Help
[2008.10.07 10:40:28 | 000,000,000 | ---D | M] -- G:\Dokumente und Einstellungen\GES\Anwendungsdaten\Identities
[2008.10.07 13:51:20 | 000,000,000 | ---D | M] -- G:\Dokumente und Einstellungen\GES\Anwendungsdaten\Macromedia
[2010.08.02 12:50:32 | 000,000,000 | ---D | M] -- G:\Dokumente und Einstellungen\GES\Anwendungsdaten\Malwarebytes
[2010.01.27 13:07:00 | 000,000,000 | ---D | M] -- G:\Dokumente und Einstellungen\GES\Anwendungsdaten\Media Player Classic
[2010.01.08 11:14:27 | 000,000,000 | --SD | M] -- G:\Dokumente und Einstellungen\GES\Anwendungsdaten\Microsoft
[2008.10.07 13:58:52 | 000,000,000 | ---D | M] -- G:\Dokumente und Einstellungen\GES\Anwendungsdaten\Mozilla
[2008.10.14 11:47:31 | 000,000,000 | ---D | M] -- G:\Dokumente und Einstellungen\GES\Anwendungsdaten\pdf995
[2008.10.07 15:10:28 | 000,000,000 | ---D | M] -- G:\Dokumente und Einstellungen\GES\Anwendungsdaten\Sun
[2010.05.15 17:33:16 | 000,000,000 | ---D | M] -- G:\Dokumente und Einstellungen\GES\Anwendungsdaten\U3
[2009.04.29 09:31:52 | 000,000,000 | ---D | M] -- G:\Dokumente und Einstellungen\GES\Anwendungsdaten\Uwfuky
[2009.01.30 17:55:20 | 000,000,000 | ---D | M] -- G:\Dokumente und Einstellungen\GES\Anwendungsdaten\vlc
< %APPDATA%\*.exe /s >
[2006.05.24 13:36:38 | 000,110,592 | ---- | M] () -- G:\Dokumente und Einstellungen\GES\Anwendungsdaten\U3\temp\cleanup.exe
[2009.04.29 09:31:52 | 000,177,664 | ---- | M] () -- G:\Dokumente und Einstellungen\GES\Anwendungsdaten\Uwfuky\hiip.exe
< %SYSTEMDRIVE%\*.exe >
< MD5 for: AGP440.SYS >
[2004.08.04 14:00:00 | 018,782,319 | ---- | M] () .cab file -- G:\WINDOWS\Driver Cache\i386\sp2.cab:AGP440.sys
[2008.04.14 08:03:54 | 020,108,202 | ---- | M] () .cab file -- G:\WINDOWS\Driver Cache\i386\sp3.cab:AGP440.sys
[2008.04.14 08:03:54 | 020,108,202 | ---- | M] () .cab file -- G:\WINDOWS\ServicePackFiles\i386\sp3.cab:AGP440.sys
[2008.04.14 00:06:40 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- G:\WINDOWS\ServicePackFiles\i386\agp440.sys
[2008.04.14 00:06:40 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- G:\WINDOWS\system32\drivers\agp440.sys
< MD5 for: ATAPI.SYS >
[2004.08.04 14:00:00 | 018,782,319 | ---- | M] () .cab file -- G:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2008.04.14 08:03:54 | 020,108,202 | ---- | M] () .cab file -- G:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2008.04.14 08:03:54 | 020,108,202 | ---- | M] () .cab file -- G:\WINDOWS\ServicePackFiles\i386\sp3.cab:atapi.sys
[2008.04.14 00:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- G:\WINDOWS\ServicePackFiles\i386\atapi.sys
[2008.04.14 00:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- G:\WINDOWS\system32\dllcache\atapi.sys
[2008.04.14 00:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- G:\WINDOWS\system32\drivers\atapi.sys
[2008.04.14 00:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- G:\WINDOWS\system32\ReinstallBackups\0003\DriverFiles\i386\atapi.sys
[2008.04.14 00:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- G:\WINDOWS\system32\ReinstallBackups\0008\DriverFiles\i386\atapi.sys
[2004.08.04 14:00:00 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- G:\WINDOWS\$NtServicePackUninstall$\atapi.sys
< MD5 for: EVENTLOG.DLL >
[2008.04.14 07:52:12 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=04955AA695448C181B367D964AF158AA -- G:\WINDOWS\ServicePackFiles\i386\eventlog.dll
[2008.04.14 07:52:12 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=04955AA695448C181B367D964AF158AA -- G:\WINDOWS\system32\eventlog.dll
[2004.08.04 14:00:00 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=B932C077D5A65B71B4512544AC404CB4 -- G:\WINDOWS\$NtServicePackUninstall$\eventlog.dll
< MD5 for: NETLOGON.DLL >
[2008.04.14 07:52:20 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=0098D35F91DEAB9C127360A877F2CF84 -- G:\WINDOWS\ServicePackFiles\i386\netlogon.dll
[2008.04.14 07:52:20 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=0098D35F91DEAB9C127360A877F2CF84 -- G:\WINDOWS\system32\netlogon.dll
[2004.08.04 14:00:00 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=D27395EDCD3416AFD125A9370DCB585C -- G:\WINDOWS\$NtServicePackUninstall$\netlogon.dll
< MD5 for: SCECLI.DLL >
[2008.04.14 07:52:24 | 000,187,904 | ---- | M] (Microsoft Corporation) MD5=5132443DF6FC3771A17AB4AE55DCBC28 -- G:\WINDOWS\ServicePackFiles\i386\scecli.dll
[2008.04.14 07:52:24 | 000,187,904 | ---- | M] (Microsoft Corporation) MD5=5132443DF6FC3771A17AB4AE55DCBC28 -- G:\WINDOWS\system32\scecli.dll
[2004.08.04 14:00:00 | 000,186,880 | ---- | M] (Microsoft Corporation) MD5=64DC26B3CF7BCCAD431CE360A4C625D5 -- G:\WINDOWS\$NtServicePackUninstall$\scecli.dll
< MD5 for: USER32.DLL >
[2004.08.04 14:00:00 | 000,578,560 | ---- | M] (Microsoft Corporation) MD5=56785FD5236D7B22CF471A6DA9DB46D8 -- G:\WINDOWS\$NtServicePackUninstall$\user32.dll
[2008.04.14 07:52:32 | 000,580,096 | ---- | M] (Microsoft Corporation) MD5=B0050CC5340E3A0760DD8B417FF7AEBD -- G:\WINDOWS\ServicePackFiles\i386\user32.dll
[2008.04.14 07:52:32 | 000,580,096 | ---- | M] (Microsoft Corporation) MD5=B0050CC5340E3A0760DD8B417FF7AEBD -- G:\WINDOWS\system32\user32.dll
< MD5 for: USERINIT.EXE >
[2008.04.14 07:53:04 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=788F95312E26389D596C0FA55834E106 -- G:\WINDOWS\ServicePackFiles\i386\userinit.exe
[2008.04.14 07:53:04 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=788F95312E26389D596C0FA55834E106 -- G:\WINDOWS\system32\userinit.exe
[2004.08.04 14:00:00 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=D1E53DC57143F2584B1DD53B036C0633 -- G:\WINDOWS\$NtServicePackUninstall$\userinit.exe
< MD5 for: WINLOGON.EXE >
[2004.08.04 14:00:00 | 000,507,392 | ---- | M] (Microsoft Corporation) MD5=2B6A0BAF33A9918F09442D873848FF72 -- G:\WINDOWS\$NtServicePackUninstall$\winlogon.exe
[2008.04.14 07:53:06 | 000,513,024 | ---- | M] (Microsoft Corporation) MD5=F09A527B422E25C478E38CAA0E44417A -- G:\WINDOWS\ServicePackFiles\i386\winlogon.exe
[2008.04.14 07:53:06 | 000,513,024 | ---- | M] (Microsoft Corporation) MD5=F09A527B422E25C478E38CAA0E44417A -- G:\WINDOWS\system32\winlogon.exe
< MD5 for: WS2IFSL.SYS >
[2004.08.04 14:00:00 | 000,012,032 | ---- | M] (Microsoft Corporation) MD5=6ABE6E225ADB5A751622A9CC3BC19CE8 -- G:\WINDOWS\system32\dllcache\ws2ifsl.sys
[2004.08.04 14:00:00 | 000,012,032 | ---- | M] (Microsoft Corporation) MD5=6ABE6E225ADB5A751622A9CC3BC19CE8 -- G:\WINDOWS\system32\drivers\ws2ifsl.sys
< %systemroot%\system32\drivers\*.sys /lockedfiles >
< %systemroot%\System32\config\*.sav >
[2008.10.07 12:22:01 | 000,094,208 | ---- | M] () -- G:\WINDOWS\system32\config\default.sav
[2008.10.07 12:22:01 | 000,638,976 | ---- | M] () -- G:\WINDOWS\system32\config\software.sav
[2008.10.07 12:22:01 | 000,425,984 | ---- | M] () -- G:\WINDOWS\system32\config\system.sav
< %systemroot%\*. /mp /s >
< %systemroot%\system32\*.dll /lockedfiles >
[1 G:\WINDOWS\system32\*.tmp files -> G:\WINDOWS\system32\*.tmp -> ]
< End of report >
--- --- ---
vielen lieben dank für die hilfe :) |
