Trojaner-Board - habe auch das problem mit TR/Kazy.mekml.1

so, hier erst mal der otl editorOTL Logfile:

Code:

OTL logfile created on: 19.04.2011 18:40:55 - Run 1

OTL by OldTimer - Version 3.2.22.3     Folder = C:\Users\Mario Kronz\Downloads

Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation

Internet Explorer (Version = 9.0.8112.16421)

Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

 

2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 42,00% Memory free

4,00 Gb Paging File | 3,00 Gb Available in Paging File | 59,00% Paging File free

Paging file location(s): ?:\pagefile.sys [binary data]

 

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files

Drive C: | 221,30 Gb Total Space | 99,71 Gb Free Space | 45,05% Space Free | Partition Type: NTFS

Drive D: | 11,58 Gb Total Space | 2,18 Gb Free Space | 18,86% Space Free | Partition Type: NTFS

 

Computer Name: PRIVAT | User Name: Mario Kronz | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: All users

Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

 
 ========== Processes (SafeList) ==========

 

PRC -  File not found

PRC - C:\Users\Mario Kronz\Downloads\OTL.exe (OldTimer Tools)

PRC - C:\Programme\Internet Explorer\iexplore.exe (Microsoft Corporation)

PRC - C:\Programme\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)

PRC - C:\Programme\Google\Google Toolbar\GoogleToolbarUser_32.exe (Google Inc.)

PRC - C:\Windows\System32\Macromed\Flash\FlashUtil10l_ActiveX.exe (Adobe Systems, Inc.)

PRC - C:\Programme\Avira\AntiVir Desktop\sched.exe (Avira GmbH)

PRC - C:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)

PRC - C:\Programme\Citrix\ICA Client\wfcrun32.exe (Citrix Systems, Inc.)

PRC - C:\Programme\Citrix\ICA Client\concentr.exe (Citrix Systems, Inc.)

PRC - C:\Programme\Microsoft\Search Enhancement Pack\SCServer\SCServer.exe (Microsoft Corporation)

PRC - C:\Programme\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe (Microsoft Corporation)

PRC - C:\Programme\McAfee Security Scan\2.0.181\SSScheduler.exe (McAfee, Inc.)

PRC - C:\Programme\Avira\AntiVir Desktop\avshadow.exe (Avira GmbH)

PRC - C:\Programme\Motorola\SMSERIAL\sm56hlpr.exe (Motorola Inc.)

PRC - C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE (Microsoft Corporation)

PRC - C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE (Microsoft Corporation)

PRC - C:\Programme\Windows Live\Messenger\msnmsgr.exe (Microsoft Corporation)

PRC - C:\Programme\Logitech\SetPoint\SetPoint.exe (Logitech, Inc.)

PRC - C:\Programme\Common Files\Logishrd\KHAL2\KHALMNPR.exe (Logitech, Inc.)

PRC - C:\Programme\WinZip\WZQKPICK.EXE (WinZip Computing, S.L.)

PRC - C:\Programme\Windows Sidebar\sidebar.exe (Microsoft Corporation)

PRC - C:\Windows\explorer.exe (Microsoft Corporation)

PRC - C:\Windows\System32\conime.exe (Microsoft Corporation)

PRC - C:\Programme\Intel\Intel Matrix Storage Manager\IAANTmon.exe (Intel Corporation)

PRC - C:\Programme\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)

PRC - C:\Programme\Windows Live\Toolbar\wltuser.exe (Microsoft Corporation)

PRC - C:\Programme\Spybot - Search & Destroy\SDWinSec.exe (Safer Networking Ltd.)

PRC - C:\Programme\Windows Defender\MSASCui.exe (Microsoft Corporation)

PRC - C:\Programme\Windows Media Player\wmpnetwk.exe (Microsoft Corporation)

PRC - C:\Programme\Windows Media Player\wmpnscfg.exe (Microsoft Corporation)

PRC - C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)

PRC - C:\Programme\CheckPoint\SSL Network Extender\slimsvc.exe (Check Point Software Technologies)

PRC - C:\Programme\Common Files\Ulead Systems\DVD\ULCDRSvr.exe (Ulead Systems, Inc.)

 

 
 ========== Modules (SafeList) ==========

 

MOD - C:\Users\Mario Kronz\Downloads\OTL.exe (OldTimer Tools)

MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll (Microsoft Corporation)

 

 
 ========== Win32 Services (SafeList) ==========

 

SRV - (AntiVirService) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)

SRV - (nosGetPlusHelper) getPlus(R) -- C:\Programme\NOS\bin\getPlus_Helper_3004.dll (NOS Microsystems Ltd.)

SRV - (AntiVirSchedulerService) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira GmbH)

SRV - (McComponentHostService) -- C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe (McAfee, Inc.)

SRV - (ServiceLayer) -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe (Nokia)

SRV - (WinHttpAutoProxySvc) -- winhttp.dll (Microsoft Corporation)

SRV - (LBTServ) -- C:\Programme\Common Files\Logishrd\Bluetooth\LBTServ.exe (Logitech, Inc.)

SRV - (IAANTMON) Intel(R) -- C:\Programme\Intel\Intel Matrix Storage Manager\IAANTmon.exe (Intel Corporation)

SRV - (SBSDWSCService) -- C:\Programme\Spybot - Search & Destroy\SDWinSec.exe (Safer Networking Ltd.)

SRV - (WinDefend) -- C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation)

SRV - (cpextender) -- C:\Programme\CheckPoint\SSL Network Extender\slimsvc.exe (Check Point Software Technologies)

SRV - (UxTuneUp) -- C:\Windows\System32\uxtuneup.dll (TuneUp Software GmbH)

SRV - (Com4Qlb) -- C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4Qlb.exe (Hewlett-Packard Development Company, L.P.)

SRV - (UleadBurningHelper) -- C:\Programme\Common Files\Ulead Systems\DVD\ULCDRSvr.exe (Ulead Systems, Inc.)

 

 
 ========== Driver Services (SafeList) ==========

 

DRV - (avipbb) -- C:\Windows\System32\drivers\avipbb.sys (Avira GmbH)

DRV - (avgntflt) -- C:\Windows\System32\drivers\avgntflt.sys (Avira GmbH)

DRV - (ctxusbm) -- C:\Windows\System32\drivers\ctxusbm.sys (Citrix Systems, Inc.)

DRV - (smserial) -- C:\Windows\System32\drivers\smserial.sys (Motorola Inc.)

DRV - (nvlddmkm) -- C:\Windows\System32\drivers\nvlddmkm.sys (NVIDIA Corporation)

DRV - (LMouFilt) -- C:\Windows\System32\drivers\LMouFilt.Sys (Logitech, Inc.)

DRV - (LHidFilt) -- C:\Windows\System32\drivers\LHidFilt.Sys (Logitech, Inc.)

DRV - (ssmdrv) -- C:\Windows\System32\drivers\ssmdrv.sys (Avira GmbH)

DRV - (pccsmcfd) -- C:\Windows\System32\drivers\pccsmcfd.sys (Nokia)

DRV - (NETw4v32) Intel(R) -- C:\Windows\System32\drivers\NETw4v32.sys (Intel Corporation)

DRV - (acedrv06) -- C:\Windows\System32\drivers\acedrv06.sys (Protect Software GmbH)

DRV - (acedrv05) -- C:\Windows\System32\drivers\acedrv05.sys (Protect Software GmbH)

DRV - (acedrv04) -- C:\Windows\System32\drivers\acedrv04.sys (Protect Software GmbH)

DRV - (acedrv03) -- C:\Windows\System32\drivers\acedrv03.sys (ACE GmbH)

DRV - (acedrv02) -- C:\Windows\System32\drivers\acedrv02.sys (ACE GmbH)

DRV - (acedrv01) -- C:\Windows\System32\drivers\acedrv01.sys (ACE GmbH)

DRV - (ACEDRV08) -- C:\Windows\System32\drivers\ACEDRV08.sys (Protect Software GmbH)

DRV - (RTL8169) -- C:\Windows\System32\drivers\Rtlh86.sys (Realtek Corporation                                            )

DRV - (HpqRemHid) -- C:\Windows\System32\drivers\HpqRemHid.sys (Hewlett-Packard Development Company, L.P.)

DRV - (HpqKbFiltr) -- C:\Windows\System32\drivers\HpqKbFiltr.sys (Hewlett-Packard Development Company, L.P.)

DRV - (acedrv09) -- C:\Windows\System32\drivers\acedrv09.sys (Protect Software GmbH)

DRV - (VNA) -- C:\Windows\System32\drivers\vna.sys (Check Point Software Technologies)

DRV - (acehlp09) -- C:\Windows\System32\drivers\acehlp09.sys (Protect Software GmbH)

DRV - (rismxdp) -- C:\Windows\System32\drivers\rixdptsk.sys (REDC)

DRV - (rimmptsk) -- C:\Windows\System32\drivers\rimmptsk.sys (REDC)

DRV - (rimsptsk) -- C:\Windows\System32\drivers\rimsptsk.sys (REDC)

 

 
 ========== Standard Registry (SafeList) ==========

 

 
 ========== Internet Explorer ==========

 

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = HP | MSN

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = HP | MSN

 

 

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

 

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

 

 

 

IE - HKU\S-1-5-21-3518476700-3390028175-3913548786-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = MSN, Messenger und Hotmail sowie Nachrichten, Unterhaltung, Video, Sport, Lifestyle, Finanzen, Auto uvm. bei MSN

IE - HKU\S-1-5-21-3518476700-3390028175-3913548786-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de

IE - HKU\S-1-5-21-3518476700-3390028175-3913548786-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 53 CC E1 B8 79 FA CB 01  [binary data]

IE - HKU\S-1-5-21-3518476700-3390028175-3913548786-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1

IE - HKU\S-1-5-21-3518476700-3390028175-3913548786-1000\..\URLSearchHook:  - Reg Error: Key error. File not found

IE - HKU\S-1-5-21-3518476700-3390028175-3913548786-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-3518476700-3390028175-3913548786-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

 
 ========== FireFox ==========

 

FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20

FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22

FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24

FF - prefs.js..extensions.enabledItems: bkmrksync@nokia.com:1.0.0.723

 

FF - HKLM\software\mozilla\Firefox\Extensions\\bkmrksync@nokia.com: C:\Program Files\Nokia\Nokia PC Suite 7\bkmrksync\ [2010.04.11 19:40:05 | 000,000,000 | ---D | M]

FF - HKLM\software\mozilla\Firefox\Extensions\\{3112ca9c-de6d-4884-a869-9855de68056c}: C:\ProgramData\Google\Toolbar for Firefox\{3112ca9c-de6d-4884-a869-9855de68056c} [2011.04.19 17:46:44 | 000,000,000 | ---D | M]

FF - HKLM\software\mozilla\Mozilla Firefox 3.0.19\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011.02.27 20:39:04 | 000,000,000 | ---D | M]

FF - HKLM\software\mozilla\Mozilla Firefox 3.0.19\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011.04.19 18:08:22 | 000,000,000 | ---D | M]

 

[2009.05.17 17:58:14 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Mario Kronz\AppData\Roaming\mozilla\Extensions

[2011.03.17 23:21:51 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Mario Kronz\AppData\Roaming\mozilla\Firefox\Profiles\zwysk8tw.default\extensions

[2010.07.13 20:53:30 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Mario Kronz\AppData\Roaming\mozilla\Firefox\Profiles\zwysk8tw.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}

[2011.02.20 18:06:57 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions

[2010.04.28 21:33:57 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}

[2010.12.04 22:00:35 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}

[2011.02.20 18:06:57 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}

[2010.04.28 21:33:57 | 000,000,000 | ---D | M] (Java Console) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}

[2010.12.04 22:00:35 | 000,000,000 | ---D | M] (Java Console) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}

[2011.02.20 18:06:57 | 000,000,000 | ---D | M] (Java Console) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}

[2010.04.11 19:40:05 | 000,000,000 | ---D | M] (PC Sync 2 Synchronisation Extension) -- C:\PROGRAM FILES\NOKIA\NOKIA PC SUITE 7\BKMRKSYNC

[2010.10.12 17:33:32 | 000,124,344 | ---- | M] (Citrix Systems, Inc.) -- C:\Programme\Mozilla Firefox\plugins\CCMSDK.dll

[2010.10.12 17:37:06 | 000,070,592 | ---- | M] (Citrix Systems, Inc.) -- C:\Programme\Mozilla Firefox\plugins\CgpCore.dll

[2010.10.12 17:35:42 | 000,091,576 | ---- | M] (Citrix Systems, Inc.) -- C:\Programme\Mozilla Firefox\plugins\confmgr.dll

[2010.10.12 17:34:56 | 000,022,464 | ---- | M] (Citrix Systems, Inc.) -- C:\Programme\Mozilla Firefox\plugins\ctxlogging.dll

[2011.02.02 22:40:24 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Programme\Mozilla Firefox\plugins\npdeployJava1.dll

[2010.10.12 19:16:54 | 000,484,768 | ---- | M] () -- C:\Programme\Mozilla Firefox\plugins\npicaN.dll

[2010.10.12 17:37:02 | 000,024,000 | ---- | M] (Citrix Systems, Inc.) -- C:\Programme\Mozilla Firefox\plugins\TcpPServ.dll

[2010.07.14 02:05:12 | 000,001,392 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\amazondotcom-de.xml

[2010.07.14 02:05:12 | 000,002,344 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\eBay-de.xml

[2010.07.14 02:05:12 | 000,006,805 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\leo_ende_de.xml

[2010.07.14 02:05:13 | 000,000,986 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\wikipedia-de.xml

[2010.07.14 02:05:13 | 000,000,801 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\yahoo-de.xml

 

O1 HOSTS File: ([2006.09.18 23:41:30 | 000,000,736 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts

O1 - Hosts: ::1             localhost

O2 - BHO: (Search Helper) - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Programme\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation)

O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)

O2 - BHO: (Windows Live ID-Anmelde-Hilfsprogramm) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)

O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programme\Google\GoogleToolbarNotifier\5.6.6209.1142\swg.dll (Google Inc.)

O2 - BHO: (Windows Live Toolbar Helper) - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Programme\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)

O3 - HKLM\..\Toolbar: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Programme\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)

O3 - HKLM\..\Toolbar: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No CLSID value found.

O3 - HKU\S-1-5-21-3518476700-3390028175-3913548786-1000\..\Toolbar\WebBrowser: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Programme\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)

O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 10.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)

O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)

O4 - HKLM..\Run: [ConnectionCenter] C:\Program Files\Citrix\ICA Client\concentr.exe (Citrix Systems, Inc.)

O4 - HKLM..\Run: [HP Health Check Scheduler] c:\Programme\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe (Hewlett-Packard)

O4 - HKLM..\Run: [IAAnotif] C:\Programme\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)

O4 - HKLM..\Run: [Kernel and Hardware Abstraction Layer] C:\Windows\KHALMNPR.Exe (Logitech, Inc.)

O4 - HKLM..\Run: [Malwarebytes' Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)

O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.dll (NVIDIA Corporation)

O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)

O4 - HKLM..\Run: [SMSERIAL] C:\Programme\Motorola\SMSERIAL\sm56hlpr.exe (Motorola Inc.)

O4 - HKLM..\Run: [SunJavaUpdateSched]  File not found

O4 - HKLM..\Run: [TrojanScanner] C:\Program Files\Trojan Remover\Trjscan.exe (Simply Super Software)

O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)

O4 - HKU\.DEFAULT..\Run: [Nokia.PCSync]  File not found

O4 - HKU\S-1-5-18..\Run: [Nokia.PCSync]  File not found

O4 - HKU\S-1-5-19..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)

O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)

O4 - HKU\S-1-5-21-3518476700-3390028175-3913548786-1000..\Run: [WMPNSCFG] C:\Programme\Windows Media Player\wmpnscfg.exe (Microsoft Corporation)

O4 - HKLM..\RunOnce: [Uninstall Adobe Download Manager] C:\Program Files\NOS\bin\getPlusUninst_Adobe.exe (NOS Microsystems Ltd.)

O4 - HKU\S-1-5-21-3518476700-3390028175-3913548786-1000..\RunOnce: [FlashPlayerUpdate] C:\Windows\System32\Macromed\Flash\FlashUtil10l_ActiveX.exe (Adobe Systems, Inc.)

O8 - Extra context menu item: &Wikipedia - C:\Programme\QPedia\search.html ()

O8 - Extra context menu item: Google Sidewiki... - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_D183CA64F05FDD98.dll (Google Inc.)

O8 - Extra context menu item: Nach Microsoft E&xel exportieren - C:\Programme\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)

O9 - Extra 'Tools' menuitem : Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)

O9 - Extra Button: In Blog veröffentlichen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)

O9 - Extra 'Tools' menuitem : In Windows Live Writer in Blog veröffentliche&n - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)

O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)

O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)

O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Programme\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)

O9 - Extra Button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Programme\ICQ6.5\ICQ.exe (ICQ, LLC.)

O9 - Extra 'Tools' menuitem : ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Programme\ICQ6.5\ICQ.exe (ICQ, LLC.)

O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)

O13 - gopher Prefix: missing

O15 - HKU\.DEFAULT\..Trusted Ranges: Range1 ([http] in Local intranet)

O15 - HKU\S-1-5-18\..Trusted Ranges: Range1 ([http] in Local intranet)

O15 - HKU\S-1-5-21-3518476700-3390028175-3913548786-1000\..Trusted Ranges: Range1 ([http] in Local intranet)

O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)

O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} hxxp://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab (Reg Error: Key error.)

O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)

O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)

O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (get_atlcom Class)

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 83.169.186.97 83.169.184.97

O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)

O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)

O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Programme\Common Files\microsoft shared\Information Retrieval\msitss.dll (Microsoft Corporation)

O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)

O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Programme\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)

O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)

O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)

O18 - Protocol\Filter\application/x-ica {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Programme\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)

O18 - Protocol\Filter\application/x-ica; charset=euc-jp {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Programme\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)

O18 - Protocol\Filter\application/x-ica; charset=ISO-8859-1 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Programme\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)

O18 - Protocol\Filter\application/x-ica; charset=MS936 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Programme\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)

O18 - Protocol\Filter\application/x-ica; charset=MS949 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Programme\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)

O18 - Protocol\Filter\application/x-ica; charset=MS950 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Programme\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)

O18 - Protocol\Filter\application/x-ica; charset=UTF8 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Programme\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)

O18 - Protocol\Filter\application/x-ica; charset=UTF-8 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Programme\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)

O18 - Protocol\Filter\application/x-ica;charset=euc-jp {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Programme\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)

O18 - Protocol\Filter\application/x-ica;charset=ISO-8859-1 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Programme\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)

O18 - Protocol\Filter\application/x-ica;charset=MS936 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Programme\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)

O18 - Protocol\Filter\application/x-ica;charset=MS949 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Programme\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)

O18 - Protocol\Filter\application/x-ica;charset=MS950 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Programme\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)

O18 - Protocol\Filter\application/x-ica;charset=UTF8 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Programme\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)

O18 - Protocol\Filter\application/x-ica;charset=UTF-8 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Programme\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)

O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)

O18 - Protocol\Filter\ica {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Programme\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)

O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)

O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)

O24 - Desktop WallPaper: C:\Windows\Web\Wallpaper\img8.jpg

O24 - Desktop BackupWallPaper: C:\Windows\Web\Wallpaper\img8.jpg

O29 - HKLM SecurityProviders - (credssp.dll) - credssp.dll (Microsoft Corporation)

O32 - HKLM CDRom: AutoRun - 1

O32 - AutoRun File - [2006.09.18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]

O32 - AutoRun File - [2005.09.11 17:18:54 | 000,000,340 | -HS- | M] () - D:\AUTOMODE -- [ NTFS ]

O34 - HKLM BootExecute: (autocheck autochk *) -  File not found

O35 - HKLM\..comfile [open] -- "%1" %*

O35 - HKLM\..exefile [open] -- "%1" %*

O37 - HKLM\...com [@ = comfile] -- "%1" %*

O37 - HKLM\...exe [@ = exefile] -- "%1" %*

 

NetSvcs: UxTuneUp - C:\Windows\System32\uxtuneup.dll (TuneUp Software GmbH)

NetSvcs: FastUserSwitchingCompatibility -  File not found

NetSvcs: Ias -  File not found

NetSvcs: Nla -  File not found

NetSvcs: Ntmssvc -  File not found

NetSvcs: NWCWorkstation -  File not found

NetSvcs: Nwsapagent -  File not found

NetSvcs: SRService -  File not found

NetSvcs: WmdmPmSp -  File not found

NetSvcs: LogonHours -  File not found

NetSvcs: PCAudit -  File not found

NetSvcs: helpsvc -  File not found

NetSvcs: uploadmgr -  File not found

 

 

SafeBootMin: AppMgmt - Service

SafeBootMin: Base - Driver Group

SafeBootMin: Boot Bus Extender - Driver Group

SafeBootMin: Boot file system - Driver Group

SafeBootMin: File system - Driver Group

SafeBootMin: Filter - Driver Group

SafeBootMin: HelpSvc - Service

SafeBootMin: NTDS -  File not found

SafeBootMin: PCI Configuration - Driver Group

SafeBootMin: PNP Filter - Driver Group

SafeBootMin: Primary disk - Driver Group

SafeBootMin: sacsvr - Service

SafeBootMin: SCSI Class - Driver Group

SafeBootMin: System Bus Extender - Driver Group

SafeBootMin: WinDefend - C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation)

SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers

SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive

SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive

SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller

SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc

SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard

SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse

SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters

SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter

SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System

SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive

SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy

SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers

SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume

SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices

SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

 

SafeBootNet: AppMgmt - Service

SafeBootNet: Base - Driver Group

SafeBootNet: Boot Bus Extender - Driver Group

SafeBootNet: Boot file system - Driver Group

SafeBootNet: File system - Driver Group

SafeBootNet: Filter - Driver Group

SafeBootNet: HelpSvc - Service

SafeBootNet: Messenger - Service

SafeBootNet: NDIS Wrapper - Driver Group

SafeBootNet: NetBIOSGroup - Driver Group

SafeBootNet: NetDDEGroup - Driver Group

SafeBootNet: Network - Driver Group

SafeBootNet: NetworkProvider - Driver Group

SafeBootNet: NTDS -  File not found

SafeBootNet: PCI Configuration - Driver Group

SafeBootNet: PNP Filter - Driver Group

SafeBootNet: PNP_TDI - Driver Group

SafeBootNet: Primary disk - Driver Group

SafeBootNet: rdsessmgr - Service

SafeBootNet: sacsvr - Service

SafeBootNet: SCSI Class - Driver Group

SafeBootNet: Streams Drivers - Driver Group

SafeBootNet: System Bus Extender - Driver Group

SafeBootNet: TDI - Driver Group

SafeBootNet: WinDefend - C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation)

SafeBootNet: WudfPf - Driver

SafeBootNet: WudfUsbccidDriver - Driver

SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers

SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive

SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive

SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller

SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc

SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard

SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse

SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net

SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient

SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService

SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans

SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters

SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter

SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System

SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive

SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers

SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy

SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers

SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume

SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices

SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

 

ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)

ActiveX: {10880D85-AAD9-4558-ABDC-2AB1552D831F} - "C:\Program Files\Common Files\LightScribe\LSRunOnce.exe"

ActiveX: {166B1BCA-3F9C-11CF-8075-444553540000} - Macromedia Shockwave Director 10.1

ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - 

ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\Windows\System32\Microsoft

ActiveX: {25FFAAD0-F4A3-4164-95FF-4461E9F35D51} - .NET Framework

ActiveX: {2A202491-F00D-11cf-87CC-0020AFEECF20} - Macromedia Shockwave Director 10.1

ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll

ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack

ActiveX: {3C3901C5-3455-3E0A-A214-0B093A5070A6} - .NET Framework

ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE

ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - 

ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx

ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help

ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.8

ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools

ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements

ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - C:\Windows\System32\Microsoft

ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access

ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7

ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework

ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll

ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\system32\ie4uinit.exe -BaseSettings

ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install

ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding

ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts

ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1

ActiveX: {D27CDB6E-AE6D-11CF-96B8-444553540000} - C:\Windows\System32\Adobe

ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help

ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface

ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\Windows\system32\unregmp2.exe /ShowWMP

ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\system32\ie4uinit.exe -UserIconConfig

ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP

 

Drivers32: aux - wdmaud.drv (Microsoft Corporation)

Drivers32: midi - wdmaud.drv (Microsoft Corporation)

Drivers32: midimapper - midimap.dll (Microsoft Corporation)

Drivers32: mixer - wdmaud.drv (Microsoft Corporation)

Drivers32: msacm.dvacm - C:\Programme\Common Files\Ulead Systems\vio\DVACM.acm (Ulead Systems, Inc.)

Drivers32: msacm.imaadpcm - imaadp32.acm (Microsoft Corporation)

Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)

Drivers32: msacm.l3codecp -  File not found

Drivers32: msacm.msadpcm - msadp32.acm (Microsoft Corporation)

Drivers32: msacm.msg711 - msg711.acm (Microsoft Corporation)

Drivers32: msacm.msgsm610 - msgsm32.acm (Microsoft Corporation)

Drivers32: msacm.siren - sirenacm.dll (Microsoft Corporation)

Drivers32: MSVideo8 - VfWWDM32.dll (Microsoft Corporation)

Drivers32: vidc.cvid - iccvid.dll (Radius Inc.)

Drivers32: vidc.i420 - iyuv_32.dll (Microsoft Corporation)

Drivers32: VIDC.IYUV - iyuv_32.dll (Microsoft Corporation)

Drivers32: vidc.mrle - msrle32.dll (Microsoft Corporation)

Drivers32: vidc.msvc - msvidc32.dll (Microsoft Corporation)

Drivers32: VIDC.UYVY - msyuv.dll (Microsoft Corporation)

Drivers32: VIDC.YUY2 - msyuv.dll (Microsoft Corporation)

Drivers32: VIDC.YVU9 - tsbyuv.dll (Microsoft Corporation)

Drivers32: VIDC.YVYU - msyuv.dll (Microsoft Corporation)

Drivers32: wave - wdmaud.drv (Microsoft Corporation)

Drivers32: wave1 - serwvdrv.dll (Microsoft Corporation)

Drivers32: wavemapper - msacm32.drv (Microsoft Corporation)

 

CREATERESTOREPOINT

Restore point Set: OTL Restore Point

 
 ========== Files/Folders - Created Within 30 Days ==========

 

[2011.04.19 18:05:59 | 000,000,000 | ---D | C] -- C:\Programme\Adobe

[2011.04.19 18:01:17 | 000,000,000 | ---D | C] -- C:\ProgramData\McAfee Security Scan

[2011.04.19 18:01:17 | 000,000,000 | ---D | C] -- C:\ProgramData\McAfee

[2011.04.19 18:01:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus

[2011.04.19 18:01:13 | 000,000,000 | ---D | C] -- C:\Programme\McAfee Security Scan

[2011.04.19 18:00:42 | 000,000,000 | ---D | C] -- C:\Programme\NOS

[2011.04.19 18:00:42 | 000,000,000 | ---D | C] -- C:\ProgramData\NOS

[2011.04.18 00:03:27 | 000,000,000 | ---D | C] -- C:\ProgramData\TEMP

[2011.04.17 23:49:26 | 000,000,000 | ---D | C] -- C:\Users\Mario Kronz\Documents\Simply Super Software

[2011.04.17 23:49:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Trojan Remover

[2011.04.17 23:49:14 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ztvcabinet.dll

[2011.04.17 23:48:59 | 000,000,000 | ---D | C] -- C:\Programme\Trojan Remover

[2011.04.17 23:48:59 | 000,000,000 | ---D | C] -- C:\Users\Mario Kronz\AppData\Roaming\Simply Super Software

[2011.04.17 23:48:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Simply Super Software

[2011.04.17 22:09:10 | 000,161,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msls31.dll

[2011.04.17 22:09:09 | 000,162,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msrating.dll

[2011.04.17 22:09:09 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll

[2011.04.17 22:09:08 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll

[2011.04.17 22:09:08 | 000,086,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll

[2011.04.17 22:09:08 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SetIEInstalledDate.exe

[2011.04.17 22:09:08 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RegisterIEPKEYs.exe

[2011.04.17 22:09:08 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtmler.dll

[2011.04.17 22:09:07 | 003,695,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dat

[2011.04.17 22:09:07 | 000,434,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dll

[2011.04.17 22:09:07 | 000,367,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\html.iec

[2011.04.17 22:09:07 | 000,353,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtmsft.dll

[2011.04.17 22:09:07 | 000,223,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtrans.dll

[2011.04.17 22:09:06 | 001,427,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl

[2011.04.17 22:09:06 | 000,353,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll

[2011.04.17 22:09:06 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll

[2011.04.17 22:09:06 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll

[2011.04.17 22:09:06 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe

[2011.04.17 22:09:06 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll

[2011.04.17 22:09:05 | 000,580,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll

[2011.04.17 22:09:05 | 000,420,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vbscript.dll

[2011.04.17 22:09:05 | 000,152,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wextract.exe

[2011.04.17 22:09:05 | 000,150,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iexpress.exe

[2011.04.17 22:09:05 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inseng.dll

[2011.04.17 22:09:05 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\licmgr10.dll

[2011.04.17 22:09:04 | 002,382,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb

[2011.04.17 22:09:04 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe

[2011.04.17 22:09:03 | 000,227,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieaksie.dll

[2011.04.17 22:09:03 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieakui.dll

[2011.04.17 22:09:03 | 000,101,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\admparse.dll

[2011.04.17 22:09:03 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pngfilt.dll

[2011.04.17 22:09:02 | 001,797,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll

[2011.04.17 22:09:02 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript.dll

[2011.04.17 22:09:02 | 000,118,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll

[2011.04.17 22:09:02 | 000,035,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\imgutil.dll

[2011.04.17 22:09:01 | 000,130,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieakeng.dll

[2011.04.17 22:09:01 | 000,110,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\IEAdvpack.dll

[2011.04.17 22:09:01 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll

[2011.04.17 22:09:01 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe

[2011.04.17 21:37:08 | 000,000,000 | -HSD | C] -- C:\Config.Msi

[2011.04.17 20:22:05 | 000,000,000 | ---D | C] -- C:\Users\Mario Kronz\AppData\Roaming\Malwarebytes

[2011.04.17 20:21:50 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys

[2011.04.17 20:21:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware

[2011.04.17 20:21:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes

[2011.04.17 20:21:42 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys

[2011.04.17 20:21:41 | 000,000,000 | ---D | C] -- C:\Programme\Malwarebytes' Anti-Malware

[2011.04.17 17:05:51 | 000,000,000 | ---D | C] -- C:\Users\Mario Kronz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Recovery

[2011.04.13 17:54:27 | 000,292,864 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\atmfd.dll

[2011.04.13 17:54:26 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\System32\atmlib.dll

[2011.04.13 17:54:08 | 001,162,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc42u.dll

[2011.04.13 17:54:07 | 001,136,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc42.dll

[2011.04.13 17:54:01 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dnscacheugc.exe

[2011.04.13 17:54:00 | 002,041,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys

[2011.04.03 20:27:18 | 000,000,000 | ---D | C] -- C:\292169e594b55255652a

[2011.03.25 04:03:52 | 000,000,000 | ---D | C] -- C:\Windows\CheckSur

[2011.03.23 09:28:42 | 001,068,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DWrite.dll

[2011.03.23 09:28:39 | 000,288,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XpsGdiConverter.dll

[2011.03.21 19:00:41 | 000,000,000 | ---D | C] -- C:\Users\Mario Kronz\Desktop\Bewerbung Sebastian

 
 ========== Files - Modified Within 30 Days ==========

 

[2011.04.19 18:37:01 | 000,001,096 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

[2011.04.19 18:23:48 | 000,006,148 | ---- | M] () -- C:\Users\Mario Kronz\Documents\Favorisiertes Design.theme

[2011.04.19 18:08:23 | 000,001,892 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader X.lnk

[2011.04.19 18:01:16 | 000,001,717 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk

[2011.04.19 18:01:15 | 000,001,719 | ---- | M] () -- C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk

[2011.04.19 17:34:40 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat

[2011.04.19 17:34:40 | 000,003,296 | ---- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0

[2011.04.19 17:34:40 | 000,003,296 | ---- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0

[2011.04.19 10:24:14 | 000,000,486 | ---- | M] () -- C:\Windows\tasks\Norton Security Scan for Mario Kronz.job

[2011.04.19 06:47:57 | 000,001,764 | ---- | M] () -- C:\Users\Mario Kronz\Documents\Default.rdp

[2011.04.19 06:37:00 | 000,001,092 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job

[2011.04.18 00:19:48 | 000,061,349 | ---- | M] () -- C:\ProgramData\nvModes.001

[2011.04.18 00:17:58 | 2143,789,056 | -HS- | M] () -- C:\hiberfil.sys

[2011.04.17 23:49:21 | 000,000,936 | ---- | M] () -- C:\Users\Public\Desktop\Trojan Remover.lnk

[2011.04.17 22:33:11 | 000,000,680 | ---- | M] () -- C:\Users\Mario Kronz\AppData\Local\d3d9caps.dat

[2011.04.17 22:09:41 | 000,504,657 | ---- | M] () -- C:\Users\Mario Kronz\Desktop\unhide.exe

[2011.04.17 22:09:35 | 000,008,798 | ---- | M] () -- C:\Windows\System32\icrav03.rat

[2011.04.17 22:09:35 | 000,001,988 | ---- | M] () -- C:\Windows\System32\ticrf.rat

[2011.04.17 22:09:10 | 000,161,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msls31.dll

[2011.04.17 22:09:09 | 000,162,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msrating.dll

[2011.04.17 22:09:09 | 000,065,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll

[2011.04.17 22:09:08 | 000,176,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll

[2011.04.17 22:09:08 | 000,086,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll

[2011.04.17 22:09:08 | 000,076,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SetIEInstalledDate.exe

[2011.04.17 22:09:08 | 000,074,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\RegisterIEPKEYs.exe

[2011.04.17 22:09:08 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mshtmler.dll

[2011.04.17 22:09:07 | 003,695,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dat

[2011.04.17 22:09:07 | 000,434,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dll

[2011.04.17 22:09:07 | 000,367,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\html.iec

[2011.04.17 22:09:07 | 000,353,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dxtmsft.dll

[2011.04.17 22:09:07 | 000,223,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dxtrans.dll

[2011.04.17 22:09:06 | 001,427,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl

[2011.04.17 22:09:06 | 000,353,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll

[2011.04.17 22:09:06 | 000,231,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\url.dll

[2011.04.17 22:09:06 | 000,074,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll

[2011.04.17 22:09:06 | 000,074,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe

[2011.04.17 22:09:06 | 000,072,822 | ---- | M] () -- C:\Windows\System32\ieuinit.inf

[2011.04.17 22:09:06 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll

[2011.04.17 22:09:05 | 000,580,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll

[2011.04.17 22:09:05 | 000,420,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\vbscript.dll

[2011.04.17 22:09:05 | 000,152,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wextract.exe

[2011.04.17 22:09:05 | 000,150,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iexpress.exe

[2011.04.17 22:09:05 | 000,078,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\inseng.dll

[2011.04.17 22:09:05 | 000,023,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\licmgr10.dll

[2011.04.17 22:09:04 | 002,382,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb

[2011.04.17 22:09:04 | 000,142,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe

[2011.04.17 22:09:03 | 000,227,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieaksie.dll

[2011.04.17 22:09:03 | 000,163,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieakui.dll

[2011.04.17 22:09:03 | 000,101,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\admparse.dll

[2011.04.17 22:09:03 | 000,054,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\pngfilt.dll

[2011.04.17 22:09:02 | 001,797,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll

[2011.04.17 22:09:02 | 000,716,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\jscript.dll

[2011.04.17 22:09:02 | 000,118,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll

[2011.04.17 22:09:02 | 000,035,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\imgutil.dll

[2011.04.17 22:09:01 | 000,130,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieakeng.dll

[2011.04.17 22:09:01 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\IEAdvpack.dll

[2011.04.17 22:09:01 | 000,041,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll

[2011.04.17 22:09:01 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe

[2011.04.17 21:50:03 | 000,326,664 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT

[2011.04.17 20:21:50 | 000,000,906 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk

[2011.04.17 17:42:46 | 000,628,742 | ---- | M] () -- C:\Windows\System32\perfh007.dat

[2011.04.17 17:42:46 | 000,595,996 | ---- | M] () -- C:\Windows\System32\perfh009.dat

[2011.04.17 17:42:46 | 000,126,260 | ---- | M] () -- C:\Windows\System32\perfc007.dat

[2011.04.17 17:42:46 | 000,104,070 | ---- | M] () -- C:\Windows\System32\perfc009.dat

[2011.04.17 17:35:03 | 000,061,349 | ---- | M] () -- C:\ProgramData\nvModes.dat

[2011.04.17 17:11:24 | 000,000,384 | ---- | M] () -- C:\ProgramData\40886024

[2011.04.17 17:05:54 | 000,000,160 | ---- | M] () -- C:\ProgramData\~40886024r

[2011.04.17 17:05:54 | 000,000,120 | ---- | M] () -- C:\ProgramData\~40886024

[2011.04.15 17:24:03 | 000,000,416 | ---- | M] () -- C:\Windows\tasks\1-Klick-Wartung.job

[2011.04.13 18:37:46 | 000,001,683 | ---- | M] () -- C:\Users\Mario Kronz\Desktop\ALNO AG  Küchenplaner.lnk

[2011.03.24 22:38:32 | 000,016,906 | ---- | M] () -- C:\Users\Mario Kronz\Desktop\bescheindgc.pdf

 
 ========== Files Created - No Company Name ==========

 

[2011.04.19 18:08:23 | 000,001,892 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader X.lnk

[2011.04.19 18:08:22 | 000,001,804 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk

[2011.04.19 18:01:16 | 000,001,717 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk

[2011.04.19 18:01:15 | 000,001,719 | ---- | C] () -- C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk

[2011.04.17 23:49:21 | 000,000,936 | ---- | C] () -- C:\Users\Public\Desktop\Trojan Remover.lnk

[2011.04.17 23:49:14 | 000,162,304 | ---- | C] () -- C:\Windows\System32\ztvunrar36.dll

[2011.04.17 23:49:14 | 000,077,312 | ---- | C] () -- C:\Windows\System32\ztvunace26.dll

[2011.04.17 23:49:14 | 000,075,264 | ---- | C] () -- C:\Windows\System32\unacev2.dll

[2011.04.17 23:49:13 | 000,153,088 | ---- | C] () -- C:\Windows\System32\UNRAR3.dll

[2011.04.17 23:39:56 | 000,006,148 | ---- | C] () -- C:\Users\Mario Kronz\Documents\Favorisiertes Design.theme

[2011.04.17 22:09:06 | 000,072,822 | ---- | C] () -- C:\Windows\System32\ieuinit.inf

[2011.04.17 22:07:39 | 000,504,657 | ---- | C] () -- C:\Users\Mario Kronz\Desktop\unhide.exe

[2011.04.17 20:21:50 | 000,000,906 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk

[2011.04.17 17:31:10 | 2143,789,056 | -HS- | C] () -- C:\hiberfil.sys

[2011.04.17 17:05:54 | 000,000,160 | ---- | C] () -- C:\ProgramData\~40886024r

[2011.04.17 17:05:53 | 000,000,120 | ---- | C] () -- C:\ProgramData\~40886024

[2011.04.17 17:05:30 | 000,000,384 | ---- | C] () -- C:\ProgramData\40886024

[2011.03.24 22:38:32 | 000,016,906 | ---- | C] () -- C:\Users\Mario Kronz\Desktop\bescheindgc.pdf

[2010.04.18 22:34:35 | 000,000,012 | ---- | C] () -- C:\Users\Mario Kronz\AppData\Roaming\kcmdte.dat

[2009.08.11 20:45:49 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin

[2009.08.11 20:45:48 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll

[2009.05.10 00:17:25 | 000,000,760 | ---- | C] () -- C:\Users\Mario Kronz\AppData\Roaming\setup_ldm.iss

[2009.05.06 00:31:07 | 000,000,056 | ---- | C] () -- C:\ProgramData\ezsidmv.dat

[2008.10.14 21:15:22 | 000,061,349 | ---- | C] () -- C:\ProgramData\nvModes.dat

[2008.10.14 21:15:22 | 000,061,349 | ---- | C] () -- C:\ProgramData\nvModes.001

[2008.07.28 06:21:40 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin

[2008.03.23 17:06:53 | 000,000,305 | ---- | C] () -- C:\ProgramData\addr_file.html

[2008.03.04 14:50:06 | 000,962,560 | ---- | C] () -- C:\Windows\System32\WLIHVUI.dll

[2008.02.06 18:41:18 | 000,000,020 | ---- | C] () -- C:\Windows\Ulead32.ini

[2008.02.05 16:05:44 | 000,000,680 | ---- | C] () -- C:\Users\Mario Kronz\AppData\Local\d3d9caps.dat

[2008.01.24 04:00:47 | 000,000,032 | ---- | C] () -- C:\ProgramData\ezsid.dat

[2008.01.24 03:33:49 | 000,027,905 | ---- | C] () -- C:\Users\Mario Kronz\AppData\Roaming\nvModes.001

[2008.01.24 03:20:50 | 000,027,905 | ---- | C] () -- C:\Users\Mario Kronz\AppData\Roaming\nvModes.dat

[2008.01.23 21:26:20 | 000,000,000 | ---- | C] () -- C:\Users\Mario Kronz\AppData\Roaming\wklnhst.dat

[2008.01.23 21:23:14 | 000,025,600 | ---- | C] () -- C:\Users\Mario Kronz\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[2008.01.04 16:42:11 | 000,000,176 | ---- | C] () -- C:\Windows\System32\drivers\RTHDAEQ1.dat

[2008.01.04 16:42:11 | 000,000,176 | ---- | C] () -- C:\Windows\System32\drivers\RTHDAEQ0.dat

[2008.01.04 16:41:36 | 000,016,480 | ---- | C] () -- C:\Windows\System32\rixdicon.dll

[2007.11.27 08:06:31 | 000,628,742 | ---- | C] () -- C:\Windows\System32\perfh007.dat

[2007.11.27 08:06:31 | 000,290,748 | ---- | C] () -- C:\Windows\System32\perfi007.dat

[2007.11.27 08:06:31 | 000,126,260 | ---- | C] () -- C:\Windows\System32\perfc007.dat

[2007.11.27 08:06:31 | 000,036,916 | ---- | C] () -- C:\Windows\System32\perfd007.dat

[2006.11.02 14:57:28 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat

[2006.11.02 14:47:37 | 000,326,664 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT

[2006.11.02 14:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll

[2006.11.02 12:33:01 | 000,595,996 | ---- | C] () -- C:\Windows\System32\perfh009.dat

[2006.11.02 12:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat

[2006.11.02 12:33:01 | 000,104,070 | ---- | C] () -- C:\Windows\System32\perfc009.dat

[2006.11.02 12:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat

[2006.11.02 12:25:21 | 000,061,440 | ---- | C] () -- C:\Windows\System32\igfxTMM.dll

[2006.11.02 12:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat

[2006.11.02 10:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin

[2006.11.02 10:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT

[2006.11.02 09:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini

[2006.11.02 09:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat

[2006.03.10 00:58:00 | 001,060,424 | ---- | C] () -- C:\Windows\System32\WdfCoInstaller01000.dll

 
 ========== LOP Check ==========

 

[2010.05.01 16:46:22 | 000,000,000 | ---D | M] -- C:\Users\Mario Kronz\AppData\Roaming\AquaCalculator

[2008.01.24 01:52:39 | 000,000,000 | ---D | M] -- C:\Users\Mario Kronz\AppData\Roaming\DataLayer

[2009.01.22 22:47:31 | 000,000,000 | ---D | M] -- C:\Users\Mario Kronz\AppData\Roaming\Glory of the Roman Empire

[2011.03.23 09:13:04 | 000,000,000 | ---D | M] -- C:\Users\Mario Kronz\AppData\Roaming\ICAClient

[2010.04.22 21:30:57 | 000,000,000 | ---D | M] -- C:\Users\Mario Kronz\AppData\Roaming\ICQ

[2008.01.24 12:34:20 | 000,000,000 | ---D | M] -- C:\Users\Mario Kronz\AppData\Roaming\ICQ Toolbar

[2009.12.28 23:04:43 | 000,000,000 | ---D | M] -- C:\Users\Mario Kronz\AppData\Roaming\Marine Aquarium 3

[2008.10.03 04:02:54 | 000,000,000 | ---D | M] -- C:\Users\Mario Kronz\AppData\Roaming\Nokia

[2008.10.12 11:38:00 | 000,000,000 | ---D | M] -- C:\Users\Mario Kronz\AppData\Roaming\PC Suite

[2008.03.19 17:14:40 | 000,000,000 | ---D | M] -- C:\Users\Mario Kronz\AppData\Roaming\PlayFirst

[2011.04.17 23:48:59 | 000,000,000 | ---D | M] -- C:\Users\Mario Kronz\AppData\Roaming\Simply Super Software

[2010.03.22 17:50:29 | 000,000,000 | ---D | M] -- C:\Users\Mario Kronz\AppData\Roaming\TeamViewer

[2008.01.23 21:26:22 | 000,000,000 | ---D | M] -- C:\Users\Mario Kronz\AppData\Roaming\Template

[2008.03.23 16:56:31 | 000,000,000 | ---D | M] -- C:\Users\Mario Kronz\AppData\Roaming\TuneUp Software

[2008.02.06 18:49:40 | 000,000,000 | ---D | M] -- C:\Users\Mario Kronz\AppData\Roaming\Ulead Systems

[2008.03.19 17:13:55 | 000,000,000 | ---D | M] -- C:\Users\Mario Kronz\AppData\Roaming\WildTangent

[2011.04.15 17:24:03 | 000,000,416 | ---- | M] () -- C:\Windows\Tasks\1-Klick-Wartung.job

[2011.04.18 00:05:17 | 000,032,648 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

[2010.12.15 19:50:00 | 000,000,430 | ---- | M] () -- C:\Windows\Tasks\User_Feed_Synchronization-{7A39246F-50F8-4164-AE91-05374F3DC096}.job

 
 ========== Purity Check ==========

 

 

 
 ========== Custom Scans ==========

 

 
 < %ALLUSERSPROFILE%\Application Data\*. >

 
 < %ALLUSERSPROFILE%\Application Data\*.exe /s >

 
 < %APPDATA%\*. >

[2008.06.23 01:30:22 | 000,000,000 | ---D | M] -- C:\Users\Mario Kronz\AppData\Roaming\Adobe

[2010.09.17 00:05:05 | 000,000,000 | ---D | M] -- C:\Users\Mario Kronz\AppData\Roaming\Apple Computer

[2010.05.01 16:46:22 | 000,000,000 | ---D | M] -- C:\Users\Mario Kronz\AppData\Roaming\AquaCalculator

[2010.04.14 23:20:29 | 000,000,000 | ---D | M] -- C:\Users\Mario Kronz\AppData\Roaming\Avira

[2008.12.01 13:47:52 | 000,000,000 | ---D | M] -- C:\Users\Mario Kronz\AppData\Roaming\AVS4YOU

[2008.01.24 12:05:42 | 000,000,000 | ---D | M] -- C:\Users\Mario Kronz\AppData\Roaming\CyberLink

[2008.01.24 01:52:39 | 000,000,000 | ---D | M] -- C:\Users\Mario Kronz\AppData\Roaming\DataLayer

[2009.07.26 13:54:28 | 000,000,000 | ---D | M] -- C:\Users\Mario Kronz\AppData\Roaming\DivX

[2009.01.22 22:47:31 | 000,000,000 | ---D | M] -- C:\Users\Mario Kronz\AppData\Roaming\Glory of the Roman Empire

[2008.01.24 12:58:12 | 000,000,000 | ---D | M] -- C:\Users\Mario Kronz\AppData\Roaming\Google

[2009.10.22 22:12:23 | 000,000,000 | ---D | M] -- C:\Users\Mario Kronz\AppData\Roaming\GTek

[2010.12.04 10:46:52 | 000,000,000 | ---D | M] -- C:\Users\Mario Kronz\AppData\Roaming\Hewlett-Packard

[2008.01.24 04:21:44 | 000,000,000 | ---D | M] -- C:\Users\Mario Kronz\AppData\Roaming\HP

[2011.03.23 09:13:04 | 000,000,000 | ---D | M] -- C:\Users\Mario Kronz\AppData\Roaming\ICAClient

[2010.04.22 21:30:57 | 000,000,000 | ---D | M] -- C:\Users\Mario Kronz\AppData\Roaming\ICQ

[2008.01.24 12:34:20 | 000,000,000 | ---D | M] -- C:\Users\Mario Kronz\AppData\Roaming\ICQ Toolbar

[2008.01.23 21:20:46 | 000,000,000 | ---D | M] -- C:\Users\Mario Kronz\AppData\Roaming\Identities

[2008.01.24 02:49:30 | 000,000,000 | ---D | M] -- C:\Users\Mario Kronz\AppData\Roaming\InstallShield

[2008.06.11 16:39:22 | 000,000,000 | ---D | M] -- C:\Users\Mario Kronz\AppData\Roaming\Intel

[2008.02.14 15:32:52 | 000,000,000 | ---D | M] -- C:\Users\Mario Kronz\AppData\Roaming\Logitech

[2008.03.19 17:14:40 | 000,000,000 | ---D | M] -- C:\Users\Mario Kronz\AppData\Roaming\Macromedia

[2011.04.17 20:22:05 | 000,000,000 | ---D | M] -- C:\Users\Mario Kronz\AppData\Roaming\Malwarebytes

[2009.12.28 23:04:43 | 000,000,000 | ---D | M] -- C:\Users\Mario Kronz\AppData\Roaming\Marine Aquarium 3

[2006.11.02 14:37:34 | 000,000,000 | ---D | M] -- C:\Users\Mario Kronz\AppData\Roaming\Media Center Programs

[2010.04.14 14:57:30 | 000,000,000 | --SD | M] -- C:\Users\Mario Kronz\AppData\Roaming\Microsoft

[2009.05.17 17:58:14 | 000,000,000 | ---D | M] -- C:\Users\Mario Kronz\AppData\Roaming\Mozilla

[2008.10.03 04:02:54 | 000,000,000 | ---D | M] -- C:\Users\Mario Kronz\AppData\Roaming\Nokia

[2008.10.12 11:38:00 | 000,000,000 | ---D | M] -- C:\Users\Mario Kronz\AppData\Roaming\PC Suite

[2008.03.19 17:14:40 | 000,000,000 | ---D | M] -- C:\Users\Mario Kronz\AppData\Roaming\PlayFirst

[2011.04.17 23:48:59 | 000,000,000 | ---D | M] -- C:\Users\Mario Kronz\AppData\Roaming\Simply Super Software

[2011.03.23 21:19:24 | 000,000,000 | ---D | M] -- C:\Users\Mario Kronz\AppData\Roaming\skypePM

[2008.01.23 21:21:33 | 000,000,000 | ---D | M] -- C:\Users\Mario Kronz\AppData\Roaming\Symantec

[2010.03.22 17:50:29 | 000,000,000 | ---D | M] -- C:\Users\Mario Kronz\AppData\Roaming\TeamViewer

[2008.01.23 21:26:22 | 000,000,000 | ---D | M] -- C:\Users\Mario Kronz\AppData\Roaming\Template

[2008.03.23 16:56:31 | 000,000,000 | ---D | M] -- C:\Users\Mario Kronz\AppData\Roaming\TuneUp Software

[2008.02.06 18:49:40 | 000,000,000 | ---D | M] -- C:\Users\Mario Kronz\AppData\Roaming\Ulead Systems

[2008.03.19 17:13:55 | 000,000,000 | ---D | M] -- C:\Users\Mario Kronz\AppData\Roaming\WildTangent

 
 < %APPDATA%\*.exe /s >

[2011.01.16 15:28:04 | 000,010,134 | R--- | M] () -- C:\Users\Mario Kronz\AppData\Roaming\Microsoft\Installer\{A2C60BF1-82E3-493C-911D-14AD50471F2F}\ARPPRODUCTICON.exe

[2010.11.20 18:26:50 | 000,010,134 | R--- | M] () -- C:\Users\Mario Kronz\AppData\Roaming\Microsoft\Installer\{B96DB037-DBEA-4186-9081-9CBD537F82E8}\ARPPRODUCTICON.exe

[2010.04.14 14:57:30 | 000,004,710 | R--- | M] () -- C:\Users\Mario Kronz\AppData\Roaming\Microsoft\Installer\{ce68ca3b-2fc4-4104-9986-d4900ca651f0}\ARPPRODUCTICON.exe

 
 < %SYSTEMDRIVE%\*.exe >

[2007.12.27 23:24:08 | 000,562,688 | ---- | M] (Microsoft Corporation) -- C:\install.exe

 

 
 < MD5 for: AGP440.SYS  >

[2008.01.19 09:42:25 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_51b95d75\AGP440.sys

[2008.01.19 09:42:25 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_f750e484\AGP440.sys

[2008.01.19 09:42:25 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6001.18000_none_ba12ed3bbeb0d97a\AGP440.sys

[2008.01.19 09:42:25 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6002.18005_none_bbfe6647bbd2a4c6\AGP440.sys

[2007.11.27 01:26:30 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=313FF294978EA6AF715722D708FB249F -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6000.20494_none_b858f78adaed51b3\AGP440.sys

[2007.11.27 01:26:30 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=CE71AFD6738AA025D742CDBCFBDC8B9C -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_f2490cb0\AGP440.sys

[2007.11.27 01:26:30 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=CE71AFD6738AA025D742CDBCFBDC8B9C -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6000.16399_none_b7d45c31c1cb309c\AGP440.sys

[2006.11.02 11:49:52 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=EF23439CDD587F64C2C1B8825CEAD7D8 -- C:\Windows\System32\drivers\AGP440.sys

[2006.11.02 11:49:52 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=EF23439CDD587F64C2C1B8825CEAD7D8 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_920a2c1f\AGP440.sys

 
 < MD5 for: ATAPI.SYS  >

[2009.04.11 08:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\System32\drivers\atapi.sys

[2009.04.11 08:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_b12d8e84\atapi.sys

[2009.04.11 08:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6002.18005_none_df23a1261eab99e8\atapi.sys

[2008.01.19 09:41:30 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_cc18792d\atapi.sys

[2008.01.19 09:41:30 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.18000_none_dd38281a2189ce9c\atapi.sys

[2006.11.02 11:49:36 | 000,019,048 | ---- | M] (Microsoft Corporation) MD5=4F4FCB8B6EA06784FB6D475B7EC7300F -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_c6c2e699\atapi.sys

[2008.02.14 13:50:38 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=B35CFCEF838382AB6490B321C87EDF17 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_7de13c21\atapi.sys

[2008.02.14 13:50:38 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=B35CFCEF838382AB6490B321C87EDF17 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6000.16632_none_db337a442479c42c\atapi.sys

[2008.02.14 13:50:37 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=E03E8C99D15D0381E02743C36AFC7C6F -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6000.20757_none_dbac78a93da31a8b\atapi.sys

 
 < MD5 for: CNGAUDIT.DLL  >

[2006.11.02 11:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\System32\cngaudit.dll

[2006.11.02 11:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.0.6000.16386_none_e62d292932a96ce6\cngaudit.dll

 
 < MD5 for: EVENTLOG.DLL  >

[2007.01.12 23:30:08 | 000,007,216 | ---- | M] () MD5=C2A279A458A06DE2C83D842AA042B5A8 -- C:\Programme\CyberLink\PowerDirector\EventLog.dll

 
 < MD5 for: EXPLORER.EXE  >

[2008.10.29 08:20:29 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=37440D09DEAE0B672A04DCCF7ABF06BE -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16771_none_4f83bb287ccdb7e3\explorer.exe

[2008.10.29 08:29:41 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=4F554999D7D5F05DAAEBBA7B5BA1089D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18164_none_5177ca9879e978e8\explorer.exe

[2008.10.30 05:59:17 | 002,927,616 | ---- | M] (Microsoft Corporation) MD5=50BA5850147410CDE89C523AD3BC606E -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.22298_none_51e4f8c7931bd1e1\explorer.exe

[2008.01.24 03:35:35 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=6D06CD98D954FE87FB2DB8108793B399 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16549_none_4fac29707cae347a\explorer.exe

[2008.01.24 03:35:34 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=BD06F0BF753BC704B653C3A50F89D362 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20668_none_501f261995dcf2cf\explorer.exe

[2009.04.11 08:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\explorer.exe

[2009.04.11 08:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6002.18005_none_53a0201e76de3a0b\explorer.exe

[2008.10.28 04:15:02 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=E7156B0B74762D9DE0E66BDCDE06E5FB -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20947_none_5033cb5995cd990b\explorer.exe

[2006.11.02 11:45:07 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=FD8C53FB002217F6F888BCF6F5D7084D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16386_none_4f7de5167cd15deb\explorer.exe

[2008.01.19 09:33:10 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=FFA764631CB70A30065C12EF8E174F9F -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18000_none_51b4a71279bc6ebf\explorer.exe

 
 < MD5 for: IASTOR.SYS  >

[2009.02.11 17:26:18 | 000,407,576 | ---- | M] (Intel Corporation) MD5=1ADAA4F16073FD0C7270F451FD024E97 -- C:\Programme\Intel\Intel Matrix Storage Manager\driver64\iastor.sys

[2007.07.13 06:35:02 | 000,305,176 | ---- | M] (Intel Corporation) MD5=2358C53F30CB9DCD1D3843C4E2F299B2 -- C:\SWSETUP\Drivers\ITM\Winall\Driver\iastor.sys

[2007.07.13 06:35:02 | 000,305,176 | ---- | M] (Intel Corporation) MD5=2358C53F30CB9DCD1D3843C4E2F299B2 -- C:\Windows\System32\DriverStore\FileRepository\iaahci.inf_cfa1dde4\iaStor.sys

[2009.02.11 17:11:50 | 000,329,752 | ---- | M] (Intel Corporation) MD5=71ECC07BC7C5E24C3DD01D8A29A24054 -- C:\Programme\Intel\Intel Matrix Storage Manager\driver\iastor.sys

[2009.02.11 17:11:50 | 000,329,752 | ---- | M] (Intel Corporation) MD5=71ECC07BC7C5E24C3DD01D8A29A24054 -- C:\Windows\System32\drivers\iaStor.sys

[2009.02.11 17:11:50 | 000,329,752 | ---- | M] (Intel Corporation) MD5=71ECC07BC7C5E24C3DD01D8A29A24054 -- C:\Windows\System32\DriverStore\FileRepository\iaahci.inf_ea118ff5\iaStor.sys

[2007.07.13 06:35:44 | 000,381,976 | ---- | M] (Intel Corporation) MD5=CEB53BB804B41C52AB0782505C8E2994 -- C:\SWSETUP\Drivers\ITM\Winall\Driver64\iastor.sys

 
 < MD5 for: IASTORV.SYS  >

[2008.01.19 09:42:51 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_c9df7691\iaStorV.sys

[2008.01.19 09:42:51 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.0.6001.18000_none_af11527887c7fa8f\iaStorV.sys

[2006.11.02 11:51:25 | 000,232,040 | ---- | M] (Intel Corporation) MD5=C957BF4B5D80B46C5017BF0101E6C906 -- C:\Windows\System32\drivers\iaStorV.sys

[2006.11.02 11:51:25 | 000,232,040 | ---- | M] (Intel Corporation) MD5=C957BF4B5D80B46C5017BF0101E6C906 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_37cdafa4\iaStorV.sys

 
 < MD5 for: NETLOGON.DLL  >

[2006.11.02 11:46:11 | 000,559,616 | ---- | M] (Microsoft Corporation) MD5=889A2C9F2AACCD8F64EF50AC0B3D553B -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6000.16386_none_fb80f5473b0ed783\netlogon.dll

[2009.04.11 08:28:23 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\System32\netlogon.dll

[2009.04.11 08:28:23 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6002.18005_none_ffa3304f351bb3a3\netlogon.dll

[2008.01.19 09:35:36 | 000,592,384 | ---- | M] (Microsoft Corporation) MD5=A8EFC0B6E75B789F7FD3BA5025D4E37F -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6001.18000_none_fdb7b74337f9e857\netlogon.dll

 
 < MD5 for: NVSTOR.SYS  >

[2006.11.02 11:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) MD5=9E0BA19A28C498A6D323D065DB76DFFC -- C:\Windows\System32\drivers\nvstor.sys

[2006.11.02 11:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) MD5=9E0BA19A28C498A6D323D065DB76DFFC -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_733654ff\nvstor.sys

[2008.01.19 09:42:09 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_31c3d71d\nvstor.sys

[2008.01.19 09:42:09 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.0.6001.18000_none_39dac327befea467\nvstor.sys

 
 < MD5 for: SCECLI.DLL  >

[2008.01.19 09:36:19 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=28B84EB538F7E8A0FE8B9299D591E0B9 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6001.18000_none_380de25bd91b6f12\scecli.dll

[2006.11.02 11:46:12 | 000,176,640 | ---- | M] (Microsoft Corporation) MD5=80E2839D05CA5970A86D7BE2A08BFF61 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6000.16386_none_35d7205fdc305e3e\scecli.dll

[2009.04.11 08:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\System32\scecli.dll

[2009.04.11 08:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6002.18005_none_39f95b67d63d3a5e\scecli.dll

 
 < MD5 for: USER32.DLL  >

[2007.11.26 23:51:56 | 000,633,856 | ---- | M] (Microsoft Corporation) MD5=63B4F59D7C89B1BF5277F1FFEFD491CD -- C:\Windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.0.6000.16438_none_cb39bc5b7047127e\user32.dll

[2007.11.26 23:51:56 | 000,633,856 | ---- | M] (Microsoft Corporation) MD5=9D9F061EDA75425FC67F0365E3467C86 -- C:\Windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.0.6000.20537_none_cbc258dc896598f1\user32.dll

[2008.01.19 09:36:46 | 000,627,200 | ---- | M] (Microsoft Corporation) MD5=B974D9F06DC7D1908E825DC201681269 -- C:\Windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.0.6001.18000_none_cd386c416d5c7f32\user32.dll

[2006.11.02 11:46:13 | 000,633,856 | ---- | M] (Microsoft Corporation) MD5=E698A5437B89A285ACA3FF022356810A -- C:\Windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.0.6000.16386_none_cb01aa4570716e5e\user32.dll

[2009.04.11 08:28:25 | 000,627,712 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\user32.dll

[2009.04.11 08:28:25 | 000,627,712 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.0.6002.18005_none_cf23e54d6a7e4a7e\user32.dll

 
 < MD5 for: USERINIT.EXE  >

[2008.01.19 09:33:33 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\System32\userinit.exe

[2008.01.19 09:33:33 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6001.18000_none_dc28ba15d1aff80b\userinit.exe

[2006.11.02 11:45:50 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=22027835939F86C3E47AD8E3FBDE3D11 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6000.16386_none_d9f1f819d4c4e737\userinit.exe

 
 < MD5 for: WINLOGON.EXE  >

[2009.04.11 08:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\System32\winlogon.exe

[2009.04.11 08:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6002.18005_none_71ae7a22d2134741\winlogon.exe

[2006.11.02 11:45:57 | 000,308,224 | ---- | M] (Microsoft Corporation) MD5=9F75392B9128A91ABAFB044EA350BAAD -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6000.16386_none_6d8c3f1ad8066b21\winlogon.exe

[2008.01.19 09:33:37 | 000,314,880 | ---- | M] (Microsoft Corporation) MD5=C2610B6BDBEFC053BBDAB4F1B965CB24 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6001.18000_none_6fc30116d4f17bf5\winlogon.exe

 
 < MD5 for: WS2IFSL.SYS  >

[2006.11.02 10:58:26 | 000,015,872 | ---- | M] (Microsoft Corporation) MD5=84620AECDCFD2A7A14E6263927D8C0ED -- C:\Windows\winsxs\x86_microsoft-windows-w..rastructure-ws2ifsl_31bf3856ad364e35_6.0.6000.16386_none_4d4fded8cae2956d\ws2ifsl.sys

[2008.01.19 07:56:49 | 000,015,872 | ---- | M] (Microsoft Corporation) MD5=E3A3CB253C0EC2494D4A61F5E43A389C -- C:\Windows\System32\drivers\ws2ifsl.sys

[2008.01.19 07:56:49 | 000,015,872 | ---- | M] (Microsoft Corporation) MD5=E3A3CB253C0EC2494D4A61F5E43A389C -- C:\Windows\winsxs\x86_microsoft-windows-w..rastructure-ws2ifsl_31bf3856ad364e35_6.0.6001.18000_none_4f86a0d4c7cda641\ws2ifsl.sys

 
 < %systemroot%\system32\drivers\*.sys /lockedfiles >

 
 < %systemroot%\System32\config\*.sav >

[2006.11.02 12:34:05 | 000,008,192 | ---- | M] () -- C:\Windows\System32\config\COMPONENTS.SAV

[2006.11.02 12:34:05 | 000,020,480 | ---- | M] () -- C:\Windows\System32\config\DEFAULT.SAV

[2006.11.02 12:34:05 | 000,008,192 | ---- | M] () -- C:\Windows\System32\config\SECURITY.SAV

[2006.11.02 12:34:08 | 010,133,504 | ---- | M] () -- C:\Windows\System32\config\SOFTWARE.SAV

[2006.11.02 12:34:08 | 001,826,816 | ---- | M] () -- C:\Windows\System32\config\SYSTEM.SAV

 
 < %systemroot%\*. /mp /s >

 
 < %systemroot%\system32\*.dll /lockedfiles >

[2011.04.17 22:09:07 | 000,353,792 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\dxtmsft.dll

[2011.04.17 22:09:07 | 000,223,232 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\dxtrans.dll

[2011.04.17 22:09:05 | 000,580,608 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\msfeeds.dll
 

< End of report >

--- --- ---

und nun der restOTL EXTRAS Logfile:

Code:

OTL Extras logfile created on: 19.04.2011 18:40:56 - Run 1

OTL by OldTimer - Version 3.2.22.3     Folder = C:\Users\Mario Kronz\Downloads

Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation

Internet Explorer (Version = 9.0.8112.16421)

Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

 

2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 42,00% Memory free

4,00 Gb Paging File | 3,00 Gb Available in Paging File | 59,00% Paging File free

Paging file location(s): ?:\pagefile.sys [binary data]

 

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files

Drive C: | 221,30 Gb Total Space | 99,71 Gb Free Space | 45,05% Space Free | Partition Type: NTFS

Drive D: | 11,58 Gb Total Space | 2,18 Gb Free Space | 18,86% Space Free | Partition Type: NTFS

 

Computer Name: PRIVAT | User Name: Mario Kronz | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: All users

Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

 
 ========== Extra Registry (SafeList) ==========

 

 
 ========== File Associations ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)

.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)

 

[HKEY_USERS\S-1-5-21-3518476700-3390028175-3913548786-1000\SOFTWARE\Classes\<extension>]

.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

 
 ========== Shell Spawning ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]

batfile [open] -- "%1" %*

cmdfile [open] -- "%1" %*

comfile [open] -- "%1" %*

cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)

exefile [open] -- "%1" %*

helpfile [open] -- Reg Error: Key error.

hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)

inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)

piffile [open] -- "%1" %*

regfile [merge] -- Reg Error: Key error.

scrfile [config] -- "%1"

scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l

scrfile [open] -- "%1" /S

txtfile [edit] -- Reg Error: Key error.

Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1

Directory [CEWE FOTOSCHAU] -- "C:\Program Files\dm\dm Fotowelt\CEWE FOTOSCHAU.exe" -d "%1" ()

Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)

Directory [dm Fotowelt] -- "C:\Program Files\dm\dm Fotowelt\dm Fotowelt.exe" "%1" ()

Directory [dm-Fotowelt] -- "C:\Program Files\dm\dm Fotowelt\dm-Fotowelt.exe" "%1" ()

Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Directory [OneNote.Open] -- C:\PROGRA~1\MICROS~3\Office12\ONENOTE.EXE "%L" [2009.05.06 00:15:11 | 000,000,000 | ---D | M]

Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)

Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)

Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

 
 ========== Security Center Settings ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

"cval" = 1

"UacDisableNotify" = 0

"InternetSettingsDisableNotify" = 0

"AutoUpdateDisableNotify" = 0

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

"DisableMonitoring" = 1

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

"DisableMonitoring" = 1

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

"DisableMonitoring" = 1

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

"AntiVirusOverride" = 0

"AntiSpywareOverride" = 0

"FirewallOverride" = 0

"VistaSp1" = Reg Error: Unknown registry data type -- File not found

"VistaSp2" = Reg Error: Unknown registry data type -- File not found

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

 
 ========== Firewall Settings ==========

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

"DisableNotifications" = 0

"EnableFirewall" = 1

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]

"DisableNotifications" = 0

"EnableFirewall" = 1

"DoNotAllowExceptions" = 0

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]

"DisableNotifications" = 0

"EnableFirewall" = 1

"DoNotAllowExceptions" = 0

 
 ========== Authorized Applications List ==========

 

 
 ========== Vista Active Open Ports Exception List ==========

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]

"{021E9321-D04B-4EEA-89A1-59FB52808A41}" = lport=444 | protocol=17 | dir=in | name=mutterhaus | 

"{0A0C6AE6-B575-44C3-8685-53C4494D18F6}" = lport=80 | protocol=6 | dir=in | name=@wsmres.dll,-50 | 

"{0ADF3551-B493-45C4-9B80-DBA3C917B09D}" = lport=rpc | protocol=6 | dir=in | svc=* | app=c:\windows\system32\svchost.exe | 

"{14B5111B-1553-40EA-989D-86AAA77FB2EB}" = lport=445 | protocol=6 | dir=in | app=system | 

"{2089D96A-6C8A-481F-BBE0-CCD88DBAFA20}" = rport=1701 | protocol=17 | dir=out | app=system | 

"{2BB5B5AF-9CA7-4B79-BFCD-A6A0C066AA27}" = lport=444 | protocol=6 | dir=in | name=ssl network extender | 

"{31746B24-6D73-409D-8A28-1216670D3554}" = lport=445 | protocol=6 | dir=in | app=system | 

"{3A8A0C2F-971B-4247-93AA-A5CA814E34C9}" = lport=5985 | protocol=6 | dir=in | app=system | 

"{3D598C0B-265B-455F-87E2-C0F806C18C87}" = lport=445 | protocol=6 | dir=in | app=system | 

"{459ADF91-8FC3-4503-92EF-B96997E31E7E}" = lport=rpc | protocol=6 | dir=in | svc=schedule | app=c:\windows\system32\svchost.exe | 

"{4A2785E5-8289-4A58-9B80-7A1511358CF2}" = lport=rpc | protocol=6 | dir=in | app=c:\windows\system32\services.exe | 

"{5EF6E4B0-E716-43D4-A19E-84D282EE385B}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | app=c:\windows\system32\svchost.exe | 

"{60D99075-C38E-467A-BFE3-4FD64BD268A1}" = lport=3587 | protocol=6 | dir=in | svc=p2psvc | app=c:\windows\system32\svchost.exe | 

"{619CA1FB-2F2A-4EFC-B245-5E48AA1FF911}" = lport=rpc | protocol=6 | dir=in | svc=eventlog | app=c:\windows\system32\svchost.exe | 

"{61F5E66E-E391-44F3-9694-CDEF77263680}" = rport=3587 | protocol=6 | dir=out | svc=p2psvc | app=c:\windows\system32\svchost.exe | 

"{697E29AD-DAAD-4670-9FC5-42A7E0303054}" = lport=1723 | protocol=6 | dir=in | app=system | 

"{765E7400-B95B-4907-920F-AFEAF66303F9}" = rport=5722 | protocol=6 | dir=out | svc=dfsr | app=c:\windows\system32\dfsr.exe | 

"{83BFF601-DB91-4A39-A27F-6AB01CAB1789}" = lport=rpc | protocol=6 | dir=in | svc=policyagent | app=c:\windows\system32\svchost.exe | 

"{8622AF69-F551-4E74-BBF6-5FC0ADA78C32}" = lport=rpc | protocol=6 | dir=in | svc=vds | app=c:\windows\system32\vds.exe | 

"{961AD9AA-4137-4E05-9133-5DE0FC7BA7ED}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | app=c:\windows\system32\svchost.exe | 

"{A2E6129B-ED15-4C09-A687-B559EFBC192A}" = lport=2869 | protocol=6 | dir=in | app=system | 

"{A47200D5-DE8D-4E18-9CE8-E9CABE335D4F}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe | 

"{A5B06297-6039-44C4-B9A3-95AFE9926CF8}" = lport=1701 | protocol=17 | dir=in | app=system | 

"{B878B2F9-98FB-472F-84AB-31AADFF880E3}" = rport=1701 | protocol=17 | dir=out | app=system | 

"{BB105F2C-8126-465E-93DA-5C7A0A539CF9}" = lport=rpc | protocol=6 | dir=in | app=c:\windows\system32\vdsldr.exe | 

"{BBA33572-1F46-4940-AD2A-7E92EACF9C47}" = lport=443 | protocol=6 | dir=in | app=system | 

"{BC238477-5863-40B2-8627-D92B20251108}" = lport=1723 | protocol=6 | dir=in | app=system | 

"{CC213FFA-E55E-4124-B1D3-7C77A21ABDBC}" = lport=80 | protocol=6 | dir=in | name=@wsmres.dll,-50 | 

"{CDEEE1AE-A75C-42FB-A7D4-D9C653AA3817}" = lport=5722 | protocol=6 | dir=in | svc=dfsr | app=c:\windows\system32\dfsr.exe | 

"{CE8A5665-CBD5-41CA-B54B-343E04389481}" = rport=1723 | protocol=6 | dir=out | app=system | 

"{D00FC308-E3F6-4E0B-9026-354F63261B0E}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | app=c:\windows\system32\svchost.exe | 

"{D30A5C65-4E26-4B84-AC61-A618F56C0566}" = lport=1701 | protocol=17 | dir=in | app=system | 

"{D532D768-E3C1-49B2-8385-FC3466926B9C}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | app=c:\windows\system32\svchost.exe | 

"{DA13C5CC-D5C9-4FAA-88FD-DC71AA66E5B0}" = rport=1723 | protocol=6 | dir=out | app=system | 

"{DA8DAB2D-9EB9-4AB9-9062-9ACD8D79DF86}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | app=c:\windows\system32\svchost.exe | 

"{DDB06745-1074-4680-8966-E440F4085599}" = lport=444 | protocol=6 | dir=in | name=tcp | 

"{F3284AAE-8B46-449D-ADA2-5E9B8B2D8BD6}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | app=c:\windows\system32\svchost.exe | 

 
 ========== Vista Active Application Exception List ==========

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]

"{11A86574-B2EF-40A6-A8DB-4291401C0D33}" = dir=in | app=c:\program files\hp\quickplay\qpservice.exe | 

"{1513A2F2-CC34-4542-BAB6-0AFC659928A5}" = dir=in | app=c:\program files\windows live\messenger\wlcsdk.exe | 

"{264192D0-CCAE-4547-AC01-F0BD57E30614}" = protocol=6 | dir=in | app=c:\program files\windows collaboration\wincollab.exe | 

"{27E69D9C-C0E0-4592-BB21-F4177EC327B7}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | 

"{29B61AE6-2E0F-4717-9846-6C0374A0633D}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | 

"{29EF98FD-65D0-4D7E-B8E4-D3758A94C65C}" = protocol=17 | dir=in | app=c:\program files\windows collaboration\wincollab.exe | 

"{2D4F6A15-FD04-4452-BAA6-2EB5D5A23ECB}" = protocol=17 | dir=in | app=c:\program files\itunes\itunes.exe | 

"{2DC430B8-5562-40C7-A80A-B1F41ADDCD6E}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | 

"{39A6F247-2FEA-4CB1-AC7D-8D472B0EE890}" = protocol=6 | dir=out | svc=upnphost | app=c:\windows\system32\svchost.exe | 

"{3C17D4CB-5446-40CD-A160-4B4BE29D4893}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe | 

"{3CFAF864-3184-4FD9-8D85-87F4C84805F0}" = dir=in | app=c:\program files\windows live\sync\windowslivesync.exe | 

"{50B00988-8DD0-43D8-B449-885D6938F828}" = protocol=17 | dir=out | app=c:\program files\windows collaboration\wincollab.exe | 

"{72CCD043-6681-499F-9FBE-02A2105B5B17}" = protocol=6 | dir=in | app=c:\windows\system32\msra.exe | 

"{77113BC9-401A-4607-909C-4944FD41D732}" = dir=in | app=c:\program files\checkpoint\ssl network extender\slimsvc.exe | 

"{7DF87AC0-CE97-45F2-84C4-5CF5D8590595}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | 

"{9B39141C-7ABC-4E52-A852-C2238DF642FE}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe | 

"{9C9BB4D7-B277-4409-9B63-ABD0E1A480AC}" = protocol=6 | dir=out | app=c:\windows\system32\msra.exe | 

"{B8A4F8B8-4C73-429E-88BB-F3543AC77BD2}" = dir=in | app=c:\program files\hp\quickplay\qp.exe | 

"{C101EF96-9645-4CB8-8754-3AB282DD0C8F}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe | 

"{CD1D1B05-6E9E-43BE-9A5C-A727142CC4FF}" = protocol=6 | dir=out | app=c:\program files\windows collaboration\wincollab.exe | 

"{D7310273-E9FA-4EDF-9BAC-FA461E9E3705}" = dir=in | app=c:\program files\cyberlink\powerdirector\pdr.exe | 

"{EF5EB82D-729F-451D-8559-C3D0F056A2BC}" = protocol=6 | dir=in | app=c:\program files\itunes\itunes.exe | 

"TCP Query User{1C6CE6DF-44B7-4557-93BD-06BEAD16611E}C:\program files\icq6\icq.exe" = protocol=6 | dir=in | app=c:\program files\icq6\icq.exe | 

"TCP Query User{20FD014C-080E-4096-9399-EA2A908F45C5}C:\program files\quicktime\quicktimeplayer.exe" = protocol=6 | dir=in | app=c:\program files\quicktime\quicktimeplayer.exe | 

"TCP Query User{24066CF6-A531-4E51-AEE1-4646192AD91B}C:\users\mario kronz\appdata\local\temp\low\snxac\staproxy.exe" = protocol=6 | dir=in | app=c:\users\mario kronz\appdata\local\temp\low\snxac\staproxy.exe | 

"TCP Query User{2D55CF2A-1BE5-46AA-A787-11363329FAB6}C:\program files\icq6.5\icq.exe" = protocol=6 | dir=in | app=c:\program files\icq6.5\icq.exe | 

"TCP Query User{33686BBA-AE17-4688-AAFB-68D0830A4D5E}C:\program files\skype\phone\skype.exe" = protocol=6 | dir=in | app=c:\program files\skype\phone\skype.exe | 

"TCP Query User{63F75D87-AED0-446B-9719-7F0E7ECEAD7E}C:\program files\icq6.5\icq.exe" = protocol=6 | dir=in | app=c:\program files\icq6.5\icq.exe | 

"TCP Query User{6A8BFF60-7A33-4AB6-82BB-A040891CC940}C:\users\mario kronz\appdata\local\temp\snxac\staproxy.exe" = protocol=6 | dir=in | app=c:\users\mario kronz\appdata\local\temp\snxac\staproxy.exe | 

"TCP Query User{6CE83492-2802-4E66-9F0D-953495DF4BAF}C:\program files\skype\phone\skype.exe" = protocol=6 | dir=in | app=c:\program files\skype\phone\skype.exe | 

"TCP Query User{883CB8DF-7231-42D4-A5AE-7048B827CB31}C:\program files\icq6\icq.exe" = protocol=6 | dir=in | app=c:\program files\icq6\icq.exe | 

"TCP Query User{90A41E84-22AC-42A8-BEAC-5D859C99E529}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe | 

"TCP Query User{BF3CAD63-90BC-4B5C-BF75-B019A2898EC0}C:\users\mario kronz\appdata\local\temp\low\snxac\staproxy.exe" = protocol=6 | dir=in | app=c:\users\mario kronz\appdata\local\temp\low\snxac\staproxy.exe | 

"TCP Query User{F76F3B8F-C269-41CC-BA1C-36F8A92E216C}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe | 

"UDP Query User{2CAE6881-6161-445F-AD2B-601A13BA84D7}C:\program files\skype\phone\skype.exe" = protocol=17 | dir=in | app=c:\program files\skype\phone\skype.exe | 

"UDP Query User{3C496D91-9EA4-4353-AF71-8CF65CC6B035}C:\program files\icq6.5\icq.exe" = protocol=17 | dir=in | app=c:\program files\icq6.5\icq.exe | 

"UDP Query User{43BC948F-3991-453B-892F-66599D069D9A}C:\users\mario kronz\appdata\local\temp\low\snxac\staproxy.exe" = protocol=17 | dir=in | app=c:\users\mario kronz\appdata\local\temp\low\snxac\staproxy.exe | 

"UDP Query User{460E6A43-1260-4516-A622-C0477EF62AFA}C:\program files\icq6\icq.exe" = protocol=17 | dir=in | app=c:\program files\icq6\icq.exe | 

"UDP Query User{47DBF6FA-FBB0-496B-97D0-5E0D8448BA75}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe | 

"UDP Query User{5021F75D-E89C-4532-AB1D-E7E6F146EEEC}C:\users\mario kronz\appdata\local\temp\snxac\staproxy.exe" = protocol=17 | dir=in | app=c:\users\mario kronz\appdata\local\temp\snxac\staproxy.exe | 

"UDP Query User{6E161C24-5BB2-4474-AD4B-219DFFD7B7AC}C:\program files\skype\phone\skype.exe" = protocol=17 | dir=in | app=c:\program files\skype\phone\skype.exe | 

"UDP Query User{8297D0D6-31CA-4AF5-9F6B-60825C45B8C2}C:\program files\quicktime\quicktimeplayer.exe" = protocol=17 | dir=in | app=c:\program files\quicktime\quicktimeplayer.exe | 

"UDP Query User{C195DD04-F46F-4183-97DC-EFD62F488227}C:\program files\icq6\icq.exe" = protocol=17 | dir=in | app=c:\program files\icq6\icq.exe | 

"UDP Query User{C7060B08-7BA5-4F31-B073-762DDF545995}C:\users\mario kronz\appdata\local\temp\low\snxac\staproxy.exe" = protocol=17 | dir=in | app=c:\users\mario kronz\appdata\local\temp\low\snxac\staproxy.exe | 

"UDP Query User{E1219FA8-DF3F-4CD7-BE4D-053855918352}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe | 

"UDP Query User{FCFBB9E2-BBD5-4CD7-A9CB-1A0A5BFED0EF}C:\program files\icq6.5\icq.exe" = protocol=17 | dir=in | app=c:\program files\icq6.5\icq.exe | 

 
 ========== HKEY_LOCAL_MACHINE Uninstall List ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam

"{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu

"{06E6E30D-B498-442F-A943-07DE41D7F785}" = Microsoft Search Enhancement Pack

"{082702D5-5DD8-4600-BCE5-48B15174687F}" = HP Doc Viewer

"{0840B4D6-7DD1-4187-8523-E6FC0007EFB7}" = Windows Live ID-Anmelde-Assistent

"{09298F26-A95C-31E2-9D95-2C60F586F075}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022

"{0C826C5B-B131-423A-A229-C71B3CACCD6A}" = CDDRV_Installer

"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer

"{199C20D6-10D3-4210-B361-4760209F56AE}" = Citrix Online Plug-in (Web)

"{19DC9559-9C20-4A46-A67D-7ECBA52A2788}" = Nokia PC Suite

"{1BDC9633-895B-4842-BCB6-8FA1EC2A3C5A}" = Adobe Shockwave Player

"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

"{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = DVD Suite

"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool

"{212748BB-0DA5-46DE-82A1-403736DC9F27}" = MSVC80_x86

"{2284D904-C138-4B58-93EC-5C362AB5130A}" = Die Sims™ Lebensgeschichten

"{228C6B46-64E2-404E-898A-EF0830603EF4}" = HPNetworkAssistant

"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT

"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer

"{244660F1-2D1E-4322-B4D8-873D89C64BF7}" = Fauna Marin Calcu DE

"{254C37AA-6B72-4300-84F6-98A82419187E}" = ActiveCheck component for HP Active Support Library

"{26A24AE4-039D-4CA4-87B4-2F83216010FF}" = Java(TM) 6 Update 24

"{2BA722D1-48D1-406E-9123-8AE5431D63EF}" = Windows Live Fotogalerie

"{2CCBABCB-6427-4A55-B091-49864623C43F}" = Google Toolbar for Firefox

"{308B6AEA-DE50-4666-996D-0FA461719D6B}" = Apple Mobile Device Support

"{3101CB58-3482-4D21-AF1A-7057FC935355}" = KhalInstallWrapper

"{31216452-5540-4C96-B754-94890A63D5AB}" = HP Help and Support

"{34D2AB40-150D-475D-AE32-BD23FB5EE355}" = HP Quick Launch Buttons 6.30 E1

"{39D0E034-1042-4905-BECB-5502909FCB7C}" = Microsoft Works

"{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform

"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile

"{3D356AA9-2D0C-4373-A762-B42F1A289233}" = MSCU for Microsoft Vista

"{3D3E663D-4E7E-4577-A560-7ECDDD45548A}" = PVSonyDll

"{3ECCB578-504E-4F7A-A8B4-CF4F3B939B44}" = Citrix Online Plug-in (USB)

"{3EFEF049-23D4-4B46-8903-4592FEA51018}" = Windows Live Movie Maker

"{41E654A9-26D0-4EAC-854B-0FA824FFFABB}" = Windows Live Messenger

"{45D707E9-F3C4-11D9-A373-0050BAE317E1}" = HP QuickPlay 3.6

"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater

"{4F1DA6BF-3614-48A1-9970-9E90F646789E}" = Ulead Movie Wizard SE VCD

"{59F6A514-9813-47A3-948C-8A155460CC2A}" = RICOH R5C83x/84x Flash Media Controller Driver Ver.3.51.01

"{5FC68772-6D56-41C6-9DF1-24E868198AE6}" = Windows Live Call

"{60DE4033-9503-48D1-A483-7846BD217CA9}" = ICQ6.5

"{63DB9CCD-2B56-4217-9A3D-507AC78320CA}" = mWMI

"{65AA10FF-6F32-48AE-881F-FC96E7BF3A5E}" = ESU for Microsoft Vista

"{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites

"{669D4A35-146B-4314-89F1-1AC3D7B88367}" = HPAsset component for HP Active Support Library

"{678094A1-6250-476B-9AFF-4376E48F135C}" = Citrix Online Plug-in (DV)

"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update

"{6AFCA4E1-9B78-3640-8F72-A7BF33448200}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729

"{6B9B0C6F-E5FA-4633-A640-AB98A272ECCA}" = Safari

"{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}" = MSVC80_x86_v2

"{6E0352EE-6F0D-4FBC-B1B8-4FF032C78BE0}" = PC Connectivity Solution

"{7059BDA7-E1DB-442C-B7A1-6144596720A4}" = HP Update

"{70B45586-B51E-4947-A258-A895596C5CED}" = Photo Loader 2.3G

"{70B7A167-0B88-445D-A3EA-97C73AA88CAC}" = Windows Live Toolbar

"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable

"{76618402-179D-4699-A66B-D351C59436BC}" = Windows Live Sync

"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053

"{7DC4A410-9986-4329-9E5D-687B2C42CA39}" = HP QuickTouch 1.00 C4

"{8347A7A5-4AB8-433F-82AA-496B0D189A9B}" = HP User Guides 0088

"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570

"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek 8169 PCI, 8168 and 8101E PCIe Ethernet Network Card Driver for Windows Vista

"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight

"{8A74E887-8F0F-4017-AF53-CBA42211AAA5}" = Microsoft Sync Framework Runtime Native v1.0 (x86)

"{8B928BA1-EDEC-4227-A2DA-DD83026C36F5}" = mPfMgr

"{8C6BB412-D3A8-4AAE-A01B-35B681789D68}" = mHelp

"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007

"{90120000-0016-0407-0000-0000000FF1CE}_HOMESTUDENTR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007

"{90120000-0018-0407-0000-0000000FF1CE}_HOMESTUDENTR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007

"{90120000-001B-0407-0000-0000000FF1CE}_HOMESTUDENTR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007

"{90120000-001F-0407-0000-0000000FF1CE}_HOMESTUDENTR_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)

"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007

"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)

"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007

"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)

"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007

"{90120000-001F-0410-0000-0000000FF1CE}_HOMESTUDENTR_{322296D4-1EAE-4030-9FBC-D2787EB25FA2}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)

"{90120000-0020-0407-0000-0000000FF1CE}" = Compatibility Pack für 2007 Office System

"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007

"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007

"{90120000-006E-0407-0000-0000000FF1CE}_HOMESTUDENTR_{26454C26-D259-4543-AA60-3189E09C5F76}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007

"{90120000-00A1-0407-0000-0000000FF1CE}_HOMESTUDENTR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager

"{90B0D222-8C21-4B35-9262-53B042F18AF9}" = mPfWiz

"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007

"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)

"{95120000-00AF-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (German)

"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting

"{9885A11E-60E4-417C-B58B-8B31B21C0B8A}" = HP Easy Setup - Frontend

"{994223F3-A99B-4DDD-9E1D-0190A17C6860}" = Windows Live Family Safety

"{A0F925BF-5C55-44C2-A4E7-5A4C59791C29}" = mDriver

"{a0fe116e-9a8a-466f-aee0-625cb7c207e3}" = Microsoft Visual C++ 2005 Redistributable - KB2467175

"{a26ff7e0-a2d0-4453-aa12-14c8aeede90b}" = Check Point SSL Network Extender Service

"{A2C60BF1-82E3-493C-911D-14AD50471F2F}" = Rundum-Betrachter-innoPlus

"{A89131FD-3D18-4DA8-84C8-622423011B51}_is1" = ALNO AG  Küchenplaner

"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper

"{A945BD16-4774-4A1F-96A7-118BEC004881}" = mCorev32.ism_new

"{AC76BA86-7AD7-1031-7B44-AA0000000001}" = Adobe Reader X (10.0.1) - Deutsch

"{AFA9D219-A7FD-4240-8793-E5C7C9D715F4}" = IKEA Home Planner

"{b02df929-29a7-4fd2-9a70-81a644b635f7}" = HP Total Care Advisor

"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy

"{B96DB037-DBEA-4186-9081-9CBD537F82E8}" = 3D-Viewer-innoPlus

"{BD0E2B92-3814-46F0-893B-4612EA010C7E}" = HP Customer Experience Enhancements

"{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}" = Microsoft Sync Framework Services Native v1.0 (x86)

"{C4D738F7-996A-4C81-B8FA-C4E26D767E41}" = Windows Live Mail

"{C50EF365-2898-489A-B6C7-30DAA466E9A2}" = Nokia Connectivity Cable Driver

"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint

"{C8BB4912-12D9-42AE-B571-E580D8CD1B5B}" = TuneUp Utilities 2007

"{CA9BAADB-C262-4E05-B2E2-CEE8CE9809EC}" = mToolkit

"{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector

"{CBAE4F50-9FC9-4557-AB36-9826DF3C103C}" = HP Wireless Assistant

"{CC4A73BF-938E-4C19-A553-853C035C9BA1}" = LightScribe System Software  1.10.13.1

"{CD95F661-A5C4-44F5-A6AA-ECDD91C240B8}" = WinZip 12.1

"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1

"{ce68ca3b-2fc4-4104-9986-d4900ca651f0}" = Check Point SSL Network Extender Components Shell

"{CE7E3BE0-2DD3-4416-A690-F9E4A99A8CFF}" = HP Active Support Library

"{E0A4805D-280A-4DD7-9E74-3A5F85E302A1}" = Windows Live Writer

"{E2883E8F-472F-4fb0-9522-AC9BF37916A7}" = Adobe Download Manager

"{E2DFE069-083E-4631-9B6C-43C48E991DE5}" = Junk Mail filter update

"{E7004147-2CCA-431C-AA05-2AB166B9785D}" = QuickTime

"{EE6097DD-05F4-4178-9719-D3170BF098E8}" = Apple Application Support

"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]

"{F0BFC7EF-9CF8-44EE-91B0-158884CD87C5}" = mMHouse

"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard

"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver

"{F29B21BD-CAA6-445F-8EF7-A7E2B9D8B14E}" = Logitech SetPoint

"{F32ED8B1-2442-4B0E-8DEC-3F3BFC1C2B7F}" = mCPlug

"{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}" = Microsoft Office Live Add-in 1.5

"{F5577101-33CC-4711-8235-3A95BCD49DB0}" = EA Link

"{F750C986-5310-3A5A-95F8-4EC71C8AC01C}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack

"{F8FF18EE-264A-43FD-B2F6-5EAD40798C2F}" = Windows Live Essentials

"{FA365307-1963-4D16-BD44-113C8F037AAD}" = Citrix Online Plug-in (HDX)

"{FAE36873-1941-4076-A9A5-48812B5EA0B7}" = iTunes

"{FF1C31AE-0CDC-40CE-AB85-406F8B70D643}" = Bonjour

"504244733D18C8F63FF584AEB290E3904E791693" = Windows-Treiberpaket - Nokia pccsmcfd  (08/22/2008 7.0.0.0)

"6A630DCEC5EEC912115F2FF59D8C2C769798D930" = Windows-Treiberpaket - Nokia Modem  (10/12/2007 3.6)

"7-Zip" = 7-Zip 9.20

"819D45A9F73817F5B6D7C71A33ADAB88C5DA1765" = Windows-Treiberpaket - Nokia Modem  (08/03/2007 6.84.0.2)

"Activation Assistant for the 2007 Microsoft Office suites" = Activation Assistant for the 2007 Microsoft Office suites

"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX

"Adobe Shockwave Player" = Adobe Shockwave Player 11.5

"AquaCalculator 2.x" = AquaCalculator 2.x

"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus

"CBF192A85B624E32B8D19ADEEF2DCFC5BC3AA73A" = Windows-Treiberpaket - Nokia Modem  (03/05/2008 3.7)

"CCleaner" = CCleaner

"CitrixOnlinePluginPackWeb" = Citrix Online Plug-in - Web

"dm Fotowelt" = dm Fotowelt

"dm-Fotowelt" = dm-Fotowelt

"E092B2EBF2FFE83E896F8F7F829A7B5D7D1B2F9D" = Windows-Treiberpaket - Nokia Modem  (03/13/2008 6.86.0.1)

"Hauppauge MCE2005 Software Encoder" = Hauppauge MCE XP/Vista Software Encoder (2.0.25149)

"HOMESTUDENTR" = Microsoft Office Home and Student 2007

"InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam

"InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector

"InstallShield_{F5577101-33CC-4711-8235-3A95BCD49DB0}" = EA Link

"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware

"McAfee Security Scan" = McAfee Security Scan Plus

"Mediscript-CD Hammerexamen" = Mediscript-CD Hammerexamen

"Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU

"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1

"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile

"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack

"Mozilla Firefox (3.0.19)" = Mozilla Firefox (3.0.19)

"Nokia PC Suite" = Nokia PC Suite

"NSS" = Norton Security Scan

"NVIDIA Drivers" = NVIDIA Drivers

"Premiere Internet TV_is1" = Premiere Internet TV Version 1.2.3

"ProInst" = Intel(R) PROSet/Wireless Software

"ProtectDisc Driver" = ProtectDisc Helper Driver

"QPedia" = QPedia (remove only)

"SAIA FishSelector" = SAIA FishSelector

"SereneScreen Marine Aquarium 3_is1" = SereneScreen Marine Aquarium 3

"SlingMedia.QPSlingPlayer_is1" = QuickPlay SlingPlayer 0.4.4

"SMSERIAL" = Motorola SM56 Speakerphone Modem

"SynTPDeinstKey" = Synaptics Pointing Device Driver

"Trojan Remover_is1" = Trojan Remover 6.8.2

"WildTangent hp Master Uninstall" = My HP Games

"WinLiveSuite_Wave3" = Windows Live Essentials

"ZDFmediathek_is1" = ZDFmediathek Version 1.4.0

 
 ========== Last 10 Event Log Errors ==========

 

[ Application Events ]

Error - 18.04.2011 09:19:00 | Computer Name = Privat | Source = Windows Search Service | ID = 3013

Description = 

 

Error - 18.04.2011 09:19:00 | Computer Name = Privat | Source = Windows Search Service | ID = 3013

Description = 

 

Error - 18.04.2011 09:19:00 | Computer Name = Privat | Source = Windows Search Service | ID = 3013

Description = 

 

Error - 18.04.2011 09:19:00 | Computer Name = Privat | Source = Windows Search Service | ID = 3013

Description = 

 

Error - 18.04.2011 10:45:48 | Computer Name = Privat | Source = Bonjour Service | ID = 100

Description = Task Scheduling Error: Continuously busy for more than a second

 

Error - 18.04.2011 10:45:48 | Computer Name = Privat | Source = Bonjour Service | ID = 100

Description = Task Scheduling Error: m->NextScheduledEvent 15616

 

Error - 18.04.2011 10:45:48 | Computer Name = Privat | Source = Bonjour Service | ID = 100

Description = Task Scheduling Error: m->NextScheduledSPRetry 15616

 

Error - 18.04.2011 11:09:06 | Computer Name = Privat | Source = Bonjour Service | ID = 100

Description = Task Scheduling Error: Continuously busy for more than a second

 

Error - 18.04.2011 11:09:06 | Computer Name = Privat | Source = Bonjour Service | ID = 100

Description = Task Scheduling Error: m->NextScheduledEvent 1416021

 

Error - 18.04.2011 11:09:06 | Computer Name = Privat | Source = Bonjour Service | ID = 100

Description = Task Scheduling Error: m->NextScheduledSPRetry 1416021

 

[ OSession Events ]

Error - 27.10.2010 01:46:24 | Computer Name = Privat | Source = Microsoft Office 12 Sessions | ID = 7001

Description = ID: 0, Application Name: Microsoft Office Word, Application Version:

 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 5

 seconds with 0 seconds of active time.  This session ended with a crash.

 

Error - 21.03.2011 12:12:32 | Computer Name = Privat | Source = Microsoft Office 12 Sessions | ID = 7001

Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:

 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 3

 seconds with 0 seconds of active time.  This session ended with a crash.

 

[ System Events ]

Error - 17.04.2011 18:16:30 | Computer Name = Privat | Source = Service Control Manager | ID = 7000

Description = 

 

Error - 17.04.2011 18:18:03 | Computer Name = Privat | Source = EventLog | ID = 6008

Description = Das System wurde zuvor am 18.04.2011 um 00:16:05 unerwartet heruntergefahren.

 

Error - 17.04.2011 18:19:12 | Computer Name = Privat | Source = Dhcp | ID = 1002

Description = Die IP-Adresslease 95.89.184.50 für die Netzwerkkarte mit der Netzwerkadresse

 001DE05DEAFF wurde durch den DHCP-Server 192.168.0.1 abgelehnt (der DHCP-Server

 hat eine DHCPNACK-Meldung gesendet).

 

Error - 17.04.2011 18:19:19 | Computer Name = Privat | Source = Service Control Manager | ID = 7000

Description = 

 

Error - 18.04.2011 05:50:50 | Computer Name = Privat | Source = iaStor | ID = 262153

Description = Das Gerät \Device\Ide\iaStor0 hat innerhalb der Fehlerwartezeit nicht

 geantwortet.

 

Error - 18.04.2011 11:09:17 | Computer Name = Privat | Source = Dhcp | ID = 1002

Description = Die IP-Adresslease 95.89.160.140 für die Netzwerkkarte mit der Netzwerkadresse

 001DE05DEAFF wurde durch den DHCP-Server 192.168.0.1 abgelehnt (der DHCP-Server

 hat eine DHCPNACK-Meldung gesendet).

 

Error - 19.04.2011 00:11:15 | Computer Name = Privat | Source = Dhcp | ID = 1000

Description = Die Lease dieses Computers zu der IP-Adresse 192.168.0.140 über die

 Netzwerkkarte mit der Netzwerkadresse 001DE05DEAFF ist verloren gegangen.

 

Error - 19.04.2011 11:56:48 | Computer Name = Privat | Source = DCOM | ID = 10005

Description = 

 

Error - 19.04.2011 11:56:48 | Computer Name = Privat | Source = Service Control Manager | ID = 7009

Description = 

 

Error - 19.04.2011 11:56:48 | Computer Name = Privat | Source = Service Control Manager | ID = 7000

Description = 

 

 

< End of report >

--- --- ---