Jump to content

Build Theme!
  •  
  • Unreplied Topics
  • Downloads
  • Infected?

WE'RE SURE THAT YOU'LL LOVE US!

Hey there! :wub: Looks like you're enjoying the discussion, but you're not signed up for an account. When you create an account, we remember exactly what you've read, so you always come right back where you left off. You also get notifications, here and via email, whenever new posts are made. You can like posts to share the love. :D Join 93084 other members! Anybody can ask, anybody can answer. Consistently helpful members may be invited to become staff. Here's how it works. Virus cleanup? Start here -> Malware Removal Forum.

Try What the Tech -- It's free!


Photo

Outlook store was opened on a different machine

Started by oliver09 , Sep 05 2010 11:53 AM

  • Please log in to reply
No replies to this topic

#1 oliver09

oliver09

    New Member

  • New Member
  • Pip
  • 1 posts

Posted 05 September 2010 - 11:53 AM

Following the directions in the post ' Outlook.pst 'The store was last opened on a different machine'' from March this year I used ´the OTL toll to make a short scan on the system of my wife to precise the details of her system environment.

What I've done so far:

After Outlook (2007)tells me, that it can't startup, I'd run the virus scan of Norton with no results. After that, I've moved all archive and current *.pst files to an external device and connected this to another laptop. I've created on my personal laptop a new account, running the Outlook Wizard installation sequence and added sequentially all *.pst files to that outlook instance. Every repository(.pst) was read and embedded into Outlook without problems.

Every attempt to move the ´*.pst files from thei original location to a different location with starting up outlook to see what's happening remains in the unsatisfying message 'Outlook can't start. The outlook window cannot be opened.'.

So here are the results of OTL :

OTL.txt is saying:

OTL logfile created on: 05.09.2010 19:22:18 - Run 1
OTL by OldTimer - Version 3.2.11.0 Folder = C:\Dokumente und Einstellungen\Tanja Vosswinkel\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

1.014,00 Mb Total Physical Memory | 380,00 Mb Available Physical Memory | 37,00% Memory free
2,00 Gb Paging File | 2,00 Gb Available in Paging File | 79,00% Paging File free
Paging file location(s): C:\pagefile.sys 1524 3048 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 71,04 Gb Total Space | 30,66 Gb Free Space | 43,16% Space Free | Partition Type: NTFS
Drive D: | 72,00 Gb Total Space | 66,88 Gb Free Space | 92,90% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: TVW-LAP-04
Current User Name: Tanja Vosswinkel
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal

========== Processes (SafeList) ==========

PRC - C:\Dokumente und Einstellungen\Tanja Vosswinkel\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Programme\Samsung\Samsung Update Plus\SUPNotifier.exe ()
PRC - C:\Programme\Nokia\Nokia PC Suite 7\PCSuite.exe (Nokia)
PRC - C:\Programme\PC Connectivity Solution\ServiceLayer.exe (Nokia)
PRC - C:\Programme\PC Connectivity Solution\Transports\NclUSBSrv.exe (Nokia)
PRC - C:\Programme\PC Connectivity Solution\Transports\NclRSSrv.exe (Nokia)
PRC - C:\Programme\Norton AntiVirus\Engine\16.8.0.41\ccSvcHst.exe (Symantec Corporation)
PRC - C:\WINDOWS\Samsung\PanelMgr\SSMMgr.exe ()
PRC - C:\WINDOWS\twain_32\Samsung\CLX3170\Scan2Pc.exe ()
PRC - C:\Programme\Gemeinsame Dateien\Lexware\Update Manager\LxUpdateManager.exe (Lexware GmbH & Co. KG)
PRC - C:\Programme\Samsung\Samsung Battery Manager\BatteryManager.exe ()
PRC - C:\Programme\Samsung\Easy Display Manager\dmhkcore.exe (SAMSUNG Electronics)
PRC - C:\Programme\Windows Desktop Search\WindowsSearch.exe (Microsoft Corporation)
PRC - C:\Programme\Samsung\MagicKBD\PerformanceManager.exe (Samsung Electronics Co., Ltd.)
PRC - C:\Programme\Samsung\MagicKBD\MagicKBD.exe (SAMSUNG Electronics Co., Ltd.)
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\WINDOWS\system32\igfxext.exe (Intel Corporation)
PRC - C:\Programme\Samsung\Samsung EDS\EDSAgent.exe (Samsung Electronics,.LTD)
PRC - C:\Programme\Samsung\Samsung Network Manager\SNMWLANService.exe ()


========== Modules (SafeList) ==========

MOD - C:\Dokumente und Einstellungen\Tanja Vosswinkel\Desktop\OTL.exe (OldTimer Tools)
MOD - C:\WINDOWS\system32\msscript.ocx (Microsoft Corporation)


========== Win32 Services (SafeList) ==========

SRV - (AppMgmt) -- C:\WINDOWS\System32\appmgmts.dll File not found
SRV - (ServiceLayer) -- C:\Programme\PC Connectivity Solution\ServiceLayer.exe (Nokia)
SRV - (Norton AntiVirus) -- C:\Programme\Norton AntiVirus\Engine\16.8.0.41\ccSvcHst.exe (Symantec Corporation)
SRV - (odserv) -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE12\ODSERV.EXE (Microsoft Corporation)
SRV - (SNM WLAN Service) -- C:\Programme\samsung\Samsung Network Manager\SNMWLANService.exe ()
SRV - (ose) -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE (Microsoft Corporation)


========== Driver Services (SafeList) ==========

DRV - (SYMREDRV) -- C:\WINDOWS\System32\drivers\NAV\1000000.07D\SYMREDRV.SYS File not found
DRV - (SYMDNS) -- C:\WINDOWS\System32\drivers\NAV\1000000.07D\SYMDNS.SYS File not found
DRV - (SSPORT) -- C:\WINDOWS\System32\Drivers\SSPORT.sys File not found
DRV - (NAVEX15) -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20100904.003\NAVEX15.SYS (Symantec Corporation)
DRV - (NAVENG) -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20100904.003\NAVENG.SYS (Symantec Corporation)
DRV - (IDSxpx86) -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\20100903.003\IDSXpx86.sys (Symantec Corporation)
DRV - (eeCtrl) -- C:\Programme\Gemeinsame Dateien\Symantec Shared\EENGINE\eeCtrl.sys (Symantec Corporation)
DRV - (EraserUtilRebootDrv) -- C:\Programme\Gemeinsame Dateien\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys (Symantec Corporation)
DRV - (ccHP) -- C:\WINDOWS\System32\Drivers\NAV\1008000.029\ccHPx86.sys (Symantec Corporation)
DRV - (nmwcdnsu) -- C:\WINDOWS\system32\drivers\nmwcdnsu.sys (Nokia)
DRV - (UsbserFilt) -- C:\WINDOWS\system32\drivers\usbser_lowerfltj.sys (Nokia)
DRV - (nmwcdc) -- C:\WINDOWS\system32\drivers\ccdcmbo.sys (Nokia)
DRV - (nmwcd) -- C:\WINDOWS\system32\drivers\ccdcmb.sys (Nokia)
DRV - (upperdev) -- C:\WINDOWS\system32\drivers\usbser_lowerflt.sys (Nokia)
DRV - (SymEvent) -- C:\WINDOWS\system32\drivers\SYMEVENT.SYS (Symantec Corporation)
DRV - (SymEFA) -- C:\WINDOWS\system32\drivers\NAV\1008000.029\SYMEFA.SYS (Symantec Corporation)
DRV - (SRTSP) -- C:\WINDOWS\System32\Drivers\NAV\1008000.029\SRTSP.SYS (Symantec Corporation)
DRV - (BHDrvx86) -- C:\WINDOWS\System32\Drivers\NAV\1008000.029\BHDrvx86.sys (Symantec Corporation)
DRV - (SYMTDI) -- C:\WINDOWS\System32\Drivers\NAV\1008000.029\SYMTDI.SYS (Symantec Corporation)
DRV - (SYMFW) -- C:\WINDOWS\System32\Drivers\NAV\1008000.029\SYMFW.SYS (Symantec Corporation)
DRV - (SRTSPX) Symantec Real Time Storage Protection (PEL) -- C:\WINDOWS\system32\drivers\NAV\1008000.029\SRTSPX.SYS (Symantec Corporation)
DRV - (SYMNDIS) -- C:\WINDOWS\System32\Drivers\NAV\1008000.029\SYMNDIS.SYS (Symantec Corporation)
DRV - (SYMIDS) -- C:\WINDOWS\System32\Drivers\NAV\1008000.029\SYMIDS.SYS (Symantec Corporation)
DRV - (SymIMMP) -- C:\WINDOWS\system32\drivers\SymIM.sys (Symantec Corporation)
DRV - (SymIM) -- C:\WINDOWS\system32\drivers\SymIM.sys (Symantec Corporation)
DRV - (AR5416) -- C:\WINDOWS\system32\drivers\athw.sys (Atheros Communications, Inc.)
DRV - (VMC326) -- C:\WINDOWS\system32\drivers\VMC326.sys (Vimicro Corporation)
DRV - (SynTP) -- C:\WINDOWS\system32\drivers\SynTP.sys (Synaptics, Inc.)
DRV - (IntcAzAudAddService) Service for Realtek HD Audio (WDM) -- C:\WINDOWS\system32\drivers\RtkHDAud.sys (Realtek Semiconductor Corp.)
DRV - (pccsmcfd) -- C:\WINDOWS\system32\drivers\pccsmcfd.sys (Nokia)
DRV - (yukonwxp) -- C:\WINDOWS\system32\drivers\yk51x86.sys (Marvell)
DRV - (HDAudBus) -- C:\WINDOWS\system32\drivers\hdaudbus.sys (Windows ® Server 2003 DDK provider)
DRV - (usbaudio) USB-Audiotreiber (WDM) -- C:\WINDOWS\system32\drivers\USBAUDIO.sys (Microsoft Corporation)
DRV - (ialm) -- C:\WINDOWS\system32\drivers\igxpmp32.sys (Intel Corporation)
DRV - (DNSeFilter) -- C:\WINDOWS\system32\drivers\SamsungEDS.SYS (Samsung Electronics,.LTD)
DRV - (DgiVecp) -- C:\WINDOWS\system32\drivers\DgivEcp.sys (Samsung Electronics Co., Ltd.)
DRV - (BTWUSB) -- C:\WINDOWS\system32\drivers\btwusb.sys (Broadcom Corporation.)
DRV - (DOSMEMIO) -- C:\WINDOWS\system32\MEMIO.SYS ()


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========


IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.de/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKCU\..\URLSearchHook: {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Programme\pdfforge Toolbar\SearchSettings.dll (Spigot, Inc.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

FF - HKLM\software\mozilla\Firefox\extensions\\fiddlerhook@fiddler2.com: C:\Programme\Fiddler2\FiddlerHook [2010.04.07 00:11:35 | 000,000,000 | ---D | M]


O1 HOSTS File: ([2008.04.14 14:00:00 | 000,000,820 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Programme\Norton AntiVirus\Engine\16.8.0.41\IPSBHO.dll (Symantec Corporation)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (pdfforge Toolbar) - {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Programme\pdfforge Toolbar\WidgiToolbarIE.dll (GreenTree Applications, Inc.)
O2 - BHO: (no name) - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Programme\pdfforge Toolbar\SearchSettings.dll (Spigot, Inc.)
O3 - HKLM\..\Toolbar: (pdfforge Toolbar) - {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Programme\pdfforge Toolbar\WidgiToolbarIE.dll (GreenTree Applications, Inc.)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [3170 Scan2PC] C:\WINDOWS\Twain_32\Samsung\CLX3170\Scan2pc.exe ()
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Programme\Adobe\Reader 8.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\ALCMTR.EXE (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [BatteryManager] C:\Programme\Samsung\Samsung Battery Manager\BatteryManager.exe ()
O4 - HKLM..\Run: [DMHotKey] C:\Programme\Samsung\Easy Display Manager\DMLoader.exe (SAMSUNG Electronics)
O4 - HKLM..\Run: [EDS] C:\Programme\Samsung\Samsung EDS\EDSAgent.exe (Samsung Electronics,.LTD)
O4 - HKLM..\Run: [LexwareInfoService] C:\Programme\Gemeinsame Dateien\Lexware\Update Manager\LxUpdateManager.exe (Lexware GmbH & Co. KG)
O4 - HKLM..\Run: [MagicKeyboard] C:\Programme\Samsung\MagicKBD\PreMKbd.exe ()
O4 - HKLM..\Run: [Samsung PanelMgr] C:\WINDOWS\Samsung\PanelMgr\SSMMgr.exe ()
O4 - HKLM..\Run: [SearchSettings] C:\Programme\pdfforge Toolbar\SearchSettings.exe (Spigot, Inc.)
O4 - HKLM..\Run: [SUPBackGround] C:\Programme\Samsung\Samsung Update Plus\SUPBackGround.exe ()
O4 - HKCU..\Run: [PC Suite Tray] C:\Programme\Nokia\Nokia PC Suite 7\PCSuite.exe (Nokia)
O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\Windows Search.lnk = C:\Programme\Windows Desktop Search\WindowsSearch.exe (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\WINDOWS\System32\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - C:\Programme\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: SmarThru4 Capture Selection - C:\Programme\SmarThru 4\WEBCapture.dll2.htm ()
O8 - Extra context menu item: SmarThru4 Save as HTML - C:\Programme\SmarThru 4\WEBCapture.dll1.htm ()
O8 - Extra context menu item: SmarThru4 Save Selected Text - C:\Programme\SmarThru 4\WEBCapture.dll.htm ()
O8 - Extra context menu item: SmarThru4 Web Capture - C:\Programme\SmarThru 4\WebCapture.dll ()
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Programme\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra Button: Fiddler2 - {CF819DA3-9882-4944-ADF5-6EF17ECF3C6E} - C:\Programme\Fiddler2\Fiddler.exe (Eric Lawrence)
O9 - Extra 'Tools' menuitem : Fiddler2 - {CF819DA3-9882-4944-ADF5-6EF17ECF3C6E} - C:\Programme\Fiddler2\Fiddler.exe (Eric Lawrence)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://update.micros...b?1237752126109 (MUWebControl Class)
O16 - DPF: {888078C6-70B2-4F88-8EE7-1F50DDEA6120} https://as.photoprin...geUploader6.cab (CeWe Color AG & Co. OHG Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_11)
O16 - DPF: {CAFEEFAC-0015-0000-0000-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.5.0)
O16 - DPF: {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_11)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_11)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\WINDOWS\System32\igfxdev.dll (Intel Corporation)
O24 - Desktop Components:0 (Die derzeitige Homepage) - About:Home
O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\SamsungWallpaper.bmp
O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\SamsungWallpaper.bmp
O28 - HKLM ShellExecuteHooks: {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Programme\Windows Desktop Search\MsnlNamespaceMgr.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2008.11.03 15:41:30 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{7830d92e-c3b6-11de-a641-001377b33b11}\Shell\AutoRun\command - "" = E:\Launch.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2010.09.05 19:14:56 | 000,574,976 | ---- | C] (OldTimer Tools) -- C:\Dokumente und Einstellungen\Tanja Vosswinkel\Desktop\OTL.exe
[2010.09.04 07:39:58 | 000,000,000 | ---D | C] -- C:\Programme\Gemeinsame Dateien\DESIGNER
[2010.09.04 07:38:59 | 000,000,000 | ---D | C] -- C:\Programme\Microsoft Visual Studio
[2010.09.04 07:28:41 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2010.09.03 23:36:34 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Tanja Vosswinkel\Anwendungsdaten\Malwarebytes
[2010.09.03 23:36:23 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010.09.03 23:36:22 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Malwarebytes
[2010.09.03 23:36:21 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2010.09.03 23:36:20 | 000,000,000 | ---D | C] -- C:\Programme\Malwarebytes' Anti-Malware
[2010.08.11 11:49:57 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Tanja Vosswinkel\Anwendungsdaten\Google
[2010.08.11 11:49:07 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\NetworkService\Lokale Einstellungen\Anwendungsdaten\Google
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2010.09.05 19:24:02 | 000,001,252 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-3948673213-278053644-3035829693-1005UA.job
[2010.09.05 19:19:00 | 000,001,244 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-3948673213-278053644-3035829693-1006UA.job
[2010.09.05 19:19:00 | 000,001,192 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-3948673213-278053644-3035829693-1006Core.job
[2010.09.05 19:15:52 | 007,864,320 | -H-- | M] () -- C:\Dokumente und Einstellungen\Tanja Vosswinkel\NTUSER.DAT
[2010.09.05 19:15:07 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Dokumente und Einstellungen\Tanja Vosswinkel\Desktop\OTL.exe
[2010.09.05 18:49:02 | 000,001,108 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2010.09.05 18:27:29 | 000,001,104 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2010.09.05 18:20:37 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010.09.05 18:20:31 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010.09.05 18:20:29 | 1063,702,528 | -HS- | M] () -- C:\hiberfil.sys
[2010.09.05 18:19:32 | 000,000,190 | -HS- | M] () -- C:\Dokumente und Einstellungen\Tanja Vosswinkel\ntuser.ini
[2010.09.05 18:12:41 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010.09.04 08:44:47 | 000,001,755 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\Windows Search.lnk
[2010.09.04 08:44:23 | 001,078,984 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2010.09.04 08:44:23 | 000,477,304 | ---- | M] () -- C:\WINDOWS\System32\perfh007.dat
[2010.09.04 08:44:23 | 000,091,304 | ---- | M] () -- C:\WINDOWS\System32\perfc007.dat
[2010.09.04 08:05:53 | 1950,368,768 | ---- | M] () -- C:\Dokumente und Einstellungen\Tanja Vosswinkel\Eigene Dateien\Outlook.pst
[2010.09.04 07:51:29 | 2775,712,768 | ---- | M] () -- C:\Dokumente und Einstellungen\Tanja Vosswinkel\Eigene Dateien\Archive-V-Welten.pst
[2010.09.04 07:51:29 | 1983,382,528 | ---- | M] () -- C:\Dokumente und Einstellungen\Tanja Vosswinkel\Eigene Dateien\archive.pst
[2010.09.04 07:49:58 | 000,074,696 | ---- | M] () -- C:\Dokumente und Einstellungen\Tanja Vosswinkel\Lokale Einstellungen\Anwendungsdaten\GDIPFONTCACHEV1.DAT
[2010.09.04 07:46:19 | 000,282,928 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010.09.04 07:30:15 | 000,000,552 | ---- | M] () -- C:\WINDOWS\win.ini
[2010.09.03 23:36:27 | 000,000,676 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2010.09.03 23:05:35 | 000,001,355 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2010.09.03 23:05:07 | 000,435,594 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010.09.03 23:05:07 | 000,068,490 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010.09.03 01:33:00 | 008,574,976 | ---- | M] () -- C:\Dokumente und Einstellungen\Tanja Vosswinkel\Eigene Dateien\V-Welten-2010.QBW
[2010.09.03 00:28:41 | 000,000,104 | ---- | M] () -- C:\Dokumente und Einstellungen\Tanja Vosswinkel\Desktop\Verknüpfung (2) mit A&usführen....lnk
[2010.09.03 00:24:36 | 000,000,104 | ---- | M] () -- C:\Dokumente und Einstellungen\Tanja Vosswinkel\Desktop\Verknüpfung mit A&usführen....lnk
[2010.09.02 15:24:01 | 000,001,200 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-3948673213-278053644-3035829693-1005Core.job
[2010.08.21 10:26:06 | 000,002,445 | ---- | M] () -- C:\Dokumente und Einstellungen\Tanja Vosswinkel\Desktop\Google Chrome.lnk
[2010.08.12 22:19:08 | 000,007,168 | ---- | M] () -- C:\Dokumente und Einstellungen\Tanja Vosswinkel\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.08.11 11:48:35 | 000,001,887 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Google Earth.lnk
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files Created - No Company Name ==========

[2010.09.04 08:44:47 | 000,001,755 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\Windows Search.lnk
[2010.09.03 23:36:27 | 000,000,676 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2010.09.03 00:28:41 | 000,000,104 | ---- | C] () -- C:\Dokumente und Einstellungen\Tanja Vosswinkel\Desktop\Verknüpfung (2) mit A&usführen....lnk
[2010.09.03 00:24:36 | 000,000,104 | ---- | C] () -- C:\Dokumente und Einstellungen\Tanja Vosswinkel\Desktop\Verknüpfung mit A&usführen....lnk
[2010.08.11 11:48:35 | 000,001,887 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Google Earth.lnk
[2010.08.11 11:44:26 | 000,001,108 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2010.08.11 11:44:25 | 000,001,104 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2009.12.17 23:00:01 | 000,000,010 | ---- | C] () -- C:\WINDOWS\WININIT.INI
[2009.12.05 22:06:17 | 000,011,041 | ---- | C] () -- C:\Dokumente und Einstellungen\Tanja Vosswinkel\Anwendungsdaten\SmarThruOptions.xml
[2009.12.05 22:05:39 | 000,172,032 | ---- | C] () -- C:\WINDOWS\System32\SecSNMP.dll
[2009.12.05 22:05:26 | 000,094,208 | ---- | C] () -- C:\WINDOWS\System32\SamFaxPort.dll
[2009.12.05 22:05:07 | 000,000,116 | ---- | C] () -- C:\WINDOWS\Readiris.ini
[2009.12.05 22:05:03 | 000,023,040 | ---- | C] () -- C:\WINDOWS\System32\irisco32.dll
[2009.12.05 22:01:21 | 000,143,872 | ---- | C] () -- C:\WINDOWS\System32\SaXPWIA.dll
[2009.12.05 22:01:21 | 000,138,240 | ---- | C] () -- C:\WINDOWS\System32\SaXPUIEx.dll
[2009.12.05 22:01:21 | 000,087,552 | ---- | C] () -- C:\WINDOWS\System32\SaXPSTI.dll
[2009.12.05 22:01:20 | 000,139,776 | ---- | C] () -- C:\WINDOWS\System32\SaXPEH.dll
[2009.12.05 22:01:20 | 000,116,736 | ---- | C] () -- C:\WINDOWS\System32\SaXPIPH.dll
[2009.12.05 22:00:57 | 000,022,723 | ---- | C] () -- C:\WINDOWS\System32\sst1cl3.dll
[2009.11.17 17:13:12 | 000,208,896 | ---- | C] () -- C:\WINDOWS\System32\LXPrnUtil10.dll
[2009.11.17 17:11:26 | 000,303,104 | ---- | C] () -- C:\WINDOWS\System32\dnt27VC8.dll
[2009.11.17 17:09:36 | 000,143,360 | ---- | C] () -- C:\WINDOWS\System32\dntvmc27VC8.dll
[2009.11.17 17:09:20 | 000,086,016 | ---- | C] () -- C:\WINDOWS\System32\dntvm27VC8.dll
[2009.06.26 00:18:23 | 000,116,224 | ---- | C] () -- C:\WINDOWS\System32\pdfcmnnt.dll
[2009.04.15 14:09:49 | 000,007,168 | ---- | C] () -- C:\Dokumente und Einstellungen\Tanja Vosswinkel\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009.02.08 17:34:51 | 000,001,520 | ---- | C] () -- C:\WINDOWS\System32\Oliver Fischer_KBD.ini
[2009.01.16 21:36:06 | 000,001,520 | ---- | C] () -- C:\WINDOWS\System32\Tanja Vosswinkel_KBD.ini
[2008.12.18 13:04:24 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2008.11.03 23:21:17 | 000,000,416 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini
[2008.11.03 15:54:04 | 000,001,522 | ---- | C] () -- C:\WINDOWS\System32\MagicKBD.INI
[2008.11.03 15:54:04 | 000,001,520 | ---- | C] () -- C:\WINDOWS\System32\Besitzer_KBD.ini
[2008.11.03 15:54:02 | 000,001,857 | ---- | C] () -- C:\WINDOWS\System32\KBDUU.INI
[2008.11.03 15:54:02 | 000,001,835 | ---- | C] () -- C:\WINDOWS\System32\KBDA.INI
[2008.11.03 15:54:02 | 000,001,697 | ---- | C] () -- C:\WINDOWS\System32\KBDV.INI
[2008.11.03 15:54:01 | 000,003,425 | ---- | C] () -- C:\WINDOWS\System32\KBDR.INI
[2008.11.03 15:54:01 | 000,002,741 | ---- | C] () -- C:\WINDOWS\System32\KBDD.INI
[2008.11.03 15:54:01 | 000,002,699 | ---- | C] () -- C:\WINDOWS\System32\KBDO.INI
[2008.11.03 15:54:01 | 000,002,699 | ---- | C] () -- C:\WINDOWS\System32\KBDC.INI
[2008.11.03 15:54:01 | 000,002,606 | ---- | C] () -- C:\WINDOWS\System32\KBDB.INI
[2008.11.03 15:54:01 | 000,002,236 | ---- | C] () -- C:\WINDOWS\System32\KBDQ.INI
[2008.11.03 15:54:01 | 000,001,956 | ---- | C] () -- C:\WINDOWS\System32\KBDE.INI
[2008.11.03 15:54:01 | 000,001,885 | ---- | C] () -- C:\WINDOWS\System32\KBDP.INI
[2008.11.03 15:54:01 | 000,001,835 | ---- | C] () -- C:\WINDOWS\System32\KBDG.INI
[2008.11.03 15:54:01 | 000,001,834 | ---- | C] () -- C:\WINDOWS\System32\KBDU.INI
[2008.11.03 15:54:01 | 000,001,819 | ---- | C] () -- C:\WINDOWS\System32\KBDN.INI
[2008.11.03 15:54:01 | 000,001,699 | ---- | C] () -- C:\WINDOWS\System32\KBDT.INI
[2008.11.03 15:54:01 | 000,001,522 | ---- | C] () -- C:\WINDOWS\System32\KBDS.INI
[2008.11.03 15:54:01 | 000,001,476 | ---- | C] () -- C:\WINDOWS\System32\KBDF.INI
[2008.11.03 15:51:47 | 000,000,135 | R--- | C] () -- C:\WINDOWS\System32\lngEng.ini
[2008.11.03 15:51:47 | 000,000,117 | ---- | C] () -- C:\WINDOWS\System32\lngKor.ini
[2008.11.03 15:48:26 | 000,147,456 | ---- | C] () -- C:\WINDOWS\System32\igfxCoIn_v4926.dll
[2008.11.03 15:45:46 | 000,004,300 | ---- | C] () -- C:\WINDOWS\System32\MEMIO.SYS
[2008.05.26 22:23:36 | 000,016,834 | ---- | C] () -- C:\WINDOWS\System32\gthrctr.ini
[2008.05.26 22:23:34 | 000,024,188 | ---- | C] () -- C:\WINDOWS\System32\idxcntrs.ini
[2008.05.26 22:23:32 | 000,016,568 | ---- | C] () -- C:\WINDOWS\System32\gsrvctr.ini
[2007.06.27 09:00:00 | 011,206,656 | ---- | C] () -- C:\WINDOWS\System32\ZHHP_RES.DLL
[2007.06.27 09:00:00 | 000,749,568 | ---- | C] () -- C:\WINDOWS\System32\AGISSI.DLL

========== LOP Check ==========

[2009.03.28 16:36:52 | 000,000,000 | -H-D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\CanonBJ
[2009.12.17 23:00:02 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\CanonCP
[2009.10.23 13:22:58 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\ComPlus Applications
[2010.01.18 23:03:51 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Installations
[2010.07.28 21:15:10 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Lexware
[2010.05.12 10:52:28 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\OviInstallerCache
[2009.03.22 13:34:56 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\PC Suite
[2008.11.03 15:49:09 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\WLAN
[2010.01.27 18:47:41 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Tanja Vosswinkel\Anwendungsdaten\7-PDFMaker
[2010.07.28 21:20:06 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Tanja Vosswinkel\Anwendungsdaten\DataDesign
[2010.07.28 21:54:16 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Tanja Vosswinkel\Anwendungsdaten\Lexware
[2009.04.27 22:02:06 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Tanja Vosswinkel\Anwendungsdaten\Nokia
[2009.03.22 13:46:15 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Tanja Vosswinkel\Anwendungsdaten\PC Suite
[2009.08.21 22:49:27 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Tanja Vosswinkel\Anwendungsdaten\pdfforge
[2009.06.26 00:56:49 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Tanja Vosswinkel\Anwendungsdaten\Search Settings
[2009.12.05 22:06:21 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Tanja Vosswinkel\Anwendungsdaten\SmarThru4
[2010.09.04 08:44:51 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Tanja Vosswinkel\Anwendungsdaten\Windows Desktop Search
[2009.03.22 14:53:37 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Tanja Vosswinkel\Anwendungsdaten\Windows Search

========== Purity Check ==========



========== Custom Scans ==========


< %SYSTEMDRIVE%\*.* >
[2008.11.03 15:41:30 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT
[2009.01.16 21:34:42 | 000,000,211 | RHS- | M] () -- C:\boot.ini
[2008.04.14 14:00:00 | 000,004,952 | RHS- | M] () -- C:\bootfont.bin
[2008.11.03 15:41:30 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS
[2010.03.17 16:16:30 | 000,000,000 | ---- | M] () -- C:\ctapi_out_gr.txt
[2010.09.05 18:20:29 | 1063,702,528 | -HS- | M] () -- C:\hiberfil.sys
[2008.11.03 15:41:30 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2008.11.03 15:41:30 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2008.04.14 14:00:00 | 000,047,564 | RHS- | M] () -- C:\NTDETECT.COM
[2008.04.14 14:00:00 | 000,251,712 | RHS- | M] () -- C:\ntldr
[2010.09.05 18:20:28 | 1598,029,824 | -HS- | M] () -- C:\pagefile.sys
[2008.11.24 11:16:27 | 000,000,159 | ---- | M] () -- C:\setup.log

< %systemroot%\Fonts\*.com >
[2006.04.18 16:39:28 | 000,026,040 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalMonospace.CompositeFont
[2006.06.29 15:53:56 | 000,026,489 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalSansSerif.CompositeFont
[2006.04.18 16:39:28 | 000,029,779 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalSerif.CompositeFont
[2006.06.29 15:58:52 | 000,030,808 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalUserInterface.CompositeFont

< %systemroot%\Fonts\*.dll >

< %systemroot%\Fonts\*.ini >
[2008.11.03 15:40:54 | 000,000,067 | -HS- | M] () -- C:\WINDOWS\Fonts\desktop.ini

< %systemroot%\Fonts\*.ini2 >

< %systemroot%\Fonts\*.exe >

< %systemroot%\system32\spool\prtprocs\w32x86\*.* >
[2006.04.23 22:00:00 | 000,022,528 | ---- | M] (CANON INC.) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\CNMPD85.DLL
[2006.04.23 22:00:00 | 000,065,024 | ---- | M] (CANON INC.) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\CNMPP85.DLL
[2008.07.06 14:06:10 | 000,089,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\filterpipelineprintproc.dll
[2008.07.06 12:50:03 | 000,597,504 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\printfilterpipelinesvc.exe
[2007.08.14 03:00:28 | 000,019,968 | ---- | M] (Windows ® 2000 DDK provider) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\sst1cpc.dll
[2007.06.27 09:00:00 | 000,057,344 | ---- | M] (Zenographics, Inc.) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\zIMFPRNT.DLL

< %systemroot%\REPAIR\*.bak1 >

< %systemroot%\REPAIR\*.ini >

< %systemroot%\system32\*.jpg >

< %systemroot%\*.jpg >

< %systemroot%\*.png >

< %systemroot%\*.scr >
[2007.02.26 17:49:10 | 001,744,896 | ---- | M] (TopThinks, INC.) -- C:\WINDOWS\imagine digital freedom.scr

< %systemroot%\*._sy >

< %APPDATA%\Adobe\Update\*.* >

< %ALLUSERSPROFILE%\Favorites\*.* >

< %APPDATA%\Microsoft\*.* >

< %PROGRAMFILES%\*.* >

< %APPDATA%\Update\*.* >

< %systemroot%\*. /mp /s >

< %systemroot%\System32\config\*.sav >
[2008.11.03 16:32:46 | 000,094,208 | ---- | M] () -- C:\WINDOWS\system32\config\default.sav
[2008.11.03 16:32:46 | 001,069,056 | ---- | M] () -- C:\WINDOWS\system32\config\software.sav
[2008.11.03 16:32:45 | 000,438,272 | ---- | M] () -- C:\WINDOWS\system32\config\system.sav

< %PROGRAMFILES%\bak. /s >

< %systemroot%\system32\bak. /s >

< %ALLUSERSPROFILE%\Start Menu\*.lnk /x >

< %systemroot%\system32\config\systemprofile\*.dat /x >

< %systemroot%\*.config >

< %systemroot%\system32\*.db >

< %PROGRAMFILES%\Internet Explorer\*.dat >

< %APPDATA%\Microsoft\Internet Explorer\Quick Launch\*.lnk /x >
[2008.11.03 15:46:02 | 000,000,079 | ---- | M] () -- C:\Dokumente und Einstellungen\Tanja Vosswinkel\Anwendungsdaten\Microsoft\Internet Explorer\Quick Launch\Desktop anzeigen.scf
[2009.01.16 21:35:45 | 000,000,124 | -HS- | M] () -- C:\Dokumente und Einstellungen\Tanja Vosswinkel\Anwendungsdaten\Microsoft\Internet Explorer\Quick Launch\desktop.ini

< %USERPROFILE%\Desktop\*.exe >
[2010.09.05 19:15:07 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Dokumente und Einstellungen\Tanja Vosswinkel\Desktop\OTL.exe

< %PROGRAMFILES%\Common Files\*.* >

< %systemroot%\*.src >

< %systemroot%\install\*.* >

< %systemroot%\system32\DLL\*.* >

< %systemroot%\system32\HelpFiles\*.* >

< %systemroot%\system32\rundll\*.* >

< %systemroot%\winn32\*.* >

< %systemroot%\Java\*.* >

< %systemroot%\system32\test\*.* >

< %systemroot%\system32\Rundll32\*.* >

< %systemroot%\AppPatch\Custom\*.* >

< HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU >

< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs >
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install\\LastSuccessTime: 2010-09-05 16:18:48
< End of report >
PRC - C:\Dokumente und Einstellungen\Tanja Vosswinkel\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Programme\Samsung\Samsung Update Plus\SUPNotifier.exe ()
PRC - C:\Programme\Nokia\Nokia PC Suite 7\PCSuite.exe (Nokia)
PRC - C:\Programme\PC Connectivity Solution\ServiceLayer.exe (Nokia)
PRC - C:\Programme\PC Connectivity Solution\Transports\NclUSBSrv.exe (Nokia)
PRC - C:\Programme\PC Connectivity Solution\Transports\NclRSSrv.exe (Nokia)
PRC - C:\Programme\Norton AntiVirus\Engine\16.8.0.41\ccSvcHst.exe (Symantec Corporation)
PRC - C:\WINDOWS\Samsung\PanelMgr\SSMMgr.exe ()
PRC - C:\WINDOWS\twain_32\Samsung\CLX3170\Scan2Pc.exe ()
PRC - C:\Programme\Gemeinsame Dateien\Lexware\Update Manager\LxUpdateManager.exe (Lexware GmbH & Co. KG)
PRC - C:\Programme\Samsung\Samsung Battery Manager\BatteryManager.exe ()
PRC - C:\Programme\Samsung\Easy Display Manager\dmhkcore.exe (SAMSUNG Electronics)
PRC - C:\Programme\Windows Desktop Search\WindowsSearch.exe (Microsoft Corporation)
PRC - C:\Programme\Samsung\MagicKBD\PerformanceManager.exe (Samsung Electronics Co., Ltd.)
PRC - C:\Programme\Samsung\MagicKBD\MagicKBD.exe (SAMSUNG Electronics Co., Ltd.)
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\WINDOWS\system32\igfxext.exe (Intel Corporation)
PRC - C:\Programme\Samsung\Samsung EDS\EDSAgent.exe (Samsung Electronics,.LTD)
PRC - C:\Programme\Samsung\Samsung Network Manager\SNMWLANService.exe ()


========== Modules (SafeList) ==========

MOD - C:\Dokumente und Einstellungen\Tanja Vosswinkel\Desktop\OTL.exe (OldTimer Tools)
MOD - C:\Programme\Windows Desktop Search\MsnlNamespaceMgr.dll (Microsoft Corporation)
MOD - C:\WINDOWS\system32\msscript.ocx (Microsoft Corporation)


========== Win32 Services (SafeList) ==========

SRV - (AppMgmt) -- C:\WINDOWS\System32\appmgmts.dll File not found
SRV - (ServiceLayer) -- C:\Programme\PC Connectivity Solution\ServiceLayer.exe (Nokia)
SRV - (Norton AntiVirus) -- C:\Programme\Norton AntiVirus\Engine\16.8.0.41\ccSvcHst.exe (Symantec Corporation)
SRV - (odserv) -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE12\ODSERV.EXE (Microsoft Corporation)
SRV - (SNM WLAN Service) -- C:\Programme\samsung\Samsung Network Manager\SNMWLANService.exe ()
SRV - (ose) -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE (Microsoft Corporation)


========== Driver Services (SafeList) ==========

DRV - (SYMREDRV) -- C:\WINDOWS\System32\drivers\NAV\1000000.07D\SYMREDRV.SYS File not found
DRV - (SYMDNS) -- C:\WINDOWS\System32\drivers\NAV\1000000.07D\SYMDNS.SYS File not found
DRV - (SSPORT) -- C:\WINDOWS\System32\Drivers\SSPORT.sys File not found
DRV - (NAVEX15) -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20100904.003\NAVEX15.SYS (Symantec Corporation)
DRV - (NAVENG) -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20100904.003\NAVENG.SYS (Symantec Corporation)
DRV - (IDSxpx86) -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\20100903.003\IDSXpx86.sys (Symantec Corporation)
DRV - (eeCtrl) -- C:\Programme\Gemeinsame Dateien\Symantec Shared\EENGINE\eeCtrl.sys (Symantec Corporation)
DRV - (EraserUtilRebootDrv) -- C:\Programme\Gemeinsame Dateien\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys (Symantec Corporation)
DRV - (ccHP) -- C:\WINDOWS\System32\Drivers\NAV\1008000.029\ccHPx86.sys (Symantec Corporation)
DRV - (nmwcdnsu) -- C:\WINDOWS\system32\drivers\nmwcdnsu.sys (Nokia)
DRV - (UsbserFilt) -- C:\WINDOWS\system32\drivers\usbser_lowerfltj.sys (Nokia)
DRV - (nmwcdc) -- C:\WINDOWS\system32\drivers\ccdcmbo.sys (Nokia)
DRV - (nmwcd) -- C:\WINDOWS\system32\drivers\ccdcmb.sys (Nokia)
DRV - (upperdev) -- C:\WINDOWS\system32\drivers\usbser_lowerflt.sys (Nokia)
DRV - (SymEvent) -- C:\WINDOWS\system32\drivers\SYMEVENT.SYS (Symantec Corporation)
DRV - (SymEFA) -- C:\WINDOWS\system32\drivers\NAV\1008000.029\SYMEFA.SYS (Symantec Corporation)
DRV - (SRTSP) -- C:\WINDOWS\System32\Drivers\NAV\1008000.029\SRTSP.SYS (Symantec Corporation)
DRV - (BHDrvx86) -- C:\WINDOWS\System32\Drivers\NAV\1008000.029\BHDrvx86.sys (Symantec Corporation)
DRV - (SYMTDI) -- C:\WINDOWS\System32\Drivers\NAV\1008000.029\SYMTDI.SYS (Symantec Corporation)
DRV - (SYMFW) -- C:\WINDOWS\System32\Drivers\NAV\1008000.029\SYMFW.SYS (Symantec Corporation)
DRV - (SRTSPX) Symantec Real Time Storage Protection (PEL) -- C:\WINDOWS\system32\drivers\NAV\1008000.029\SRTSPX.SYS (Symantec Corporation)
DRV - (SYMNDIS) -- C:\WINDOWS\System32\Drivers\NAV\1008000.029\SYMNDIS.SYS (Symantec Corporation)
DRV - (SYMIDS) -- C:\WINDOWS\System32\Drivers\NAV\1008000.029\SYMIDS.SYS (Symantec Corporation)
DRV - (SymIMMP) -- C:\WINDOWS\system32\drivers\SymIM.sys (Symantec Corporation)
DRV - (SymIM) -- C:\WINDOWS\system32\drivers\SymIM.sys (Symantec Corporation)
DRV - (AR5416) -- C:\WINDOWS\system32\drivers\athw.sys (Atheros Communications, Inc.)
DRV - (VMC326) -- C:\WINDOWS\system32\drivers\VMC326.sys (Vimicro Corporation)
DRV - (SynTP) -- C:\WINDOWS\system32\drivers\SynTP.sys (Synaptics, Inc.)
DRV - (IntcAzAudAddService) Service for Realtek HD Audio (WDM) -- C:\WINDOWS\system32\drivers\RtkHDAud.sys (Realtek Semiconductor Corp.)
DRV - (pccsmcfd) -- C:\WINDOWS\system32\drivers\pccsmcfd.sys (Nokia)
DRV - (yukonwxp) -- C:\WINDOWS\system32\drivers\yk51x86.sys (Marvell)
DRV - (HDAudBus) -- C:\WINDOWS\system32\drivers\hdaudbus.sys (Windows ® Server 2003 DDK provider)
DRV - (usbaudio) USB-Audiotreiber (WDM) -- C:\WINDOWS\system32\drivers\USBAUDIO.sys (Microsoft Corporation)
DRV - (ialm) -- C:\WINDOWS\system32\drivers\igxpmp32.sys (Intel Corporation)
DRV - (DNSeFilter) -- C:\WINDOWS\system32\drivers\SamsungEDS.SYS (Samsung Electronics,.LTD)
DRV - (DgiVecp) -- C:\WINDOWS\system32\drivers\DgivEcp.sys (Samsung Electronics Co., Ltd.)
DRV - (BTWUSB) -- C:\WINDOWS\system32\drivers\btwusb.sys (Broadcom Corporation.)
DRV - (DOSMEMIO) -- C:\WINDOWS\system32\MEMIO.SYS ()


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========


IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.de/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKCU\..\URLSearchHook: {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Programme\pdfforge Toolbar\SearchSettings.dll (Spigot, Inc.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

FF - HKLM\software\mozilla\Firefox\extensions\\fiddlerhook@fiddler2.com: C:\Programme\Fiddler2\FiddlerHook [2010.04.07 00:11:35 | 000,000,000 | ---D | M]


O1 HOSTS File: ([2008.04.14 14:00:00 | 000,000,820 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Programme\Norton AntiVirus\Engine\16.8.0.41\IPSBHO.dll (Symantec Corporation)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (pdfforge Toolbar) - {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Programme\pdfforge Toolbar\WidgiToolbarIE.dll (GreenTree Applications, Inc.)
O2 - BHO: (no name) - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Programme\pdfforge Toolbar\SearchSettings.dll (Spigot, Inc.)
O3 - HKLM\..\Toolbar: (pdfforge Toolbar) - {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Programme\pdfforge Toolbar\WidgiToolbarIE.dll (GreenTree Applications, Inc.)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [3170 Scan2PC] C:\WINDOWS\Twain_32\Samsung\CLX3170\Scan2pc.exe ()
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Programme\Adobe\Reader 8.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\ALCMTR.EXE (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [BatteryManager] C:\Programme\Samsung\Samsung Battery Manager\BatteryManager.exe ()
O4 - HKLM..\Run: [DMHotKey] C:\Programme\Samsung\Easy Display Manager\DMLoader.exe (SAMSUNG Electronics)
O4 - HKLM..\Run: [EDS] C:\Programme\Samsung\Samsung EDS\EDSAgent.exe (Samsung Electronics,.LTD)
O4 - HKLM..\Run: [LexwareInfoService] C:\Programme\Gemeinsame Dateien\Lexware\Update Manager\LxUpdateManager.exe (Lexware GmbH & Co. KG)
O4 - HKLM..\Run: [MagicKeyboard] C:\Programme\Samsung\MagicKBD\PreMKbd.exe ()
O4 - HKLM..\Run: [Samsung PanelMgr] C:\WINDOWS\Samsung\PanelMgr\SSMMgr.exe ()
O4 - HKLM..\Run: [SearchSettings] C:\Programme\pdfforge Toolbar\SearchSettings.exe (Spigot, Inc.)
O4 - HKLM..\Run: [SUPBackGround] C:\Programme\Samsung\Samsung Update Plus\SUPBackGround.exe ()
O4 - HKCU..\Run: [PC Suite Tray] C:\Programme\Nokia\Nokia PC Suite 7\PCSuite.exe (Nokia)
O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\Windows Search.lnk = C:\Programme\Windows Desktop Search\WindowsSearch.exe (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\WINDOWS\System32\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - C:\Programme\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: SmarThru4 Capture Selection - C:\Programme\SmarThru 4\WEBCapture.dll2.htm ()
O8 - Extra context menu item: SmarThru4 Save as HTML - C:\Programme\SmarThru 4\WEBCapture.dll1.htm ()
O8 - Extra context menu item: SmarThru4 Save Selected Text - C:\Programme\SmarThru 4\WEBCapture.dll.htm ()
O8 - Extra context menu item: SmarThru4 Web Capture - C:\Programme\SmarThru 4\WebCapture.dll ()
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Programme\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra Button: Fiddler2 - {CF819DA3-9882-4944-ADF5-6EF17ECF3C6E} - C:\Programme\Fiddler2\Fiddler.exe (Eric Lawrence)
O9 - Extra 'Tools' menuitem : Fiddler2 - {CF819DA3-9882-4944-ADF5-6EF17ECF3C6E} - C:\Programme\Fiddler2\Fiddler.exe (Eric Lawrence)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://update.micros...b?1237752126109 (MUWebControl Class)
O16 - DPF: {888078C6-70B2-4F88-8EE7-1F50DDEA6120} https://as.photoprin...geUploader6.cab (CeWe Color AG & Co. OHG Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_11)
O16 - DPF: {CAFEEFAC-0015-0000-0000-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.5.0)
O16 - DPF: {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_11)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_11)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\WINDOWS\System32\igfxdev.dll (Intel Corporation)
O24 - Desktop Components:0 (Die derzeitige Homepage) - About:Home
O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\SamsungWallpaper.bmp
O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\SamsungWallpaper.bmp
O28 - HKLM ShellExecuteHooks: {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Programme\Windows Desktop Search\MsnlNamespaceMgr.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2008.11.03 15:41:30 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{7830d92e-c3b6-11de-a641-001377b33b11}\Shell\AutoRun\command - "" = E:\Launch.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2010.09.05 19:14:56 | 000,574,976 | ---- | C] (OldTimer Tools) -- C:\Dokumente und Einstellungen\Tanja Vosswinkel\Desktop\OTL.exe
[2010.09.04 07:39:58 | 000,000,000 | ---D | C] -- C:\Programme\Gemeinsame Dateien\DESIGNER
[2010.09.04 07:38:59 | 000,000,000 | ---D | C] -- C:\Programme\Microsoft Visual Studio
[2010.09.04 07:28:41 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2010.09.03 23:36:34 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Tanja Vosswinkel\Anwendungsdaten\Malwarebytes
[2010.09.03 23:36:23 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010.09.03 23:36:22 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Malwarebytes
[2010.09.03 23:36:21 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2010.09.03 23:36:20 | 000,000,000 | ---D | C] -- C:\Programme\Malwarebytes' Anti-Malware
[2010.08.11 11:49:57 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Tanja Vosswinkel\Anwendungsdaten\Google
[2010.08.11 11:49:07 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\NetworkService\Lokale Einstellungen\Anwendungsdaten\Google
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2010.09.05 19:24:02 | 000,001,252 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-3948673213-278053644-3035829693-1005UA.job
[2010.09.05 19:19:00 | 000,001,244 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-3948673213-278053644-3035829693-1006UA.job
[2010.09.05 19:19:00 | 000,001,192 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-3948673213-278053644-3035829693-1006Core.job
[2010.09.05 19:15:52 | 007,864,320 | -H-- | M] () -- C:\Dokumente und Einstellungen\Tanja Vosswinkel\NTUSER.DAT
[2010.09.05 19:15:07 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Dokumente und Einstellungen\Tanja Vosswinkel\Desktop\OTL.exe
[2010.09.05 18:49:02 | 000,001,108 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2010.09.05 18:27:29 | 000,001,104 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2010.09.05 18:20:37 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010.09.05 18:20:31 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010.09.05 18:20:29 | 1063,702,528 | -HS- | M] () -- C:\hiberfil.sys
[2010.09.05 18:19:32 | 000,000,190 | -HS- | M] () -- C:\Dokumente und Einstellungen\Tanja Vosswinkel\ntuser.ini
[2010.09.05 18:12:41 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010.09.04 08:44:47 | 000,001,755 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\Windows Search.lnk
[2010.09.04 08:44:23 | 001,078,984 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2010.09.04 08:44:23 | 000,477,304 | ---- | M] () -- C:\WINDOWS\System32\perfh007.dat
[2010.09.04 08:44:23 | 000,091,304 | ---- | M] () -- C:\WINDOWS\System32\perfc007.dat
[2010.09.04 08:05:53 | 1950,368,768 | ---- | M] () -- C:\Dokumente und Einstellungen\Tanja Vosswinkel\Eigene Dateien\Outlook.pst
[2010.09.04 07:51:29 | 2775,712,768 | ---- | M] () -- C:\Dokumente und Einstellungen\Tanja Vosswinkel\Eigene Dateien\Archive-V-Welten.pst
[2010.09.04 07:51:29 | 1983,382,528 | ---- | M] () -- C:\Dokumente und Einstellungen\Tanja Vosswinkel\Eigene Dateien\archive.pst
[2010.09.04 07:49:58 | 000,074,696 | ---- | M] () -- C:\Dokumente und Einstellungen\Tanja Vosswinkel\Lokale Einstellungen\Anwendungsdaten\GDIPFONTCACHEV1.DAT
[2010.09.04 07:46:19 | 000,282,928 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010.09.04 07:30:15 | 000,000,552 | ---- | M] () -- C:\WINDOWS\win.ini
[2010.09.03 23:36:27 | 000,000,676 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2010.09.03 23:05:35 | 000,001,355 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2010.09.03 23:05:07 | 000,435,594 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010.09.03 23:05:07 | 000,068,490 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010.09.03 01:33:00 | 008,574,976 | ---- | M] () -- C:\Dokumente und Einstellungen\Tanja Vosswinkel\Eigene Dateien\V-Welten-2010.QBW
[2010.09.03 00:28:41 | 000,000,104 | ---- | M] () -- C:\Dokumente und Einstellungen\Tanja Vosswinkel\Desktop\Verknüpfung (2) mit A&usführen....lnk
[2010.09.03 00:24:36 | 000,000,104 | ---- | M] () -- C:\Dokumente und Einstellungen\Tanja Vosswinkel\Desktop\Verknüpfung mit A&usführen....lnk
[2010.09.02 15:24:01 | 000,001,200 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-3948673213-278053644-3035829693-1005Core.job
[2010.08.21 10:26:06 | 000,002,445 | ---- | M] () -- C:\Dokumente und Einstellungen\Tanja Vosswinkel\Desktop\Google Chrome.lnk
[2010.08.12 22:19:08 | 000,007,168 | ---- | M] () -- C:\Dokumente und Einstellungen\Tanja Vosswinkel\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.08.11 11:48:35 | 000,001,887 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Google Earth.lnk
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files Created - No Company Name ==========

[2010.09.04 08:44:47 | 000,001,755 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\Windows Search.lnk
[2010.09.03 23:36:27 | 000,000,676 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2010.09.03 00:28:41 | 000,000,104 | ---- | C] () -- C:\Dokumente und Einstellungen\Tanja Vosswinkel\Desktop\Verknüpfung (2) mit A&usführen....lnk
[2010.09.03 00:24:36 | 000,000,104 | ---- | C] () -- C:\Dokumente und Einstellungen\Tanja Vosswinkel\Desktop\Verknüpfung mit A&usführen....lnk
[2010.08.11 11:48:35 | 000,001,887 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Google Earth.lnk
[2010.08.11 11:44:26 | 000,001,108 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2010.08.11 11:44:25 | 000,001,104 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2009.12.17 23:00:01 | 000,000,010 | ---- | C] () -- C:\WINDOWS\WININIT.INI
[2009.12.05 22:06:17 | 000,011,041 | ---- | C] () -- C:\Dokumente und Einstellungen\Tanja Vosswinkel\Anwendungsdaten\SmarThruOptions.xml
[2009.12.05 22:05:39 | 000,172,032 | ---- | C] () -- C:\WINDOWS\System32\SecSNMP.dll
[2009.12.05 22:05:26 | 000,094,208 | ---- | C] () -- C:\WINDOWS\System32\SamFaxPort.dll
[2009.12.05 22:05:07 | 000,000,116 | ---- | C] () -- C:\WINDOWS\Readiris.ini
[2009.12.05 22:05:03 | 000,023,040 | ---- | C] () -- C:\WINDOWS\System32\irisco32.dll
[2009.12.05 22:01:21 | 000,143,872 | ---- | C] () -- C:\WINDOWS\System32\SaXPWIA.dll
[2009.12.05 22:01:21 | 000,138,240 | ---- | C] () -- C:\WINDOWS\System32\SaXPUIEx.dll
[2009.12.05 22:01:21 | 000,087,552 | ---- | C] () -- C:\WINDOWS\System32\SaXPSTI.dll
[2009.12.05 22:01:20 | 000,139,776 | ---- | C] () -- C:\WINDOWS\System32\SaXPEH.dll
[2009.12.05 22:01:20 | 000,116,736 | ---- | C] () -- C:\WINDOWS\System32\SaXPIPH.dll
[2009.12.05 22:00:57 | 000,022,723 | ---- | C] () -- C:\WINDOWS\System32\sst1cl3.dll
[2009.11.17 17:13:12 | 000,208,896 | ---- | C] () -- C:\WINDOWS\System32\LXPrnUtil10.dll
[2009.11.17 17:11:26 | 000,303,104 | ---- | C] () -- C:\WINDOWS\System32\dnt27VC8.dll
[2009.11.17 17:09:36 | 000,143,360 | ---- | C] () -- C:\WINDOWS\System32\dntvmc27VC8.dll
[2009.11.17 17:09:20 | 000,086,016 | ---- | C] () -- C:\WINDOWS\System32\dntvm27VC8.dll
[2009.06.26 00:18:23 | 000,116,224 | ---- | C] () -- C:\WINDOWS\System32\pdfcmnnt.dll
[2009.04.15 14:09:49 | 000,007,168 | ---- | C] () -- C:\Dokumente und Einstellungen\Tanja Vosswinkel\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009.02.08 17:34:51 | 000,001,520 | ---- | C] () -- C:\WINDOWS\System32\Oliver Fischer_KBD.ini
[2009.01.16 21:36:06 | 000,001,520 | ---- | C] () -- C:\WINDOWS\System32\Tanja Vosswinkel_KBD.ini
[2008.12.18 13:04:24 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2008.11.03 23:21:17 | 000,000,416 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini
[2008.11.03 15:54:04 | 000,001,522 | ---- | C] () -- C:\WINDOWS\System32\MagicKBD.INI
[2008.11.03 15:54:04 | 000,001,520 | ---- | C] () -- C:\WINDOWS\System32\Besitzer_KBD.ini
[2008.11.03 15:54:02 | 000,001,857 | ---- | C] () -- C:\WINDOWS\System32\KBDUU.INI
[2008.11.03 15:54:02 | 000,001,835 | ---- | C] () -- C:\WINDOWS\System32\KBDA.INI
[2008.11.03 15:54:02 | 000,001,697 | ---- | C] () -- C:\WINDOWS\System32\KBDV.INI
[2008.11.03 15:54:01 | 000,003,425 | ---- | C] () -- C:\WINDOWS\System32\KBDR.INI
[2008.11.03 15:54:01 | 000,002,741 | ---- | C] () -- C:\WINDOWS\System32\KBDD.INI
[2008.11.03 15:54:01 | 000,002,699 | ---- | C] () -- C:\WINDOWS\System32\KBDO.INI
[2008.11.03 15:54:01 | 000,002,699 | ---- | C] () -- C:\WINDOWS\System32\KBDC.INI
[2008.11.03 15:54:01 | 000,002,606 | ---- | C] () -- C:\WINDOWS\System32\KBDB.INI
[2008.11.03 15:54:01 | 000,002,236 | ---- | C] () -- C:\WINDOWS\System32\KBDQ.INI
[2008.11.03 15:54:01 | 000,001,956 | ---- | C] () -- C:\WINDOWS\System32\KBDE.INI
[2008.11.03 15:54:01 | 000,001,885 | ---- | C] () -- C:\WINDOWS\System32\KBDP.INI
[2008.11.03 15:54:01 | 000,001,835 | ---- | C] () -- C:\WINDOWS\System32\KBDG.INI
[2008.11.03 15:54:01 | 000,001,834 | ---- | C] () -- C:\WINDOWS\System32\KBDU.INI
[2008.11.03 15:54:01 | 000,001,819 | ---- | C] () -- C:\WINDOWS\System32\KBDN.INI
[2008.11.03 15:54:01 | 000,001,699 | ---- | C] () -- C:\WINDOWS\System32\KBDT.INI
[2008.11.03 15:54:01 | 000,001,522 | ---- | C] () -- C:\WINDOWS\System32\KBDS.INI
[2008.11.03 15:54:01 | 000,001,476 | ---- | C] () -- C:\WINDOWS\System32\KBDF.INI
[2008.11.03 15:51:47 | 000,000,135 | R--- | C] () -- C:\WINDOWS\System32\lngEng.ini
[2008.11.03 15:51:47 | 000,000,117 | ---- | C] () -- C:\WINDOWS\System32\lngKor.ini
[2008.11.03 15:48:26 | 000,147,456 | ---- | C] () -- C:\WINDOWS\System32\igfxCoIn_v4926.dll
[2008.11.03 15:45:46 | 000,004,300 | ---- | C] () -- C:\WINDOWS\System32\MEMIO.SYS
[2008.05.26 22:23:36 | 000,016,834 | ---- | C] () -- C:\WINDOWS\System32\gthrctr.ini
[2008.05.26 22:23:34 | 000,024,188 | ---- | C] () -- C:\WINDOWS\System32\idxcntrs.ini
[2008.05.26 22:23:32 | 000,016,568 | ---- | C] () -- C:\WINDOWS\System32\gsrvctr.ini
[2007.06.27 09:00:00 | 011,206,656 | ---- | C] () -- C:\WINDOWS\System32\ZHHP_RES.DLL
[2007.06.27 09:00:00 | 000,749,568 | ---- | C] () -- C:\WINDOWS\System32\AGISSI.DLL

========== LOP Check ==========

[2009.03.28 16:36:52 | 000,000,000 | -H-D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\CanonBJ
[2009.12.17 23:00:02 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\CanonCP
[2009.10.23 13:22:58 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\ComPlus Applications
[2010.01.18 23:03:51 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Installations
[2010.07.28 21:15:10 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Lexware
[2010.05.12 10:52:28 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\OviInstallerCache
[2009.03.22 13:34:56 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\PC Suite
[2008.11.03 15:49:09 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\WLAN
[2010.01.27 18:47:41 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Tanja Vosswinkel\Anwendungsdaten\7-PDFMaker
[2010.07.28 21:20:06 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Tanja Vosswinkel\Anwendungsdaten\DataDesign
[2010.07.28 21:54:16 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Tanja Vosswinkel\Anwendungsdaten\Lexware
[2009.04.27 22:02:06 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Tanja Vosswinkel\Anwendungsdaten\Nokia
[2009.03.22 13:46:15 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Tanja Vosswinkel\Anwendungsdaten\PC Suite
[2009.08.21 22:49:27 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Tanja Vosswinkel\Anwendungsdaten\pdfforge
[2009.06.26 00:56:49 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Tanja Vosswinkel\Anwendungsdaten\Search Settings
[2009.12.05 22:06:21 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Tanja Vosswinkel\Anwendungsdaten\SmarThru4
[2010.09.04 08:44:51 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Tanja Vosswinkel\Anwendungsdaten\Windows Desktop Search
[2009.03.22 14:53:37 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Tanja Vosswinkel\Anwendungsdaten\Windows Search

========== Purity Check ==========



========== Custom Scans ==========


< %SYSTEMDRIVE%\*.* >
[2008.11.03 15:41:30 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT
[2009.01.16 21:34:42 | 000,000,211 | RHS- | M] () -- C:\boot.ini
[2008.04.14 14:00:00 | 000,004,952 | RHS- | M] () -- C:\bootfont.bin
[2008.11.03 15:41:30 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS
[2010.03.17 16:16:30 | 000,000,000 | ---- | M] () -- C:\ctapi_out_gr.txt
[2010.09.05 18:20:29 | 1063,702,528 | -HS- | M] () -- C:\hiberfil.sys
[2008.11.03 15:41:30 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2008.11.03 15:41:30 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2008.04.14 14:00:00 | 000,047,564 | RHS- | M] () -- C:\NTDETECT.COM
[2008.04.14 14:00:00 | 000,251,712 | RHS- | M] () -- C:\ntldr
[2010.09.05 18:20:28 | 1598,029,824 | -HS- | M] () -- C:\pagefile.sys
[2008.11.24 11:16:27 | 000,000,159 | ---- | M] () -- C:\setup.log

< %systemroot%\Fonts\*.com >
[2006.04.18 16:39:28 | 000,026,040 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalMonospace.CompositeFont
[2006.06.29 15:53:56 | 000,026,489 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalSansSerif.CompositeFont
[2006.04.18 16:39:28 | 000,029,779 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalSerif.CompositeFont
[2006.06.29 15:58:52 | 000,030,808 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalUserInterface.CompositeFont

< %systemroot%\Fonts\*.dll >

< %systemroot%\Fonts\*.ini >
[2008.11.03 15:40:54 | 000,000,067 | -HS- | M] () -- C:\WINDOWS\Fonts\desktop.ini

< %systemroot%\Fonts\*.ini2 >

< %systemroot%\Fonts\*.exe >

< %systemroot%\system32\spool\prtprocs\w32x86\*.* >
[2006.04.23 22:00:00 | 000,022,528 | ---- | M] (CANON INC.) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\CNMPD85.DLL
[2006.04.23 22:00:00 | 000,065,024 | ---- | M] (CANON INC.) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\CNMPP85.DLL
[2008.07.06 14:06:10 | 000,089,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\filterpipelineprintproc.dll
[2008.07.06 12:50:03 | 000,597,504 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\printfilterpipelinesvc.exe
[2007.08.14 03:00:28 | 000,019,968 | ---- | M] (Windows ® 2000 DDK provider) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\sst1cpc.dll
[2007.06.27 09:00:00 | 000,057,344 | ---- | M] (Zenographics, Inc.) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\zIMFPRNT.DLL

< %systemroot%\REPAIR\*.bak1 >

< %systemroot%\REPAIR\*.ini >

< %systemroot%\system32\*.jpg >

< %systemroot%\*.jpg >

< %systemroot%\*.png >

< %systemroot%\*.scr >
[2007.02.26 17:49:10 | 001,744,896 | ---- | M] (TopThinks, INC.) -- C:\WINDOWS\imagine digital freedom.scr

< %systemroot%\*._sy >

< %APPDATA%\Adobe\Update\*.* >

< %ALLUSERSPROFILE%\Favorites\*.* >

< %APPDATA%\Microsoft\*.* >

< %PROGRAMFILES%\*.* >

< %APPDATA%\Update\*.* >

< %systemroot%\*. /mp /s >

< %systemroot%\System32\config\*.sav >
[2008.11.03 16:32:46 | 000,094,208 | ---- | M] () -- C:\WINDOWS\system32\config\default.sav
[2008.11.03 16:32:46 | 001,069,056 | ---- | M] () -- C:\WINDOWS\system32\config\software.sav
[2008.11.03 16:32:45 | 000,438,272 | ---- | M] () -- C:\WINDOWS\system32\config\system.sav

< %PROGRAMFILES%\bak. /s >

< %systemroot%\system32\bak. /s >

< %ALLUSERSPROFILE%\Start Menu\*.lnk /x >

< %systemroot%\system32\config\systemprofile\*.dat /x >

< %systemroot%\*.config >

< %systemroot%\system32\*.db >

< %PROGRAMFILES%\Internet Explorer\*.dat >

< %APPDATA%\Microsoft\Internet Explorer\Quick Launch\*.lnk /x >
[2008.11.03 15:46:02 | 000,000,079 | ---- | M] () -- C:\Dokumente und Einstellungen\Tanja Vosswinkel\Anwendungsdaten\Microsoft\Internet Explorer\Quick Launch\Desktop anzeigen.scf
[2009.01.16 21:35:45 | 000,000,124 | -HS- | M] () -- C:\Dokumente und Einstellungen\Tanja Vosswinkel\Anwendungsdaten\Microsoft\Internet Explorer\Quick Launch\desktop.ini

< %USERPROFILE%\Desktop\*.exe >
[2010.09.05 19:15:07 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Dokumente und Einstellungen\Tanja Vosswinkel\Desktop\OTL.exe

< %PROGRAMFILES%\Common Files\*.* >

< %systemroot%\*.src >

< %systemroot%\install\*.* >

< %systemroot%\system32\DLL\*.* >

< %systemroot%\system32\HelpFiles\*.* >

< %systemroot%\system32\rundll\*.* >

< %systemroot%\winn32\*.* >

< %systemroot%\Java\*.* >

< %systemroot%\system32\test\*.* >

< %systemroot%\system32\Rundll32\*.* >

< %systemroot%\AppPatch\Custom\*.* >

< HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU >

< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs >
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install\\LastSuccessTime: 2010-09-05 16:18:48

< End of report >
[2010.09.05 19:27:34 | 000,001,024 | -H-- | M] () -- C:\Dokumente und Einstellungen\Tanja Vosswinkel\ntuser.dat.LOG
[2010.09.05 19:27:27 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Tanja Vosswinkel\Desktop
[2010.09.05 19:26:45 | 000,000,000 | -HSD | M] -- C:\Dokumente und Einstellungen\Tanja Vosswinkel\Cookies
[2010.09.05 19:24:02 | 000,001,252 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-3948673213-278053644-3035829693-1005UA.job
[2010.09.05 19:19:00 | 000,001,244 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-3948673213-278053644-3035829693-1006UA.job
[2010.09.05 19:19:00 | 000,001,192 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-3948673213-278053644-3035829693-1006Core.job
[2010.09.05 19:15:52 | 007,864,320 | -H-- | M] () -- C:\Dokumente und Einstellungen\Tanja Vosswinkel\NTUSER.DAT
[2010.09.05 19:15:07 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Dokumente und Einstellungen\Tanja Vosswinkel\Desktop\OTL.exe
[2010.09.05 18:49:02 | 000,001,108 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2010.09.05 18:32:18 | 000,000,000 | RH-D | M] -- C:\Dokumente und Einstellungen\Tanja Vosswinkel\Recent
[2010.09.05 18:27:29 | 000,001,104 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2010.09.05 18:20:37 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010.09.05 18:20:31 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010.09.05 18:20:27 | 000,000,000 | ---D | M] -- C:\Programme\Windows Desktop Search
[2010.09.05 18:19:32 | 000,000,190 | -HS- | M] () -- C:\Dokumente und Einstellungen\Tanja Vosswinkel\ntuser.ini
[2010.09.05 18:12:41 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010.09.04 08:44:57 | 000,000,000 | --SD | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Microsoft
[2010.09.04 08:44:51 | 000,000,000 | RH-D | M] -- C:\Dokumente und Einstellungen\Tanja Vosswinkel\Anwendungsdaten
[2010.09.04 08:44:51 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Tanja Vosswinkel\Anwendungsdaten\Windows Desktop Search
[2010.09.04 08:44:47 | 000,001,755 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\Windows Search.lnk
[2010.09.04 08:44:23 | 001,078,984 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2010.09.04 08:44:23 | 000,477,304 | ---- | M] () -- C:\WINDOWS\System32\perfh007.dat
[2010.09.04 08:44:23 | 000,091,304 | ---- | M] () -- C:\WINDOWS\System32\perfc007.dat
[2010.09.04 08:05:53 | 1950,368,768 | ---- | M] () -- C:\Dokumente und Einstellungen\Tanja Vosswinkel\Eigene Dateien\Outlook.pst
[2010.09.04 08:05:53 | 000,000,000 | R--D | M] -- C:\Dokumente und Einstellungen\Tanja Vosswinkel\Eigene Dateien
[2010.09.04 07:51:29 | 2775,712,768 | ---- | M] () -- C:\Dokumente und Einstellungen\Tanja Vosswinkel\Eigene Dateien\Archive-V-Welten.pst
[2010.09.04 07:51:29 | 1983,382,528 | ---- | M] () -- C:\Dokumente und Einstellungen\Tanja Vosswinkel\Eigene Dateien\archive.pst
[2010.09.04 07:49:58 | 000,074,696 | ---- | M] () -- C:\Dokumente und Einstellungen\Tanja Vosswinkel\Lokale Einstellungen\Anwendungsdaten\GDIPFONTCACHEV1.DAT
[2010.09.04 07:42:52 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Microsoft Help
[2010.09.04 07:40:28 | 000,000,000 | ---D | M] -- C:\Programme\Gemeinsame Dateien\Microsoft Shared
[2010.09.04 07:39:58 | 000,000,000 | ---D | M] -- C:\Programme\Gemeinsame Dateien
[2010.09.04 07:39:58 | 000,000,000 | ---D | M] -- C:\Programme\Gemeinsame Dateien\DESIGNER
[2010.09.04 07:39:40 | 000,000,000 | ---D | M] -- C:\Programme\Microsoft Works
[2010.09.04 07:38:59 | 000,000,000 | ---D | M] -- C:\Programme\Microsoft Visual Studio
[2010.09.04 07:30:15 | 000,000,552 | ---- | M] () -- C:\WINDOWS\win.ini
[2010.09.04 07:30:14 | 000,000,000 | ---D | M] -- C:\Programme\Gemeinsame Dateien\System
[2010.09.03 23:36:34 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Tanja Vosswinkel\Anwendungsdaten\Malwarebytes
[2010.09.03 23:36:28 | 000,000,000 | ---D | M] -- C:\Programme\Malwarebytes' Anti-Malware
[2010.09.03 23:36:27 | 000,000,676 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2010.09.03 23:36:27 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Desktop
[2010.09.03 23:36:22 | 000,000,000 | RH-D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten
[2010.09.03 23:36:22 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Malwarebytes
[2010.09.03 23:14:10 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Tanja Vosswinkel\Lokale Einstellungen\Anwendungsdaten\Microsoft
[2010.09.03 23:05:35 | 000,001,355 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2010.09.03 23:05:07 | 000,435,594 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010.09.03 23:05:07 | 000,068,490 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010.09.03 01:33:00 | 008,574,976 | ---- | M] () -- C:\Dokumente und Einstellungen\Tanja Vosswinkel\Eigene Dateien\V-Welten-2010.QBW
[2010.09.03 00:28:41 | 000,000,104 | ---- | M] () -- C:\Dokumente und Einstellungen\Tanja Vosswinkel\Desktop\Verknüpfung (2) mit A&usführen....lnk
[2010.09.03 00:24:36 | 000,000,104 | ---- | M] () -- C:\Dokumente und Einstellungen\Tanja Vosswinkel\Desktop\Verknüpfung mit A&usführen....lnk
[2010.09.02 15:24:01 | 000,001,200 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-3948673213-278053644-3035829693-1005Core.job
[2010.08.27 21:36:31 | 000,000,000 | R--D | M] -- C:\Dokumente und Einstellungen\Tanja Vosswinkel\Favoriten
[2010.08.21 10:26:06 | 000,002,445 | ---- | M] () -- C:\Dokumente und Einstellungen\Tanja Vosswinkel\Desktop\Google Chrome.lnk
[2010.08.21 10:24:49 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Tanja Vosswinkel\Lokale Einstellungen\Anwendungsdaten\Temp
[2010.08.13 22:06:35 | 000,000,000 | ---D | M] -- C:\Programme\Internet Explorer
[2010.08.13 22:05:21 | 000,000,000 | ---D | M] -- C:\Programme\Movie Maker
[2010.08.12 22:19:08 | 000,007,168 | ---- | M] () -- C:\Dokumente und Einstellungen\Tanja Vosswinkel\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.08.11 11:49:58 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Tanja Vosswinkel\Lokale Einstellungen\Anwendungsdaten\Google
[2010.08.11 11:49:57 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Tanja Vosswinkel\Anwendungsdaten\Google
[2010.08.11 11:49:07 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\NetworkService\Lokale Einstellungen\Anwendungsdaten\Google
[2010.08.11 11:48:35 | 000,001,887 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Google Earth.lnk
[2010.08.11 11:48:04 | 000,000,000 | ---D | M] -- C:\Programme\Google
[2010.08.11 11:44:33 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\Anwendungsdaten\Google
[2010.02.03 19:14:50 | 005,365,300 | -H-- | M] () -- C:\Dokumente und Einstellungen\Tanja Vosswinkel\Lokale Einstellungen\Anwendungsdaten\IconCache.db
[2009.12.05 22:06:20 | 000,011,041 | ---- | M] () -- C:\Dokumente und Einstellungen\Tanja Vosswinkel\Anwendungsdaten\SmarThruOptions.xml
[2008.11.03 15:33:43 | 000,000,062 | -HS- | M] () -- C:\Dokumente und Einstellungen\Tanja Vosswinkel\Anwendungsdaten\desktop.ini
[2008.11.03 15:33:43 | 000,000,062 | -HS- | M] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\desktop.ini

========== Files - Modified Within 30 Days ==========

[2010.09.05 19:24:02 | 000,001,252 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-3948673213-278053644-3035829693-1005UA.job
[2010.09.05 19:19:00 | 000,001,244 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-3948673213-278053644-3035829693-1006UA.job
[2010.09.05 19:19:00 | 000,001,192 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-3948673213-278053644-3035829693-1006Core.job
[2010.09.05 19:15:52 | 007,864,320 | -H-- | M] () -- C:\Dokumente und Einstellungen\Tanja Vosswinkel\NTUSER.DAT
[2010.09.05 19:15:07 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Dokumente und Einstellungen\Tanja Vosswinkel\Desktop\OTL.exe
[2010.09.05 18:49:02 | 000,001,108 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2010.09.05 18:27:29 | 000,001,104 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2010.09.05 18:20:37 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010.09.05 18:20:31 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010.09.05 18:20:29 | 1063,702,528 | -HS- | M] () -- C:\hiberfil.sys
[2010.09.05 18:19:32 | 000,000,190 | -HS- | M] () -- C:\Dokumente und Einstellungen\Tanja Vosswinkel\ntuser.ini
[2010.09.05 18:12:41 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010.09.04 08:44:47 | 000,001,755 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\Windows Search.lnk
[2010.09.04 08:44:23 | 001,078,984 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2010.09.04 08:44:23 | 000,477,304 | ---- | M] () -- C:\WINDOWS\System32\perfh007.dat
[2010.09.04 08:44:23 | 000,091,304 | ---- | M] () -- C:\WINDOWS\System32\perfc007.dat
[2010.09.04 08:05:53 | 1950,368,768 | ---- | M] () -- C:\Dokumente und Einstellungen\Tanja Vosswinkel\Eigene Dateien\Outlook.pst
[2010.09.04 07:51:29 | 2775,712,768 | ---- | M] () -- C:\Dokumente und Einstellungen\Tanja Vosswinkel\Eigene Dateien\Archive-V-Welten.pst
[2010.09.04 07:51:29 | 1983,382,528 | ---- | M] () -- C:\Dokumente und Einstellungen\Tanja Vosswinkel\Eigene Dateien\archive.pst
[2010.09.04 07:49:58 | 000,074,696 | ---- | M] () -- C:\Dokumente und Einstellungen\Tanja Vosswinkel\Lokale Einstellungen\Anwendungsdaten\GDIPFONTCACHEV1.DAT
[2010.09.04 07:46:19 | 000,282,928 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010.09.04 07:30:15 | 000,000,552 | ---- | M] () -- C:\WINDOWS\win.ini
[2010.09.03 23:36:27 | 000,000,676 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2010.09.03 23:05:35 | 000,001,355 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2010.09.03 23:05:07 | 000,435,594 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010.09.03 23:05:07 | 000,068,490 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010.09.03 01:33:00 | 008,574,976 | ---- | M] () -- C:\Dokumente und Einstellungen\Tanja Vosswinkel\Eigene Dateien\V-Welten-2010.QBW
[2010.09.03 00:28:41 | 000,000,104 | ---- | M] () -- C:\Dokumente und Einstellungen\Tanja Vosswinkel\Desktop\Verknüpfung (2) mit A&usführen....lnk
[2010.09.03 00:24:36 | 000,000,104 | ---- | M] () -- C:\Dokumente und Einstellungen\Tanja Vosswinkel\Desktop\Verknüpfung mit A&usführen....lnk
[2010.09.02 15:24:01 | 000,001,200 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-3948673213-278053644-3035829693-1005Core.job
[2010.08.21 10:26:06 | 000,002,445 | ---- | M] () -- C:\Dokumente und Einstellungen\Tanja Vosswinkel\Desktop\Google Chrome.lnk
[2010.08.12 22:19:08 | 000,007,168 | ---- | M] () -- C:\Dokumente und Einstellungen\Tanja Vosswinkel\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.08.11 11:48:35 | 000,001,887 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Google Earth.lnk
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== LOP Check ==========

[2009.03.28 16:36:52 | 000,000,000 | -H-D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\CanonBJ
[2009.12.17 23:00:02 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\CanonCP
[2009.10.23 13:22:58 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\ComPlus Applications
[2010.01.18 23:03:51 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Installations
[2010.07.28 21:15:10 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Lexware
[2010.05.12 10:52:28 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\OviInstallerCache
[2009.03.22 13:34:56 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\PC Suite
[2008.11.03 15:49:09 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\WLAN
[2010.01.27 18:47:41 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Tanja Vosswinkel\Anwendungsdaten\7-PDFMaker
[2010.07.28 21:20:06 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Tanja Vosswinkel\Anwendungsdaten\DataDesign
[2010.07.28 21:54:16 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Tanja Vosswinkel\Anwendungsdaten\Lexware
[2009.04.27 22:02:06 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Tanja Vosswinkel\Anwendungsdaten\Nokia
[2009.03.22 13:46:15 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Tanja Vosswinkel\Anwendungsdaten\PC Suite
[2009.08.21 22:49:27 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Tanja Vosswinkel\Anwendungsdaten\pdfforge
[2009.06.26 00:56:49 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Tanja Vosswinkel\Anwendungsdaten\Search Settings
[2009.12.05 22:06:21 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Tanja Vosswinkel\Anwendungsdaten\SmarThru4
[2010.09.04 08:44:51 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Tanja Vosswinkel\Anwendungsdaten\Windows Desktop Search
[2009.03.22 14:53:37 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Tanja Vosswinkel\Anwendungsdaten\Windows Search

========== Purity Check ==========



========== Custom Scans ==========


< %SYSTEMDRIVE%\*.* >
[2008.11.03 15:41:30 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT
[2009.01.16 21:34:42 | 000,000,211 | RHS- | M] () -- C:\boot.ini
[2008.04.14 14:00:00 | 000,004,952 | RHS- | M] () -- C:\bootfont.bin
[2008.11.03 15:41:30 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS
[2010.03.17 16:16:30 | 000,000,000 | ---- | M] () -- C:\ctapi_out_gr.txt
[2010.09.05 18:20:29 | 1063,702,528 | -HS- | M] () -- C:\hiberfil.sys
[2008.11.03 15:41:30 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2008.11.03 15:41:30 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2008.04.14 14:00:00 | 000,047,564 | RHS- | M] () -- C:\NTDETECT.COM
[2008.04.14 14:00:00 | 000,251,712 | RHS- | M] () -- C:\ntldr
[2010.09.05 18:20:28 | 1598,029,824 | -HS- | M] () -- C:\pagefile.sys
[2008.11.24 11:16:27 | 000,000,159 | ---- | M] () -- C:\setup.log

< %systemroot%\Fonts\*.com >
[2006.04.18 16:39:28 | 000,026,040 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalMonospace.CompositeFont
[2006.06.29 15:53:56 | 000,026,489 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalSansSerif.CompositeFont
[2006.04.18 16:39:28 | 000,029,779 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalSerif.CompositeFont
[2006.06.29 15:58:52 | 000,030,808 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalUserInterface.CompositeFont

< %systemroot%\Fonts\*.dll >

< %systemroot%\Fonts\*.ini >
[2008.11.03 15:40:54 | 000,000,067 | -HS- | M] () -- C:\WINDOWS\Fonts\desktop.ini

< %systemroot%\Fonts\*.ini2 >

< %systemroot%\Fonts\*.exe >

< %systemroot%\system32\spool\prtprocs\w32x86\*.* >
[2006.04.23 22:00:00 | 000,022,528 | ---- | M] (CANON INC.) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\CNMPD85.DLL
[2006.04.23 22:00:00 | 000,065,024 | ---- | M] (CANON INC.) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\CNMPP85.DLL
[2008.07.06 14:06:10 | 000,089,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\filterpipelineprintproc.dll
[2008.07.06 12:50:03 | 000,597,504 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\printfilterpipelinesvc.exe
[2007.08.14 03:00:28 | 000,019,968 | ---- | M] (Windows ® 2000 DDK provider) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\sst1cpc.dll
[2007.06.27 09:00:00 | 000,057,344 | ---- | M] (Zenographics, Inc.) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\zIMFPRNT.DLL

< %systemroot%\REPAIR\*.bak1 >

< %systemroot%\REPAIR\*.ini >

< %systemroot%\system32\*.jpg >

< %systemroot%\*.jpg >

< %systemroot%\*.png >

< %systemroot%\*.scr >
[2007.02.26 17:49:10 | 001,744,896 | ---- | M] (TopThinks, INC.) -- C:\WINDOWS\imagine digital freedom.scr

< %systemroot%\*._sy >

< %APPDATA%\Adobe\Update\*.* >

< %ALLUSERSPROFILE%\Favorites\*.* >

< %APPDATA%\Microsoft\*.* >

< %PROGRAMFILES%\*.* >

< %APPDATA%\Update\*.* >

< %systemroot%\*. /mp /s >

< %systemroot%\System32\config\*.sav >
[2008.11.03 16:32:46 | 000,094,208 | ---- | M] () -- C:\WINDOWS\system32\config\default.sav
[2008.11.03 16:32:46 | 001,069,056 | ---- | M] () -- C:\WINDOWS\system32\config\software.sav
[2008.11.03 16:32:45 | 000,438,272 | ---- | M] () -- C:\WINDOWS\system32\config\system.sav

< %PROGRAMFILES%\bak. /s >

< %systemroot%\system32\bak. /s >

< %ALLUSERSPROFILE%\Start Menu\*.lnk /x >

< %systemroot%\system32\config\systemprofile\*.dat /x >

< %systemroot%\*.config >

< %systemroot%\system32\*.db >

< %PROGRAMFILES%\Internet Explorer\*.dat >

< %APPDATA%\Microsoft\Internet Explorer\Quick Launch\*.lnk /x >
[2008.11.03 15:46:02 | 000,000,079 | ---- | M] () -- C:\Dokumente und Einstellungen\Tanja Vosswinkel\Anwendungsdaten\Microsoft\Internet Explorer\Quick Launch\Desktop anzeigen.scf
[2009.01.16 21:35:45 | 000,000,124 | -HS- | M] () -- C:\Dokumente und Einstellungen\Tanja Vosswinkel\Anwendungsdaten\Microsoft\Internet Explorer\Quick Launch\desktop.ini

< %USERPROFILE%\Desktop\*.exe >
[2010.09.05 19:15:07 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Dokumente und Einstellungen\Tanja Vosswinkel\Desktop\OTL.exe

< %PROGRAMFILES%\Common Files\*.* >

< %systemroot%\*.src >

< %systemroot%\install\*.* >

< %systemroot%\system32\DLL\*.* >

< %systemroot%\system32\HelpFiles\*.* >

< %systemroot%\system32\rundll\*.* >

< %systemroot%\winn32\*.* >

< %systemroot%\Java\*.* >

< %systemroot%\system32\test\*.* >

< %systemroot%\system32\Rundll32\*.* >

< %systemroot%\AppPatch\Custom\*.* >

< HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU >

< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs >
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install\\LastSuccessTime: 2010-09-05 16:18:48

< End of report >

Extras.txt is saying:

OTL Extras logfile created on: 05.09.2010 19:22:18 - Run 1
OTL by OldTimer - Version 3.2.11.0 Folder = C:\Dokumente und Einstellungen\Tanja Vosswinkel\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

1.014,00 Mb Total Physical Memory | 380,00 Mb Available Physical Memory | 37,00% Memory free
2,00 Gb Paging File | 2,00 Gb Available in Paging File | 79,00% Paging File free
Paging file location(s): C:\pagefile.sys 1524 3048 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 71,04 Gb Total Space | 30,66 Gb Free Space | 43,16% Space Free | Partition Type: NTFS
Drive D: | 72,00 Gb Total Space | 66,88 Gb Free Space | 92,90% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: TVW-LAP-04
Current User Name: Tanja Vosswinkel
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = htmlfile] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
htmlfile [edit] -- "C:\Programme\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Programme\Microsoft Office\Office12\msohtmed.exe" /p %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [BUDNI Fotowelt] -- "C:\Programme\BUDNI Fotowelt\BUDNI Fotowelt\BUDNI Fotowelt.exe" "%1" ()
Directory [CEWE FOTOSCHAU] -- "C:\Programme\BUDNI Fotowelt\BUDNI Fotowelt\CEWE FOTOSCHAU.exe" -d "%1" ()
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\WINDOWS\system32\dpvsetup.exe" = C:\WINDOWS\system32\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test -- (Microsoft Corporation)
"C:\Programme\Microsoft Office\Office12\OUTLOOK.EXE" = C:\Programme\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook -- (Microsoft Corporation)
"C:\WINDOWS\twain_32\Samsung\ScanMgr.exe" = C:\WINDOWS\twain_32\Samsung\ScanMgr.exe:*:Enabled:Scan Manger -- (Samsung Electronics)
"C:\WINDOWS\twain_32\Samsung\CLX3170\Scan2Pc.exe" = C:\WINDOWS\twain_32\Samsung\CLX3170\Scan2Pc.exe:*:Enabled:ScanToPC -- ()
"C:\WINDOWS\twain_32\Samsung\CLX3170\Sscan2io.exe" = C:\WINDOWS\twain_32\Samsung\CLX3170\Sscan2io.exe:*:Enabled:SScanToIO -- ()
"C:\Programme\Google\Google Earth\plugin\geplugin.exe" = C:\Programme\Google\Google Earth\plugin\geplugin.exe:*:Enabled:Google Earth -- (Google)


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu
"{09298F26-A95C-31E2-9D95-2C60F586F075}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP510" = Canon MP510
"{145DE957-0679-4A2A-BB5C-1D3E9808FAB2}" = Samsung Recovery Solution III
"{14D08502-FEE4-40E5-90D3-8A967A1D8BA2}" = Readiris Pro 10
"{17283B95-21A8-4996-97DA-547A48DB266F}" = Easy Display Manager
"{20DC6CD9-AAA0-4FF9-A171-D72A7BCB0910}" = Lexware Abschreibungsrechner
"{212748BB-0DA5-46DE-82A1-403736DC9F27}" = MSVC80_x86
"{26A24AE4-039D-4CA4-87B4-2F83216011FF}" = Java™ 6 Update 11
"{3248F0A8-6813-11D6-A77B-00B0D0150000}" = J2SE Runtime Environment 5.0
"{32D6A58F-9659-446C-BBFC-E6F2B41F24DC}" = Samsung Magic Doctor
"{350C97B3-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{43034BED-DF67-4CC8-8D13-D18B0298F402}" = Lexware büro easy 2011
"{43602F34-1AA3-44FB-AEB2-D08C2C73743F}" = Paint.NET v3.36
"{59624372-3B85-47f4-9B04-4911E551DF1E}" = Lexware Info Service
"{5CBB720F-08E6-4043-B83F-76C277AF6DE7}" = Samsung Wallpaper
"{6869591A-7DD8-46D2-837F-57CBF7358955}" = Nokia Connectivity Cable Driver
"{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}" = MSVC80_x86_v2
"{6E0352EE-6F0D-4FBC-B1B8-4FF032C78BE0}" = PC Connectivity Solution
"{6F730513-8688-4C3C-90A3-6B9792CE2EF3}" = Samsung Battery Manager
"{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK
"{71A51B59-E7D3-11DB-A386-005056C00008}" = Namuga 1.3M Webcam
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7B46F9CF-CF60-492E-816E-95EB1A9D1BB4}" = Play Camera
"{8E106A57-A17E-431D-B48F-175E42EB9F74}" = imagine digital freedom - Samsung
"{90120000-0010-0407-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (German) 12
"{90120000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2007
"{90120000-0015-0407-0000-0000000FF1CE}_PROHYBRIDR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_PROHYBRIDR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_PROHYBRIDR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2007
"{90120000-0019-0407-0000-0000000FF1CE}_PROHYBRIDR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2007
"{90120000-001A-0407-0000-0000000FF1CE}_PROHYBRIDR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_PROHYBRIDR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_PROHYBRIDR_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_PROHYBRIDR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_PROHYBRIDR_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_PROHYBRIDR_{322296D4-1EAE-4030-9FBC-D2787EB25FA2}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_PROHYBRIDR_{26454C26-D259-4543-AA60-3189E09C5F76}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90F1943D-EA4A-4460-B59F-30023F3BA69A}" = SmarThru 4
"{91120000-0031-0000-0000-0000000FF1CE}" = Microsoft Office Professional Hybrid 2007
"{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{9249D7E7-33E7-4CC8-BB0B-3DF3C3CB2568}" = Nokia PC Suite
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A5F483F0-2D79-4FCA-AE09-D0D96E23EBF7}" = Samsung Update Plus
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{ABB14904-A11B-4F42-996C-80FD608A0F17}" = Samsung EDS
"{AC76BA86-7AD7-1031-7B44-A81200000003}" = Adobe Reader 8.1.2 - Deutsch
"{B8B0FC8B-E69B-4215-AF1A-4BDFF20D794B}" = pdfforge Toolbar v1.0
"{BAE68339-B0F6-4D33-9554-5A3DB2DFF5DA}" = User Guide
"{BD723E53-A42C-4702-AA04-1D74A0311590}" = Magic Keyboard
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C2C284D2-6BD7-3B34-B0C5-B2CAED168DF7}" = Microsoft .NET Framework 3.0 Service Pack 2 Language Pack - DEU
"{C2D129C0-7508-11DF-9F1B-005056806466}" = Google Earth
"{C314CE45-3392-3B73-B4E1-139CD41CA933}" = Microsoft .NET Framework 2.0 Service Pack 2 Language Pack - DEU
"{C8E00BC8-D619-4081-813A-6B5BCC846534}" = Lexware Elster
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{DEA48EFD-22C1-4CD6-B887-EB2E6B2E4735}" = Samsung Network Manager 2.0
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F4F41D14-E0DD-4FB4-AA09-A14225C769BD}" = Atheros WLAN Client
"{F6995FC4-2D91-4169-B3C4-7C51B7123902}" = Lexware online banking
"05B59228C7E1C21DFBE89260F879BD95880548D8" = Windows-Treiberpaket - Nokia Modem (10/05/2009 4.2)
"504244733D18C8F63FF584AEB290E3904E791693" = Windows-Treiberpaket - Nokia pccsmcfd (08/22/2008 7.0.0.0)
"7-PDF Maker_is1" = 7-PDF Maker Version 1.0.4
"8CDCFB95BB84DD9C0F88F22266A0CA86035E55BA" = Windows-Treiberpaket - Nokia Modem (06/01/2009 7.01.0.4)
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"BUDNI Fotowelt" = BUDNI Fotowelt
"Canon SELPHY CP750" = Canon SELPHY CP750
"CBF192A85B624E32B8D19ADEEF2DCFC5BC3AA73A" = Windows-Treiberpaket - Nokia Modem (03/05/2008 3.7)
"E092B2EBF2FFE83E896F8F7F829A7B5D7D1B2F9D" = Windows-Treiberpaket - Nokia Modem (03/13/2008 6.86.0.1)
"Fiddler2" = Fiddler2
"FKC22153088_is1" = fotokasten comfort
"HDMI" = Intel® Graphics Media Accelerator Driver
"ie8" = Windows Internet Explorer 8
"InstallShield_{7B46F9CF-CF60-492E-816E-95EB1A9D1BB4}" = Play Camera
"InstallShield_{A5F483F0-2D79-4FCA-AE09-D0D96E23EBF7}" = Samsung Update Plus
"InstallShield_{DEA48EFD-22C1-4CD6-B887-EB2E6B2E4735}" = Samsung Network Manager 2.0
"IrfanView" = IrfanView (remove only)
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Marvell Miniport Driver" = Marvell Miniport Driver
"Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"NAV" = Norton AntiVirus
"Nokia PC Suite" = Nokia PC Suite
"Picasa 3" = Picasa 3
"PROHYBRIDR" = 2007 Microsoft Office system
"Samsung CLX-3170 Series" = Samsung CLX-3170 Series
"SmarThru PC Fax" = SmarThru PC Fax
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"Wdf01005" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
"Wdf01007" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.7
"XPSEPSCLP" = XML Paper Specification Shared Components Language Pack 1.0

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 02.09.2010 18:53:14 | Computer Name = TVW-LAP-04 | Source = QuickBooks | ID = 0
Description = Die Datei capicom.dll wurde verändert. Installieren Sie das Programm
neu!

Error - 02.09.2010 19:18:37 | Computer Name = TVW-LAP-04 | Source = Microsoft Office 12 | ID = 2001
Description = Rejected Safe Mode action : Microsoft Office Outlook.

Error - 03.09.2010 13:38:52 | Computer Name = TVW-LAP-04 | Source = Application Hang | ID = 1002
Description = Stillstehende Anwendung iexplore.exe, Version 8.0.6001.18702, Stillstandmodul
hungapp, Version 0.0.0.0, Stillstandadresse 0x00000000.

Error - 03.09.2010 13:40:24 | Computer Name = TVW-LAP-04 | Source = Application Hang | ID = 1002
Description = Stillstehende Anwendung iexplore.exe, Version 8.0.6001.18702, Stillstandmodul
hungapp, Version 0.0.0.0, Stillstandadresse 0x00000000.

Error - 03.09.2010 13:43:08 | Computer Name = TVW-LAP-04 | Source = Application Hang | ID = 1002
Description = Stillstehende Anwendung iexplore.exe, Version 8.0.6001.18702, Stillstandmodul
hungapp, Version 0.0.0.0, Stillstandadresse 0x00000000.

Error - 03.09.2010 13:46:17 | Computer Name = TVW-LAP-04 | Source = Application Hang | ID = 1002
Description = Stillstehende Anwendung iexplore.exe, Version 8.0.6001.18702, Stillstandmodul
hungapp, Version 0.0.0.0, Stillstandadresse 0x00000000.

Error - 03.09.2010 13:46:52 | Computer Name = TVW-LAP-04 | Source = Application Hang | ID = 1002
Description = Stillstehende Anwendung iexplore.exe, Version 8.0.6001.18702, Stillstandmodul
hungapp, Version 0.0.0.0, Stillstandadresse 0x00000000.

Error - 03.09.2010 13:46:59 | Computer Name = TVW-LAP-04 | Source = Application Hang | ID = 1002
Description = Stillstehende Anwendung iexplore.exe, Version 8.0.6001.18702, Stillstandmodul
hungapp, Version 0.0.0.0, Stillstandadresse 0x00000000.

Error - 03.09.2010 17:04:11 | Computer Name = TVW-LAP-04 | Source = Application Hang | ID = 1001
Description = Fehlerhafter Speicherbereich 1180947459.

Error - 04.09.2010 02:49:25 | Computer Name = TVW-LAP-04 | Source = Windows Search Service | ID = 3024
Description = Die Aktualisierung kann nicht gestartet werden, da kein Zugriff auf
die Inhaltsquellen bestand. Beheben Sie die Fehler, und starten Sie die Aktualisierung
erneut. Kontext: Windows Anwendung, SystemIndex Katalog

[ Application Events ]
Error - 02.09.2010 18:53:14 | Computer Name = TVW-LAP-04 | Source = QuickBooks | ID = 0
Description = Die Datei capicom.dll wurde verändert. Installieren Sie das Programm
neu!

Error - 02.09.2010 19:18:37 | Computer Name = TVW-LAP-04 | Source = Microsoft Office 12 | ID = 2001
Description = Rejected Safe Mode action : Microsoft Office Outlook.

Error - 03.09.2010 13:38:52 | Computer Name = TVW-LAP-04 | Source = Application Hang | ID = 1002
Description = Stillstehende Anwendung iexplore.exe, Version 8.0.6001.18702, Stillstandmodul
hungapp, Version 0.0.0.0, Stillstandadresse 0x00000000.

Error - 03.09.2010 13:40:24 | Computer Name = TVW-LAP-04 | Source = Application Hang | ID = 1002
Description = Stillstehende Anwendung iexplore.exe, Version 8.0.6001.18702, Stillstandmodul
hungapp, Version 0.0.0.0, Stillstandadresse 0x00000000.

Error - 03.09.2010 13:43:08 | Computer Name = TVW-LAP-04 | Source = Application Hang | ID = 1002
Description = Stillstehende Anwendung iexplore.exe, Version 8.0.6001.18702, Stillstandmodul
hungapp, Version 0.0.0.0, Stillstandadresse 0x00000000.

Error - 03.09.2010 13:46:17 | Computer Name = TVW-LAP-04 | Source = Application Hang | ID = 1002
Description = Stillstehende Anwendung iexplore.exe, Version 8.0.6001.18702, Stillstandmodul
hungapp, Version 0.0.0.0, Stillstandadresse 0x00000000.

Error - 03.09.2010 13:46:52 | Computer Name = TVW-LAP-04 | Source = Application Hang | ID = 1002
Description = Stillstehende Anwendung iexplore.exe, Version 8.0.6001.18702, Stillstandmodul
hungapp, Version 0.0.0.0, Stillstandadresse 0x00000000.

Error - 03.09.2010 13:46:59 | Computer Name = TVW-LAP-04 | Source = Application Hang | ID = 1002
Description = Stillstehende Anwendung iexplore.exe, Version 8.0.6001.18702, Stillstandmodul
hungapp, Version 0.0.0.0, Stillstandadresse 0x00000000.

Error - 03.09.2010 17:04:11 | Computer Name = TVW-LAP-04 | Source = Application Hang | ID = 1001
Description = Fehlerhafter Speicherbereich 1180947459.

Error - 04.09.2010 02:49:25 | Computer Name = TVW-LAP-04 | Source = Windows Search Service | ID = 3024
Description = Die Aktualisierung kann nicht gestartet werden, da kein Zugriff auf
die Inhaltsquellen bestand. Beheben Sie die Fehler, und starten Sie die Aktualisierung
erneut. Kontext: Windows Anwendung, SystemIndex Katalog

[ OSession Events ]
Error - 25.06.2009 07:32:56 | Computer Name = TVW-LAP-04 | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 3, Application Name: Microsoft Office PowerPoint, Application
Version: 12.0.6500.5000, Microsoft Office Version: 12.0.6215.1000. This session
lasted 8836 seconds with 1020 seconds of active time. This session ended with a
crash.

Error - 07.04.2010 08:36:55 | Computer Name = TVW-LAP-04 | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6514.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 16308
seconds with 5580 seconds of active time. This session ended with a crash.

Error - 16.05.2010 16:37:13 | Computer Name = TVW-LAP-04 | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6504.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 756
seconds with 420 seconds of active time. This session ended with a crash.

Error - 03.07.2010 19:02:37 | Computer Name = TVW-LAP-04 | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6535.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 2444
seconds with 120 seconds of active time. This session ended with a crash.

Error - 02.09.2010 18:29:52 | Computer Name = TVW-LAP-04 | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6535.5005, Microsoft Office Version: 12.0.6425.1000. This session lasted 9002
seconds with 420 seconds of active time. This session ended with a crash.

[ System Events ]
Error - 04.09.2010 01:49:33 | Computer Name = TVW-LAP-04 | Source = Service Control Manager | ID = 7011
Description = Zeitüberschreitung (30000 ms) beim Warten auf eine Transaktionsrückmeldung
von Dienst Norton AntiVirus.

Error - 04.09.2010 01:49:36 | Computer Name = TVW-LAP-04 | Source = Service Control Manager | ID = 7000
Description = Der Dienst "DgiVecp" wurde aufgrund folgenden Fehlers nicht gestartet:
%%20

Error - 04.09.2010 02:54:40 | Computer Name = TVW-LAP-04 | Source = Service Control Manager | ID = 7000
Description = Der Dienst "DgiVecp" wurde aufgrund folgenden Fehlers nicht gestartet:
%%20

Error - 04.09.2010 02:54:40 | Computer Name = TVW-LAP-04 | Source = Service Control Manager | ID = 7000
Description = Der Dienst "SSPORT" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2

Error - 05.09.2010 12:12:53 | Computer Name = TVW-LAP-04 | Source = Service Control Manager | ID = 7000
Description = Der Dienst "DgiVecp" wurde aufgrund folgenden Fehlers nicht gestartet:
%%20

Error - 05.09.2010 12:12:53 | Computer Name = TVW-LAP-04 | Source = Service Control Manager | ID = 7000
Description = Der Dienst "SSPORT" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2

Error - 05.09.2010 12:16:09 | Computer Name = TVW-LAP-04 | Source = Service Control Manager | ID = 7000
Description = Der Dienst "DgiVecp" wurde aufgrund folgenden Fehlers nicht gestartet:
%%20

Error - 05.09.2010 12:20:45 | Computer Name = TVW-LAP-04 | Source = Service Control Manager | ID = 7000
Description = Der Dienst "DgiVecp" wurde aufgrund folgenden Fehlers nicht gestartet:
%%20

Error - 05.09.2010 12:20:45 | Computer Name = TVW-LAP-04 | Source = Service Control Manager | ID = 7000
Description = Der Dienst "SSPORT" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2

Error - 05.09.2010 12:27:52 | Computer Name = TVW-LAP-04 | Source = Service Control Manager | ID = 7000
Description = Der Dienst "DgiVecp" wurde aufgrund folgenden Fehlers nicht gestartet:
%%20


< End of report >

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = htmlfile] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
htmlfile [edit] -- "C:\Programme\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Programme\Microsoft Office\Office12\msohtmed.exe" /p %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [BUDNI Fotowelt] -- "C:\Programme\BUDNI Fotowelt\BUDNI Fotowelt\BUDNI Fotowelt.exe" "%1" ()
Directory [CEWE FOTOSCHAU] -- "C:\Programme\BUDNI Fotowelt\BUDNI Fotowelt\CEWE FOTOSCHAU.exe" -d "%1" ()
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\WINDOWS\system32\dpvsetup.exe" = C:\WINDOWS\system32\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test -- (Microsoft Corporation)
"C:\Programme\Microsoft Office\Office12\OUTLOOK.EXE" = C:\Programme\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook -- (Microsoft Corporation)
"C:\WINDOWS\twain_32\Samsung\ScanMgr.exe" = C:\WINDOWS\twain_32\Samsung\ScanMgr.exe:*:Enabled:Scan Manger -- (Samsung Electronics)
"C:\WINDOWS\twain_32\Samsung\CLX3170\Scan2Pc.exe" = C:\WINDOWS\twain_32\Samsung\CLX3170\Scan2Pc.exe:*:Enabled:ScanToPC -- ()
"C:\WINDOWS\twain_32\Samsung\CLX3170\Sscan2io.exe" = C:\WINDOWS\twain_32\Samsung\CLX3170\Sscan2io.exe:*:Enabled:SScanToIO -- ()
"C:\Programme\Google\Google Earth\plugin\geplugin.exe" = C:\Programme\Google\Google Earth\plugin\geplugin.exe:*:Enabled:Google Earth -- (Google)


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu
"{09298F26-A95C-31E2-9D95-2C60F586F075}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP510" = Canon MP510
"{145DE957-0679-4A2A-BB5C-1D3E9808FAB2}" = Samsung Recovery Solution III
"{14D08502-FEE4-40E5-90D3-8A967A1D8BA2}" = Readiris Pro 10
"{17283B95-21A8-4996-97DA-547A48DB266F}" = Easy Display Manager
"{20DC6CD9-AAA0-4FF9-A171-D72A7BCB0910}" = Lexware Abschreibungsrechner
"{212748BB-0DA5-46DE-82A1-403736DC9F27}" = MSVC80_x86
"{26A24AE4-039D-4CA4-87B4-2F83216011FF}" = Java™ 6 Update 11
"{3248F0A8-6813-11D6-A77B-00B0D0150000}" = J2SE Runtime Environment 5.0
"{32D6A58F-9659-446C-BBFC-E6F2B41F24DC}" = Samsung Magic Doctor
"{350C97B3-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{43034BED-DF67-4CC8-8D13-D18B0298F402}" = Lexware büro easy 2011
"{43602F34-1AA3-44FB-AEB2-D08C2C73743F}" = Paint.NET v3.36
"{59624372-3B85-47f4-9B04-4911E551DF1E}" = Lexware Info Service
"{5CBB720F-08E6-4043-B83F-76C277AF6DE7}" = Samsung Wallpaper
"{6869591A-7DD8-46D2-837F-57CBF7358955}" = Nokia Connectivity Cable Driver
"{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}" = MSVC80_x86_v2
"{6E0352EE-6F0D-4FBC-B1B8-4FF032C78BE0}" = PC Connectivity Solution
"{6F730513-8688-4C3C-90A3-6B9792CE2EF3}" = Samsung Battery Manager
"{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK
"{71A51B59-E7D3-11DB-A386-005056C00008}" = Namuga 1.3M Webcam
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7B46F9CF-CF60-492E-816E-95EB1A9D1BB4}" = Play Camera
"{8E106A57-A17E-431D-B48F-175E42EB9F74}" = imagine digital freedom - Samsung
"{90120000-0010-0407-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (German) 12
"{90120000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2007
"{90120000-0015-0407-0000-0000000FF1CE}_PROHYBRIDR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_PROHYBRIDR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_PROHYBRIDR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2007
"{90120000-0019-0407-0000-0000000FF1CE}_PROHYBRIDR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2007
"{90120000-001A-0407-0000-0000000FF1CE}_PROHYBRIDR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_PROHYBRIDR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_PROHYBRIDR_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_PROHYBRIDR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_PROHYBRIDR_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_PROHYBRIDR_{322296D4-1EAE-4030-9FBC-D2787EB25FA2}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_PROHYBRIDR_{26454C26-D259-4543-AA60-3189E09C5F76}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90F1943D-EA4A-4460-B59F-30023F3BA69A}" = SmarThru 4
"{91120000-0031-0000-0000-0000000FF1CE}" = Microsoft Office Professional Hybrid 2007
"{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{9249D7E7-33E7-4CC8-BB0B-3DF3C3CB2568}" = Nokia PC Suite
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A5F483F0-2D79-4FCA-AE09-D0D96E23EBF7}" = Samsung Update Plus
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{ABB14904-A11B-4F42-996C-80FD608A0F17}" = Samsung EDS
"{AC76BA86-7AD7-1031-7B44-A81200000003}" = Adobe Reader 8.1.2 - Deutsch
"{B8B0FC8B-E69B-4215-AF1A-4BDFF20D794B}" = pdfforge Toolbar v1.0
"{BAE68339-B0F6-4D33-9554-5A3DB2DFF5DA}" = User Guide
"{BD723E53-A42C-4702-AA04-1D74A0311590}" = Magic Keyboard
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C2C284D2-6BD7-3B34-B0C5-B2CAED168DF7}" = Microsoft .NET Framework 3.0 Service Pack 2 Language Pack - DEU
"{C2D129C0-7508-11DF-9F1B-005056806466}" = Google Earth
"{C314CE45-3392-3B73-B4E1-139CD41CA933}" = Microsoft .NET Framework 2.0 Service Pack 2 Language Pack - DEU
"{C8E00BC8-D619-4081-813A-6B5BCC846534}" = Lexware Elster
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{DEA48EFD-22C1-4CD6-B887-EB2E6B2E4735}" = Samsung Network Manager 2.0
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F4F41D14-E0DD-4FB4-AA09-A14225C769BD}" = Atheros WLAN Client
"{F6995FC4-2D91-4169-B3C4-7C51B7123902}" = Lexware online banking
"05B59228C7E1C21DFBE89260F879BD95880548D8" = Windows-Treiberpaket - Nokia Modem (10/05/2009 4.2)
"504244733D18C8F63FF584AEB290E3904E791693" = Windows-Treiberpaket - Nokia pccsmcfd (08/22/2008 7.0.0.0)
"7-PDF Maker_is1" = 7-PDF Maker Version 1.0.4
"8CDCFB95BB84DD9C0F88F22266A0CA86035E55BA" = Windows-Treiberpaket - Nokia Modem (06/01/2009 7.01.0.4)
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"BUDNI Fotowelt" = BUDNI Fotowelt
"Canon SELPHY CP750" = Canon SELPHY CP750
"CBF192A85B624E32B8D19ADEEF2DCFC5BC3AA73A" = Windows-Treiberpaket - Nokia Modem (03/05/2008 3.7)
"E092B2EBF2FFE83E896F8F7F829A7B5D7D1B2F9D" = Windows-Treiberpaket - Nokia Modem (03/13/2008 6.86.0.1)
"Fiddler2" = Fiddler2
"FKC22153088_is1" = fotokasten comfort
"HDMI" = Intel® Graphics Media Accelerator Driver
"ie8" = Windows Internet Explorer 8
"InstallShield_{7B46F9CF-CF60-492E-816E-95EB1A9D1BB4}" = Play Camera
"InstallShield_{A5F483F0-2D79-4FCA-AE09-D0D96E23EBF7}" = Samsung Update Plus
"InstallShield_{DEA48EFD-22C1-4CD6-B887-EB2E6B2E4735}" = Samsung Network Manager 2.0
"IrfanView" = IrfanView (remove only)
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Marvell Miniport Driver" = Marvell Miniport Driver
"Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"NAV" = Norton AntiVirus
"Nokia PC Suite" = Nokia PC Suite
"Picasa 3" = Picasa 3
"PROHYBRIDR" = 2007 Microsoft Office system
"Samsung CLX-3170 Series" = Samsung CLX-3170 Series
"SmarThru PC Fax" = SmarThru PC Fax
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"Wdf01005" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
"Wdf01007" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.7
"XPSEPSCLP" = XML Paper Specification Shared Components Language Pack 1.0

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 02.09.2010 18:53:14 | Computer Name = TVW-LAP-04 | Source = QuickBooks | ID = 0
Description = Die Datei capicom.dll wurde verändert. Installieren Sie das Programm
neu!

Error - 02.09.2010 19:18:37 | Computer Name = TVW-LAP-04 | Source = Microsoft Office 12 | ID = 2001
Description = Rejected Safe Mode action : Microsoft Office Outlook.

Error - 03.09.2010 13:38:52 | Computer Name = TVW-LAP-04 | Source = Application Hang | ID = 1002
Description = Stillstehende Anwendung iexplore.exe, Version 8.0.6001.18702, Stillstandmodul
hungapp, Version 0.0.0.0, Stillstandadresse 0x00000000.

Error - 03.09.2010 13:40:24 | Computer Name = TVW-LAP-04 | Source = Application Hang | ID = 1002
Description = Stillstehende Anwendung iexplore.exe, Version 8.0.6001.18702, Stillstandmodul
hungapp, Version 0.0.0.0, Stillstandadresse 0x00000000.

Error - 03.09.2010 13:43:08 | Computer Name = TVW-LAP-04 | Source = Application Hang | ID = 1002
Description = Stillstehende Anwendung iexplore.exe, Version 8.0.6001.18702, Stillstandmodul
hungapp, Version 0.0.0.0, Stillstandadresse 0x00000000.

Error - 03.09.2010 13:46:17 | Computer Name = TVW-LAP-04 | Source = Application Hang | ID = 1002
Description = Stillstehende Anwendung iexplore.exe, Version 8.0.6001.18702, Stillstandmodul
hungapp, Version 0.0.0.0, Stillstandadresse 0x00000000.

Error - 03.09.2010 13:46:52 | Computer Name = TVW-LAP-04 | Source = Application Hang | ID = 1002
Description = Stillstehende Anwendung iexplore.exe, Version 8.0.6001.18702, Stillstandmodul
hungapp, Version 0.0.0.0, Stillstandadresse 0x00000000.

Error - 03.09.2010 13:46:59 | Computer Name = TVW-LAP-04 | Source = Application Hang | ID = 1002
Description = Stillstehende Anwendung iexplore.exe, Version 8.0.6001.18702, Stillstandmodul
hungapp, Version 0.0.0.0, Stillstandadresse 0x00000000.

Error - 03.09.2010 17:04:11 | Computer Name = TVW-LAP-04 | Source = Application Hang | ID = 1001
Description = Fehlerhafter Speicherbereich 1180947459.

Error - 04.09.2010 02:49:25 | Computer Name = TVW-LAP-04 | Source = Windows Search Service | ID = 3024
Description = Die Aktualisierung kann nicht gestartet werden, da kein Zugriff auf
die Inhaltsquellen bestand. Beheben Sie die Fehler, und starten Sie die Aktualisierung
erneut. Kontext: Windows Anwendung, SystemIndex Katalog

[ Application Events ]
Error - 02.09.2010 18:53:14 | Computer Name = TVW-LAP-04 | Source = QuickBooks | ID = 0
Description = Die Datei capicom.dll wurde verändert. Installieren Sie das Programm
neu!

Error - 02.09.2010 19:18:37 | Computer Name = TVW-LAP-04 | Source = Microsoft Office 12 | ID = 2001
Description = Rejected Safe Mode action : Microsoft Office Outlook.

Error - 03.09.2010 13:38:52 | Computer Name = TVW-LAP-04 | Source = Application Hang | ID = 1002
Description = Stillstehende Anwendung iexplore.exe, Version 8.0.6001.18702, Stillstandmodul
hungapp, Version 0.0.0.0, Stillstandadresse 0x00000000.

Error - 03.09.2010 13:40:24 | Computer Name = TVW-LAP-04 | Source = Application Hang | ID = 1002
Description = Stillstehende Anwendung iexplore.exe, Version 8.0.6001.18702, Stillstandmodul
hungapp, Version 0.0.0.0, Stillstandadresse 0x00000000.

Error - 03.09.2010 13:43:08 | Computer Name = TVW-LAP-04 | Source = Application Hang | ID = 1002
Description = Stillstehende Anwendung iexplore.exe, Version 8.0.6001.18702, Stillstandmodul
hungapp, Version 0.0.0.0, Stillstandadresse 0x00000000.

Error - 03.09.2010 13:46:17 | Computer Name = TVW-LAP-04 | Source = Application Hang | ID = 1002
Description = Stillstehende Anwendung iexplore.exe, Version 8.0.6001.18702, Stillstandmodul
hungapp, Version 0.0.0.0, Stillstandadresse 0x00000000.

Error - 03.09.2010 13:46:52 | Computer Name = TVW-LAP-04 | Source = Application Hang | ID = 1002
Description = Stillstehende Anwendung iexplore.exe, Version 8.0.6001.18702, Stillstandmodul
hungapp, Version 0.0.0.0, Stillstandadresse 0x00000000.

Error - 03.09.2010 13:46:59 | Computer Name = TVW-LAP-04 | Source = Application Hang | ID = 1002
Description = Stillstehende Anwendung iexplore.exe, Version 8.0.6001.18702, Stillstandmodul
hungapp, Version 0.0.0.0, Stillstandadresse 0x00000000.

Error - 03.09.2010 17:04:11 | Computer Name = TVW-LAP-04 | Source = Application Hang | ID = 1001
Description = Fehlerhafter Speicherbereich 1180947459.

Error - 04.09.2010 02:49:25 | Computer Name = TVW-LAP-04 | Source = Windows Search Service | ID = 3024
Description = Die Aktualisierung kann nicht gestartet werden, da kein Zugriff auf
die Inhaltsquellen bestand. Beheben Sie die Fehler, und starten Sie die Aktualisierung
erneut. Kontext: Windows Anwendung, SystemIndex Katalog

[ OSession Events ]
Error - 25.06.2009 07:32:56 | Computer Name = TVW-LAP-04 | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 3, Application Name: Microsoft Office PowerPoint, Application
Version: 12.0.6500.5000, Microsoft Office Version: 12.0.6215.1000. This session
lasted 8836 seconds with 1020 seconds of active time. This session ended with a
crash.

Error - 07.04.2010 08:36:55 | Computer Name = TVW-LAP-04 | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6514.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 16308
seconds with 5580 seconds of active time. This session ended with a crash.

Error - 16.05.2010 16:37:13 | Computer Name = TVW-LAP-04 | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6504.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 756
seconds with 420 seconds of active time. This session ended with a crash.

Error - 03.07.2010 19:02:37 | Computer Name = TVW-LAP-04 | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6535.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 2444
seconds with 120 seconds of active time. This session ended with a crash.

Error - 02.09.2010 18:29:52 | Computer Name = TVW-LAP-04 | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6535.5005, Microsoft Office Version: 12.0.6425.1000. This session lasted 9002
seconds with 420 seconds of active time. This session ended with a crash.

[ System Events ]
Error - 04.09.2010 01:49:33 | Computer Name = TVW-LAP-04 | Source = Service Control Manager | ID = 7011
Description = Zeitüberschreitung (30000 ms) beim Warten auf eine Transaktionsrückmeldung
von Dienst Norton AntiVirus.

Error - 04.09.2010 01:49:36 | Computer Name = TVW-LAP-04 | Source = Service Control Manager | ID = 7000
Description = Der Dienst "DgiVecp" wurde aufgrund folgenden Fehlers nicht gestartet:
%%20

Error - 04.09.2010 02:54:40 | Computer Name = TVW-LAP-04 | Source = Service Control Manager | ID = 7000
Description = Der Dienst "DgiVecp" wurde aufgrund folgenden Fehlers nicht gestartet:
%%20

Error - 04.09.2010 02:54:40 | Computer Name = TVW-LAP-04 | Source = Service Control Manager | ID = 7000
Description = Der Dienst "SSPORT" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2

Error - 05.09.2010 12:12:53 | Computer Name = TVW-LAP-04 | Source = Service Control Manager | ID = 7000
Description = Der Dienst "DgiVecp" wurde aufgrund folgenden Fehlers nicht gestartet:
%%20

Error - 05.09.2010 12:12:53 | Computer Name = TVW-LAP-04 | Source = Service Control Manager | ID = 7000
Description = Der Dienst "SSPORT" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2

Error - 05.09.2010 12:16:09 | Computer Name = TVW-LAP-04 | Source = Service Control Manager | ID = 7000
Description = Der Dienst "DgiVecp" wurde aufgrund folgenden Fehlers nicht gestartet:
%%20

Error - 05.09.2010 12:20:45 | Computer Name = TVW-LAP-04 | Source = Service Control Manager | ID = 7000
Description = Der Dienst "DgiVecp" wurde aufgrund folgenden Fehlers nicht gestartet:
%%20

Error - 05.09.2010 12:20:45 | Computer Name = TVW-LAP-04 | Source = Service Control Manager | ID = 7000
Description = Der Dienst "SSPORT" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2

Error - 05.09.2010 12:27:52 | Computer Name = TVW-LAP-04 | Source = Service Control Manager | ID = 7000
Description = Der Dienst "DgiVecp" wurde aufgrund folgenden Fehlers nicht gestartet:
%%20


< End of report >

Sincerely an all help is appreciated

Olli

    Advertisements

Register to Remove

Related Topics

Back to Microsoft Office™ · Next Unread Topic →

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. What the Tech
  2. Software
  3. Microsoft Office™
  4. Privacy Policy
  5. Terms of Use ·