Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Black screen at start up


  • This topic is locked This topic is locked
38 replies to this topic

#1 bivels

bivels

  • Members
  • 40 posts
  • OFFLINE
  •  
  • Local time:04:54 AM

Posted 08 January 2012 - 11:08 AM

Hi,

When my computer starts up, there is nothing but a black screen for approx. two minutes until the Welcome screen appears. Hence, I cannot get into Safe Mode. Also, the computer in general is very slow.

At start up I get the message "CNYHKey.exe - Component not found. The application couldn't be started, because HKCYDLL.dll couldn't be found."

I've followed Broni's instructions to start the "Preparation Guide For Use Before Using Malware Removal Tools and Requesting Help", but dds.scr freezes the computer and gmer crashes. So, unfortunately, I cannot post any of the requested logs here.

For further information, please refer to previous thread http://www.bleepingcomputer.com/forums/topic433903.html/page__st__15__gopid__2541954#entry2541954.

Edited by bivels, 08 January 2012 - 11:09 AM.


BC AdBot (Login to Remove)

 


#2 myrti

myrti

    Sillyberry


  • Malware Study Hall Admin
  • 33,784 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:At home
  • Local time:05:54 AM

Posted 13 January 2012 - 03:04 PM

Hello and welcome to Bleeping Computer

We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.

If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine.
If you are unable to create a log because your computer cannot start up successfully please provide detailed information about the Windows version you are using: What we in particular need to know is version, edition and if it is a 32bit or a 64bit system. [/b]
If you are unsure about any of these caracteristics, just let us know and we'll help you figuring it out. Please also tell us if you have your Windows CD/DVD handy.


Please include a clear description of the problems you're having, along with any steps you may have performed so far.

Please refrain from running tools or applying updates other than those we suggest while we are cleaning up your computer. The reason for this is so we know what is going on with the machine at any time. Some programs can interfere with others and hamper the recovery process.

Even if you have already provided information about your PC, we need a new log to see what has changed since you originally posted your problem.
We need to create an OTL Report
  • Please download OTL from one of the following mirrors:
  • Save it to your desktop.
  • Double click on the Posted Image icon on your desktop.
  • Click the "Scan All Users" checkbox.
  • In the custom scan box paste the following:
    msconfig
    safebootminimal
    activex
    drivers32
    netsvcs
    %SYSTEMDRIVE%\*.exe
    /md5start
    explorer.exe
    winlogon.exe
    wininit.exe
    hlp.dat
    /md5stop
  • Push the Posted Image button.
  • Two reports will open, copy and paste them in a reply here:
    • OTL.txt <-- Will be opened
    • Extra.txt<--Will be minimized

In the upper right hand corner of the topic you will see a button called Watch Topic.I suggest you click it and select Immediate E-Mail notification and click on Proceed. This way you will be advised when we respond to your topic and facilitate the cleaning of your machine.

After 5 days if a topic is not replied to we assume it has been abandoned and it is closed.

regards myrti

is that a bird?  a plane? nooo it's the flying blueberry!

If I have been helping you and haven't replied in 2 days, feel free to shoot me a PM! Please don't send help request via PM, unless I am already helping you. Use the forums!

animinionsmalltext.gif

Follow BleepingComputer on: Facebook | Twitter | Google+


#3 bivels

bivels
  • Topic Starter

  • Members
  • 40 posts
  • OFFLINE
  •  
  • Local time:04:54 AM

Posted 14 January 2012 - 07:01 AM

Hello myrti,

Thank you for your reply.

I'm using Windows Version 5.1, XP Home Edition, Version 2002, SP 3. It's a 32bit system. I don't have the Windows CD handy.

The first problem I'm having is that on start up I only have a black screen until the Windows Welcome screen comes up. Hence I can't get into Safe Mode, run Avast in Boot mode, or anything.

The second problem is that the machine is very slow.

So far, I have followed all of Broni's instructions in this thread http://www.bleepingcomputer.com/forums/topic433903.html/page__p__2519889__fromsearch__1#entry2519889.

Unfortunately, OTL freezes during the "Scanning modules" process.

Kind Regards,

bivels

#4 myrti

myrti

    Sillyberry


  • Malware Study Hall Admin
  • 33,784 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:At home
  • Local time:05:54 AM

Posted 14 January 2012 - 08:33 AM

Hi,

please try running DDS instead then:
Please run a scan with DDS:
  • Download DDS by sUBs from one of the following links. Save it to your desktop.
    DDS.scr
    DDS.pif
  • Double click on the DDS icon, allow it to run.
  • A small box will open, with an explanation about the tool. No input is needed, the scan is running.
  • Notepad will open with the results, click no to the Optional_Scan
  • Follow the instructions that pop up for posting the results.
  • Close the program window, and delete the program from your desktop.

Please note: You may have to disable any script protection running if the scan fails to run. After downloading the tool, disconnect from the internet and disable all antivirus protection. Run the scan, enable your A/V and reconnect to the internet.


Information on A/V control HERE

regards myrti

is that a bird?  a plane? nooo it's the flying blueberry!

If I have been helping you and haven't replied in 2 days, feel free to shoot me a PM! Please don't send help request via PM, unless I am already helping you. Use the forums!

animinionsmalltext.gif

Follow BleepingComputer on: Facebook | Twitter | Google+


#5 bivels

bivels
  • Topic Starter

  • Members
  • 40 posts
  • OFFLINE
  •  
  • Local time:04:54 AM

Posted 14 January 2012 - 12:03 PM

Hi,

dds freezes my computer at about two thirds through. I then have to switch the machine off manually and restart. I had disabled my A/V and internet, but still no joy.

Kind Regards,

bivels

#6 myrti

myrti

    Sillyberry


  • Malware Study Hall Admin
  • 33,784 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:At home
  • Local time:05:54 AM

Posted 14 January 2012 - 12:14 PM

Hi,

ok..

In that case please try OTL again, but set the check on "None" for modules and let me know if it finishes.

regards myrti

is that a bird?  a plane? nooo it's the flying blueberry!

If I have been helping you and haven't replied in 2 days, feel free to shoot me a PM! Please don't send help request via PM, unless I am already helping you. Use the forums!

animinionsmalltext.gif

Follow BleepingComputer on: Facebook | Twitter | Google+


#7 bivels

bivels
  • Topic Starter

  • Members
  • 40 posts
  • OFFLINE
  •  
  • Local time:04:54 AM

Posted 14 January 2012 - 12:54 PM

Hi,

This worked:

OTL.Txt

OTL logfile created on: 14.01.2012 18:29:33 - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Dokumente und Einstellungen\Botel\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

3,00 Gb Total Physical Memory | 1,45 Gb Available Physical Memory | 48,28% Memory free
4,84 Gb Paging File | 3,48 Gb Available in Paging File | 71,82% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 97,66 Gb Total Space | 56,29 Gb Free Space | 57,64% Space Free | Partition Type: NTFS
Drive D: | 97,66 Gb Total Space | 30,56 Gb Free Space | 31,30% Space Free | Partition Type: NTFS
Drive E: | 9,76 Gb Total Space | 3,85 Gb Free Space | 39,47% Space Free | Partition Type: FAT32
Drive G: | 3,05 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF
Drive H: | 260,68 Gb Total Space | 246,79 Gb Free Space | 94,67% Space Free | Partition Type: NTFS

Computer Name: MEDION | User Name: Botel | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012.01.14 12:48:54 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Dokumente und Einstellungen\Botel\Desktop\OTL.exe
PRC - [2011.12.21 08:42:28 | 000,924,632 | ---- | M] (Mozilla Corporation) -- C:\Programme\Mozilla Firefox\firefox.exe
PRC - [2011.12.14 11:22:58 | 000,296,056 | ---- | M] (RealNetworks, Inc.) -- C:\program files\real\realplayer\Update\realsched.exe
PRC - [2011.11.28 19:01:24 | 003,744,552 | ---- | M] (AVAST Software) -- C:\Programme\AVAST Software\Avast\AvastUI.exe
PRC - [2011.11.28 19:01:23 | 000,044,768 | ---- | M] (AVAST Software) -- C:\Programme\AVAST Software\Avast\AvastSvc.exe
PRC - [2011.06.09 13:06:06 | 000,254,696 | ---- | M] (Sun Microsystems, Inc.) -- C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe
PRC - [2010.10.16 00:40:40 | 000,037,664 | ---- | M] (Apple Inc.) -- C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\AppleMobileDeviceService.exe
PRC - [2009.08.19 13:41:26 | 003,618,104 | ---- | M] (brother) -- C:\Programme\Brownie\BrStsWnd.exe
PRC - [2009.05.20 06:33:50 | 000,073,728 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\ALCFDRTM.EXE
PRC - [2008.12.09 17:40:16 | 000,464,264 | ---- | M] () -- C:\Programme\AskBarDis\bar\bin\AskService.exe
PRC - [2008.12.09 17:40:16 | 000,234,888 | ---- | M] () -- C:\Programme\AskBarDis\bar\bin\ASKUpgrade.exe
PRC - [2008.10.17 15:52:16 | 000,099,632 | ---- | M] (brother) -- C:\Programme\Brownie\brpjp04a.exe
PRC - [2008.05.27 16:25:34 | 000,053,248 | ---- | M] (HP) -- C:\Programme\Hewlett-Packard\ToolboxFX\bin\HPTLBXFX.exe
PRC - [2008.04.14 03:22:45 | 001,036,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007.10.14 20:17:32 | 000,049,152 | ---- | M] (Hewlett-Packard) -- C:\Programme\Hewlett-Packard\HP Software Update\hpwuSchd2.exe
PRC - [2007.10.14 19:38:52 | 000,214,360 | ---- | M] (Hewlett-Packard Co.) -- C:\Programme\Hewlett-Packard\Digital Imaging\bin\hpqtra08.exe
PRC - [2007.05.15 15:55:46 | 001,550,896 | ---- | M] (Nero AG) -- C:\Programme\Nero\Nero 7\InCD\InCDsrv.exe
PRC - [2007.04.25 21:05:34 | 000,311,296 | ---- | M] (shbox.de) -- C:\Programme\FreePDF_XP\fpassist.exe
PRC - [2007.04.19 13:35:46 | 000,075,304 | ---- | M] (Hewlett-Packard Company) -- C:\Programme\Gemeinsame Dateien\LightScribe\LSSrvc.exe
PRC - [2007.02.14 05:34:26 | 000,036,864 | ---- | M] () -- C:\Programme\Hewlett-Packard\HP UT\bin\hppusg.exe
PRC - [2005.10.12 14:44:08 | 000,241,664 | ---- | M] () -- C:\WINDOWS\system32\CmUCREye.exe
PRC - [2005.07.29 13:13:52 | 000,638,976 | ---- | M] (Ralink Technology, Corp.) -- C:\Programme\RALINK\RT2500 USB Wireless LAN Card\Installer\WINXP\RaConfig2500.exe
PRC - [2005.07.08 05:55:00 | 000,176,128 | ---- | M] (HP) -- C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb09.exe
PRC - [2005.04.21 14:56:58 | 000,391,680 | ---- | M] (RTX Products A/S) -- C:\Programme\Cordless USB Phone\Cordless DUALphone Suite.exe
PRC - [2004.12.08 17:57:36 | 000,550,912 | ---- | M] () -- C:\WINDOWS\mHotkey.exe
PRC - [2004.11.04 15:38:23 | 000,322,120 | ---- | M] (Microsoft Corporation) -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7DEBUG\MDM.EXE
PRC - [2001.11.12 13:31:48 | 000,020,480 | ---- | M] (X10) -- C:\Programme\Common Files\X10\Common\X10nets.exe


========== Win32 Services (SafeList) ==========

SRV - File not found [On_Demand | Stopped] -- -- (AppMgmt)
SRV - File not found [On_Demand | Stopped] -- -- (AcrSch2Svc)
SRV - [2011.11.28 19:01:23 | 000,044,768 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Programme\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2010.10.16 00:40:40 | 000,037,664 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2008.12.09 17:40:16 | 000,464,264 | ---- | M] () [Auto | Running] -- C:\Programme\AskBarDis\bar\bin\AskService.exe -- (ASKService)
SRV - [2008.12.09 17:40:16 | 000,234,888 | ---- | M] () [Auto | Running] -- C:\Programme\AskBarDis\bar\bin\ASKUpgrade.exe -- (ASKUpgrade)
SRV - [2008.11.04 00:06:28 | 000,441,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE12\ODSERV.EXE -- (odserv)
SRV - [2007.11.06 20:16:54 | 000,217,088 | ---- | M] (Hewlett-Packard Co.) [On_Demand | Running] -- C:\Programme\Hewlett-Packard\Digital Imaging\bin\hpqcxs08.dll -- (hpqcxs08)
SRV - [2007.11.06 20:16:54 | 000,139,264 | ---- | M] (Hewlett-Packard Co.) [Auto | Running] -- C:\Programme\Hewlett-Packard\Digital Imaging\bin\hpqddsvc.dll -- (hpqddsvc)
SRV - [2007.05.15 15:55:46 | 001,550,896 | ---- | M] (Nero AG) [Auto | Running] -- C:\Programme\Nero\Nero 7\InCD\InCDsrv.exe -- (InCDsrv)
SRV - [2007.05.08 19:47:22 | 000,271,920 | ---- | M] (Nero AG) [On_Demand | Stopped] -- C:\Programme\Gemeinsame Dateien\Ahead\Lib\NMIndexingService.exe -- (NMIndexingService)
SRV - [2007.04.19 13:35:46 | 000,075,304 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Programme\Gemeinsame Dateien\LightScribe\LSSrvc.exe -- (LightScribeService)
SRV - [2006.10.26 13:03:08 | 000,145,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE -- (ose)
SRV - [2004.11.04 15:38:23 | 000,322,120 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7DEBUG\MDM.EXE -- (MDM)
SRV - [2001.11.12 13:31:48 | 000,020,480 | ---- | M] (X10) [Auto | Running] -- C:\Programme\Common Files\X10\Common\X10nets.exe -- (x10nets)


========== Driver Services (SafeList) ==========

DRV - [2011.11.28 18:53:53 | 000,435,032 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\WINDOWS\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2011.11.28 18:53:35 | 000,314,456 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2011.11.28 18:52:19 | 000,034,392 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2011.11.28 18:52:16 | 000,052,952 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2011.11.28 18:52:02 | 000,111,320 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2)
DRV - [2011.11.28 18:51:50 | 000,020,568 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2011.11.28 18:48:49 | 000,030,808 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4)
DRV - [2009.05.04 16:22:54 | 005,075,968 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2009.03.25 13:29:52 | 000,130,432 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Rtnicxp.sys -- (RTL8023xp)
DRV - [2009.02.25 18:58:56 | 000,017,432 | ---- | M] (Hewlett Packard) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\hpfxbulk.sys -- (HPFXBULK)
DRV - [2009.02.25 18:58:56 | 000,017,432 | ---- | M] (Hewlett Packard) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\hpfxbulk.sys -- (HPEWSFXBULK)
DRV - [2008.08.05 19:10:12 | 001,684,736 | ---- | M] (Creative) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Ambfilt.sys -- (Ambfilt)
DRV - [2008.04.13 19:53:09 | 000,040,320 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nmnt.sys -- (nm)
DRV - [2008.04.13 19:46:22 | 000,015,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mpe.sys -- (MPE)
DRV - [2007.05.15 15:55:36 | 000,118,576 | ---- | M] (Nero AG) [File_System | Disabled | Running] -- C:\WINDOWS\system32\drivers\InCDfs.sys -- (InCDfs)
DRV - [2007.05.15 15:55:36 | 000,038,576 | ---- | M] (Nero AG) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\InCDRm.sys -- (incdrm)
DRV - [2007.05.15 15:55:36 | 000,037,040 | ---- | M] (Nero AG) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\InCDPass.sys -- (InCDPass)
DRV - [2006.01.04 14:41:48 | 001,389,056 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Monfilt.sys -- (Monfilt)
DRV - [2005.12.06 11:16:00 | 000,826,752 | ---- | M] (Philips Semiconductors GmbH) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\3xHybrid.sys -- (3xHybrid)
DRV - [2005.10.04 18:37:54 | 000,072,320 | ---- | M] (C-Media Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\cmiucr.SYS -- (CMISTOR)
DRV - [2005.07.14 20:58:38 | 000,241,536 | ---- | M] (Ralink Technology Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\rt2500usb.sys -- (RT2500USB)
DRV - [2005.06.30 12:16:00 | 001,094,848 | ---- | M] (Agere Systems) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AGRSM.sys -- (AgereSoftModem)
DRV - [2005.05.19 15:52:58 | 000,017,792 | ---- | M] (X10 Wireless Technology, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\x10ufx2.sys -- (XUIF)
DRV - [2004.08.03 22:31:34 | 000,020,992 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\RTL8139.sys -- (rtl8139) NT-Treiber für Realtek RTL8139(A/B/C)
DRV - [2000.07.24 00:01:00 | 000,019,537 | ---- | M] (Brother Industries Ltd.) [Kernel | Auto | Running] -- C:\WINDOWS\System32\drivers\BrPar.sys -- (BrPar)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========



IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-1757981266-343818398-682003330-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKU\S-1-5-21-1757981266-343818398-682003330-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 1E 12 43 9B 32 5E CB 01 [binary data]
IE - HKU\S-1-5-21-1757981266-343818398-682003330-1004\..\URLSearchHook: {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Programme\Vuze_Remote\prxtbVuz0.dll (Conduit Ltd.)
IE - HKU\S-1-5-21-1757981266-343818398-682003330-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========


FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Programme\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Programme\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Programme\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=15.0.0.198: c:\program files\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=15.0.0.198: c:\program files\real\realplayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=15.0.0.198: C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=15.0.0.198: C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=15.0.0.198: c:\program files\real\realplayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Programme\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Programme\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Programme\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Programme\AVAST Software\Avast\WebRep\FF [2012.01.06 15:15:21 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 9.0.1\extensions\\Components: C:\Programme\Mozilla Firefox\components [2012.01.05 12:56:49 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 9.0.1\extensions\\Plugins: C:\Programme\Mozilla Firefox\plugins [2012.01.14 17:55:27 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 3.1.11\extensions\\Components: C:\Programme\Mozilla Thunderbird\components [2011.12.14 11:24:51 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 3.1.11\extensions\\Plugins: C:\Programme\Mozilla Thunderbird\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Thunderbird\Extensions\\{380AE6CB-09B9-4373-B360-D01C2462A6E7}: C:\Programme\BullGuard Ltd\BullGuard\backup\thunderbirdbkplugin
FF - HKEY_CURRENT_USER\software\mozilla\Thunderbird\Extensions\\{0E810812-F4BB-4309-942A-755587587A5E}: C:\Programme\BullGuard Ltd\BullGuard\antispam\tbspamfilter

[2011.06.06 12:08:16 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\Botel\Anwendungsdaten\Mozilla\Extensions
[2011.06.06 12:08:16 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\Botel\Anwendungsdaten\Mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}
[2011.01.18 16:02:32 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\Botel\Anwendungsdaten\Mozilla\Extensions\celtx@celtx.com
[2012.01.06 12:26:17 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\Botel\Anwendungsdaten\Mozilla\Firefox\Profiles\38qi4g9n.default\extensions
[2010.05.07 11:20:08 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Dokumente und Einstellungen\Botel\Anwendungsdaten\Mozilla\Firefox\Profiles\38qi4g9n.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2011.03.04 08:53:45 | 000,000,000 | ---D | M] (PDF Download) -- C:\Dokumente und Einstellungen\Botel\Anwendungsdaten\Mozilla\Firefox\Profiles\38qi4g9n.default\extensions\{37E4D8EA-8BDA-4831-8EA1-89053939A250}
[2012.01.06 12:26:14 | 000,000,000 | ---D | M] (Vuze Remote Community Toolbar) -- C:\Dokumente und Einstellungen\Botel\Anwendungsdaten\Mozilla\Firefox\Profiles\38qi4g9n.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}
[2011.03.20 12:33:22 | 000,000,000 | ---D | M] (German Dictionary) -- C:\Dokumente und Einstellungen\Botel\Anwendungsdaten\Mozilla\Firefox\Profiles\38qi4g9n.default\extensions\de-DE@dictionaries.addons.mozilla.org
[2011.03.27 16:33:28 | 000,000,000 | ---D | M] (Conduit Engine) -- C:\Dokumente und Einstellungen\Botel\Anwendungsdaten\Mozilla\Firefox\Profiles\38qi4g9n.default\extensions\engine@conduit.com
[2011.12.28 16:02:28 | 000,000,000 | ---D | M] ("PAYBACK Toolbar") -- C:\Dokumente und Einstellungen\Botel\Anwendungsdaten\Mozilla\Firefox\Profiles\38qi4g9n.default\extensions\toolbar-ff@payback.de
[2010.10.27 13:37:27 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\Botel\Anwendungsdaten\Mozilla\Firefox\Profiles\ar8h6yc4.default\extensions
[2010.10.27 13:37:28 | 000,000,000 | ---D | M] (Vuze Remote Toolbar) -- C:\Dokumente und Einstellungen\Botel\Anwendungsdaten\Mozilla\Firefox\Profiles\ar8h6yc4.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}
[2008.11.03 20:21:53 | 000,000,000 | ---D | M] (Tab Mix Plus) -- C:\Dokumente und Einstellungen\Botel\Anwendungsdaten\Mozilla\Firefox\Profiles\ar8h6yc4.default\extensions\{dc572301-7619-498c-a57d-39143191b318}
[2010.10.27 13:37:28 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\Botel\Anwendungsdaten\Mozilla\Firefox\Profiles\khz40mmd.default\extensions
[2010.10.27 13:37:29 | 000,000,000 | ---D | M] (Vuze Remote Toolbar) -- C:\Dokumente und Einstellungen\Botel\Anwendungsdaten\Mozilla\Firefox\Profiles\khz40mmd.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}
[2012.01.06 17:18:13 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
[2010.03.30 12:31:31 | 000,000,000 | ---D | M] (Skype extension for Firefox) -- C:\Programme\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}
[2012.01.06 17:18:14 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA}
[2011.12.21 08:42:29 | 000,121,816 | ---- | M] (Mozilla Foundation) -- C:\Programme\mozilla firefox\components\browsercomps.dll
[2012.01.06 17:18:03 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Programme\mozilla firefox\plugins\npdeployJava1.dll
[2011.12.21 06:08:50 | 000,001,392 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\amazondotcom-de.xml
[2011.12.21 06:02:40 | 000,002,252 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\bing.xml
[2011.12.21 06:08:50 | 000,001,153 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\eBay-de.xml
[2011.12.21 06:08:50 | 000,006,805 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\leo_ende_de.xml
[2011.12.21 06:08:50 | 000,001,178 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\wikipedia-de.xml
[2011.12.21 06:08:50 | 000,001,105 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\yahoo-de.xml

========== Chrome ==========

CHR - default_search_provider: Google ()
CHR - default_search_provider: search_url = http://www.google.de/search?q={searchTerms}
CHR - default_search_provider: suggest_url =
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Dokumente und Einstellungen\Botel\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\Application\8.0.552.237\pdf.dll
CHR - plugin: Google Gears 0.5.33.0 (Enabled) = C:\Dokumente und Einstellungen\Botel\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\Application\8.0.552.237\gears.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Dokumente und Einstellungen\Botel\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\Application\8.0.552.237\gcswf32.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Programme\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Java Deployment Toolkit 6.0.220.4 (Enabled) = C:\Programme\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java™ Platform SE 6 U22 (Enabled) = C:\Programme\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Microsoft\u00AE Windows Media Player Firefox Plugin (Enabled) = C:\Programme\Mozilla Firefox\plugins\np-mswmp.dll
CHR - plugin: downloadUpdater (Enabled) = C:\Programme\Mozilla Firefox\plugins\npdnu.dll
CHR - plugin: downloadUpdater2 (Enabled) = C:\Programme\Mozilla Firefox\plugins\npdnupdater2.dll
CHR - plugin: 2007 Microsoft Office system (Enabled) = C:\Programme\Mozilla Firefox\plugins\NPOFF12.DLL
CHR - plugin: Microsoft Office 2003 (Enabled) = C:\Programme\Mozilla Firefox\plugins\NPOFFICE.DLL
CHR - plugin: RealPlayer™ G2 LiveConnect-Enabled Plug-In (32-bit) (Enabled) = C:\Programme\Mozilla Firefox\plugins\nppl3260.dll
CHR - plugin: QuickTime Plug-in 7.6.8 (Enabled) = C:\Programme\Mozilla Firefox\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.6.8 (Enabled) = C:\Programme\Mozilla Firefox\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.6.8 (Enabled) = C:\Programme\Mozilla Firefox\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.6.8 (Enabled) = C:\Programme\Mozilla Firefox\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.6.8 (Enabled) = C:\Programme\Mozilla Firefox\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.6.8 (Enabled) = C:\Programme\Mozilla Firefox\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.6.8 (Enabled) = C:\Programme\Mozilla Firefox\plugins\npqtplugin7.dll
CHR - plugin: RealJukebox NS Plugin (Enabled) = C:\Programme\Mozilla Firefox\plugins\nprjplug.dll
CHR - plugin: RealPlayer Version Plugin (Enabled) = C:\Programme\Mozilla Firefox\plugins\nprpjplug.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Programme\Windows Media Player\npdrmv2.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Programme\Windows Media Player\npwmsdrm.dll
CHR - plugin: RealPlayer™ HTML5VideoShim Plug-In (32-bit) (Enabled) = C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll
CHR - plugin: Google Update (Enabled) = C:\Dokumente und Einstellungen\Botel\Lokale Einstellungen\Anwendungsdaten\Google\Update\1.2.183.39\npGoogleOneClick8.dll
CHR - plugin: Google Earth Plugin (Enabled) = C:\Programme\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Programme\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
CHR - Extension: RealPlayer HTML5Video Downloader Extension = C:\Dokumente und Einstellungen\Botel\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk\1.1\
CHR - Extension: RealPlayer HTML5Video Downloader Extension = C:\Dokumente und Einstellungen\Botel\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk\1.3_0\

O1 HOSTS File: ([2012.01.02 09:25:13 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (AskBar BHO) - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Programme\AskBarDis\bar\bin\askBar.dll (Ask.com)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Programme\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Windows Live Anmelde-Hilfsprogramm) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programme\Google\GoogleToolbarNotifier\5.7.7227.1100\swg.dll (Google Inc.)
O2 - BHO: (Vuze Remote Toolbar) - {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Programme\Vuze_Remote\prxtbVuz0.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Ask Toolbar) - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Programme\AskBarDis\bar\bin\askBar.dll (Ask.com)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Programme\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (Vuze Remote Toolbar) - {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Programme\Vuze_Remote\prxtbVuz0.dll (Conduit Ltd.)
O3 - HKU\S-1-5-21-1757981266-343818398-682003330-1004\..\Toolbar\WebBrowser: (no name) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - No CLSID value found.
O3 - HKU\S-1-5-21-1757981266-343818398-682003330-1004\..\Toolbar\WebBrowser: (Vuze Remote Toolbar) - {BA14329E-9550-4989-B3F2-9732E92D17CC} - C:\Programme\Vuze_Remote\prxtbVuz0.dll (Conduit Ltd.)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [Acronis Scheduler2 Service] "C:\Programme\Gemeinsame Dateien\Acronis\Schedule2\schedhlp.exe" File not found
O4 - HKLM..\Run: [Adobe ARM] C:\Programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AppleSyncNotifier] C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\AppleSyncNotifier.exe (Apple Inc.)
O4 - HKLM..\Run: [avast] C:\Programme\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [BrStsWnd] C:\Programme\Brownie\BrstsWnd.exe (brother)
O4 - HKLM..\Run: [CHotkey] C:\WINDOWS\mHotkey.exe ()
O4 - HKLM..\Run: [CmUCRRun] C:\WINDOWS\system32\CmUCREye.exe ()
O4 - HKLM..\Run: [FreePDF Assistant] C:\Programme\FreePDF_XP\fpassist.exe (shbox.de)
O4 - HKLM..\Run: [HP Software Update] C:\Programme\Hewlett-Packard\HP Software Update\hpwuSchd2.exe (Hewlett-Packard)
O4 - HKLM..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb09.exe (HP)
O4 - HKLM..\Run: [HPHUPD05] C:\Programme\Hewlett-Packard\\{5372B9A6-6E51-4f90-9B40-E0A3B8475C4E}\hphupd05.exe ()
O4 - HKLM..\Run: [HPPQVideo] "C:\Programme\Hewlett-Packard\ScheduledLaunch\HP Color LaserJet CM1312 MFP Series\bin\hppschlnch.exe" -r SOFTWARE\Hewlett-Packard\ScheduledLaunch\CLJ_CM1312_MFP_Series -f PQOptimizerVideo.xml -o remindLater File not found
O4 - HKLM..\Run: [HPUsageTracking] C:\Programme\Hewlett-Packard\HP UT\bin\hppusg.exe ()
O4 - HKLM..\Run: [ledpointer] C:\WINDOWS\CNYHKey.exe (Chicony)
O4 - HKLM..\Run: [Monitor] C:\WINDOWS\PixArt\PAC207\Monitor.exe (PixArt Imaging Incorporation)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe ()
O4 - HKLM..\Run: [Showwnd] C:\WINDOWS\ShowWnd.exe ()
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [TkBellExe] C:\program files\real\realplayer\update\realsched.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [ToolBoxFX] C:\Programme\Hewlett-Packard\ToolBoxFX\bin\HPTLBXFX.exe (HP)
O4 - HKLM..\Run: [UDC Integration] File not found
O4 - HKU\S-1-5-21-1757981266-343818398-682003330-1004..\Run: [InternetCalls] "C:\Programme\InternetCalls.com\InternetCalls\InternetCalls.exe" -nosplash -minimized File not found
O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\Cordless DUALphone Startup.lnk = C:\Programme\Cordless USB Phone\Cordless DUALphone Suite.exe (RTX Products A/S)
O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\HP Digital Imaging Monitor.lnk = C:\Programme\Hewlett-Packard\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\Ralink Wireless Utility.lnk = C:\Programme\RALINK\RT2500 USB Wireless LAN Card\Installer\WINXP\RaConfig2500.exe (Ralink Technology, Corp.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1757981266-343818398-682003330-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-21-1757981266-343818398-682003330-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O8 - Extra context menu item: Google Sidewiki... - res://C:\Programme\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_43C348BC2E93EB2B.dll/cmsidewiki.html File not found
O8 - Extra context menu item: Nach Microsoft &Excel exportieren - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 File not found
O15 - HKU\S-1-5-21-1757981266-343818398-682003330-1004\..Trusted Domains: ebay.de ([www] https in Vertrauenswürdige Sites)
O15 - HKU\S-1-5-21-1757981266-343818398-682003330-1004\..Trusted Domains: fritz.box ([]* in Local intranet)
O15 - HKU\S-1-5-21-1757981266-343818398-682003330-1004\..Trusted Ranges: Range1 ([*] in Local intranet)
O16 - DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} http://download.microsoft.com/download/e/4/9/e494c802-dd90-4c6b-a074-469358f075a6/OGAControl.cab (Office Genuine Advantage Validation Tool)
O16 - DPF: {33415AC7-AFFA-4D55-B41C-C64C0D07DFCA} http://h50203.www5.hp.com/HPISWeb/Customer/cabs/HPISWebManager.CAB (Hewlett-Packard Printer Diagnostics)
O16 - DPF: {38AB0814-B09B-4378-9940-14A19638C3C2} http://www.auctiva.com/Aurigma/ImageUploader57.cab (Auctiva Image Uploader Control)
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} http://gfx2.hotmail.com/mail/w3/resources/MSNPUpld.cab (MSN Photo Upload Tool)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1225720593062 (WUWebControl Class)
O16 - DPF: {6F15128C-E66A-490C-B848-5000B5ABEEAC} https://h20436.www2.hp.com/ediags/dex/secure/HPDEXAXO.cab (HP Download Manager)
O16 - DPF: {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} http://h20270.www2.hp.com/ediags/gmn2/install/HPProductDetection.cab (Reg Error: Key error.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{34040F00-4BCE-4C26-A18A-FF127ECA7BC1}: DhcpNameServer = 192.168.2.1
O18 - Protocol\Handler\cetihpz {CF184AD3-CDCB-4168-A3F7-8E447D129300} - C:\Programme\HP\hpcoretech\comp\hpuiprot.dll (Hewlett-Packard Company)
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Information Retrieval\MSITSS.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Web Components\10\OWC10.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Web Components\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Gemeinsame Dateien\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) -C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O24 - Desktop Components:0 (Die derzeitige Homepage) - About:Home
O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Grüne Idylle.bmp
O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Grüne Idylle.bmp
O28 - HKLM ShellExecuteHooks: {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Programme\Windows Desktop Search\MsnlNamespaceMgr.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2008.11.03 14:34:53 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

MsConfig - StartUpFolder: C:^Dokumente und Einstellungen^All Users^Startmenü^Programme^Autostart^Cordless DUALphone Startup.lnk - C:\Programme\Cordless USB Phone\Cordless DUALphone Suite.exe - (RTX Products A/S)
MsConfig - StartUpFolder: C:^Dokumente und Einstellungen^All Users^Startmenü^Programme^Autostart^WinZip Quick Pick.lnk - C:\Programme\WinZip\WZQKPICK.EXE - (WinZip Computing, S.L.)
MsConfig - StartUpReg: Aim - hkey= - key= - File not found
MsConfig - StartUpReg: DriverCure - hkey= - key= - File not found
MsConfig - StartUpReg: InCD - hkey= - key= - C:\Programme\Nero\Nero 7\InCD\InCD.exe (Nero AG)
MsConfig - StartUpReg: msnmsgr - hkey= - key= - C:\Programme\Windows Live\Messenger\msnmsgr.exe (Microsoft Corporation)
MsConfig - StartUpReg: NeroFilterCheck - hkey= - key= - C:\Programme\Gemeinsame Dateien\Ahead\Lib\NeroCheck.exe (Nero AG)
MsConfig - StartUpReg: OpwareSE2 - hkey= - key= - C:\Programme\ScanSoft\OmniPageSE2.0\OpwareSE2.exe (ScanSoft, Inc.)
MsConfig - StartUpReg: SecurDisc - hkey= - key= - C:\Programme\Nero\Nero 7\InCD\NBHGui.exe (Nero AG)
MsConfig - StartUpReg: Vidalia - hkey= - key= - File not found
MsConfig - State: "system.ini" - 0
MsConfig - State: "win.ini" - 0
MsConfig - State: "bootini" - 0
MsConfig - State: "services" - 0
MsConfig - State: "startup" - 2

SafeBootMin: AppMgmt - File not found
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PEVSystemStart - Service
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: procexp90.Sys - Driver
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: sermouse.sys - Driver
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vds - Service
SafeBootMin: vga.sys - Driver
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX: {10072CEC-8CC1-11D1-986E-00A0C955B42F} - Vektorgrafik-Rendering (VML)
ActiveX: {10880D85-AAD9-4558-ABDC-2AB1552D831F} - "C:\Programme\Gemeinsame Dateien\LightScribe\LSRunOnce.exe"
ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - Microsoft NetShow Player
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 6.4
ActiveX: {283807B5-2C60-11D0-A31D-00AA00B92C03} - DirectAnimation
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {36f8ec70-c29a-11d1-b5c7-0000f8051515} - Dynamic HTML-Datenbindung für Java
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {3bf42070-b3b1-11d1-b5c5-0000f8051515} - Uniscribe
ActiveX: {3C3901C5-3455-3E0A-A214-0B093A5070A6} - .NET Framework
ActiveX: {4278c270-a269-11d1-b5bf-0000f8051515} - Erweitertes Authoring
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install
ActiveX: {44BBA842-CC51-11CF-AAFA-00AA00B6015B} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT
ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - DirectShow
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f216970-c90c-11d1-b5c7-0000f8051515} - DirectAnimation Java Classes
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.8
ActiveX: {5056b317-8d4c-43ee-8543-b9d1e234b8f4} - Sicherheitsupdate für Windows XP (KB923789)
ActiveX: {5945c046-1e7d-11d1-bc44-00c04fd912be} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser
ActiveX: {5A8D6EE0-3E18-11D0-821E-444553540000} - ICW
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {73FA19D0-2D75-11D2-995D-00C04F98BBC9} - Web Folders
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\WINDOWS\system32\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\WINDOWS\system32\Rundll32.exe C:\WINDOWS\system32\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {B508B3F1-A24A-32C0-B310-85786919EF28} - .NET Framework
ActiveX: {C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F} - .NET Framework
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {CC2A9BA0-3BDD-11D0-821E-444553540000} - Taskplaner
ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1
ActiveX: {D27CDB6E-AE6D-11cf-96B8-444553540000} - Adobe Flash Player
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: <{12d0ed0d-0ee0-4f90-8827-78cefb8f4988} - C:\WINDOWS\system32\ieudinit.exe
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\WINDOWS\inf\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\WINDOWS\system32\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP
ActiveX: >{881dd1c5-3dcf-431b-b061-f3f88e8be88a} - %systemroot%\system32\shmgrate.exe OCInstallUserConfigOE

Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: MSVideo8 - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)

NetSvcs: 6to4 - File not found
NetSvcs: AppMgmt - File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found

========== Files/Folders - Created Within 30 Days ==========

[2012.01.14 17:33:56 | 000,607,260 | R--- | C] (Swearware) -- C:\Dokumente und Einstellungen\Botel\Desktop\dds(2).scr
[2012.01.14 12:49:25 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Dokumente und Einstellungen\Botel\Desktop\OTL.exe
[2012.01.06 18:51:27 | 004,704,768 | ---- | C] (AVAST Software) -- C:\Dokumente und Einstellungen\Botel\Desktop\aswMBR.exe
[2012.01.06 17:18:27 | 000,000,000 | ---D | C] -- C:\Programme\Gemeinsame Dateien\Java
[2012.01.06 17:18:12 | 000,157,472 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe
[2012.01.06 17:18:12 | 000,149,280 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe
[2012.01.06 17:18:12 | 000,149,280 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe
[2012.01.06 17:18:12 | 000,073,728 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javacpl.cpl
[2012.01.06 15:15:35 | 000,314,456 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSP.sys
[2012.01.06 15:15:35 | 000,020,568 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys
[2012.01.06 15:15:35 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\avast! Free Antivirus
[2012.01.06 15:15:33 | 000,052,952 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys
[2012.01.06 15:15:33 | 000,034,392 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys
[2012.01.06 15:15:32 | 000,435,032 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSnx.sys
[2012.01.06 15:15:32 | 000,111,320 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys
[2012.01.06 15:15:32 | 000,105,176 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon.sys
[2012.01.06 15:15:31 | 000,030,808 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys
[2012.01.06 15:15:19 | 000,199,816 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\aswBoot.exe
[2012.01.06 15:15:19 | 000,041,184 | ---- | C] (AVAST Software) -- C:\WINDOWS\avastSS.scr
[2012.01.06 13:04:14 | 000,000,000 | ---D | C] -- C:\Programme\AVAST Software
[2012.01.06 13:04:14 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\AVAST Software
[2012.01.04 19:47:42 | 000,288,654 | ---- | C] ( ) -- C:\Dokumente und Einstellungen\Botel\Desktop\SafeBootKeyRepair.exe
[2012.01.03 11:44:43 | 000,000,000 | -H-D | C] -- C:\WINDOWS\PIF
[2012.01.02 17:48:22 | 000,000,000 | --SD | C] -- C:\ComboFix
[2012.01.02 17:22:52 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2012.01.02 09:00:13 | 000,518,144 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
[2012.01.02 09:00:13 | 000,406,528 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
[2012.01.02 09:00:13 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
[2012.01.02 09:00:13 | 000,060,416 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2011.12.23 17:55:30 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Botel\Anwendungsdaten\Malwarebytes
[2011.12.23 17:55:25 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Malwarebytes' Anti-Malware
[2011.12.23 17:55:25 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Malwarebytes
[2011.12.23 17:55:22 | 000,020,464 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2011.12.23 17:55:22 | 000,000,000 | ---D | C] -- C:\Programme\Malwarebytes' Anti-Malware
[2011.12.20 16:06:24 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Botel\DoctorWeb
[2011.12.20 11:02:24 | 000,000,000 | ---D | C] -- C:\Programme\Avira
[2011.12.20 10:49:23 | 000,000,000 | RHSD | C] -- C:\cmdcons
[2011.12.20 10:44:46 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2011.12.20 10:44:36 | 000,000,000 | ---D | C] -- C:\Qoobox
[2011.12.20 10:44:26 | 000,000,000 | R--D | C] -- C:\Dokumente und Einstellungen\Botel\Startmenü\Programme\Verwaltung
[2011.12.19 13:28:31 | 000,000,000 | ---D | C] -- C:\Programme\GridinSoft Trojan Killer
[2011.12.16 17:18:32 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Botel\Anwendungsdaten\ImgBurn
[2011.12.16 17:16:26 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\ImgBurn
[2011.12.16 17:16:24 | 000,000,000 | ---D | C] -- C:\Programme\ImgBurn
[2011.02.09 12:31:22 | 000,324,664 | ---- | C] (Hewlett-Packard) -- C:\Programme\Install.exe
[2011.02.09 12:11:58 | 000,111,104 | ---- | C] (Hewlett-Packard) -- C:\Programme\hpmco112.dll
[2011.02.09 12:11:50 | 003,062,784 | ---- | C] (Hewlett-Packard) -- C:\Programme\Install.dll
[2009.02.25 19:01:12 | 000,372,736 | ---- | C] (Hewlett-Packard) -- C:\Programme\hpmprein.dll
[2009.02.25 19:01:12 | 000,286,720 | ---- | C] (Hewlett-Packard Co.) -- C:\Programme\Hpzc3212.dll
[2009.02.25 18:59:02 | 000,188,416 | ---- | C] (Hewlett Packard) -- C:\Programme\hpmews01.dll
[2009.02.25 18:58:56 | 000,026,648 | ---- | C] (Hewlett Packard) -- C:\Programme\hppcgenio.sys
[2009.02.25 18:58:56 | 000,026,136 | ---- | C] (Hewlett Packard) -- C:\Programme\hpfxgen.sys
[2009.02.25 18:58:56 | 000,020,504 | ---- | C] (Hewlett Packard) -- C:\Programme\hppcbulkio.sys
[2009.02.25 18:58:56 | 000,017,432 | ---- | C] (Hewlett Packard) -- C:\Programme\hpfxbulk.sys
[2009.02.09 15:49:46 | 000,188,416 | ---- | C] (Hewlett Packard) -- C:\Programme\hpmldm01.dll
[5 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[4 C:\Dokumente und Einstellungen\Botel\Eigene Dateien\*.tmp files -> C:\Dokumente und Einstellungen\Botel\Eigene Dateien\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2012.01.14 18:32:00 | 000,000,418 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{21013AAE-B345-4EFF-BD0C-3A6DB0698D55}.job
[2012.01.14 18:17:15 | 000,001,088 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2012.01.14 17:51:17 | 000,000,318 | ---- | M] () -- C:\WINDOWS\Brownie.ini
[2012.01.14 17:50:43 | 000,039,326 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
[2012.01.14 17:50:08 | 000,000,270 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-1757981266-343818398-682003330-1004.job
[2012.01.14 17:50:04 | 000,001,084 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2012.01.14 17:49:48 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2012.01.14 17:33:12 | 000,607,260 | R--- | M] (Swearware) -- C:\Dokumente und Einstellungen\Botel\Desktop\dds(2).scr
[2012.01.14 16:42:00 | 000,000,334 | ---- | M] () -- C:\WINDOWS\tasks\HP Usg Daily.job
[2012.01.14 12:48:54 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Dokumente und Einstellungen\Botel\Desktop\OTL.exe
[2012.01.14 12:41:03 | 000,012,576 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2012.01.12 17:43:37 | 000,664,208 | ---- | M] () -- C:\Dokumente und Einstellungen\Botel\Desktop\Rechnung KST 12-1-12.pdf
[2012.01.12 17:24:12 | 000,012,576 | ---- | M] () -- C:\WINDOWS\System32\wpa.bak
[2012.01.12 03:03:46 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2012.01.09 19:18:00 | 000,000,276 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2012.01.09 13:28:12 | 000,000,278 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-1757981266-343818398-682003330-1004.job
[2012.01.08 16:16:30 | 000,000,000 | ---- | M] () -- C:\Dokumente und Einstellungen\Botel\defogger_reenable
[2012.01.06 19:15:57 | 000,000,512 | ---- | M] () -- C:\Dokumente und Einstellungen\Botel\Desktop\MBR.dat
[2012.01.06 18:50:15 | 004,704,768 | ---- | M] (AVAST Software) -- C:\Dokumente und Einstellungen\Botel\Desktop\aswMBR.exe
[2012.01.06 17:18:03 | 000,157,472 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe
[2012.01.06 17:18:03 | 000,149,280 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe
[2012.01.06 17:18:03 | 000,149,280 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe
[2012.01.06 17:18:03 | 000,073,728 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javacpl.cpl
[2012.01.06 17:18:02 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\deployJava1.dll
[2012.01.06 15:15:35 | 000,001,661 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\avast! Free Antivirus.lnk
[2012.01.06 15:15:32 | 000,003,001 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2012.01.06 03:19:00 | 000,546,158 | ---- | M] () -- C:\WINDOWS\System32\perfh007.dat
[2012.01.06 03:19:00 | 000,497,298 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2012.01.06 03:19:00 | 000,112,522 | ---- | M] () -- C:\WINDOWS\System32\perfc007.dat
[2012.01.06 03:19:00 | 000,085,590 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2012.01.05 12:56:51 | 000,000,704 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Mozilla Firefox.lnk
[2012.01.04 19:47:43 | 000,288,654 | ---- | M] ( ) -- C:\Dokumente und Einstellungen\Botel\Desktop\SafeBootKeyRepair.exe
[2012.01.04 14:15:18 | 000,001,722 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Adobe Reader X.lnk
[2012.01.03 12:33:55 | 000,000,764 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Malwarebytes Anti-Malware.lnk
[2012.01.02 09:25:13 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2011.12.31 12:41:24 | 000,000,069 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2011.12.31 12:41:22 | 000,036,352 | ---- | M] () -- C:\Dokumente und Einstellungen\Botel\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011.12.31 12:20:59 | 001,008,141 | ---- | M] () -- C:\Dokumente und Einstellungen\Botel\Desktop\rkill.com
[2011.12.28 15:57:03 | 000,326,704 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2011.12.28 10:00:12 | 000,414,368 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl
[2011.12.23 19:20:16 | 000,050,477 | ---- | M] () -- C:\Dokumente und Einstellungen\Botel\Desktop\Defogger.exe
[2011.12.20 10:49:27 | 000,000,327 | RHS- | M] () -- C:\boot.ini
[2011.12.20 08:43:28 | 074,843,936 | ---- | M] () -- C:\Dokumente und Einstellungen\Botel\Desktop\5dpt92t9.exe
[2011.12.16 17:16:26 | 000,001,500 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\ImgBurn.lnk
[5 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[4 C:\Dokumente und Einstellungen\Botel\Eigene Dateien\*.tmp files -> C:\Dokumente und Einstellungen\Botel\Eigene Dateien\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012.01.12 17:43:37 | 000,664,208 | ---- | C] () -- C:\Dokumente und Einstellungen\Botel\Desktop\Rechnung KST 12-1-12.pdf
[2012.01.08 16:16:30 | 000,000,000 | ---- | C] () -- C:\Dokumente und Einstellungen\Botel\defogger_reenable
[2012.01.06 19:15:57 | 000,000,512 | ---- | C] () -- C:\Dokumente und Einstellungen\Botel\Desktop\MBR.dat
[2012.01.06 15:15:35 | 000,001,661 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\avast! Free Antivirus.lnk
[2012.01.05 12:56:51 | 000,000,710 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Mozilla Firefox.lnk
[2012.01.04 14:15:18 | 000,002,347 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Adobe Reader X.lnk
[2012.01.04 14:15:18 | 000,001,722 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Adobe Reader X.lnk
[2012.01.02 09:00:13 | 000,208,896 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2012.01.02 09:00:13 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2012.01.02 09:00:13 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2012.01.02 09:00:13 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2011.12.31 12:20:59 | 001,008,141 | ---- | C] () -- C:\Dokumente und Einstellungen\Botel\Desktop\rkill.com
[2011.12.31 11:28:47 | 000,000,764 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Malwarebytes Anti-Malware.lnk
[2011.12.23 19:20:16 | 000,050,477 | ---- | C] () -- C:\Dokumente und Einstellungen\Botel\Desktop\Defogger.exe
[2011.12.20 10:49:27 | 000,000,211 | ---- | C] () -- C:\Boot.bak
[2011.12.20 10:49:24 | 000,262,448 | RHS- | C] () -- C:\cmldr
[2011.12.20 08:40:38 | 074,843,936 | ---- | C] () -- C:\Dokumente und Einstellungen\Botel\Desktop\5dpt92t9.exe
[2011.12.16 17:16:26 | 000,001,500 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\ImgBurn.lnk
[2011.03.30 18:03:28 | 000,022,888 | ---- | C] () -- C:\WINDOWS\HL-3040CN.INI
[2011.03.30 18:03:23 | 000,000,426 | ---- | C] () -- C:\WINDOWS\BRWMARK.INI
[2011.03.30 17:51:32 | 000,000,133 | ---- | C] () -- C:\WINDOWS\BRVIDEO.INI
[2011.03.30 17:51:32 | 000,000,000 | ---- | C] () -- C:\WINDOWS\brmx2001.ini
[2011.03.30 17:49:31 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\BRTCPCON.DLL
[2011.03.30 17:49:31 | 000,000,114 | ---- | C] () -- C:\WINDOWS\System32\BRLMW03A.INI
[2011.03.30 17:49:30 | 000,000,050 | ---- | C] () -- C:\WINDOWS\System32\BRADC08A.DAT
[2011.03.30 17:49:20 | 000,000,318 | ---- | C] () -- C:\WINDOWS\Brownie.ini
[2011.02.17 05:43:48 | 000,275,800 | ---- | C] () -- C:\Programme\hpcu112c.cat
[2011.02.17 05:43:48 | 000,235,213 | ---- | C] () -- C:\Programme\hpzius13.cat
[2011.02.17 05:43:48 | 000,234,750 | ---- | C] () -- C:\Programme\hpzipa13.cat
[2011.02.17 05:43:48 | 000,233,369 | ---- | C] () -- C:\Programme\hpmldm01.cat
[2011.02.17 05:43:48 | 000,233,361 | ---- | C] () -- C:\Programme\hpmews01.cat
[2011.02.17 05:43:48 | 000,232,898 | ---- | C] () -- C:\Programme\hpzid4vp.cat
[2011.02.17 05:43:48 | 000,232,437 | ---- | C] () -- C:\Programme\hpzist13.cat
[2011.02.17 05:43:48 | 000,232,437 | ---- | C] () -- C:\Programme\hpzipr13.cat
[2011.02.17 05:43:48 | 000,232,437 | ---- | C] () -- C:\Programme\hpzid413.cat
[2011.02.17 05:43:48 | 000,231,974 | ---- | C] () -- C:\Programme\hppfaxnd.cat
[2011.02.17 05:43:48 | 000,231,972 | ---- | C] () -- C:\Programme\hppscnd.cat
[2011.02.17 05:43:48 | 000,231,972 | ---- | C] () -- C:\Programme\hppewnd.cat
[2011.02.09 12:32:12 | 000,006,049 | ---- | C] () -- C:\Programme\p6i2viww.cab
[2011.02.09 12:32:12 | 000,006,049 | ---- | C] () -- C:\Programme\p6i2ukww.cab
[2011.02.09 12:32:12 | 000,006,049 | ---- | C] () -- C:\Programme\p6i2srww.cab
[2011.02.09 12:32:12 | 000,006,049 | ---- | C] () -- C:\Programme\p6i2slww.cab
[2011.02.09 12:32:12 | 000,006,049 | ---- | C] () -- C:\Programme\p6i2roww.cab
[2011.02.09 12:32:12 | 000,006,049 | ---- | C] () -- C:\Programme\p6i2lvww.cab
[2011.02.09 12:32:10 | 000,006,923 | ---- | C] () -- C:\Programme\p6i2deww.cab
[2011.02.09 12:32:10 | 000,006,829 | ---- | C] () -- C:\Programme\p6i2frww.cab
[2011.02.09 12:32:10 | 000,006,815 | ---- | C] () -- C:\Programme\p6i2plww.cab
[2011.02.09 12:32:10 | 000,006,729 | ---- | C] () -- C:\Programme\p6i2csww.cab
[2011.02.09 12:32:10 | 000,006,675 | ---- | C] () -- C:\Programme\p6i2huww.cab
[2011.02.09 12:32:10 | 000,006,461 | ---- | C] () -- C:\Programme\p6i2ptww.cab
[2011.02.09 12:32:10 | 000,006,385 | ---- | C] () -- C:\Programme\p6i2trww.cab
[2011.02.09 12:32:10 | 000,006,055 | ---- | C] () -- C:\Programme\p6i2nlww.cab
[2011.02.09 12:32:10 | 000,006,049 | ---- | C] () -- C:\Programme\p6i2thww.cab
[2011.02.09 12:32:10 | 000,006,049 | ---- | C] () -- C:\Programme\p6i2skww.cab
[2011.02.09 12:32:10 | 000,006,049 | ---- | C] () -- C:\Programme\p6i2noww.cab
[2011.02.09 12:32:10 | 000,006,049 | ---- | C] () -- C:\Programme\p6i2ltww.cab
[2011.02.09 12:32:10 | 000,006,049 | ---- | C] () -- C:\Programme\p6i2kkww.cab
[2011.02.09 12:32:10 | 000,006,049 | ---- | C] () -- C:\Programme\p6i2idww.cab
[2011.02.09 12:32:10 | 000,006,049 | ---- | C] () -- C:\Programme\p6i2hrww.cab
[2011.02.09 12:32:10 | 000,006,049 | ---- | C] () -- C:\Programme\p6i2heww.cab
[2011.02.09 12:32:10 | 000,006,049 | ---- | C] () -- C:\Programme\p6i2fiww.cab
[2011.02.09 12:32:10 | 000,006,049 | ---- | C] () -- C:\Programme\p6i2etww.cab
[2011.02.09 12:32:10 | 000,006,049 | ---- | C] () -- C:\Programme\p6i2enww.cab
[2011.02.09 12:32:10 | 000,006,049 | ---- | C] () -- C:\Programme\p6i2elww.cab
[2011.02.09 12:32:10 | 000,006,049 | ---- | C] () -- C:\Programme\p6i2daww.cab
[2011.02.09 12:32:10 | 000,006,049 | ---- | C] () -- C:\Programme\p6i2bgww.cab
[2011.02.09 12:32:10 | 000,005,919 | ---- | C] () -- C:\Programme\p6i2ruww.cab
[2011.02.09 12:32:10 | 000,005,903 | ---- | C] () -- C:\Programme\p6i2itww.cab
[2011.02.09 12:32:10 | 000,005,845 | ---- | C] () -- C:\Programme\p6i2esww.cab
[2011.02.09 12:32:10 | 000,005,845 | ---- | C] () -- C:\Programme\p6i2caww.cab
[2011.02.09 12:32:10 | 000,005,795 | ---- | C] () -- C:\Programme\p6i2svww.cab
[2011.02.09 12:32:10 | 000,005,673 | ---- | C] () -- C:\Programme\p6i2jaww.cab
[2011.02.09 12:32:10 | 000,005,321 | ---- | C] () -- C:\Programme\p6i2koww.cab
[2011.02.09 12:32:10 | 000,004,943 | ---- | C] () -- C:\Programme\P6i2zhcn.cab
[2011.02.09 12:32:10 | 000,004,365 | ---- | C] () -- C:\Programme\p6i2zhtw.cab
[2011.02.09 12:32:08 | 012,858,649 | ---- | C] () -- C:\Programme\hpcu112c.cab
[2011.02.09 12:32:08 | 000,006,049 | ---- | C] () -- C:\Programme\p6i2arww.cab
[2011.02.09 12:09:12 | 000,082,801 | ---- | C] () -- C:\Programme\hpcu112c.inf
[2011.02.09 03:59:10 | 000,219,832 | ---- | C] () -- C:\Programme\hpcpu112.cfg
[2011.02.09 03:58:40 | 000,005,740 | ---- | C] () -- C:\Programme\hppldcoi.config
[2011.02.09 03:58:40 | 000,001,165 | ---- | C] () -- C:\Programme\hpmprein.config
[2011.02.07 08:45:10 | 000,036,363 | ---- | C] () -- C:\WINDOWS\CSTBox.INI
[2011.02.02 18:45:09 | 000,608,157 | ---- | C] () -- C:\WINDOWS\hppins11.dat.temp
[2011.02.02 18:45:09 | 000,005,855 | ---- | C] () -- C:\WINDOWS\hppmdl11.dat.temp
[2011.02.02 13:53:11 | 000,000,000 | ---- | C] () -- C:\WINDOWS\HPMProp.INI
[2010.11.25 16:40:12 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2010.10.21 14:02:44 | 000,003,816 | ---- | C] () -- C:\Programme\hppscnd.inf
[2010.10.04 02:51:16 | 000,058,960 | ---- | C] () -- C:\Programme\hpzid4vp.inf
[2010.10.04 02:47:46 | 000,248,934 | ---- | C] () -- C:\Programme\hpzius13.inf
[2010.10.04 02:47:02 | 000,006,066 | ---- | C] () -- C:\Programme\hpzist13.inf
[2010.10.04 02:46:02 | 000,087,822 | ---- | C] () -- C:\Programme\hpzipr13.inf
[2010.10.04 02:45:40 | 000,166,614 | ---- | C] () -- C:\Programme\hpzipa13.inf
[2010.10.04 02:39:36 | 000,211,190 | ---- | C] () -- C:\Programme\hpzid413.inf
[2010.09.10 12:37:00 | 000,003,578 | ---- | C] () -- C:\Programme\hpmldm01.inf
[2009.09.28 13:39:16 | 000,002,175 | ---- | C] () -- C:\Programme\hppfaxnd.inf
[2009.09.28 13:37:52 | 000,001,134 | ---- | C] () -- C:\Programme\hppewnd.inf
[2009.09.10 10:13:38 | 000,007,610 | ---- | C] () -- C:\Programme\hpmews01.inf
[2009.08.12 13:20:24 | 000,000,000 | ---- | C] () -- C:\WINDOWS\hpqEmlSz.INI
[2009.08.03 17:58:27 | 000,000,608 | -HS- | C] () -- C:\WINDOWS\System32\winzvprt5.sys
[2009.08.03 17:55:11 | 000,000,665 | R--- | C] () -- C:\WINDOWS\System32\hppapr11.dat
[2009.06.12 09:20:52 | 000,571,320 | ---- | C] () -- C:\WINDOWS\HPISExe.dat
[2009.05.19 16:42:39 | 000,073,728 | ---- | C] () -- C:\WINDOWS\System32\RtNicProp32.dll
[2009.04.30 23:31:10 | 001,657,376 | ---- | C] () -- C:\WINDOWS\System32\nwiz.exe
[2009.04.30 23:31:08 | 000,449,056 | ---- | C] () -- C:\WINDOWS\System32\nvappbar.exe
[2009.04.30 23:31:08 | 000,436,768 | ---- | C] () -- C:\WINDOWS\System32\keystone.exe
[2009.04.30 23:31:06 | 001,724,416 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll
[2009.04.30 23:31:06 | 001,507,328 | ---- | C] () -- C:\WINDOWS\System32\nview.dll
[2009.04.30 23:31:06 | 001,101,824 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll
[2009.04.30 23:31:06 | 000,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll
[2009.04.30 21:02:00 | 001,579,630 | ---- | C] () -- C:\WINDOWS\System32\nvdata.bin
[2009.02.25 18:59:02 | 000,000,665 | ---- | C] () -- C:\Programme\hpmldm01.dat
[2009.02.25 18:59:02 | 000,000,526 | ---- | C] () -- C:\Programme\hpmews01.dat
[2009.01.03 19:24:37 | 000,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2008.12.30 14:09:38 | 000,038,456 | ---- | C] () -- C:\Dokumente und Einstellungen\Botel\Anwendungsdaten\Microsoft Excel.ADR
[2008.12.02 12:18:01 | 000,036,352 | ---- | C] () -- C:\Dokumente und Einstellungen\Botel\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008.11.06 19:09:22 | 000,010,240 | ---- | C] () -- C:\WINDOWS\System32\virport.dll
[2008.11.04 20:52:26 | 000,000,056 | -H-- | C] () -- C:\WINDOWS\System32\ezsidmv.dat
[2008.11.04 20:35:54 | 000,019,813 | ---- | C] () -- C:\WINDOWS\HPHins02.dat
[2008.11.04 20:35:54 | 000,004,284 | ---- | C] () -- C:\WINDOWS\hphmdl02.dat
[2008.11.04 20:35:28 | 000,364,544 | ---- | C] () -- C:\WINDOWS\System32\hphped05.exe
[2008.11.04 20:35:16 | 000,006,478 | ---- | C] () -- C:\WINDOWS\System32\hphmon05.dat
[2008.11.04 19:48:55 | 000,000,516 | ---- | C] () -- C:\WINDOWS\MAXLINK.INI
[2008.11.04 19:35:32 | 000,550,912 | ---- | C] () -- C:\WINDOWS\mHotkey.exe
[2008.11.04 19:35:32 | 000,532,544 | ---- | C] () -- C:\WINDOWS\PIC.dll
[2008.11.04 19:35:32 | 000,049,152 | ---- | C] () -- C:\WINDOWS\CNYUSB.dll
[2008.11.04 19:35:32 | 000,036,864 | ---- | C] () -- C:\WINDOWS\ShowWnd.exe
[2008.11.04 19:35:32 | 000,024,576 | ---- | C] () -- C:\WINDOWS\HKNTDLL.dll
[2008.11.04 19:35:32 | 000,011,776 | ---- | C] () -- C:\WINDOWS\HIDMNT.dll
[2008.11.04 19:35:32 | 000,000,360 | ---- | C] () -- C:\WINDOWS\CNYHKey.ini
[2008.11.03 20:14:49 | 000,116,224 | ---- | C] () -- C:\WINDOWS\System32\redmonnt.dll
[2008.11.03 20:14:49 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\unredmon.exe
[2008.11.03 19:40:45 | 000,000,400 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2008.11.03 19:35:58 | 000,000,032 | ---- | C] () -- C:\WINDOWS\CD_Start.INI
[2008.11.03 19:23:31 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2008.11.03 14:55:07 | 000,024,576 | ---- | C] () -- C:\WINDOWS\CmiUCRUninstall.exe
[2008.11.03 14:55:07 | 000,000,052 | ---- | C] () -- C:\WINDOWS\CMICARDREADER.INI
[2008.11.03 14:55:06 | 000,241,664 | ---- | C] () -- C:\WINDOWS\System32\CmUCRRm.exe
[2008.11.03 14:55:06 | 000,241,664 | ---- | C] () -- C:\WINDOWS\System32\CmUCREye.exe
[2008.11.03 14:55:06 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\CmUCRRm.Dll
[2008.11.03 14:54:38 | 000,127,184 | ---- | C] () -- C:\WINDOWS\Unwise.exe
[2008.11.03 14:52:05 | 000,363,520 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2008.11.03 14:50:54 | 000,073,728 | ---- | C] () -- C:\WINDOWS\System32\Install2500USB.dll
[2008.11.03 14:50:54 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\DEDriverDLL.dll
[2008.11.03 14:44:14 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\ChCfg.exe
[2008.11.03 14:36:32 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2008.11.03 14:32:25 | 000,021,740 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2008.11.03 14:00:38 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2008.11.03 13:59:39 | 000,326,704 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2008.05.26 21:23:36 | 000,016,834 | ---- | C] () -- C:\WINDOWS\System32\gthrctr.ini
[2008.05.26 21:23:34 | 000,024,188 | ---- | C] () -- C:\WINDOWS\System32\idxcntrs.ini
[2008.05.26 21:23:32 | 000,016,568 | ---- | C] () -- C:\WINDOWS\System32\gsrvctr.ini
[2008.05.26 20:59:42 | 000,018,904 | ---- | C] () -- C:\WINDOWS\System32\structuredqueryschematrivial.bin
[2008.05.26 20:59:40 | 000,106,605 | ---- | C] () -- C:\WINDOWS\System32\structuredqueryschema.bin
[2008.02.04 18:23:10 | 000,693,792 | ---- | C] () -- C:\WINDOWS\System32\OGACheckControl.DLL
[2008.01.15 02:31:00 | 000,000,530 | ---- | C] () -- C:\WINDOWS\System32\tx14_ic.ini
[2008.01.14 17:47:06 | 000,099,712 | ---- | C] () -- C:\WINDOWS\HPBroker.dll
[2006.11.02 09:27:46 | 000,000,518 | ---- | C] () -- C:\WINDOWS\System32\SP207.INI
[2006.02.28 13:00:00 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2006.02.28 13:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2006.02.28 13:00:00 | 000,546,158 | ---- | C] () -- C:\WINDOWS\System32\perfh007.dat
[2006.02.28 13:00:00 | 000,497,298 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2006.02.28 13:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2006.02.28 13:00:00 | 000,269,480 | ---- | C] () -- C:\WINDOWS\System32\perfi007.dat
[2006.02.28 13:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2006.02.28 13:00:00 | 000,112,522 | ---- | C] () -- C:\WINDOWS\System32\perfc007.dat
[2006.02.28 13:00:00 | 000,085,590 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2006.02.28 13:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2006.02.28 13:00:00 | 000,034,478 | ---- | C] () -- C:\WINDOWS\System32\perfd007.dat
[2006.02.28 13:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2006.02.28 13:00:00 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2006.02.28 13:00:00 | 000,004,461 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2006.02.28 13:00:00 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin
[2006.02.28 13:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2006.02.28 12:18:14 | 001,339,392 | ---- | C] () -- C:\WINDOWS\System32\nvdspsch.exe
[2005.10.18 14:01:47 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\34CoInstaller.dll
[2004.10.22 14:43:16 | 000,000,530 | ---- | C] () -- C:\WINDOWS\System32\tx11_ic.ini
[2001.07.07 03:00:00 | 000,003,254 | ---- | C] () -- C:\WINDOWS\System32\HPTCPMON.INI

========== Custom Scans ==========


< %SYSTEMDRIVE%\*.exe >


< MD5 for: EXPLORER.EXE >
[2011.01.16 15:55:21 | 000,255,488 | ---- | M] () MD5=3C33B26F2F7FA61D882515F2D6078691 -- C:\Dokumente und Einstellungen\Botel\Lokale Einstellungen\Temp\RarSFX0\procs\explorer.exe
[2008.04.14 03:22:45 | 001,036,800 | ---- | M] (Microsoft Corporation) MD5=418045A93CD87A352098AB7DABE1B53E -- C:\WINDOWS\explorer.exe
[2008.04.14 03:22:45 | 001,036,800 | ---- | M] (Microsoft Corporation) MD5=418045A93CD87A352098AB7DABE1B53E -- C:\WINDOWS\ServicePackFiles\i386\explorer.exe
[2005.08.16 01:54:58 | 000,001,536 | ---- | M] () MD5=ABC6379205DE2618851C4FCBF72112EB -- C:\Dokumente und Einstellungen\Botel\Lokale Einstellungen\Temp\RarSFX0\h\explorer.exe

< MD5 for: WINLOGON.EXE >
[2009.05.26 18:47:22 | 000,031,232 | ---- | M] (NirSoft) MD5=AC6094297CD882B8626466CDEB64F19F -- C:\Dokumente und Einstellungen\Botel\Lokale Einstellungen\Temp\RarSFX0\winlogon.exe
[2011.12.24 17:50:20 | 000,182,856 | ---- | M] () MD5=B382935AB01B27D0E14F267DBF288896 -- C:\Programme\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe
[2008.04.14 03:23:05 | 000,513,024 | ---- | M] (Microsoft Corporation) MD5=F09A527B422E25C478E38CAA0E44417A -- C:\WINDOWS\ServicePackFiles\i386\winlogon.exe
[2008.04.14 03:23:05 | 000,513,024 | ---- | M] (Microsoft Corporation) MD5=F09A527B422E25C478E38CAA0E44417A -- C:\WINDOWS\system32\winlogon.exe

< End of report >

Extras.Txt

OTL Extras logfile created on: 14.01.2012 18:29:33 - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Dokumente und Einstellungen\Botel\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

3,00 Gb Total Physical Memory | 1,45 Gb Available Physical Memory | 48,28% Memory free
4,84 Gb Paging File | 3,48 Gb Available in Paging File | 71,82% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 97,66 Gb Total Space | 56,29 Gb Free Space | 57,64% Space Free | Partition Type: NTFS
Drive D: | 97,66 Gb Total Space | 30,56 Gb Free Space | 31,30% Space Free | Partition Type: NTFS
Drive E: | 9,76 Gb Total Space | 3,85 Gb Free Space | 39,47% Space Free | Partition Type: FAT32
Drive G: | 3,05 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF
Drive H: | 260,68 Gb Total Space | 246,79 Gb Free Space | 94,67% Space Free | Partition Type: NTFS

Computer Name: MEDION | User Name: Botel | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*

[HKEY_USERS\S-1-5-21-1757981266-343818398-682003330-1004\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Programme\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Programme\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Programme\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22008

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\Real\RealPlayer\realplay.exe" = C:\Program Files\Real\RealPlayer\realplay.exe:*:Enabled:RealPlayer -- (RealNetworks, Inc.)
"C:\Programme\TeamViewer\Version4\TeamViewer.exe" = C:\Programme\TeamViewer\Version4\TeamViewer.exe:*:Enabled:TeamViewer Remote Control Application
"C:\Programme\Vuze\Azureus.exe" = C:\Programme\Vuze\Azureus.exe:*:Enabled:Azureus -- (Vuze Inc.)
"C:\Programme\Hewlett-Packard\HP Color LaserJet CM1312 MFP Series\hppfaxnc2.exe" = C:\Programme\Hewlett-Packard\HP Color LaserJet CM1312 MFP Series\hppfaxnc2.exe:*:Enabled:HP Networked Printer Installer
"C:\Programme\AIM\aim.exe" = C:\Programme\AIM\aim.exe:*:Enabled:AIM
"C:\Programme\InternetCalls.com\InternetCalls\InternetCalls.exe" = C:\Programme\InternetCalls.com\InternetCalls\InternetCalls.exe:*:Enabled:InternetCalls
"C:\Programme\Adblock Pro\abpmain.exe" = C:\Programme\Adblock Pro\abpmain.exe:*:Enabled:Adblock Pro


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{01523985-2098-43AF-9C97-12B07BE02A9B}" = Windows Live Call
"{059C042E-796A-4ACC-A81A-ECC2010BB78C}" = Windows Live Messenger
"{0A0CADCF-78DA-33C4-A350-CD51849B9702}" = Microsoft .NET Framework 4 Extended
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{18669FF9-C8FE-407a-9F70-E674896B1DB4}" = GPBaseService
"{18A5DFF2-8A95-49F3-873F-743CB5549F3D}" = Canon ScanGear Starter
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{20587144-2AC1-48AA-B815-3575F68E5A9C}" = Simple Adblock
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Outil de téléchargement Windows Live
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{24E2F70D-B287-407D-9B5C-9D8B4C388D1A}" = hppPQVideoCM1312
"{26A24AE4-039D-4CA4-87B4-2F83216030FF}" = Java™ 6 Update 30
"{287ECFA4-719A-2143-A09B-D6A12DE54E40}" = Acrobat.com
"{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}" = RealUpgrade 1.1
"{308B6AEA-DE50-4666-996D-0FA461719D6B}" = Apple Mobile Device Support
"{325D1D94-4F34-46A7-A489-737C801B931D}" = hppusgCM1312
"{350C97B3-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{36FDBE6E-6684-462b-AE98-9A39A1B200CC}" = HPProductAssistant
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3CCB732A-E472-4CF9-B1EE-F18365341FE0}" = Installation Windows Live
"{41982CFB-2805-4C7B-A057-4E68D417C45F}" = Brother HL-3040CN
"{41E340F0-0BD6-4A87-AF29-E9E584471756}" = VideoMate T , M , P Series Driver
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{52A69E11-7CEB-4a7d-9607-68BA4F39A89B}" = DeviceDiscovery
"{5372B9A6-6E51-4f90-9B40-E0A3B8475C4E}" = Photosmart 140,240,7200,7600,7700,7900 Series
"{5490B6EF-5A48-40B7-A9E0-D3B886D17A29}" = RT2500 USB Wireless LAN Card
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{583EDB12-4CEA-48B5-A7BA-88069DD47BA2}" = hppQFolderCM1312
"{5ACE69F0-A3E8-44eb-88C1-0A841E700180}" = TrayApp
"{66E6CE0C-5A1E-430C-B40A-0C90FF1804A8}" = eSupportQFolder
"{679EC478-3FF9-4987-B2FF-C2C2B27532A2}" = DocProc
"{687FEF8A-8597-40b4-832C-297EA3F35817}" = BufferChm
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6DD822CC-4CDD-4949-9000-CE62C3B22B26}" = hppSendFaxCM1312
"{6F5E2F4A-377D-4700-B0E3-8F7F7507EA15}" = CustomerResearchQFolder
"{6FAF7261-8F5F-411B-9FD1-93CBCF701DAD}" = hpzTLBXFX
"{70294646-CF46-4223-A2F4-EDC6A8420B2A}" = hppFaxUtilityCM1312
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{713AB069-D22F-4C15-89F0-0FEE92D9AD47}" = PS7600
"{766273C1-A39B-47EB-ACE8-DEBDD8094BCC}" = overland
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}" = RealNetworks - Microsoft Visual C++ 2008 Runtime
"{79D5997E-BF79-48BB-8B41-9BE59C15C2D7}" = OmniPage SE 2.0
"{80533B67-C407-485D-8B5D-63BB8ED9D878}" = Scan
"{838BC0FB-4F8F-47B9-847F-06AE4CCE4181}" = Manual CanoScan LiDE 25
"{83E2CFA9-E0EB-4E08-9F85-43E577FF3D60}" = Windows Live Anmelde-Assistent
"{8777AC6D-89F9-4793-8266-DE406F343E89}" = QFolder
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8C2690CF-5B74-4F93-8139-7B5644CD6A3B}" = MobileMe Control Panel
"{8FFC5648-FAF8-43A3-BC8F-42BA1E275C4E}" = Choice Guard
"{90120000-0010-0409-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (English) 12
"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007
"{90120000-0015-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
"{90120000-0019-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_ENTERPRISE_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{90120000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2007
"{90120000-0044-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_ENTERPRISE_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2007
"{90120000-00BA-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0114-0409-0000-0000000FF1CE}" = Microsoft Office Groove Setup Metadata MUI (English) 2007
"{90120000-0114-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_ENTERPRISE_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007
"{90120000-0117-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{90170407-6000-11D3-8CFE-0150048383C9}" = Microsoft Office FrontPage 2003
"{903B0407-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Project Professional 2003
"{94A065E8-455D-41C1-AF1F-F0C1AF8F50F3}" = Microsoft IntelliType Pro 7.0
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{981029E0-7FC9-4CF3-AB39-6F133621921A}" = Skype Toolbars
"{9930D47E-BF88-4EED-9531-CC9EDAE1E448}" = hppscanCM1312
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9FF889B0-2F9A-495d-9C65-9F0710310A82DC}" = Download Center
"{A1EA13D0-40C6-4DFC-98D6-6A8AB501DA63}" = hppCLJCM1312
"{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}" = Segoe UI
"{A2104078-AAA5-449E-95DD-55C9443A1031}" = Nero 7 Essentials
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AA721D14-CFE2-410E-B975-79FE5F82F99F}" = MSVCMergeModules
"{AB5D51AE-EBC3-438D-872C-705C7C2084B0}" = DeviceManagementQFolder
"{AC76BA86-7AD7-1031-7B44-AA1000000001}" = Adobe Reader X (10.1.2) - Deutsch
"{ACCA20B0-C4D1-4BF5-BF21-0A0EB5EF9730}" = REALTEK GbE & FE Ethernet PCI NIC Driver
"{B338EA45-9F18-4FE4-A079-89668D1F6519}" = USB Wireless Keyboard Driver
"{B8DBED1E-8BC3-4d08-B94A-F9D7D88E9BBF}" = HPSSupply
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C63E7C60-25EB-11D3-8EDA-00A0C911E8E5}" = Microsoft Outlook-Sicherung für Persönliche Ordner
"{C793675F-0692-4969-A9D4-C191EFBF5518}" = hppScanToCM1312
"{C911A0C2-2236-3164-AA47-F2566C01AE5E}" = Microsoft .NET Framework 4 Extended DEU Language Pack
"{CA9BCD4D-B782-4637-8F1F-F9A328D3C244}" = Canon CanoScan Toolbox 4.9
"{CCB9B81A-167F-4832-B305-D2A0430840B3}" = WebReg
"{CD95F661-A5C4-44F5-A6AA-ECDD91C240BB}" = WinZip 14.0
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.2
"{D142FE39-3386-4d82-9AD3-36D4A92AC3C2}" = DocMgr
"{D2E0F0CC-6BE0-490b-B08B-9267083E34C9}" = MarketResearch
"{D7EC8A27-CDA2-46AE-8A26-4104A04FA5BE}" = 32 Bit HP CIO Components Installer
"{D8AC1EB5-E8B0-44A0-B113-899407188A2F}" = hppFonts
"{D99A8E3A-AE5A-4692-8B19-6F16D454E240}" = Destination Component
"{D9AE5B83-86A9-4D59-9F62-104A884BDAAC}" = hppFaxDrvCM1312
"{D9B4D7EE-481C-4C36-86AB-A8F7417725FF}" = LightScribe 1.6.43.1
"{DE2EBD6F-81B6-4E9A-B137-C11FD6790CFF}" = PSShortcutsP
"{DF6A13C0-77DF-41FE-BD05-6D5201EB0CE7}_is1" = Auslogics Disk Defrag
"{E7004147-2CCA-431C-AA05-2AB166B9785D}" = QuickTime
"{EE6097DD-05F4-4178-9719-D3170BF098E8}" = Apple Application Support
"{EF30AD3D-50DE-4C6B-9435-56C22A99F9FA}" = hppTLBXFXCM1312
"{EF71A531-5B6C-4B20-8D1E-E6379C7FB6D3}" = Microsoft IntelliPoint 7.0
"{EFE26D3B-2789-4068-A5BB-77E389FAEB98}" = PSUsage
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F412B21E-9FEF-4FFC-ABFC-9DC9C5A69A1B}" = hppManualsCM1312
"{F69E83CF-B440-43F8-89E6-6EA80712109B}" = Windows Live Communications Platform
"{F750C986-5310-3A5A-95F8-4EC71C8AC01C}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{FAE36873-1941-4076-A9A5-48812B5EA0B7}" = iTunes
"{FD293473-B71E-4978-A55D-5F0A996D4D8B}" = HMS TRADER 2
"8461-7759-5462-8226" = Vuze
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"AFPL Ghostscript 8.54" = AFPL Ghostscript 8.54
"AFPL Ghostscript Fonts" = AFPL Ghostscript Fonts
"Ask Toolbar_is1" = Vuze Toolbar
"avast" = avast! Free Antivirus
"Becker Content Manager" = Becker Content Manager
"C-Media USB2.0 Card Reader" = C-Media USB2.0 Card Reader
"Creatix V.92 Data Fax Modem" = Creatix V.92 Data Fax Modem
"ENTERPRISE" = Microsoft Office Enterprise 2007
"Free PDF to Word Doc Converter_is1" = Free PDF to Word Doc Converter v1.1
"FreePDF_XP" = FreePDF XP (Remove only)
"gmailbackup" = Gmail Backup
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie7" = Windows Internet Explorer 7
"ie8" = Windows Internet Explorer 8
"ImgBurn" = ImgBurn
"IrfanView" = IrfanView (remove only)
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.60.0.1800
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft .NET Framework 4 Extended DEU Language Pack" = Microsoft .NET Framework 4 Extended DEU Language Pack
"Mozilla Firefox 9.0.1 (x86 de)" = Mozilla Firefox 9.0.1 (x86 de)
"Mozilla Thunderbird (3.1.11)" = Mozilla Thunderbird (3.1.11)
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"NVIDIA Drivers" = NVIDIA Drivers
"RealPlayer 15.0" = RealPlayer
"Redirection Port Monitor" = RedMon - Redirection Port Monitor
"SoftwareUpdUtility" = Download Updater (AOL LLC)
"UcpHost_is1" = Cordless DUALphone Suite
"Uninstall_is1" = Uninstall 1.0.0.1
"Universal Document Converter_is1" = Universal Document Converter
"VirtualCloneDrive" = VirtualCloneDrive
"VLC media player" = VLC media player 1.1.4
"Vuze_Remote Toolbar" = Vuze Remote Toolbar
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinLiveSuite_Wave3" = Installation Windows Live
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"X10Hardware" = X10 Hardware™
"YTdetect" = Yahoo! Detect

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-1757981266-343818398-682003330-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 06.01.2012 10:11:47 | Computer Name = MEDION | Source = Application Error | ID = 1000
Description = Fehlgeschlagene Anwendung jusched.exe, Version 2.0.6.1, fehlgeschlagenes
Modul user32.dll, Version 5.1.2600.5512, Fehleradresse 0x000187f1.

Error - 08.01.2012 11:55:14 | Computer Name = MEDION | Source = Application Error | ID = 1000
Description = Fehlgeschlagene Anwendung gmer.exe, Version 1.0.15.15641, fehlgeschlagenes
Modul gmer.exe, Version 1.0.15.15641, Fehleradresse 0x0000c676.

Error - 08.01.2012 12:00:00 | Computer Name = MEDION | Source = Application Error | ID = 1000
Description = Fehlgeschlagene Anwendung gmer.exe, Version 1.0.15.15641, fehlgeschlagenes
Modul gmer.exe, Version 1.0.15.15641, Fehleradresse 0x0000c676.

Error - 11.01.2012 06:07:36 | Computer Name = MEDION | Source = Application Error | ID = 1000
Description = Fehlgeschlagene Anwendung skype.exe, Version 4.2.0.155, fehlgeschlagenes
Modul ntdll.dll, Version 5.1.2600.6055, Fehleradresse 0x000101b3.

Error - 11.01.2012 06:07:43 | Computer Name = MEDION | Source = Application Error | ID = 1000
Description = Fehlgeschlagene Anwendung drwtsn32.exe, Version 5.1.2600.0, fehlgeschlagenes
Modul dbghelp.dll, Version 5.1.2600.5512, Fehleradresse 0x0001295d.

Error - 11.01.2012 06:14:44 | Computer Name = MEDION | Source = Application Hang | ID = 1002
Description = Stillstehende Anwendung Skype.exe, Version 4.2.0.155, Stillstandmodul
hungapp, Version 0.0.0.0, Stillstandadresse 0x00000000.

Error - 12.01.2012 03:05:05 | Computer Name = MEDION | Source = Windows Product Activation | ID = 1012
Description = Aufgrund von Hardwareänderungen auf diesem Computer, müssen Sie Windows
erneut aktivieren.

Error - 14.01.2012 07:52:51 | Computer Name = MEDION | Source = Application Hang | ID = 1002
Description = Stillstehende Anwendung OTL.exe, Version 3.2.31.0, Stillstandmodul
hungapp, Version 0.0.0.0, Stillstandadresse 0x00000000.

Error - 14.01.2012 07:56:12 | Computer Name = MEDION | Source = Application Hang | ID = 1002
Description = Stillstehende Anwendung OTL.exe, Version 3.2.31.0, Stillstandmodul
hungapp, Version 0.0.0.0, Stillstandadresse 0x00000000.

Error - 14.01.2012 07:58:16 | Computer Name = MEDION | Source = Application Hang | ID = 1002
Description = Stillstehende Anwendung OTL.exe, Version 3.2.31.0, Stillstandmodul
hungapp, Version 0.0.0.0, Stillstandadresse 0x00000000.

[ OSession Events ]
Error - 22.04.2011 09:09:05 | Computer Name = MEDION | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6550.5003, Microsoft Office Version: 12.0.6425.1000. This session lasted 194209
seconds with 15060 seconds of active time. This session ended with a crash.

Error - 13.05.2011 04:22:56 | Computer Name = MEDION | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6550.5003, Microsoft Office Version: 12.0.6425.1000. This session lasted 84793
seconds with 5880 seconds of active time. This session ended with a crash.

Error - 08.06.2011 12:31:13 | Computer Name = MEDION | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6550.5003, Microsoft Office Version: 12.0.6425.1000. This session lasted 10435
seconds with 1680 seconds of active time. This session ended with a crash.

Error - 20.07.2011 10:22:56 | Computer Name = MEDION | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6550.5003, Microsoft Office Version: 12.0.6425.1000. This session lasted 80963
seconds with 5580 seconds of active time. This session ended with a crash.

Error - 03.09.2011 08:15:36 | Computer Name = MEDION | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6557.5001, Microsoft Office Version: 12.0.6425.1000. This session lasted 330188
seconds with 9900 seconds of active time. This session ended with a crash.

Error - 24.09.2011 12:17:27 | Computer Name = MEDION | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6557.5001, Microsoft Office Version: 12.0.6425.1000. This session lasted 804581
seconds with 34920 seconds of active time. This session ended with a crash.

Error - 27.11.2011 07:34:12 | Computer Name = MEDION | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6557.5001, Microsoft Office Version: 12.0.6425.1000. This session lasted 2682217
seconds with 31260 seconds of active time. This session ended with a crash.

Error - 27.11.2011 08:04:07 | Computer Name = MEDION | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6557.5001, Microsoft Office Version: 12.0.6425.1000. This session lasted 1784
seconds with 1260 seconds of active time. This session ended with a crash.

Error - 14.12.2011 10:49:48 | Computer Name = MEDION | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6557.5001, Microsoft Office Version: 12.0.6425.1000. This session lasted 16369
seconds with 3840 seconds of active time. This session ended with a crash.

Error - 03.01.2012 06:39:09 | Computer Name = MEDION | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6562.5003, Microsoft Office Version: 12.0.6425.1000. This session lasted 62365
seconds with 1680 seconds of active time. This session ended with a crash.

[ System Events ]
Error - 11.01.2012 22:01:23 | Computer Name = MEDION | Source = Service Control Manager | ID = 7009
Description = Zeitüberschreitung (30000 ms) beim Verbindungsversuch mit Dienst Windows
Search.

Error - 11.01.2012 22:01:23 | Computer Name = MEDION | Source = Service Control Manager | ID = 7000
Description = Der Dienst "Windows Search" wurde aufgrund folgenden Fehlers nicht
gestartet: %%1053

Error - 11.01.2012 22:01:23 | Computer Name = MEDION | Source = Service Control Manager | ID = 7009
Description = Zeitüberschreitung (30000 ms) beim Verbindungsversuch mit Dienst Windows
Search.

Error - 11.01.2012 22:01:23 | Computer Name = MEDION | Source = Service Control Manager | ID = 7000
Description = Der Dienst "Windows Search" wurde aufgrund folgenden Fehlers nicht
gestartet: %%1053

Error - 11.01.2012 22:20:56 | Computer Name = MEDION | Source = Print | ID = 23
Description = Der Drucker Virtual PDF Printer konnte nicht initialisiert werden,
da der Treiber Virtual PDF Printer nicht gefunden wurde.

Error - 11.01.2012 22:22:30 | Computer Name = MEDION | Source = Service Control Manager | ID = 7022
Description = Der Dienst "HP CUE DeviceDiscovery Service" wurde nicht ordnungsgemäß
gestartet.

Error - 14.01.2012 12:40:30 | Computer Name = MEDION | Source = Print | ID = 23
Description = Der Drucker Virtual PDF Printer konnte nicht initialisiert werden,
da der Treiber Virtual PDF Printer nicht gefunden wurde.

Error - 14.01.2012 12:42:26 | Computer Name = MEDION | Source = Service Control Manager | ID = 7022
Description = Der Dienst "HP CUE DeviceDiscovery Service" wurde nicht ordnungsgemäß
gestartet.

Error - 14.01.2012 12:50:18 | Computer Name = MEDION | Source = Print | ID = 23
Description = Der Drucker Virtual PDF Printer konnte nicht initialisiert werden,
da der Treiber Virtual PDF Printer nicht gefunden wurde.

Error - 14.01.2012 12:52:13 | Computer Name = MEDION | Source = Service Control Manager | ID = 7022
Description = Der Dienst "HP CUE DeviceDiscovery Service" wurde nicht ordnungsgemäß
gestartet.


< End of report >

Sorry, that it is partly in German....Please let me know, if you need me to translate anything.

Edited by bivels, 14 January 2012 - 12:58 PM.


#8 myrti

myrti

    Sillyberry


  • Malware Study Hall Admin
  • 33,784 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:At home
  • Local time:05:54 AM

Posted 14 January 2012 - 01:28 PM

Hi,

have you tried to uninstall and reinstall the drivers for your keyboard? Have you recently changed keyboard?

regards myrti

is that a bird?  a plane? nooo it's the flying blueberry!

If I have been helping you and haven't replied in 2 days, feel free to shoot me a PM! Please don't send help request via PM, unless I am already helping you. Use the forums!

animinionsmalltext.gif

Follow BleepingComputer on: Facebook | Twitter | Google+


#9 bivels

bivels
  • Topic Starter

  • Members
  • 40 posts
  • OFFLINE
  •  
  • Local time:04:54 AM

Posted 14 January 2012 - 01:37 PM

Hi,

No, I haven't.

Regards,

bivels

#10 myrti

myrti

    Sillyberry


  • Malware Study Hall Admin
  • 33,784 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:At home
  • Local time:05:54 AM

Posted 14 January 2012 - 02:06 PM

Hi,

what keyboard are you currently using? The error message you get suggest chicony?

regards myrti

is that a bird?  a plane? nooo it's the flying blueberry!

If I have been helping you and haven't replied in 2 days, feel free to shoot me a PM! Please don't send help request via PM, unless I am already helping you. Use the forums!

animinionsmalltext.gif

Follow BleepingComputer on: Facebook | Twitter | Google+


#11 bivels

bivels
  • Topic Starter

  • Members
  • 40 posts
  • OFFLINE
  •  
  • Local time:04:54 AM

Posted 14 January 2012 - 02:19 PM

Hi,

I have a Microsoft Wireless Keyboard 3000 v2.0, which I've been using for the last couple of years.

Regards,

bivels

#12 myrti

myrti

    Sillyberry


  • Malware Study Hall Admin
  • 33,784 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:At home
  • Local time:05:54 AM

Posted 14 January 2012 - 02:32 PM

Hi,

how did you install that? Did it come with a CD? And if so, do you still have it?

regards myrti

is that a bird?  a plane? nooo it's the flying blueberry!

If I have been helping you and haven't replied in 2 days, feel free to shoot me a PM! Please don't send help request via PM, unless I am already helping you. Use the forums!

animinionsmalltext.gif

Follow BleepingComputer on: Facebook | Twitter | Google+


#13 bivels

bivels
  • Topic Starter

  • Members
  • 40 posts
  • OFFLINE
  •  
  • Local time:04:54 AM

Posted 14 January 2012 - 03:13 PM

Hi,

I cannot remember how I installed it, but I do have the CD.

Regards,

bivels

Edited by bivels, 14 January 2012 - 03:13 PM.


#14 myrti

myrti

    Sillyberry


  • Malware Study Hall Admin
  • 33,784 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:At home
  • Local time:05:54 AM

Posted 15 January 2012 - 09:48 AM

Could you try uninstalling and reinstalling it?

regards myrti

is that a bird?  a plane? nooo it's the flying blueberry!

If I have been helping you and haven't replied in 2 days, feel free to shoot me a PM! Please don't send help request via PM, unless I am already helping you. Use the forums!

animinionsmalltext.gif

Follow BleepingComputer on: Facebook | Twitter | Google+


#15 bivels

bivels
  • Topic Starter

  • Members
  • 40 posts
  • OFFLINE
  •  
  • Local time:04:54 AM

Posted 15 January 2012 - 10:41 AM

Hi,

How do I uninstall it?

Regards,

bivels




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users